A new law being proposed in Germany would see all 19 federal state intelligence agencies in Germany granted the power to spy on German citizens through the use of trojans. The new law would force internet service providers (ISPs) to install government hardware at their data centers which would reroute data to law enforcement, and then on to its intended destination so the target is blissfully unaware that their communications and even software updates are being proxied. Specifically, Netzpolitik pointed out that the law calls for the following:
“the redirected data should remain intended for forwarding to the addressee after the measure has been carried out.”
Germany wants to be the man in the middle
The state sponsored trojans would likely be utilizing software called FinFly ISP from a company called FinFisher which has already been used by German law enforcement in the past. FinFisher claims to be able to inject trojans on target devices from the ISP level with ease::
“FinFly ISP is able to patch files that are downloaded from the destination on-the-fly or to send fake software updates for popular software.”
FinFly ISP has been around for almost a decade and a 2011 advertising brochure available via WikiLeaks emphasized that their software has already been used:
“A secret service used FinFly ISP in the network of the most important national Internet service provider. It was sufficient that the system only knew the target person’s log-in information into the provider network in order to install a remote mon ..