Slashdot Mirror

← Back to Stories (view on slashdot.org)

Germany Plans To Email Trojans

Posted by kdawson on from the we-can-do-it-but-you-can't dept.

speardane sends us word of a proposal in the German legislature to make it legal for that government to email spyware to terror suspects. The action comes in response to a court denying prosecutors' requests to break into suspects' computers over the Internet. The German chancellor supports the measure despite considerable outcry from political opponents and rights groups.

33 of 166 comments (clear)

  1. Fan-diddly-astic by LiquidCoooled · · Score: 5, Interesting

    It sounds like the honour virus to be honest, "We need to monitor you, if you would wear this covert recording hat whilst doing your illegal stuff it would be fan-diddly-astic".

    Will it be illegal to thwart the attack?

    Will it become illegal to use an alternative operating system or antivirus software or even just common sense to deflect these payloads?

    --
    liqbase :: faster than paper
    1. Re:Fan-diddly-astic by ColdWetDog · · Score: 5, Funny
      I just don't see how this is possible at all. How do you get those foil wrappers in an email? Just won't work.

      And besides, what happens if the guy is celibate? Or a Unix?

      --
      Faster! Faster! Faster would be better!
    2. Re:Fan-diddly-astic by FlyByPC · · Score: 4, Insightful

      Will it be illegal to thwart the attack?

      More to the point, would it be illegal to reverse-engineer the spyware and send the guvmint all sorts of interesting information (that it would presume to be the spyware reporting back in?)

      After all, Big Brother deserves the very best, right?
      --
      Paleotechnologist and connoisseur of pretty shiny things.
    3. Re:Fan-diddly-astic by Psion · · Score: 3, Funny

      Shhhhh! Listen!

      Whoooooooosh!

      Wow. I wonder what that was?

    4. Re:Fan-diddly-astic by Anonymous Coward · · Score: 2, Funny

      must be using those tubes the republican senators keep talking about.

    5. Re:Fan-diddly-astic by hazem · · Score: 5, Insightful

      yes. there was a story net a few says ago where a court ordered that the guy couldn't use anything other than windows because their monitering software only worked on it,

      There is a huge difference. In the case you're referring to, the man was already convicted of a crime. A result of conviction is often a loss of certain liberties and rights. As a condition of his parole (which can be quite arbitrary on the part of the state) he can continue to use a computer provided it is with the monitoring software running - this is only possible with Windows. It's difficult to make a case that will stand up that the conditions are particularly onerous or truly cruel and unusual.

      On the other hand, this article is about a case where a government wants to send spy software to suspected criminals in the homes they can get useful information for a prosecution. I'm not familiar with German law, but if this were the US, it's probably okay for the government to do this. There are similar tactics that have not been thrown out, such as mailing a "you won a prize" envelope to a suspected murderer/rapist - which he then licked, leaving his DNA, and returned - thus giving the probable cause for an arrest and prosecution).

      The government can't yet compel someone to give up their DNA and I suspect that a similar logic would be applied to a person's choice of computer software - the government can't compel you to use a certain kind of software just to make it convenient to gather data to be used against you. We are all presumed innocent and they have to have probable cause merely to investigate. To actually compel you to give up rights (requiring you to run specific software) you need to have a conviction... or a law that applies to all of us.

    6. Re:Fan-diddly-astic by CastrTroy · · Score: 2, Insightful

      Or forward it to 10,000 of your closest friends. After half the world's computers get infected, and we trace back the virus to the German government, we'll see how impressed the rest of the world is with them.

      --

      Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
    7. Re:Fan-diddly-astic by Opportunist · · Score: 4, Interesting

      Here's a more interesting thing: Would it be illegal to forward the same trojan to, say, the NSA with the intent to infect and making it look like it's from the German Feds?

      Think of the diplomatic fun we'll all have!

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  2. Thanks for the heads up... by tinrobot · · Score: 4, Funny

    ...sincerely,

    The Terrorists.

    1. Re:Thanks for the heads up... by Anonymous Coward · · Score: 5, Funny

      Terrorists read Digg, not Slashdot.

  3. Honeypot by Anonymous Coward · · Score: 3, Interesting

    Now wont the terrorists set up their own honeypots for these?

    I think it would be pretty cool to get a trojen written by the government, that sends data back to the government and is read by computers in the most secret government areas... imagine what terrorists could do if they find a bug in it?

  4. Via e-mail? by peipas · · Score: 5, Funny

    The leader of your terrorist cell has sent you an e-card! Double-click the attachment to view it!

    [Attached: ecard.exe]

  5. Email terror suspects and... by Jah-Wren+Ryel · · Score: 4, Insightful

    ...terror suspects will know they are being investigated.

    If I were a terrorist, or really any kind of nefarious criminal (because you just know there are foolish people salivating about doing the same to any criminal suspects) I would welcome this decision. If was a bad guy and I was worried that 'they' were on to me, receiving this trojan would be proof positive.

