committing page revision 1

author: erdgeist <erdgeist@erdgeist.org> 2011-10-08 18:56:37 +0000
committer: erdgeist <erdgeist@erdgeist.org> 2020-05-23 13:39:06 +0000
commit: 83f4ce3d5bd1d7aa9a21c1342ca70e546f5b8302 (patch)
tree: c5d355b7f7e7ad22e73f0fdd67f8fbfa0185199f /updates/2011
parent: 95a7c182827460853901666483224f6c6f6607ef (diff)
1 files changed, 240 insertions, 0 deletions
diff --git a/updates/2011/staatstrojaner.en.md b/updates/2011/staatstrojaner.en.md
new file mode 100644
index 00000000..0284647e
--- /dev/null
+++ b/updates/2011/staatstrojaner.en.md
@@ -0,0 +1,240 @@
+title: Chaos Computer Club analyzes government malware
+date: 2011-10-08 19:00:00 
+updated: 2011-10-08 18:56:37 
+author: admin
+tags: update, pressemitteilung
+previewimage: /images/0zapftis.png
+The largest European hacker club, "Chaos Computer Club" (CCC), has reverse engineered and analyzed a "lawful interception" malware program used by German police forces. It has been found in the wild and submitted to the CCC anonymously. The malware can not only siphon away intimate data but also offers a remote control or backdoor functionality for uploading and executing arbitrary other programs. Significant design and implementation flaws make all of the functionality available to anyone on the internet.
+<!-- TEASER_END -->
+Even before the German constitutional court ("Bundesverfassungsgericht")
+on February 27 2008 forbade the use of malware to manipulate German
+citizen's PCs, the German government introduced a less conspicuous
+newspeak variant of the term spy software: "Quellen-TKÜ" (the term means
+"source wiretapping" or lawful interception at the source). This
+Quellen-TKÜ can by definition only be used for wiretapping internet
+telephony. The court also said that this has to be enforced through
+technical and legal means.
+The CCC now published the extracted binary files \[0\] of the government
+malware that was used for "Quellen-TKÜ", together with a report about
+the functionality found and our conclusions about these findings \[1\].
+During this analysis, the CCC wrote its own remote control software for
+the trojan.
+The CCC analysis reveals functionality in the "Bundestrojaner light"
+(Bundestrojaner meaning "federal trojan" and is the colloquial German
+term for the original government malware concept) concealed as
+"Quellen-TKÜ" that go much further than to just observe and intercept
+internet based telecommunication, and thus violates the terms set by the
+constitutional court. The trojan can, for example, receive uploads of
+arbitrary programs from the Internet and execute them remotely. This
+means, an "upgrade path" from Quellen-TKÜ to the full Bundestrojaner's
+functionality is built-in right from the start. Activation of the
+computer's hardware like microphone or camera can be used for room
+surveillance.
+The analysis concludes, that the trojan's developers never even tried to
+put in technical safeguards to make sure the malware can exclusively be
+used for wiretapping internet telephony, as set forth by the
+constitution court. On the contrary, the design included functionality
+to clandestinely add more components over the network right from the
+start, making it a bridge-head to further infiltrate the computer.
+"This refutes the claim that an effective separation of just wiretapping
+internet telephony and a full-blown trojan is possible in practice – or
+even desired," commented a CCC speaker. "Our analysis revealed once
+again that law enforcement agencies will overstep their authority if not
+watched carefully. In this case functions clearly intended for breaking
+the law were implemented in this malware: they were meant for uploading
+and executing arbitrary code on the targeted system."
+The government malware can, unchecked by a judge, load extensions by
+remote control, to use the trojan for other functions, including but not
+limited to eavesdropping. This complete control over the infected PC –
+owing to the poor craftsmanship that went into this trojan –  is open
+not just to the agency that put it there, but to everyone. It could even
+be used to upload falsified "evidence" against the PC's owner, or to
+delete files, which puts the whole rationale for this method of
+investigation into question.
+But the trojan's built-in functions are scary enough, even without
+extending it by new moduls. For the analysis, the CCC wrote it's own
+control terminal software, that can be used to remotely control infected
+PCs over the internet. With its help it is possible to watch screenshots
+of the web browser on the infected PC – including private notices,
+emails or texts in web based cloud services.
+The official claim of a strict separation of lawful interception of
+internet telephony and the digital sphere of privacy has no basis in
+reality. \[NB: The German constitutional court ruled that there is a
+sphere of privacy that is afforded total protection and can never be
+breached, no matter for what reason, for example keeping a diary or
+husband and wife talking in the bedroom. Government officials in Germany
+argued that it is possible to avoid listening in on this part but still
+eavesdrop electronically. The constitutional court has created the
+concept of "Kernbereich privater Lebensgestaltung", core area of private
+life. The CCC is basically arguing that nowadays a person's laptop is
+intrinsically part of this core area because people put private notes
+there and keep a diary on it\] The fact that a judge has to sign the
+warrant does not protect the privacy, because the data are being taken
+directly from the core area of private life.
