committing page revision 7

author: 46halbe <46halbe@berlin.ccc.de> 2011-10-30 00:11:53 +0000
committer: 46halbe <46halbe@berlin.ccc.de> 2020-05-23 13:39:08 +0000
commit: 34998539d82c7150b8b59814ca2a5df1c8e43c9f (patch)
tree: 4b19a0327e20a2b2c825daa000d947db96c4c172 /updates/2011
parent: 3b9d0cb6466682cbf93075504a2f62a888c688cd (diff)
1 files changed, 89 insertions, 0 deletions
diff --git a/updates/2011/analysiert-aktueller-staatstrojaner.en.md b/updates/2011/analysiert-aktueller-staatstrojaner.en.md
new file mode 100644
index 00000000..cc7ae061
--- /dev/null
+++ b/updates/2011/analysiert-aktueller-staatstrojaner.en.md
@@ -0,0 +1,89 @@
+title: Chaos Computer Club analyzes new German government spyware
+date: 2011-10-26 11:00:00 
+updated: 2011-10-30 00:11:53 
+author: presse
+tags: update, pressemitteilung, staatstrojaner
+previewimage: /images/0zapftisdiffed_1.png
+The Chaos Computer Club (CCC) has recently received a newer version of the "Staatstrojaner", a government spyware. The comparison with the older version, already analyzed by the CCC with the actual Sniffer-code from December 2010, revealed new evidence. Despite the claims of the responsible parties, the trojan can still be captured, loaded with any code and also the allegedly "audit trail" can be manipulated. The CCC is calling for a complete waiver of Trojans in pre-trial applications.
+<!-- TEASER_END -->
+On October 8th 2011, the CCC published the documentation and binary data
+regarding a German "Staatstrojaner". \[0\] This was used for the
+officially called computer infiltrations, trivially called
+"source-telecommunication surveillance". Its application in pre-trials
+and law enforcement meanwhile was admitted by many states.
+Despite the CCC has published solid technical evidence, the authorities
+responsible for internal affairs, as well as the manufacturer DigiTask,
+denied the existence of any illegal functionalities \[1\],\[2\],\[10\],
+and pleaded that the analyzed Trojan was allegedly an outdated software
+version.
+The excuses vary from "trial" to "prototype", DigiTask still insisted on
+October 11th 2011 to its governmental customers, that almost all
+problems are being solved in newer versions. The manufacturer DigiTask
+and the authorities view the functionality of code-reloading as a
+"natural need", for which the implication of fundamental rights
+violation is relative in any way. It serves a purpose, and therefore the
+aim justifies the means.
+Therefore, the CCC now presents a more detailed technical documentation
+of a newer version of the "Staatstrojaner" from the year 2010.\[3\] The
+testimony of DigiTask \[10\] is the basis of a detailed report that
+serves as a euphemistic attempt to conceal its illegal nature. At the
+same time, both disassembled versions of the Trojan, commented by the
+CCC, were made publicly available in order to ensure the traceability of
+the findings and to facilitate further research by interested parties.
+\[4\]
+„Even during the last three years, the authorities and their providers
+were clearly not capable of developing a "Staatstrojaner" which would
+meet the minimum of requirements for juridical evidence, basic law
+compliance and security against manipulation”, a CCC spokesperson summed
+up about the new findings. “By these concrete and principal reasons, it
+is logical not to expected that this would succeed in the future."
+The diagnosis of the new CCC report presents a strong contrast to the
+claims by the Interior Secretary Ole Schröder, who was the one who
+apparently had drawn the short straw and be the one to justify and
+answer questions of the parliament. There, he claimed: "The software is
+designed for each individual case and previously checked, so that it
+can't do more than it is allowed to." \[8\] Under the previously
+mentioned conditions, it is evident that the test wasn't very intense –
+how could it, without available source code.
