Archive | February, 2008

German Police Creating Law Enforcement Trojan


After banning hacking tools it looks like the German police are looking into digital wiretapping and creating ‘whitehat’ trojans for monitoring the bad guys…

Of course they define who the bad guys are, and according to law 202(c) it could be us..

This is very definitely questionable when it comes to ethics, it’s almost as bad as backdooring highly secure encrption alogrithsm just so the government has a universal key..so yes you say what happens when the bad guys get the key? Same things happen when the bad guys take over this ‘remote forensic software’ network..

German cops are pushing ahead with controversial plans, yet to be legally approved, to develop “remote forensic software” – in other words, a law enforcement Trojan.

Leaked documents outline proposals by German firm Digitask to develop software to intercept Skype VoIP communications and SSL transmissions. A second leaked document from the Bavarian Ministry of Justice outlines costing and licensing proposals for the software. Both scanned documents (in German, natch) have found their way onto the net after being submitted to Wikileaks.

They are even looking at jacking Skype so they can monitor net based VoIP calls..and intercepting SSL communications, although that shouldn’t be too tricky.

Either way they are both very dodgy.


Proposals to give explicit permission for law enforcement officials to plant malware stem from a Federal Court ruling last year declaring clandestine searches of suspects’ computers to be inadmissible as evidence, pending a law regulating the practice. Germany’s Federal Court of Justice said the practice was not covered by existing surveillance legislation.

Joerg Ziercke, president of Germany’s Federal Police Office (BKA), expressed frustration about their inability to decipher the encryption used by Skype in order to tap into the VoIP calls of suspected terrorists. Digitask, if the leaked documents are to be believed, has stepped into the breach.

Ok so normal people can’t make security tools to test their networks….but the government can create malware to monitor private communications?

Yah that really makes sense.

Once again – this is ridiculous!

Source: The Register

Posted in: Malware, Privacy

Topic: Malware, Privacy


Latest Posts:


GKE Auditor - Detect Google Kubernetes Engine Misconfigurations GKE Auditor – Detect Google Kubernetes Engine Misconfigurations
GKE Auditor is a Java-based tool to detect Google Kubernetes Engine misconfigurations, it aims to help security & dev teams streamline the configuration process
zANTI - Android Wireless Hacking Tool Free Download zANTI – Android Wireless Hacking Tool Free Download
zANTI is an Android Wireless Hacking Tool that functions as a mobile penetration testing toolkit that lets you assess the risk level of a network using mobile.
HELK - Open Source Threat Hunting Platform HELK – Open Source Threat Hunting Platform
The Hunting ELK or simply the HELK is an Open-Source Threat Hunting Platform with advanced analytics capabilities such as SQL declarative language, graphing etc
trape - OSINT Analysis Tool For People Tracking Trape – OSINT Analysis Tool For People Tracking
Trape is an OSINT analysis tool, which allows people to track and execute intelligent social engineering attacks in real-time.
Fuzzilli - JavaScript Engine Fuzzing Library Fuzzilli – JavaScript Engine Fuzzing Library
Fuzzilii is a JavaScript engine fuzzing library, it's a coverage-guided fuzzer for dynamic language interpreters based on a custom intermediate language.
OWASP APICheck - HTTP API DevSecOps Toolset OWASP APICheck – HTTP API DevSecOps Toolset
APICheck is an HTTP API DevSecOps toolset, it integrates existing tools, creates execution chains easily and is designed for integration with 3rd parties.