- Created on 18 October 2011
Since the start of October 2011 this has been the major domestic political topic in Germany: the Federal Trojan, also known as the State Trojan or Bavarian Trojan. Analysis of parts of the governmental spy software has already raised cause for concern. In addition to what seems to be a clear violation of the directives of the German Federal Constitutional Court this also endangers the computer security of normal citizens.
What is the Federal Trojan?
On November 9 2006 the German Lower House of Parliament passed a package of measures to counteract new terrorist dangers, the "Program for strengthening inland security" (PSIS). Part of the package involved the planning of technical measures for online searching of computers. Ultimately, this means the ability to monitor a PC connected to the Internet in a manner that is more or less undetected. This is basically the same technology as a "Trojan Horse" ("Trojan"), which has been known for many years.
Due to lack of a clear legislative basis, this type of online search has been heavily discussed since 2006. Private information is stored on home computers and this represents part of the private personal sphere of citizens. In February of 2008 the German Federal Constitutional Court issued a still valid ruling that presents high legal hurdles for online searches and defines a "Basic right to a guarantee of confidentiality and the integrity of data processing systems".
The discovery in October 2011 and its consequences
On October 8 2011 the Chaos Computer Club (CCC) stated that they had received and analyzed parts of a governmental spy program. The sensitive result: the examined Trojan was not only able to read highly sensitive data but also provided a remote control function allowing downloading and execution of any other damaging software. Ultimately this allows the complete remote control of affected computers, including manipulation of files, keyboard logging, microphone and camera recording etc.
Since eavesdropping actions are only permitted under strict conditions and restrictions this seems to be a clear violation of Constitutional Law. As if this is not enough, the Federal Trojan also appears to be sloppily programmed and contains flagrant security holes. These could theoretically be used by third-parties to gain unauthorized access to infected computers. In addition to disregarding personal rights this also represents a serious threat to the computer security of affected citizens.
Protection and a statement from Emsisoft
The Emsisoft analysis team has also researched the functionality of the Federal Trojan. This is basically a conventional Trojan, except for the small difference that it has not been developed by cyber-criminals but rather by a government department. The good news: the behavior analysis integrated into Emsisoft Anti-Malware and Mamutu also detects the Federal Trojan and can effectively protect the computer from infection.
Christian Mairoll, the General Manager of Emsisoft, says: "You can also trust our protection in the future. There currently exists no law or ruling that compels the suppliers of security software to exclude online search software such as the Federal Trojan from the detection process. If such a law is passed, or a court ruling on this occurs, then we will immediately inform our users of this fact. Until then, especially our behavior analysis module will not distinguish between "good" and "evil" Malware. As the user, you will always be able to immediately block any suspicious program."