+The legislator should put an end to the ever growing expansion of
+computer spying that has been getting out of hand in recent years, and
+finally come up with an unambiguous definition for the digital privacy
+sphere and with a way to protect it effectively. Unfortunately, for too
+long the legislator has been guided by demands for technical
+surveillance, not by values like freedom or the question of how to
+protect our values in a digital world. It is now obvious that he is no
+longer able to oversee the technology, let alone control it.
+The analysis also revealed serious security holes that the trojan is
+tearing into infected systems. The screenshots and audio files it sends
+out are encrypted in an incompetent way, the commands from the control
+software to the trojan are even completely unencrypted. Neither the
+commands to the trojan nor its replies are authenticated or have their
+integrity protected. Not only can unauthorized third parties assume
+control of the infected system, but even attackers of mediocre skill
+level can connect to the authorities, claim to be a specific instance of
+the trojan, and upload fake data. It is even conceivable that the law
+enforcement agencies's IT infrastructure could be attacked through this
+channel. The CCC has not yet performed a penetration test on the server
+side of the trojan infrastructure.
+"We were surprised and shocked by the lack of even elementary security
+in the code. Any attacker could assume control of a computer infiltrated
+by the German law enforcement authorities", commented a speaker of the
+CCC. "The security level this trojan leaves the infected systems in is
+comparable to it setting all passwords to '1234'".
+To avoid revealing the location of the command and control server, all
+data is redirected through a rented dedicated server in a data center in
+the USA. The control of this malware is only partially within the
+borders of its jurisdiction. The instrument could therefore violate the
+fundamental principle of national sovereignty. Considering the
+incompetent encryption and the missing digital signatures on the command
+channel, this poses an unacceptable and incalculable risk. It also poses
+the question how a citizen is supposed to get their right of legal
+redress in the case the wiretapping data get lost outside Germany, or
+the command channel is misused.
+According to our hacker ethics and to avoid tipping off criminals who
+are being investigated, the CCC has informed the German ministry of the
+interior. They have had enough time to activate the existing self
+destruct function of the trojan.
+When arguing about the government authorized infiltration of computers
+and secretly scanning suspects' hard drives, the former minister of the
+interior Wolfgang Schäuble and Jörg Ziercke, BKA's president (BKA,
+German federal policy agency), have always claimed that the population
+should not worry because there would only be "a handful" of cases where
+the trojan would be used at all. Either almost the complete set of
+government malware has found their way in brown envelopes to the CCC's
+mailbox, or the truth has been leapfrogged once again by the reality of
+eavesdropping and "lawful interception".
+The other promises made by the officials also are not basis in reality.
+In 2008 the CCC was told that all versions of the "Quellen-TKÜ" software
+would manually be hand-crafted for the specifics of each case. The CCC
+now has access to several software versions of the trojan, and they all
+use the same hard-coded cryptographic key and do not look hand-crafted
+at all. Another promise has been that the trojan would be subject to
+exceptionally strict quality control to make sure the rules set forth by
+the constitutional court would not be violated. In reality this
+exceptionally strict quality control has neither found that the key is
+hard coded, nor that the "encryption" is uni-directional only, nor that
+there is a back door for uploading and executing further malware. The
+CCC expressed hope that this farce is not representative for
+exceptionally strict quality control in federal agencies.
+The CCC demands: The clandestine infiltration of IT systems by
+government agencies must stop. At the same time we would like to call on
+all hackers and people interested in technology to further analyze the
+malware, so that at least some benefit can be reaped from this
+embarrassing eavesdropping attempt. Also, we will gladly continue to
+receive copies of other versions of government malware off your hands.
