Swiss to Use Spyware to Listen to VoIP

An anonymous reader writes "Heise Security is reporting that the Swiss Department of the Environment, Transport, Energy and Communications is entertaining the idea of utilizing the 'Superintendant Trojan', a spyware program designed to allow eavesdropping on VoIP conversations. According to ERA IT Solutions, the creator of the software, it will only be distributed to investigation agencies in the hopes of keeping it out of the hands of malicious hackers since firewalls apparently 'do not present a problem' for the software."

4 words:

[creepynut]

Create it and they will get it.

Re:4 words:

[creepynut]

Haha... 4 words. Make that 7, because I don't know how to count.

Re:4 words:

[McGiraf]

4 words: maybe trought VOIP but in a /. post we get all the 7 words.

Re:4 words:

[socerhed]

they dont have to get it....now that people know it can be made they can just make it if they really want it

Re:4 words:

[evilbuny]

This is only going to effect Skype users, other VoIP systems using hardware devices don't use a PC and can't get infected.

Re:4 words:

[mikesd81]

Are you 100% sure? Maybe not via this but IP packets can always be intercepted somehow. On the other hand, if Skype doesn't like this idea, I'm sure they can fix it.

Re:4 words:

[SinGunner]

I only count 6 words... Although you did use "it" twice.

Re:4 words:

[couchslug]

Good, make sure they get it and distribute it thoroughly.
Saying that this sort of trojan is bad means nothing to the clueless. Proving that it is bad is the only way to wield a cluebat with sufficient force for effect. Nothing proves a point like public failure.

Re:4 words:

[Myopic]

dude, that was a fucking brilliant way to get +10 karma instead of just +5. kudos.

Re:4 words:

[permawired]

Just as long as you count in Metric and not ASE :) Yes, thats meant to be funny damn it.

Re:4 words:

[creepynut]

Funny ratings do not count towards karma. Combine that with the -1 Overrated and -1 Offtopic, I didn't get much Karma out of the 2 posts :)

Re:4 words:

[Myopic]

mod parent +5 Informative!

/ -1 Not Funny

Re:4 words:

[mlemley]

Does the US FBI fit in the "malicious hacker" category these days?

yea right

[grapeape]

If the trojan can be installed it can be sniffed out and discovered. I give it at tops a week of deployment before someone figures out what it is how it works and backwards engineers it into instant maymem for all the black hats.

Re:yea right

[whoever57]

If the trojan can be installed it can be sniffed out and discovered.

Which then raises the interesting question: how will anti-spyware vendors (including MS) respond to this? There really are no good solutions for an anti-spyware vendor in this case, since detecting it could be considered as hindering law enforcement, which would be illegal in many jurisdictions.

Re:yea right

[Alien+Being]

In other words, it's a cheesy solution with a bunch of holes in it.

Re:yea right

[Coldmoon]

"There really are no good solutions for an anti-spyware vendor in this case, since detecting it could be considered as hindering law enforcement..."

Actually it will turn out to be the exact opposite. Once the program is in the wild and the black hats get their hands on it, both the AV and AS vendors will have no other choice than to add it to their detections.

Regardless of whether the detection is for the original Trojan or not, any subsequent black hat variations found would be added and the original would in all likelihood be flagged due to the particular (add your own term here) scanning technology.

Re:yea right

[rolfwind]

Um, if you are free/opensource hacker in the US, you don't have to care about the laws/law_enforcement in Switzerland, generally. You can circumvent this all you want.

Now, if you were a corporation, there may be additional considerations, but only if you have a branch of your business operating there.

Re:yea right

[isometrick]

The omg-leak-to-blackhat bit isn't a big deal. Any blackhat worth his weight in RAM chips could cobble something together to record incoming/outgoing RTP traffic on a local network interface (in the case of SIP/RTP VoIP, and similar in IAX, H.323 and other protocols). It's just a few header fields and then pure Mu-law or A-law audio in most cases and other publicly available codecs in other cases.

It'd probably be more work to reverse engineer this trojan as opposed to writing something to do it yourself. It definitely would be for me. And from some experience with other 'law enforcement'-type programs, it's probably shit anyway.

The worrisome bit is utilizing trojans for law enforcement, even with some kind of judicial review (scoff).

It will also only be really useful when Joe User starts using VoIP, because it'd be much harder to get your average power user to install something infected with the trojan.

And end-to-end encryption renders it completely useless anyway, unless it actually reads pre-encrypted stuff from memory. Hopefully VoIP providers will get off their collective asses and get SRTP et al. working.

Just my $0.02.

Re:yea right

[sleeper0]

Active outbound control firewalls like zone alarm already interfere with US (and I'm sure other jurisdictions) use of key loggers that publish to the net. I'm pretty sure they haven't caught any heat about that. In fact it was a US LEO that encouraged me to start using that kind of technology. Requiring anti-malware technology to skip over it would essentially be akin to law enforcement requiring back doors be put in their software, something I'm pretty sure wouldn't fly.

Re:yea right

[mattr]

hacker: 100kg
sd card: US$124 / 2 grams ($61/g)

hacker's weight in ram chips: $610,000

Re:yea right

[solitas]

...detecting it could be considered as hindering law enforcement...

All right then: if you find an audio or video bug in your house, will you disable it or do a "Qué Será, Será" - since it can be argued that you don't know who placed it?

Re:yea right

> . Requiring anti-malware technology to skip over it would essentially be akin to law enforcement requiring back doors be put in their software, something I'm pretty sure wouldn't fly.

And by "wouldn't fly", you really mean "has flown".

How would he/she know different? It's certainly what I'd do if I were the liaison between Microsoft and the gummint. If the OS has to phone home via a secure back channel in order to authenticate, XP's the beta, Vista's RC1.

Re:yea right

[sleeper0]

err? You seem angry but about what I'm not even sure you know. I never said anything about anyone knowing about backdoors that might be in place. And now checking a serial number against a validity database is obviously actually a tool for the US government? HOLY SHIT THE NSA HAS BEEN HACKING MY BRAIN SINCE HALF LIFE!

Re:yea right

SD isn't RAM. it's Flash.

Re:yea right

[surprise_audit]

You know it's only a matter of time before one or more of the NSA, FBI, CIA, TSA, etc deploy their own version, and there'll be encryption involved somewhere so that defeating it will be a DMCA violation and/or an act of terrorism...

Come to think of it, wouldn't it also be a DMCA violation if the government agency's version circumvented any VOIP encryption to eavesdrop?? Not that it really matters, because Bush will pencil-in a clause that makes it OK for his buddies to rape the DMCA all they like...

Hmmm... Anyone tried running a VOIP product in VMWare?? It'll boot a LiveCD ISO and run everything in it, without saving *anything* to disk. Have fun infecting *that* with spyware...

Re:yea right

[tecnopa]

What everyone seems to be forgetting is how unsecure VoIP is to begin with. So they can monitor your conversations...
So can anyone else with a packet sniffer in the right location. Standard VoIP is not encrypted data and should not be considered "private" in the first place.

Re:yea right

[dodobh]

Screw SRTP. IPv6 with mandatory crypto (AH and ESP) FTW.

