German State Malware Cracked and Exposed
Last month the respected German national newspaper Frankfurter Allgemeine (FAZ) published an exposé in its Sunday edition Feuilleton about a German government computer surveillance program introduced into citizens’ computers some years ago and the ease with which it can be cracked and misused. The Staatstrojaner, or “state trojan,” is a key-logging program that can record everything entered into an infected computer via the keyboard, and, in this case I believe, control the computer to some degree.
The newspaper’s exposé is available in English as a PDF file via Edge.
To uncover and reverse engineer the trojan, FAZ teamed up with Chaos Computer Club (CCC) hackers, an unlikely partnership indeed for a right of centre newspaper.
The German constitutional court ruling in 2008:
sets severe restrictions on the secret services and investigation authorities when they seek permission to infiltrate computers in Germany for the purpose of extracting data and surveying core privacy.
Nevertheless, FAZ points out,
Representatives of the investigation authorities and the government have vehemently argued in the Karlsruhe discussion that they need to capture all encrypted communication on a suspect’s PC before they become encrypted. The court does not want to completely obstruct this and have permitted “source telecommunication surveillance” – though only “when the surveillance is limited to data from an ongoing telecommunications process. This is to be enforced through technical and legal means.”
The newspaper’s central concern is that the trojan with which computers are infected is itself insecure and can be easily reprogrammed to violate the restrictions and, indeed, to plant evidence on the host computer. Their partners in this exposé, CCC, were able to do just that.
If you have some notion that encryption is a workable way of frustrating snoops, governmental or otherwise, or that “the authorities” know what they’re doing to such a degree that their intrusions into citizens’ digital lives will be surgical and secure, as it were, you would do well to read this careful, thoughtful piece.
We saw this same problem before, in miniature when Sony infected customer PCs with a virus. The virus was used to transmit a DRM (digital rights management) program, but the act of cracking the computer’s skull open left its tiny little brain exposed for any other viruses which came along.
Some days I start to think we all should be running B-1 level (military grade) secure systems on our laptops (;-))
–dave