Slashdot Mirror

← Back to Stories (view on slashdot.org)

Bavarian Police Can Legally Place Trojans On PCs

Posted by kdawson on from the trust-us-we-would-never-abuse-this-power dept.

An anonymous reader writes "The Bavarian Parliament passed a law that allows Bavarian police to place 'Remote Forensic Software' (Google translation) on a suspect's computer as well as on the computers of a suspect's contacts. They may break into houses in secret to install the RFS if a remote installation is not possible; and while they are there a (physical) search is permitted too. The RFS may be used to read, delete, and alter data." The translation says that RFSs may be used in cases of an "urgent threat to the existence or the security of the Federation or a country or physical, life or liberty of a person... Even where there is a reasonable assumptions on concrete preparatory acts for such serious offenses."

32 of 256 comments (clear)

  1. Yes, by Daimanta · · Score: 5, Funny

    but does the trojan run on linux?

    --
    Knowledge is power. Knowledge shared is power lost.
    1. Re:Yes, by brunokummel · · Score: 3, Interesting

      but does the trojan run on linux?

      Funny how the context allows a "does it run on linux" joke get modded up as insightful....

      ...What about the Soviet Russia jokes? Will they get mod as informative?

      --
      What is best in life? To crush your enemies, to see them driven before you and to hear the lamentations of their women.
    2. Re:Yes, by Daimanta · · Score: 4, Funny

      In the German state Bavaria, the police trojans you!

      No, it simply doesn't have that ring to it.

      --
      Knowledge is power. Knowledge shared is power lost.
    3. Re:Yes, by MacDork · · Score: 5, Insightful

      I think the bigger threat here is that they can break into your house without your knowledge and search it in secret. I guess the Gestapo taught them nothing.

    4. Re:Yes, by Anonymous Coward · · Score: 5, Insightful

      Yeah, cause it's nothing like the PATRIOT act in the US

    5. Re:Yes, by colinrichardday · · Score: 4, Funny

      Come on, now. I'm pretty sure the Gestapo knew how to break into houses and search them in secret.

    6. Re:Yes, by umghhh · · Score: 5, Informative

      The original post has few problems

      1. the link does not work - I suppose it was meant to be this:
      http://www.heise.de/newsticker/Bundesrat-will-heimliche-Online-Durchsuchungen-auf-Terrorabwehr-beschraenken--/meldung/110466

      2. this article says that Bavaria did NOT managed to extend existing proposal on searching, eavesdropping etc, existing proposal is maybe not that nice but it was apparently less harmful politically than the Bavaria's extension.

      Besides similar laws (lows?) already exist although not really in such drastic form. OTOH secret services do what it wants anyway - Germans violated its own and other countries' law to get account data of tax criminals. I believe there are countries where even suspicion that evidence was produced illegally or on information received illegally would nullify the whole proceeding. In Germany it apparently is not that important how you get your data as long as you can prosecute whoever you want. I guess each country has its quirks when it comes to powers that the state has.

    7. Re:Yes, by Hal_Porter · · Score: 4, Interesting

      When I was in Munich I had a phone and a PC. The PC had voicemodem so it could act as a answering machine / fax machine. I got some cables to plug it into the phone socket. And the wierd thing is I could get the phone to work or the PC but not both. It turns out that German phone sockets will only allow one device to be connected. Someone said that this was to "prevent eavesdropping. In Germany this is regarded as important because of our experience of Nazism".

      I said something like "if the Nazis tapped phones they presumably did it at the exchange, not by having some sinister dude in a leather coat, monacle and jackboots sitting in the spare room taking notes". The German guy explaining gave me a very dirty look.

      --
      echo -e 'global _start\n _start:\n mov eax, 2\n int 80h\n jmp _start' > a.asm; nasm a.asm -f elf; ld a.o -o a;
    8. Re:Yes, by svank · · Score: 4, Funny

      Because no one will notice that their freakin' operating system got changed.