Re:yea right

[suv4x4]

There really are no good solutions for an anti-spyware vendor in this case, since detecting it could be considered as hindering law enforcement, which would be illegal in many jurisdictions.

You could've said that for Sony's DRM too (DMCA law), but still antivirus companies reacted appropriately.

I guess we need 20-30 more years until politicians who have a clue what the net is, come to power.

Re:yea right

[iamacat]

since detecting it could be considered as hindering law enforcement

Didn't put much of a dent on Radio Shark radar detector sales.

Re:yea right

[Nocturnal+Deviant]

they are a bit smarter sadly...they go over our heads to the ISP's and use Semantic Traffic Analyzers http://www.wired.com/news/technology/0,70914-0.htm l

Re:yea right

[Opportunist]

It ain't my government using it. So my government won't prosecute me for finding this trojan. Actually, my guess would be that they don't really enjoy the idea that the Swiss might be tapping their conversations...

Trojans rarely care what computers they're installed on. They don't discriminate between good and bad people.

Re:yea right

[Shawn+is+an+Asshole]

Anyone tried running a VOIP product in VMWare??

No, but sound support is rather bad under VMWare. On every machine I've tried it's very choppy.

Re:yea right

[kensan]

And end-to-end encryption renders it completely useless anyway, unless it actually reads pre-encrypted stuff from memory.

I read the original newspaper article and it contains some more information. Apparently the software is accessing the microphone directly, so encryption will not help. On top of that, the software will be able to record audio by turning on the Mic even if there is no VoIP-Software running, etc.

The newspaper article also said that it was theoretically possible to do the same with Webcams but there are no plans to use this "feature". Not because of privacy concerns or any such thing but because many webcams have a LED that indicates the usage.

I assume this thing only runs on Windows PCs, but this is pure speculation.

It's really distressing how they could put together such a piece of software without even having any "sound legal basis" for it's usage. Usually it takes years to change things here in Switzerland, which is a good thing to a certain degree.

Re:yea right

Er.... $61 * 100 * 1000?

That would be $6.1 million - making it $t3v3 4u$t1n, the 6 million dollar hacker!

Re:yea right

[TractorBarry]

> Hindering law enforcement...

Just because it's allegedly for "Law Enforcement" doesn't change the fundamental principle.

No third party is going to run anything on my PCs without me giving my express permission - which will consist of me deliberately choosing to install and run that software.

Any anti virus/spyware vendor that doesn't detect and remove this scumware are incompetent.

Still, as usual, if you don't use Windows there's probably nothing to worry about.

Re:yea right

[Jonah+Hex]

Even worse under Microsoft Virtual Server/Virtual PC, it emulates a Soundblaster 16 ISA card. Since Vista has no ISA support all I get while testing is the nasty system beep.

Jonah HEX

Re:yea right

No third party is going to run anything on my PCs without me giving my express permission - which will consist of me deliberately choosing to install and run that software.


No third party is going to enter your house without your express permission, either, but the police can and will, and there's nothing you can do to stop them.

Any anti virus/spyware vendor that doesn't detect and remove this scumware are incompetent.

Cooperating with law enforcement is a smart move for any company who wishes to do business and keep doing it. Not cooperating, on the other hand, can lead to trouble no company or stockholder would enjoy dealing with.

Government always wins, deal with it.

Re:yea right

[ArsenneLupin]

No third party is going to enter your house without your express permission, either, but the police can and will, and there's nothing you can do to stop them.

But that doesn't mean that it is illegal to make locks. So, yes, antivirus and antispyware companies are in their rights to add this to their lists.

Re:yea right

[NDPTAL85]

There's this thing called a "court order" you see. Sometimes its referred to as a "search warrant." Its scope can also apply to people's computers. So no, despite all your righteous indignation, your computer CAN be altered without your permission and even without your knowledge at the time it is altered.

Re:yea right

[Garabito]

Come to think of it, wouldn't it also be a DMCA violation if the government agency's version circumvented any VOIP encryption to eavesdrop?

Not really, because the DMCA is about criminalizing circunvention of measures taken to protect copyright, not just circunvention of any kind of encryption.

Re:yea right

[CreatureComfort]

Just because it's legal, doesn't make it right.

Re:yea right

[NDPTAL85]

On the whole you are correct but there are exceptions. For instance, the sentiments of a geek regarding the "security" of his own computer systems pales in comparison to society's interests in solving crimes. You won't die and the government isn't going to put the contents of your boring hard drive on the 11 o'clock news so in cases like this your complaints will fall on many many deaf ears (and I'm not just counting the ears that are totally computer illiterate and thus won't care because they don't understand whats going on in the first place either).

Re:yea right

[PlusFiveTroll]

You won't die and the government isn't going to put the contents of your boring hard drive on the 11 o'clock news

It has happened in the past, and will continue to happen in the future. A little fear goes a long way, it keeps the sheep in line.

Re:yea right

[MikeBabcock]

In lots of countries, sure there is -- its called judicial oversight.

The police don't get to walk into my house for almost any reason and if they do, I have recourse against them.

Sorry if you live in the USA though.

Re:yea right

[BuBu2]

You're perfectly right...
So called anti-spyware vendors are cowards. Simply remember the Sony rootkit story. They perfectly knew about it but did nothing to remove the rootkit. Even Microsoft apparently didn't care that Sony was corrupting the Windows install of millions of users.

By the way, these stories are a supplementary reason not to use Windows.

If you need Skype, download the statically linked binaries and run it into a chroot jail. The authorities will be able to spy on your communications, but at least not on your personal files.

Re:yea right

[BuBu2]

Ok, let's admit that this is legitimate for the govnerment to have a right to solve crimes by installing spyware on a computer...
But what kind of crimes could be solved by installing trojan on the computer of someone ??
- murders ?
- rapes ?
- car thefts ?
None of these... Are the people really so naive to think that a murderer will list the victims and all the details in an Excel sheet, to be then conviniently found by the police ?

And what about the financial crimes ? In this case, it would be more appropriate to cease the servers of a company instead of people personal computers...

This looks just like a new way to invade the privacy of people without good reasons...

Is this trojan really made to solve crimes or to plant evidence ?

OMG...

[Pharmboy]

I can't believe I just read that. They think they can use it and it won't get in the wild? This sounds as smart as the judge in the Spamhaus case, as in, totally clueless about "that there interweb spying softywear".

Re:OMG...

Just what do you want the judge to do when he is only presented with one side of the argument? He really didn't have any choice to except to rule against Spamhaus.

Re:OMG...

[kyb]

What a lot of people aren't spotting is that we're talking about Switzerland. In Switzerland it's a relatively common assumption that people will obey the law.

Re:OMG...

[Pharmboy]

What a lot of people aren't spotting is that we're talking about Switzerland. In Switzerland it's a relatively common assumption that people will obey the law.

And the whole country is firewalled from the rest of the world? Swiss are "special", not like other nasty Europeans and Americans who always break the law? That isn't a strong arguement. Hell, it doesn't even make sense.

Anything you install on a bunch of people's computers will get in the wild. It doesn't require a rocket scientist to figure out how. What it shows is only how technologically clueless a few Swiss government officials are.

Wow.

