Slashdot Mirror
Australian Police Given Power To Use Spyware
reek writes "An Australian newspaper has reported> that the contentious Surveillance Devices Act has been passed. The act will (according to the article) allow Federal Police to obtain warrants to secretly install spyware onto users computers enabling them to "monitor email, online chats, word processor and spreadsheets entries and even bank personal identification numbers and passwords.""
Now that this Surveillance Devices Act allows police to obtain a warrant, does that mean that information obtained unlawfully won't stand in the court?
I vaguely remember there's a country where it is illegal to obstruct surveillance by way of encryption. And you may be required to hand over all your passwords (if some are protecting legal documents like a Will) if the police decided to take a good look at you.
I can imagine a police listening to a phone conversation interrupts the suspects and requests them to speak in plain English.
Rock that crushes, Paper & Scissors that don't matter.
...that having software that (knowingly or unknowingly) blocks or removes this spyware isn't a crime...
"Accept that some days you are the pigeon, and some days you are the statue." - David Brent, Wernham Hogg
As long as they need to obtain a warrant first, I don't see the big deal.
What doesn't kill you only delays the inevitable
How is this any different from a legally obtained wiretap?
Let's hope AdAware picks up those signatures real quick! :)
America .... Ooops
Whats are the Australians trying to do Give America ideas ?
Quick someone stop them
What dire portent does this entail for the use of apps such as adaware, or other programs intended to rid a user's computer of software that snuck into there install base?
I may be a little off topic on this, wont Anti-Spyware like Giant and Adaware find this? and if properly configured wont they also see them being installed??
-DrMyke
"mmmmmmmmm, doughnuts" - H.J.Simpson; super genius
I'm sure this power won't ever get abused.
Look (insert officer's name here), he just typed in the password to that pron site he is always visiting; now we can get in free too.
I wonder if they'll find digital finger prints of 10 year old boys and Michael Jackson on pr0n sites...
A feeling of having made the same mistake before: Deja Foobar
We caught the defendant logging into marsupialsgonewild.com.....
- I got my free iPod and a free Nintendo DS....why not
...this means we'll have to install spyware on the cop's computers to make sure they're properly complying with the law.
A man's reach must exceed his grasp, or what's an erection for?
One cannot trust a closed-source anti-government_spyware program working an a closed-source O/S, but the same perogram implemented as open source running on an open-source O/S? Yeah, much better.
Nice busted link, jerks. You do realize that you're called 'editors' for a reason, right?
How long until this is padded on to the next patriot act?
I can just see Bush drooling over this.
Runnin' On Empty
Of course the next question is (besides the privacy concerns) is using programs such as AdAware and Spybot S&D to remove said Federal Spyware illegal. My guess would be yes but I also suppose that the people who would be getting these "taps" on their computers won't care much about the legal reprocussions of removing them.
I also, wonder what kind of stance the Australian Law Enforcement will take towards these companies. Will they provide them with information to avoid their spyware (I doubt it)?
I'm actually more suprised this isn't a bigger issue or perhaps it's just the first legal documentation of this while it's a practice long used?
-Teiresias
would you be breaking laws? where is this taking us? what does the spyware track?
Say someone who wrote a virus or trojan to capture keystrokes.
Or even spyware for that matter.
Like wiretapping without a court order?
...since the Nazis took over.
Yea, OK. Because as the software companies have learned from their massively successful bout with game pirates (assuming you use "successful" to mean "it wasn't warezed before it even hit the bloody store shelf") you can effectively use a person's PC against them.
Whatever. Looks to me like the computer geek is just going to become a staple of the successful organized crime family in Kangaroo-land, that's all. You cannot put a skilled person in front of a computer and not have them figure out how to break your stupid protections and spyware and whatever else you want to try and pull over on them. If it's on my computer, and I have a reason to go looking for it, I'll find it, and I'll break it. Guaranteed. You cannot hide things from someone on their own computer.
Yet another technology that will have absolutely no effect on the big time criminals and will waste money catching the little guys that weren't really capable of getting away in the first place. In fact, I'm now taking bets on how long until someone figures out how to sniff out the signature and disable it.
Alito: A vote for Alito is a punch in the eye to put that bitch back in her place!
I live in Australia, and have forgotten my password I used for my password safe database. Maybe if I commit a crime it could show up as evidence. Police force more useful than brute force.
In the US we have had Carnivore for years ... mehg acy=zdnn/
http://news.zdnet.com/2100-9595_22-524798.html?le
Notice the have to at least obtain a warrent. In the US there is no such requirement.
Where the dingos only eat the constitution.
How do they expect to install this software? Send you some spam and hope you click on the link?
In other news, Steve Irwin arrested for animal cruelity after a "tip" led investigators to a web site that showed him .......... ..what is the world coming too... give me circa 90's internet...
