The Swiss newspaper “Schweizer Sonntagszeitung” recently published an article on malware experiments conducted by the Swiss Department of the Environment, Transport, Energy and Communications. The full article, in German, can be found here.
The department is clearly considering the use of spyware that has been specifically developed for tapping into encrypted Voice-over-IP connections (e.g. Skype). It is still unclear whether using such a tool could be made legal. In any event, a judge would have to approve each case in advance, similar to the procedure for monitoring normal telephone calls.
The Swiss company that develops the program (and rather ironically offers installation services for antivirus software on their website) has made some interesting statements. They say that the spyware would only be given directly to the Swiss authorities, and that their program would be undetectable by any firewall or antivirus solution. Of course, the latter statement cannot be verified without a sample, but personally I don’t believe it anyway. We all know, that not only signature-based methods can detect malware, but also heuristic and proactive technologies, which antivirus vendors are continuously improving.
On the other hand, even if the spyware could fool all antivirus solutions, it would be highly irresponsible to use such software “in the wild”, no matter what the reason. Sooner or later it would be discovered by other malware developers, and be modified and abused for illegal purposes.
So far this spyware is not in use, and hopefully, that will not change any time soon.