[Sensae]

If that isn't a destruction of your privacy, I don't know what is. Although it'll probably be flagged by scanning software soon.

Re:Wow.

[JustNiz]

...or not...

Probably the respective governments will tell all the scanning software companies to make a point of not identifying it. That is, if the virus doesn't already modify the scanning software directly.

Re:Wow.

[Sensae]

Not referring to the big ones such as McAfee and Norton, but programs such as AdAware and Clamwin.

I really don't believe this

[El+Cubano]

...it will only be distributed to investigation agencies in the hopes of keeping it out of the hands of malicious hackers...

Do they really think so?

I mean, that completely ignores human nature. Come on.

• radar detectors
• traffic light remotes (the new ones that only emergency vehicles are supposed to have)
• guns in countries where guns are illegal
• police-band radios

All these things have one thing in common: they are not supposed to be accessible to the general public (or at least initially were not supposed to be) and yet they are. Legality does not stop criminals.

Re:I really don't believe this

[wordsnyc]

Actually, police-band radios have always been legal in the US (not in the UK, though). But with the rise of digital encrypted radio systems, those days may be fading fast, as it's a federal crime to even try to decrypt the transmissions.

Re:I really don't believe this

[sjs132]

traffic light remotes (the new ones that only emergency vehicles are supposed to have)

Haha... This reminds me of a clueless friend of mine... She actually believed that traffic lights were set to change when an emergancy vehicle approached because of the flashing lights. (light patterns was her logic...) So when we'd go out and she'd drive, at EVERY red light she would flash her high-beams on/off/on/off/on/off, etc... until it changed and then proudly say: "SEE! I told you!" when I would chide her about it... Funny now that I look back on it from this perspective.

She REALLY believed it.. Seriously.

Ahh... The good ol' (drunk & stupid) days...

Re:I really don't believe this

[CptPicard]

Legality does not stop criminals.

Simple legality not, but law enforcement does :-) Laws are effective -- over here guns are not "illegal" but rather controlled, and gun crime is not an issue, no matter you'd want people to believe...

Re:I really don't believe this

[roseblood]

In the USA the FCC gives permission to specific persons or agencies to operate radios on specific frequencies. The frequencies vary depending on the availibity of spectrum and the needs of the agency. A metro agency with many sky-rises will have diffrent needs from those of a rural agency in the plains states. Thus some agencies use relatively low frequencies, some in the 400mhz bands (mostly because most of the radio gear available on the market works here), others in the 800mhz bands(because the remainder of the radio gear on the market works here, with a few exceptions), and others scattered about diffrent parts of the spectrum.

It is NOT against FEDERAL LAW to own radios capable of receiving or broadcasting in these bands, as frequencies in these bands are liscenced out to all sorts of parties (private citizens, city workers, fire, police, ems, bus companies, etc.) It is also NOT AGAINST FEDERAL LAW to listen/receive tranmissions on ANY BAND. Decrypting, recording, and re-tranmission are another issue. If it is in the spectrum you are allowed to receive it (given you can past an FCC test to prove you know how to operate any equiptment you might use that is capable of transmission [Tx]) It is illegal to Tx on any frequency assigned to other persons or agencies. That goes for police, fire, ems, and civil users. Additionaly there are likely to be state and local laws regarding using of radio technlogy to impede the work of public saftey and/or the interference of civil use of radio spectrum in so far that it causes a cost to be incurred by the properly FCC liscenced party (IE: can't dispatch a taxi 'cause some prick is Txing all over your channel.)

Most TX is NOT encrypted as a form of security. Some transmissions are digital in nature and can not be parsed by the human ear as they are broadcasted. Other TX is "trunked" and spread over many frequencies, these can be both digital and analog trunked systems, and are hard to follow as users are moved from frequency to frequency as they become available for use, and the same frequencies are often shared by multiple users [a city that uses 10 channels for PD, FIRE, EMS, and civil functions for example.]

I am not aware of the legal status of decrypting signals where the encrypition is intended to protect the contents of said signal. Someone else will have to speak up on that.

Re:I really don't believe this

[wordsnyc]

Scanners that can track trunked digital systems are freely available in the US -- Uniden makes several. But once the digital signal is encrypted, it's illegal to decode it. The FBI and Secret Service use encrypted digital systems.

Re:I really don't believe this

AFAIK, radar detectors are not illegal, not in U.S. I've seen places selling them openly, and a friend of mine has it plainly visible in his car---I would assume something that would intefere with radar gun in addition to detection is illegal, but you would have to do a lot better than make a flat-faced assertion to convince anyone who's not a total moron that radar detectors are illegal.

So far, the only common thing I see in your list is that they're either irrelevant to your point (i.e. things that ARE legal to possess) or ammount to a tautology (i.e. X in places where X is illegal---why not just claim that it's human nature to break the law and discard the whole concept of society governed by law as being rudicrous?).

Re:I really don't believe this

[TheVelvetFlamebait]

Legality does not stop criminals.

Which is why I support legalised torture. Hit them black-hats where it hurts, that's what I say.

Re:I really don't believe this

[iamacat]

And why do you think of it as an unreasonable assumption without knowing the real story? This technology is feasible and would be less prone to abuse than remotes - a cop can easily spot a Corolla with a glued on siren or flashing high beams.

Re:I really don't believe this

[jimicus]

Legality does not stop criminals.

No kidding. If it did, they wouldn't be criminals.

(As an aside, I wrote to my MP pointing this one out a couple of years ago when they proposed making forging an ID card illegal (it already is anyway). The letter I received back said, in a nutshell, "We know criminals don't obey the law. We're trying to find a solution to that one and anyone who has any ideas is welcome to write to us".)

Re:I really don't believe this

[MickDownUnder]

>Legality does not stop criminals.

What if it did ?
Would they still be criminals ?

Re:I really don't believe this

[jridley]

It is not legal to have a police-band receiver in a car. No problem in a house.
I'm not sure if this is a federal or state reg, but if state it's in a lot of states.

Re:I really don't believe this

[wordsnyc]

NY State is one of the few states that make this illegal.

Leaks

[AgentFade2Black]

Before you know it, it will accidentally be set free.

After all, it doesn't pose a problem for firewalls. And then where will we be?

This is why...

[sjs132]

I write all my secrets onto yellow stickies... Then make the person that reads it shred and eat...

Re:This is why...

[CagedBear]

I write all my secrets onto yellow stickies... Then make the person that reads it shred and eat...

This gives an entirely new meaning to hacking through the back-door.

2 Words

[cybercobra]

Bad Idea.

If there's a backdoor, crackers will find it and they will exploit it.
Stop the idiotic Police/Spyware.

Ok, let's analyze this a bit, shall we?

[Weaselmancer]

Two things stand out right away. Point one:

the 'Superintendant Trojan', a spyware program designed to allow eavesdropping on VoIP conversations

Ok, so it's spyware. It sneaks onto a system and installs itself. Gotcha. That moves us to point two:

it will only be distributed to investigation agencies in the hopes of keeping it out of the hands of malicious hackers

Ok. Got it. So to sum up, what they're saying is that they don't want anyone to get it, but they need to install it on a target's system in order for it to work. And a target would be someone the law was interested in who was computer literate. Like, say....hackers, for instance.