-DrMyke
"mmmmmmmmm, doughnuts" - H.J.Simpson; super genius
If they want to spy on their citizens like the United States, they already have the rights under law, and the equipment to do so. It's called a packet sniffer. They don't need viruses to do this kind of spying. If you're hooked up to the internet, you're wide open.
What part of "with a warrant" is so hard to grasp?
Several things come to mind right away.
1. How will this work on a Linux machine?
With the security that is the hallmark of a Linux box, how do law enforcement officials expect to tap into someone's computer if they are running Linux? At best they could only monitor the user account they installed the software for.
2. Will this software work around firewalls?
This probably isn't really an issue, but it came to mind.
3. What if the user removes the software?
The article only said it was illegal to publish the existence of the software, not to remove it or tell your friends about it.
4. What if the user reinstalls their operating system?
An easy way around the problem. Just remove everything, and you're good to go. If the hard drive is cleaned out completely, there would be no way for the software to survive.
Obviously they have some serious work to do engineering wise. I'm interested in how they plan on executing this. Also, I do so hope that this law doesn't catch on anywhere else, and for the sake of my Australian friends, is revoked in their country.
by installing Google Desktop http://desktop.google.com/?
first they will have to break into my box. as I don't leave my computer with root logged in, in a terminal.
#
#\ @ ? Colonize Mars
#
What's the best way to sandbox these programs to study them later?
Anyone have any links to these sites?
I get the feeling that Reynolds Wrap sales are going to skyrocket in Australia.
I wonder how those "Crocodile Dundee"-style hats would look when covered with tinfoil....
Just once I'd like someone to call me 'Sir' without adding 'You're making a scene.'
How much you want to bet that there's about to be a stampede to Linux down under??
I didn't vote for the lying rodent.
Seriously, anyone know what Canada's immigration policy is like? (Nothing personal Americans, but with a dropout running your country I don't really want to be there either)
In this case, would it be useful for criminals (or whoever is being tapped) to install real spyware/adware that deletes other spyware/adware, thus getting rid of the gov't-sponsored spyware? I never thought I'd see the day that I would actually WANT to install Gator...
You won't hate yourself in the morning if you don't get up before noon.
You've got jail!
God spoke to me.
The AMD PIC might actually be useful in Australia! It's small, cheap, and you can't load software on it, meaning it's spyware free, Gurenteed!
There are a couple of legal questions I would like to pose to /. about this.
1. Normally, when your government takes or uses your property in a way that prevents you from enjoying it, you get paid. If my government is installing software on my machine, that effectively occupies a portion of my hard drive and prevents me from storing data there. Thus, property is taken, should I get paid? If so when?
2. If I remove the software, am I destroying government property?
3. If the United States were to try to adopt a similar provision, under what authority would they do so?
4. If the computer with the spyware installed gets moved to another country, can the Australian authorities still use it?
Trying to use sarcasm in text-based forums does not work.
Scenario 1:
Your honor... we obtained the warrant to install it. But we don't freaking know how to do it!
(His honor: ) Argh! Damn Linux!
Scenario 2:
OPEN THE DOOR! POLICE!
(hacker deletes everything from his computer using a three-finger hotkey)
Yes, officer? How can I help you?
We're here to install some spyware on your machine. We have a warrant.
Oh sure, come in.
(half an hour later...)
(hacker unplugs his PC. Runs anti-spyware, and reboots)
*whistles*
and find out what is going on. Oh wait, they run Windows. Now it is time to find out who has the info.
It can't be illegal to reintall your os. It makes me wanna reinstall Windows ME. A required periodical format+reinstallation of the OS can only make one safer.
This is totally insecure, but very convenient.
If you're an alert user, and you find this task running on your machine, and you remove it...
Are you guilty of the Australian version of Obstruction of Justice?
If so, you could commit a serious crime by simply running a spyware scanner.
Weaselmancer
rediculous.
Or perhaps a link to dialer.exe
Wonder how many people would fall for that old one
- Rob
Join the Digital TV discussion @ http://forums.dvbowners.com
You cannot hide things from someone on their own computer.
There are millions of people out there who, having achieved the technical acumen to set the time on their VCRs, never programmed them to record anything because that's hard. You could hide spyware from them on their desktops if you just give it a name they can't understand. SYSTEM TOOL THAT ONLY SMART PEOPLE UNDERSTAND.EXE might be slightly too obvious for some of them.
...what will those australians think of next?
Use a laptop... use OpenBSD... encrypt your entire drive... carry it with you everywhere, sleep with it under your pillow.
I guess the easiest way to make sure you aren't being tapped is to 1) put all your data on a removable disk, 2) use IMAP for mail, 3) Fresh install your OS with all the programs you want 4) Ghost (or some other backup tool) your install 5) reinstall the backup as often as possible. (optional: 6) PROFIT.)