+\[4\]
+**Links**:
+\[0\]
+[Binaries](http://www.ccc.de/system/uploads/77/original/0zapftis-release.tgz "Cleaned up binaries release")
+\[1\] [Analysis of the government malware
+(German)](http://www.ccc.de/system/uploads/76/original/staatstrojaner-report23.pdf "Analysis of the government malware")
+\[4\] [BigBrotherAwards 2009](http://www.bigbrotherawards.de/2009/.com),
+Category Business: companies selling internet and phone surveillance
+technology
+\[5\] [0zapftis (at)
+ccc.de](mailto:0zapftis(at)ccc.de "Mail to the analysis' authors") use
+the PGP key below:
+    -----BEGIN PGP PUBLIC KEY BLOCK-----
+    Version: GnuPG v1.4.9 (Darwin)
+    mQINBE6OIJYBEADA8V/CA60MHsizwIEk46q3Tw2/DceWdN5jpqr8xD00vhjLMjBx
+    kFgbZdou6yrYnZbrTC72dQbqj/e0KJaj5gmDjzEb29GKxFRbZkhjMSxYPBb4rawJ
+    MRQdv/o/Olsf7ucLCEMRjuNxxczpo5dayDZC1yT4P/PcERscOM1RIOkM+Iaqde4v
+    ApEZavNMrXBlV/s/cQ6gMnzqyzv9dNRaUN8BbNWufWmvue22DUR2kUpsEWYfXBe6
+    o70k8nxe91uHBDnfjL12n2E7kI79+umniOdXYPQgfzBLTnAgCjHjt+Xy75LOiYXt
+    ea7KPaGZoe9RuV+gAcK0G+NElDF7PjeuHbsV3YLXuQ7wjmbsn6qjpxl2E6C+vY30
+    29+4Si7FgwKLlJ/NVrAg90OGEQ13BvPGFUq5rES/ILs31fa7jcIXKaF+ADcMs9o3
+    ymXQF/wU1ENyUMtLsEz9DZ8yKgLVmLlieVmaiMPaJXSFYyHTccJoJ48QfYQARuMa
+    OR+bMhW/wWoubIKgj1tL35GF9fJ0hYpwtMG+Xfyi/JG8fJHV8J01sKG5w/UaBAY1
+    T4quFIHcdMjoRXwtExCsDjyqHRJAakL4WZEjulb3ReGVfuk+pVXTG4Hsp3E8oVKT
+    v62ahMg7X5ugek232DwUTzfU77sNkcTiuXokPMswbEIfp5zmm9pUhalcnQARAQAB
+    tDcwIFphcGZ0IElzISBSZXZlcnNlIEVuZ2luZWVyaW5nIElucHV0IDwwemFwZnRp
+    c0BjY2MuZGU+iQI+BBMBAgAoBQJOjiCWAhsvBQkHhh+ABgsJCAcDAgYVCAIJCgsE
+    FgIDAQIeAQIXgAAKCRDwbQurk8EwoEHBD/4vkbPzdBw9Ra7IBJCFe6aTUlw4qskU
+    WM+2hyC06wOWgZM8KiGABFabInJ+2krc+humAuRJoZPySoHyOi/QY9ND033FgkhX
+    Vea9EJpZRm0tJmbFMlFLzwT9fZ5r7GL0xLrQKoMEK3vUd0b3xQBqeaFEpB+VfU8Q
+    vKmgTG4dO8pYKVe3/MnjAkS6fUUFOsl9QvHCW8+u2Qn4fl7mUygBTLfK4y2KDruh
+    rh3EjeSuSaMdkNlXLDyEI5Hxttn0fTDp8K2Sh15qaeR1uMrwtxPHZRuSUw7jZ7xH
+    24eUjJ4ipnwLMqeTNiL5JBwzQIRp9pb1cjiNuhxUCT4tGBPTeHgPR2MeEbBfFuYJ
+    JnSEEO8VRStZXWWAKHj1ku8+YQ90SmFloRAbjlrkZpJn+vrj66wyGyzVbe1bD3Gy
+    jokwVEhcierUaSpUq9ChBIB+vbMQZlchUfIGZPln/WOuwSgo2L6CNTfcA/6FvHYu
+    +2Mg5VoeHOxQm28ZXjqCsODx3+j476S9VlHIDsBRmqPbOUoEzY2VIAyDzTlQE5Kn
+    kBGp8FXk68QYVSS+ZI00cLtoDZlDD22scjn6qDk1y6oHuUnP9UoIF8t2kR1j9xG3
+    FKrSNufwivgkZ3Fr2n+s9jYMom8YfZi15coNntyYSo7WQOgA29Ssfu8dfG56cdUc
+    WPrcjLfEcjvPMrkCDQROjiCWARAA4dsiBRvVSRN0YFW8iYJNqH0jzu/CwbjsQAOt
+    N6xM8OrjEsu3y82q0g/NryJJ4cVq3kl4r+WDoCwD2wR+oT4oMmg5jWtrs8lSikaG
+    6Gl1W8e81zkyvDol8+BQLFEDxyyOZ313rQznP8RsBzk8u8x1YBPNyeHEJMF3dusm
+    HUgQW2DY/eUUZQJARb9CHp2DTduTlQbkTPeDnFm6lrvduJyee98QeP+nCw9vTok0
+    uWc5o9p4VgY+koX10E++iFRlz9rwNzFT2vHPm5MeG1ZITbWjS17ZQNHsgbOdMDUk
+    08zQOYl29N4IuXRD1zRhs96oDwuxlo1rUE7A8vtf/6S6RETxkS7ykH1csCWrw6s/
+    CjaioVVoyWIEvCzn60P8kUCsLJCiXTE4rcdaY9eysM1jeNC2t7BpmuY6gSqBwM5m
+    0VfL86mCIZcE0AaxtrifjjwG8hlnlodyD0Ugi9tO87rPq204wplTMm6iZblKya5a
+    vzQdKckXOXd4DBSB1fKoZBWAFIuZ2asHa57CsZLXAsM1a1b/eGUIilBN6/bXboum
+    Gv2q+yF91kEP4tv+5fWLRJOgyUOiljB4g0JN1n9JfnM2iHaX7wcFh+jCnpX+1xZJ
