A state trojan is when a government authority places a secret, hidden spy program on your computer, smartphone, tablet or server. It can be used to monitor everything you do. No matter if you use encryption or safe messaging apps. What you see, the police and intelligence authorities will see. Every keystroke can be tracked, often in real time. All your files can be accessed. All your communications can be scrutinized.
And, in the words of the founder of state intelligence, Cardinal Richelieu… “If you give me six lines written by the hand of the most honest of men, I will find something in them which will hang him.”
Many countries are already using state spy trojans for surveillance. And others are to follow suit. At the moment countries like Spain and Sweden are trying to rush legislation trough.
State trojans are usually not used for mass surveillance. (But they can be.) At least not in most countries — where some sort or court order or other judicial process under the rule of law will apply before the trojan is being launched. So, the main problem in most cases is not about people’s right to privacy in general. This is targeted surveillance. But of course, it can be misused and/or used too generously.
The real problem is that state (and other) spy trojans will make our computers and entire IT systems vulnerable. In turn, this can be used by criminals, by foreign governments and by others interested in you, your communications and your data.
And what will happen when governments are using the same sort of tools as criminals? In the words of Amelia Andersdotter and Christer Spörndly… “The logical, and very disturbing, consequence is that there will be no incitement to identify and stop security vulnerabilities.” There are no security glitches only accessible for the government. If you leave a door open, it is open for everyone.
And to build these spy trojans, governments will have to use some sort of known security vulnerabilities. Or even worse, they might buy spyware from external developers — who also have other customers…
State spy trojans are a nightmare. They will make us all less safe.
/ HAX
So very true. You should check out http://www.librecmc.org. There aren’t many devices for which we actually have complete control of or knowledge of there inner workings in depth. Mainly because the majority of products are built around “intellectual property” of other companies and the company that sells/designs the product doesn’t have control of certain pieces within.
In fact in most cases there is very little real competition so there are zero companies you can go to to build or design a product that respects users freedoms and privacy. For example there are no devices with an 802.11ac wireless chipset for which we have complete control of and/or knowledge of there inner workings. The reason is *all* the companies (there are 3-5 at best) which design the 802.11ac wifi chips have refused to release the source code thus far.
The LibreCMC project is basically a project that produces a 100% libre (ie we have the complete set of code) embedded distribution and the number of devices which can be supported by it can probably be counted on all of two hands. There are exactly two commercial products out which are utilizing the distribution and one place to get them: http://www.thinkpenguin.com (disclaimer: CEO here).
Don’t even get me started about laptops and desktops. We need to move to ARM if we’re even going to be able to gain full control of our laptops/desktops and right now ARM is still pretty terrible. All the ARM laptops contain a wifi chip which depend on proprietary software. My company is doing some work to design a laptop that can be more easily adapted and manufactured in smaller than usual quantities- thus hopefully making it feasible to release a 100% libre laptop. This is probably the only hope we have for gaining control over our computers going forward. Intel and AMD are dead ends.