    9. Re:Yes, by Anonymous Coward · · Score: 5, Funny

      Hey, at least they use trojans when they screw you.

    10. Re:Yes, by KiloByte · · Score: 3, Insightful

      If they are allowed to break in, they can install a hardware keylogger. Which yes, does run against linux.

      --
      The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
    11. Re:Yes, by Pogue+Mahone · · Score: 4, Informative
      I moved to Germany 10 years ago, and that confused me too. Some of the multi-way phone sockets have a "priority" system - the rightmost (or leftmost - I forget which) gets the line. If you look inside the box it's a simple break-switch. Also the N and F type connectors are very confusing. But if you take the boxes apart and wire everything in parallel it just works as normal.

      I assumed that the system was devised to prevent overloading - most commercial exchanges have some kind of limit on how many phones they can support. In the UK it's called "ringer equivalence number" and if you exceed it they don't guarantee that your phones will work. In practice it's the ringers that fail first.

      --
      Every bloody emperor has his hand up history's skirt [Peter Hammill/VdGG]
    12. Re:Yes, by Pogue+Mahone · · Score: 4, Informative
      Here's the real link:
      http://www.heise.de/newsticker/Bayerischer-Landtag-setzt-den-Bayerntrojaner-frei--/meldung/110426

      It's from yesterday. The story you link to is today's and is talking about the Bundesregierung as opposed to the Staatsregierung Bayern. Roughly speaking, it's the equivalent of Federal and State government in the US.

      The article says that the law has no chance of survival - it's pretty clearly in violation of the German constitution, and most Germans take their constitution *very* seriously.

      My take is that it's a typical "bargaining play": aim for the moon, and if you fall on the clouds, well, it's still better than the hilltop position that you really wanted. Compare the tactic with the *IAA's lobbying. They ask for outrageous new laws, everyone gets upset and writes to their reps, the law eventually gets watered down, and everyone goes home happy, failing to notice that the *IAA have achieved yet another step along the way to their goal of total control.

      --
      Every bloody emperor has his hand up history's skirt [Peter Hammill/VdGG]
    13. Re:Yes, by Zemran · · Score: 4, Interesting

      China has quietly been spending as much as the US on their military (without the outgoing expense of 2 theatres of war) for 10 years and has 2,000,000 soldiers in uniform. 10 years ago your view would have been stupid but nowadays it is worrying that people have not noticed how the world has changed. China is already stronger than the US and is growing while the US is in decline. Russia is already back in the frame and growing fast. The US could easily be in 3rd place in 10 years time if people do not wake up soon.

      People talk about the 1990s as if Russia collapsed but it did not. It had 4 times the military that the US had and it could not cope with the cost. It cut right back at a speed which looked like collapse but they kept all the good stuff (titanium hulled subs etc.) and grew from that. They are back in the game and growing fast.

      I was in China 10 years ago (I look forward to going back) and could see no reason why they would want to rise up against anything. The country is so different from the picture painted in our media that it was hard to recognise it. I was in Russia 5 years ago (and hated the place) and saw a people wholeheartedly behind their government.

      If we, in the west, do not pull our heads out of our arses we will end up losing a major conflict soon as we will end up having to fight in Taiwan or North Korea and we could easily be on the losing side if we still think that Chinese missiles are 1950 models when they took our designs 10 years ago and improved on them.

      --
      I love stacking my barbecues in the shed at the end of summer - you can't beat a bit of grill on grill action.
  2. Bavaria? by Eudial · · Score: 4, Informative

    In my ignorance, I asked myself "where the hell is Bavaria?". So I wiki'd it. Turns out, it's in Germany.

    The more you know...

    --
    GAAH! MY PRINTER IS ON FIRE!!! PUT IT OUT! PUT IT OUT!
    1. Re:Bavaria? by K.+S.+Kyosuke · · Score: 3, Funny

      In another news, California was found to be a US state! Film at eleven.

      --
      Ezekiel 23:20
  3. Re:This is strange... by KingOfBLASH · · Score: 3, Interesting

    I thought that the memories of the Geheime Staatspolizei made sure the germans would never approve of such things...

