Preface: Now this might sound like a good discussion for the EoEO, i.e. whether or not the state should have the power to spy on the computers of its citizens, however that is beside the point of my post. Let's just chat about what could come and how it could end for the different groups of users from the technical perspective.

Federal Trojans are a hot topic where I come from. The big idea is to give the state the power to look up the data on the PCs of its citizens for the sake of combating crime, e.g. child-pornography saved on their HDDs, and terrorism. As of this moment, or so they say, it's only in discussion, however there seems to be a good chance of them pushing it through. Logically, a good number of people, who neither with to rape 6-year-olds nor blow up trains, don't like the thought. Now the big question is, what exactly will happen if such a trojan does come into circulation?

The problem being is that if the state pushes such a program through, most people will be affected. The major anti-virus companies will be forced to leave the entry from their databases or get their selling licences taken away. Knowing that most computer users are dummies, this sort of action will, in my opinion, grant the guys at the capital access to the good 95% of the computers, which in return would allow them to outlaw the possession of the free-ware packages that can in fact detect the named trojan (we all know that some Russian or Chinese programmer will sooner or later write this sort of thing).

At this point the very people who want their privacy will get on the very list of people who film under-age sex and blow their guts out once every so often. Unlike fighting the illegal P2P downloaders (45% of teenage population due to the latest study), this would be a rather easy task due to the relatively small number of people in question (caused by the abstractness of the matter).

Thoughts?

How would the trojan work, though? Because if this trojan installs itself on your computer, then it would have to send back information to the state with evidence that you've, say, stored child pornography on your computer. How does the program distinguish whether what you've got on your computer is child pornography or not?

Unless they have reason to suspect that a person might commit such crimes it's an invasion of privacy that goes against our "no unwarrented search and seizures" rights, imho.

I would like to know how they would force it on people in the first place. Make microsoft distribute a patch or strong arm the ISPs to cut off net access until they can detect the program?

How would the trojan work, though? Because if this trojan installs itself on your computer, then it would have to send back information to the state with evidence that you've, say, stored child pornography on your computer. How does the program distinguish whether what you've got on your computer is child pornography or not?

It's not about the computer distinguishing it, but about them having access to all your files if needed. Like a master-key to all PCs.


[...]I would like to know how they would force it on people in the first place. Make microsoft distribute a patch or strong arm the ISPs to cut off net access until they can detect the program?

Meh, distribution is barely a problem. Next Windows update covers it all. I doubt that MS would disagree anyway and if they would, selling the PCs with it pre-installed would cover a good percentage of the users fairly quickly. Then again, they could insist on it in order to keep you connected to the ISP as you've said.

The problem I see with the issue is not only the 1984's Big Brother watching me losing in Quake every so often or scanning my software for certificates, but the fact that it'd create a security back-door in the OS if not sanctioned by MS personally, i.e. somebody else will be able to get in easily too, which does pose a severe security risk not only for the users but also for the data of the companies in that state.

The problem I see is if they go ahead with this, then this trojan will be the perfect target for hackers to compromise, since this will give them an unimaginably large botnet :D Not to mention all that personal or even corporate data suddenly in the bad guy's hands :p Anyone who thinks this is still a good idea is a moron :p

What happens if you don't run Windows? :p

The problem I see is if they go ahead with this, then this trojan will be the perfect target for hackers to compromise, since this will give them an unimaginably large botnet :D Not to mention all that personal or even corporate data suddenly in the bad guy's hands :p Anyone who thinks this is still a good idea is a moron :p

What happens if you don't run Windows? :p

Precisely my thoughts. I can already imagine a bunch of Sub7Controller-like programs getting downloaded from the P2P networks and a bunch of teenagers looking through each others hard-drives. Jokes aside, this would completely screw over the companies in the given country.

Hmm... this could actually be a good advert for Linux.=D