Government sponsered spyware vs. anti-virus software?

["Richard M. Smith" <rms () bsf-llc com>]

> From Slashdot.  
 
Will this Swiss-government sponsored spyware really be able to avoid
detection by anti-virus, anti-spyware, and firewall software?
 
Also, how does an ISP "slip" this spyware onto a customer's computer in the
first place?
 
Here's the company's Web site:
 
    http://www.era-it.ch/
 
I don't understand German.  Does anyone know if this Web site has anything
interesting to say?  I would love to ask the management of the company about
some of the questionable claims in this article.
 
Richard M. Smith
http://www.ComputerBytesMan.com
 
  _____  

 
http://www.heise-security.co.uk/news/79212

Superintendent Trojan 



Whilst listening in on normal telephone calls over landlines or mobile phone
networks has become a routine procedure, Voice over IP connections
frequently present a problem for investigators, especially when the persons
being monitored use Skype via foreign servers or call direct from PC to PC
and encrypt their data. The Swiss Department of the Environment, Transport,
Energy and Communications (UVEK <http://www.uvek.admin.ch/> ) is therefore
examining the use of spy software to allow it to listen in on conversations
on PCs. 

 
<http://oas.wwwheise.de/RealMedia/ads/adstream_lx.ads/www.heise.de/security_
uk/news/294989972/Middle1/he-test-contentads/zaehler.html/343136303337346134
35326230303230?_RM_EMPTY_>      

The software comes from Swiss security company ERA IT Solutions
<http://www.era-it.ch/> , which intends to supply it solely to investigation
agencies. This should also prevent antivirus manufacturers from
incorporating it into their databases and having their tools recognise it.
According to the manufacturer, firewalls do not present a problem. 

Installation of the software wiretap is to be carried out on the
instructions of a judge only. The ISPs of the persons under investigation
will then slip the program onto their computers. The program will save
overheard conversations and send them to a server in small, inconspicuous
packets. If the computer is turned off before all the data has been
transmitted, the program will continue transmission when it is restarted. 

The wiretap has some additional functions. For example, the built in
microphone on a laptop can be turned on to monitor a room or webcams can be
activated. As the latter is usually indicated by an LED, this is unlikely to
be useful in practice. Once wiretap activities have been completed, the
software can be programmed to uninstall itself at a given time. 

Until now the project had been carried out in secret, but it has now been
reported in the SonntagsZeitung. It quotes Charles Gudet, the head of the
Special Services Department of the UVEK, who admits that there is no clear
legal basis for the use of Trojans in the Federal Post and
Telecommunications Surveillance Act. In contrast, canton and federal
criminal proceedings regulations permit the use of software wiretaps in
accordance with the regulations governing surveillance using technical
surveillance equipment.

Attachment: 34313630333734613435326230303230__RM_EMPTY_.dat
Description:

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.