Dieses Blog durchsuchen

Donnerstag, August 30, 2007

Trojan horse by the federal governement

The Bundestrojaner in Germany is said to be as good as ready (LINK in German). In the article, Andreas Pitzmann, a Computer Scientist (I had the pleasure to hear my first lecture in Computer Security from him at the University of Hildesheim) specialized in IT-Security, is taking the Trojan horse, issued by the German federal governement apart.
What is the Federal Trojan horse, called "Bundestrojaner" anyway.
Well, in Germany we have a "Federal President", a "Federal Chancellor (Prime Minister)", a Federal Coach of the German national soccer team and now we even have a Federal Spyware on people's computers.
It's only meant for computers of bad people, that is clear, Bin Landen's laptop which is uses to access ... certain websites. I am not saying which, the joke I had in mind could put me on the death list of several radical Islam organizations I guess.
It should be installed remotely or by secret agents sneaking into the office or home of the suspect and then spy out the whole computer, infect his whole LAN probably and can even spy out his mobile phone and PDA. Great news, we are safe, the bad guys get what they deserve.

However, being Mr. Pfitzmann's eager listening student (grin), a few things seemed fishy from the very beginning.

OK, they only want to use this spyware "Bundestrojaner" very few times and that is why they do not expect anti virus software to be able to detect it. However, this is a quite normal situation of a malware infecting a few computers. Sooner or later (well...sooner) a suspect will send the malware to a security expert and then... anti virus scanners will soon detect it worldwide.
OK OK, they want to hide it well and change it often, so it can not be detected. But isn't that what all hackers are saying? We have intelligent anti virus scanners not only searching for a certain signature of the virus or Trojan horse, but also searching for behaviour patterns. We have ROOTKIT DETECTION programs, which are searching the system for well-hidden virus and trojan horses.
And ... don't IT-security experts and hackers even work for ... the bad guys. I guess a damned drug cartel or whatever has a few dimes to pay a few hackers.
So come on, it's all a waste of tax payers money.
Which makes it a perfectly normal political action.

Keine Kommentare: