funsec mailing list archives
Government sponsered spyware vs. anti-virus software?
From: "Richard M. Smith" <rms () bsf-llc com>
Date: Mon, 9 Oct 2006 23:54:09 -0400
From Slashdot.
Will this Swiss-government sponsored spyware really be able to avoid detection by anti-virus, anti-spyware, and firewall software? Also, how does an ISP "slip" this spyware onto a customer's computer in the first place? Here's the company's Web site: http://www.era-it.ch/ I don't understand German. Does anyone know if this Web site has anything interesting to say? I would love to ask the management of the company about some of the questionable claims in this article. Richard M. Smith http://www.ComputerBytesMan.com _____ http://www.heise-security.co.uk/news/79212 Superintendent Trojan Whilst listening in on normal telephone calls over landlines or mobile phone networks has become a routine procedure, Voice over IP connections frequently present a problem for investigators, especially when the persons being monitored use Skype via foreign servers or call direct from PC to PC and encrypt their data. The Swiss Department of the Environment, Transport, Energy and Communications (UVEK <http://www.uvek.admin.ch/> ) is therefore examining the use of spy software to allow it to listen in on conversations on PCs. <http://oas.wwwheise.de/RealMedia/ads/adstream_lx.ads/www.heise.de/security_ uk/news/294989972/Middle1/he-test-contentads/zaehler.html/343136303337346134 35326230303230?_RM_EMPTY_> The software comes from Swiss security company ERA IT Solutions <http://www.era-it.ch/> , which intends to supply it solely to investigation agencies. This should also prevent antivirus manufacturers from incorporating it into their databases and having their tools recognise it. According to the manufacturer, firewalls do not present a problem. Installation of the software wiretap is to be carried out on the instructions of a judge only. The ISPs of the persons under investigation will then slip the program onto their computers. The program will save overheard conversations and send them to a server in small, inconspicuous packets. If the computer is turned off before all the data has been transmitted, the program will continue transmission when it is restarted. The wiretap has some additional functions. For example, the built in microphone on a laptop can be turned on to monitor a room or webcams can be activated. As the latter is usually indicated by an LED, this is unlikely to be useful in practice. Once wiretap activities have been completed, the software can be programmed to uninstall itself at a given time. Until now the project had been carried out in secret, but it has now been reported in the SonntagsZeitung. It quotes Charles Gudet, the head of the Special Services Department of the UVEK, who admits that there is no clear legal basis for the use of Trojans in the Federal Post and Telecommunications Surveillance Act. In contrast, canton and federal criminal proceedings regulations permit the use of software wiretaps in accordance with the regulations governing surveillance using technical surveillance equipment.
Attachment:
34313630333734613435326230303230__RM_EMPTY_.dat
Description:
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Government sponsered spyware vs. anti-virus software? Richard M. Smith (Oct 09)
- Re: Government sponsered spyware vs. anti-virus software? David Lodge (Oct 10)