“… a boot stamping on a human face forever.” — O’Brien, from the novel 1984
A plan to use spyware as part of government investigations has sparked controversy in Germany but the Germans, apparently, are simply emulating the United States:
A scandal is brewing in Germany and elsewhere as revelations spread that the German government plans to use trojans and other forms of malware (so-called “policeware”) to spy on and track persons of interest. The plan would entail using official, legitimate e-mail channels (messages from legitimate business or government entities) in order to install specialized malware on the computers of suspected terrorists…
While the plan has many privacy advocates up in arms, Germany need only to point to the US as an example of another country were policeware is used. Back in 2001, federal agents entered the home of a criminal suspect and installed keylogging software on his computer as an end-run around the suspect’s use of encrypted communications.
The US has also been using the Internet to send “policeware” to potential suspects. The FBI’s Computer & Internet Protocol Address Verifier (CIPAV) software has already been used to bust a bomb suspect in Washington State, though the details of how it works (and even its attack vector) are classified. In the Washington case, the suspect’s MySpace page played a role in the CIPAV infection.
Despite its innocuous name, CIPAV does a bit more than “verify” a user’s IP address. IP address tracking is important, of course, for capturing people who make anonymous threats over the ‘Net, but the software can also grab MAC addresses, lists of running programs, current usernames, and the operating system version. Once this initial inventory is complete, the software sends the data back to FBI headquarters and begins to function as a “pen register” that can record web sites visited and e-mail addresses in correspondence (though not the contents).