It might not keep the spyware out, but it will at least make it a pain in the ass for them to keep it on.
crashes the crap out of Konqueror 3.3.2
Maybe that's the Kangaroo Kops trying to install an M$ bug in everyone's browser...
with DynaComm i:scan... see sig for link... I'm telling you guys this is what the world is coming to... =)
I know what's on your hard dr
The real target of making it illegal to remove federal spyware would be the makers of spyware removal programs, who have a lot more to lose than someone already under heavy surveillance for illegal activities. The authors will be threatened, a la the DMCA, with "trafficking in circumvention technology" and I'll bet good money that the feds can bring enough charges to make them fold like cheap suits.
Never mind this particular story is happening in Australia; we either have done it or will soon do it here in the USA. Our federal government specializes in "conviction by overwhelming force," where they threaten so many charges that add up to twenty life sentences plug two lethal injections, the target pleads guilty to one chosen charge to avoid the gamble.
I love my country, but I fear my government. Reason magazine put it best a few months before the election: "The good news is that on Nov. 2, one of these men will lose. The bad news is that the other one will win."
-paul
Pistol caliber is like religion: everyone has their favourite, and theirs is the only right choice.
I don't care! I use Debian and am only ever logged into user space.
I do not run sendmail/bind, the two must buggy and exploitable programs (on UNIX), so how does this help the police? Do the real criminals move to a platform where they can get security from the police, or are they too dumb, or confident to do this?
Would someone who runs Norton Personal Firewall who blocks this be held against the charge of obstruction?
Why UNIX?
I heard once that if you found a tracking device on your vehicle installed by the police, you cannot remove it since it was installed because of a warrant. I'm sure spyware installed because of warrant would fall under the same type of law. This, of course, is in the United States, and not the land down under.
They sound as bad as the United States trying to rid the world of weapons of mas-turbation.
They did not mention how they would get the spyware installed on the computers. Personally, when I'm not near my computer, it is password protected. And I'm not logged in as root either, so how do they expect to go install software on peoples computers without them knowing? Will it be like in the movies when then come as electricians and ask to check your meter while putting in bugs/cameras? Will they now come as Geeks asking to check your computer for virus's while they install their software? What about with Macs or those that use Linux...Sure they got themselves a law that lets them do this...but makes you wonder how much success they will really have at it.
Sig? No thanks, I don't smoke.
This could put an end to the spyware companies since they would be preforming illegal wiretaps when they install their software on your computer. Though this would only apply to the ones that track browsing habits, but that's part of what most of them do.
... Australia didn't already have this as part of their legal system?!
Speak truth to power.
http://gmail.google.com/gmail/a-95c522b451-459b5a3 bf7-f6576ec084
Does one cop knock on the door and say "Hey! Look over there!" while another cop sneaks in the back door with a CD-ROM and install the software?
Just use a Linux Live CD and you will be set.
Of course, if you are this paranoid, you probably deserve to be spied on and in jail anyway.
I am becoming more of a fan of booting your
computer off of a CD a la KNOPPIX. This will
prevent 99% of all viruses, and, I believe
severely frustrate these types of efforts.
I guess they could clone your cd and add
a few programs, but what obout the random scratches
on the surface, one of which may have been placed
there by you. Couple this with a good firewall / NAT appliance and some good encryption services and
you can still run your international smuggling operations.
No way I'm gonna post this under my real nick...
It's all starting to make some sense now.
Life is like a huge puzzle with most of the pieces missing. But I think I'm starting to see some of the more important pieces falling into place. And let me tell ya. It doesn't look too pretty.
Long thing short... It has to do with the blood for oil project the government has underway. This thing the constitution had setup was getting in the way of what satan was trying to do.
So this is just another thing that shall come to pass to enslave the populus into doing the bidding of their master.
Don't believe me? Well, surf on over to http://www.thepowerhour.com and check out that 911 in plane site video they offer.
Want a poor man's copy? Fire up your torrent and surf over the suprnova.org and get that torrent link to the same video at about 100MB AVI format.
It's just one of those pieces in the puzzle that they didn't want you to see.
I await the black helicopters now.
At issue here is more than just a wire tap, that can be done utilizing the PSTN.
This falls under the same disgraceful process of sneek and peek warrents. A person has an innate right to be secure in their effects.
secretly tampering with your physical property with only 'reason to suspect that a crime may or may have been committed', coupled with the fact that it is also illegal to publish information about any such secret warrant/spyware. the deciding factor is that the crime in question must carry a MAXIMUM of 3 years jail time.
yep, thats right, they can spy on you for thinking about talking about their spyware...
I guess that they'd freak out if you ran everything from an OpenBSD box with everything encrypted, good PHRASE passwords, not single words, phrases, and used an encrypted connection as soon as you connected to the internet, and regularly inspected your hardware for indications that it'd been tampered with (or just carry your system with you at all times). And had your system check for rootkits and run something like tripwire against a nonvolatile piece of memory (like a SD card) every time you booted up.
