Print 13 comment(s) - last by JKflipflop98.. on Oct 13 at 6:19 AM

Software allows German authorities to plant evidence on suspects computers

In 2008 Wikileaks published documents revealing that the German government had contracted local firm DigiTask to write a trojan. The trojan would allow the government to infect citizens' computers and monitor encrypted Skype video/audio by viewing the decrypted streams on the client's machine.  

A German court that year ruled that the use of government malware was legal, as long as surveillance was constrained to court-authorized digital wiretaps.  Subsequently Cryptome, another leaks site, published a leaked government presentation bragging of "forbidden functions", "remote forensics software", and the ability to update the trojan remotely to enhance its capabilities.

Afterwards all went quiet until this week when veteran hacker club Chaos Computer Club (CCC) announced they had obtained and decompiled the government trojan (locally referred to as "bundestrojaner") and had detailed its capabilities. Those capabilities -- perhaps illegally -- extended well beyond the limited spying authorized by the German court in 2008.

I. Government Admits Domestic Spying Capabilities Were Understated

There've been new developments since that publication.  At present, four of Germany's sixteen states -- Bavaria, Baden-Wurttemberg, Brandenburg, and Lower Saxony  -- have admitted to using the software published by the CCC.  And DigiTask admits that the software looks a lot like a program it sold to authorities in Germany, Austria, Switzerland, and the Netherlands in 2007.

Source Code -- German trojan
Source code of the trojan was printed in German newspapers, to the frustration of German authorities. [Source: Der Spiegel]

F-Secure, a Finland-based antivirus firm, has published another blog on the incident revealing government documents that indicate DigiTask was paid $2.9M USD for the malware in 2009.  F-Secure dubs the trojan "R2D2", based on an important internal string inside the program -- a title that pays homage to the famous Star Wars droid.

Claudia Roth, co-leader of the Green Party -- Germany's fifth largest political party and holder of approximately 11 percent of the seats in the nation's parliament -- remarks, "Clearly the limits set by the Federal Constitutional Court have been massively violated."

Justice Minister Sabine Leutheusser-Schnarrenberger and member of the small social-liberal Free Democratic Party has called for a government investigating of the domestic spying.

II. Malware Could be Used to Frame Political Enemies

The malware is highly controversial, because it offers full system access, which could be used to plant incriminating evidence on a target's computer.  Further, weak encryption makes the program reportedly very easy for third parties to exploit, endangering those being "investigated".

Planting Evidence
The trojan hands German authorities the keys to planting evidence, video surveillance of suspects, and more. [Source: DigiTask via Cryptome]

The CCC in its original press release blasted these capabilities writing, "This refutes the claim that an effective separation of just wiretapping Internet telephony and a full-blown Trojan is possible in practice – or even desired.  Our analysis revealed once again that law enforcement agencies will overstep their authority if not watched carefully."

BBC News was even less charitable.  Cutting to the chase on the matter in the minds of many Stephen Evans writes that the issue is sensitive for Germans "who, given the country's Nazi and Communist past, feel strongly about spying on citizens."

III. U.S. Government Uses Similar Tools

While DigiTask has confirmed that it has not sold the trojan malware to anyone outside of governments in Europe, MSNBC notes that, "U.S. officials have long flirted with the idea of spying on private computers in America to fight crime or terrorism.  A program developed by the FBI in 2001 called Magic Lantern had capabilities similar to R2D2, but was abandoned after a series of critical news stories."

More recently, the U.S. Federal Bureau of Investigation has employed a program titled "Computer and Internet Protocol Address Verifier"  to infect and monitor suspects' computers.  The method of distribution is unclear, as is whether it contains keyloggers, screen capture tools, or code to activate the user's webcam.

If there's one comfort, such government trojans are oft sloppily coded (or at least the German one was, according to the CCC) and are removable/blockable using anti-malware software.

Sources: BBC News, Spiegel, MSNBC

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

By MrBlastman on 10/12/2011 2:05:50 PM , Rating: 2
You'd think the Germans would have learned after all these years. I think it is sick that they still allow the blood of Hitler to taint their nation.

RE: Gestapo...
By Sazabi19 on 10/12/2011 2:06:46 PM , Rating: 2
I like how you used the words "Hitler" and "taint" in the same sentence :P

RE: Gestapo...
By ClownPuncher on 10/12/2011 3:13:53 PM , Rating: 2
Maybe it's the East Germans with their Stalin taint? Same shit, different flag.

RE: Gestapo...
By Reclaimer77 on 10/12/2011 4:15:51 PM , Rating: 1
Am I the only one who saw the word "Germany" in the title and thought to themselves "big surprise there..."?

Come on fellow bigots! Who's with me?

RE: Gestapo...
By ClownPuncher on 10/12/2011 4:31:59 PM , Rating: 2
Well, you guys got Mussolini.

But of Course...
By mmatis on 10/12/2011 5:24:21 PM , Rating: 2
they clearly haven't shared this with US "Law Enforcement"...

RE: But of Course...
By JKflipflop98 on 10/13/2011 6:19:16 AM , Rating: 2
The US versions work much better. You haven't read any stories about those yet, have you?

By quiksilvr on 10/12/2011 1:54:08 PM , Rating: 2
Because at least the government that's raping them is using protection.

Good and Bad?
By Sazabi19 on 10/12/11, Rating: -1
RE: Good and Bad?
By MrBlastman on 10/12/2011 2:14:48 PM , Rating: 4
This is precisely the problem:

As long as it stays within the hands of a few security specialists and not the general public I'm ok with it.

How can you trust that it will? How can you trust what they might do with it? How can you trust that they won't save it for later when it becomes opportunistic to use it?

They have no business in your business without a warrant, period. Never back down on your freedoms.

RE: Good and Bad?
By BugblatterIII on 10/12/2011 2:34:13 PM , Rating: 4
Wow. Ok, you have every right to that opinion.

My opinion is the opposite; we've seen countless times that measures designed to fight terrorism etc. are used by police etc. against members of the public just because they can.

Only the other day there was a story on here about a UK policeman threatening to confiscate someone's camera under the prevention of terrorism act because he'd taken a photo of his daughter in a shopping centre. That's a minor example that I cite because it's recent.

We cannot trust the authorities to self-regulate.

I also absolutely do not want my privacy able to be routinely compromised. That already happens but we should fight every attempt to make it worse.

RE: Good and Bad?
By geddarkstorm on 10/12/2011 3:43:55 PM , Rating: 3
"as long as you aren't doing anything wrong you don't have much to worry about"

But who defines what is "wrong"? And what happens when something that is normal, right, and part of your life identity is suddenly listed as "wrong" by the government, like speaking out against its policies on message boards?

This is why freedom and personal responsibility was such a huge thing for America at its founding. The country was designed to prevent us from falling into the mentality you expressed. Because what is "right" now, could be made "wrong" later, for the shackling of the freedom of all. Ala the kings and monarchs of Great Britain back in the day.

RE: Good and Bad?
By Reclaimer77 on 10/12/2011 4:19:25 PM , Rating: 2
Yup. The only country in the history of the planet to guarantee the 'pursuit of happiness' in writing.

Unfortunately historically freedom and liberty are NOT the natural state of man.

"We basically took a look at this situation and said, this is bullshit." -- Newegg Chief Legal Officer Lee Cheng's take on patent troll Soverain
Related Articles
FBI Used Spyware to Catch Extortionist
April 21, 2009, 12:10 PM
German Policeware Plan Causes Outrage
September 5, 2007, 12:15 AM

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki