Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

German government admits using Skype spy Trojan

Hackers point out security flaws in official surveillance tool

Article comments

Officials in a number of German state governments have owned up to using the Quellen-TKÜ Trojan Horse software in criminal investigations to intercept encrypted telecommunications on PCs.

At least one state said it has suspended use of the software, after the Chaos Computer Club discovered that it could be controlled by anyone, not just law enforcement officers.

Bavarian Interior Minister Joachim Herrmann said that interception of encrypted telecommunications using Quellen-TKÜ is a legally authorised law enforcement measure in the fight against serious crime. Bavaria has always operated within the rules up to now, and all such intercepts have been preceded by a court order as required by law, he said, according to a statement from the Bavarian Interior Ministry.

The legal restrictions on the use of such intercept software on PCs were set out in a 2008 ruling by Germany's Federal Constitutional Court, and require among other things that the software used be capable only of recording voice calls, much as a traditional wiretap would, and not be capable of eavesdropping at other times, or of capturing other data from the PC such as screenshots or files.

Despite his reassurances about the legality of the Quellen-TKÜ, Herrmann said he had asked the Bavarian State Commissioner for Data Protection to carefully check that the appropriate technical measures were implemented with regard to the Quellen-TKÜ software, and that the state had complied with legal requirements. The ministry's specialists will conduct an intensive investigation into the matter, he said.

Doubts about the legality of the software were raised over the weekend by the Chaos Computer Club (CCC), which discovered that the software could accept instructions to download and activate new surveillance functions. CCC also discovered that those instructions were not authenticated: the software it tested will accept them from anyone, not just law enforcement officers.

After Bavaria's admission, the Ministry of the Interior for the German state of Baden-Württemberg said that it had used the same software as Bavaria to intercept calls in "individual cases." Its use of Quellen-TKÜ was within the law, but nevertheless, Baden-Württemberg Interior Minister Reinhold Gall has temporarily suspended the state's use of the software as a precaution, pending a fuller investigation, the ministry said.

The German state of Hessen has also used Quellen-TKÜ, but only within the limits prescribed by the Federal Constitutional Court, Hessen Interior Minister Boris Rhein said Monday. Police in Hessen have so far used only legally compliant software versions that have been programmed under court order, he said.

However, he said he would seek clarification from the German Federal Interior Minister and discuss the matter with interior ministers from other German states.

Two other states, Brandenburg and Lower Saxony, have also admitted using software to intercept encrypted voice communications on suspects' PCs, according to local media reports.

Brandenburg police used the same Quellen-TKÜ software as that used in Bavaria, according to the Berliner Morgenpost, but the software used in Lower Saxony is different, the chief of the state police authority, Uwe Kolmey told North German radio station NDR.

German Federal Justice Minister Sabine Leutheusser-Schnarrenberger said that a "comprehensive and complete investigation" of the use of the software was now necessary to maintain German citizens' confidence in the rule of law.

The Federal Interior Ministry is now conducting inquiries to find out whether the monitoring software has been used by police authorities across Germany, but that ministry is not responsible for intelligence agencies such as the Federal Intelligence Service, Leutheusser-Schnarrenberger said in an interview with the Passauer Neue Presse, a transcript of which was published in German on the Justice Ministry's website.



Share:

More from Techworld

More relevant IT news

Comments



Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *