|
|
|
|
|
|
by lachenmayer
5370 days ago
|
|
|
The main gripe the authors of the paper have is not that this trojan exists - there are indeed German laws that allow for such a trojan - but that it has been so insecurely implemented, and also collects information that cannot be identified as "communication" (which is a requirement for this German law). Any data received from the command and control server is sent unencrypted and unchecked. Additionally, the trojan contains a "backdoor within a backdoor", which allows any code to be attached to the trojan and executed unchecked! Moral issues of computer surveillance aside, this trojan is a shocking example of the German government's (if indeed this is a government effort) incompetence regarding the internet. |
|
|