German hackers snare wiretap Trojan, accuse gov of writing it... German hackers have captured and analysed a cyber-sleuth Trojan which they claim may have been used by police to tap Skype calls and IM chats of criminal or terrorist suspects. German wiretap laws do in fact permit the use of a "Bundestrojaner" ("Federal Trojan"), which has been used by police to record VoIP conversations for …
This post has been deleted by its author
It wouldn't be illegal. It would be the same as discovering a tap on your normal telephone and either using a different phone line or removing it.
If it is a government supplied trojan, it should be covert, but if found the game is up. It is the same as finding a bug in your flat or a tracking device attached to your car, you can remove it, but then the plod will know you are on to them, so they will probably step up the game.
It would be hard to enforce. If you decided to do a new install on your computer, you would also nuke the trojan, whether you knew it was there or not... They wouldn't be able to prove you knew it was there and removed it on purpose.
I wonder how police would react, if for every spyware found on any computer they were asked if you were allowed to remove it.
No, you cannot be expected to analyse the type and origin of malware found on your computer system. Therefore, at least in Germany, you would be save to do so. Whether or not someone may have used that tool to place false evidence on your PC is an entirely different story...
Lame or not - that depends. As far as currently can be told, the badly written trojan created even more security risks for the already wire-trapped computer.
And yes, "O'zapft is" does refer (if I am not mistaken) to "es ist angezapft" - so indeed, it can be translated directly to "it is wire-trapped".
Also, while the federal police (BKA) denied any influence, recent information suggest that it has been used by Bavaria's local police forces (their LKA). As the analysed sample seems to have been supplied by someone being trialled by the Bavarian LKA. (The trial only broke down when his lawyer bemoaned the 60000 supplied screen shots to be gathered unlawfully - you think, that they printed them out?!) (And no, he was no terrorist - but rather a software engeneer who worked for a company who supplied something like an online shop to another company that sold drugs outside of Germany - while the drugs themselves were legal in Germany, the act of helping to sell them abroad seems to have upset the police forces.)
What IP addresses does it report back to?
Who are they registered too? Surely it would be illegal for the gubberment to be using incorrectly assigned IP addresses. They must be registered to contactable keeper, presumably a front company, but would make a fun way to start investigating.
And now we are waiting for the German Federal Public Prosecutor to search the offices of Bavarian Government and of the Bavarian LKA. Only one deferring factor, the German Home Secretary is member of the Bavarian branch of the ruling Christian Democratic Union and who knows what he ...
0zapftis
That string triggered a something. I can remember it also turned up in the last issue (58) of Benq-Siemens' mobile phone firmware for the last model (EF81) built in the Kamp-Lintfort site.
I would have a look at the guy who wrote that. Don't quite remember his name, but it was somewhat Polish, Stanislaw Nebowski or similar. Might be a 'signature'...
By now, Lower Saxony, Brandenburg, Baden-Württemberg and Bavaria confessed. Hesse nearly confessed.
There are also official documents of the relevant institutions in those states buying software from Digitask.
http://ted.europa.eu/udl?uri=TED:NOTICE:23600-2008:TEXT:DE:HTML
http://ted.europa.eu/udl?uri=TED:NOTICE:307886-2008:TEXT:DE:HTML
Oh and the director of the company Digitask has been sentenced to 21 months in prison on bail and 1.5 million Euros in 2002 because of blackmail.
http://www.foebud.org/firmenchef-von-digitask-2002-wegen-bestechung-verurteilt
Apparently a lawyer of Digitask admitted it's most likely the trojan of their company.
BTW, the really big issue is that the constitutional court forbid certain features like loading new code... however those features are in there, but deliberately hidden. This probably means they are not only there by accident, but on purpose, made by someone who know that what he was doing was illegal.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2023
