Slashdot Mirror

← Back to Stories (view on slashdot.org)

Coder of Swiss Wiretapping Trojan Speaks Out

Posted by Soulskill on from the is-swiss-software-full-of-security-holes dept.

Lars Sobiraj writes "Ruben Unteregger has worked for a long time as a software-engineer for the Swiss company ERA IT Solutions. His job there was to code malware that would invade PCs of private users, and allow the wiretapping of VoIP calls — in particular, calls made through Skype. In the German-speaking areas of the country, the Trojans were called 'Bundestrojaner' because the Swiss government was involved with their development and use. Unfortunately, Unteregger has to remain silent about the customers of the company. Last night, he published the source code of his Skype-Trojan under the GPL."

6 of 114 comments (clear)

  1. Re:Government Support Malware... Great... by Kokuyo · · Score: 5, Insightful

    but the reality is that there is a risk some idiot out there is going to misuse this information.

    SOME idiot? I'm most worried about the government itself, thank you.

  2. Re:Government Support Malware... Great... by AndrewNeo · · Score: 4, Insightful

    Yes, we do, for the same reason we want other software to be open source.. security. If we can see into a program's source, we can identify potential security issues. By releasing the trojan's source code, Skype can fix their software.

  3. Re:GPL ? by wild_quinine · · Score: 5, Informative

    Most certainly the guy doesn't even own the source code since he did it under contract from an employer, so he cannot really "release" what is not his... Maybe I'm wrong and he owns the source code though.

    From the article:
    "There won't be problems about copyright, because ERA IT Solutions let me keep it... About the details, why I keep the copyright on this, I can't offer a statement. As already mentioned I agreed to absolute silence. You can speculate now or ask the sources directly. "

  4. Re:Call me naive... by jimicus · · Score: 5, Informative

    You're naive.

    I'm not going to go searching on Google now but there are already loads of malware toolkits out there being used by script kiddies, some of which are rather easier to use than "First learn to code in C". This doesn't change anything.

  5. Re:GPL ? by chrb · · Score: 4, Interesting

    About the details, why I keep the copyright on this, I can't offer a statement.

    My guess would be liability. If Skype want to sue the "owner" of the trojan, the company is safe. If a "victim" of the trojan wants to sue the "owner", the company is safe. In any court case, the company can turn around and say "Ah, but we just provide advice and consultancy services. The creator and owner of the trojan code is Ruben Unteregger, and he is a completely different legal entity."

  6. Re:GPL ? by oldhack · · Score: 4, Funny

    Title reads: "Coder of Swiss Wiretapping Trojan Speaks Out"

    Summary reads: "Unfortunately, Unteregger has to remain silent about the customers of the company."

    The parent quotes the guy: "About the details, why I keep the copyright, I can't offer a statement. As already mentioned I agreed to absolute silence."

    That's why I am not commenting on this story.

    --
    Fuck systemd. Fuck Redhat. Fuck Soylent, too. Wait, scratch the last one.