Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Germany Plans To Email Trojans

kdawson posted more than 6 years ago | from the we-can-do-it-but-you-can't dept.

Privacy 166

speardane sends us word of a proposal in the German legislature to make it legal for that government to email spyware to terror suspects. The action comes in response to a court denying prosecutors' requests to break into suspects' computers over the Internet. The German chancellor supports the measure despite considerable outcry from political opponents and rights groups.

cancel ×

166 comments

Sorry! There are no comments related to the filter you selected.

Fan-diddly-astic (5, Interesting)

LiquidCoooled (634315) | more than 6 years ago | (#20436013)

It sounds like the honour virus to be honest, "We need to monitor you, if you would wear this covert recording hat whilst doing your illegal stuff it would be fan-diddly-astic".

Will it be illegal to thwart the attack?

Will it become illegal to use an alternative operating system or antivirus software or even just common sense to deflect these payloads?

Re:Fan-diddly-astic (5, Funny)

ColdWetDog (752185) | more than 6 years ago | (#20436033)

I just don't see how this is possible at all. How do you get those foil wrappers in an email? Just won't work.

And besides, what happens if the guy is celibate? Or a Unix?

Re:Fan-diddly-astic (-1, Troll)

ForestGrump (644805) | more than 6 years ago | (#20436049)

Unix? I think you mean enuch [wikipedia.org]

Grump

Re:Fan-diddly-astic (3, Funny)

Psion (2244) | more than 6 years ago | (#20436307)

Shhhhh! Listen!

Whoooooooosh!

Wow. I wonder what that was?

Re:Fan-diddly-astic (0)

ehrichweiss (706417) | more than 6 years ago | (#20437317)

The joke passing over YOUR head apparently.

Re:Fan-diddly-astic (1)

ehrichweiss (706417) | more than 6 years ago | (#20437331)

Goddammit!! I gotta start reading at -1 cause I totally missed the post you were replying to since it was at -1..and I thought you were responding to its parent post. Ah well.

Mod Parent (1)

Winckle (870180) | more than 6 years ago | (#20436325)

-1 Oblivious

Re:Fan-diddly-astic (2, Funny)

Anonymous Coward | more than 6 years ago | (#20436507)

must be using those tubes the republican senators keep talking about.

Re:Fan-diddly-astic (0)

PPH (736903) | more than 6 years ago | (#20436781)

How will they know what size to send?


I take a Magnum XL. Thanks.

Re:Fan-diddly-astic (4, Insightful)

FlyByPC (841016) | more than 6 years ago | (#20436103)

Will it be illegal to thwart the attack?

More to the point, would it be illegal to reverse-engineer the spyware and send the guvmint all sorts of interesting information (that it would presume to be the spyware reporting back in?)

After all, Big Brother deserves the very best, right?

Re:Fan-diddly-astic (4, Interesting)

Opportunist (166417) | more than 6 years ago | (#20436723)

Here's a more interesting thing: Would it be illegal to forward the same trojan to, say, the NSA with the intent to infect and making it look like it's from the German Feds?

Think of the diplomatic fun we'll all have!

Re:Fan-diddly-astic (1)

wizardforce (1005805) | more than 6 years ago | (#20436133)

Will it become illegal to use an alternative operating system or antivirus software or even just common sense to deflect these payloads?
yes. there was a story net a few says ago where a court ordered that the guy couldn't use anything other than windows because their monitering software only worked on it, he had ubuntu and apparently they didnt find a way to port the software. of course that doesnt prevent the guy from bypassing all that crap and using a live cd and installing linux again- the software only works after it is loaded in the OS isn't it?

Re:Fan-diddly-astic (5, Insightful)

hazem (472289) | more than 6 years ago | (#20436527)

yes. there was a story net a few says ago where a court ordered that the guy couldn't use anything other than windows because their monitering software only worked on it,

There is a huge difference. In the case you're referring to, the man was already convicted of a crime. A result of conviction is often a loss of certain liberties and rights. As a condition of his parole (which can be quite arbitrary on the part of the state) he can continue to use a computer provided it is with the monitoring software running - this is only possible with Windows. It's difficult to make a case that will stand up that the conditions are particularly onerous or truly cruel and unusual.

On the other hand, this article is about a case where a government wants to send spy software to suspected criminals in the homes they can get useful information for a prosecution. I'm not familiar with German law, but if this were the US, it's probably okay for the government to do this. There are similar tactics that have not been thrown out, such as mailing a "you won a prize" envelope to a suspected murderer/rapist - which he then licked, leaving his DNA, and returned - thus giving the probable cause for an arrest and prosecution).

The government can't yet compel someone to give up their DNA and I suspect that a similar logic would be applied to a person's choice of computer software - the government can't compel you to use a certain kind of software just to make it convenient to gather data to be used against you. We are all presumed innocent and they have to have probable cause merely to investigate. To actually compel you to give up rights (requiring you to run specific software) you need to have a conviction... or a law that applies to all of us.