    And then I would take the opportunity to feed false information back to the people who sent me the trojan. Hooo boy, what a great way to make trouble for people I don't like, better than falsely reporting them to the IRS.

    --
    When information is power, privacy is freedom.
    1. Re:Email terror suspects and... by jc42 · · Score: 3, Insightful

      If was a bad guy and I was worried that 'they' were on to me, receiving this trojan would be proof positive.

      Nah; it would just mean that you had a computer (presumably one running MS Windows ;-).

      Note that they want the right to send it to any "terror suspect". The word suspect means anyone at all. If challenged, all they have to say is that they suspect you of something. Or they suspect a relative of yours. Or someone you knew in college 20 years ago. Or someone three houses down the street. Or someone with a name vaguely like yours. Or they learned that an ancestor of yours five generations ago wasn't German.

      Such a law is really just a legal excuse to do nasty things to anyone at all, at any time.

      The fun thing in this case is that you just know that their software would be isolated, probably within a week, and would soon be available at warez sites everywhere, for anyone's own private use. Someone annoying you? Send them a trojan that would start reporting all your keystrokes to the police.

      --
      Those who do study history are doomed to stand helplessly by while everyone else repeats it.
  6. Leave it to the Germans! by fishthegeek · · Score: 4, Funny

    To come up with a way to distribute birth control so efficiently! This would never work in America though, it's difficult enough getting them out of that quarter machine that resides in the restroom at the gas station.

    --
    load "$",8,1
  7. Also in other European countries by tonk · · Score: 4, Informative

    Papers that leaked from the German Federal Ministry of the Interior state that legal regulation allowing so called remote forensic searches exist
    - explicitly in Romania, Cypria, Latvia, Spain, and Switzerland,
    - implicitly in Slovenia,
    and that a similar approach to establish explicit allowance for remote forensic searches is ongoing in Sweden. At least readers in Sweden should contact their members of parliament and do some lobbyism. The current political discussion in Germany only got that public attention beacause some people started what they call nerd lobbyism.

    The German papers are available at http://netzpolitik.org/2007/bundesinnenministerium -beantwortet-fragen-zur-online-durchsuchung/

    It is also noteworthy that an also leaked draft of a new law regarding German federal criminal police (c.f. CCC press release at http://www.ccc.de/updates/2007/bkaterror) lists several other new or extended competencies.

    Criticism claims that Germany is on it's way to reinstate a secret police, with the last German incarnations being http://en.wikipedia.org/wiki/Stasi and http://en.wikipedia.org/wiki/Gestapo.

  8. How is this different? by im_thatoneguy · · Score: 2, Insightful

    How is this different from being allowed to tap someone's phone or plant a bug? As long as warrants are involved this sounds like the privacy law actually working since they aren't allowed to carry out any espionage that isn't specificially allowed by law.

    1. Re:How is this different? by Rudolf · · Score: 5, Informative

      How is this different from being allowed to tap someone's phone or plant a bug? As long as warrants are involved [...]

      With a warrant you have court approval. This is being done because the court did not grant approval.

      From the summary:
      The action comes in response to a court denying prosecutors' requests to break into suspects' computers over the Internet.

  9. If it can be abused, it will be.... by budword · · Score: 4, Insightful

    Next they will just email their super duper virus to child porn operators, then tax evaders, then jay walkers. As the DMCA and the Patriot Act have taught us, if it can be abused, it will. It's just human nature, or the nature of people who choose to work for the man, anyway.

  10. Re:Too bad Angela Merkel is also computer illitera by domatic · · Score: 2, Insightful

    I guess we need to wait for another generation to get into politics, the one that is currently growing up with computers.

    How is that going to help necessarily? The relative number of people who actually understand computers isn't going up. The current crop of high schoolers just uses (or attempts to use....) the things without the least understanding of the technical, societal, or political issues involved. If anything, they're even dumber. They put their whole lives on MySpace and Facebook for the perusal of others.

    To be sure, there are always new geeks coming along but without a radical shift in our own understanding of how things other than computers work, we aren't going to help matters much either.
  11. Next headlines: by Arancaytar · · Score: 2, Interesting

    Entire IP range used by governmental mail servers now blacklisted by most email filters.

    And I was half hoping it would finally grow out of fashion to be ashamed of this country now that the US was setting the world standard in pulling all this crap. Premature hope, apparently.

  12. You've got a friend! by Anonymous Coward · · Score: 3, Funny

    "You've got a friend! OsamaBL wants to add you to his friendslist, Cancel or Allow?"

  13. I expect its already being done by cdn-programmer · · Score: 2, Insightful

    I expect this is already being done. The only issue really is how to bring anything found into court.

    Non-Germans would be expected to have no rights in a German court of law. Non-Americans have little rights in an American Court of law. This means it is legal for one country's law enforcement personnel to spy on non-citzens ...and then trade data with the said country's law enforcement personnel.

