Feeds

Inside the shadow world of commercialised spook spyware

'We'll penetrate commsats, undersea cables, Skype ...'

Boost IT visibility and business value

Mubarak regime offered 'full control' of computers of 'targeted elements'

After being offered a free trial, SSI investigators reported in seized Arabic documents (PDF) that the software “could get into email accounts of Hotmail, Gmail and Yahoo", as well as allowing "full control" of the computers of "targeted elements". SSI also reported “success in breaking through personal accounts on Skype network, which is considered the most secure method of communication used by members of the elements of the harmful activity because it is encrypted".

Gamma International has claimed to the press that it “has not supplied any of its Finfisher suite of products or related training to the Egyptian government". It has refused to comment on the documents recovered in Cairo.

'How many dictatorships did they think I was representing?' – PI investigator Eric King

In France last month, PI lead investigator Eric King netted the offer of an expenses-paid trip to Beijing to visit China Top Communications (CTC), a government-owned company whose overt product range includes China’s version of GPS and military communications hardware.

Privately, CTC claims to be “devoted to high-tech special equipments for security agency, interior department, police, and military” and to employ 400 engineers. If he came to Beijing, King was told, he would receive private demonstrations of Wind Catcher, a mobile phone surveillance system and Internet Watcher, which automatically attacks web security systems.

The Beijing company claimed that Wind Catcher can decrypt the A5.1 cypher used in all GSM mobile phones in 0.3 of a second, covering 11 or more channels at once, with a success rate of 90 per cent. Working in conjunction with direction-finding systems, CTC claims that phone users can be located and their conversations monitored over a 1km radius, even in a city centre.

CTC’s Internet Watcher claims to be able to provide real time decryption of https web connections in order to attack the privacy of Gmail and Hotmail users.

“The shock of the Chinese offer was not what they were trying to sell me,” King told The Register. “It was the fact that they were only one of several dozen companies all making the same claims and pushing their own brand of repressive technologies. How many dictatorships did they think I was representing?”

Privacy International will be relaunching their Big Brother Incorporated project, intended to highlight the menace of the new surveillance companies that are trying to profit from the previously dark and secret arts of hackers and signals intelligence agencies alike.

One target will be the 2012 Farnborough show, which the government claims “gives companies a platform to show the global policing and security community their equipment and capability".

“Why is the government allowing space to people like Gamma Group, whose equipment helps destroy human rights abroad?” King asked.

“They should have learned from what happened in Egypt and Libya that equipment like that is just as lethal to life and liberty as looking down the barrel of a gun.”

The investigators

Privacy International investigator Eric King worked for a year with the legal action charity Reprieve international human rights organisation while still a law undergraduate at LSE. He enlarged his focus on privacy after graduating.

King and his PI colleagues came up with the idea of penetrating the new global surveillance industry during a 2010 visit to the Googleplex. Although the Tech Talk fellow privacy activists then gave to Google was amiable, they decided they were fed up “banging heads” with the giant new net companies.

They realised that focusing on the relative intransigence of Facebook and Google on personal privacy was distracting the more important focus on the use of the same and more advanced technologies for social and political repression, as the discoveries of the Arab Spring soon revealed.

The PI team asked the assorted search engine luminaries if they actually knew what governments could do and were doing with their tapping, intercepting, locating and processing capabilities – and how that was being linked in some states to deliberate and intended harm.

“Even Google couldn’t give the answer to that question.” ®

Build a business case: developing custom apps

More from The Register

next story
KDE releases ice-cream coloured Plasma 5 just in time for summer
Melty but refreshing - popular rival to Mint's Cinnamon's still a work in progress
Leaked Windows Phone 8.1 Update specs tease details of Nokia's next mobes
New screen sizes, dual SIMs, voice over LTE, and more
Mozilla keeps its Beard, hopes anti-gay marriage troubles are now over
Plenty on new CEO's todo list – starting with Firefox's slipping grasp
Apple: We'll unleash OS X Yosemite beta on the MASSES on 24 July
Starting today, regular fanbois will be guinea pigs, it tells Reg
Another day, another Firefox: Version 31 is upon us ALREADY
Web devs, Mozilla really wants you to like this one
Secure microkernel that uses maths to be 'bug free' goes open source
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
Cloudy CoreOS Linux distro declares itself production-ready
Lightweight, container-happy Linux gets first Stable release
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Maximize storage efficiency across the enterprise
The HP StoreOnce backup solution offers highly flexible, centrally managed, and highly efficient data protection for any enterprise.