Re:Fan-diddly-astic (1)

innocent_white_lamb (151825) | more than 6 years ago | (#20436985)

the government can't compel you to use a certain kind of software just to make it convenient to gather data to be used against you
 
I wonder.
 
What about that story the other day about the torrent distributor who was ordered to keep his ram data because he wouldn't log IP addresses? He was apparently told to "Just turn on logging", he refused so they made an order for him to store his ram contents.
 
Is "You must keep logs" all that much different from "You must run THIS operating system"?

Re:Fan-diddly-astic (1)

ajdecon (233641) | more than 6 years ago | (#20437025)

Yes: the torrent distributor was involved in legal proceedings, currently in the discovery phase. This was a specific court order for the purposes of trying a particular case, rather than some blanket "Everyone must use Windows so we can spy on them!"

Re:Fan-diddly-astic (1)

MasterOfCeremonies (853832) | more than 6 years ago | (#20437383)

It's difficult to make a case that will stand up that the conditions are particularly onerous or truly cruel and unusual.

Forcing someone to use Windows might not be unusual, but it is certainly cruel.

Re:Fan-diddly-astic (1)

cez (539085) | more than 6 years ago | (#20436165)

Interesting questions... How about would it be illegal to forward that Trojan to someone else unsuspecting so it's installed on their PC instead... or hell a disorderly conduct charge for running it on your PC and knowing its there...keeping the enforcement agency busy with a script to continuously peruse some Goatse and tubgirl links of course...

Re:Fan-diddly-astic (2, Insightful)

CastrTroy (595695) | more than 6 years ago | (#20436535)

Or forward it to 10,000 of your closest friends. After half the world's computers get infected, and we trace back the virus to the German government, we'll see how impressed the rest of the world is with them.

Too many holes to fly for long... (1)

oKAMi-InfoSec (1043042) | more than 6 years ago | (#20436211)

The question raised by LiquidCoooled of whether "thwarting the attack is illegal" is very interesting. Would such activity (i.e. deleting the trojan, altering the trojan's behavior or altering the messages it sends back) be considered something akin to evading arrest or fleeing the scene of a crime?

Other questions that come to mind include:

Will the German government call upon anti-virus makers to allow the Trojans to be inserted onto machines without a red flag being raised?

Will the anti-virus companies go along with such a request?

If some a/v manufacturers go along with it...then how long 'til hackers create/modify/reuse malware that match the government's version and thus slip by, undetected.

This scheme has too many holes in it to fly for long...

Re:Fan-diddly-astic (1)

ACS Solver (1068112) | more than 6 years ago | (#20436225)

And if the trojan is mistakenly mailed to a person not linked with terrorism and ruins their PC, can they sue the government for damage successfully?

Re:Fan-diddly-astic (1)

dbrutus (71639) | more than 6 years ago | (#20437381)

They would have about the same rights and chances for compensation as someone who lost their garden to an errant artillery shell

Re:Fan-diddly-astic (0)

Anonymous Coward | more than 6 years ago | (#20436687)

The scope and danger of this issue is vastly underestimated by the tech community, semi-knowledgeable people in particular. Mere "users" believe that the government can successfully sneak into their computer and they fear that their little wrongdoings might come to light. People who actually read the proposals and explanations understand that this isn't your normal email trojan. The people in between, who thwart every worm wave, filter spam and generally have their computer under control, are the ones who think they can simply detect and avoid or remove whatever the government throws at them. Their hubris is a big mistake.

If you're a proficient hacker, what can you do to a machine when you can change each and every packet that leaves or enters it? You don't need to send an email. You just wait until the terr'ist downloads any program. MD5 checksums won't foil the attack because they will be changed as well. SSL won't help because the attacker has access to a trusted CA. Terr'ist doesn't download programs? Any malformed-data zero-day exploit can be used to put software on the target system, but if the terr'ist updates regularly, that won't even be necessary. Updates are programs. Getting data out of the target system isn't a problem either, regardless of firewall and IDS. You control every packet to and from that system. Webbrowsing on any site is a usable side-channel. The attacker can test with all AV programs to see that the spy software isn't detected. The spy software doesn't need to write itself to persistent storage, it can stay in RAM where it is very hard to detect and isolate for inspection.

The level of defense know-how that would be necessary to detect and avert such an attack is far beyond what even hardened criminals can afford. Once this instrument is available, it will be used against run of the mill "online criminals" sooner or later, if they stand in the way of profit. It's the normal expansion of applicability which affects each and every criminal investigation method introduced to fight the "unspeakable" crimes like child pornography, terrorism or drugs.

Too bad Angela Merkel is also computer illiterate (1)

A beautiful mind (821714) | more than 6 years ago | (#20436035)

Because if only she had understood what the proposal is about...