    The thing is how a German citizen living in Germany would be taken into court in Germany.... Similarly, how would an American Citizen be taken into court in America? If the said individual lives outside of his own country then perhaps its a bit easier...

    Nevertheless, our authorities have been spying on everyone for decades.

    I think all this really boils down to is what is admissible in a court of law. I doubt it will have any effect on what our spies actually do on a day to day basis.

    1. Re:I expect its already being done by techno-vampire · · Score: 2, Informative
      Non-Americans have little rights in an American Court of law.


      Actually, that's not true. The Bill of Rights applies to all persons living in the USA, even undocumented aliens. They have the same right to a fair and impartial trial, the same right to confront their accuser, the same right to counsel and so on. Not just in theory, but in practice, too. (Except for impartial trials, because that's not always easy to enforce, and partiality can't always be proven. But the courts do try to be as fair as they can.)

      --
      Good, inexpensive web hosting
  14. There is still a chance... by zeromorph · · Score: 4, Informative

    ...that the Trojan won't actually be realized. (BBC):

    Justice Minister Brigitte Zypries, of the Social Democrats (SPD), has voiced concern about the spyware plans, saying they might infringe privacy laws,...

    But that depends on a lot of factors. Germany's biggest hacker organization the Chao Computer Club and others are very effectively campaigning against this plans.

    In recent news (only german, sorry) the federal police states that it won't be a trojan but what they call "remote forensic software" which they intend to install on the terrorists' computer manually. More like a software version of a bug (in the covert listening device sense).

    --
    "Hannibal's plans never work right. They just work." Amy/A-Team
  15. Subject by Dachannien · · Score: 4, Funny

    So what are they going to title the e-mail? I mean, they'll have to be really clever, to make sure the terrorists actually open it:

    "dude! you'll never believe what Osama said"
    "wow, I can't believe you haven't blown yourself up yet"
    "this video has your 72 virgins in it!"

    1. Re:Subject by 6Yankee · · Score: 2, Funny

      "this video has your 72 virgins in it!"

      The promise of 72 virgins is a powerful motivator, but nowhere does it say they won't all be male Slashdotters.

  16. Anti-hacking law? by dmclap · · Score: 2, Interesting

    Didn't Germany recently pass a law banning most "hacking" tools, and by extension, most tools that can be used to detect and defeat hacking? And if so, could these be related? I sincerely hope not, since if so, someone (or multiple persons) in the German government is outclassing the Bush administration in asshole terrorism laws. Suspected of terrorism? Get a trojan. Try to detect/remove the trojan? Break the law and get sent to jail anyway!

    Yes, I know that it can be a stretch to say that no hacking tools means you can't still defeat this trojan, but maybe they could either create a trojan that could only be defeated that way, or just expand the law in later years to make it illegal to use anti-virus software "in a way that interferes with a government investigation" or something. Either way, it could lead to some scary stuff if properly abused. Even if you don't start the cycle of getting sent to prison, a trojan can dig up some nice information about enemies of yours.

  17. Re:1A Plan, really! by Opportunist · · Score: 3, Insightful

    You'll have a hard time getting that through.

    The German government could technically issue a "please do not find" letter. Now, I know a few people with a few AV labs and such a letter would most likely be met (inofficially) immediately with a shady tool on a shady page finding exactly this trojan and nothing else.

    But let's just for a moment assume that this won't happen. Instead, KAV gives the German government the finger, citing the "Russia is big, the Czar is far" proverb. Avira would most likely be forced to comply, sitting in Germany, so would probably some other EU-based AV vendors.

    They would, though, immediately go to Den Hague and sue for unfair trade disadvantages due to the laws in one member country.

    AV writers tend to be a zealous lot. If you think the EFF is hard on GPL violations, you've never seen AV fanatics meet malware proponents.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  18. "terror suspects" by nurb432 · · Score: 2, Interesting

    Ya, that label will never be abused.

    --
    ---- Booth was a patriot ----
  19. So they have developed Time-Travel Email? by MrSteveSD · · Score: 2, Funny

    I thought the Trojans were wiped out long ago.

  20. Actually, the artillery DOES pay for damage by crovira · · Score: 2, Informative

    caused by an errant shell.

    Well in peace time anyway.

    I had a sister who lived in Lawton OK for a long time and a few random shells made way from the artillery range from time to time.

    That's why they fire duds. The damage is limited to a small diameter.

    --
    MSBPodcast.com The opinions expressed here are my own. If you don't like 'em... Think up your own stuff.
  21. Re:Too many holes to fly for long... by nospam007 · · Score: 2, Interesting

    Will the German government call upon anti-virus makers to allow the Trojans to be inserted onto machines without a red flag being raised?

    Will the anti-virus companies go along with such a request?

    --
    They already said they'd refuse.