[liberationtech] Detekt
Andy Isaacson
adi at hexapodia.org
Sat Nov 22 12:03:29 PST 2014
On Thu, Nov 20, 2014 at 02:02:24PM -0500, AntiTree wrote:
> I don't see what this would do that an AV wouldn't. Of the samples
> I've reviewed, most (all?) have been detected by AV.
On the contrary, Claudio has documented several RATs and other
"surveillance" malwares used by repressive governments that are not
detected by AV.
https://twitter.com/botherder/status/535944272047267840
This makes sense; HackingTeam (or whatever other shady malware vendor)
is going to test against the tools that are currently used.
As Claudio explains elsewhere in recent tweets, the point of Detekt is
not to build a long-lasting tool that will detect government malware
going forward; the point is to provide a tool *today* that people who
are compromised *today* can use to learn that fact.
-andy
More information about the liberationtech
mailing list