I guess we need to wait for another generation to get into politics, the one that is currently growing up with computers.

Re:Too bad Angela Merkel is also computer illitera (1)

morgan_greywolf (835522) | more than 6 years ago | (#20436351)

I guess we need to wait for another generation to get into politics, the one that is currently growing up with computers.


I don't know about Germany, but my generation grew up with computers. (I'm 35). And most of us seem to have almost no interest in politics.

Re:Too bad Angela Merkel is also computer illitera (2, Insightful)

domatic (1128127) | more than 6 years ago | (#20436367)

I guess we need to wait for another generation to get into politics, the one that is currently growing up with computers.

How is that going to help necessarily? The relative number of people who actually understand computers isn't going up. The current crop of high schoolers just uses (or attempts to use....) the things without the least understanding of the technical, societal, or political issues involved. If anything, they're even dumber. They put their whole lives on MySpace and Facebook for the perusal of others.

To be sure, there are always new geeks coming along but without a radical shift in our own understanding of how things other than computers work, we aren't going to help matters much either.

Re:Too bad Angela Merkel is also computer illitera (0)

Anonymous Coward | more than 6 years ago | (#20436785)

How is that going to help necessarily?

Dunno, but it's not very helpful, either, if the German minister of justice answers when asked by a bunch of kids what browser she uses "Um, what exactly was a browser again?".

Click here for hot beach babes! (-1, Offtopic)

Oldsmobile (930596) | more than 6 years ago | (#20436051)

Re:Click here for hot beach babes! (1)

spywhere (824072) | more than 6 years ago | (#20436783)

Click here for hot sexy Israeli babes frolicking on the beach! Satisfaction guaranteed!

Fixed that for you.

This is the problem with our War on Terror: we assume our enemies are dumber than our parents.

Re:Click here for hot beach babes! (0)

Anonymous Coward | more than 6 years ago | (#20438079)

Nope. The problem is that you assume there are meaningful enemies in the first place.

There are much bigger and more important issues in the world than the occasional act of terrorism. I don't understand why everyone is so hung-up over "stopping" terrorists, and why no one has worked that it's not possible.

Do not open attachments from strangers (1)

Nomen Publicus (1150725) | more than 6 years ago | (#20436057)

So, what happens when one of these emails is undelivered and bounces back to the sender. The German government better have _very_ good email filtering.

Well... (1)

Joseph1337 (1146047) | more than 6 years ago | (#20436081)

maybe this will push linux into the desktops...

Re:Well... (1)

Constantine XVI (880691) | more than 6 years ago | (#20436375)

...of terrorists.

Tomorrow's Fox News headline:

Linux is supporting terrorists and smothering babies. We must stop it at all costs.

Re:Well... (1)

Caesar Tjalbo (1010523) | more than 6 years ago | (#20436523)

maybe this will push linux into the desktops...
...in afghanistan. If you mail Linux too. After you've mailed desktops.


Have a bit of love for the Germans though, FTA:

In recent weeks, German troops and others working in Afghanistan have been targeted by Islamic radicals in suicide bombings and kidnappings...
"They'll bomb and kidnap, well, we'll spam them to death with trojans!"

Re:Well... (1)

jamstar7 (694492) | more than 6 years ago | (#20436531)

maybe this will push linux into the desktops...

or not. Assuming the trojan only works on Windows machines (fairly easy call, since 95%+ of all desktop computers run some form of Windows), all the German government needs to do to make sure they can infect any computer in their jurisdiction is to outlaw the use of alternate operating systems on any desktop computer in use in Germany. Needless to say, this ought to help out Microsoft's bottom line in Germany. We're talking a legal state-sponsored monopoly here. Ain't capitalism grand?

What I'm wondering is, how the German government intends to limit its spying to only German citizens. Seems to me that if they blanket email everybody on their list, that people will be added to that list 'just in case'. What kind of screwup will allow computers in the United States to be targetted?

Come to think of it, what would stop Homeland Security from turning over email addresses of 'suspected terrorists' to the German government for infection and data skimming? How would you prove that they did?

Re:Well... (1)

Opportunist (166417) | more than 6 years ago | (#20436981)

Well, someone has to gather the information, so you'll have some kind of IP address that gives you a hint who broke into your computer.

Re:Well... (1)

jlarocco (851450) | more than 6 years ago | (#20437215)

We're talking a legal state-sponsored monopoly here. Ain't capitalism grand?

A state sponsored monopoly isn't capitalism, dumbass.

Thanks for the heads up... (4, Funny)

tinrobot (314936) | more than 6 years ago | (#20436083)

...sincerely,

The Terrorists.

Re:Thanks for the heads up... (5, Funny)

Anonymous Coward | more than 6 years ago | (#20436331)

Terrorists read Digg, not Slashdot.