+## Links:
+-   \[0\] The first press release regarding the "Staatstrojaner": [Die
+    erste Pressemitteilung zum
+    Staatstrojaner](http://www.ccc.de/en/updates/2011/staatstrojaner "Erste Pressemitteilung")
+-   \[1\]
+    <http://netzpolitik.org/wp-upload/174366-Bericht-BKA-Prasident-Ziercke_TOP-24a-24c_53.-InnenA-Sitzug.pdf>
+-   \[2\]
+    <http://www.bundestag.de/dokumente/protokolle/plenarprotokolle/17132.pdf>
+-   \[3\] German: [Technical
+    Report](http://www.ccc.de/system/uploads/83/original/staatstrojaner-report42.pdf)
+-   \[4\] [Dissamblies with comments of both version of the
+    trojans](http://www.ccc.de/system/uploads/85/original/0zapftis-release-2.tbz)
+    and the
+    [binaries](http://www.ccc.de/system/uploads/84/original/0zapftis-3.6.44-binaries.tbz)
+-   \[5\] Videos: <http://haha.kaputte.li/0zapftis-2_lowres-final.mov>\
+    <http://haha.kaputte.li/0zapftis-2_922x578-final.mov> (medium
+    resolution)\
+    <http://haha.kaputte.li/0zapftis-2_1230x770-final.mov> (high
+    resolution)
+-   \[6\] Frank Braun: „[0zapftis – (Un)Zulässigkeit von
+    ,Staatstrojanern‘](http://www.kommunikationundrecht.de/delegate/resources/dok751.pdf?fileid=dok751.pdf_kur&type=asset)“.
+    In: Kommunikation & Recht 11/2011, S. 681-686
+-   \[7\] [FAQ zum
+    Staatstrojaner](http://pi10.tumblr.com/post/11835810799/faq-zum-staatstrojaner)
+-   \[8\] [Plenarprotokoll 17/132 des Deutschen
+    Bundestages](http://www.bundestag.de/dokumente/protokolle/plenarprotokolle/17132.pdf), 19.
+    Oktober 2011, S. 15604,
+-   \[9\] Ulf Buermeyer, Matthias Bäcker: [Zur Rechtswidrigkeit der
+    Quellen-Telekommunikationsüberwachung auf Grundlage des § 100a StPO,
+    HRRS](http://www.hrr-strafrecht.de/hrr/archiv/09-10/index.php?sz=8)
+-   \[10\] [testimony of
+    DigiTask](http://www.ccc.de/system/uploads/80/original/Stellungnahme_DigiTask.pdf)
author	46halbe <46halbe@berlin.ccc.de>	2011-10-30 00:11:53 +0000
committer	46halbe <46halbe@berlin.ccc.de>	2020-05-23 13:39:08 +0000
commit	34998539d82c7150b8b59814ca2a5df1c8e43c9f (patch)
tree	4b19a0327e20a2b2c825daa000d947db96c4c172 /updates/2011
parent	3b9d0cb6466682cbf93075504a2f62a888c688cd (diff)

diff --git a/updates/2011/analysiert-aktueller-staatstrojaner.en.md b/updates/2011/analysiert-aktueller-staatstrojaner.en.md new file mode 100644 index 00000000..cc7ae061 --- /dev/null +++ b/updates/2011/analysiert-aktueller-staatstrojaner.en.md
@@ -0,0 +1,89 @@
	1	title: Chaos Computer Club analyzes new German government spyware
	2	date: 2011-10-26 11:00:00
	3	updated: 2011-10-30 00:11:53
	4	author: presse
	5	tags: update, pressemitteilung, staatstrojaner
	6	previewimage: /images/0zapftisdiffed_1.png
	7
	8	The Chaos Computer Club (CCC) has recently received a newer version of the "Staatstrojaner", a government spyware. The comparison with the older version, already analyzed by the CCC with the actual Sniffer-code from December 2010, revealed new evidence. Despite the claims of the responsible parties, the trojan can still be captured, loaded with any code and also the allegedly "audit trail" can be manipulated. The CCC is calling for a complete waiver of Trojans in pre-trial applications.
	9
	10	<!-- TEASER_END -->
	11
	12	On October 8th 2011, the CCC published the documentation and binary data
	13	regarding a German "Staatstrojaner". \[0\] This was used for the
	14	officially called computer infiltrations, trivially called
	15	"source-telecommunication surveillance". Its application in pre-trials
	16	and law enforcement meanwhile was admitted by many states.
	17
	18	Despite the CCC has published solid technical evidence, the authorities
	19	responsible for internal affairs, as well as the manufacturer DigiTask,
	20	denied the existence of any illegal functionalities \[1\],\[2\],\[10\],
	21	and pleaded that the analyzed Trojan was allegedly an outdated software
	22	version.