Of course then you'd just be a paranoid freak, and probably deserving of the tapping of your system.
It's not like we don't already see spyware installed behind one's back when visiting certain web sites.
Then I'd like to see the first judge that orders you to run your computer as Admin so they can install spyware behind your back.
Use Evolution instead of Outlook? Bewa
Maybe I'm missing something. Let's say that criminal #1 is keeping records of ill deeds on his pc. Then this announcement goes out that the govt. now has the power to install copware on your computer. Wouldn't all but the dumbest criminals (who would've been caught anyway) simply disconnect their box, and use a non-incriminating computer for internet? Or a firewall?
That's right, I read at +2 and post at +1. Not even I care what I have to say.
How do they get the perp to install Real Networks or Kazaa or make them clicking on the jumping Monkey?
and welcome to the world of facism.
Look around you boys and girls, you don't have any rights at all anymore. Have fun before it sinks in. We are now PRODUCT, to be traded amongst the elite.
It doesn't take a switch to Linux to get Linux-like protection.
Get Win2K or XP and do your daily work as a limited user. Stick with apps that work as a limited user (Yes, this means dumping Quickbooks for Simply Accounting). Ditch or fix the games that need Admin to run and tell your vendors to clean up their act. Take charge of your PC already and stop blaming Microsoft.
Use Evolution instead of Outlook? Bewa
Knoppix rides again.
KFG
Seems like Knoppix pretty much makes this completely useless. Even if someone is able to code up a Linux version they won't be able to install it on a non-persistent system. I'm sure everyone in Australia won't start using Knoppix (or something like it), but all the criminals they're trying to catch will!
-- Gargonia
Never play leapfrog with a unicorn.
"Yer honor he was using Windows and..."
"That's enough for me! I sentence you to life!"
IANAL, but I've seen actors play them on TV
This is the police!
We have taken control of this slashdot account.
Anything we say can be used against you in a court of law...
Now really, if your computer can be infected with spyware, what's to say the courts can prove you are responsible for what is done on your computer?
Now this spyware issue, the banning ceremonial swords and toy guns, crime rates rising, and the security camera epidemic. How much freedom are the citizens of these countries willing to give up?
This guy is way out there
1. The technology is flawed therefor it is useless. :)
No, there is no real connection between a technologies flaws in all conditions, and it's usefulness in some conditions.
2. The government will know everything about me.
Unless there is a warrant out on you, the government likely gives a two-hoots against you. This is NOT echelon
3. It will be easy to remove by any idiot.
Not, likely. The technologies to make difficult to know that it is running on your machine are well known. And truly most idiots do not know what is running on their machine, and criminals tend not to be criminal masterminds. Mostly they are just stupid criminals.
4. There are already laws.
No, monitoring laws are very technology specific. Monitoring software requires it's own laws.
5. There is no reason to do this.
Powerful encryption requires LE to do something like this in order to capture keys and information to be used against the badgus.
6. Government intrusion bad!
Well, yes. That is why the 4th Amendment exists in the US, and there are pretty powerful privacy laws in most western democratic societies. But All of them carve out exceptions to prevent activity that is harmful for the social good. (criminal and seditious behavior for the most part). The difficult part is how to balance between a blind and ineffectual enforcement activity and an all knowing overly effectual (we all sin, so some say. Holiday Greetings all!) government enforcement activity.
The govt.(s?) won't ALLOW Linux. You'll HAVE to run with Windows because it can be infected.
Sucks, don't it.
MSBPodcast.com The opinions expressed here are my own. If you don't like 'em... Think up your own stuff.
cops come knocking at the door. suspect opens door. cop states he has a warrent to install some "software" on the computer. suspect leads cop to IBM XT in the closet. no problem.
I think there should be a worldwide police force. Let's call it Earthpol. This organization will have the right to use any methods necessary to catch any kind of criminal. Basically, they will be above any law in any country, and will be able to commit any crime that nonmembers of their organization cannot commit. Also, they will serve as police, prosecutor, judge, and jury. People will be arrested and immediately sentenced. The minimum mandatory sentence for any crime is 40 years in solitary confinement. This organization will go around and terrorize people, demanding payment for "protection" services. Those who do not pay will be arrested for some crime. Earthpol will not have any burden of proof. All will be considered guilty until proven innocent, and will NOT be given any chance to prove themselves innocent, or to make any attempt to do so.
Crooks use things like radio scanners to look for wireless bugs. They can use tools to search for such spyware, essentially tools like Adaware or virus scanners or sum | diff.
Once crooks find out how their systems are compromised, spyware removal tools can do their work, and crooks can take evasive measures. For example, installing many sets of OS binaries, DLL directories, registries, etc, on each machine. In different directories, different file systems, different disks, whatever.