Wait... (0)

Anonymous Coward | more than 6 years ago | (#20436975)

> Terrorists read Digg, not Slashdot.

So... the terrorists want us to elect Ron Paul?

*head explodes*

Re:Thanks for the heads up... (0)

Anonymous Coward | more than 6 years ago | (#20437069)

Not exactly. Reading Digg makes you a terrorist, but it does not necessarily mean you were a terrorist before you read it.

Terrorists? (1)

MillionthMonkey (240664) | more than 6 years ago | (#20436797)

1001 Tips for the Indoor Gardener: Tip # 899
Don't let your computer tattle on you. If you have your computer situated in your growroom, make sure that no videocam or still digital camera has a clear view of your plants, especially if you have received emails from Germany.

Honeypot (3, Interesting)

Anonymous Coward | more than 6 years ago | (#20436093)

Now wont the terrorists set up their own honeypots for these?

I think it would be pretty cool to get a trojen written by the government, that sends data back to the government and is read by computers in the most secret government areas... imagine what terrorists could do if they find a bug in it?

Re:Honeypot (1)

jamstar7 (694492) | more than 6 years ago | (#20436563)

I think it would be pretty cool to get a trojen written by the government, that sends data back to the government and is read by computers in the most secret government areas... imagine what terrorists could do if they find a bug in it?

Like feed the government false info? Install back doors into government databases? Hit the servers that skim the data with DDOS attacks?

Seems to me to be a good way to turn a law abiding citizen into an 'enemy combatant' in an instant, especially if they discover the trojan and have their 12 year old kid hack it to feed the government bogus info...

Via e-mail? (5, Funny)

peipas (809350) | more than 6 years ago | (#20436105)

The leader of your terrorist cell has sent you an e-card! Double-click the attachment to view it!

[Attached: ecard.exe]

Final solution... (1)

The Orange Mage (1057436) | more than 6 years ago | (#20436107)

The German chancellor supports the measure despite considerable outcry from political opponents and rights groups.
Just send them by the trainload to conce...err, Computer Camp. Bore them to death with "edutainment" software. Green blood and robots for all!

Email terror suspects and... (4, Insightful)

Jah-Wren Ryel (80510) | more than 6 years ago | (#20436123)

...terror suspects will know they are being investigated.

If I were a terrorist, or really any kind of nefarious criminal (because you just know there are foolish people salivating about doing the same to any criminal suspects) I would welcome this decision. If was a bad guy and I was worried that 'they' were on to me, receiving this trojan would be proof positive.

And then I would take the opportunity to feed false information back to the people who sent me the trojan. Hooo boy, what a great way to make trouble for people I don't like, better than falsely reporting them to the IRS.

Re:Email terror suspects and... (1)

gnasher719 (869701) | more than 6 years ago | (#20436217)

Maybe you overestimate how clever terrorists are. Just look at the next James Bond film: Terrorists are really clever there, but the law (James Bond) is just a bit more clever. Translated to reality, the police are not the brightest, and terrorists are slightly more stupid (if you look at their motivation, they are actually quite a lot more stupid).

I don't have any doubt that a good hacking attack against terror suspects would succeed.

Re:Email terror suspects and... (1, Insightful)

Anonymous Coward | more than 6 years ago | (#20436265)

You understand that movies are not reality right? If anything, they're anti-reality. Stop letting Hollywood propaganda define your views.

Real terrorists are smart and nasty, and often successful (the existence of Ireland and the USA itself being prime examples - terrorist/freedom-fighter forces overthrowing the brits).

That said, the people the USA defines as "terrorists" usually aren't these days.

Re:Email terror suspects and... (0)

Anonymous Coward | more than 6 years ago | (#20436305)

No, he underestimates the government who will just send the trojan to random people. Those sending false information back are terrorists.

Re:Email terror suspects and... (1)

Jah-Wren Ryel (80510) | more than 6 years ago | (#20436455)

Sure, there are tons of stupid terrorists, the whole recent non-explosive 'car-bombs' in the UK is proof of that, as was Richard Reid and Jose Padilla and those guys who thought they could blow up JFK or the other ones in Florida who had no resources or training or even transportation but thought they could blow up some buildings in Chicago.

But, this stuff works the same way it does with internet-hacking. Just think of all the dumb criminals as the equivalent of script-kiddies. It only takes one smart guy to get his hands on it and write up a tool to exploit it and all of the dummies are now just as smart as that one guy.

"Congratulations!
You have received an eavesdropping attempt from the German Police.
Click here to falsely implicate that guy who stole your girlfriend."

Re:Email terror suspects and... (1)

Opportunist (166417) | more than 6 years ago | (#20436757)

But, this stuff works the same way it does with internet-hacking. Just think of all the dumb criminals as the equivalent of script-kiddies.

Think of it as natural selection. At least sometimes in the history of humanity, Darwin deserves to be right.