+    E8urrUEPpt4IOCHB/mJAk2rCrCY69WWJTjuaXIc178TioWDWr+eDuDyENa9pbTCx
+    5paebg8AEQEAAYkERAQYAQIADwUCTo4glgIbLgUJB4YfgAIpCRDwbQurk8EwoMFd
+    IAQZAQIABgUCTo4glgAKCRBebJ87j17H3iJID/9UVR9HIxmQtQPADWXZxjnNePw1
+    32O1+Syd9j9JgYczHooudki6mx55ydFHEyu4oDJ7az0UiV92GEl7XV3iwBppf9Ja
+    WvZ5WvWMX4F/ZmmDWENXqQeniqIUlKa9XmA9jhYAEwy7198pbD/qsGBMioDVai0f
+    GTYUiBwHt2spu1uopx30spK/RwBKvbH6cbtGmOvfpXmgsFagtg6kPZPbfGZ3Iumh
+    yWHP4zd/+VcAOkjJv844Nuloh4VMPfwiInakG9bZzg4Ky5kGqB+Vl2WCZSOiVVGo
+    C4JmdMO7IMkBPMRNXQw23rhWWJVjsnF+nT/TnDlnH7g067IZ5YOZftwSun78Cjb1
+    sRmwCaj9iNbTwEUnES8Clni/AAirYvXs0Isu67WN1lJWUSwAavs6Thswhvpnrsq7
+    v0svvtmOU1pZVmYGmOFn8xAC+iK1PHFL4BH8NEhkiCMqBfH0pGIjl/hZk60r6Gtf
+    BNB0Fjt/HOQYVHNaQvbpPhWCLYxeVEUfMk9rRE1FlyzYGhBa/pG5ECoJGNQGriGC
+    bB4hzSmwjVqaP7N3qzfeP6xQT4y5A7Xe2zN9FnOO8+vjQ6hMMX4Ch4YDaxuHS3C7
+    4eQTgmJ9CWERuUBz/AdEobY+sakH+2PHN2eBgwbLBX5ti3YKy1L7DE3EZibKwWm5
+    D4C9KHCwUpT/unjQ9gM9EACHIFOBbxZF/2o4w6VdrsYYBUcihaEtDMc9sywNTwBF
+    jsxbJM4GHvtwlJlunMp1Iz62f9dL+hAUe76UCq2i7W9eVlT8Pp3xR0+z2Ini1PbG
+    nfgpsbI9q0ncUlGyo+o/fVNASQqqvfGsfU6SuKapwvMdqK6p7G4y+1XodRHChzli
+    v9WV2GRXNSp5jTuU7FZzCUaHilIU1Xh9P2eo/5/QwTvxkHdEssbCtK6hsWNS/ot9
+    9IRRB5x3Sr2pnb8JiiZrvwh2YlqaD0cs0gViA5gZXTsOVb6IzcaMgnG4M4xu+fgz
+    U+G9jHbwWj9UHcEUPEl5rRmrMTpeu5f2xRZddlbDW1QKREATXZkROsP3GLmXMESe
+    af7BF3+JtUTajYjxQxYwW6hQLkGc4wsIO4nWDFbk/lBh9T25mzTpo54WblDEq9yQ
+    K83zwI2BC3NFqRoZ9IrC3wJsic5T0/bIKALFXo5quK4pE7xt2+c6VQosymeWBk5q
+    Exy6jS1C6RjZGF4qXVPznejivZ9jEv4xUh+BXSMKnZCN9SZIzhWU3K6aqacY8LVm
+    mWE4MA8GJ0dUiw+egWacFBJFRg1I6p1NbuUIlU1WdGne2hyz7djbFofLay15x1Lo
+    wYTTAi2gmp8vxHoZoI30dCJZTtVKb1vIEOE9Tz5Cl/UOVMxtqANGr9/GdVLPY2NB
+    ZQ==
+    =jS/I
+    -----END PGP PUBLIC KEY BLOCK-----
author	erdgeist <erdgeist@erdgeist.org>	2011-10-08 18:56:37 +0000
committer	erdgeist <erdgeist@erdgeist.org>	2020-05-23 13:39:06 +0000
commit	83f4ce3d5bd1d7aa9a21c1342ca70e546f5b8302 (patch)
tree	c5d355b7f7e7ad22e73f0fdd67f8fbfa0185199f /updates/2011
parent	95a7c182827460853901666483224f6c6f6607ef (diff)

diff --git a/updates/2011/staatstrojaner.en.md b/updates/2011/staatstrojaner.en.md new file mode 100644 index 00000000..0284647e --- /dev/null +++ b/updates/2011/staatstrojaner.en.md
@@ -0,0 +1,240 @@
	1	title: Chaos Computer Club analyzes government malware
	2	date: 2011-10-08 19:00:00
	3	updated: 2011-10-08 18:56:37
	4	author: admin
	5	tags: update, pressemitteilung
	6	previewimage: /images/0zapftis.png
	7
	8	The largest European hacker club, "Chaos Computer Club" (CCC), has reverse engineered and analyzed a "lawful interception" malware program used by German police forces. It has been found in the wild and submitted to the CCC anonymously. The malware can not only siphon away intimate data but also offers a remote control or backdoor functionality for uploading and executing arbitrary other programs. Significant design and implementation flaws make all of the functionality available to anyone on the internet.
