Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Government Privacy Security News Your Rights Online

Bavarian Police Can Legally Place Trojans On PCs 256

An anonymous reader writes "The Bavarian Parliament passed a law that allows Bavarian police to place 'Remote Forensic Software' (Google translation) on a suspect's computer as well as on the computers of a suspect's contacts. They may break into houses in secret to install the RFS if a remote installation is not possible; and while they are there a (physical) search is permitted too. The RFS may be used to read, delete, and alter data." The translation says that RFSs may be used in cases of an "urgent threat to the existence or the security of the Federation or a country or physical, life or liberty of a person... Even where there is a reasonable assumptions on concrete preparatory acts for such serious offenses."
This discussion has been archived. No new comments can be posted.

Bavarian Police Can Legally Place Trojans On PCs

Comments Filter:
  • Yes, (Score:5, Funny)

    by Daimanta ( 1140543 ) on Friday July 04, 2008 @11:36AM (#24059711) Journal

    but does the trojan run on linux?

    • Re:Yes, (Score:4, Interesting)

      by brunokummel ( 664267 ) on Friday July 04, 2008 @11:45AM (#24059789) Journal

      but does the trojan run on linux?

      Funny how the context allows a "does it run on linux" joke get modded up as insightful....

      ...What about the Soviet Russia jokes? Will they get mod as informative?

    • Im sure if you drink enough wine, it will.

    • Re:Yes, (Score:4, Insightful)

      by KiloByte ( 825081 ) on Friday July 04, 2008 @01:37PM (#24060735)

      If they are allowed to break in, they can install a hardware keylogger. Which yes, does run against linux.

    • No, they can only screw you if you're running a Windows OS.

      They probably install some variant of Back Orifice before slamming in the Trojan.

  • Bavaria? (Score:5, Informative)

    by Eudial ( 590661 ) on Friday July 04, 2008 @11:40AM (#24059729)

    In my ignorance, I asked myself "where the hell is Bavaria?". So I wiki'd it [wikipedia.org]. Turns out, it's in Germany.

    The more you know...

    • Re: (Score:2, Funny)

      by furrydave ( 1309299 )
      I'm happy I wasn't the only one :-).

      I also enjoy the beer (wait... that's Brava...). oh well.

      Sadly, I also realized I had no idea where Colorado was yesterday. I think I need to spend a few hours with a map and un-dumb myself...
      • Re: (Score:3, Interesting)

        by neomunk ( 913773 )

        The best geography tutorial I've ever had was a game called Hearts of Iron 2. Nothing like learning about the names and basic geographical features of the world while moving various types of military units across the landscape. Cursing a province with mountains by name as your troops take months to march and/or roll through them makes it memorable, especially if you lose your beachhead because your goofy MechInf decides to take 2 weeks going a distance that would take them 2 days, if it were plains they a

    • Re:Bavaria? (Score:4, Funny)

      by K. S. Kyosuke ( 729550 ) on Friday July 04, 2008 @11:53AM (#24059885)
      In another news, California was found to be a US state! Film at eleven.
      • by rob1980 ( 941751 )
        It's not as obvious as you're making it out to be. Bavaria is known to the Germans and a sizable number of other countries as Bayern... California is almost universally known as California.
    • Re: (Score:2, Funny)

      by Hal_Porter ( 817932 )

      In my ignorance, I asked myself "where the hell is Bavaria?". So I wiki'd it [wikipedia.org]. Turns out, it's in Germany.

      The more you know...

      Don't say that to Bavarians. They prefer to be known as the northernmost state of Italy.

  • So... (Score:2, Interesting)

    by furrydave ( 1309299 )
    Does this imply that they can install a virus on my PC in Canada if I'm talking to a suspect in Bavaria?

    I hope not.