I love things that are broken by design.

Re:Ok, let's analyze this a bit, shall we?

a target would be someone the law was interested in who was computer literate. Like, say....hackers, for instance.

Maybe, but VOIP has gone mainstream. Everyone and their mother can use skype.

And the better question is why not? Provided that there is sufficient judicial oversight, why shouldn't VOIP coversations of suspected criminals be monitored?

Re:Ok, let's analyze this a bit, shall we?

[RM6f9]

When has judicial oversight ever been sufficient to protecting citizen's rights?

Re:Ok, let's analyze this a bit, shall we?

[kent_eh]

Provided that there is sufficient judicial oversight,

Uh huh.

That's exactly the way things are going these days, isn't it.

Re:Ok, let's analyze this a bit, shall we?

[TheMeuge]

With one-time pads, quantum computing, and the absolute encryption secrecy it offers, I think we're just going to have to live with the fact that criminals can be secure from electronic eavesdropping, for as long as the general public is allowed access to computers.

Re:Ok, let's analyze this a bit, shall we?

> When has judicial oversight ever been sufficient to protecting citizen's rights?

Sufficient? Didn't they create the concept of "judicial oversight" (if not the very concept of justice), to be able to abuse citizen's rights (if not human rights), without (much) public protest?

Re:Ok, let's analyze this a bit, shall we?

Not to mention that the thing doesn't have to get "into the wild" when you hand deliver it to those most likely and capable to misuse it. "New super-elite, top-secret trojanware?! Hook me up with that shit!" Getting into the wild is the 'best case' scenario.

Installation?!?

[iOsiris]

I wonder how they plan to install these things onto the target computers?

Re:Installation?!?

[SeaFox]

I wonder how they plan to install these things onto the target computers?

Computers? I thought it would be like in Star Trek II where the bug would come over the phone line and crawl into you ear like poor Chekov.

Re:Installation?!?

[rapidmax]

Subject: Do druf druckä

Isch nüt schlimms: Superintendant.exe

Re:Installation?!?

[whathappenedtomonday]

I wonder how they plan to install these things onto the target computers?

I saw an article yesterday that said ISPs are supposed to distribute the trojan to their customers under surveillance; no details on how this should work. Are they supposed to spoof windowsupdate.com and disguise it as a patch or what?!

And yes, no I didn't RTFA.

malicious?

How is eavesdropping not a malicious use? From the article: "The wiretap has some additional functions. For example, the built in microphone on a laptop can be turned on to monitor a room or webcams can be activated." It very literally is spyware.

Yes, they are trying to keep it away from "hackers", but should it have even been written in the first place?

Re:malicious?

but should it have even been written in the first place?

This isn't the first time this has been written.

Why use the PC?

I wonder why they don't just do it all on the ISP's end if they are going to be responcable for infecting users anyway.

It's only a matter of time before people figure out what's going on and start using it in every kind of malware. AV/firewalls will need to detect it. If not I imagine this is just a windows thing. The idea of anyone being able to remotely enable mics and webcams is enough to make me switch to a new OS if I thought this was something that could not be detected and blocked/filtered.

Re:Why use the PC?

[SanityInAnarchy]

I wonder why they don't just do it all on the ISP's end if they are going to be responcable for infecting users anyway.

Because people can easily encrypt voice communications. This software, being on the client side, can get around encryption. Of course, all this assumes that they know what they're looking for -- I doubt they would know what to do with Asterix, even if it existed for Windows.

As for switching to a new OS, you're right, I do feel a lot safer on Linux.

Re:Why use the PC?

[moogs]

Will this *not work* over Linux? Then I might have to consider switching. Yes, I still use Windows. Don't have my own PC, or I'd have installed Suse. And this wouldn't apply for non-Swiss countries, so I'm safe! For now, anyway.

Re:Why use the PC?

[Burz]

As it happens, its relatively easy to setup SuSE with an encrypted root filesystem. That protects you from malware being physically placed on your system.

Preventing malware from being remotely placed on your system boils down to the usual Internet security measures (firewall, running only needed services, Firefox with NoScript, etc).

Re:Why use the PC?

[SanityInAnarchy]

You might try Ubuntu instead of Suse, but regardless, if you're at all worried about things like this, you should either already have your own computer, or use one that's only shared with trusted friends. And while I trust my friends to be honest, I don't trust them to be competent -- they might delete something or install malware, etc, by accident.

I'd much rather have my own computer running Windows then have to share the root account on a Linux computer.

hunh?

[RM6f9]

Installwatch + a firewall with a solid logging facility might not present *problems* for this software, but should provide enough info to entertain folks for a while...

Firewalls dont present a problem....shhhhure

[Wishful]

Firewalls dont present a problem...........i read this as.....the software connects back to home by connecting to TCP port 80. This is the kind of stupid software developer mentality........everyone allows outbound web browsing right ? (no ... wrong in my case and the company I work for).

Re:Firewalls dont present a problem....shhhhure

[pla]

Firewalls dont present a problem...........i read this as.....the software connects back to home by connecting to TCP port 80.

You done with that strawman yet? I'd like a whack at it...

If you use VoIP, you must have firewall rules allowing VoIP traffic out (and probably back in, but not neccessary for spying on the user).

Thus, this trojan would only need to connect the same way as your legitimate VoIP client. It could even act more-or-less like real VoIP traffic, since it basically needs to duplicate a legitimate call into a 3-way call with one hidden party (the police).

So yes, even a crappy software-only firewall could block the traffic from this trojan - But in doing so, it would also effectively disable VoIP, making the trojan unnecessary.


Now, you could certainly set up an out-of-channel means to tell an external firewall to allow a single VoIP session to a single designated IP address (ie, log into your gateway machine and manually enter the rule). But how many people will actually do that each time they want to make a phone call?

How would this be legal?

[NonViviDaSola]

You need to ask for a user's consent before installing this type of software. How could you install it without asking the user or providing a EULA and not break the law? Would a warrant allow someone to install spy software on your computer? I guess so since this might be the same as bugging your house or wiretapping.

Will a warrant be required?

[Qadesh]

The problem isn't whether undesirable people will obtain the software - surely if they want it they will get it or write it themselves (whether it is used by law enforcement authorities or not). The question is what process will the Swiss law enforcement authorities have to follow before they use the software. For instance will a warrant be required, what will be a sufficient degree of suspicion to justify the use of the software?

Re:Will a warrant be required?

[cromulence]

According to the article, "Installation of the software wiretap is to be carried out on the instructions of a judge only." so I imagine authorities will have to go through the normal due process. From what it sounds like this is a means to tap VOIP conversations much in the same way telephones have been bugged in the past. This is merely coming up to pace with today's technology.

Now if this were applied in the US and could be installed without a judge's consent (a la the Patriot Act), your standard privacy concerns would apply, but the impression I get is that this is a case of the Swiss authorities catching up with today's technology.

Re:Will a warrant be required?

[mikesd81]

Now if this were applied in the US and could be installed without a judge's consent (a la the Patriot Act), your standard privacy concerns would apply, but the impression I get is that this is a case of the Swiss authorities catching up with today's technology.