Re:Email terror suspects and... (3, Insightful)

jc42 (318812) | more than 6 years ago | (#20436341)

If was a bad guy and I was worried that 'they' were on to me, receiving this trojan would be proof positive.

Nah; it would just mean that you had a computer (presumably one running MS Windows ;-).

Note that they want the right to send it to any "terror suspect". The word suspect means anyone at all. If challenged, all they have to say is that they suspect you of something. Or they suspect a relative of yours. Or someone you knew in college 20 years ago. Or someone three houses down the street. Or someone with a name vaguely like yours. Or they learned that an ancestor of yours five generations ago wasn't German.

Such a law is really just a legal excuse to do nasty things to anyone at all, at any time.

The fun thing in this case is that you just know that their software would be isolated, probably within a week, and would soon be available at warez sites everywhere, for anyone's own private use. Someone annoying you? Send them a trojan that would start reporting all your keystrokes to the police.

Re:Email terror suspects and... (1)

Derosian (943622) | more than 6 years ago | (#20437245)

Or, once this trojan finds its way into the right hands, it would be altered and spread across the net for a DOS attack on the server who receives the information.

Re:Email terror suspects and... (0)

Anonymous Coward | more than 6 years ago | (#20437031)

You may be overstimating the ability of the terrorists to distinguish this particular trojan attempt from all the rest of the spammy viruses floating around out there. All the police really have to do is the old rootkit + IRC + keylogger combo. It works because its sneaky. Terrorists have not proven to be especially tech-saavy. These are some of the same people who replaced their cell phones but kept the same SIM cards because they had unused minutes on them.

I would set up the virus to log keystrokes and embed them in porn images via steganography and post them to Usenet. Funny thing is, the terrorists might be pleased with the library of porn that would be necessary to serve as a base for the encrypted delivery of their keystrokes.

Aren't the real trsts technology aware? (1)

ls671 (1122017) | more than 6 years ago | (#20436149)

Don't the real trsts know enough not to fall into this ?

I mean there is people monitoring the net to prevent trsts actions. If they are feared in the sense that they could take important internet infrastructures down and cause considerable economic lost, would it be possible that they might have already learned to protect their data?

I mean we aren't talking about getting into child prX0m amateur computers here.

Do real big shot trsts run linux ? ;-)

Leave it to the Germans! (4, Funny)

fishthegeek (943099) | more than 6 years ago | (#20436155)

To come up with a way to distribute birth control so efficiently! This would never work in America though, it's difficult enough getting them out of that quarter machine that resides in the restroom at the gas station.

Re:Leave it to the Germans! (0)

Anonymous Coward | more than 6 years ago | (#20436173)

Well the real question on my mind is: will they mail them in a plain brown wrapper? :)

Also in other European countries (4, Informative)

tonk (101504) | more than 6 years ago | (#20436231)

Papers that leaked from the German Federal Ministry of the Interior state that legal regulation allowing so called remote forensic searches exist
- explicitly in Romania, Cypria, Latvia, Spain, and Switzerland,
- implicitly in Slovenia,
and that a similar approach to establish explicit allowance for remote forensic searches is ongoing in Sweden. At least readers in Sweden should contact their members of parliament and do some lobbyism. The current political discussion in Germany only got that public attention beacause some people started what they call nerd lobbyism.

The German papers are available at http://netzpolitik.org/2007/bundesinnenministerium -beantwortet-fragen-zur-online-durchsuchung/ [netzpolitik.org]

It is also noteworthy that an also leaked draft of a new law regarding German federal criminal police (c.f. CCC press release at http://www.ccc.de/updates/2007/bkaterror [www.ccc.de] ) lists several other new or extended competencies.

Criticism claims that Germany is on it's way to reinstate a secret police, with the last German incarnations being http://en.wikipedia.org/wiki/Stasi [wikipedia.org] and http://en.wikipedia.org/wiki/Gestapo [wikipedia.org] .

Re:Also in other European countries (0)

Anonymous Coward | more than 6 years ago | (#20436961)

Cypria?

How is this different? (2, Insightful)

im_thatoneguy (819432) | more than 6 years ago | (#20436237)

How is this different from being allowed to tap someone's phone or plant a bug? As long as warrants are involved this sounds like the privacy law actually working since they aren't allowed to carry out any espionage that isn't specificially allowed by law.

Re:How is this different? (1)

georgewilliamherbert (211790) | more than 6 years ago | (#20436547)

Exactly. As long as a warrant is required, this is exactly comparable to phone intercepts or bugging a location or car. In the US, those have been legal for a long time, with proper warrants.

Re:How is this different? (5, Informative)

Rudolf (43885) | more than 6 years ago | (#20436753)

How is this different from being allowed to tap someone's phone or plant a bug? As long as warrants are involved [...]

With a warrant you have court approval. This is being done because the court did not grant approval.

