Swiss spying causes privacy concerns worldwide
A story came out of Switzerland this morning that has folks worldwide sweating. Reportedly, the Swiss government is toying with the idea of using Superintendent Trojan, a spyware program, as a bug to potentially listen in on conversations on IP telephony.
The story of the project, which had been progressing completely under wraps, appears to have been broken by SonntagsZeitung, with first English-language reporting probably Heise Security. Heise elaborated upon some details on the actual parameters of the program, most importantly that such spying is ostensibly only permissible under court order.
Heise reported that, after receiving such a court order, “The ISPs of the persons under investigation will then slip the program onto their computers. The program will save overheard conversations and send them to a server ... The wiretap has some additional functions. For example, the built in microphone on a laptop can be turned on to monitor a room or webcams can be activated.”
Heise also quoted Charles Gudet, head of the Special Services Department of the Swiss Department of the Environment, Transport, Energy and Communications, as acknowledging that there is “no clear legal basis for the use of Trojans.”
The contracted firm in question is ERA IT Solutions. Spokespersons for the company quoted in TechWorld’s online edition sought to relax fears by stating that Superintendent Trojan would be implemented only by government agencies, a policy it hopes will “leave it off malware blacklists compiled by anti-virus and anti-spyware developers.”
Meanwhile, in the UK, the Register daily was slightly less objective than most outlets in reportage of the potential privacy invasion issue, with writer John Leyden (wait a minute – wasn’t he the lead singer of the Sex Pistols?) who wrote that, “Even if we accept ERA's assertion that the use of the technology would be restricted to government agencies, anti-virus firms would be honour bound to blacklist the app if any of their customers complained about it.”
And Leyden’s judgment on the idea reads, “Altogether the plan seems fraught with difficulties, without even considering whether evidence obtained via such covert methods would be legally submittable.”
Superintendent Trojan, says ERA, is “able to skirt round any firewalls and evade detection by any antivirus applications already installed on the target machine.”
And, yes, this rather insidious bit of spywork is already seen as a threat internationally, with Finland-based security company F-Secure reps saying that they would not “leave such backdoors to our … anti-virus products, regardless of the source.”
Comments