	9
	10	<!-- TEASER_END -->
	11
	12	Even before the German constitutional court ("Bundesverfassungsgericht")
	13	on February 27 2008 forbade the use of malware to manipulate German
	14	citizen's PCs, the German government introduced a less conspicuous
	15	newspeak variant of the term spy software: "Quellen-TKÜ" (the term means
	16	"source wiretapping" or lawful interception at the source). This
	17	Quellen-TKÜ can by definition only be used for wiretapping internet
	18	telephony. The court also said that this has to be enforced through
	19	technical and legal means.
	20
	21	The CCC now published the extracted binary files \[0\] of the government
	22	malware that was used for "Quellen-TKÜ", together with a report about
	23	the functionality found and our conclusions about these findings \[1\].
	24	During this analysis, the CCC wrote its own remote control software for
	25	the trojan.
	26
	27	The CCC analysis reveals functionality in the "Bundestrojaner light"
	28	(Bundestrojaner meaning "federal trojan" and is the colloquial German
	29	term for the original government malware concept) concealed as
	30	"Quellen-TKÜ" that go much further than to just observe and intercept
	31	internet based telecommunication, and thus violates the terms set by the
	32	constitutional court. The trojan can, for example, receive uploads of
	33	arbitrary programs from the Internet and execute them remotely. This
	34	means, an "upgrade path" from Quellen-TKÜ to the full Bundestrojaner's
	35	functionality is built-in right from the start. Activation of the
	36	computer's hardware like microphone or camera can be used for room
	37	surveillance.
	38
	39	The analysis concludes, that the trojan's developers never even tried to
	40	put in technical safeguards to make sure the malware can exclusively be
	41	used for wiretapping internet telephony, as set forth by the
	42	constitution court. On the contrary, the design included functionality
	43	to clandestinely add more components over the network right from the
	44	start, making it a bridge-head to further infiltrate the computer.
	45
	46	"This refutes the claim that an effective separation of just wiretapping
	47	internet telephony and a full-blown trojan is possible in practice – or
	48	even desired," commented a CCC speaker. "Our analysis revealed once
	49	again that law enforcement agencies will overstep their authority if not
	50	watched carefully. In this case functions clearly intended for breaking
	51	the law were implemented in this malware: they were meant for uploading
	52	and executing arbitrary code on the targeted system."
	53
	54	The government malware can, unchecked by a judge, load extensions by
	55	remote control, to use the trojan for other functions, including but not
	56	limited to eavesdropping. This complete control over the infected PC –
	57	owing to the poor craftsmanship that went into this trojan – is open
	58	not just to the agency that put it there, but to everyone. It could even
	59	be used to upload falsified "evidence" against the PC's owner, or to
	60	delete files, which puts the whole rationale for this method of
	61	investigation into question.
	62
	63	But the trojan's built-in functions are scary enough, even without
	64	extending it by new moduls. For the analysis, the CCC wrote it's own
	65	control terminal software, that can be used to remotely control infected
	66	PCs over the internet. With its help it is possible to watch screenshots
	67	of the web browser on the infected PC – including private notices,
	68	emails or texts in web based cloud services.
	69
	70	The official claim of a strict separation of lawful interception of
	71	internet telephony and the digital sphere of privacy has no basis in
	72	reality. \[NB: The German constitutional court ruled that there is a
	73	sphere of privacy that is afforded total protection and can never be
	74	breached, no matter for what reason, for example keeping a diary or
	75	husband and wife talking in the bedroom. Government officials in Germany
	76	argued that it is possible to avoid listening in on this part but still
	77	eavesdrop electronically. The constitutional court has created the
	78	concept of "Kernbereich privater Lebensgestaltung", core area of private
	79	life. The CCC is basically arguing that nowadays a person's laptop is
	80	intrinsically part of this core area because people put private notes
	81	there and keep a diary on it\] The fact that a judge has to sign the
	82	warrant does not protect the privacy, because the data are being taken
	83	directly from the core area of private life.
