The Limited Times

Now you can see non-English news...

Union and SPD agree: intelligence services should get state Trojans

2021-05-03T15:18:15.056Z

The BND, the Protection of the Constitution and the MAD will in future be allowed to hack suspects' devices and read their chats via encrypted messengers. The Union and the SPD have agreed on this.



Enlarge image

Messenger apps for encrypted communication: Threema, Signal, WhatsApp

Photo: DPA

After much back and forth, the secret services are now to be given more extensive powers to monitor communications via encrypted messenger services.

The leaders of the Union and SPD have agreed on this, as the SPD faction confirmed to SPIEGEL.

First, Die Welt reported on it, citing information from the parties involved.

It is primarily about the so-called source telecommunication monitoring (source TKÜ) for listening to ongoing conversations, but not about online searches, i.e. searching through stored data on a hacked device.

According to Paragraphs 100a and 100b of the Code of Criminal Procedure, police authorities may use both.

According to the “Welt” report, the draft law that the government passed last year should be introduced to the Bundestag this week and then passed quickly.

As part of the new regulation, the Military Counter-Intelligence Service (MAD) should also be given the authority to enter its information into the Intelligence Information System (NADIS) in order to improve the exchange between the authorities, it said.

The aim of the constitutional protection reform is to make it easier for the secret services to spy out communication in digital space.

According to the submission, the source TKÜ is intended to help clarify serious threats to the democratic constitutional state.

However, details are still open according to "Welt".

What are state trojans?

Expand the State espionage software area

Surveillance programs that law enforcement officers secretly install on suspects' devices are colloquially known as state trojans.

A distinction is made between the goal of only monitoring an ongoing communication or searching the entire target device.

Expand area Quelle-TKÜ

According to Section 100a of the Code of Criminal Procedure, German prosecutors are allowed to monitor ongoing communication between suspects directly at the source (source telecommunications monitoring, in short: Quellen-TKÜ) - i.e. on their computer or smartphone, with the help of secretly smuggled software.

This can be necessary if the communication is encrypted, for example via WhatsApp.

Without access to the device from the sender or recipient, it cannot be monitored, unlike with classic SMS.

Expand areaOnline searches

Section 100b of the Code of Criminal Procedure regulates online searches.

With the help of special surveillance software, the police can secretly and remotely view all files, programs and messages on a device.

The intervention is therefore more serious than a source TKÜ.

Expand the Equipment of the Federal Criminal Police Office (BKA)

The BKA has developed appropriate software for the Quellen-TKÜ itself.

It is called "Remote Communication Interception Software" (RCIS).

The development cost almost six million euros.

The first version could only record Skype calls and only worked on Windows computers.

The second version can do more.

In addition, the authority bought a license for the FinFisher / FinSpy software from the German-British company Elaman / Gamma back in 2013.

According to »Welt«, however, it has only been allowed to be used since the beginning of the year.

For the online search, the BKA is still working on an in-house development.

Expand the equipment of the state criminal investigation offices

The state criminal investigation offices (as of January 2018) do not have their own Trojans.

The BKA may provide administrative assistance.

But at least until May 2018, according to the federal government, this did not happen, at least not in closed proceedings.

Offensive Skills and IT Security Issue Expand

In order for the monitoring software to even land on the target device and work there unnoticed, it must exploit security gaps in the hardware, the operating system or individual application programs.

The developers therefore aggressively exploit known, but not fixed, or newly discovered vulnerabilities instead of reporting them to the manufacturers and thus strengthening the IT security of all users.

The draft law to adapt the constitutional protection law would oblige cell phone and Internet providers, commercial WLAN operators and other companies to help the authorities with the secret installation of the surveillance software.

"It is very important that the amendment to the protection of the constitution comes now," the newspaper quoted the domestic political spokesman for the Union parliamentary group, Mathias Middelberg (CDU).

It is a central component in the "better fight against right-wing extremism and Islamism".

It should make no difference whether terrorist networks use normal phones or Skype and WhatsApp, Middelberg emphasized.

The deputy SPD parliamentary group leader Dirk Wiese told the »Welt«: »This means an important reform for the security authorities and it is an important signal that, after Olaf Scholz and Horst Seehofer agreed in principle, parliamentary deliberations can now start."

pbe / AFP

Source: spiegel

All tech articles on 2021-05-03

You may like

News/Politics 2021-03-02T21:31:21.123Z

Trends 24h

Tech/Game 2021-05-12T11:47:19.651Z

Latest

© Communities 2019 - Privacy