Shoddy spyware spurs web security reform call
The Local · 20 Oct 2011, 12:21
Published: 20 Oct 2011 12:21 GMT+02:00
The snooping software, which reportedly has been used in Bavaria and several other German states, allows the authorities to monitor people’s computers. The Chaos Computer Club, the hacker organisation that exposed the so-called trojan last week, has charged that it could allow unconstitutional activities, such as controlling the webcam on someone’s PC. It also said the program has basic security flaws that could be easily exploited by wrongdoers.
State and federal officials were slated to discuss the issue Thursday during a conference call. But in advance of the meeting, conservative interior policy spokesman Hans-Peter Uhl said “the federal government will, in the future, develop the software itself.”
Uhl told the Mitteldeutsche Zeitung that the government needs to create the proper infrastructure, including research and development, in order to make such software.
Discussions are currently ongoing about how best to regulate online spying efforts in the future.
Lower Saxony Interior Minister Uwe Schünemann has called for an independent supervisory body to oversee the use of spyware by the government.
But the Federation of German Criminal Police (BDK) says a cabinet-level minister is needed to deal with the issue and broader concerns about online security.
“It is high time for a federal internet minister who solves the pressing problems of the digital age,” BDK chief André Schulz told the Neue Osnabrücker Zeitung.
Turf wars, ignorance and carelessness have prevented more coherent policies, Schulz charged.
Justice Minister Sabine Leutheusser-Schnarrenberger agreed, emphasising that “the state should not put the protection of fundamental rights into the hands of private programmers.” She has praised the CCC for bringing debate over computer spying into the public sphere.
Amid the controversy, reports have emerged that the development of spying software may have been farmed out without the bidding process typically required to ensure competition and low prices for the government, the Frankfurter Rundschau newspaper reported Thursday. Such programs were purchased by the government for more than nearly €3 million between March 2008 and January 2009, the newspaper wrote.
Officials said the necessary software development could only be done by one company and therefore a bidding process was unrealistic.