From the summary:
The action comes in response to a court denying prosecutors' requests to break into suspects' computers over the Internet.

Re:How is this different? (1)

neumayr (819083) | more than 6 years ago | (#20437275)

A lot more data maybe?

If it can be abused, it will be.... (4, Insightful)

budword (680846) | more than 6 years ago | (#20436241)

Next they will just email their super duper virus to child porn operators, then tax evaders, then jay walkers. As the DMCA and the Patriot Act have taught us, if it can be abused, it will. It's just human nature, or the nature of people who choose to work for the man, anyway.

Pardon me for asking... (0, Troll)

xednieht (1117791) | more than 6 years ago | (#20436245)

But if you know the terrorist's email address why not just go pick him up?

sieg heil

Re:Pardon me for asking... ONCE EATEN PHOOD (0)

Anonymous Coward | more than 6 years ago | (#20436279)

The only difference is the german government is doing it on purpose.

Re:Pardon me for asking... (0)

Anonymous Coward | more than 6 years ago | (#20437057)

But if you know the terrorist's email address why not just go pick him up?

Please be to imagine up any way, ANY way, to reliably tell where someone is by knowing their email address.

Re:Pardon me for asking... (1)

secolactico (519805) | more than 6 years ago | (#20437679)

But if you know the terrorist's email address why not just go pick him up?

Sure. Have a SWAT team waiting by the server, and the moment he shows up to pick up his email, jump him and take him down.

The law is good but.. (1)

eebra82 (907996) | more than 6 years ago | (#20436259)

There is no doubt in my mind that the ethics of this law are in favor of the government.

The REAL issue here is not whether the government should be allowed to do it. The dilemma is how these terror suspects are sorted out and what it takes to be a terror suspect.

Email? (1)

mlts (1038732) | more than 6 years ago | (#20436293)

This seems like a rather lame, feel good proposal. "Emailing spyware" and having it be a success is a lot more complicated than it sounds.

This assumes a lot. I'm pretty sure most stuff emailed this way would be utterly foiled by someone who uses Mail.app, mutt, elm, pine, Mailwasher Pro, or even Thunderbird. If the email is successful as a law enforcement trool, black hat criminal organizations will be going head over heels to get a copy so they can disassemble it, and use it for their own schemes.

Re: You have GOT to be kidding me. (1)

TaoPhoenix (980487) | more than 6 years ago | (#20436427)

I'm so tangled in the multiple layers of paradox I can't get out.

If this is "secret" spyware, then it's fair game for the terrorists to ... send back to spy on the government!!

I'm dying to see a fiction treatment of the top German Govt hacker vs. the top Terrorist hacker. Given the ridiculous layers of influence both command, that would be a knockout.

good news for linux (1)

Funzo22 (1068016) | more than 6 years ago | (#20436295)

looks like linux distros may find a new group of users to reach.... terrorists who don't want to get government virusses on their computer

Next headlines: (2, Interesting)

Arancaytar (966377) | more than 6 years ago | (#20436421)

Entire IP range used by governmental mail servers now blacklisted by most email filters.

And I was half hoping it would finally grow out of fashion to be ashamed of this country now that the US was setting the world standard in pulling all this crap. Premature hope, apparently.

Just think (1)

Schemat1c (464768) | more than 6 years ago | (#20436423)

If the Germans were able to do this to the terrorists that burnt down the Reichstag Building they might have saved millions of lives...

oh, wait...

Re:Just think (1)

Opportunist (166417) | more than 6 years ago | (#20436919)

It really is a pity if the terror comes from within the government. Fortunately these time are over... well, nevermind.

You've got a friend! (3, Funny)

Anonymous Coward | more than 6 years ago | (#20436425)

"You've got a friend! OsamaBL wants to add you to his friendslist, Cancel or Allow?"

Re:You've got a friend! (0)

Anonymous Coward | more than 6 years ago | (#20438013)

*sigh* Allow.

I expect its already being done (2, Insightful)

cdn-programmer (468978) | more than 6 years ago | (#20436429)

I expect this is already being done. The only issue really is how to bring anything found into court.

Non-Germans would be expected to have no rights in a German court of law. Non-Americans have little rights in an American Court of law. This means it is legal for one country's law enforcement personnel to spy on non-citzens ...and then trade data with the said country's law enforcement personnel.

The thing is how a German citizen living in Germany would be taken into court in Germany.... Similarly, how would an American Citizen be taken into court in America? If the said individual lives outside of his own country then perhaps its a bit easier...

Nevertheless, our authorities have been spying on everyone for decades.

I think all this really boils down to is what is admissible in a court of law. I doubt it will have any effect on what our spies actually do on a day to day basis.

Re:I expect its already being done (1)

badSkater (444559) | more than 6 years ago | (#20436725)

Yep, the government has most likely been doing this for years. Or something like it. The difference now being that surveillance has become more high profile and, as you mentioned, governments are now trying to justify this stuff to use it in court.

