Slashdot Mirror

← Back to Stories (view on slashdot.org)

Swiss to Use Spyware to Listen to VoIP

Posted by ryuzaki0 on from the not-thinking-ahead dept.

An anonymous reader writes "Heise Security is reporting that the Swiss Department of the Environment, Transport, Energy and Communications is entertaining the idea of utilizing the 'Superintendant Trojan', a spyware program designed to allow eavesdropping on VoIP conversations. According to ERA IT Solutions, the creator of the software, it will only be distributed to investigation agencies in the hopes of keeping it out of the hands of malicious hackers since firewalls apparently 'do not present a problem' for the software."

2 of 188 comments (clear)

  1. Re:yea right by Coldmoon · · Score: 5, Insightful

    "There really are no good solutions for an anti-spyware vendor in this case, since detecting it could be considered as hindering law enforcement..."

    Actually it will turn out to be the exact opposite. Once the program is in the wild and the black hats get their hands on it, both the AV and AS vendors will have no other choice than to add it to their detections.

    Regardless of whether the detection is for the original Trojan or not, any subsequent black hat variations found would be added and the original would in all likelihood be flagged due to the particular (add your own term here) scanning technology.

    --
    Coldmoon over Dark water...
  2. Re:yea right by isometrick · · Score: 5, Informative

    The omg-leak-to-blackhat bit isn't a big deal. Any blackhat worth his weight in RAM chips could cobble something together to record incoming/outgoing RTP traffic on a local network interface (in the case of SIP/RTP VoIP, and similar in IAX, H.323 and other protocols). It's just a few header fields and then pure Mu-law or A-law audio in most cases and other publicly available codecs in other cases.

    It'd probably be more work to reverse engineer this trojan as opposed to writing something to do it yourself. It definitely would be for me. And from some experience with other 'law enforcement'-type programs, it's probably shit anyway.

    The worrisome bit is utilizing trojans for law enforcement, even with some kind of judicial review (scoff).

    It will also only be really useful when Joe User starts using VoIP, because it'd be much harder to get your average power user to install something infected with the trojan.

    And end-to-end encryption renders it completely useless anyway, unless it actually reads pre-encrypted stuff from memory. Hopefully VoIP providers will get off their collective asses and get SRTP et al. working.

    Just my $0.02.