    Most people who were alive to see World War II Germany have passed on. I think this allows the forgetfullness we see across the world -- and unfortunately is allowing history to repeat itself in the restriction of rights in many countries...

  4. In German state of Bavaria by Anonymous Coward · · Score: 5, Funny

    Polizei in lederhosen kann deine computerhosen.

  5. Forensic? by gruntled · · Score: 4, Insightful

    Um, "forensic" software is typically designed to *prevent* the alteration of data. Otherwise you can't reliably go into court and prove that you haven't planted the evidence. Last I heard, Germany still embraced the concept of due process...

    Not sure whether this is a crazy law passed by some locals that will be struck down by German courts, a bad write up, or a bad translation...

    1. Re:Forensic? by satmd · · Score: 4, Insightful

      Yes, the translation is mostly correct, but is missing few details: The Verfassungsgericht (highest judicial institution over here) stated that this kind of investigation is illegal and put very high barriers on it... for the whole of Germany. AND they put up a new consitutional right on "digital privacy". The barrier is that high that it should be near to impossible to implement the trojan in a way to stay within law. Now the Bavarians thought they know better and updated their local laws and declared them to be "in accordance" with the new barriers (which they most likely are not and thus are going to get that struck down again). Also... they are NOT allowed to physically enter the house/rooms/flat/... in order to install the trojan. They have to deploy it remotely by dialup or internet. If that was allowed they could secretly search through your other belongings, which is explicitely forbidden to happen with the owner not being around. People have the right to witness a raid or execution of a search warrant. And yes, the risk of alteration is real, so the so-called evidence will probably be very weak and should not last very long in court. Yet, I fear that the "evidence" might be remembered and used to investigate into other activities. Police may use evidence from one case to prove another case. THIS is very dangerous.

  6. fud, Fud, FUD! by jps25 · · Score: 3, Informative

    I know this is slashdot and jumping at anything so we can scream 1984!!! POLICE STATE!!11!!! gets you modded informative or insightful, but this slashdot article is just crap.

    The "Bundestrojaner" will only be used as a last resort and in defense to terrorism, as you can read here in an article posted today, denying the Bavarian request to use it for other crimes not directly related to terrorism.
    Poor google translation:
    http://translate.google.com/translate?u=http%3A%2F%2Fwww.heise.de%2Fnewsticker%2FBundesrat-will-heimliche-Online-Durchsuchungen-auf-Terrorabwehr-beschraenken--%2Fmeldung%2F110466&hl=en&ie=UTF8&sl=de&tl=en

    Ah, screw it. 1984!!! ORWELLIAN STATE!! BURN THE WITCHES!

    1. Re:fud, Fud, FUD! by witherstaff · · Score: 4, Interesting

      Oh sure and the US Patriot Act was only for terrorists. It'd never be used improperly or wrongly

  7. Re:Threat to liberty... by Hatta · · Score: 4, Interesting

    Yeah it's funny when you put it that way, but that's how it usually is. When a government takes an action under the guise of national security, the nation is actually less secure because a stronger government is a greater threat to liberty.

    --
    Give me Classic Slashdot or give me death!
  8. Re:Where? by RiotingPacifist · · Score: 3, Funny

    Thats simply because not enough of it is on fire to make it stand out on google earth!

    --
    IranAir Flight 655 never forget!
  9. Inadmissible? by ThatsNotFunny · · Score: 3, Interesting

    If the software they install can delete and alter files, how can any evidence they procure be admissible in a court of law?

    --
    "Was it a millionaire who said 'Imagine No Posessions?'" -- Elvis Costello
  10. Please by Orion+Blastar · · Score: 5, Informative

    Bill Clinton had Carnivor and Magic lantern for this sort of thing long before Bush was even in the White House, around 1995.

    The Federal government has been violating due process and the US Constitution since FDR was in office.

