We probably all followed the discussion in Germany about the "Bundestrojaner" and how it failed.
And of course, a trojan spying on citizens is a major impact in privacy, which is not acceptable.
Try to argue about that with people who have a facebook-account. Last count: 500 000 000+. Privacy is something, only old people seem to care about.
However I don't think, that it's possible to create such a trojan and use it, because of the following facts:
- It's not very easy to put a trojan in a system of a prudent user, who
updates regularly and doesn't open every mail or document received.
- Virusscanners will soon know the trojan
- The swiss government doesn't have enough power to force antivirus
software creators to ignore the trojan.
Maybe not the Swiss government. But I'd like to point out that we already have an infrastructure for lawful inspection ("LI") of telephone calls (it's actually a thriving industry...). As such, there are even standardization-bodies for it. Do you think that it's impossible an industry-standard for LI of individual PCs might emerge? AV-vendors are global companies, mostly. Just like telcos, they'd have to implement what governments order them to do.
Even for "normal" malware, the detection-rate of AV-software is mediocre to the point that it's barely above placebo-level. How would you know that a certain AV-software does not detect a trojan? With the exception of clamav, no AV-engine is open-source, neither are the signatures. And even clamav is now owned by a commercial company (Sourcefire, incidentially the company behind the only open source Intrusion Detection System).
- Not all criminals use Windows ;-)
Indeed, but most do. And rootkits exist for Linux + BSD, too.
What politicians don't seem (or simply don't want) to understand is that the problem of these LI-technology lie in the huge potential for abuse and misuse. Politicians sometimes seem to live in an ideal world, where there is no corruption and no abuse of power (or they are simply not negatively affected by it...).
Rainer