Deutsche malware

A Nelson-esque “Ha Ha” if you thought that other EC countries might be havens where the seemingly outdated Euro-values (justice, tolerance, protection under the law, presumption of innocence, free speech) are still observed.

The government of Germany (that’s the combined former East & West Germanies. Remember East Germany? That’s the one with the Stasi and a population that was so avid for freedom 20 years ago) has approved what the Register calls a Plod-spyware law.

This handy law will give the German government the “anti-terror” powers to monitor private homes, phones and computers. Don’t you just love the TWAT? Any government in the world can now take any powers they fancy just by invoking its name.

Instead of tapping phones, they would be able to use video surveillance and even spy software to collect evidence. Physically tampering with suspects’ computers would still not be allowed, but police could send anonymous e-mails containing trojans and hope the suspects infect their own computers (from the Register story)

Wow, government spam that carries malware! Did I put enough exclamation marks there? Here are more!!!!!!!

These powers will only be used in exceptional cases, yada, yada, usw. Oh yeah?

There have been already been several recent scandals about over-the-top surveillance in Germany (Lidl, Deutsche Telecom, usw) Although, unlike the UK, at least the Germans don’t yet seem to lose personal data on a biblical scale. But, if the Lidl surveillance is any guide, they see information on the dates of surveillees’ menstruation as worth gathering

XanderG made a beautifully phrased comment on a WgyDontYou post a couple of weeks ago.

I’ve never understood how we’re supposed to find a needle in a haystack, by chucking in more hay. So many of these measures simply add dead-ends and wild goose chases to an already massive monitoring system. How are we going to catch anybody with real malicious plans? (XanderG)

If a government REALLY cares about preventing terrorism, it is blatantly illogical to collect massive amounts of information on the general public. It’s well nigh inconceivable how much information is flying around in a noughts-and-ones format.

For instance, almost every person I passed in a half-hour walk was having a mobile phone conversation – including three dog-walkers and two cyclists. (Cycling, in traffic, ffs. Unselfish people, trying to cull themselves for the good of the gene pool) Pretty well every house in my low-income street has a relatively-fast broadband connection. There are enough traffic cameras and public CCTV installations in a 500 yard radius to provide a year’s 24-hour broadcast reality tv on every known channel.

Scale this level of data traffic up to the population of the UK and Germany. Unless half the population is engaged in monitoring this hurricane of electronic noise – using the most advanced pattern recognition and cryptographic algorithms known to science – anyone who is gathering this data might as well not bother.

Well not if they care about detecting real social threats anyway. It might come in very handy for finding people who are spoofing their address to get their kid into a school slightly out of their area. Or it might catch someone who hasn’t paid their car tax or is claiming invalidity benefit while working (as the threatening TV and billboard ads keep telling us).

It might not seem to make sense but I have finally figured it out, with the help of the Matrix and the Church of Scientology.

Clearly, the earth is threatened by a monstrous alien intelligence that eats human data. It can only be kept at bay by feeding it gargantuan stores of bytes. Earth rulers are doing us a favour by collecting all our data and recycling it as xenofood to stuff in the gaping maw of the evil extraterrestrial overlord Zarg. They can’t tell us the truth because there would be a global panic.

A question for the lawyers out there – Sending malware in spam may not be a crime if the German police are doing it. But would installing this malware become a crime if the recipient of a German-police email were to forward the spam to, say, a member of the German government? The government of another country? A major corporation? At what point?

More database state stupidity

This is becoming a bit too much of theme. So, with apologies for the nagging, a brief rant on yet another BBC article about the database state:

Plans for a super-database containing the details of all phone calls and e-mails sent in the UK have been heavily criticised by experts.

Well, duh. I’m no “expert”. So I’m not going to criticise this for its inherent insecurity. Or the enormous cost of feeding and maintaining such a database.

I’m not even going to criticise this plan for its blatant attack on civil liberties. That should be screamingly clear to anyone with more than a dozen working brain cells.

Instead, I’m going to take the anti-terrorist claim at face value and assume, for the sake of argument, that this is not a cynical manipulation of public fear to gain draconian powers. So, I’m sticking with the sheer stupidity.

I’m going to assume that the expensively-educated people in the upper reaches of government have somehow failed to grasp some basic things about the plotting process. Maybe they should watch more TV and movies and read some detective or spy fiction.

Do terrorists really send emails to each other’s home email addresses, saying “Bring the semtex to 23 Green Street on Thursday at 3:00 o’clock?” I’m not saying it’s impossible that this happens. I just think it would be in the low single figures on a probability scale of 1 to 100.

Even without going into the far reaches of steganography and secure encryption and the dozens of effective technological ways to obscure information, the simplest of agreed code words can convey any amount of meaning. “Happy birthday!” could easily mean “Bring the …. etc”

Phone calls? Do terrorists have to call each other’s home phones? There are still a few call-boxes, for a start. Anyone can get hold of a used mobile and then use it to call another used mobile. Phone theft is hardly unheard of. Your stolen mobile phone can have arranged a dozen dastardly plots before you’ve even noticed that your bag’s been dipped. Blimey, people could even break into your house and use the phone.

Plus language. Anyone with any facility in an obscure language could openly discuss their plots on an open and attributable phone connection for 6 months before the government’s listeners get round to finding a security-cleared speaker of idiomatic Finnish to translate.

The embarrassing dictionaries of youth slang that appear occasionally in the media are testament to the fact that even speakers of a common language may have no idea what a subcultural group are saying. If you are anything like me, your conversations with close friends and family will be basically impenetrable to anyone else, with obscure catchphrases and references to long-ago lame jokes that don’t need spelling out for the recipient but would be (suspiciously) meaningless to a listener.

In any case, a serious terrorist or master-criminal would surely choose to pass messages face-to-face to their co-conspirators, in the face of electronic surveillance.

So these measures are so dumb as to be completely pointless, in terms of their supposed objective. A suspicious person might think that this suggests there is another agenda.

But, let us be charitable and assume that the WAT is being conducted by morons. In that case, may I politely suggest the “talk and resolve the issues” route….. Yet again………