Forgot your password?
typodupeerror
Government Privacy Security Your Rights Online

German Government's Malware Analyzed 162

Posted by timothy
from the unter-dem-mikroskop dept.
First time accepted submitter lennier1 writes "The German hacker group CCC (Chaos Computer Club) has analyzed a piece of malware the German government uses in criminal investigations to spy on a suspect's computer. I'm sure we're all surprised that it's opening security holes for third parties, and violates a related court verdict (and several laws in general)."
This discussion has been archived. No new comments can be posted.

German Government's Malware Analyzed

Comments Filter:
  • by Dunbal (464142) * on Saturday October 08, 2011 @04:51PM (#37650076)
    Can this trojan upload child pornography (or any other incriminating files/images) to the suspects computer, to be collected as "evidence" at a later date? I suspect it can. And if this program can uninstall itself at a later date, then this is a perfect tool for "bring him in, boys". Oh George Orwell, how foresighted you were.
  • by Dunbal (464142) * on Saturday October 08, 2011 @05:13PM (#37650200)

    You really don't understand how corruption works, do you? It would not be a false conviction at all. It would be a very real conviction, documented, with a valid chain of evidence and everything. The reasons can be many - from the "guy they think is the criminal but can't actually arrest him for anything because he hasn't done anything they can prove" situation - like Al Capone; to the "rival gang member needs to be taken out quickly because gang A just paid me $100k to lock up the leader of gang B so I will just upload this stuff onto his computer and call in an "anonymous tip"" situation. It even includes the "pay me $100k or you get thrown in jail" situation where the corrupt law enforcement/government agent decides to put the squeeze on someone.

    Maybe it's because I live in the third world and am used to dealing with corruption like this almost on a daily basis that I am so cynical. However if anyone (police or otherwise) can clandestinely install a program on your machine/cell phone/whatever and have it upload/execute programs, then all machines/cell phones/whatever can be compromised and such "evidence" shouldn't be admissible in court anymore.

  • by AliasMarlowe (1042386) on Saturday October 08, 2011 @05:24PM (#37650268) Journal

    If an authority's intention is to falsely convict someone by planting material on a piece of equipment that they will seize, disassemble and connect to their own equipment during the course of that conviction, why on earth bother planting it remotely?

    Because the raid, seizure, arrest, and indictment will be made by a completely different organization - the regular local police and local public prosecutor.

    For the police and prosecutor to do their job effectively, they must fully believe in the validity of the evidence they have seized and the chain of custody of that evidence must be impeccable. They will emphatically believe in the culpability of the arrested criminal (sorry, "alleged" criminal until the court inevitably pronounces its verdict of guilt) on the basis of this incontestable evidence. They will be utterly in the dark about any surveillance/incrimination operation, and will vilify the accused with confidence, proud to be protecting their community from such evil malefactors.

Happiness is a positive cash flow.

Working...