Software allows German authorities to plant evidence on suspects computers
In 2008 Wikileaks published documents revealing that the German government had contracted local firm DigiTask to write a trojan. The trojan would allow the government to infect citizens' computers and monitor encrypted Skype video/audio by viewing the decrypted streams on the client's machine.
A German court that year ruled that the use of government malware was legal, as long as surveillance was constrained to court-authorized digital wiretaps. Subsequently Cryptome, another leaks site, published a leaked government presentation bragging of "forbidden functions", "remote forensics software", and the ability to update the trojan remotely to enhance its capabilities.
Afterwards all went quiet until this week when veteran hacker club Chaos Computer Club (CCC) announced they had obtained and decompiled the government trojan (locally referred to as "bundestrojaner") and had detailed its capabilities. Those capabilities -- perhaps illegally -- extended well beyond the limited spying authorized by the German court in 2008.
I. Government Admits Domestic Spying Capabilities Were Understated
There've been new developments since that publication. At present, four of Germany's sixteen states -- Bavaria, Baden-Wurttemberg, Brandenburg, and Lower Saxony -- have admitted to using the software published by the CCC. And DigiTask admits that the software looks a lot like a program it sold to authorities in Germany, Austria, Switzerland, and the Netherlands in 2007.
Source code of the trojan was printed in German newspapers, to the frustration of German authorities. [Source: Der Spiegel]
F-Secure, a Finland-based antivirus firm, has published another blog on the incident revealing government documents that indicate DigiTask was paid $2.9M USD for the malware in 2009. F-Secure dubs the trojan "R2D2", based on an important internal string inside the program -- a title that pays homage to the famous Star Wars droid.
Claudia Roth, co-leader of the Green Party -- Germany's fifth largest political party and holder of approximately 11 percent of the seats in the nation's parliament -- remarks, "Clearly the limits set by the Federal Constitutional Court have been massively violated."
Justice Minister Sabine Leutheusser-Schnarrenberger and member of the small social-liberal Free Democratic Party has called for a government investigating of the domestic spying.
II. Malware Could be Used to Frame Political Enemies
The malware is highly controversial, because it offers full system access, which could be used to plant incriminating evidence on a target's computer. Further, weak encryption makes the program reportedly very easy for third parties to exploit, endangering those being "investigated".
The trojan hands German authorities the keys to planting evidence, video surveillance of suspects, and more. [Source: DigiTask via Cryptome]
The CCC in its original press release blasted these capabilities writing, "This refutes the claim that an effective separation of just wiretapping Internet telephony and a full-blown Trojan is possible in practice – or even desired. Our analysis revealed once again that law enforcement agencies will overstep their authority if not watched carefully."
BBC News was even less charitable. Cutting to the chase on the matter in the minds of many Stephen Evans writes that the issue is sensitive for Germans "who, given the country's Nazi and Communist past, feel strongly about spying on citizens."
III. U.S. Government Uses Similar Tools
While DigiTask has confirmed that it has not sold the trojan malware to anyone outside of governments in Europe, MSNBC notes that, "U.S. officials have long flirted with the idea of spying on private computers in America to fight crime or terrorism. A program developed by the FBI in 2001 called Magic Lantern had capabilities similar to R2D2, but was abandoned after a series of critical news stories."
More recently, the U.S. Federal Bureau of Investigation has employed a program titled "Computer and Internet Protocol Address Verifier" to infect and monitor suspects' computers. The method of distribution is unclear, as is whether it contains keyloggers, screen capture tools, or code to activate the user's webcam.
If there's one comfort, such government trojans are oft sloppily coded (or at least the German one was, according to the CCC) and are removable/blockable using anti-malware software.
Sources: BBC News, Spiegel, MSNBC
"So, I think the same thing of the music industry. They can't say that they're losing money, you know what I'm saying. They just probably don't have the same surplus that they had." -- Wu-Tang Clan founder RZA
|
Most Popular ArticlesReport: Apple Blacklists The New York Times After iEconomy Report
February 17, 2012, 12:29 PM
Reports: iPad 3 Camera, Resolution, Chip System Confirmed
February 20, 2012, 9:27 AM
Samsung Officially Spins Off LCD Business
February 20, 2012, 10:06 AM
First-Ever 'Distracted Driving' Guidelines Issued by NHTSA
February 17, 2012, 9:55 AM
DARPA Looks to Bring Movie "Avatar" to Life with Robot Surrogates
February 20, 2012, 11:26 AM
|
