It seems that we now have entered the “Age of Political Cretinism”, with governments reducing themselves to either waste money or produce malware. We have several recent examples for this tendency: Stuxnet, Duqu and similar, (have alook at Martin´s recent blogpost on this) well elaborated and dangerous trojans aiming at large industrial facilities on the one side, and poorely timbered Trojans used to regain the option to spy anybody´s communication with anyone in a time where skype and similar services have made this more difficult for governments. The German so-called “Staatstrojaner” (State Trojan) used by police and customs to look at what suspects are doing with their computers, is an example for the latter type of government malware.
Why, for heaven´s sake, is a government taking the risk to attack citizens with such a stinkeroo coded Staatstrojaner? Considering that information security is as poor as that Staatstrojaner – just imagine the damage somebody can create if he/she strikes back.