Bavaria has become the first German state to approve laws that allow police to plant spyware on the PCs of terror suspects. The controversial measures allow local law enforcement officials to plant Trojans on the PCs of terror suspects (and potentially other serious criminals) from the start of August, Heise reports (Google …
And how hard would it be to remove the spyware?
Wonder if Adaware and Windows Defender will remove it lol.
illegal outside Bavaria ?
So do they have a kill-switch in case the suspect moves to another state or country ? After all, it would be illegal to spy on them outside the Bavarian jurisdiction.
Anyone else see potential here for an early warning that police are gonna raid your house?! =D
And then promptly labelled as terrorist organizations. Lucky Bill has stepped down or he could be the next Osama
Add Bavaria to the list...
So it's Austria and Bavaria now who do state-sanctioned malware. Are you gonna do a list, maybe with a pretty map, so that we can plan our holidays accordingly. Maybe graphics isn't El Reg's strong point, but a list of countries...
Like most law enforcement tech, it will probably be illegal to include the police Trojans in AV libraries.
Windows or Linux spyware?
Would this spyware be written for Windows or Linux or both? And under what license? GPL with source code freely available?
Clearly if the user has vista and has uac turned on then it wont get installed anyway because vista is so secure.
Oh, sorry, maybe not!
Depends on the signature
If they use an already-known piece of kit, no problems, it's gone in seconds. If it's customized - highly doubtful. The bane of all signature-dependent scanners... Which is why Winpatrol and the like is a must-have addition. It's the only piece of software to save me from malware in the last 10 years by noticing that something wanted to auto-start and didn't go away when told to. </blatant plug>
I doubt this will work
After all, everyone knows that 'loonux' is the OS of choice for any serious 'terrurist'.
How long before a security patch is released to close the holes used to install its self, Or are the police going to force terror suspects to install it.
After all what stops a malicious attacker using the the same exploits, or even better exploiting the spyware.
I doubt it has a Linux variant, and if did I'm sure the security hole would be closed immediately. Therefore if your a terrorist, use Linux.
What about when:-
a) Policeman X decides to use it to spy on Mrs X, Mrs X's suspected lover etc
b) The communication protocol is cracked by the Russian mafia.
c) The software is reverse engineered by "terrorists" and installed on Police PC's by blackmailing the cop in point (a).
Good idea lads.
and guess who's next
yup, that's right.
i think this is likley to become law here in UK too, judging by the UK gvt's overzealous preoccupation with monitoring us, removing our rights (especially any right to privacy), and outright controling us.
new gvt definition of terrorist:
anyone who doesn't agree with the government!
sigh! who are we anyway? just insignificant 'general public' civilians who have absolutely no say in anything. welcome to England.
do they work for
George Bush and Co? Sounds like his kind of dirty business. Let's just have a little spying on everyone, shall we. Don't have anything to hide if you're not guilty of anything? Think of the children. Think of the war on terror? Think of all the laws we're breaking (oops!). Rights? What are those? Liberties? Those at the top will still have theirs.
Unlikely that the software makers will tell you what they REALLY do with this kind of stuff; especially if they want to stay in business and not be shut down for "supporting terrorism". Break into your house to install it? Commit a criminal act to "protect us" from ??? Somebody tell me why these clowns aren't already in jail, please.
How on Earth can this possibly work? Encrypted HD (or a LiveCD) with a strong password running Vista or Linux will be enough to stop it. Terrorists aren't stupid - they know this law exists. I wouldn't be suprised if they issue out a memo from the Terroist IT Dept stating how to get around it. (using the methods listed above)
Something else to ruin the privacy of the innocent whilst the guilty get away...
Not so bad
Personally I don't see this as that much of a big deal. If the police already have you under heavy surveillance then spiking your PC is just a sensible step forward. They're just keeping up with the technology. State/Military sponsored cracking has always been inevitable.
The only slightly dubious factor is the fact it doesn't require a warrant in certain circumstances, but hey it's Germany, see how is pans out over here :)
but if they pwn it?
First, you have to be a dumb criminal to 'run' a trojan, unless Bavarian police are full of 0-day we're not aware of. It's one thing to confiscate a HDD and then make a write-blocked image that can be shown in court to be origianl.... and both sides can verify... I don't think police rooted PC's should be admisible as evidence. I could maybe see if they rooted the PC to get the guy to do something that would out himself (change a contact's info or reveal a meeting place that they overlook?).... but even then it's sketchy.
if your not actively using your terror OS, switch to a nice clean install of whatever OS the spyware works on. let them have at it. After they have broken into your house, installed all their software, totally violated what little rights you have left, you are then safe to boot to the REAL OS and continue your terror activities unmonitored.
This will only catch the "low hanging fruit" in any application they have for it. Sure alot of people are too dumb to notice extra processes on their machine, but I doubt these are the droids they are looking for ...
I have attached a card for you named happy99.exe....
what, no roflmao icon?
"Like most law enforcement tech, it will probably be illegal to include the police Trojans in AV libraries."
Sorry but how on earth do you imagine that the AV companies are supposed to know when they find malware whether or not it was planted by police/MI5/MI6/GCHQ etc. or the equivalent organisations in 100 different countries ? You imagine that said law-enforcement organisations are all going to provide copies of trojan software or a software suite with regular updates to identify law enforcement zero day exploits to every Tom, Dick and Harry of an AV or pentesting company whether based in the same jurisdiction or not ? Perhaps you think AV companies would be willing to delay releasing new malware signatures while the spooks decide whether to approve these ? Well it would certainly defeat their imagined security by obscurity of their malware techniques if they could approve or reject any AV software release.
Besides which, many criminals now have access to expert malware systems analytical and reverse engineering expertise themselves. This is how bot herders keep up with their competitors. It's also not as if it's that difficult automatically to image systems before and after a trojan/virus or worm installation to identify the differences resulting from malware installation - which gives you the malware those interested are looking for. Use of virtual machines and a few scripts cut out most of the effort this kind of thing used to involve. Some of my second year undergraduate security systems students are well up to this.
Your premise is based on a deeply flawed assumption: that there are sufficiently few IT security specialists with the capability to detect and analyse malware that all these specialists are inherently state- controllable.
Re: Add Bavaria to the list...
You might want to include the whole of Germany on that list.