	23
	24	The excuses vary from "trial" to "prototype", DigiTask still insisted on
	25	October 11th 2011 to its governmental customers, that almost all
	26	problems are being solved in newer versions. The manufacturer DigiTask
	27	and the authorities view the functionality of code-reloading as a
	28	"natural need", for which the implication of fundamental rights
	29	violation is relative in any way. It serves a purpose, and therefore the
	30	aim justifies the means.
	31
	32	Therefore, the CCC now presents a more detailed technical documentation
	33	of a newer version of the "Staatstrojaner" from the year 2010.\[3\] The
	34	testimony of DigiTask \[10\] is the basis of a detailed report that
	35	serves as a euphemistic attempt to conceal its illegal nature. At the
	36	same time, both disassembled versions of the Trojan, commented by the
	37	CCC, were made publicly available in order to ensure the traceability of
	38	the findings and to facilitate further research by interested parties.
	39	\[4\]
	40
	41	„Even during the last three years, the authorities and their providers
	42	were clearly not capable of developing a "Staatstrojaner" which would
	43	meet the minimum of requirements for juridical evidence, basic law
	44	compliance and security against manipulation”, a CCC spokesperson summed
	45	up about the new findings. “By these concrete and principal reasons, it
	46	is logical not to expected that this would succeed in the future."
	47
	48	The diagnosis of the new CCC report presents a strong contrast to the
	49	claims by the Interior Secretary Ole Schröder, who was the one who
	50	apparently had drawn the short straw and be the one to justify and
	51	answer questions of the parliament. There, he claimed: "The software is
	52	designed for each individual case and previously checked, so that it
	53	can't do more than it is allowed to." \[8\] Under the previously
	54	mentioned conditions, it is evident that the test wasn't very intense –
	55	how could it, without available source code.
	56
	57	## Links:
	58
	59	- \[0\] The first press release regarding the "Staatstrojaner": [Die
	60	erste Pressemitteilung zum
	61	Staatstrojaner](http://www.ccc.de/en/updates/2011/staatstrojaner "Erste Pressemitteilung")
	62	- \[1\]
	63	<http://netzpolitik.org/wp-upload/174366-Bericht-BKA-Prasident-Ziercke_TOP-24a-24c_53.-InnenA-Sitzug.pdf>
	64	- \[2\]
	65	<http://www.bundestag.de/dokumente/protokolle/plenarprotokolle/17132.pdf>
	66	- \[3\] German: [Technical
	67	Report](http://www.ccc.de/system/uploads/83/original/staatstrojaner-report42.pdf)
	68	- \[4\] [Dissamblies with comments of both version of the
	69	trojans](http://www.ccc.de/system/uploads/85/original/0zapftis-release-2.tbz)
	70	and the
	71	[binaries](http://www.ccc.de/system/uploads/84/original/0zapftis-3.6.44-binaries.tbz)
	72	- \[5\] Videos: <http://haha.kaputte.li/0zapftis-2_lowres-final.mov>\
	73	<http://haha.kaputte.li/0zapftis-2_922x578-final.mov> (medium
	74	resolution)\
	75	<http://haha.kaputte.li/0zapftis-2_1230x770-final.mov> (high
	76	resolution)
	77	- \[6\] Frank Braun: „[0zapftis – (Un)Zulässigkeit von
	78	,Staatstrojanern‘](http://www.kommunikationundrecht.de/delegate/resources/dok751.pdf?fileid=dok751.pdf_kur&type=asset)“.
	79	In: Kommunikation & Recht 11/2011, S. 681-686
	80	- \[7\] [FAQ zum
	81	Staatstrojaner](http://pi10.tumblr.com/post/11835810799/faq-zum-staatstrojaner)
	82	- \[8\] [Plenarprotokoll 17/132 des Deutschen
	83	Bundestages](http://www.bundestag.de/dokumente/protokolle/plenarprotokolle/17132.pdf), 19.
	84	Oktober 2011, S. 15604,
	85	- \[9\] Ulf Buermeyer, Matthias Bäcker: [Zur Rechtswidrigkeit der
	86	Quellen-Telekommunikationsüberwachung auf Grundlage des § 100a StPO,
	87	HRRS](http://www.hrr-strafrecht.de/hrr/archiv/09-10/index.php?sz=8)
	88	- \[10\] [testimony of
	89	DigiTask](http://www.ccc.de/system/uploads/80/original/Stellungnahme_DigiTask.pdf)