summaryrefslogtreecommitdiff
path: root/updates/2011
diff options
context:
space:
mode:
author46halbe <46halbe@berlin.ccc.de>2011-10-30 00:11:53 +0000
committer46halbe <46halbe@berlin.ccc.de>2020-05-23 13:39:08 +0000
commit34998539d82c7150b8b59814ca2a5df1c8e43c9f (patch)
tree4b19a0327e20a2b2c825daa000d947db96c4c172 /updates/2011
parent3b9d0cb6466682cbf93075504a2f62a888c688cd (diff)
committing page revision 7
Diffstat (limited to 'updates/2011')
-rw-r--r--updates/2011/analysiert-aktueller-staatstrojaner.en.md89
1 files changed, 89 insertions, 0 deletions
diff --git a/updates/2011/analysiert-aktueller-staatstrojaner.en.md b/updates/2011/analysiert-aktueller-staatstrojaner.en.md
new file mode 100644
index 00000000..cc7ae061
--- /dev/null
+++ b/updates/2011/analysiert-aktueller-staatstrojaner.en.md
@@ -0,0 +1,89 @@
1title: Chaos Computer Club analyzes new German government spyware
2date: 2011-10-26 11:00:00
3updated: 2011-10-30 00:11:53
4author: presse
5tags: update, pressemitteilung, staatstrojaner
6previewimage: /images/0zapftisdiffed_1.png
7
8The Chaos Computer Club (CCC) has recently received a newer version of the "Staatstrojaner", a government spyware. The comparison with the older version, already analyzed by the CCC with the actual Sniffer-code from December 2010, revealed new evidence. Despite the claims of the responsible parties, the trojan can still be captured, loaded with any code and also the allegedly "audit trail" can be manipulated. The CCC is calling for a complete waiver of Trojans in pre-trial applications.
9
10<!-- TEASER_END -->
11
12On October 8th 2011, the CCC published the documentation and binary data
13regarding a German "Staatstrojaner". \[0\] This was used for the
14officially called computer infiltrations, trivially called
15"source-telecommunication surveillance". Its application in pre-trials
16and law enforcement meanwhile was admitted by many states.
17
18Despite the CCC has published solid technical evidence, the authorities
19responsible for internal affairs, as well as the manufacturer DigiTask,
20denied the existence of any illegal functionalities \[1\],\[2\],\[10\],
21and pleaded that the analyzed Trojan was allegedly an outdated software
22version.
23
24The excuses vary from "trial" to "prototype", DigiTask still insisted on
25October 11th 2011 to its governmental customers, that almost all
26problems are being solved in newer versions. The manufacturer DigiTask
27and the authorities view the functionality of code-reloading as a
28"natural need", for which the implication of fundamental rights
29violation is relative in any way. It serves a purpose, and therefore the
30aim justifies the means.
31
32Therefore, the CCC now presents a more detailed technical documentation
33of a newer version of the "Staatstrojaner" from the year 2010.\[3\] The
34testimony of DigiTask \[10\] is the basis of a detailed report that
35serves as a euphemistic attempt to conceal its illegal nature. At the
36same time, both disassembled versions of the Trojan, commented by the
37CCC, were made publicly available in order to ensure the traceability of
38the findings and to facilitate further research by interested parties.
39\[4\]
40
41„Even during the last three years, the authorities and their providers
42were clearly not capable of developing a "Staatstrojaner" which would
43meet the minimum of requirements for juridical evidence, basic law
44compliance and security against manipulation”, a CCC spokesperson summed
45up about the new findings. “By these concrete and principal reasons, it
46is logical not to expected that this would succeed in the future."
47
48The diagnosis of the new CCC report presents a strong contrast to the
49claims by the Interior Secretary Ole Schröder, who was the one who
50apparently had drawn the short straw and be the one to justify and
51answer questions of the parliament. There, he claimed: "The software is
52designed for each individual case and previously checked, so that it
53can't do more than it is allowed to." \[8\] Under the previously
54mentioned conditions, it is evident that the test wasn't very intense –
55how could it, without available source code.
56
57## Links:
58
59- \[0\] The first press release regarding the "Staatstrojaner": [Die
60 erste Pressemitteilung zum
61 Staatstrojaner](http://www.ccc.de/en/updates/2011/staatstrojaner "Erste Pressemitteilung")
62- \[1\]
63 <http://netzpolitik.org/wp-upload/174366-Bericht-BKA-Prasident-Ziercke_TOP-24a-24c_53.-InnenA-Sitzug.pdf>
64- \[2\]
65 <http://www.bundestag.de/dokumente/protokolle/plenarprotokolle/17132.pdf>
66- \[3\] German: [Technical
67 Report](http://www.ccc.de/system/uploads/83/original/staatstrojaner-report42.pdf)
68- \[4\] [Dissamblies with comments of both version of the
69 trojans](http://www.ccc.de/system/uploads/85/original/0zapftis-release-2.tbz)
70 and the
71 [binaries](http://www.ccc.de/system/uploads/84/original/0zapftis-3.6.44-binaries.tbz)
72- \[5\] Videos: <http://haha.kaputte.li/0zapftis-2_lowres-final.mov>\
73 <http://haha.kaputte.li/0zapftis-2_922x578-final.mov> (medium
74 resolution)\
75 <http://haha.kaputte.li/0zapftis-2_1230x770-final.mov> (high
76 resolution)
77- \[6\] Frank Braun: „[0zapftis – (Un)Zulässigkeit von
78 ,Staatstrojanern‘](http://www.kommunikationundrecht.de/delegate/resources/dok751.pdf?fileid=dok751.pdf_kur&type=asset)“.
79 In: Kommunikation & Recht 11/2011, S. 681-686
80- \[7\] [FAQ zum
81 Staatstrojaner](http://pi10.tumblr.com/post/11835810799/faq-zum-staatstrojaner)
82- \[8\] [Plenarprotokoll 17/132 des Deutschen
83 Bundestages](http://www.bundestag.de/dokumente/protokolle/plenarprotokolle/17132.pdf), 19.
84 Oktober 2011, S. 15604,
85- \[9\] Ulf Buermeyer, Matthias Bäcker: [Zur Rechtswidrigkeit der
86 Quellen-Telekommunikationsüberwachung auf Grundlage des § 100a StPO,
87 HRRS](http://www.hrr-strafrecht.de/hrr/archiv/09-10/index.php?sz=8)
88- \[10\] [testimony of
89 DigiTask](http://www.ccc.de/system/uploads/80/original/Stellungnahme_DigiTask.pdf)