European Police Plan to Remote-Search Hard Drives

Smivs points out a blandly-worded story from the BBC with scary implications, excerpting "Remote searches of suspect computers will form part of an EU plan to tackle hi-tech crime. The five-year action plan will take steps to combat the growth in cyber theft and the machines used to spread spam and other malicious programs. It will also encourage better sharing of data among European police forces to track down and prosecute criminals. Europol will co-ordinate the investigative work and also issue alerts about cyber crime sprees."

More Information?

[TripMaster+Monkey]

Unfortunately, the article cited is maddeningly vague as to how this initiative will be implemented. A little digging turns up this Register article on the subject, which contains slightly more info.

From the Register article:

In practical terms, remote searches would involve planting law enforcement Trojans on suspects' PCs. Police in Germany are most enthusiastic about pushing this tactic, the sort of approach even Vic Mackey from The Shield might baulk at, despite its many potential drawbacks, highlighted by El Reg on numerous occasions.

For starters, infecting the PC of a target of an investigation is hit and miss. Malware is not a precision weapon, and that raises the possibility that samples of the malware might fall into the hands of cybercrooks.

Even if a target does get infected there's a good chance any security software they've installed will detect the malware. Any security vendor who agreed to turn a blind eye to state-sanctioned Trojans would risk compromising their reputation, as amply illustrated by the Magic Lantern controversy in the US a few years back.

Then there are the civil liberties implications of the approach and questions about whether evidence obtained using the tactic is admissable in court.

Despite all these problems the idea of a law enforcement Trojan continues to gain traction and could become mainstream within five years, if EU ministers get their way.

So, in short, here's just one more compelling argument for ditching Windows for Linux...

Summary is confused as usual

[Xest]

The summary takes the decision somewhat out of context.

They're not planning to remotely connect to any old joes computer they can and search it, they're planning to connect to zombie computers that have been hijacked by criminals to try and trace back where the criminals are coming from.

Apparently, there will be strict rules on what they can do on said machine too, that is, they're not allowed to start rummaging through people's personal data. Don't think I'm naive by saying that- I'm just repeating what I read on the issue, I don't believe for a minute those rules will be enforceable and I truly think as soon as they have access to these machines and their boss aint looking they're going to start rummaging like crazy.

I'm not sure how I feel about the general idea, if a machine has a backdoor and they can manage to connect to it also then in a way I feel they should just temporarily patch it for the user and inform the user at absolute worse although I'm not sure this is ideal- what if they patch some security researcher's honey pot for instance!

It certainly concerned me a bit when I read it but it's certainly not a plan to just use 0-day exploits to connect to everyone and anyone's PC or anything.