US lifts ban on anti-virus software for Iran

Posted by   Virus Bulletin on   May 31, 2013

Eased restrictions welcomed by security experts.

The United States has announced it has eased export restrictions to Iran, and now allows for the export of mobile phones and software, including anti-virus software.

The US originally imposed sanctions against Iran following the Iranian Revolution of 1979 and has tightened them several times since, among other things because of the country's alleged nuclear program. While the effect of economic sanctions is debated among experts, the fact that anti-virus software could not be exported has regularly received criticism from security and privacy experts.

The Iranian government is known to have regularly intercepted its citizens' online communications (for example by using SSL certificates generated by hacking into the DigiNotar certificate authority) and it is well possible that spyware is also used. However, it wouldn't be the only government to do so: this week, the US entertainment industry released a report in which it argued for the use of ransomware against piracy. But at least US citizens would be able to purchase security software that would, hopefully, allow the detection of such programs.

If citizens in a foreign country are not allowed to purchase security software, they would be forced either to do without such software, or to use whatever their own government provides them with; hardly a reassuring thought. A similar argument can be made about the use of communication technology, such as mobile phones; hence the ban on the export of these has also been lifted.

There is one notable exception to the eased restrictions: software and mobile phones cannot be sold if the seller has reason to believe they are going to be used by the Iranian government. The Iranian government will thus have to find its own solutions against new Stuxnet variants.

More at the BBC here with a PDF of the updated regulations by the Office of Foreign Assets Control here.

Posted on 31 May 2013 by Martijn Grooten

twitter.png
fb.png
linkedin.png
hackernews.png
reddit.png

 

Latest posts:

VBSpam tests to be executed under the AMTSO framework

VB is excited to announce that, starting from the Q3 test, all VBSpam tests of email security products will be executed under the AMTSO framework.

In memoriam: Prof. Ross Anderson

We were very sorry to learn of the passing of Professor Ross Anderson a few days ago.

In memoriam: Dr Alan Solomon

We were very sorry to learn of the passing of industry pioneer Dr Alan Solomon earlier this week.

New paper: Nexus Android banking botnet – compromising C&C panels and dissecting mobile AppInjects

In a new paper, researchers Aditya K Sood and Rohit Bansal provide details of a security vulnerability in the Nexus Android botnet C&C panel that was exploited in order to gather threat intelligence, and present a model of mobile AppInjects.

New paper: Collector-stealer: a Russian origin credential and information extractor

In a new paper, F5 researchers Aditya K Sood and Rohit Chaturvedi present a 360 analysis of Collector-stealer, a Russian-origin credential and information extractor.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.