Bear in mind that I am not suggesting these things are OK, just that I believe they are nothing new.

I would hope the Germans have people who can come up with something better than emailing viruses to suspects. Heck, I would hope we (in the USA) have people smarter than that. It is almost as though this kind of stuff is done to give the suspects a false sense of security.

Speaking of (personal) defenses, are there not many countries where the use of encryption technology is illegal?

Re:I expect its already being done (1)

Knuckles (8964) | more than 6 years ago | (#20436751)

Non-Germans would be expected to have no rights in a German court of law.

No, with a few exceptions, all human beings have the same rights in a German, or really any European, court of law.

Non-Americans have little rights in an American Court of law.

I don't think so, I'd expect more or less the same.

Re:I expect its already being done (2, Informative)

techno-vampire (666512) | more than 6 years ago | (#20436813)

Non-Americans have little rights in an American Court of law.


Actually, that's not true. The Bill of Rights applies to all persons living in the USA, even undocumented aliens. They have the same right to a fair and impartial trial, the same right to confront their accuser, the same right to counsel and so on. Not just in theory, but in practice, too. (Except for impartial trials, because that's not always easy to enforce, and partiality can't always be proven. But the courts do try to be as fair as they can.)

Re:I expect its already being done (0)

Anonymous Coward | more than 6 years ago | (#20438099)

>> Non-Americans have little rights in an American Court of law.

USA had a covert neocon propaganda campaign running with the sole purpose of claiming that foreigners have no rights under US laws and that only americans have rights and are thus superior to any foreigner (with no rights) in USA.

This, as has been pointed out, is a fallacy. But alas, many americans still believe the very successful neocon propaganda claims that foreigners have no rights.

And if the terrorists are Linux or Mac users? (1)

jcr (53032) | more than 6 years ago | (#20436451)

Just asking...

-jcr

Just how stupid are terrorists? (1)

AmiMoJo (196126) | more than 6 years ago | (#20436521)

Ignoring for the moment their clearly idiotic beliefs, just how stupid are terror suspects? Do they open random attachments? Do they use Outlook? Don't they run AV software that can detect rootkits regularly?

Well, okay, the recent attacks in the UK looked like amature night, but surely the first thing in the Al-Quaida Computers for Terrorism and Jihad manual (after the bit about how they are the creation of infidels and how you mustn't look at porn on the internet if you want your 76 virgins) is "don't open random attachments"

1A Plan, really! (1)

tripwirecc (1045528) | more than 6 years ago | (#20436565)

AV companies around the world are going to add the signatures to their lists. Are antivirus applications going to be banned then? I wouldn't be surprised, considering that other moronic law in regards to security/hacking tools.

Re:1A Plan, really! (3, Insightful)

Opportunist (166417) | more than 6 years ago | (#20436965)

You'll have a hard time getting that through.

The German government could technically issue a "please do not find" letter. Now, I know a few people with a few AV labs and such a letter would most likely be met (inofficially) immediately with a shady tool on a shady page finding exactly this trojan and nothing else.

But let's just for a moment assume that this won't happen. Instead, KAV gives the German government the finger, citing the "Russia is big, the Czar is far" proverb. Avira would most likely be forced to comply, sitting in Germany, so would probably some other EU-based AV vendors.

They would, though, immediately go to Den Hague and sue for unfair trade disadvantages due to the laws in one member country.

AV writers tend to be a zealous lot. If you think the EFF is hard on GPL violations, you've never seen AV fanatics meet malware proponents.

There is still a chance... (4, Informative)

zeromorph (1009305) | more than 6 years ago | (#20436571)

...that the Trojan won't actually be realized. (BBC) [bbc.co.uk] :

Justice Minister Brigitte Zypries, of the Social Democrats (SPD), has voiced concern about the spyware plans, saying they might infringe privacy laws,...

But that depends on a lot of factors. Germany's biggest hacker organization [wikipedia.org] the Chao Computer Club [www.ccc.de] and others are very effectively campaigning [wikipedia.org] against this plans.

In recent news [heise.de] (only german, sorry) the federal police states that it won't be a trojan but what they call "remote forensic software" which they intend to install on the terrorists' computer manually. More like a software version of a bug (in the covert listening device sense).

Subject (4, Funny)

Dachannien (617929) | more than 6 years ago | (#20436657)

So what are they going to title the e-mail? I mean, they'll have to be really clever, to make sure the terrorists actually open it:

"dude! you'll never believe what Osama said"
"wow, I can't believe you haven't blown yourself up yet"
"this video has your 72 virgins in it!"

smoke grenade (1)

whathappenedtomonday (581634) | more than 6 years ago | (#20436679)

As a number of posters have pointed out, this is hardly feasible. The proposed "Bundestrojaner" (federal trojan) legislation is most likely unconstitutional and has been struck down in one federal state already for exactly that reason. (Large parts of) The social democratic coalition partner SPD and the opposition as well as civil rights groups and trade associations deny the need for such practices and question that it would be in any way reconcilable with the constitution.


