Sunday, December 23, 2007
German Police, Skype, and Trojan Horses
A commentator on a podcast I recently listened to made an offhand comment that the German police were unhappy with Skype because they can't break Skype's encryption. My first thought was that such privacy is the point of encryption, right? Then I thought I should verify that the German police really were unhappy. That led me to this link at Yahoo Canada. It looks like the German Federal Police (BKA) don't have a problem with Skype in particular, but want to be able to tap phone calls. Their approach is to plant Trojans on suspected criminals' machines which, IMHO, is a pretty extreme step. Who's developing the Trojan? Is it someone the BKA can really trust? How do they ensure the Trojan doesn't leak data to anyone but the investigative team that planted it? Does the Trojan have any side effects that impact the performance or security of the suspect's machine?