	84
	85	The legislator should put an end to the ever growing expansion of
	86	computer spying that has been getting out of hand in recent years, and
	87	finally come up with an unambiguous definition for the digital privacy
	88	sphere and with a way to protect it effectively. Unfortunately, for too
	89	long the legislator has been guided by demands for technical
	90	surveillance, not by values like freedom or the question of how to
	91	protect our values in a digital world. It is now obvious that he is no
	92	longer able to oversee the technology, let alone control it.
	93
	94	The analysis also revealed serious security holes that the trojan is
	95	tearing into infected systems. The screenshots and audio files it sends
	96	out are encrypted in an incompetent way, the commands from the control
	97	software to the trojan are even completely unencrypted. Neither the
	98	commands to the trojan nor its replies are authenticated or have their
	99	integrity protected. Not only can unauthorized third parties assume
	100	control of the infected system, but even attackers of mediocre skill
	101	level can connect to the authorities, claim to be a specific instance of
	102	the trojan, and upload fake data. It is even conceivable that the law
	103	enforcement agencies's IT infrastructure could be attacked through this
	104	channel. The CCC has not yet performed a penetration test on the server
	105	side of the trojan infrastructure.
	106
	107	"We were surprised and shocked by the lack of even elementary security
	108	in the code. Any attacker could assume control of a computer infiltrated
	109	by the German law enforcement authorities", commented a speaker of the
	110	CCC. "The security level this trojan leaves the infected systems in is
	111	comparable to it setting all passwords to '1234'".
	112
	113	To avoid revealing the location of the command and control server, all
	114	data is redirected through a rented dedicated server in a data center in
	115	the USA. The control of this malware is only partially within the
	116	borders of its jurisdiction. The instrument could therefore violate the
	117	fundamental principle of national sovereignty. Considering the
	118	incompetent encryption and the missing digital signatures on the command
	119	channel, this poses an unacceptable and incalculable risk. It also poses
	120	the question how a citizen is supposed to get their right of legal
	121	redress in the case the wiretapping data get lost outside Germany, or
	122	the command channel is misused.
	123
	124	According to our hacker ethics and to avoid tipping off criminals who
	125	are being investigated, the CCC has informed the German ministry of the
	126	interior. They have had enough time to activate the existing self
	127	destruct function of the trojan.
	128
	129	When arguing about the government authorized infiltration of computers
	130	and secretly scanning suspects' hard drives, the former minister of the
	131	interior Wolfgang Schäuble and Jörg Ziercke, BKA's president (BKA,
	132	German federal policy agency), have always claimed that the population
	133	should not worry because there would only be "a handful" of cases where
	134	the trojan would be used at all. Either almost the complete set of
	135	government malware has found their way in brown envelopes to the CCC's
	136	mailbox, or the truth has been leapfrogged once again by the reality of
	137	eavesdropping and "lawful interception".
	138
	139	The other promises made by the officials also are not basis in reality.
	140	In 2008 the CCC was told that all versions of the "Quellen-TKÜ" software
	141	would manually be hand-crafted for the specifics of each case. The CCC
	142	now has access to several software versions of the trojan, and they all
	143	use the same hard-coded cryptographic key and do not look hand-crafted
	144	at all. Another promise has been that the trojan would be subject to
	145	exceptionally strict quality control to make sure the rules set forth by
	146	the constitutional court would not be violated. In reality this
	147	exceptionally strict quality control has neither found that the key is
	148	hard coded, nor that the "encryption" is uni-directional only, nor that
	149	there is a back door for uploading and executing further malware. The
	150	CCC expressed hope that this farce is not representative for
	151	exceptionally strict quality control in federal agencies.
	152
	153	The CCC demands: The clandestine infiltration of IT systems by
	154	government agencies must stop. At the same time we would like to call on
	155	all hackers and people interested in technology to further analyze the
	156	malware, so that at least some benefit can be reaped from this
	157	embarrassing eavesdropping attempt. Also, we will gladly continue to
	158	receive copies of other versions of government malware off your hands.
