European Police Plan to Remote-Search Hard Drives 260
Smivs points out a blandly-worded story from the BBC with scary implications, excerpting "Remote searches of suspect computers will form part of an EU plan to tackle hi-tech crime. The five-year action plan will take steps to combat the growth in cyber theft and the machines used to spread spam and other malicious programs. It will also encourage better sharing of data among European police forces to track down and prosecute criminals. Europol will co-ordinate the investigative work and also issue alerts about cyber crime sprees."
Re:how how how? (Score:4, Interesting)
Please see my earlier post [slashdot.org] regarding this...apparently, they plan to infect your system with a remote access Trojan.
But don't worry...it's for your own good.
Re:yeah (Score:4, Interesting)
A grey hat in his basement can give me a trojan, perhaps fuck up my computer. The government can send hordes of armed men round to my house and lock me up for the rest of my life. Although I do probably trust the government more than some random, I know which one I am more scared of.
Re:All the more reason... (Score:3, Interesting)
They're not two unrelated compilers.
Reread the GP.
Compare the output of GCC compiled with GCC to the output of GCC compiled with ICC.
The compiler doing the final output is the same - GCC. The compiler doing the intermediate compile is different, but it's compiling the same GCC source code for the compiler for the last step. Which means, functionally - but not binary - icc_gcc_gcc and gcc_gcc_gcc should be identical. It would then follow that they'd produce identical output from the same source code.
Now, I'm not a C programmer, so I could just be talking out of my ass here, but it logically makes sense.
Re:All the more reason... (Score:3, Interesting)
The problem is, there's still a nonzero number of people who are most likely not on the NSA's payroll, who are reviewing every line that comes in, and who may help reject a given patch if it can't be understood.
So yes, it's possible, but it's considerably harder -- you not only have to ensure that it's obfuscated, you have to ensure that it looks like it's not, that it appears to do something benign instead.
And you can't simply do that by adding complexity -- after all, the more complex it is, the more scrutiny there will be, and the more attempts at refactoring it down to manageable size.
No, it would be far easier for them to infiltrate a distro, like, say, Ubuntu. But there are countermeasures to that -- you can always download the source and compile it yourself.
Technically, you cannot be sure that everything isn't completely compromised already -- perhaps anything that looks like a compiler is subtly modified to spit out trojan'd code, and anything that looks like a decompiler or a disassembler is similarly rootkitted. However, this would be an enormous amount of work, and the cracks would very likely show eventually.
The scariest way would be to do it in hardware, but I'm not sure how feasible that is.
You just moved the problem (Score:3, Interesting)
Because the minix kernel doesn't do squat useful. So you need an application to do that. And the application will need to be bigger, more monolothic and easier to pwn like this because you haven't got the capability in the kernel.
Nice job.
Re:Summary is confused as usual (Score:2, Interesting)
"If it should arise, I'll see it and deal with it then."
Our company works like that, it only deals with problems, when they occur, so its constantly stuck fire fighting mode and trying to reduce the damage that problem causes the company. (We even jokingly call problems, fires breaking out). Whereas I would soon my company used some foresight, to foresee where its likely to fail and plan ahead to deal with problems.
Both are reactive solutions to problems, but using foresight reduces the damage caused by problems. But unfortunately foresight requires greater intellegence, to foresee potential failure points and then develop plans to deal with probable problems. Unfortunately a lot a people don't want to think ahead. Its too much trouble for them. They would sooner deal with it, when it goes wrong. We need more critical thinking applied to problem solving.
But then politicians like the fire fighting approach. They can then make a big show of being seen to want to deal with problems, after they go wrong, so it allows them to say, (in hindsight), its not going wrong again.
Re:Summary is confused as usual.. This is why (Score:2, Interesting)
Slashdot will NEVER be considered a legitimate source of "journalism", and why reputable news reporting outlets will regard /. as a nerd/geek/weirdo tecchie haven not to be confused with, say, other tech coverage outlets.
Shouldn't it be infuriating, outrageous for reports to be willfully or negligently taken out of context? Or, is this, alas, what it takes to lure readers, so that VA or /. can garner ad revenue?
I wonder if the incoming administration will -- while not addressing the content of readers -- impose upon site administrators who repost or repurpose non-original material to not use free speech to jingoistically or confusingly restate news. It shouldn't *take* a tech-savvy White House to impose such "suggestions". Hell, VA (not Langley, but the site holders, lest there be confusion, hehehe) should impose it.
Me, i find there to be a woeful lacking in the vetting of posts that get "outed".
(Speaking out to damage my Karma a little more every time...)
Re:Summary is confused as usual (Score:5, Interesting)
You are wrong. First, because yes, people will risk their careers to snoop on the privacy of total strangers, just because they can. Since they work in secrecy, it's even debatable if they feel their careers at at risk for doing so: http://abcnews.go.com/print?id=5987804 [go.com]
Second, because as alarming as the linked story is, privacy is ultimately not about the police reading your shopping list. It's always about money - the money someone is willing to pay to access personal data on a political opponent (to discredit her or him), a dissident group (to penetrate and spy on them), or a competing business (obvious).
Therefore, it's also about human rights.
Once the technology is available, it *will* be abused, and we know this, because such abuses have always happened. I don't know of a government (or a business) that had a technology available and decided not to use it because doing so would be unethical or even illegal. How many times must the same stories repeat before we learn?
Re:Summary is confused as usual (Score:1, Interesting)
If you're a collector of porn pictures or pictures of a particular fetish, you'll find that rummaging through other people's porn folders will yield some rare and good stuff. Not that I would know or anything...
Re:Summary is confused as usual (Score:1, Interesting)
They're not planning to remotely connect to any old joes computer they can and search it, they're planning to connect to zombie computers that have been hijacked by criminals to try and trace back where the criminals are coming from.
What's the difference? It's the computer of Old Joe that is usually the prime target for a botnet.
If I come along and clean Old Joes computer of all things dull and ugly (again), will I now have impeded a police investigation and should I fear for prosecution?
Linux is vulnerable too (sort of) (Score:3, Interesting)
So, in short, here's just one more compelling argument for ditching Windows for Linux...
With more and more Linux users running proprietary binary blobs for convenience reasons or just out of pure laziness (video drivers, flash players and what not), it would be rather easy for $GOVERNMENT to remotely substitute one of those blobs with a "policeware"-augmented one with a classic man-in-the-middle attack. How could you check the code of those binary blobs to be sure that $THEY aren't already listening in when there is no source code to check?