Skip to content

Amid Calls for “Less Democracy,” German Security Agencies Caught Planting Spyware on Private Computers

Dissident Voice Article

By Tom Burghardt

Revelations by the Chaos Computer Club (CCC) that German secret state agencies are installing spyware on personal computers capable of transforming a PC’s webcam and microphone into a listening device, sparked outrage across the political spectrum.

It has since emerged that despite legal requirements that police do so only with a warrant and only if surveillance intercepts are used to prevent threats to “life, limb or liberty,” authorities are not complying with strict limits laid down by Germany’s Supreme Court.

And while these disclosures may have ignited a political firestorm in Berlin, they will come as no surprise to readers of Antifascist Calling.

Three years ago, I reported that Germany’s foreign intelligence service, the Bundesnachrichtendienst or BND, was caught up in a major scandal after the whistleblowing web site WikiLeaks, published documents which revealed that the agency had extensively spied on, and even recruited, journalists for use in illicit intelligence operations.

Recalling the CIA’s long-running Operation Mockingbird program that enrolled journalists as spies in what are now euphemistically called “influence operations,” the covert manipulation of the domestic and foreign press according to WikiLeaks, showed “the extent to which the collaboration of journalists with intelligence agencies has become common and to what dimensions consent is manufactured in the interests of those involved.”

BBC News reported that “Bavaria has admitted using the spyware, but claimed it had acted within the law.” And Deutsche Welle disclosed that “several additional German states have admitted to deploying spyware,” including “Baden-Württemberg, Brandenburg, Schleswig-Holstein and Lower Saxony,” but like their counterparts in Bavaria, those officials also claimed they had operated “within the parameters of the law.”

As I have written many times, the secret state is bound by their own set of “laws.” Normal rules and procedures which are supposed to protect citizens from unwarranted government intrusions are deemed inoperative for reasons of “national security.”

In the United States, constitutional protections designed to guarantee the right of citizens to protest, enjoy a modicum of privacy in their daily lives or, at the most basic level, have their day in court before being executed, have been overthrown by two successive administrations who assert the right to conduct the affairs of state in secret, according to a set of legal guidelines which are unreviewable by any court.

It would appear that similar moves are underway in Germany.

‘Backdoor Functionality’

The Chaos Computer Club revealed in their analysis that when they reverse engineered the program, variously dubbed “0zapftis”, “Bundestrojaner” or “R2D2,” they discovered that the spyware “found in the wild” and “submitted to the CCC anonymously,” can “not only siphon away intimate data but also offers a remote control or backdoor functionality for uploading and executing arbitrary other programs. Significant design and implementation flaws make all of the functionality available to anyone on the internet.”

Club researchers learned that “the trojan’s developers never even tried to put in technical safeguards to make sure the malware can exclusively be used for wiretapping internet telephony, as set forth by the constitution court. On the contrary, the design included functionality to clandestinely add more components over the network right from the start, making it a bridge-head to further infiltrate the computer.”

“The government malware can,” analysts noted, “unchecked by a judge, load extensions by remote control, to use the trojan for other functions, including but not limited to eavesdropping.”

“This complete control over the infected PC, is open not just to the agency that put it there, but to everyone. It could even be used to upload falsified ‘evidence’ against the PC’s owner, or to delete files, which puts the whole rationale for this method of investigation into question.”

Their study also “revealed serious security holes that the trojan is tearing into infected systems. The screenshots and audio files it sends out are encrypted in an incompetent way, the commands from the control software to the trojan are even completely unencrypted. Neither the commands to the trojan nor its replies are authenticated or have their integrity protected.”

“We were surprised and shocked by the lack of even elementary security in the code. Any attacker could assume control of a computer infiltrated by the German law enforcement authorities,” a CCC spokesperson commented. “The security level this trojan leaves the infected systems in is comparable to it setting all passwords to ’1234′.”

Nothing ‘Magical’ about this ‘Lantern’

There are glaring similarities between the “R2D2″ package deployed by German police and “Magic Lantern” software used by the FBI. As with Bureau spyware, the German program is a keystroke logging virus installed via a malicious email attachment or by exploiting operating system vulnerabilities.

When news of the FBI program first broke back in 2000, the Electronic Privacy Information Center (EPIC) obtained documents under a Freedom of Information Act request relating to the system, which were part of a suite of surveillance tools then called Carnivore.

