Bavarian Police Can Legally Place Trojans On PCs

An anonymous reader writes "The Bavarian Parliament passed a law that allows Bavarian police to place 'Remote Forensic Software' (Google translation) on a suspect's computer as well as on the computers of a suspect's contacts. They may break into houses in secret to install the RFS if a remote installation is not possible; and while they are there a (physical) search is permitted too. The RFS may be used to read, delete, and alter data." The translation says that RFSs may be used in cases of an "urgent threat to the existence or the security of the Federation or a country or physical, life or liberty of a person... Even where there is a reasonable assumptions on concrete preparatory acts for such serious offenses."

Yes,

but does the trojan run on linux?

Re:Yes,

but does the trojan run on linux?

Funny how the context allows a "does it run on linux" joke get modded up as insightful....

...What about the Soviet Russia jokes? Will they get mod as informative?

Re:Yes,

In the German state Bavaria, the police trojans you!

No, it simply doesn't have that ring to it.

In German state of Bavaria

Polizei in lederhosen kann deine computerhosen.

Re:Yes,

Hey, at least they use trojans when they screw you.

Re:Yes,

If they are allowed to break in, they can install a hardware keylogger. Which yes, does run against linux.

Re:Yes,

I think the bigger threat here is that they can break into your house without your knowledge and search it in secret. I guess the Gestapo taught them nothing.

Re:Yes,

Yeah, cause it's nothing like the PATRIOT act in the US

Please

Bill Clinton had Carnivor [wikipedia.org] and Magic lantern [wikipedia.org] for this sort of thing long before Bush was even in the White House, around 1995.

The Federal government has been violating due process and the US Constitution since FDR was in office.

Don't try and pretend that Bush was the first to do this sort of thing with the Patriot Act, all he did was use it to amend the Constitution.

Re:Yes,

Come on, now. I'm pretty sure the Gestapo knew how to break into houses and search them in secret.

Re:Yes,

When I was in Munich I had a phone and a PC. The PC had voicemodem so it could act as a answering machine / fax machine. I got some cables to plug it into the phone socket. And the wierd thing is I could get the phone to work or the PC but not both. It turns out that German phone sockets will only allow one device to be connected. Someone said that this was to "prevent eavesdropping. In Germany this is regarded as important because of our experience of Nazism".

I said something like "if the Nazis tapped phones they presumably did it at the exchange, not by having some sinister dude in a leather coat, monacle and jackboots sitting in the spare room taking notes". The German guy explaining gave me a very dirty look.

Re:Yes,

I moved to Germany 10 years ago, and that confused me too. Some of the multi-way phone sockets have a "priority" system - the rightmost (or leftmost - I forget which) gets the line. If you look inside the box it's a simple break-switch. Also the N and F type connectors are very confusing. But if you take the boxes apart and wire everything in parallel it just works as normal.

I assumed that the system was devised to prevent overloading - most commercial exchanges have some kind of limit on how many phones they can support. In the UK it's called "ringer equivalence number" and if you exceed it they don't guarantee that your phones will work. In practice it's the ringers that fail first.

Sorry, you are wrong

Sorry, most of what you said or suspected is wrong. The system is actually a very clever design which prevents interruption of data/fax calls by the phone and in fact also eavesdropping from another phone inside the house.

The "multi-way phone sockets" are usually of the NFN-Type. Here F means "Fernsprecher" (Phone) while N means "Nicht-Fernsprecher" (Non-Phone). The socket is designed so that the line goes first to the left N socket , then to the right N socket and finally to the F socket. The phone will always be the last in chain. A non-phone device (fax, modem) plugged into one of the N sockets is supposed to have two electronic switches inside which will chain-through the line to the next socket when the device does not use the line. So if you are not sending a fax or surfing the net, you will be able to use the phone normally. However when the fax/modem takes over, the phone will be cut off. This clever trick prevents you from interfering with the transmission by picking up the phone.

As you are not supposed to plug two phones into one box, this also prevents eavesdropping. Overload prevention is not the reason. There were and are devices available which either are put before the NFN-box and allow to wire another NFN-box or contain a F or NFN socket themselves. Both will allow to wire a second phone and of course you could use more than one of these devices. These device however contain a automatic switch will will cut-off the other phone when one is in use. But they will all ring.