The proposition is part of a much larger bill granting the BKA (federal police) extensive new powers with large-scale privacy and civil rights implications. The BKA bill is not really discussed in public, because the minister of the interior and other shills distract both the public and the mainstream media with Bundestrojaner dumbspeak that has no technical knowledge or feasible background whatsoever. Most other parts of the BKA bill would have caused hundreds of thousands of concerned citizens hit the streets some 15 or 20 years ago, but go largely unnoticed because of the Bundestrojaner smoke grenade. (And the claim that whoever opposes the bill will have to take the responsibility for the victims of coming terrorist attacks.)

Anti-hacking law? (2, Interesting)

dmclap (1103635) | more than 6 years ago | (#20436789)

Didn't Germany recently pass a law banning most "hacking" tools, and by extension, most tools that can be used to detect and defeat hacking? And if so, could these be related? I sincerely hope not, since if so, someone (or multiple persons) in the German government is outclassing the Bush administration in asshole terrorism laws. Suspected of terrorism? Get a trojan. Try to detect/remove the trojan? Break the law and get sent to jail anyway!

Yes, I know that it can be a stretch to say that no hacking tools means you can't still defeat this trojan, but maybe they could either create a trojan that could only be defeated that way, or just expand the law in later years to make it illegal to use anti-virus software "in a way that interferes with a government investigation" or something. Either way, it could lead to some scary stuff if properly abused. Even if you don't start the cycle of getting sent to prison, a trojan can dig up some nice information about enemies of yours.

just to remind you (0)

AlgorithMan (937244) | more than 6 years ago | (#20436855)

just to remind you: At that time Hitler took control of Germany by spreading fear of terrorism (after a staged terrorist attack on the Reichstag). He got all the power he needed for his "war on terror"... soon the word "terrorist" included jews and anyone who disagreed with the NSDAP

right now I really hate living in Germany
SOMEBODY HELP US!!!

They won't use email (0)

Anonymous Coward | more than 6 years ago | (#20437087)

Their troian will be installed with "physical access". They sneak into their homes.

Not about terrorism, never has been (1, Insightful)

davinc (575029) | more than 6 years ago | (#20437089)

As a fellow I read long ago commented on his first hand life under the Nazis... It is all part of the current trend in all western culture for government to pass ARBITRARY and INVASIVE laws that condition people to unchecked use of power. This is utterly useless against 'terrorists', since if they even exist they would just avoid it. This is entirely about wearing down opposition to government power. Here in the US these abuses come at us faster than we have time to get outraged about them.

"terror suspects" (2, Interesting)

nurb432 (527695) | more than 6 years ago | (#20437309)

Ya, that label will never be abused.

So they have developed Time-Travel Email? (2, Funny)

MrSteveSD (801820) | more than 6 years ago | (#20437323)

I thought the Trojans were wiped out long ago.

They'll never make it. (1)

WheelDweller (108946) | more than 6 years ago | (#20437521)

Troy's email's been down *forever*. And when it wasn't, that tramp Helen was sniffing all the packets, anyway. :)

(Ya gotta love headlines, from time to time...)

"SUV breaks from the crowd and kills 5". (Or, perhaps a DRIVER of an SUV went out of control and killed five, no? See what I mean?

Latest News: German Government outlaws non-Windows (1)

udippel (562132) | more than 6 years ago | (#20437795)

In a recent move, Angela Merkel has forced an amendment to the liberty laws through Der Bundestag. It is from now on prohibited to use any operating system that is non-trivial to break into.
German police have started to do house-to-house searches of Internet users reported to be not hackable by the Security Services (SS) of the Federal Government. First images can be seen on http://www.liveleak.com/view?i=9db_1178813405 [liveleak.com]

More action is to follow soon, the Minister of Information of the Federal Government, who only wanted to be known by his initials, JG, confirmed:
"We have outlawed the use and ownership of any so-called security tool, to liberate Germans from FUD, Fear Uncertainty and Danger. We have outlawed any operating system that hinders the proper execution of the tasks of the SS." He promised to follow up on speculations of setting up a re-education camp for deviant Internet users in Bergen-Belsen. He asked the reporter to supply his e-mail address, in order to deliver the adequate response into her mailbox as soon as that response was ready.

tttro jjjan troojans!!! (1)

splatter (39844) | more than 6 years ago | (#20437857)


This is ludicrous, no this is Germany!!!!!

Liberal tinfoil (-1, Flamebait)

Anonymous Coward | more than 6 years ago | (#20438049)

Whaaa.... you pussies are always whining about this shit....
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>