    Will this code be safe? What if it opens the infected PC up to access by hackers and the PC is damaged or materials (virtual) are stolen? Is there any liability for the police?
    • by Belial6 ( 794905 )
      You can be pretty sure that it does, since that is the point of the software. You know, to let someone else have access to your PC, and take stuff off of your computer.
    • What if it opens the infected PC up to access by hackers

      If the Bavarian police can install a trojan on your PC, then your PC was *already* accessible to hackers.

  • I thought that the memories of the Geheime Staatspolizei made sure the germans would never approve of such things...
    • by KingOfBLASH ( 620432 ) on Friday July 04, 2008 @11:55AM (#24059899) Journal

      I thought that the memories of the Geheime Staatspolizei made sure the germans would never approve of such things...

      Most people who were alive to see World War II Germany have passed on. I think this allows the forgetfullness we see across the world -- and unfortunately is allowing history to repeat itself in the restriction of rights in many countries...

      • Re: (Score:3, Interesting)

        by Reziac ( 43301 ) *

        WW2 was before my time, but I grew up during the Cold War. It's definitely scary to watch our country turn into the backside of the Iron Curtain that we worked for so long to tear down.

    • Re: (Score:3, Informative)

      by flyingfsck ( 986395 )
      Hitler started his run in a beer house in Bavaria. What goes around, comes around.
      • bavaria is also the most corrupt german state. only in bavaria a politician of the ruling party (the same continous ruling party for 50 years) can kill a man and injure another one while drunk driving and get away with a year probation, a federal cross of merit and the position of a chairman of the german national railway company.

  • And clean carefully the cashe when finished.
  • Forensic? (Score:5, Insightful)

    by gruntled ( 107194 ) on Friday July 04, 2008 @12:02PM (#24059961)

    Um, "forensic" software is typically designed to *prevent* the alteration of data. Otherwise you can't reliably go into court and prove that you haven't planted the evidence. Last I heard, Germany still embraced the concept of due process...

    Not sure whether this is a crazy law passed by some locals that will be struck down by German courts, a bad write up, or a bad translation...

    • Well, they need to be able to disable any anti-malware programs that'd stop their intrusion. That's altering data.

    • Re:Forensic? (Score:4, Insightful)

      by satmd ( 1265572 ) on Friday July 04, 2008 @01:47PM (#24060827)
      Yes, the translation is mostly correct, but is missing few details: The Verfassungsgericht (highest judicial institution over here) stated that this kind of investigation is illegal and put very high barriers on it... for the whole of Germany. AND they put up a new consitutional right on "digital privacy". The barrier is that high that it should be near to impossible to implement the trojan in a way to stay within law. Now the Bavarians thought they know better and updated their local laws and declared them to be "in accordance" with the new barriers (which they most likely are not and thus are going to get that struck down again). Also... they are NOT allowed to physically enter the house/rooms/flat/... in order to install the trojan. They have to deploy it remotely by dialup or internet. If that was allowed they could secretly search through your other belongings, which is explicitely forbidden to happen with the owner not being around. People have the right to witness a raid or execution of a search warrant. And yes, the risk of alteration is real, so the so-called evidence will probably be very weak and should not last very long in court. Yet, I fear that the "evidence" might be remembered and used to investigate into other activities. Police may use evidence from one case to prove another case. THIS is very dangerous.
  • fud, Fud, FUD! (Score:3, Informative)

    by jps25 ( 1286898 ) on Friday July 04, 2008 @12:06PM (#24059993)

    I know this is slashdot and jumping at anything so we can scream 1984!!! POLICE STATE!!11!!! gets you modded informative or insightful, but this slashdot article is just crap.

    The "Bundestrojaner" will only be used as a last resort and in defense to terrorism, as you can read here in an article posted today, denying the Bavarian request to use it for other crimes not directly related to terrorism.
    Poor google translation:
    http://translate.google.com/translate?u=http%3A%2F%2Fwww.heise.de%2Fnewsticker%2FBundesrat-will-heimliche-Online-Durchsuchungen-auf-Terrorabwehr-beschraenken--%2Fmeldung%2F110466&hl=en&ie=UTF8&sl=de&tl=en [google.com]

    Ah, screw it. 1984!!! ORWELLIAN STATE!! BURN THE WITCHES!