Re:Yes,

The original post has few problems

1. the link does not work - I suppose it was meant to be this:
http://www.heise.de/newsticker/Bundesrat-will-heimliche-Online-Durchsuchungen-auf-Terrorabwehr-beschraenken--/meldung/110466 [heise.de]

2. this article says that Bavaria did NOT managed to extend existing proposal on searching, eavesdropping etc, existing proposal is maybe not that nice but it was apparently less harmful politically than the Bavaria's extension.

Besides similar laws (lows?) already exist although not really in such drastic form. OTOH secret services do what it wants anyway - Germans violated its own and other countries' law to get account data of tax criminals. I believe there are countries where even suspicion that evidence was produced illegally or on information received illegally would nullify the whole proceeding. In Germany it apparently is not that important how you get your data as long as you can prosecute whoever you want. I guess each country has its quirks when it comes to powers that the state has.

Re:Yes,

Here's the real link:
http://www.heise.de/newsticker/Bayerischer-Landtag-setzt-den-Bayerntrojaner-frei--/meldung/110426 [heise.de]

It's from yesterday. The story you link to is today's and is talking about the Bundesregierung as opposed to the Staatsregierung Bayern. Roughly speaking, it's the equivalent of Federal and State government in the US.

The article says that the law has no chance of survival - it's pretty clearly in violation of the German constitution, and most Germans take their constitution *very* seriously.

My take is that it's a typical "bargaining play": aim for the moon, and if you fall on the clouds, well, it's still better than the hilltop position that you really wanted. Compare the tactic with the *IAA's lobbying. They ask for outrageous new laws, everyone gets upset and writes to their reps, the law eventually gets watered down, and everyone goes home happy, failing to notice that the *IAA have achieved yet another step along the way to their goal of total control.

Re:Yes,

Because no one will notice that their freakin' operating system got changed.

Bavaria?

In my ignorance, I asked myself "where the hell is Bavaria?". So I wiki'd it [wikipedia.org]. Turns out, it's in Germany.

The more you know...

Re:Bavaria?

In another news, California was found to be a US state! Film at eleven.

Re:Where?

Thats simply because not enough of it is on fire to make it stand out on google earth!

Forensic?

Um, "forensic" software is typically designed to *prevent* the alteration of data. Otherwise you can't reliably go into court and prove that you haven't planted the evidence. Last I heard, Germany still embraced the concept of due process...

Not sure whether this is a crazy law passed by some locals that will be struck down by German courts, a bad write up, or a bad translation...

Re:Forensic?

Yes, the translation is mostly correct, but is missing few details: The Verfassungsgericht (highest judicial institution over here) stated that this kind of investigation is illegal and put very high barriers on it... for the whole of Germany. AND they put up a new consitutional right on "digital privacy". The barrier is that high that it should be near to impossible to implement the trojan in a way to stay within law. Now the Bavarians thought they know better and updated their local laws and declared them to be "in accordance" with the new barriers (which they most likely are not and thus are going to get that struck down again). Also... they are NOT allowed to physically enter the house/rooms/flat/... in order to install the trojan. They have to deploy it remotely by dialup or internet. If that was allowed they could secretly search through your other belongings, which is explicitely forbidden to happen with the owner not being around. People have the right to witness a raid or execution of a search warrant. And yes, the risk of alteration is real, so the so-called evidence will probably be very weak and should not last very long in court. Yet, I fear that the "evidence" might be remembered and used to investigate into other activities. Police may use evidence from one case to prove another case. THIS is very dangerous.

Typo in title

Barbarian Police Can Legally Place Trojans On PCs

Re:This is strange...

I thought that the memories of the Geheime Staatspolizei made sure the germans would never approve of such things...

Most people who were alive to see World War II Germany have passed on. I think this allows the forgetfullness we see across the world -- and unfortunately is allowing history to repeat itself in the restriction of rights in many countries...

Re:Threat to liberty...

Yeah it's funny when you put it that way, but that's how it usually is. When a government takes an action under the guise of national security, the nation is actually less secure because a stronger government is a greater threat to liberty.

Re:fud, Fud, FUD!

Oh sure and the US Patriot Act was only for terrorists. It'd never be used improperly or wrongly [msn.com]