At the time, EPIC revealed that the FBI “had developed an Internet monitoring system that would be installed at the facilities of an Internet Service Provider (ISP) and would monitor all traffic moving through that ISP.”

Once a user is spoofed into installing the malicious Trojan, it is activated when PGP encryption is used to enhance email security. When switched on, the Trojan will log the PGP password which will then allow the agents to read the encrypted communications unbeknownst to the sender. Since its first iteration in the 1990s, such programs are exponentially more sophisticated and are now capable of scooping-up virtually everything a user stores on a computer or handset.

A 2007 exposé by Wired Magazine revealed that Magic Lantern’s “computer and internet protocol address verifier” or CIPAV, “gathers a wide range of information, including the computer’s IP address; MAC address; open ports; a list of running programs; the operating system type, version and serial number; preferred internet browser and version; the computer’s registered owner and registered company name; the current logged-in user name and the last-visited URL.”

And once that data was obtained, it was siphoned-off to the Bureau’s technology laboratory in Quantico, Virginia via fiber optic splitter cables.

As whistleblower Babak Pasdar revealed in 2008, following earlier disclosures by AT&T whistleblower Mark Klein, Verizon, and other giant telecommunications firms, including AT&T, maintained a high-speed DS-3 digital line that handed the Bureau and other security agencies “unfettered” access to the carrier’s wireless network, including billing records and customer data “transmitted wirelessly.”

Just after the scandal broke, Wired Magazine disclosed that “two years before the Bavarian state in Germany began using a controversial spy tool to gather evidence from suspect computers, German authorities approached the Federal Bureau of Investigation to discuss a similar tool the U.S. law enforcement agency was using.”

“Bavarian authorities,” Wired reported, “began using their spyware in 2009. It’s not known if that spyware is based on the FBI’s, but in July 2007, German authorities contacted the FBI seeking information about its tool.”

The FBI’s assistant legal attache in Frankfurt “sent an email to Bureau colleagues on July 24, 2007, writing, ‘I am embarrassed to be approaching you again with a request from the Germans … but they now have asked us about CIPAV (Computer Internet Protocol Address Verifier) software, allegedly used by the Bu[reau]‘.”

The email uncovered by Wired was part of a huge cache of files obtained by the Electronic Frontier Foundation (EFF) in response to their 2007 Freedom of Information Act request for data on CIPAV.

In the years since those disclosures, secret state surveillance is more pervasive than ever and and now includes the “lawful interception” of GPS locational data streamed automatically to their manufacturers or hosting services by smart phones.

It appears that German secret state officials are playing a similar game. According to Der Spiegel, at least two agencies, the Bundeskriminalamt, or BKA, the federal crime investigation agency equivalent to the FBI, and some 16 Landeskriminalamt or LKAs, regional investigative bureaus, may have deployed the malware during wide-ranging investigations unrelated to terrorism.

Following Chaos Computer Club revelations, it is clear that German authorities have been caught red-handed violating a landmark decision by the Supreme Court. “The court,” Der Spiegel noted, “specified that online spying was only permissible if there was concrete evidence of danger to individuals or society.”

In a follow-up piece, Der Spiegel disclosed that the firm DigiTask was the spyware’s developer. Along with hundreds of similar firms, DigiTask is a niche security outfit that develops applications for the so-called “lawful interception” market.

In 2008, WikiLeaks released two documents concerning “interception technology for Skype and SSL in Bavaria, Germany. The first document is a communication by the Bavarian Ministry of Justice to the prosecutors office, relating to cost distribution for the interception licenses between police and prosecution. The second document allegedly presents the offer made by Digitask, the German company developing the technology, and holds information on pricing and license model, high-level technology descriptions and other detail.”

According to the WikiLeaks analysis, the DigiTask offer “introduces a basic description of the cryptographic workings of Skype, and concludes that new systems are needed to spy on Skype calls.”

We were informed in that letter that German police were interested in standing-up a “Skype Capture Unit.”

“In a nutshell: malware is installed onto a target machine, to intercept Skype Voice and Chat. Another feature introduced is a recording proxy, that is not part of the offer, yet would allow for anonymous proxying of recorded information to a target recording station. Access to the recording station is possible via a multimedia streaming client, supposedly offering real-time interception.”