    • by jeiler ( 1106393 )
      I weigh more than a duck you insensitive clod!
    • Re:fud, Fud, FUD! (Score:5, Interesting)

      by witherstaff ( 713820 ) on Friday July 04, 2008 @12:14PM (#24060053) Homepage
      Oh sure and the US Patriot Act was only for terrorists. It'd never be used improperly or wrongly [msn.com]
    • The "Bundestrojaner" will only be used as a last resort and in defense to terrorism, as you can read here in an article posted today, denying the Bavarian request to use it for other crimes not directly related to terrorism.

      It's nice that their requests for non-terrorism uses were denied, but if the law doesn't say that, those denials are temporary and subject to change.

      Very few governments or government agencies have the integrity to do what's right, compared to what is legal.

    • yeah and the toll collect data would never be used for police investigations (or so they said a couple of years ago).
      the problem in germany is that even if the evidence was collected in an illegal way it still may be (and often is) valid before the court.

      german police and german politicians may break the law as they want and go unpunished.

    • bullcrap (Score:3, Interesting)

      by unity100 ( 970058 )

      The "Bundestrojaner" will only be used as a last resort and in defense to terrorism

      when the law that allows the police to monitor ALL communication (email, gsm, landline) at all times, without needing any warrant was passed here, (turkey) and gave the daily running of the operation to a small board that would be directly appointed by the prime minister and his cabinet, many idiots believed that 'only as a last resort and in defense against terrorism' bullshit too.

      then somehow the private conversations of opposition party members who have had a strife with the administration have been l

    • by jimicus ( 737525 )

      The "Bundestrojaner" will only be used as a last resort and in defense to terrorism, as you can read here in an article posted today, denying the Bavarian request to use it for other crimes not directly related to terrorism.

      I did try to read the Google translation (which, as you say, was not very good), and I immediately see a problem.

      It's a translation of a news report. Not of the actual legislation. Now, I'm not a lawyer - I'm not even German - but AFAIK the legislation and the interpretation the courts give it is the important bit. News reports are rather less so. And if the law is only intended to be used in a very limited subset of cases, then it should damn well be worded so it can only be used that way otherwise y

    • The "Bundestrojaner" will only be used as a last resort and in defense to terrorism

      Yes, and who defines "last resort" and "terrorism"? That's a state secret...you just have to trust em.

  • I am actually surprised to read this on Slashdot. I thought this was already common practise in the US? I really thought that the police can get a court order and install bugs, microcameras and trojans and whatnot on a suspects computer.

    • What puzzles me is why this would be something the Bavarian Parliment would do. I would think this would be done at the national level; US laws that enable wiretaps are all at the Federal level.

      • What puzzles me is why this would be something the Bavarian Parliment would do. I would think this would be done at the national level; US laws that enable wiretaps are all at the Federal level.

        They tried to. It came as far as the constitutional court in Germany, and failed miserably. The law now returns, slightly changed.

        You have to know that in Germany, each "Land" (~County) has its own law. If there's a matter on which both a county's law and federal law exist, the federal law supercedes county law. The federal law on computer trojans failed before the constitutional court. It's been slightly changed and they're going to give it another try on the federal level the next few weeks. Meanwhile,

    • Not so common (few law enforcement agencies have the sorts of resources to make this a common occurence), but yes, that sort of thing is allowed if a judge authorizes it. The idea here is that the judge is supposed to be a neutral party who will evaluate whether law enforcement has enough evidence to justify this sort of thing. (One could do this without a judge's approval, but any data collected in such a fashion could not be used in court; plus you'd risk jail time yourself or at least you'd have your bad

      • I think you need to distinguish between monitering communications in transit (e.g. phone taps), and actively entering someones place of resedence to place a bug. The former is clearly legal with a court order, but I'm not sure about the later. The same applies in the computer world. It is one thing to intercept e-mails as they pass through the ISP, but to "break-in" to someone's computer to place the trojen is a complete other level. Further, are the police allowed to cause property damage in the proce

    • to spy on their employees. Sure it is unethical, and maybe morally wrong, but they do it anyway.

