modification of 8 channel dvr system

Understanding what the new controls actually do is heavily based on how individual states 16 channel dvr implement the agreements. The ostensible intention of the additional controls is clear enough however.

The two new categories are the result of two separate proposals from the French and UK governments. Proposals to include new categories to the control list are discussed periodically throughout the year by various working groups focusing on technical and policy-related aspects.  However, it is the Plenary meeting, which convened last week, that is the official decision-making and political body of the Arrangement that formally introduces new controls. The Arrangement is also supported by a small secretariat based in Vienna. For an inside scoop on how these negotiations tend to unfold, some of the US embassy cables are highly recommended.

“Intrusion Software”

The UK proposal was aimed at controlling what they called “Advanced Persistent Threat Software and related equipment (offensive cyber tools)”. It’s now clear that what they meant by this is malware and rootkits, which governments can use to extract network camera  data from and take control of a device.

The term used “intrusion software”, echoes the “offensive IT intrusion” marketing lines used by FinFisher and others and defines itself as:

"Software" specially designed or modified to avoid detection by 'monitoring tools', or to defeat 'protective countermeasures', of a computer or network capable device, and performing any of the following:
a. The extraction of data or information, from a computer or network capable device, or the modification of 8 channel dvr system or user data; or
b. The modification of the standard execution path of a program or process in order to allow the execution of externally provided instructions.