Now there's an interesting thought. US and Patriot Act.....maybe I'm paranoid, but it's all a matter of time.

Re:Will a warrant be required?

[chmod+a+x+mojo]

hmmm raises a question, if "the ISP will slip it onto the suspects computer" IF they use a known security vulnerability, wouldn't that be cansidered unautorised entry? especially since we are talking about a PERSONAL computer, not say... normal phone lines. The phone lines they can get away with by dealing with the carrier.


Bah someone else continue this rant, i been up for 18 hours now and can't think straight.

The Victim

[NevDull]

Well, the thing about Trojans, is that the victim installs them.

This article is complete and utter bullshit.

"VoIP" is not a single computing platform or implementation.

Re:The Victim

> This article is complete and utter bullshit.

Of course it is. This is just yet another company trying to push its damn product, to get public money, using connections in the government... best example: VeriChip...

Ok, I could clarify a bit, sure.

[Weaselmancer]

And the better question is why not? Provided that there is sufficient judicial oversight, why shouldn't VOIP coversations of suspected criminals be monitored?

Well, I haven't argued anywhere that they shouldn't be monitored. It's not the judicial oversight that worries me. It's the technical oversight.

Let me clarify my objections a bit. In order for this hack to work, some authorized person has to sneak something onto your system. And as soon as it's on your system....it's on your system. You have it. If you find it and can figure out what it is, nothing is stopping you from using it on other people. In short, it's only a matter of time until the hackers DO get it. And then they'll be listening in on VOIP.

To summarize the summary, this is wildly irresponsible. I can't believe people smart enough to write this software are dumb enough to think they can contain it. Absolute morons, I'd call them.

Re:Ok, I could clarify a bit, sure.

[LindseyJ]

I'm going to go out on a limb here and say that the people who are writing the software are not the people who gave the order for it to be written, and they definately are not the people controlling how it is going to be deployed.

Re:Ok, I could clarify a bit, sure.

[alphamugwump]

And as soon as it's on your system....it's on your system. You have it.

Correction: You only have the server. To be able to use it, you would have to reverse-engineer a client. Which would be pointless, because regular hacking tools are probably better anyway.

The only real advantage would be that AV programs might not detect it. The other possibility would be if the police forgot to put a password on the server, leaving the poor suspect wide open to all the evil haxx0rs.

Re:Ok, I could clarify a bit, sure.

[roseblood]

And then they'll be listening in on VOIP.

Same story as hardware hackers who got scanners modified to listen into cell phone and cordless phone frequencies.

Most calls go as follows:
I can't belive what my [co-worker,sibling,child,parent,doctor,whatever] told me.
I can't belive what my [co-worker,sibling,child,parent,doctor,whatever] did.
My [co-worker,sibling,child,parent,doctor,whatever] is so [great/craptastic].
I am so [great/craptastic]

It'll be mostly inane crap. Think about all the cell phone converstations you end up overhearing in public spaces. That's noise. There is alot of it. The good stuff (people giving out credit card numbers and mailing addresses to mail/phone order companies, trade secrets, juicy gossip) is signal. The signal to noise ratio is terrible. Random eavesdropping will result in little result for alot of effort. Unless the eavesdropping is targeted or some sort of AI/speech recongnition is involved little of any diffrence (positive or negative) will happen.

Re:Ok, I could clarify a bit, sure.

[ultranova]

To summarize the summary, this is wildly irresponsible. I can't believe people smart enough to write this software are dumb enough to think they can contain it. Absolute morons, I'd call them.

On the contrary, they are pure genius... marketers, that is. "This program is so efficient we can't let it fall into wrong hands. It's strictly for government." It's the same trick makers of Z-class horror movies used to use - demand that everyone going to the cinema takes a life insurance in case they'll be scared to death.

Just look at this, all of us taking clearly untrue marketing claims ("firewalls apparently 'do not present a problem' for the software.") as truths and repeating them to each other. Shame on you, Slashdot.

Pandora's Box

[Mr.+Lwanga]

From the best intention, come stupid ideas.

It's on;y important to softphone

[gelfling]

Me with my TA behind my router I think I have less to worry about.

Move along, nothing to see here.

[foQ]

There are dozens of commercial keyloggers and remote admin type apps out there. "Firewalls do not present a problem" to any of these, nor most of the other tools. I'm assuming here that they mean incoming firewalls, not restrictive bidirectional firewalls which block unknown outbound connections. The fact that this makes use of webcams and microphones is nothing new, Back Orifice did this a decade or so ago. None of the antispyware or antivirus vendors mark the commercial tools as malicious, because they assume (wrongly) that whoever put the tool there had a right to do so. I guess the only thing that is new here is that the company is distributing only to law enforcement. That might not even be new, since I'm sure the espionage community has some exclusively licensed tools at its disposal. If you want to get paranoid about something, be worried that your credit card info is in the hands of somebody in former Soviet countries or that some ransomware has taken over your PC. Trust me, the Swiss are not your biggest problem out there.

Re:Move along, nothing to see here.

now now, credit yourself for your dues.

Your Boss,
Head of PR,
Bundesamt für Polizei (BAP)

Thankfully...

[krray]

Thankfully I have nothing to hide. But if I did:
Thankfully my main GUI is a Mac. I wonder how LittleSnitch would handle a .EXE?
Thankfully my networks are Linux and BSD based. They don't like .DLL's.
Thankfully my VoIP is handled by a Sipure non-PC based box. It doesn't allow / nor has needed updates.
Thankfully the one place I do use Windows for now (work) will be replaced with a Mac in short time.

I do have to wonder if and how heuristic type scans and/or zonealarm tweaked all the way up would react to this type of software. Recently there was a "new" virus that showed up (one week ago today) on the email (Linux) server which my workstation immediately flagged as suspicious before even reading the body of the message (which was supposedly from the email admin [myself] :). This virus, at that time, was not known my Norton, McAfee, or Clam-AV. Thankfully my Windows workstation _is_ a work-hourse and I do have heuristic type scanning turned on for everything it ever touches.

As for the firewall, well, trust me, you have no idea HOW I configure it and what I do (or don't) allow out under normal circumstances. VoIP? Only from authorized IP's and MAC address' -- and only to specific OpenVMS servers (which REALLY hate to run Windows software and are even harder to infect :). Sure -- you could capture the OTHER END of the call probably much easier.

Thankfully, I have nothing to hide. :)

Re:Thankfully...

[LindseyJ]

Thankfully, 99% of computer users are not that anal about their security, so I won't have to read masturbation posts like this very often.

Also, it means that this software is still viable on most peoples' PCs. Not that that was the point of your post.

Re:Thankfully...

[DigitAl56K]

I really hate posts like this.

Listing your configuration is a) purely an ego trip, and b) unrepresentitive of 99% of personal computers/home networks, and therefor largely irrelevant to the discussion.

Re:Thankfully...

Don't you envy him? He runs a Mac GUI, not Mac OS.

Re:Thankfully...

[icebike]

Thankfully your packets do not travel on any public network...

Oh, wait a minute...

Re:Thankfully...

At least two repliers read/heard/imagined an annoying tone in your voice. I think I can appreciate what they're saying.