      Bill Clinton had the FBI use Magic Lantern [wikipedia.org] for that vary purpose.

      • No, they can't. They can have such software on company issued computers. But breaking into the personally owned computer that an employee has at home, never.
        • Not only could they, but they already have done that. At least some of my former employers did that to me on my home computers.

          • I'm sorry, but I'm going to need a citation for that or some sort of proof.
            • I guess the Magic Lantern article wasn't enough for you then?

              How to legally spy on your employees [forbes.com] and Spy cover up [usatoday.com]

              Major employers such as Delta Air Lines and Google have fired employees for what they put on their own blogs. Ellen Simonetti, a Delta flight attendant, says she was fired in October 2004 after she posted pictures of herself in her uniform in suggestive poses on her blog.

              "Employees should know that your employer is looking over your shoulder. If they catch you, they're canning you," says Nancy F

              • None of these links refer to (1) private companies that, (2) place trojans or other software on (3) personal non-work computers.

                Magic Lantern? Government institution. Different rules (regretably).

                The other links? They say nothing about personal non-work computers. They only say that either work computers are bugged, or the people might be tailed by a PI.

  • Listen up folks. There is only ONE reason why you would ever want to visit Bavaria. Yes. Ahum. For those of you not in the know, it has something to do with jugs. Large jugs. Yes. Ahum. One thing is certain, it does not require the presence of a computer anywhere near the place.
    One might even suggest the use of a computer to be quite counter-productive near aforementioned jugs. Ahum. Jugs.
    • Oh, I'm pretty sure that for anyone here to take advantage of said bounty, they will end up needing a computer.

                Brett

  • I doubt that trojans [popcrunch.com] can be stretched to cover an entire PC.
  • Not that I am crazy about those, but hasn't government always had the right to intercept communications under certain circumstances? Why should the fact that this is a method for doing so on a computer make this case any different?
    • A wire tap intercepts communication while it is in transit. That would be similar to intercepting e-mails when they pass through the ISP. On the other hand, this trojan would be closer to the police secretly breaking into your house in order to place a (webcam?) bug.

      While the former is clearly legal (with a court order), I'm not sure if the later would be. It would be dangerously close to a secret search and I imagine that while the police can serve a search warrent if you happen to not be there, they

  • With a warrant the police can do that here i the US too.

    Warrants can be issued for 'suspicion'.

    • A wire tap intercepts communication while it is in transit. That would be similar to intercepting e-mails when they pass through the ISP. On the other hand, this trojan would be closer to the police secretly breaking into your house in order to place a (webcam?) bug.

      While the former is clearly legal (with a court order), I'm not sure if the later would be. It would be dangerously close to a secret search and I imagine that while the police can serve a search warrent if you happen to not be there, they

      • by nurb432 ( 527695 )

        Bugging your house with cameras and microphones is legal with the proper court order, so i don't see any difference.

        They can wait until you are gone under some circumstances, and setting up for long term surveillance would qualify.

        • If that is the case, then I agree there is no difference.

          Do you have any citations for this? It just seems that with secret searches it would be all too easy for the police to plant evidence or make other false claims about what was found.

  • Encrypted Drives (Score:3, Insightful)

    by nurb432 ( 527695 ) on Friday July 04, 2008 @12:59PM (#24060413) Homepage Journal

    If you encrypt your drive, and don't leave it running while you are gone, unless they guess your password not much they can do.

