Policeware is the new term to describe spyware that is used by law enforcement to gather evidence in law enforcement investigations.
It is highly likely that anti-virus and anti-spyware software will look the other way if they detect policeware. Or, more likely, they won’t carry signatures for policeware at all.
So will it be possible to detect policeware? Possibly. I think that policeware will be the backdrop for the next cat-and-mouse game between law enforcement and the underworld.
Hackers are anxious to get a copy of CIPAV, the investigative tool (that gets installed on a suspect’s PC) used by the FBI to log outbound TCP/IP connections. Certainly they will device tools to detect and block CIPAV and other such tools. In fact, this may be history as I write this – the capability to detect and remove CIPAV may already exist. And given that Magic Lantern and Carnivore have been around for several years, I can’t help but wonder if tools exist to detect its activities.
Peter H. Gregory 