summaryrefslogtreecommitdiff
path: root/updates/2015/bkag.en.md
blob: 6b1651fcb312282dc26ce4c27dd17bcdcdb1c775 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
title: State Trojan again on trial in Constitutional Court
date: 2015-07-06 20:00:00 
updated: 2015-07-11 18:46:08 
author: webmaster
tags: update, pressemitteilung

Today, the German Federal Constitutional Court tried constitutional complaints against the revision of the Federal Criminal Police Office law (BKAG) from 2008. Central to this trial was the constitutional assessment of governmental trojan spying software. Within this hearing the Chaos Computer Club was asked for an advisory opinion. We publish our arguments delivered in the hearing. [1]

<!-- TEASER_END -->

By means of the revision of the BKAG the Federal Criminal Police Office
was granted additional powers to infiltrate and manipulate IT systems.
These covert intrusions in IT systems enable an „online search“ of a
target's computers and also a „communication source surveillance“. These
spying tools are supposed to be allowed just by suspicion of a future
crime.

The trojan surveillance is not bound to a specific device technology.
The BKAG rather legitimates to aquire data from any kind of device like
computers, smartphones, tablets, smartwatches or other kinds of
information and communication technology device.

In 2011, the Chaos Computer Club has analysed a state trojan developed
by DigiTask, which has been used by several police authorities. \[2\]
This analysis has clearly shown the enormous risk of exposing infected
computers to malicious attacks by third parties using the included
backdoors. Design and implementation flaws make all of the functionality
available to anyone on the internet. It turned out that the trojan
allowed remote control by attackers and download of additional software
besides the officially provided functions available to the authorities.
Besides, the software could be used to capture audio data from the
environment independent from any communication.

The fundamental problem of covert infiltration for both kinds of
malware, an „online search“ trojan as well as a „communication source
surveillance“ tool, is: In order to successfully implant governmental
espionage tools security systems have to be exploited permanently.

The Chaos Computer Club speaks out against the plans of infiltration of
information systems by authorities not only for technical reasons, but
more importantly so because of the imminent danger of interfering with
the core area of the private conduct of life, a human's most personal
information.

**Links**:

\[1\] Advisory Opinion to the Federal Constitutional Court on the
Federal Criminal Police Office law (BKAG) and state trojan software
(German)
<http://www.ccc.de/system/uploads/189/original/BKAG_Stellungnahme.pdf>

\[2\] Chaos Computer Club analyzes government malware,
[https://www.ccc.de/en/updates/2011/staatstrojaner](/en/updates/2011/staatstrojaner)