	159	\[4\]
	160
	161	Links:
	162
	163	\[0\]
	164	[Binaries](http://www.ccc.de/system/uploads/77/original/0zapftis-release.tgz "Cleaned up binaries release")
	165
	166	\[1\] [Analysis of the government malware
	167	(German)](http://www.ccc.de/system/uploads/76/original/staatstrojaner-report23.pdf "Analysis of the government malware")
	168
	169	\[4\] [BigBrotherAwards 2009](http://www.bigbrotherawards.de/2009/.com),
	170	Category Business: companies selling internet and phone surveillance
	171	technology
	172
	173	\[5\] [0zapftis (at)
	174	ccc.de](mailto:0zapftis(at)ccc.de "Mail to the analysis' authors") use
	175	the PGP key below:
	176
	177	-----BEGIN PGP PUBLIC KEY BLOCK-----
	178	Version: GnuPG v1.4.9 (Darwin)
	179
	180	mQINBE6OIJYBEADA8V/CA60MHsizwIEk46q3Tw2/DceWdN5jpqr8xD00vhjLMjBx
	181	kFgbZdou6yrYnZbrTC72dQbqj/e0KJaj5gmDjzEb29GKxFRbZkhjMSxYPBb4rawJ
	182	MRQdv/o/Olsf7ucLCEMRjuNxxczpo5dayDZC1yT4P/PcERscOM1RIOkM+Iaqde4v
	183	ApEZavNMrXBlV/s/cQ6gMnzqyzv9dNRaUN8BbNWufWmvue22DUR2kUpsEWYfXBe6
	184	o70k8nxe91uHBDnfjL12n2E7kI79+umniOdXYPQgfzBLTnAgCjHjt+Xy75LOiYXt
	185	ea7KPaGZoe9RuV+gAcK0G+NElDF7PjeuHbsV3YLXuQ7wjmbsn6qjpxl2E6C+vY30
	186	29+4Si7FgwKLlJ/NVrAg90OGEQ13BvPGFUq5rES/ILs31fa7jcIXKaF+ADcMs9o3
	187	ymXQF/wU1ENyUMtLsEz9DZ8yKgLVmLlieVmaiMPaJXSFYyHTccJoJ48QfYQARuMa
	188	OR+bMhW/wWoubIKgj1tL35GF9fJ0hYpwtMG+Xfyi/JG8fJHV8J01sKG5w/UaBAY1
	189	T4quFIHcdMjoRXwtExCsDjyqHRJAakL4WZEjulb3ReGVfuk+pVXTG4Hsp3E8oVKT
	190	v62ahMg7X5ugek232DwUTzfU77sNkcTiuXokPMswbEIfp5zmm9pUhalcnQARAQAB
	191	tDcwIFphcGZ0IElzISBSZXZlcnNlIEVuZ2luZWVyaW5nIElucHV0IDwwemFwZnRp
	192	c0BjY2MuZGU+iQI+BBMBAgAoBQJOjiCWAhsvBQkHhh+ABgsJCAcDAgYVCAIJCgsE
	193	FgIDAQIeAQIXgAAKCRDwbQurk8EwoEHBD/4vkbPzdBw9Ra7IBJCFe6aTUlw4qskU
	194	WM+2hyC06wOWgZM8KiGABFabInJ+2krc+humAuRJoZPySoHyOi/QY9ND033FgkhX
	195	Vea9EJpZRm0tJmbFMlFLzwT9fZ5r7GL0xLrQKoMEK3vUd0b3xQBqeaFEpB+VfU8Q
	196	vKmgTG4dO8pYKVe3/MnjAkS6fUUFOsl9QvHCW8+u2Qn4fl7mUygBTLfK4y2KDruh
	197	rh3EjeSuSaMdkNlXLDyEI5Hxttn0fTDp8K2Sh15qaeR1uMrwtxPHZRuSUw7jZ7xH
	198	24eUjJ4ipnwLMqeTNiL5JBwzQIRp9pb1cjiNuhxUCT4tGBPTeHgPR2MeEbBfFuYJ
	199	JnSEEO8VRStZXWWAKHj1ku8+YQ90SmFloRAbjlrkZpJn+vrj66wyGyzVbe1bD3Gy
	200	jokwVEhcierUaSpUq9ChBIB+vbMQZlchUfIGZPln/WOuwSgo2L6CNTfcA/6FvHYu
	201	+2Mg5VoeHOxQm28ZXjqCsODx3+j476S9VlHIDsBRmqPbOUoEzY2VIAyDzTlQE5Kn
	202	kBGp8FXk68QYVSS+ZI00cLtoDZlDD22scjn6qDk1y6oHuUnP9UoIF8t2kR1j9xG3
	203	FKrSNufwivgkZ3Fr2n+s9jYMom8YfZi15coNntyYSo7WQOgA29Ssfu8dfG56cdUc
