Hacker News Puzzle

It was good to see how much interest my two posts on details of police surveillance in Germany generated outside the country. In fact much more than in Germany itself. Thanks! I’ll try and post this kind of news more often in English as well.

One of the articles that got a lot of attention was this one German Police eavesdropping Facebook, Gmail, Skype Conversations by The Hacker News. Unfortunately it mixes up some details:

An eavesdropping tool allegedly used by the German government to intercept Skype calls is full of security problems and may violate a ruling by the country’s constitutional court, according to a European hacker club. The information was released as part of a move towards financial transparency. The government released figures of expenses incurred by the Federal Ministry of the Interior following a parliamentary inquiry.

The ‚eavesdropping tool‘ is the trojan virus analysed by the CCC (the ‚European hacker club‘) one year ago. This was not released now and certainly not as a move towards financial transparency. The released figures mentioned in my blogpost two weeks ago very likely also cover payments for the trojan by Digitask – the company that sold the trojan to the government – but that’s not entirely evident from the covered document by the Federal Ministry of the Interior in July.

The Chaos Computer Club obtained several versions of a program that has allegedly been used by German law enforcement in possibly hundreds of investigations to intercept Skype calls, said Frank Rieger, a member of the club. On page 34 and page 37 of the report the cost …

Frank did say that, only not just now. While the report is all new.

I do think it’s great the issue got coverage from the Hacker News and I completely agree with the conclusion:

Tapping a phone is acceptable in today’s democracy because there are procedures in place for that sort of surveillance, But we are sort of sleep walking quietly from one level to the next.

Just wanted to be clear about what’s what: There’s been one year in between the latest publication of news by the CCC about the government trojan and then my blogpost about public spending on surveillance equipment. My impression is that the post on Hacker News got a bit confused over that. Or that maybe too much got edited out of the original version?

And THEN, one week later, the government had to admit that they haven’t found anyone who’d develop a brandnew trojan virus for them so they won’t have to buy more from DigiTask, contrary to what they promised. But that’s a different story again. (Which I’d love to see on some more news sites).