The recent leak of the existence of malware that the Germal police might be using to intercept encrypted skype and SSLcalls has already made quite a bit of noise. It clearly suggests that the surveillance battlefield is shifting from the network to the end-host, where information and keys can be found in clear. Yet an interesting issue that is discussed in the letters relates to getting hold of the intercept material: in the old days it was gathered from the network – in the proposed architecture it is sitting on the victims’ machines.

Interestingly the proposed way of getting hold of the plaintext is through the use of an anonymous proxy! This ensures that even if a data-flow is detected by the victim, the agent doing the wiretap or the agency is not detected. Further good advice includes using a relay in a different jurisdiction to make tracing even harder, and add further uncertainty about the originator of the attack.

It is fascinating to see how, once again, law enforcement finds traffic analysis resistant communications key to their operational success. Already established standards for interception interfaces (from ETSI) stipulate that the delivery of intercept material has to be unobservable to anyone not authorised, even within the telco provider. The federal Trojan architecture pushes this even further, by requiring the malware to leak information in an unobservable manner.

The arms race is only starting…

It is not often that a technical policy matter, such as Traffic Data Retention, mobilizes the masses and is the subject of popular demonstrations. Yet during the 24th Chaos Communication Congress a sizable crowd took the streets to protest against the new German Data Retention legislation to come into effect on Jan 1st, 2008. A related debate concerns the “Federal Trojan“, a piece of malware controlled by the German federal police, used to gather intelligence from an infected computer as part of an investigation.

 The illustration (from indymedia) of this beast is priceless:

The federal trojan