	204	WPrcjLfEcjvPMrkCDQROjiCWARAA4dsiBRvVSRN0YFW8iYJNqH0jzu/CwbjsQAOt
	205	N6xM8OrjEsu3y82q0g/NryJJ4cVq3kl4r+WDoCwD2wR+oT4oMmg5jWtrs8lSikaG
	206	6Gl1W8e81zkyvDol8+BQLFEDxyyOZ313rQznP8RsBzk8u8x1YBPNyeHEJMF3dusm
	207	HUgQW2DY/eUUZQJARb9CHp2DTduTlQbkTPeDnFm6lrvduJyee98QeP+nCw9vTok0
	208	uWc5o9p4VgY+koX10E++iFRlz9rwNzFT2vHPm5MeG1ZITbWjS17ZQNHsgbOdMDUk
	209	08zQOYl29N4IuXRD1zRhs96oDwuxlo1rUE7A8vtf/6S6RETxkS7ykH1csCWrw6s/
	210	CjaioVVoyWIEvCzn60P8kUCsLJCiXTE4rcdaY9eysM1jeNC2t7BpmuY6gSqBwM5m
	211	0VfL86mCIZcE0AaxtrifjjwG8hlnlodyD0Ugi9tO87rPq204wplTMm6iZblKya5a
	212	vzQdKckXOXd4DBSB1fKoZBWAFIuZ2asHa57CsZLXAsM1a1b/eGUIilBN6/bXboum
	213	Gv2q+yF91kEP4tv+5fWLRJOgyUOiljB4g0JN1n9JfnM2iHaX7wcFh+jCnpX+1xZJ
	214	E8urrUEPpt4IOCHB/mJAk2rCrCY69WWJTjuaXIc178TioWDWr+eDuDyENa9pbTCx
	215	5paebg8AEQEAAYkERAQYAQIADwUCTo4glgIbLgUJB4YfgAIpCRDwbQurk8EwoMFd
	216	IAQZAQIABgUCTo4glgAKCRBebJ87j17H3iJID/9UVR9HIxmQtQPADWXZxjnNePw1
	217	32O1+Syd9j9JgYczHooudki6mx55ydFHEyu4oDJ7az0UiV92GEl7XV3iwBppf9Ja
	218	WvZ5WvWMX4F/ZmmDWENXqQeniqIUlKa9XmA9jhYAEwy7198pbD/qsGBMioDVai0f
	219	GTYUiBwHt2spu1uopx30spK/RwBKvbH6cbtGmOvfpXmgsFagtg6kPZPbfGZ3Iumh
	220	yWHP4zd/+VcAOkjJv844Nuloh4VMPfwiInakG9bZzg4Ky5kGqB+Vl2WCZSOiVVGo
	221	C4JmdMO7IMkBPMRNXQw23rhWWJVjsnF+nT/TnDlnH7g067IZ5YOZftwSun78Cjb1
	222	sRmwCaj9iNbTwEUnES8Clni/AAirYvXs0Isu67WN1lJWUSwAavs6Thswhvpnrsq7
	223	v0svvtmOU1pZVmYGmOFn8xAC+iK1PHFL4BH8NEhkiCMqBfH0pGIjl/hZk60r6Gtf
	224	BNB0Fjt/HOQYVHNaQvbpPhWCLYxeVEUfMk9rRE1FlyzYGhBa/pG5ECoJGNQGriGC
	225	bB4hzSmwjVqaP7N3qzfeP6xQT4y5A7Xe2zN9FnOO8+vjQ6hMMX4Ch4YDaxuHS3C7
	226	4eQTgmJ9CWERuUBz/AdEobY+sakH+2PHN2eBgwbLBX5ti3YKy1L7DE3EZibKwWm5
	227	D4C9KHCwUpT/unjQ9gM9EACHIFOBbxZF/2o4w6VdrsYYBUcihaEtDMc9sywNTwBF
	228	jsxbJM4GHvtwlJlunMp1Iz62f9dL+hAUe76UCq2i7W9eVlT8Pp3xR0+z2Ini1PbG
	229	nfgpsbI9q0ncUlGyo+o/fVNASQqqvfGsfU6SuKapwvMdqK6p7G4y+1XodRHChzli
	230	v9WV2GRXNSp5jTuU7FZzCUaHilIU1Xh9P2eo/5/QwTvxkHdEssbCtK6hsWNS/ot9
	231	9IRRB5x3Sr2pnb8JiiZrvwh2YlqaD0cs0gViA5gZXTsOVb6IzcaMgnG4M4xu+fgz
	232	U+G9jHbwWj9UHcEUPEl5rRmrMTpeu5f2xRZddlbDW1QKREATXZkROsP3GLmXMESe
	233	af7BF3+JtUTajYjxQxYwW6hQLkGc4wsIO4nWDFbk/lBh9T25mzTpo54WblDEq9yQ
	234	K83zwI2BC3NFqRoZ9IrC3wJsic5T0/bIKALFXo5quK4pE7xt2+c6VQosymeWBk5q
	235	Exy6jS1C6RjZGF4qXVPznejivZ9jEv4xUh+BXSMKnZCN9SZIzhWU3K6aqacY8LVm
	236	mWE4MA8GJ0dUiw+egWacFBJFRg1I6p1NbuUIlU1WdGne2hyz7djbFofLay15x1Lo
	237	wYTTAi2gmp8vxHoZoI30dCJZTtVKb1vIEOE9Tz5Cl/UOVMxtqANGr9/GdVLPY2NB
	238	ZQ==
	239	=jS/I
	240	-----END PGP PUBLIC KEY BLOCK-----