Coder of Swiss Wiretapping Trojan Speaks Out 114
Lars Sobiraj writes "Ruben Unteregger has worked for a long time as a software-engineer for the Swiss company ERA IT Solutions. His job there was to code malware that would invade PCs of private users, and allow the wiretapping of VoIP calls — in particular, calls made through Skype. In the German-speaking areas of the country, the Trojans were called 'Bundestrojaner' because the Swiss government was involved with their development and use. Unfortunately, Unteregger has to remain silent about the customers of the company. Last night, he published the source code of his Skype-Trojan under the GPL."
Re:Government Support Malware... Great... (Score:4, Informative)
I don't think this will help Skype a lot, at best they could attempt to stop this particular trojan.
We're talking about a trojan that has complete access to the local machine. At some point in the software Skype has to decrypt the audio transmission and send the data via the OS's audio API, and that is where this trojan will intercept the data. Skype now knows how the trojan intercepts the data, and at best they could frustrate it in a new version (which would work until the trojan is updated).
The big question is if Skype is still secure without having to gain access to the local machine (ie. can law enforcement decrypt Skype traffic).
Re:GPL ? (Score:5, Informative)
Most certainly the guy doesn't even own the source code since he did it under contract from an employer, so he cannot really "release" what is not his... Maybe I'm wrong and he owns the source code though.
From the article:
"There won't be problems about copyright, because ERA IT Solutions let me keep it... About the details, why I keep the copyright on this, I can't offer a statement. As already mentioned I agreed to absolute silence. You can speculate now or ask the sources directly. "
Re:GPL ? (Score:3, Informative)
From TFA:
Rubin Unteregger: Yes, thatÂs the plan. The source code of this wiretapping trojan will be published in the upcoming days. There won't be problems about copyright, because ERA IT Solutions let me keep it.
Re:Call me naive... (Score:5, Informative)
You're naive.
I'm not going to go searching on Google now but there are already loads of malware toolkits out there being used by script kiddies, some of which are rather easier to use than "First learn to code in C". This doesn't change anything.
Bundestrojaner = Federal Trojan (Score:1, Informative)
In case anyone was curious, "Bundestrojaner" means "Federal Trojan" (if I'm remembering right from my highschool German classes).
Re: Now, Would A Patriot Please Post (Score:3, Informative)
Although, come to think of it, that would explain why the wiretapping program hasn't produced much by way of results...
Re:Doesn't (Score:2, Informative)
Last I checked Switzerland was a nation independent of the United States and thus not subject to the DMCA and other such nonsense.