You could play all sorts of cat and mouse games. Sounds sorta like fun, except, guilty or not, it's probably not fun having the heat on your tail.
Alright, this does feel a bit rotten, but it's really no different than wiretapping, which we've all grown accustomed to the spectre of.
The question is, if the suspect finds and removes the spyware, what happens next? Will the police charge them with obstructing justice? What if the spyware has a negative effect on the operation of their computer -- can the justice system be held liable for damages? Are they planning on making cross-platform spyware, or will Windows users be the only one to suffer?
This so-called powerful new means of gathering evidence isn't quite fully baked, and I doubt it will be for the foreseeable future.
You cannot hide things from someone on their own computer.
Of course you can. Don't even kid yourself. Malicious code can be embedded into existing system utilities. Completely original malware can be hidden amongst many other files in system directories. Plug-ins can be hidden in the registry.
There are 1000 places to hide something, and you're never going to find them all. If you delete 999 occurences, the single one left will rebuild them all. (in new and different hidden locations)
The only really effective manner of completely ridding a PC of a malicious spyware infection is to re-install the OS. Your other option is to turn off the computer and go back to pencil and paper.
I'm supposed to be working right now.
Signs will be popping up all over Australia: "Hard Drives replaced while you wait"
Pete Carr Owner Chatmag.com
My guess is that spywares would be difficult to find if they are embeded into wires (say from keyboard to case) ; would work regardless of the operating system, and would need sharp eyes to get spotted.
Yeah like all the people they are wanting to spy on use windows?
:)
I thought about this a few years ago and the most that could be done is monitoring your traffic at the isp.
Due to this the only internet service that is not always encrypted is email (still pgp on important stuff).
newsgroups are encrypted, irc is encrypted.. even the web is encrypted now through certain providers.
I don't have anything to hide but I have a right to privacy
"I disapprove of what you say, but I will defend to the death your right to say it." - Voltaire
I like that due process is still required. And, if all they were doing is tapping internet activity after obtaining due process, I would be fine with it.
However, I don't think it is acceptable for them to install software, secretly, on the person's computer. That, in my opinion, greatly exceeds boundaries of privacy and personal liberty. Perhaps they should secretly install a camera in the person's bathroom too? You know, becuase thats where she has her meth lab set up....
I hope the people of Austrailia push back against this one.
They can sniff my packets because that's all they're going to get.
That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
I suppose the Justice Department or whoever could just send you an email saying you've won a trip to (insert location here) and have you click a link to 'download' your trip planner software. Or they could always go with the porn route, directing you to a website with some nasty active X scripts and what not. Glad I use mozilla.
Sig? No thanks, I don't smoke.
Security-Enhanced Linux
SELinux for Distributions
The UnOfficial SELinux FAQ
Quite honestly most any GNU/Linux distro will slow them way down (assuming their not using a hardware keyboard capture device). If they get get physical access to your machine you're screwed reguardless of the OS.
"And a voice was screaming: 'Holy Jesus! What are these goddamn animals?'" - HST
I just started running it and am quite impressed. Not an easy setup but still not bad at all. If anyone is thinking of trying SELinux IMO Fedora is the way to go.
Passing laws like this serves no one but the government. It's the same thing as creating a law which is too complicated for the average person to understand. You need legal training just to have a ghost of a chance at fighting your charge. The same way here: those that are technologically-deficient and don't know how to install anti-spyware products, they are the ones that lose.
Call me crazy, but I believe that the capablities for government surveillance should only increase to the same level that people have capablity for counter surveillance. The government is not automatically right and the people wrong. People are supposed to be free from "unreasonable searches at seasures", yet I somehow doubt that the Founding Fathers could envision a time when searching would be undetectable by the person that was searched. How can a person be assured that the search was reasonable if they don't even know that they've been searched?
... from the Australian Federal Police. We have obtained a warrent to monitor your computer. Please visit this web site (insert link here) so we can install our spyware (sorry, monitoring software). Note that to use this software you must be using Windows 2000 or later with Internet Explorer 5.5 or later. Please make sure your system meets these requirements before visiting this site.
So, if I have Spybot Search & Destroy or another of that sort of utility installed, and it removes the spyware I'm not supposed to know about being there, am I guilty of tampering with evidence or something?
Your why Emericas schools ranks in the bottom of endustrialised nations: you cant spell & you cant punctate!!!11
If the Feds came to them and said, "You know, if you want to keep doing buisness, we need this from you,"
Heh - why would the feds have to bother? They are doing this already, unrequested, now we know why...
...so it's not like Australia's move towards normalizing law enforcement techniques to modern standards is anything new.
That's right, down there in little Australia they still use stone tools and hunt kangaroos with spears.
