How Big Brother may be already watching you

The Wall Street Journal recently published a very interesting article, giving details of the products and technology many companies are producing and selling to governments, enabling them to keep an eye on their citizens (or should that be slaves?). Here’s an excerpt.

Documents obtained by The Wall Street Journal open a rare window into a new global market for the off-the-shelf surveillance technology that has arisen in the decade since the terrorist attacks of Sept. 11, 2001.

The techniques described in the trove of 200-plus marketing documents, spanning 36 companies, include hacking tools that enable governments to break into people’s computers and cellphones, and “massive intercept” gear that can gather all Internet communications in a country. The papers were obtained from attendees of a secretive surveillance conference held near Washington, D.C., last month.

Critics say the market represents a new sort of arms trade supplying Western governments and repressive nations alike. “The Arab Spring countries all had more sophisticated surveillance capabilities than I would have guessed,” said Andrew McLaughlin, who recently left his post as deputy chief technology officer in the White House, referring to the Middle Eastern and African nations racked by violent crackdowns on dissent.

The Journal this year uncovered an Internet surveillance center installed by a French firm in Libya and reported that software made by Britain’s Gamma International UK Ltd., had been used in Egypt to intercept dissidents’ Skype conversations. In October, a U.S. company that makes Internet-filtering gear acknowledged to the Journal that its devices were being used in Syria.

Companies making and selling this gear say it is intended to catch criminals and is available only to governments and law enforcement. They say they obey export laws and aren’t responsible for how the tools are used.

Trade-show organizer Mr. Lucas added that his event isn’t political. “We don’t really get into asking, ‘Is this in the public interest?'” he said.

Among the most controversial technologies on display at the conference were essentially computer-hacking tools to enable government agents to break into people’s computers and cellphones, log their keystrokes and access their data. Although hacking techniques are generally illegal in the U.S., law enforcement can use them with an appropriate warrant, said Orin Kerr, a professor at George Washington University Law School and former computer-crime attorney at the Justice Department.

The documents show that at least three companies — Vupen Security SA of France, HackingTeam SRL of Italy and Gamma’s FinFisher — marketed their skill at the kinds of techniques often used in “malware,” the software used by criminals trying to steal people’s financial or personal details. The goal is to overcome the fact that most surveillance techniques are “useless against encryption and can’t reach information that never leaves the device,” Marco Valleri, offensive-security manager at HackingTeam, said in an interview. “We can defeat that.”

The documents for FinFisher, a Gamma product, say it works by “sending fake software updates for popular software.”

There’s more at the link. Bold print is my emphasis.

The article makes very interesting, somewhat creepy, and highly recommended reading. I’m particularly disturbed at the thought of automatically-downloaded ‘updates’ for Windows and other software, which might not be ‘updates’ at all! A subsequent article adds a ‘fake iTunes update’ to the list of potential dangers, and goes into more detail about the surveillance technology mentioned in the first article.


