> We probably all followed the discussion in Germany about the
> "Bundestrojaner" and how it failed.
>
> And of course, a trojan spying on citizens is a major impact in privacy,
> which is not acceptable.
Try to argue about that with people who have a facebook-account.
Last count: 500 000 000+.
Privacy is something, only old people seem to care about.
> However I don't think, that it's possible to create such a trojan and
> use it, because of the following facts:
>
> - It's not very easy to put a trojan in a system of a prudent user, who
> updates regularly and doesn't open every mail or document received.
> - Virusscanners will soon know the trojan
> - The swiss government doesn't have enough power to force antivirus
> software creators to ignore the trojan.
Maybe not the Swiss government.
But I'd like to point out that we already have an infrastructure for
lawful inspection ("LI") of telephone calls (it's actually a thriving
industry...).
As such, there are even standardization-bodies for it.
Do you think that it's impossible an industry-standard for LI of
individual PCs might emerge?
AV-vendors are global companies, mostly. Just like telcos, they'd have to
implement what governments order them to do.
Even for "normal" malware, the detection-rate of AV-software is mediocre
to the point that it's barely above placebo-level.
How would you know that a certain AV-software does not detect a trojan?
With the exception of clamav, no AV-engine is open-source, neither are the
signatures.
And even clamav is now owned by a commercial company (Sourcefire,
incidentially the company behind the only open source Intrusion Detection
System).
> - Not all criminals use Windows ;-)
Indeed, but most do. And rootkits exist for Linux + BSD, too.
What politicians don't seem (or simply don't want) to understand is that
the problem of these LI-technology lie in the huge potential for abuse and
misuse.
Politicians sometimes seem to live in an ideal world, where there is no
corruption and no abuse of power (or they are simply not negatively
affected by it...).
Rainer
_______________________________________________
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
