Jump to content

The Nonsense thread

Overtime

By Overtime
in Channel Zero

 Share

Recommended Posts

This forum is supported by the 12ozProphet Shop, so go buy a shirt and help support!
This forum is brought to you by the 12ozProphet Shop.
This forum is brought to you by the 12oz Shop.
  • Replies 73.8k
  • Created
  • Last Reply

Top Posters In This Topic

  • RIPS

    3638

  • Inappropriate_Responder

    2945

  • Drue_Down

    2301

  • MOOGLE?

    2253

Popular Days

Top Posters In This Topic

Popular Days

Popular Posts

Kults
Kults
crackalackin
crackalackin

Glad to see this shits still here. Logging in for the first time in a minute on this account I made in high school cuz I'm fuckin 30, I'm broke, my fuckin years long relationship is burning, I'm fucki

Drue_Down
Drue_Down

Posted Images

MOOGLE?

MOOGLE?

Posted
Posted

MORE

NEWS

GUIDES

Upgrade to a Premier Subscription

Customize ▾

OpenForum

Login/Join

Security

Impressed by FBI trojan, Germans write their own—and

national scandal ensues

By Matthew Lasar | Published about 14 hours ago

It has been pretty chaotic in German Chancellor Angela

Merkel's cabinet ever since the Chaos Computer Club dumped

some alarming technology news in her lap. Turns out that the

German government's "lawful interception" application,

supposedly designed only to monitor IP telephone calls, is just

a little more powerful than the police let on.

Berlin-based CCC released its analysis of Germany's "Quellen-

TKÜ" ("source wiretapping") trojan on Saturday. The results

weren't pretty. Despite a constitutional court ban on the use of

malware to crack PCs, the state-sanctioned malware's makers

didn't even bother to add technical barriers ensuring that the

code would only be used for tapping Internet telephone

conversations.

"On the contrary, the design included functionality to

clandestinely add more components over the network right

from the start, making it a bridge-head to further infiltrate the

computer," CCC's report noted.

But that's only the start of what this application can do:

The government malware can, unchecked by a judge, load

extensions by remote control, to use the trojan for other

functions, including but not limited to eavesdropping. This

complete control over the infected PC—owing to the poor

craftsmanship that went into this trojan—is open not just to

the agency that put it there, but to everyone. It could even

be used to upload falsified "evidence " against the PC's

owner, or to delete files, which puts the whole rationale for

this method of investigation into question.

Gray areas

Keep in mind that this revelation comes as Merkel is trying to

rescue about a quarter of Europe via a Eurozone bailout fund.

She was touring Vietnam on Wednesday, dismissing Slovakia's

rejection of the plan, a day after her Minister of Justice Sabine

Leutheusser-Schnarrenberger called for a national- and state-

level inquiry over the use of the trojan.

Who will be investigated? The German state of Bavaria says it

has used Quellen-TKÜ, but legally, its officials insist. Wired

reports that Bavaria approached the Federal Bureau of

Investigation in 2007 to learn more about US malware

techniques. Three other German states admit they've accessed

the trojan—only to go after very bad criminals, of course.

Alas, Germany's crazy-quilt coalition politics have closed in on

the scandal a lot faster than the Minister's promised probe.

Merkel's government consists of members of the Christian

Democratic Union and the Free Democratic Party, and they've

been quarrelling over how to handle this mess. Leutheusser-

Schnarrenberger of the FDP says she wants action as fast as

possible, but leaders of Bavaria's Christian Social Union, allied

with the CDU, are now accusing the minister of "putting the

police in a legal gray area," as one newspaper describes the

charge .

Bavaria's Interior Minister Joachim Herrmann bluntly says he

has no problem with the application. "These are measures that

are clearly defined by the federal government, and which the

constitutional court has allowed for use in investigating serious

crime," he told a local newspaper.

Not surprisingly then, Der Spiegel reports that while Interior

Minister Hans-Peter Friedrich of the CSU has encouraged all

states to put a freeze on the malware program, he has also

warned cabinet ministers not to burden investigators with too

much "general suspicion."

None of this is sitting very well with the FDP, whose leaders

have gone so far as to hold a meeting with the CCC and call on

Friedrich to move on the issue as quickly as possible. "We have

to show German citizens that this coalition takes the protection

of their private sphere seriously," Leutheusser-Schnarrenberger

warned.

Hand-crafted?