  • Inadmissible? (Score:3, Interesting)

    by ThatsNotFunny ( 775189 ) on Friday July 04, 2008 @01:06PM (#24060481)
    If the software they install can delete and alter files, how can any evidence they procure be admissible in a court of law?
    • in a court of law even if the trojan is programmed to download porn and other things over the Internet. I can recall American employers using trojans like that to fake employees surfing the Internet too much to fire them for it. "He surfed for porn for more than 5 hours each day, so he fired him" when really the trojan surfed porn and planted it on his computer. They do that sort of thing when they want to discriminate against an employee for their religion, race, color, national origin, disability, age, ge

      • Faking evidence is illegal and inadmissible. Now you may get away with it if you aren't caught, but it is still illegal and inadmissible.
  • Oh yes, this sounds exactly like other totalitarian countries, like China, USA and Sweden.

  • As bad as you want to say things have gotten in the USA, it's nothing like this yet. And all his contacts too? Wow!
  • by gmuslera ( 3436 ) on Friday July 04, 2008 @02:37PM (#24061205) Homepage Journal
    Barbarian Police Can Legally Place Trojans On PCs
  • ...RFSs may be used in cases of an "urgent threat to the existence or the security of the Federation...

    Of course! There is no other way to deal with the Borg; if we don't use RFSs, it could mean the end of existence for the entire Alpha Quadrant, not just the Federation!

  • very efficient (Score:3, Interesting)

    by speedtux ( 1307149 ) on Friday July 04, 2008 @04:19PM (#24061995)

    RFSs may be used in cases of an "urgent threat to the existence or the security of the Federation or a country or physical, life or liberty of a person...

    Apparently, they are drawing on a century of experience that Germany has with intrusion into people's private lives, both under right wing and left wing extremist states. Even the language of the law itself is... classic.

  • by redelm ( 54142 ) on Friday July 04, 2008 @04:21PM (#24062021) Homepage
    Ah well, the Bavarians are doing their independence thing, sharply deviating from the Federal Verfassungsgericht. And probably from the EU Charter of Rights and Freedoms. They know it, and are doing it precisely for that effect.

    But watch: there will be abuses immediately (cops cannot help themselves, they have a compulsion to "fight crime") and in about 3 years one will be egregious and funded enough to make it to seriously senior courts. Then one of these (especially the EU) will seek to exert its' jurisdiction with a ruling like the US "fruit of the poisoned vine" doctrine.

    Odd thing is, the bayricherbeamter are anything but stupid and may even see and desire this.

  • by mlwmohawk ( 801821 ) on Friday July 04, 2008 @06:15PM (#24062755)

    Run Linux
    Encrypt Boot and home disks.
    Encrypt everything.
    md5sum *everything*
    Boot off a knoppix or install CD periodically.
    Keep a spare motherboard around and/or change motherboards frequently.
    Always buy a name brand ethernet card that is a different chipset than your motherboard.
    Run wireshark on your laptop which you *NEVER* let out of your sight.

    Remember, thieves will only steal your stuff. The government will steal your life and liberty if it is politically possible.

  • by nick_davison ( 217681 ) on Saturday July 05, 2008 @01:19AM (#24064387)

    The RFS may be used to read, delete, and alter data.

    So, getting this straight... They have the right to modify data in ways that can't be [reasonably] detected... and then they can use this data to press charges?

    "Of course not your honor! It was different data we changed. The incredibly convenient file that says, 'I am guilty, it's a fair cop, guv! Oh yeah, it was me!' was there all along."

    You're on incredibly shaky ground when you allow the police to manufacture information where they may subsequently use information to support charges. As soon as one dirty cop gets caught manufacturing evidence, you've devalued the entire method for gaining it. How long before the standard defense becomes, "My client has never seen that file before. Given the police routinely add and modify files on people's computers, prove beyond a reasonable doubt that they didn't put it there themselves and then change the logs to simply make it look like my client did it."

In the long run, every program becomes rococco, and then rubble. -- Alan Perlis

Working...