Swiss to Use Spyware to Listen to VoIP

An anonymous reader writes "Heise Security is reporting that the Swiss Department of the Environment, Transport, Energy and Communications is entertaining the idea of utilizing the 'Superintendant Trojan', a spyware program designed to allow eavesdropping on VoIP conversations. According to ERA IT Solutions, the creator of the software, it will only be distributed to investigation agencies in the hopes of keeping it out of the hands of malicious hackers since firewalls apparently 'do not present a problem' for the software."

4 words:

[creepynut]

Create it and they will get it.

Re:4 words:

[creepynut]

Haha... 4 words. Make that 7, because I don't know how to count.

yea right

[grapeape]

If the trojan can be installed it can be sniffed out and discovered. I give it at tops a week of deployment before someone figures out what it is how it works and backwards engineers it into instant maymem for all the black hats.

Re:yea right

[whoever57]

If the trojan can be installed it can be sniffed out and discovered.

Which then raises the interesting question: how will anti-spyware vendors (including MS) respond to this? There really are no good solutions for an anti-spyware vendor in this case, since detecting it could be considered as hindering law enforcement, which would be illegal in many jurisdictions.

Re:yea right

[Coldmoon]

"There really are no good solutions for an anti-spyware vendor in this case, since detecting it could be considered as hindering law enforcement..."

Actually it will turn out to be the exact opposite. Once the program is in the wild and the black hats get their hands on it, both the AV and AS vendors will have no other choice than to add it to their detections.

Regardless of whether the detection is for the original Trojan or not, any subsequent black hat variations found would be added and the original would in all likelihood be flagged due to the particular (add your own term here) scanning technology.

Re:yea right

[isometrick]

The omg-leak-to-blackhat bit isn't a big deal. Any blackhat worth his weight in RAM chips could cobble something together to record incoming/outgoing RTP traffic on a local network interface (in the case of SIP/RTP VoIP, and similar in IAX, H.323 and other protocols). It's just a few header fields and then pure Mu-law or A-law audio in most cases and other publicly available codecs in other cases.

It'd probably be more work to reverse engineer this trojan as opposed to writing something to do it yourself. It definitely would be for me. And from some experience with other 'law enforcement'-type programs, it's probably shit anyway.

The worrisome bit is utilizing trojans for law enforcement, even with some kind of judicial review (scoff).

It will also only be really useful when Joe User starts using VoIP, because it'd be much harder to get your average power user to install something infected with the trojan.

And end-to-end encryption renders it completely useless anyway, unless it actually reads pre-encrypted stuff from memory. Hopefully VoIP providers will get off their collective asses and get SRTP et al. working.

Just my $0.02.

Re:yea right

[mattr]

hacker: 100kg
sd card: US$124 / 2 grams ($61/g)

hacker's weight in ram chips: $610,000

OMG...

[Pharmboy]

I can't believe I just read that. They think they can use it and it won't get in the wild? This sounds as smart as the judge in the Spamhaus case, as in, totally clueless about "that there interweb spying softywear".

I really don't believe this

[El+Cubano]

...it will only be distributed to investigation agencies in the hopes of keeping it out of the hands of malicious hackers...

Do they really think so?

I mean, that completely ignores human nature. Come on.

• radar detectors
• traffic light remotes (the new ones that only emergency vehicles are supposed to have)
• guns in countries where guns are illegal
• police-band radios

All these things have one thing in common: they are not supposed to be accessible to the general public (or at least initially were not supposed to be) and yet they are. Legality does not stop criminals.

Re:I really don't believe this

[wordsnyc]

Actually, police-band radios have always been legal in the US (not in the UK, though). But with the rise of digital encrypted radio systems, those days may be fading fast, as it's a federal crime to even try to decrypt the transmissions.

Ok, let's analyze this a bit, shall we?

[Weaselmancer]

Two things stand out right away. Point one:

the 'Superintendant Trojan', a spyware program designed to allow eavesdropping on VoIP conversations

Ok, so it's spyware. It sneaks onto a system and installs itself. Gotcha. That moves us to point two:

it will only be distributed to investigation agencies in the hopes of keeping it out of the hands of malicious hackers

Ok. Got it. So to sum up, what they're saying is that they don't want anyone to get it, but they need to install it on a target's system in order for it to work. And a target would be someone the law was interested in who was computer literate. Like, say....hackers, for instance.

I love things that are broken by design.

Installation?!?

[iOsiris]

I wonder how they plan to install these things onto the target computers?

The Victim

[NevDull]

Well, the thing about Trojans, is that the victim installs them.

This article is complete and utter bullshit.

"VoIP" is not a single computing platform or implementation.

Re:Depends.

[Captin+Shmit]

"The ISPs of the persons under investigation will then slip the program onto their computers."

How do they plan on doing that, exactly?

Dear Swiss People

[SQLz]

Welcome to the USA!!!

Re:Dear Swiss People

[elebeik]

Uhm, why exactly is this post insightful?
Do you know the first thing about Switzerland anyway?
FTA: "[...]is therefore examining the use of spy software to allow it to listen in on conversations on PCs[...]" I say: Yay for the Swiss government. They are examining this? Good, examining doesn't hurt. The press (ok, one newspaper... they might be misinformed) has heard about it and published it. People are being informed.
The contrast to the USA?
Well, firstly i'm sure somebody is examining the possible use of this or similar software in the US, too. But contrary to the US, Switzerland does not have a Patriot Act or similar stupid laws to allow wiretaps without a warrant.
Secondly, Switzerland is a direct democracy. The Swiss people can actually oppose anything the government decides and put it up to a vote. Yes, you heard right: no president can decide 'let's take away some rights from the people' without the people having the last word (for that matter, our executive is made up of 7 'ministers' (Bundesrat), with all of them together not having as much power as the US president on his own!).
So, to sum up my rant: I have no big fear of my government spying on me, while I am certain the NSA is spying on all of us. "Welcome to the USA!!!", indeed, for the world is your playground for all you care (and no, I don't hate Americans, just can's stand the current administration).

A Swiss perspective

[batbertus]

Fun facts about Switzerland: 1. Our army needs seven years and 40 billion Swiss Francs (about 30 billion US Dollars) to be ready for war. 2. It's illegal to flush the toilet after 10 pm. (Nobody seems to know, however) 3. My government believes they can bug the VOIP of the country the most Macs per capita.