    Don't try and pretend that Bush was the first to do this sort of thing with the Patriot Act, all he did was use it to amend the Constitution.

    --
    Remember, Slashdot does not have a -1 disagree moderation, and no, troll, flamebait, and overrated are not substitutes.
    1. Re:Please by scaryjohn · · Score: 5, Insightful

      The Federal government has been violating due process and the US Constitution since FDR was in office.

      Really? We didn't violate due process before FDR? I know you were trying to make a point, but what about Wilson? Lincoln? Jackson? Or Adams? How about Washington?

      --
      One might ask the same about birds. What ARE birds? We just don't know.
  11. Typo in title by gmuslera · · Score: 3, Funny

    Barbarian Police Can Legally Place Trojans On PCs

  12. Sorry, you are wrong by kju · · Score: 4, Informative

    Sorry, most of what you said or suspected is wrong. The system is actually a very clever design which prevents interruption of data/fax calls by the phone and in fact also eavesdropping from another phone inside the house.

    The "multi-way phone sockets" are usually of the NFN-Type. Here F means "Fernsprecher" (Phone) while N means "Nicht-Fernsprecher" (Non-Phone). The socket is designed so that the line goes first to the left N socket , then to the right N socket and finally to the F socket. The phone will always be the last in chain. A non-phone device (fax, modem) plugged into one of the N sockets is supposed to have two electronic switches inside which will chain-through the line to the next socket when the device does not use the line. So if you are not sending a fax or surfing the net, you will be able to use the phone normally. However when the fax/modem takes over, the phone will be cut off. This clever trick prevents you from interfering with the transmission by picking up the phone.

    As you are not supposed to plug two phones into one box, this also prevents eavesdropping. Overload prevention is not the reason. There were and are devices available which either are put before the NFN-box and allow to wire another NFN-box or contain a F or NFN socket themselves. Both will allow to wire a second phone and of course you could use more than one of these devices. These device however contain a automatic switch will will cut-off the other phone when one is in use. But they will all ring.

    1. Re:Sorry, you are wrong by kju · · Score: 3, Informative

      A non-phone device (fax, modem) plugged into one of the N sockets is supposed to have two electronic switches inside which will chain-through the line to the next socket when the device does not use the line. So if you are not sending a fax or surfing the net, you will be able to use the phone normally. However when the fax/modem takes over, the phone will be cut off. This clever trick prevents you from interfering with the transmission by picking up the phone.

      One addition: The design can also be used to detect if the chained-through phone is picked up. This allows to design for example a answering machine (plugged into N) in such a way that the machine automatically stops when the phone is picked up, allowing the human user to "take over" the call from the machine.

  13. So, this is what one needs to do: by mlwmohawk · · Score: 3, Interesting

    Run Linux
    Encrypt Boot and home disks.
    Encrypt everything.
    md5sum *everything*
    Boot off a knoppix or install CD periodically.
    Keep a spare motherboard around and/or change motherboards frequently.
    Always buy a name brand ethernet card that is a different chipset than your motherboard.
    Run wireshark on your laptop which you *NEVER* let out of your sight.

    Remember, thieves will only steal your stuff. The government will steal your life and liberty if it is politically possible.

  14. I think I spot a teeny, tiny flaw... by nick_davison · · Score: 3, Insightful

    The RFS may be used to read, delete, and alter data.

    So, getting this straight... They have the right to modify data in ways that can't be [reasonably] detected... and then they can use this data to press charges?

    "Of course not your honor! It was different data we changed. The incredibly convenient file that says, 'I am guilty, it's a fair cop, guv! Oh yeah, it was me!' was there all along."

    You're on incredibly shaky ground when you allow the police to manufacture information where they may subsequently use information to support charges. As soon as one dirty cop gets caught manufacturing evidence, you've devalued the entire method for gaining it. How long before the standard defense becomes, "My client has never seen that file before. Given the police routinely add and modify files on people's computers, prove beyond a reasonable doubt that they didn't put it there themselves and then change the logs to simply make it look like my client did it."