Slashdot Mirror

← Back to Stories (view on slashdot.org)

Bavarian Police Can Legally Place Trojans On PCs

Posted by kdawson on from the trust-us-we-would-never-abuse-this-power dept.

An anonymous reader writes "The Bavarian Parliament passed a law that allows Bavarian police to place 'Remote Forensic Software' (Google translation) on a suspect's computer as well as on the computers of a suspect's contacts. They may break into houses in secret to install the RFS if a remote installation is not possible; and while they are there a (physical) search is permitted too. The RFS may be used to read, delete, and alter data." The translation says that RFSs may be used in cases of an "urgent threat to the existence or the security of the Federation or a country or physical, life or liberty of a person... Even where there is a reasonable assumptions on concrete preparatory acts for such serious offenses."

15 of 256 comments (clear)

  1. Re:Yes, by Anonymous Coward · · Score: 1, Insightful

    I imagine they could reset the bios (in case you'd cleverly set a bootup password), insert a windows (probably XP) CD (as Vista's whole activation thing would make the whole process clunky) and boot up, installing with whichever readily-available corporate activation key they liked (as, since they're not going for security here, they don't need it to be able to install SP2/3)... and then install their trojan. That "delete and alter data" thing could be carried quite far I would think depending on how the whole thing was worded.

  2. Threat to liberty... by Anonymous Coward · · Score: 1, Insightful

    Let's get this right. They can act to install trojans and perform physical searches when there's a threat to the liberty of a Bavarian - and in so doing, they threaten the liberty of EVERY Bavarian. Does that mean they're now allowed to install trojans and perform physical searches in every Bavarian home and business, given that everybody's liberty is now under threat? /joking, but laws like this are not a laughing matter

  3. Re:Yes, by MacDork · · Score: 5, Insightful

    I think the bigger threat here is that they can break into your house without your knowledge and search it in secret. I guess the Gestapo taught them nothing.

  4. Re:Yes, by Anonymous Coward · · Score: 5, Insightful

    Yeah, cause it's nothing like the PATRIOT act in the US

  5. Re:Bavaria? by Anonymous Coward · · Score: 1, Insightful

    so... you don't know that BMW is a German car?
    Bayerische Motoren-Werke = Bavarian Motor Works

  6. Forensic? by gruntled · · Score: 4, Insightful

    Um, "forensic" software is typically designed to *prevent* the alteration of data. Otherwise you can't reliably go into court and prove that you haven't planted the evidence. Last I heard, Germany still embraced the concept of due process...

    Not sure whether this is a crazy law passed by some locals that will be struck down by German courts, a bad write up, or a bad translation...

    1. Re:Forensic? by satmd · · Score: 4, Insightful

      Yes, the translation is mostly correct, but is missing few details: The Verfassungsgericht (highest judicial institution over here) stated that this kind of investigation is illegal and put very high barriers on it... for the whole of Germany. AND they put up a new consitutional right on "digital privacy". The barrier is that high that it should be near to impossible to implement the trojan in a way to stay within law. Now the Bavarians thought they know better and updated their local laws and declared them to be "in accordance" with the new barriers (which they most likely are not and thus are going to get that struck down again). Also... they are NOT allowed to physically enter the house/rooms/flat/... in order to install the trojan. They have to deploy it remotely by dialup or internet. If that was allowed they could secretly search through your other belongings, which is explicitely forbidden to happen with the owner not being around. People have the right to witness a raid or execution of a search warrant. And yes, the risk of alteration is real, so the so-called evidence will probably be very weak and should not last very long in court. Yet, I fear that the "evidence" might be remembered and used to investigate into other activities. Police may use evidence from one case to prove another case. THIS is very dangerous.

  7. copy, paste, be done with it by Anonymous Coward · · Score: 1, Insightful

    These are all the same exact comments as when another country passed a law like this... it was called the PATRIOT act. Only a matter of time before the US forces every country in the world to pass a similar law so they can all work together against the invisible tirrrists. So unless you have something new to say about this disturbing trend, lets just copy and paste the old comments.

  8. Encrypted Drives by nurb432 · · Score: 2, Insightful

    If you encrypt your drive, and don't leave it running while you are gone, unless they guess your password not much they can do.

    --
    ---- Booth was a patriot ----
  9. Ironically it is admissible by Orion+Blastar · · Score: 2, Insightful

    in a court of law even if the trojan is programmed to download porn and other things over the Internet. I can recall American employers using trojans like that to fake employees surfing the Internet too much to fire them for it. "He surfed for porn for more than 5 hours each day, so he fired him" when really the trojan surfed porn and planted it on his computer. They do that sort of thing when they want to discriminate against an employee for their religion, race, color, national origin, disability, age, gender, or whatever. It is a way to avoid discrimination laws and civil rights, just fake evidence that the employee did something wrong and that is good enough to get a court to agree with you that you didn't violate his/her rights.

    --
    Remember, Slashdot does not have a -1 disagree moderation, and no, troll, flamebait, and overrated are not substitutes.
  10. Re:Yes, by KiloByte · · Score: 3, Insightful

    If they are allowed to break in, they can install a hardware keylogger. Which yes, does run against linux.

    --
    The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
  11. Re:Clubies by domatic · · Score: 2, Insightful

    Symantec and Grisoft most likely are doing the spineless thing in regards to such tools already. I have a suspicion the ClamAV guys wouldn't have a problem with the signatures and even if they do third parties have ClamAV sigs now.

  12. Re:Please by scaryjohn · · Score: 5, Insightful

    The Federal government has been violating due process and the US Constitution since FDR was in office.

    Really? We didn't violate due process before FDR? I know you were trying to make a point, but what about Wilson? Lincoln? Jackson? Or Adams? How about Washington?

    --
    One might ask the same about birds. What ARE birds? We just don't know.
  13. Fruit of the Poisoned Vine by redelm · · Score: 2, Insightful
    Ah well, the Bavarians are doing their independence thing, sharply deviating from the Federal Verfassungsgericht. And probably from the EU Charter of Rights and Freedoms. They know it, and are doing it precisely for that effect.

    But watch: there will be abuses immediately (cops cannot help themselves, they have a compulsion to "fight crime") and in about 3 years one will be egregious and funded enough to make it to seriously senior courts. Then one of these (especially the EU) will seek to exert its' jurisdiction with a ruling like the US "fruit of the poisoned vine" doctrine.

    Odd thing is, the bayricherbeamter are anything but stupid and may even see and desire this.

  14. I think I spot a teeny, tiny flaw... by nick_davison · · Score: 3, Insightful

    The RFS may be used to read, delete, and alter data.

    So, getting this straight... They have the right to modify data in ways that can't be [reasonably] detected... and then they can use this data to press charges?

    "Of course not your honor! It was different data we changed. The incredibly convenient file that says, 'I am guilty, it's a fair cop, guv! Oh yeah, it was me!' was there all along."

    You're on incredibly shaky ground when you allow the police to manufacture information where they may subsequently use information to support charges. As soon as one dirty cop gets caught manufacturing evidence, you've devalued the entire method for gaining it. How long before the standard defense becomes, "My client has never seen that file before. Given the police routinely add and modify files on people's computers, prove beyond a reasonable doubt that they didn't put it there themselves and then change the logs to simply make it look like my client did it."