Bavaria sanctions police spyware Bavaria has become the first German state to approve laws that allow police to plant spyware on the PCs of terror suspects. The controversial measures allow local law enforcement officials to plant Trojans on the PCs of terror suspects (and potentially other serious criminals) from the start of August, Heise reports (Google …
If they use an already-known piece of kit, no problems, it's gone in seconds. If it's customized - highly doubtful. The bane of all signature-dependent scanners... Which is why Winpatrol and the like is a must-have addition. It's the only piece of software to save me from malware in the last 10 years by noticing that something wanted to auto-start and didn't go away when told to. </blatant plug>
How long before a security patch is released to close the holes used to install its self, Or are the police going to force terror suspects to install it.
After all what stops a malicious attacker using the the same exploits, or even better exploiting the spyware.
I doubt it has a Linux variant, and if did I'm sure the security hole would be closed immediately. Therefore if your a terrorist, use Linux.
What about when:-
a) Policeman X decides to use it to spy on Mrs X, Mrs X's suspected lover etc
b) The communication protocol is cracked by the Russian mafia.
c) The software is reverse engineered by "terrorists" and installed on Police PC's by blackmailing the cop in point (a).
Good idea lads.
yup, that's right.
i think this is likley to become law here in UK too, judging by the UK gvt's overzealous preoccupation with monitoring us, removing our rights (especially any right to privacy), and outright controling us.
new gvt definition of terrorist:
anyone who doesn't agree with the government!
sigh! who are we anyway? just insignificant 'general public' civilians who have absolutely no say in anything. welcome to England.
George Bush and Co? Sounds like his kind of dirty business. Let's just have a little spying on everyone, shall we. Don't have anything to hide if you're not guilty of anything? Think of the children. Think of the war on terror? Think of all the laws we're breaking (oops!). Rights? What are those? Liberties? Those at the top will still have theirs.
Unlikely that the software makers will tell you what they REALLY do with this kind of stuff; especially if they want to stay in business and not be shut down for "supporting terrorism". Break into your house to install it? Commit a criminal act to "protect us" from ??? Somebody tell me why these clowns aren't already in jail, please.
How on Earth can this possibly work? Encrypted HD (or a LiveCD) with a strong password running Vista or Linux will be enough to stop it. Terrorists aren't stupid - they know this law exists. I wouldn't be suprised if they issue out a memo from the Terroist IT Dept stating how to get around it. (using the methods listed above)
Something else to ruin the privacy of the innocent whilst the guilty get away...
Personally I don't see this as that much of a big deal. If the police already have you under heavy surveillance then spiking your PC is just a sensible step forward. They're just keeping up with the technology. State/Military sponsored cracking has always been inevitable.
The only slightly dubious factor is the fact it doesn't require a warrant in certain circumstances, but hey it's Germany, see how is pans out over here :)
First, you have to be a dumb criminal to 'run' a trojan, unless Bavarian police are full of 0-day we're not aware of. It's one thing to confiscate a HDD and then make a write-blocked image that can be shown in court to be origianl.... and both sides can verify... I don't think police rooted PC's should be admisible as evidence. I could maybe see if they rooted the PC to get the guy to do something that would out himself (change a contact's info or reveal a meeting place that they overlook?).... but even then it's sketchy.
if your not actively using your terror OS, switch to a nice clean install of whatever OS the spyware works on. let them have at it. After they have broken into your house, installed all their software, totally violated what little rights you have left, you are then safe to boot to the REAL OS and continue your terror activities unmonitored.
This will only catch the "low hanging fruit" in any application they have for it. Sure alot of people are too dumb to notice extra processes on their machine, but I doubt these are the droids they are looking for ...
I have attached a card for you named happy99.exe....
what, no roflmao icon?
"Like most law enforcement tech, it will probably be illegal to include the police Trojans in AV libraries."
Sorry but how on earth do you imagine that the AV companies are supposed to know when they find malware whether or not it was planted by police/MI5/MI6/GCHQ etc. or the equivalent organisations in 100 different countries ? You imagine that said law-enforcement organisations are all going to provide copies of trojan software or a software suite with regular updates to identify law enforcement zero day exploits to every Tom, Dick and Harry of an AV or pentesting company whether based in the same jurisdiction or not ? Perhaps you think AV companies would be willing to delay releasing new malware signatures while the spooks decide whether to approve these ? Well it would certainly defeat their imagined security by obscurity of their malware techniques if they could approve or reject any AV software release.
Besides which, many criminals now have access to expert malware systems analytical and reverse engineering expertise themselves. This is how bot herders keep up with their competitors. It's also not as if it's that difficult automatically to image systems before and after a trojan/virus or worm installation to identify the differences resulting from malware installation - which gives you the malware those interested are looking for. Use of virtual machines and a few scripts cut out most of the effort this kind of thing used to involve. Some of my second year undergraduate security systems students are well up to this.
Your premise is based on a deeply flawed assumption: that there are sufficiently few IT security specialists with the capability to detect and analyse malware that all these specialists are inherently state- controllable.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
