It would then report this data back to servers, two of which were identified — one in the US and the other in Germany. The program could also be remotely updated and potentially used to install and run other programs. As far as we see, the only party that could confirm that would be the German government itself. In , a ruling by a German Constitutional Court restricted use to cases in which human lives or state property were in danger, and only after permission had been granted by a judge.
|Published (Last):||13 January 2011|
|PDF File Size:||9.3 Mb|
|ePub File Size:||20.19 Mb|
|Price:||Free* [*Free Regsitration Required]|
It would then report this data back to servers, two of which were identified — one in the US and the other in Germany. The program could also be remotely updated and potentially used to install and run other programs. As far as we see, the only party that could confirm that would be the German government itself.
In , a ruling by a German Constitutional Court restricted use to cases in which human lives or state property were in danger, and only after permission had been granted by a judge.
The trojan itself was poorly written and potentially allowed for others to take control of the software once installed. The concern here is that someone could take over the malware and capture information themselves or plant false evidence.
The use of backdoor trojan software by law enforcement agencies came to the fore in when the NSA or FBI were rumoured to have produced software known as Magic Lantern. That project allowed for full online surveillance of a particular internet address. It was used in conjunction with a Magic Lantern backdoor trojan specifically targeted at capturing encryption passwords.
This, in turn, would allow the FBI to unencrypt captured communication. At the time, anti-virus software companies were faced with the dilemma of whether to remove known government backdoor trojans. In , various anti-virus software vendors made declarations about whether their software would remove a suspected FBI backdoor trojan. Companies such as F-Secure stated categorically they would never knowingly leave detected malware on a computer.
Representatives of security software company Sophos agreed but Eric Chien, chief researcher at Symantec at the time stated the company would not detect Government malware. The assumption was that the software would have enough protective mechanisms in place to prevent the wrong people gaining control of it. As has been demonstrated by the case of the R2D2 trojan, this is quite clearly not the case.
The software has very few protective mechanisms and was open to hijacking, as the CCC demonstrated. As more human activity migrates to the internet, including criminal and terrorist activities, governments and law enforcement agencies in particular will be turning to every available technique to intercept and collect information.
Surveillance trojans have also been used by the Swiss , and the Austrian Police. The CCC has made a number of allegations about the origins and potential ramifications of the R2D2 trojan. Why this is indicative of a German Government hacker rather than an independent German hacker who likes beer is open to debate. Although, as has been seen in the US, laws that cover protection against terrorism, such as the Patriot Act are more commonly being used for a range of other purposes, including drug trafficking which made up First, anti-spyware software from any company that would even contemplate not detecting malware, irrespective of its origins, would have to be treated with caution.
Companies that have declared their approach to detecting all malware should be favoured. Second, it brings into question the use of government sponsored anti-virus initiatives unless they give free choice of vendors to the public.
Why would you trust a government sponsored anti-virus software package if they are also producing malware for general use? This article first appeared on The Conversation. But the capabilities of the R2D2 trojan allowed for much more than this. Government use of malware The use of backdoor trojan software by law enforcement agencies came to the fore in when the NSA or FBI were rumoured to have produced software known as Magic Lantern.
An open barrel The CCC has made a number of allegations about the origins and potential ramifications of the R2D2 trojan. Got a news tip for our journalists? Share it with us anonymously here.
NAB tells staff to up their digital and data game. CBA uncovers abusive messages in digital transaction descriptions. You must be a registered member of iTnews to post a comment. Log In Register. Why is DevSecOps important to your business? Most popular tech stories. Aussie Broadband signs users to cheaper gigabit NBN plans. Toll Group attackers accessed personal and payroll data of staff. Microsoft expands Teams video calls to 49 visible participants. DXC targets 4, jobs as it moves to more quickly respond to customer needs.
DXC axes local jobs. Aussie Broadband gigabit NBN smashes sales records. How long will a UPS keep your computers on if the lights go out? Ten ways to speed up your laptop. How do I make sure my email is properly synced between all my computers?
How to recover deleted emails in Gmail. What is an 'intelligent' edge gateway? Log In Don't have an account? Register now!
Bundestrojaner sparks war of words
Chaos Computer Club
The CCC describes itself as "a galactic community of life forms, independent of age, sex, race or societal orientation, which strives across borders for freedom of information…". In general, the CCC advocates more transparency in government, freedom of information , and the human right to communication. Supporting the principles of the hacker ethic , the club also fights for free universal access to computers and technological infrastructure as well as the use of open-source software. Members of the CCC have demonstrated and publicized a number of important information security problems.