Debate rages over German government spyware plan
Irony of government propagating malware after cracking down on research? Noted
IDG News Service - When it comes to who can and who can't be a hacker, the German government appears to want to have its cake and eat it, too.
After passing anti-hacking legislation earlier this year to crack down on the sharp rise in computer attacks in the public and private sectors, the government is now floating a plan to develop and smuggle its own spyware on to the hard drives of suspected terrorists through e-mail messages.
German Interior Minister Wolfgang Schäuble has been feverishly seeking support for a new security law that would allow federal authorities to investigate suspects' Internet use and stored data without their knowledge, ever since the country's Federal Court of Justice halted their cybersnooping activities in February. The judges argued that the hacking of computers by the police is not permitted under Germany's strict phone-tapping laws and that legislation would be needed to enable covert surveillance.
Schäuble's efforts to introduce a security law with wider police surveillance powers have, however, led to a heated debate that nearly exploded late last week when a copy of the proposed security law was leaked to the German media. The measure would allow authorities to install Trojans carrying remote forensic software on suspects' hard drives.
While Schäuble has said that government cyberspying would only be conducted in a handful of exceptional cases and only on those suspected of planning terrorist attacks, critics say he may have overstepped his bounds.
Max Stadler, a security expert with the German Free Democratic Party, warned in a ZDF television interview last week that the Interior Ministry's spyware plan would weaken the trust of German citizens in government. He referred to the government Trojan as "an invasion into the private sphere."
Magnus Kalkuhl, a virus specialist at the German office of Russian security software vendor Kaspersky Lab Ltd., said the plan "would undermine the very purpose of security software, which is to plug -- not make -- security holes." The idea of allowing officials in one specific country to snoop also disturbs Kalkuhl. "What's going to prevent police in Germany from breaking into computers in Italy?" he asked.
And even if the government approves the use of spyware, Wolfgang Wieland, a member of the Green Party, told the Berliner Zeitung newspaper last week that he questions the success of a measure that assumes suspects know little about computers and won't detect and remove Trojans and other spyware. It's naive to believe that terrorists, who live in a world of conspiracy, would trip over something as obvious as e-mail from an unfamiliar source, he said.
In defense of the plan, Schäuble said in an interview with Deutschlandradio last week that police need to keep pace with terrorists and criminals, who shouldn't be allowed to use cyberspace as a protected area. The plan, he said, isn't to control everyone's computer but rather only those machines used by suspected criminals and terrorists and only for a limited period of time.
- Warning: Cloud Data at Risk Experts agree that relying on SaaS vendors to backup and restore your data is dangerous. Yet that's exactly what huge portions of the...
- The Opportunities and Challenges of the Cloud In this report F5 poses questions to IDC analysts, Sally Hudson and Phil Hochmuth, on behalf of F5's customers to better understand the...
- Mobile First: Securing Information Sprawl Learn how the partnership between Box and MobileIron can help you execute a "mobile first" strategy that manages and secures both mobile apps...
- The Truth About Cloud Security "Security" is the number one issue holding business leaders back from the cloud. But does the reality match the perception?
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!