Agreed, say leaders of Germany's smaller but feisty Pirate Party ,

whose servers were seized by the government four months

ago. "There is no possible way to install a Trojan horse in a way

that adheres to legal requirements," the party's Sebastian Nerz

told a news agency. The CCC revelations show that German

officials possess "either a certain naivety or the intent to breach

the constitution."

It's unlikely that any of this infighting is encouraging for the

CCC, which has been tracking Quellen-TKÜ for at least three

years. The group says that in 2008 German officials assured it

that all versions of the trojan would be be "hand- crafted for the

specifics of each case." Guess that didn't happen, since CCC

investigators now disclose that variations of the malware that

they've collected have the same cryptographic key and "do not

look hand-crafted at all."

Needless to say, CCC's statement demands that all these

shenanigans "must stop."

At the same time, "we would like to call on all hackers and

people interested in technology to further analyze the malware,

so that at least some benefit can be reaped from this

embarrassing eavesdropping attempt," the commentary

concludes. "Also, we will gladly continue to receive copies of

other versions of government malware off your hands."

Photograph by Markusram

User comments

Leave a Comment (24)

Entegy | about 14 hours ago | permalink

The government needs better hackers.

sep332 | about 13 hours ago | permalink

German newspaper FAZ printed 5 pages of assembly code:

http://yfrog .com/z /h3 x13cjj

And F-Secure decided to add it to their antivirus. http:// http://www.f-

secure.com/ weblog/archives /00002249.html edit: so did

Sophos http:// http://www.sophos.com /en-us/ threat-cent ... 2D 2-

A.aspx

Last edited by sep332 on Fri Oct 14, 2011 10:21 am

HedPhuqt | about 13 hours ago | permalink

What's Schneier have to say about this?

Amon-Ra | about 13 hours ago | permalink

There is one in Switzerland, too.. . hmmm.. .. Isn' t it interesting

what happens in all these "free" countries, is it? It let's me

remember a passage in Daniel Suarez's book "Freedom": 'They

are tagged like sheep and have about as much say in the matter

as sheep'.

Boozy | about 13 hours ago | permalink

Creating a trojan that can add and remove files to/from the

infected computer is a huge mistake.

Any suspect can defend now himself by claiming someone else

uploaded the incriminating evidence.

DrDenim | about 13 hours ago | permalink

They had a show with that animation character guy there on

Norwegian TV when I was a kid in the 80s! Only when I was

way older did I learn that it was Soviet propaganda from the

DDR. Good thing I escaped it without serious damage,

comrade..

Last edited by DrDenim on Fri Oct 14, 2011 10:35 am

Pirokobo | about 13 hours ago | permalink

HedPhuqt wrote:

What's Schneier have to say about this?

Forget Schneier. What does Microsoft have to say?

In the end there is only one "law " when it comes to

government use of trojans and that's the maker of the world

they play in. If Microsoft or an AV maker says it's malware and

codes against it, that's it.

a7363922 | about 13 hours ago | permalink

Thanks for covering this!

Greetings from Germany

mmnw | about 13 hours ago | permalink

The article doesn't really state the underlying problems, and the

amateurism the police displayed with this trojan.

The original problem was encrypted audio and video chat,

which can not be listened to by classic wiretapping. Therefore

the police would need to install the trojan to intercept audio

and video before it is encrypted.

But the constitutional court, which is considered a very strong

defender of german citizen rights, ruled, that this can only be

done in clearly defined cases. It was understood, that the trojan

used, needed technical limitations to ensure it can only be used

for wiretapping. Anything beyond this, i.e. searching the hard

drive, taking screen shots, etc, would be considered a classic

search, which requires a classic search warrant and therefore

give notice to the suspect.

What the CCC argues is, that the trojan used did not have

enough technical limitations to limit it's function to wiretapping.

Indeed it would be possible, once the trojan was installed, to

upload other trojan modules, therefore upgrading any

functionality there was initially.

What makes this even worse, is the amateurism, with which this

trojan was obviously build. It seems the police just bough it

from some local company, never checking the actual

functionality. It also seems, that by german law, any evidence

collected with this program is moot, since police would have a

hard time to prove the recordings were not tampered with.

Obviously the police did not give this enough thought.

In addition: this trojan was bough and employed by the

bavarian state police, and in some limited cases rented to police

agency of other states. On the federal level, all police agencies

have denied using this solution (or any) .

MyCat | about 13 hours ago | permalink

HedPhuqt wrote:

What's Schneier have to say about this?

Not much. He briefly mentioned it yesterday.

am

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...