“Another part of the offer,” WikiLeaks noted, was related to “an interception method for SSL based communication, working on the same principle of establishing a man-in-the-middle attack on the key material on the client machine. According to the offer, this method works for Internet Explorer and Firefox web browsers. Digitask also recommends using overseas proxy servers, to cover the tracks of all activities.”

As it turns out those proxy servers were conveniently located in the United States. This raises the distinct possibility that information captured by German secret state officials is also being shared with “partner agencies” of their close NATO ally, the CIA, FBI and NSA.

This was confirmed by CCC’s analysis of R2D2′s code. “To avoid the location of the command and control server, all data is redirected through a rented dedicated server in a data center in the USA. The control of this malware is only partially within the borders of its jurisdiction.”

“Considering the incompetent encryption and the missing digital signatures on the command channel, this poses an unacceptable and incalculable risk. It also poses the question how a citizen is supposed to get their right of legal redress in the case the wiretapping data get lost outside Germany, or the command channel is misused.”

The short answer is, they can’t.

Aside from lining the pockets of DigiTask shareholders, there are more sinister uses for the malware. As the World Socialist Web Site noted “the remote-control function could be used to load and execute malicious software, and to plant bogus digital evidence on the computer, which can then be detected if the computer was seized. A suspect would have no way of proving that this had happened.”

This would certainly be a convenient way to “neutralize” a troublesome politician, journalist or over-eager anticorporate campaigner.

‘Less Democracy’

Following similar efforts in the United States, evidence that police are illegally spying on German citizens using sophisticated malware developed for the government are neither benign nor accidental events.

As a recent article in German Foreign Policy disclosed, leading voices in Europe’s largest state are “pleading for a transition toward ‘less democracy’.” A recent book, published under the title, Dare Less Democracy, claims that the “voice of the people” and the “‘emancipatory Zeitgeist, putting everything into question,’ has a too ‘paralyzing influence” on current governance’.”

“The author,” the critical online leftist magazine observes, “demands to ‘correct the system’ for ‘more efficient policy making.’ These ‘corrections’ must include the dismantlement of democratic participation.”

Author Laszlo Trankovits, the bureau chief of the Deutsche Presse Agentur in South Africa, who had previously worked for the agency in Washington “as its White House correspondent,” explained “it should never be suggested that a ‘democratic society can do away with inequality and establish social justice’.”

“Trankovits,” German Foreign Policy notes, is “a member of the elitist Rotary-Club.” He demands that “the elite clearly ‘commits itself to capitalism and profit,’ and that ‘intelligent forms of public relations’ be used to communicate policy measures to the population. However, the demand for more ‘transparency’ is ‘counterproductive and paralyzing’ for any ‘governance efficiency’ and must be rejected.”

That drivel such as this was penned by a journalist for Germany’s leading news agency, to whit, that the media should serve as a propaganda mouthpiece for casino capitalist interests, is one more sign that democratic norms, already seriously eroded in the West, are now being rapidly jettisoned by our political masters.

With the global capitalist system on the verge of a repeat performance of the 2008 meltdown, and with a worldwide resurgence of opposition to the one-sided costs of saving a system of financial plunder borne by the working class, elite calls for “less democracy” are warning signs that stern measures, including blanket surveillance and naked police violence, are in the offing.

View the original article at

Related Posts with Thumbnails

Posted in Civil Rights and Privacy, Freedom of Speech, Internet, Politics.

Tagged with , , , , , .

0 Responses

Stay in touch with the conversation, subscribe to the RSS feed for comments on this post.

Some HTML is OK

or, reply to this post via trackback.

Support #altnews & keep Dark Politricks alive

Remember I told you over 5 years ago that they would be trying to shut down sites and YouTube channels that are not promoting the "Official" view. Well it's all happening now big time. Peoples Channels get no money from YouTube any more and Google is being fishy with their AdSense giving money for some clicks but not others. The time is here, it's not "Obama's Internet Cut Off Switch" it's "Trumps Sell Everyones Internet Dirty Laundry Garage Sale". This site must be on some list at GCHQ/NSA as my AdSense revenue which I rely on has gone down by a third. Either people are not helping out by visiting sponsors sanymore or I am being blackballed like many YouTube sites.

