Forgot your password?
typodupeerror
Security IT

Coder of Swiss Wiretapping Trojan Speaks Out 114

Posted by Soulskill
from the is-swiss-software-full-of-security-holes dept.
Lars Sobiraj writes "Ruben Unteregger has worked for a long time as a software-engineer for the Swiss company ERA IT Solutions. His job there was to code malware that would invade PCs of private users, and allow the wiretapping of VoIP calls — in particular, calls made through Skype. In the German-speaking areas of the country, the Trojans were called 'Bundestrojaner' because the Swiss government was involved with their development and use. Unfortunately, Unteregger has to remain silent about the customers of the company. Last night, he published the source code of his Skype-Trojan under the GPL."
This discussion has been archived. No new comments can be posted.

Coder of Swiss Wiretapping Trojan Speaks Out

Comments Filter:
  • by AlXtreme (223728) on Wednesday August 26, 2009 @11:10AM (#29202157) Homepage Journal

    By releasing the trojan's source code, Skype can fix their software.

    I don't think this will help Skype a lot, at best they could attempt to stop this particular trojan.

    We're talking about a trojan that has complete access to the local machine. At some point in the software Skype has to decrypt the audio transmission and send the data via the OS's audio API, and that is where this trojan will intercept the data. Skype now knows how the trojan intercepts the data, and at best they could frustrate it in a new version (which would work until the trojan is updated).

    The big question is if Skype is still secure without having to gain access to the local machine (ie. can law enforcement decrypt Skype traffic).

  • Re:GPL ? (Score:5, Informative)

    by wild_quinine (998562) on Wednesday August 26, 2009 @11:22AM (#29202323) Homepage

    Most certainly the guy doesn't even own the source code since he did it under contract from an employer, so he cannot really "release" what is not his... Maybe I'm wrong and he owns the source code though.

    From the article:
    "There won't be problems about copyright, because ERA IT Solutions let me keep it... About the details, why I keep the copyright on this, I can't offer a statement. As already mentioned I agreed to absolute silence. You can speculate now or ask the sources directly. "

  • Re:GPL ? (Score:3, Informative)

    by syphax (189065) on Wednesday August 26, 2009 @11:27AM (#29202419) Journal

    From TFA:

    Rubin Unteregger: Yes, thatÂs the plan. The source code of this wiretapping trojan will be published in the upcoming days. There won't be problems about copyright, because ERA IT Solutions let me keep it.

  • Re:Call me naive... (Score:5, Informative)

    by jimicus (737525) on Wednesday August 26, 2009 @11:28AM (#29202449)

    You're naive.

    I'm not going to go searching on Google now but there are already loads of malware toolkits out there being used by script kiddies, some of which are rather easier to use than "First learn to code in C". This doesn't change anything.

  • by Anonymous Coward on Wednesday August 26, 2009 @11:29AM (#29202463)

    In case anyone was curious, "Bundestrojaner" means "Federal Trojan" (if I'm remembering right from my highschool German classes).

  • by TheRaven64 (641858) on Wednesday August 26, 2009 @12:21PM (#29203493) Journal
    I suspect you mean tee, not dd. The dd command won't output anything to the stdout so grep never receives any input.

    Although, come to think of it, that would explain why the wiretapping program hasn't produced much by way of results...

  • Re:Doesn't (Score:2, Informative)

    by Stupendoussteve (891822) on Wednesday August 26, 2009 @01:55PM (#29204881)

    Last I checked Switzerland was a nation independent of the United States and thus not subject to the DMCA and other such nonsense.

Put your Nose to the Grindstone! -- Amalgamated Plastic Surgeons and Toolmakers, Ltd.

Working...