First it will most probably be completely useless (only MPs and ageing housewives are tech-illiterate enough for this to work. Unless the plods get physical access to the machine, but it's a completely different level of investigation then). Then it's dangerous (I give it 3 month before the stuff is modified and used by blackhats). Third, if the suspect is found innocent, it will be a very strong ground for suing the hell out of the authority responsible for compromising the computer.

A major FAIL waiting to happen. Which means, of course, that it's going to be implemented and widely used in no time, to investigate offenses such as littering, faked school applications and the like. You gotta love bonehead politicos.

So I guess Microsoft and Apple will be pressured into deploying this spyware via their respective update mechanisms on a regional basis?

Regarding false positives - don't worry Pierre they will simply write it into the law that you cannot argue.

brilliant idea.

>"I give it 3 month before the stuff is modified and used by blackhats"

No way. I give it 3 hours. Hexedit the ip or dns address it responds to c'n'c from, maybe replace an embedded crypto key, and you're done.

There's nothing like invoking the specter of child abuse to push through an agenda.

"mages of sexually abused children available online quadrupled in the last five years and half of all internet crime involves the production, distribution and sale of child pornography"

Does anyone believe that for a minute? Half of all internet crime. Seriously? That means there is more child porn being distributed than copyrighted music. More people sharing child porn that violating ToS (which is a crime in the US now, dontcha know). More child porn than freaking spam! If that's true, they might as well just give up now.

Obviously proposed by somebody with little knowledge of what is actually connected to the Internet. Or how.

It would explain the lack of security on the average desktop computer, so the security services can spy on you and the Record companies can see if you are pirating content. As such they do need an easy way in. It's not so long ago that Vindows was certified by the NSA ..

"half of all internet crime involves the production, distribution and sale of child pornography"

Hrm, so is this true? Is there some statistic somewhere that backs this up?

And if so, I guess piracy isn't as big an issue as [insert name of body here] makes out. Or disturbingly there is more child porn out there than first suspected I guess.

Pirate icon since apparently there are less of them out there than I would imagine.

It's the thought police, trying to control thought crime by spreading FUD. If you have to worry that THEY are watching your every move, you'll be much less likely to click on that donkey pr0n link, Astrolite G recipe or any other content that TPTB deem to be unfit for consumption by the plebs.

They don't even have to actually implement it (although I believe several LE software outfits have had a fair bash), just talk about it a lot, and since this is being wheeled in under the "won't somebody think of the children" banner, you can't possibly object to it unless you're a kiddy fiddler. Neat.

"You gotta love bonehead politicos."

You can't make me.

NOT!

... and keeping my router set for 'stealth' on all incoming ports.

If they have malware installed to provide access to your hard drive etc. How the hell are they going to prove that you are the only one who could have put naughty bits there, and not themselves?

As has been ably pointed-out above, it will only be useful against the most foolish. It'll cost millions, only be effective against machines running IE, and will do no more than provide another security risk á la Sony's rootkit fiasco. Can't wait.

i'm surprised the wacqui one has not been out stumping for this...unless of course, the phorm solution is preferred?

Just wondering - even if they get an undetectable trojan (perhaps something like bluepill, or even shadowwalker), then how will they achieve portability? I mean, it's not hard at all to hack together a Linux distribution (or even base it on ubuntu) with minimal set of daemons, SELinux and chrooting all over the place together with iptables dropping all incoming packets (and perhaps even run it under some funky hypervisor to make sure no unwanted traffic is sent) and then distribute it to less technically-able friends? or simply use backtrack...

Really, this will be no help against any paedophile (can see this word being using increasingly in the context in which "imperialist spy" was used in communist countries) or terroris who is not totally stupid. Only real reason for this is spying on normal citizens, just like CCTV is (how many terrorists were caught/convicted using it? and how many fines for dog fouling were issued ?). I don't think it will fail. But we'll soon move from 1984 to a brave new world. Mine's the one with a one-way ticket to Greece (see http://www.privacyinternational.org/article.shtml?cmd[347]=x-347-559597 )

Perhaps:

"half of all internet crime involves the production, distribution and sale of child pornography"

should read:

"half of all serious internet crime involves the production, distribution and sale of child pornography"

Even then, the statement is still incorrect.

Kiddie nasties is just the silver bullet used by politicians to get what they want and push any opposition to the side. How's going to counter argue FOR kiddie P?

As serious a matter as the subject explores, I couldn't help myself agreeing with the true humour in "As a short-term fix the EU has earmarked €300,000 for Europol to establish a clearing house (or perhaps desk, given the small sums involved) for crimes committed on the internet, such as the distribution of images of child abuse."

The very Real Difficulty for Investigators is the Possible Criminal Entrapment for Future Prosecution of First Hand Witnesses/Defendents/Dependants, whether for the Prosecution or the Defence, which is bound to/is designed to Create Confusion and Lessen Resolve.

And that is the Enigma to be Resolved.

Instead of submitting child molesters to death by steam iron in front of baying crowds, which would actually reduce the problem, politicians choose to encourage them by giving no real sanction, so they can poke their nose into everyone else's business.

How stupid are these control freaks?

Personally I'd spend time if I caught such a sample figuring out how to make it useless. It would certainly get broken very very fast. False information being returned might be the least of their worries. This idea is the perfect way to screw up a reputation or two as you'd get a Keystone cops fiasco of false arrests and cockups based on the information returned.

Idiots-they need to get their lust for control under control!

Will it work for Linux users ?

brilliant comments! nice one.

few comments:

- business, designers, programmers, inventors & anyone's intellectual property?

- search warrant?

- phorm?

- different o/s'es, anti-malware systems, firewalls.

- trace back to mamma server? lol. (not well secured gvt server?)

- tamper proof?..

they should pay pierre a consultancy fee for the best advice they've had for ages..

I was assuming the trojan would be deployed in a tightly controlled, targeted manner. 3 month was the estimated time before a naughty boy gets his mitts on the thing. Make it 3 month and 3 hours before wide use by the baddies.

Wait, who was I kidding? "tightly controlled, targeted"? That's where I've been foolishly overgenerous maybe...

Fucking brilliant.

Government Genuine Advantage. Does for your entire digital activity what WGA does for your XP.

Just what they've always wanted.

And for us, the final proof that they really *do* have *just* the same mindset as criminals.

But of course, if you're doing nothing wrong you've nothing to fear, except perhaps the obliteration of those final few shreds of what you jokingly call your privacy.

I wonder if they remember that child porn existed and was traded before there was a WWW? And anyway, any AV outfit that that leaves the door open for Gov't spyware will just leave it open for similar stuff by the hackers. Once users found out, can you really see that AV company shifting a single licence of their software ever again? Ever?