They don't seem to be arguing the fact that you have a *relatively* secure situation.

Thanks for sharing the info... [i'm serious,... though I think you can still do better,... so you'll have more to be thankful for] ... also, thanks to your other respondents,... I think they may gain something by reading their msgs as if they had been written by someone else

regards,
gerry

ps -- i hope you can appreciate what's annoying (to some) about your note,... you're announcing you're "blessed" (or, at least, that's how it's easy to read), and that most others don't/can't?/won't? share your blessings -- it may invite envy or ridicule...

that said,... thanks, again

this may be of some, or little, interest...

When 10,000 bees go house hunting, how do they cooperatively choose their new nesting site?
www.ece.osu.edu/~passino/PapersToPost/ GrpDecMakHoneyBees-AmSci.pdf

Lead Balloon

[flyingfsck]

Yup, that should fly really well past all the privacy laws, antivirus and antispyware programs.

As delicious^Wschtoopidttt as Swiss is...

Depends.

[SanityInAnarchy]

First off, most places allow some sort of outbound port 80, even if it is heavily restricted. The last place I worked at allowed outbound connections to the Debian update servers, and only through a proxy, but the principle is the same. And if you allow web browsing of any normal sort, it can be very difficult to differentiate between legit web browsing and something like this.

Now, it could be more complex, but to suggest that firewalls don't present a problem is to display an absurd amount of arrogance. The only way I can imagine this working is if they forced the ISPs to cooperate, and did some sort of stenography across multiple protocols (not just HTTP), in the hopes that at least some kind of outbound traffic is allowed. After all, VOIP has to be itself allowed. But at this point, you wonder why they would bother to infect the user -- maybe this simply passes crypto keys on to the ISP, thus defeating zFone?

Still, the sheer audacity of saying that "firewalls aren't a problem". Here's some simple firewall rules that are guaranteed to block it:

iptables -F
iptables -X
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP

Saying "Firewalls aren't a problem" is like a travel agency saying "Customs isn't a problem." You can't say that unilaterally, for all customs -- different countries have different laws and procedures surrounding what you can bring into the country, or what you can take out, and in any case, a naval blockade pretty much ends the conversation.

Re:Depends.

[grahamsz]

Virtually everywhere i've worked has forced you to proxy port 80 traffic, which essentially means that they've got to use HTTP or their requests just wont go through. A connection that was streaming VOIP audio out via http posts would probably look pretty damn suspicious to any network administrator that actually paid attention.

Re:Depends.

[Captin+Shmit]

"The ISPs of the persons under investigation will then slip the program onto their computers."

How do they plan on doing that, exactly?

Re:Depends.

[TCM]

Well, the ISP basically controls how you view the Internet. The next .exe you download via HTTP could be modified.

Re:Depends.

[SanityInAnarchy]

While that would be possible, where did you get that quote? It certainly wasn't in my own post.

Re:Depends.

[mibus]

Well, the ISP basically controls how you view the Internet. The next .exe you download via HTTP could be modified.

Have fun with Debian users, then :)

Modern Apt uses GPG signatures to verify package lists, and contains MD5 and SHA1 *and* SHA256 hashes in the lists for the individual packages.

Let me take this opportunity to say

[rolfwind]

According to ERA IT Solutions, the creator of the software, it will only be distributed to investigation agencies in the hopes of keeping it out of the hands of malicious hackers since firewalls apparently 'do not present a problem' for the software."

HAHAHAHAHA!!!!!

ROTFLMAO

Thank you, that is all. Great plan, thumbs up to the Swiss!

Re:Let me take this opportunity to say

ROTFLMAO

HWYKYPFFD

how will you keep your pants from falling down?

nothing new

This is no different from a software key logger that turns on the microphone as well. Nothing new here. Move along.

Black hats rejoice!

[Mr_Tulip]

The only possible means by which a trojan can get around anti-virus tools, operating systems and firewalls is if the tools themselves have been modified to allow this trojan to work.

I suspect that the software vendors / designers of these tools will be contacted, asked to participate and sign a ND agreement.

All people running software by these vendors will then be susceptible to attacks from this trojan - a trojan which will undoubtedly be in the hands of black hat hackers by then.

Additionally, if this sort of thing becomes common practice, it will result in anti-virus software becoming practically useless, as the virus writers will take advantage of these 'back doors' to create new malware that can mimick the behaviour of the trojans.

Re:Black hats rejoice!

[jimicus]

Actually, the only way things get stopped by anti-virus is if the AV has been modified to detect them. Essentially, most AV packages act as a glorified binary grep, searching for suspicious strings and flagging up any files that contain them. If the AV vedonr doesn't add this to their database, it won't be found.

As regards firewalls - it's a bit curious to announce that it isn't stopped by any type of firewall unless it does something really obscure like take advantage of bugs in IE or Outlook to install itself then report back via encoded HTTP requests or sending email - both of which would raise flags very quickly.

Myself, I'm wondering if something has been lost in translation and this "spyware" isn't spyware in the traditional sense, it's simply a black box which sits on the telco's network monitoring SIP calls. Strikes me as about a hundred times more likely.

Re:Black hats rejoice!

[Mr_Tulip]

You're right, although I was thinking more of the scenario where 'harmful' viruses start using the same algorithms and signatures that ought to be ignored by AV software since they are part of this VOIP monitoring application. The AV vendors will be in a bind, since they will have to balance out finding 'harmful' viruses and ignoring the government sponsored stuff.

As far as the 'black box' solution, it is indeed far more likely. I'd be surprised if this kind of network monitoring/logging technology isn't already in use by governments.

The trojan idea has some merit now that I think about it, since it allows you to listen in on conversations of people regardless of where they are physically located; as long as you have their IP (or email address?) and a means to send the trojan to their PC.

Re:Black hats rejoice!

[jimicus]

I think the black box solution has already been implemented in the UK for the Regulation of Investigatory Powers Act.

So it might be rather bad for my health to make a perfectly casual remark like "Say! Let's nuke Lon...£$%*"£_$( NO CARRIER

PGP Fone

[Hoi+Polloi]

I wish someone would restart PGP Fone.

Re:PGP Fone

[Antique+Geekmeister]

Me, too. Now that the RSA patents have expired, it shouldn't be as awkward to publish. Hosting the signatures is still a difficulty: an automoted key retrieval utility is vulnerable to fake keys being published and used for a man-in-the-middle monitor, much as Skype connections can be chained end-to-end by Skype and the audio traffic monitored in the middle, with Skype's cooperation.

Re:PGP Fone

they actually did:
http://zfoneproject.com/

Re:PGP Fone

[Ungrounded+Lightning]

I wish someone would restart PGP Fone.

Encrypting the link is good against taps outside the machine.

It doesn't help if the signals are tapped INSIDE the machine, on the unencrypted side of the process (like at the sound card).

So whether it would help against the trojan would depend on where the trojan tapped the signal.

And if the trojan taps the signal on the encrypted side, you can bet v2.0 of the trojan will get it on the unencrypted side.

fuck, it this was in the US

if this was in the us you guys would be bitching up a storm about how we're now under the control of hte nazis and that the terrorists have won and soon you'll end up missing if you speak badly of the Bush reich.... where's the fucking outrage? I can see it's little more than partisan bullshit and lies.

maybe but you still have plenty to worry about

[gd23ka]

Me with my TA behind my router I think I have less to worry about.

