Slashdot Mirror

← Back to Stories (view on slashdot.org)

Swiss to Use Spyware to Listen to VoIP

Posted by ryuzaki0 on from the not-thinking-ahead dept.

An anonymous reader writes "Heise Security is reporting that the Swiss Department of the Environment, Transport, Energy and Communications is entertaining the idea of utilizing the 'Superintendant Trojan', a spyware program designed to allow eavesdropping on VoIP conversations. According to ERA IT Solutions, the creator of the software, it will only be distributed to investigation agencies in the hopes of keeping it out of the hands of malicious hackers since firewalls apparently 'do not present a problem' for the software."

2 of 188 comments (clear)

  1. Re:yea right by isometrick · · Score: 5, Informative

    The omg-leak-to-blackhat bit isn't a big deal. Any blackhat worth his weight in RAM chips could cobble something together to record incoming/outgoing RTP traffic on a local network interface (in the case of SIP/RTP VoIP, and similar in IAX, H.323 and other protocols). It's just a few header fields and then pure Mu-law or A-law audio in most cases and other publicly available codecs in other cases.

    It'd probably be more work to reverse engineer this trojan as opposed to writing something to do it yourself. It definitely would be for me. And from some experience with other 'law enforcement'-type programs, it's probably shit anyway.

    The worrisome bit is utilizing trojans for law enforcement, even with some kind of judicial review (scoff).

    It will also only be really useful when Joe User starts using VoIP, because it'd be much harder to get your average power user to install something infected with the trojan.

    And end-to-end encryption renders it completely useless anyway, unless it actually reads pre-encrypted stuff from memory. Hopefully VoIP providers will get off their collective asses and get SRTP et al. working.

    Just my $0.02.

  2. Re:Dear Swiss People by elebeik · · Score: 4, Informative

    Uhm, why exactly is this post insightful?
    Do you know the first thing about Switzerland anyway?
    FTA: "[...]is therefore examining the use of spy software to allow it to listen in on conversations on PCs[...]" I say: Yay for the Swiss government. They are examining this? Good, examining doesn't hurt. The press (ok, one newspaper... they might be misinformed) has heard about it and published it. People are being informed.
    The contrast to the USA?
    Well, firstly i'm sure somebody is examining the possible use of this or similar software in the US, too. But contrary to the US, Switzerland does not have a Patriot Act or similar stupid laws to allow wiretaps without a warrant.
    Secondly, Switzerland is a direct democracy. The Swiss people can actually oppose anything the government decides and put it up to a vote. Yes, you heard right: no president can decide 'let's take away some rights from the people' without the people having the last word (for that matter, our executive is made up of 7 'ministers' (Bundesrat), with all of them together not having as much power as the US president on his own!).
    So, to sum up my rant: I have no big fear of my government spying on me, while I am certain the NSA is spying on all of us. "Welcome to the USA!!!", indeed, for the world is your playground for all you care (and no, I don't hate Americans, just can's stand the current administration).