How is a shortsighted unworkable piece of legislation modern?
I am artificially intelligent.
and a usb keydrive with you to access your email with... gets round any spyware on the machines... unfortunately it can't cope with hardware based keyboard loggers or someone else in the circuit sniffing all your packages...
Donald 'Duck' Dunn: We had a band powerful enough to turn goat piss into gasoline.
Violent crime in the US has been declining for more than a decade. It took a mighty downward trend during the administration of that oh-so-reviled Mr. Clinton.
Gee, do you think that could have anything to do with the assload of money that administration directed toward hiring new police officers? The timing cannot be mre coincidence: at the very time the Clinton administration's new measures were going into effect in 94/95 (Billions directed toward hiring thousands more police officers, a castrated assault weapons ban), violent crime numbers began taking a severe nosedive.
Was this due to the ban on guns? I doubt it given that "assault weapons" accounted for a tiny percentage of incidents in the first place.
Since shrub has been in office he has let the assault weapons ban lapse (whoopee) but has also been cutting all that money for police. And the years since "Mr tough on crime" took office represent the first time in years that violent crime numbers have NOT shown a consistent reduction, but are actually near levelling and showing an upward trend... all despite the presence of an attorney general who has also been one of the most outspoken in calling for even further reductions in our constitutional liberties. The assault weapons ban only recently lapsed, but the upswing in crime numbers began almost immediately after the administration (and policy) changes.
So rather than simply ask "what's wrong with the UK" I would also ask "what's wrong with the US?" Because the symptoms are the same, and it appears the UK is simply working toward becoming the next new US territory...
Can a wiretap imitate your voice and say things incriminating? How about a bug? Spyware is an executing application that can do anything its author wants. It doesn't just listen, it can act. Just leave a port open and remotely execute arbitrary commands. Now you can frame anyone you want without leaving a trace. Not to worry though; It isn't like the police would plant evidence to get a conviction, right? You aussies just got totally screwed by the legislature.
Our recently re-elected government in Australia is unstoppable at the moment. They ran a FUD (of terrorism, rising interest rates) and bribery (of the tv watching masses) campaign which go them a majority in both our house of representatives and our senate.
Minor parties did oppose these bills.
The laws are passed in such a way the general population either doesn't hear about then because they are lost in other bills. They are not covered by Rupuert Murdoch's popular news paper press or on commercial news networks, for the most part.
Quite often the direct effects are not apparent - these are the sorts of laws that creep up on you as they become used more frequently.
I think it's a dishonest goverment that introduces legislation by stealth. But sadly there are plenty of those around in this world.
The answer is to become polically active (which we still can).
Richard
It depends on how exactly their spyware functions. If it's a separate executable that communicates with their servers, a software firewall that's set to check your permission before allowing programs to transmit anything would stop it, regardless of how it was set up. That could still be circumvented by the government telling firewall makers to make an exception for their software, but that's not quite the same thing as telling them not to work around it, eh?
Have you been touched by his noodly appendage?
Just yet another reason to move to dvd-based fire-wall equipped leave-no-trace computing. Permanently. I only want a machine with NOTHING on the drive. Except while I'm offline, burning more copies. Run in ram, then shut it off.
Is the govt. in Australia really this stupid? There going to waste tons of tax payer money, and any smart crook (the ones that are hard to catch), can work around this by switching OS!
Also, what about privacy issues? Or are they not important in Australia?
If Tyranny and Oppression come to this land,
it will be in the guise of fighting a foreign enemy. -James Madison
Bad time to be a Brit or Aussie. Both have governments that are in bed with Bush, and with Bush's policies, freedom is the first victim.
Good luck trying to make W happy. Until both countries are freedom free, Bush will keep the preasure on.
And as long as Bush can keep American's talking about Australia losing their freedoms, he knows Americans won't be talking about losing their own freedoms.
Keep the old head in the sand.
I am a law abiding citizen of Australia and am shocked that our politicians could pass such a bill.
The law seems to make it legal for authorities to exploit vulnerabilities in an operating system to gain intelligence. What they fail to realize is it is trivial to remove their ability to install spyware.
Change operating systems (use Linux), stay behind a packet filtering firewall, use a secure browser, do not run as a user with install capabilities, use encrypted communications, use encryption technologies that do not require you to type in passwords (cards, biometrics, etc) - the list goes on.
It's a shame our government once again displays its lack of understanding regarding technology.
I don't make predictions, and I never will.
I would play along. Im sure with police and things if I said theres a bomb somewhere they would have to check to be sure, so you could talk a load of rubbish for a few weeks sending them around in circles!
encrypted disk which requires cd or usb key to boot. I suppose they could then come up with a hardware device to snoop the pci or ide bus, but I'm sure additional workarounds can be made to avoid that too. And since they won't be able to install anything on your disk, you'll just have to remember to check your keyboard and connection everytime for any extra dongle! And close those blinds!