Me with my terminal adapter which happens to be integrated with my router,
I think I have plenty to worry about. Who says its firmware is not rigged?
Who says they can't upload a patch to it or otherwise tamper with it??

On the other hand, why do these shitheads need to tamper with someones
machine if they can just pick off the conversation directly from the wires
at the provider (unless they're using encryption)??!

I'd rather have this than CALEA!

[StreetStealth]

Which would you prefer, mandatory backdoors at every point in the network where you never know if you're being watched, or a solution where, upon repeated e-mails with attached executables masquerading as the same nudie pics, you can kind of guess that you're probably being watched?

I for one welcome our new Swiss overlords....

[Picass0]

That one never gets old.

Am I missing something ?

[l0cust]

I read TFA and I was a bit confused. First, I was not sure about where exactly this software is going to be installed

The ISPs of the persons under investigation will then slip the program onto their computers.

This seemed to be saying that it will be installed on the ISP's end which seemed like not such a big deal as ISPs monitor the network data to some extent anyway

The wiretap has some additional functions. For example, the built in microphone on a laptop can be turned on to monitor a room or webcams can be activated. As the latter is usually indicated by an LED, this is unlikely to be useful in practice.

Now it seems more likely that it will be installed on the target's computer. Now it is a spyware. I think it can be compared to planting microphones in the house of a suspect. And they will need a judge's permission before they do it which seems like a sensible thing to do. But unlike a microphone planted in the house, a spyware/trojan can interact with the data on the other end. So what happens when a person discovers this program installed on his system and sues the government for some credit card/personal information stealing (which may or may not have happened) ? I know he is a suspect but the fact that they needed to plant a spyware on his system means that they did not have enough evidence to refute his claims by saying that he is a terrorist or dangerous criminal and get away with the charge easily. This all is ignoring the fact that the program ever makes to the hands of the Black Hat community (which is inevitable as already mentioned by a lot of people).

He can atleast argue that installing a spyware in his system made it insecure in some way which led to the theft or something to this tune. I don't know the technicalities of the software in question but I am sure the judges won't exactly be experts in this domain either.

Article sounded like it could defeat FW inbound...

[gd23ka]

Reading TFA I thought it could probably somehow defeat most PC firewalls like the one they ship with Windows XP
_inbound_, somehow threading its way through the lethal digital packet perimeter by hitting the firewall
hard over its head with irregular bit settings and funny buffer overflow code-injecting variable length
tcp option fields no man has thought of before... ... now all it does is using outbound port tcp/80 to tattle back home. They don't even bother to "support" the
handful of standalone windows firewalls that are out there and stealthily modify the firewall configuration.

I am not impressed.

Sounds a bit detectable

For one thing, entire audio conversations are a bit hard to slip into "small inconspicuous packets". Additionally any program that starts broadcasting on the internet upon system startup is going to be flagged rather quickly.

Re:Sounds a bit detectable

[Random+Guru+42]

I agree that it'll be easy to catch. But even if it isn't, I'm sure someone will likely break into the company (physically or electronically) and walk out with a copy. Then it'll be blocked.

Re:Sounds a bit detectable

[JonathanR]

If you were writing spyware to eavesdrop and call home, don't you think that you'd cache the conversation, monitor the outbound interface and slot your traffic in during times of highish use?

Re:Sounds a bit detectable

Probably, but all it takes is one suspicious reading on a firewall and one user who pulls out their hd and ships it to somebody who knows what to do, and its out.

Dear Swiss People

[SQLz]

Welcome to the USA!!!

Re:Dear Swiss People

[elebeik]

Uhm, why exactly is this post insightful?
Do you know the first thing about Switzerland anyway?
FTA: "[...]is therefore examining the use of spy software to allow it to listen in on conversations on PCs[...]" I say: Yay for the Swiss government. They are examining this? Good, examining doesn't hurt. The press (ok, one newspaper... they might be misinformed) has heard about it and published it. People are being informed.
The contrast to the USA?
Well, firstly i'm sure somebody is examining the possible use of this or similar software in the US, too. But contrary to the US, Switzerland does not have a Patriot Act or similar stupid laws to allow wiretaps without a warrant.
Secondly, Switzerland is a direct democracy. The Swiss people can actually oppose anything the government decides and put it up to a vote. Yes, you heard right: no president can decide 'let's take away some rights from the people' without the people having the last word (for that matter, our executive is made up of 7 'ministers' (Bundesrat), with all of them together not having as much power as the US president on his own!).
So, to sum up my rant: I have no big fear of my government spying on me, while I am certain the NSA is spying on all of us. "Welcome to the USA!!!", indeed, for the world is your playground for all you care (and no, I don't hate Americans, just can's stand the current administration).

Re:Dear Swiss People

[Ungrounded+Lightning]

Many of the rest of us don't like the current administration, either. (Even those who think that the main candidate running against it in the last election would have been disastrously worse.)

One of the downsides of the way the US government functions is that it tends to produce a choice between bad and worse - and one WILL be chosen.

VOIP over Torrent

[mattr]

I was just wondering.. I understand bittorrent engages a high-bandwidth conversation with a dynamic swarm of IPs. Has anyone worked on a tunnel over bittorrent? Would seem like the next escalation..

Re:VOIP over Torrent

wtf has this got to do with anything?

Re:VOIP over Torrent

[RKBA]

It would work only if you talked exceedingly slowly. ;-)

Re:VOIP over Torrent

[tryfan]

It will get faster if you talk to a *lot* of people at the same time - especially at the end of the conversation :-)

Re:VOIP over Torrent

[mattr]

Yes! Could usher in a new artform of rapidly accelerating discourse! :)

Oh Great

Got on Vans they look like sneakers!!!

wrong

[george_e]

1.intrusion of privacy
2.administration of law outside legal jurisdiction
3.stealing computing time
4.stealing bandwidth from us who need it.
5.intellectual property compromise

wrong.fuckers.misguided.immoral.

lets reverse engineer this and use it on them! see how they fucking like it.

another bunch of politicians that decide our everyday freedoms.

Not a new issue

[Beryllium+Sphere(tm)]

There's a category of "investigative" software marketed to suspicious spouses and the like that includes keystroke logging features. The antivirus/antispyware industry is split on how to handle them. In general, the less commercial an AS/AV product is, the more likely it is to detect a commercial spy package.

Re:Not a new issue

[skinfaxi]

The latest version of Symantec Antivirus finds and deletes at least one of those commercial products (Spy Recon)

probably already doing it

[oohshiny]

I suspect that plenty of spy agencies and police are using this approach, the Swiss are simply one of the few to acknowledge it.

Also, it doesn't really have to be "malware", in that it tries to install itself after the fact, these people can simply do on-the-wire replacement of software updates with software updates that have been modified specifically for their purposes (getting around signing is work, but feasible). Unfortunately, Linux is as susceptible to that as Windows and MacOS.

leaking the software

[proudhawk]

far be it for me to mention this, but....

what is to prevent someone from leaking the software
(or the source code therein) for whatever reason?

given what human nature is, it only stands to reason
that those who do not have will seek any means necessary
to acquire that which they do not have.

