Episode 70: Targeting Your Citizens with Spyware

The German government wants to put trojans on its citizens’ phones and other devices to crack end-to-end encrypted communications. And it wants to do it with as little due process as possible. Welcome to another battle in the Crypto Wars!

On this weeks episode of The Private Citizen, I examine a new law due to pass the Germany parliament any day now, which would make it legal for law enforcement agencies to put spyware on the phones of people whose end-to-end encrypted chats they can’t read. The same goes for intelligence services, who would largely not even have to follow due process to do this kind of thing.

In other news: This has nothing to do with this podcast per se, but I thought it was very cool: My review of the first book of the Frontiers Saga was mentioned by Steve Gibson as shortcut of the week on Security Now 819.


This podcast was recorded with a live audience on my Twitch channel. Details on the time of future recordings can usually be found on my personal website. Recordings of these streams get saved to a YouTube playlist for easy watching on demand after the fact.

Errata

I made a grave mistake when discussing the Gemini protocol in the previous episode of the podcast. I said that Gemini uses UDP connections. This is, of course, wrong. Since Gemini is always using TLS, it always uses TCP connections, because TLS needs a TLS connection to function.

I figured this out for myself shortly after releasing the episode. No idea where I got this stupid idea from and I apologise for having mislead everyone.

The New German Lawful Interception Law

In episode 49 of the podcast, back in November, I discussed how the crypto wars are bad and talked about legislation that was being prepared to outlaw end-to-end encrypted messenger communications. I also discussed another approach by several investigative agencies and legislators to pass laws that would allow exfiltration of decrypted data from the end user’s device via spyware or other means. Essentially the same approach that was used to hack the encrypted EncroChat network used by criminals – I discussed this in episode 32 of the show last summer.

The German government is now pushing to pass a new “lawful interception” law that does the latter. The law, which is currently being prepared for a debate in parliament , would allow all the German intelligence services to use government-sanctioned spyware (Staatstrojaner) to spy on encrypted communications via apps like WhatsApp, Signal, Threema and also VoIP calls and video meetings.


An Overview of German Spy Agencies

The Bundesamt für Verfassungsschutz (BfV), which also has separate agencies as part of the police apparatus of the separate German federal states, is tasked with spying on people within Germany who “endanger the constitutional order” and the rule of law of the country. The Bundesnachrichtendienst (BND) is tasked with spying on non-Germans abroad who endanger the security of the country. The Militärische Abschirmdienst (MAD) is tasked with protecting the secrets and intelligence of the German armed forces.

These agencies are collaborating via a software system and network called Nachrichtendienstliches Informationssystem (Nadis) to share intelligence. If the new passes, the MAD will henceforth also be able to add information to this system, which they currently are forbidden from doing.


The process these intelligence services want to use is called Quellen-Telekommunikationsüberwachung, or Quellen-TKÜ for short, and amounts to hacking a target’s system and placing spyware on it. This is currently allowed for desktop computers and, in certain situations also smartphones and tablets. If police organs of the German state use this method, they need a court order signed by a judge. Of course, services like the BfV, BND and MAD were created especially to circumvent such restrictions. It is currently illegal for Quellen-TKÜ to be used solely to circumvent end-to-end encryption. Changing this is the whole point of the new law.

With the German police, there is so much insecurity about using state-sponsored trojans that, in fact, Quellen-TKÜ has not been used successfully a single time in Germany since 2017 . Some of this can undoubtedly be attributed to the shoddy quality of the state-sponsored trojans and a decided lack of manpower with enough knowledge about tools bought from external spyware companies – like FinFisher .

See also: The Encryption Debate in Germany: 2021 Update, Sven Herpig, Julia Schütze, Carnegie Endowment for International Peace

More Power to the BND

In March, the government had already passed a law that gives a lot more power to the Bundesnachrichtendienst . The BND is now allowed to use trojans to infiltrate the computers of foreign citizens outside of Germany. The amount of “foreign networks” the BND is allowed to spy on has been raised from 20% to 30% – whatever the fuck that is supposed to mean.

With the new rules, the BND is also allowed to use far-reaching cooperation with “friendly” intelligence services (like GCHQ and the NSA). The law stipulates that personal data of citizens and organisations “of the EU” cannot be collected this way. The BND has this same restriction applied to its own operations at home and abroad.

Up until now, the BND was authorised to defend against international terrorism, nuclear weapons proliferation, human trafficking and “cyber” threats. It is now also authorised to fight “crisis-like developments abroad”, international extremism, money laundering, threats to critical infrastructure, proliferation of “important technologies and software” and – get this shit – copyright violations.

There are special restrictions if the BND wants to access data from priests, lawyers, attorneys and journalists. It has now been spcified that this includes freelancers and “government-critical bloggers in states where the freedom of the press is under significant threat”. Whatever that means.

The government has passed this law to fight back against Germany’s Constitutional Court (Bundesverfassungsgericht) which has recently passed judgements that severely limit what the BND is allowed to do to protect German interests abroad and at home.

Producer Feedback

Evgeny Kuznetsov has some feedback on last week’s episode:

I think the perfect OTG publishing tool is anything static (maybe even a Gemini capsule) published in IPFS. To me it looks like HTML on IPFS is way closer to ideal than a capsule on a regular server.