It's not just Google/YouTube defunding altenative chanels (mine was shut), but Facebook is also removing content, shutting pages, profiles and groups and removing funds from #altnews that way as well. I was recently kicked off FB and had a page "unpublished" with no reason given. If you don't know already all Facebooks Private Messages and Secret Groups are still analysed and checked for words related to drugs, sex, war etc against their own TOS. Personally I know there are undercover Irish police moving from group to group cloning peoples accounts and getting people booted. Worse than that I know some people in prison now for the content they had on their "secret private group". Use Telegrams secret chat mode to chat on, or if you prefer Wickr. If you really need to, buy a dumb phone with nothing for the NSA/GCHQ to hack into. Ensure it has no GPS tracking on it and that the battery can be removed. These are usually built for old people to get used to technology storing only a set of numbers to call. However they have no games, applications to install or other ways people can exploit the computer tracking device you carry round with you most of the day - your smart phone. If you are paranoid ensure that you can remove the battery when travelling around and do so to prevent GPS tracking or phone mast triangulation. Even with your phone in Flight mode or turned off, it can be turned on remotely and any features like front or back cameras, microphones and keylogging software can be installed to trace you.

So if your not supporting this site already which brings you news from the Left to the Right (really the same war mongering rubbish) then I could REALLY do with some..

Even if it's just £5 or tick the monthly subscription box and throw a few pound my way each month, it will be much appreciated. Read on to find out why.


Any support to keep this site would be appreciated. You could set up a monthly subscription for £2 like some people do or you could pay a one off donation as a gift.
I am not asking you to pay me for other people's articles, this is a clearing house as well as place to put my own views out into the world. I am asking for help to write more articles like my recent false flag gas attack to get WWIII started in Syria, and Trump away from Putin. Hopefully a few missiles won't mean a WikiLeaks release of that infamous video Trump apparently made in a Russian bedroom with Prostitutes. Also please note that this article was written just an hour after the papers came out, and I always come back and update them.

If you want to read JUST my own articles then use the top menu I have written hundreds of articles for this site and I host numerous amounts of material that has seen me the victim of hacks, DOS plus I have been kicked off multiple hosting companies, free blogging sites, and I have even had threats to cease and desist from the US armed forces. Therefore I have to pay for my own server which is NOT cheap. The more people who read these article on this site the more it costs me so some support would be much appreciated.

I have backups of removed reports shown, then taken down after pressure, that show collusion between nations and the media. I have the full redacted 28/29 pages from the 9.11 commission on the site which seems to have been forgotten about as we help Saudi Arabia bomb Yemeni kids hiding in the rubble with white phosphorus, an illegal weaapon. One that the Israeli's even used when they bombed the UN compound in Gaza during Operation Cast Lead. We complain about Syrian troops (US Controlled ISIS) using chemical weapons to kill "beautiful babies". I suppose all those babies we kill in Iraq, Yemen, Somalia and Syria are just not beautiful enough for Trumps beautiful baby ratio. Plus we kill about 100 times as many as ISIS or the Syrian army have managed by a factor of about 1000 to 1.

I also have a backup of the FOX News series that looked into Israeli connections to 9.11. Obviously FOX removed that as soon as AIPAC, ADL and the rest of the Hasbra brigade protested.

I also have a copy of the the original Liberal Democrats Freedom Bill which was quickly and quietly removed from their site once they enacted and replaced with some watered down rubbish instead once they got into power. No change to police tactics, protesting or our unfair extradition treaty with the USA but we did get a stop to being clamped on private land instead of the mny great ideas in the original.

So ANY support to keep this site running would be much appreciated! I don't have much money after leaving my job and it is a choice between shutting the server or selling the domain or paying a lot of money just so I can show this material.

Material like the FSB Bombings that put Putin in power or the Google no 1 spot when you search for protecting yourself from UK Police with "how to give a no comment interview". If you see any adverts that interest you then please visit them as it helps me without you even needing to give me any money. A few clicks per visit is all it takes to help keep the servers running and tag any tweets with alternative news from the mainstream with the #altnews hashtag I created to keep it alive!

However if you don't want to use the very obvious and cost free ways (to you) to help the site and keep me writing for it then please consider making a small donation. Especially if you have a few quid sitting in your PayPal account doing nothing useful. Why not do a monthly subscription for less money instead. Will you really notice £5 a month?