I see this program in the hands of those who have no business
having it within hours of its launch.

Re:it's Sweden

[zwaedi]

My friend,

next time before you shout out loud, have a look on a map and study the difference between

Sweden and Swiss .

Sorry to piss on the Swiss firework...

[pandrijeczko]

...but as someone who works as a techie in the VoIP industry, anybody who is anybody here is already deploying VoIP encryption wherever possible to stop precisely this kind of thing happening.

Anybody who's stupid enough to use VoIP without encryption probably has nothing useful worth listening to anyway...

Move along, nothing to see here.

another sony rootkit anybody?

Eventually it just be another Sony rootkit debacule.

BTW, how many viruses/trojan have been released based on Sony's toy?

Would be awesome if everybody had it.

[isometrick]

Definitely a more elegant solution, and I'd love to have it! But in the near-term, any crypto would be better than none.

Check out ZRTP if you want a real head-scratcher.

Scary thoughts

[iamacat]

by sjs132 (631745) on Monday October 09, @09:47PM (#16373281)
I write all my secrets onto yellow stickies... Then make the person that reads it shred and eat...

by cybercobra (856248) on Monday October 09, @09:47PM (#16373285)
Bad Idea.
If there's a backdoor, crackers will find it and they will exploit it.

And this gets installed on...

[Tavor]

If this gets installed on a box with another trojan, I'd give it three days tops before it gets discovered and put into the wild by Black Hats.

Check digital signatures

[sowth]

Which is why checking signatures is important. ..or at least hashes. I suppose ISPs could just substitue in their public key for every one you download and slip in their own hashes, but it would be more difficult. Especially if you traded keys some other way--such as face to face swaps, but usually only the paraniod do that...

A Swiss perspective

[batbertus]

Fun facts about Switzerland: 1. Our army needs seven years and 40 billion Swiss Francs (about 30 billion US Dollars) to be ready for war. 2. It's illegal to flush the toilet after 10 pm. (Nobody seems to know, however) 3. My government believes they can bug the VOIP of the country the most Macs per capita.

Re:A Swiss perspective

You forgot my favourite:

4. Until 1997, the swiss army kept a troop of homing pigeons for secret communication.

Rumor has it that the people responsible for this are still employed by the swiss government and are currently working on some clever VOIP surveillance project...

Re:A Swiss perspective

War? Who would want to invade Switzerland? It's full of crazy muthafuckers called "Swiss" and they've got lots of guns and cows.

Re:A Swiss perspective

[Myopic]

who are you going to war with?

Re:A Swiss perspective

[batbertus]

You should never rule out zee Germans -- Haven't you noticed how Berlin, Hamburg, or Munich are way too much fun these days?

Software != THING

[erroneus]

When will people start to understand this? It's one of the most basic and fundamental statements when first learning about "the computer." Software is a set of instructions for the computer to execute. It has more in common with a book than with a wrench.

Every time I read about how anyone, government or otherwise, wants to deploy some sort of software 'tool' to accomplish something, either to ensure security/privacy or to deny it, I invariable consider any means to defeat the measure or to use it for unintended purposes. I can't help it really, the mind is attracted to flaws... well, at least my mind is.

I hope, for the sake of our technological futures, that every child will be taught to understand that software is called software for a reason.

Re:it's Sweden

[kensan]

I hate to be pedantic, but the country's name is Switzerland not Swiss.

apple koolaid

[Panzergheist]

Steve, is that you?

why wants to be first

[v1]

to point out how utterly foolhearty "security through obscurity" is?

it will only be distributed to investigation agencies in the hopes of keeping it out of the hands of malicious hackers since firewalls apparently 'do not present a problem' for the software."

Last I checked, a hacker's main activity is finding things that you are trying to hide from them?

quantum leap

[Tom]

This is really a quantum leap in malware design. They apparently have a piece of software that can remotely infect an unknown operating system. It works on Windos, Linux, MacOSX, HP/UX, Symbian, Oracle Raw Iron and your TSR-80. It works on all VoIP-capable phones and equipment. It can penetrate all firewalls, regardless of make or ruleset. Your computer can be infect while it's turned off! The trojan will also adapt to new systems automatically and evolve to counter any security patches that might fix the holes it is exploiting. And it makes coffee.

A few decades ago, people like this were called con-man or snake-oil peddlers.

... Profit!

[Secrity]

From TFA:

"supply it solely to investigation agencies. This should also prevent antivirus manufacturers from incorporating it into their databases and having their tools recognise it. According to the manufacturer, firewalls do not present a problem.

Installation of the software wiretap is to be carried out on the instructions of a judge only. The ISPs of the persons under investigation will then slip the program onto their computers."

It says that the software will be supplied solely to investigation agencies to foil antivirus manufacturers. In the next paragraph, it says that the program will be provided to ISPs. The paragraphs are mutually exclusive, they can't keep it exclusive to investigation agencies and also provide it to ISPs. If ISPs are provided with the software it can be assumed that the software is in the wild, even if the ISPs don't have a clue about how they are going to 'slip' it onto a customer's computers.

1. An investigator at an agency types up a court order that specifies a requirement that the ISP "slip" the provided software on a customer's computer.

2. Judge signs the court order just like he always does, without having a clue about the technical jargon.

3. ISP receives the court order and a CDROM containing the program.

4. ...

5. PROFIT!

Re:... Profit!

Swiss also have internet voting...

Re:... Profit!

[Secrity]

I DO hope that the same people who thought up this little trojan idea are not the same people who designed the Swiss internet voting system.

Re:it's Sweden

[Starvingboy]

You have it backwards: They skate on Satan and Worship Butter. Plus, this is about the Swiss, not Swedish.

Re:it's Sweden

I hate to be pedantic, but the country's name is Switzerland not Swiss.

You mean "Confoederatio Helvetica" (hence .ch), or in English the "Swiss Confederation" :-)

7 words

shit, piss, fuck, cunt, cocksucker, motherfucker, tits*

Re:Don't Fuck with the Swiss they got that Army Kn

Imaging being screwed by the cork screw!

Now we know how Mr. Goatse got that way.

Public fraud

How much of the taxpayer's money have they wasted in this piece of crap?

Re:For very large values of four.

[DavidTC]

You counted 'it' twice.

Re: Court Order

[gryfen]

"Court Order"? You mean that thing that Bush was required by law to get for his Spy On America policy, said he would need to get, didn't bother to get, and got away with not getting? Hm.

The oft undocumented INCONSPICUOUS field ....

[Zero__Kelvin]

The program will save overheard conversations and send them to a server in small, inconspicuous packets.

Ah HA! Here is how they will keep ethereal from revealing their activities to me ... they plan to set the oft undocumented INCOSPICUOUS bit! My firewall really will be easily defeated, as I couldn't possible filter packets with the INCONSPICUOUS bit set!!!

Re: Court Order

[BuBu2]

It's not specifically Bush's fault... The NSA was spying on US citizens and the rest of the world since a very long time... That was also the case with Clinton and many others...