Stephen Hoos writes:

I have been taking some mental notes and decided to write them down. This was going to be feedback from multiple shows but I guess I had a bit to say about our government. The feedback is not necessarily aimed at you, but it is meant to provide more details to all listeners. I love to argue and discuss with people and to learn the thoughts behind viewpoints. I attack positions not people, and I never take someone disagreeing with me personally. I hope I could argue with someone for four hours over a topic and then have a few beers with them.

The US government is a federal democratic (representative) republic. Yes, democratic but not democracy, it’s a fine line for sure. Many people get caught up in the term democracy. Pure democracy is mob rule. The old saying is two wolves and sheep deciding what is for dinner. Our founding fathers were wise and decided not to let people vote in the heat of the moment on each issue because that makes for bad decisions. This is why Senators have six year terms. Unfortunately our representatives now have instant communication with the constituents and things like bowing to pressure on Twitter are making it harder for level headed decisions to be made. Politicians are pandering to the loudest mob on Twitter it seems.

The electoral college was brilliant. It protects the rural from the urban. While state legislatures are not required to follow the plebiscite when they nominate electors to the college they always have. Each state has always been a block of votes because this was because there was an expectation that there would be different laws in different states. While originally the federal government was restricted from establishing religion the states were not. Maryland was established as a catholic state for catholics feeling protestant persecution in states like Massachusetts. (My how times have changed.) Originally each state had its own constitution that protected peoples rights. After the War Between the States, all states were forced to also follow the Federal Constitution and Bill of Rights, and they lost the power over religion which was not even being used by that time. In the beginning, senators were elected by the state legislatures, making those legislatures even more powerful. It made a portion of the federal government directly beholden to the state governments. I think it is a shame that it has gone away. I wish our individual states had more power, like it appears to be in Germany. I think you need to add a second shirt about aiming to misbehave.

Also every state has individual voting laws. For Fab to vote, he can come to CA on a valid visa, get a drivers license, register to vote, and vote. There is zero enforcement of US citizenship to vote in a CA election. Some states want to provide free state ID’s for voting. They would look like a drivers license but only prove citizenship and residence location. This is being called voter suppression by the left. There is always voter fraud in US elections. My mother has been dead for three years. This last election she got mail about voting in upcoming elections. The dead have always voted in Chicago.

Also you mentioned that Obama was an outsider. Only in government experience, was he an outsider. He came out of the Chicago political machine which has a history of mass corruption.

Stephen from Raleigh, says:

Regarding the meaning of the term “fake news”, I think Trump’s original usage was simply to deflect from news he didn’t like. It was to say, in effect, “this is something unimportant, unworthy of being called ‘news’, something politically motivated to detract from the message I’m putting out which is of course very important”. So I don’t think he was calling “fake news” untrue per se, but rather he was more dismissing it – just like his spokesman once touted their “alternative facts”. The meaning has expanded since then, but I think we’d do well to fight making “fake news” simply a synonym for propaganda or flat out lies.

If you have any thoughts on the things discussed in this or previous episodes, please feel free to contact me. In addition to the information listed there, we also have an experimental Matrix room for feedback. Try it out if you have an account on a Matrix server. Any Matrix server will do.

Toss a Coin to Your Podcaster

I am a freelance journalist and writer, volunteering my free time because I love digging into stories and because I love podcasting. If you want to help keep The Private Citizen on the air, consider becoming one of my Patreon supporters.

You can also support the show by sending money to via PayPal, if you prefer.

This is entirely optional. This show operates under the value-for-value model, meaning I want you to give back only what you feel this show is worth to you. If that comes down to nothing, that’s OK with me. But if you help out, it’s more likely that I’ll be able to keep doing this indefinitely.

Thanks and Credits

I like to credit everyone who’s helped with any aspect of this production and thus became a part of the show. This is why I am thankful to the following people, who have supported this episode through Patreon and PayPal and thus keep this show on the air:

Georges, Steve Hoos, Butterbeans,Jonathan M. Hethey, Michael Mullan-Jensen, Dave, Shelby Cruver, Vlad, 1i11g, Jackie Plage, Philip Klostermann, Jaroslav Lichtblau, Michael Small, ikn, Kai Siers, Fadi Mansour, Bennett Piater, Dirk Dede, Joe Poser, Larry Glock, David Potter, Matt Jelliman, Martin, Mika, tobias, m0dese7en, Dave Umrysh, MrAmish, avis, Sandman616, drivezero, RikyM, Barry Williams, Jonathan Edwards, Rizele, Captain Egghead, D, Cam, noreply, RJ Tracey, Robert Forster, Rick Bragg and Eric Le Lay.

Many thanks to my Twitch subscribers: BaconThePork, brigadiersirnilsolav, Flash_Gordo, m0dese7en_is_unavailable, Mike_TheDane, Sandman616, acherontas_vii,redeemerf, harivatana and centurioapertus.

I am also thankful to Bytemark, who are providing the hosting for this episode’s audio file.

Podcast Music

The show’s theme song is Acoustic Routes by Raúl Cabezalí. It is licensed via Jamendo Music. Other music and some sound effects are licensed via Epidemic Sound. This episode’s ending song is Incertae by the Bladverk Band.