How is this going to work when I have antivirus software on my computer which is supposed to detect and stop exactly this stuff. Companies like symantec and mcaffe will have to buy in, and then Ill stop buying them. Spyware is spyware and a virus is a virus, even if the cops use it whats stops the bad guys from getting a copy and using it themselfs?
in soviet australia, spyware installs you!
i thought that general world opinion was that KGB type monitering like this was a bad thing.
bit confused here, if you check here http://notes.nt.gov.au/dcm/legislat/legislat.nsf/0 /dc3235849078fff8692569cd00813843?OpenDocument
they had a real ugly piece of legislation concerning surveillance in force already in 2000 covering them and New Zealand of all places . Read it, hair raising experience.
So what's new here?
BTW - used to be of neutral titling positive opinion of that country but the preponderance of evidence started moving me toward far more negative assessment recently. Those primitive British prison warden types that stayed seem to have gained the upper hand again!
I can just see Johnny Law trying to get the spyware working on an RPM based Linux box.
Download spyware-0.9.RPM
User KPackage by clicking on the RPM icon
No way will the 5-0 boys use the commandline.
Next they will see:
Us-solved dependencies spybot-0.1.4.so
Mr. LEO at this point gives up.
Problem solved
Cheers
* Carthago Delenda Est *
Yet another good reason to be a Mac/OSX user, given they can't even get the Tax Office (to facilitate the taking of my hard earned money) to recognise a Mac, the chances of the AFP or ASIO tapping one are pretty slim.
Whoot
Beside, as we know from the movies, Mac users are always the good guys. :)
Sara
Designer, Gamer, Macgrrl in an XP World
Guess that pretty much means any jr high chem student is in big trouble....
---- Booth was a patriot ----
Shouldn't this be in the YRO section?
Probably not since it's here, nevertheless strange.
Johnny Law: Now, let's get this thing installed...
"Now booting Windows ME..."
Johnny: Oh, we've been here already!
AC
Looks like they will finally have the kangaroo courts they've sought for so long. Let's hope this spyware surveillance doesn't boomarang back in their faces.
"Is that a wallaby in your pouch or are you just happy to see me?"
Comment removed based on user account deletion
Sounds like it's time for the not-so-paranoid to join the paranoid and really-god-damn-paranoid in using the Dead Man's Switch:
http://www.pcworld.com/downloads/file_description
You set it so as if you don't login and reset the timer before a certain date/amount of time has elapsed, it will:
- Send an email out to people to warn them/tell them you're dead/imprisoned/abducted by that blind date
- Poo all over your sensitive files.
Awesome.
I wonder if they will build "higher quality" spyware that does now cause your system to slowdown and/or crash. Polymorphic features might be used to (attempt) to get around anti-spyware programs.
heres a mirror mirror... (of the text at least..)
good lord, my fellow british subjects! Why?
GENERATION 26: The first time you see this, copy it into your sig on any forum and add 1 to the generation.
But will it affect service pack 2?
[Its a joke..!]
Better yet, just put it in the network card... that market is totally cut-throat, so I'll bet that anyone who offered a network card manufacturer a large sale or two in exchange for some extra firmware... well...
Why bother?
1. Set up front company to buy network cards wholesale.
2. Open them, flash the firmware, re-package them.
3. Sell them really cheap to retailers and mid-level distributors. Give them to Dell for almost free.
4. Exploit hole.
5. PROFIT!!!
Or do the same with motherboards, since many people won't need a discrete PCI NIC, and most people never flash their BIOS. Point is, it doesn't require the assistance of the manufacturer to get compromised hardware in almost everyone's machine.
Mal-2
How is the Riemann zeta function like Trump rallies? Both have an endless number of trivial zeros.
For completeness I ought to add that by virtue of s138(1) of the Evidence Act, the notion of unlawfully obtained evidence is captured by the term 'improperly obtained evidence.'
Better to be despised for too anxious apprehensions, than ruined by too confident a security. --Edmund Burke
The UK populace, from now on referred to as 'sheep', have noticed no change.
UK politicans claim their jobs are a lot easier now that they don't have to deal with facts or anything.
The terrorist threat has effectively been eliminated as all the terrorists laughed themselves to death over the legislation.
In other words, they're happier all around. Of course, the rest of the world is tryingt to tell them they're crazy, but hey - that'd be knowledge. Ignorance is bliss.
Live today, because you never know what tomorrow brings
For all the DMCA does, it only protects content. You have just as much right to wipe spyware off your machine as you have to erase a DVD (you can't do that in software, but hey you could tear the damn data layer off the disk). There's no DMCA violation in that. Potentially, disassembling the spyware to look at its "insides" might be, deleting it isn't.
Kjella
Live today, because you never know what tomorrow brings
I downloaded Antiviron onto an old, 300MHz laptop running W98SE, installed it non-resident, and ran it. It took close to an hour to scan 40,000+ files and reported no problems.
However, after that, it would take 'forever' (over a minute) to open a file by double-clicking on it. (Previously took several seconds.)
So I tried to use the Uninstaller included with AntiVir. Tried it twice. Both times it hung the system.
How can I get rid of AntiVir?
Thanks in advance,
Morris
I am trained at firearms and explosives (in the army), so now I need to leave my head home while traveling?
love slashdot. populate it. use it. abuse it. hate it. kill it. miss it. stop following links, they only kill servers.
Only 30,000 federal warrants were request last year. Over 32 were denied.
Australian Police Given Power To Use Spyware
Feeling discriminated? Just run IE, and the power of spyware be with you.
from the to-stupid-for-words dept.
I want this one now!
Evolution is just a scientific theory. Creationism is not.
Is this designed to catch Dr Evil or find out who that mixed up A/C guy is?
And did you exchange a walk on part in the war for a lead role in a cage? - Pink Floyd.
We are not taught cool stuff like that in the UK.
:(
We are taught the theory to pass exams... that is all.
We don't even have Science Fairs
MS has had it around for a few years. Its nice because it drops you to a command prompt with admin access. I use it on a thumb drive to get onto my parents computer to fix it everytime they do something stupid.
The FBI almost certainly has a copy of this somewhere, even if they just had to go download it off Kazaa.
"Coffee should be black as hell, strong as death, and sweet as love." -- old Turkish proverb
Just a copy of my osnews posts: Nothing to hide, eh? By Victor Hooi (IP: ---.nsw.bigpond.net.au) - Posted on 2004-12-14 20:16:14 Nothing to hide, eh? I'd be very suprised if you're not either ignorant or lying...(no offense meant). So you live a perfect life, you're a paragon of virtue and civic responsibility? Do you ever record free-to-air television (illegal) Do you ever borrow software from your friends? (illegal) Do you ever use mp3s? (illegal, depending on where you are - as a total of all mp3s, very few are totally 'legitimate' - plus the mp3 codec licensing) *All* of the software you have in your house is legitimate, I assume? If asked by police, you would be able to produce the EULAs and Proof of Authenticity, I assume. (and saying "it's a friends" is probably not good enough) Your power cords/power tools are certified by a licensed electrician every 6 months? (illegal if not - but most people don't - bloody ripoff) You have never made *any* modification to your phone line/mains without calling an Austel Licensed (I'm downunder) or licensed electrician? (illegal if not) Your plumbing is done by a licensed plumber, whom you ask to produce his documentation and license each time? Seriously mate, I very much doubt you have nothing to hide - they'll find something - and saying, "everyone does it" isn't exactly going to hold up in court - if they want to get *you* they'll get you for something. Bye, Victor ----Number Two Below------ Laycock.... By Victor Hooi (IP: ---.nsw.bigpond.net.au) - Posted on 2004-12-14 20:21:38 Sorry, another thing - what about corrrupt coppers? The son of the assistant police commisioner - Christopher Laycock - absolute corrupt, thick and true (he's confesed). He's intimidated witnesses, tapped phone lines, stolen police records, attempted to kidnap people using police equipment/help, beaten up and stolen from people etc. Then there was that Melbourne underworld scandal a few months back - apparently, people under witness protection were being shot/killed with inside help by police. Not very reassuring, that these are the people committed to protecting us - then we give them these rights. What's to stop another Laycock say, getting you're credit card number, or just obtaining private information and blackmailing you (anybody who's been following the court case will know he's *definitely* more than capable of doing that - kidnap, assault, robbery, etc, he's done them all - and he's the son of a assistant commisioner). Bye, Victor (I'm kinda lazy...hehehe)
There is direct correlation between more police officers in the field and lower crime.
The Reagan years were a boom time... crime was flat, didn't go down a bit. Shrub's daddy oversaw a relative boom during the gulf war (that he started) yet crime increased the entire time. In fact, it didn't even increase proportionately more after the (mild) boom ended, which further errs your attempted argument.
Crime continued to increase after clinton took office until the crime bill passed and all those police officers hit the streets.
Care to try again?
Just how difficult is it to set up a computer which will show evidence of tampering (particularly of the hardware kind)? Especially if your primary system is a laptop. Where exactly does one put a keyboard bug inside a laptop, with their famously non-interchangeable parts? It doesn't matter, really - glue the screwholes shut. Glue the hard drive in place. They can carry away your machine, but they cannot make it betray you and collect evidence. Use an open BIOS, with custom password prompt code. Now, none of this will stop the authorities from seizing your machine, and torturing the password out of you, etc.; but the undetectable planting of covert hardware/software bugs seems like a very preventable thing to me.