Revealed: the secret guide to encryption, hacking, and surveillance for governments
There is now great interest in the level of governmental interference that takes place into online activity. Edward Snowden told the world about what the NSA was up to and there are now numerous websites dealing with the revelation that he made. One such site is The Intercept, and it has just published the secret manuals that are supplied to governments who want to use a suite of specialist tools to monitor web users' activities.
Sub-titled "the hacking suite for governmental interception", RCS 9 (or Remote Control System) is a suite of tools from Hacking Team. The Italian security and surveillance company is responsible for providing hacking and monitoring guides and software to a list of countries including Colombia, Korea, Mexico, Nigeria, and Saudi Arabia. RCS itself is "a solution designed to evade encryption" -- the sort of encryption put in place by Google.
RCS 9 -- which goes by the name of Galileo -- is itself no secret. Hacking Team advertizes it on its web site, and there's even a suitably hackery and threatening sounding video explaining what it does. But there is a problem; RCS need to be "installed on the device to monitor". Not to worry -- there's a guide to building a software agent in the manual and details of how to deploy it via USB, email or by force. Once in place, "evidence collection on monitored devices is stealth and transmission of collected data from the device to the RCS server is encrypted and untraceable".
While, at the moment, it seems that RCS is only sold to governments and agencies in certain parts of the world, it's certainly the sort of things that the US and the UK would be interested in. The Intercept reports that Hacking Team has made appearance at homeland security trade shows and conferences. If you like the idea of getting your hands on what amounts to commercial spyware, you're out of luck:
We also understand the potential for abuse of the surveillance technologies that we produce, and so we take a number of precautions to limit the potential for that abuse. We provide our software only to governments or government agencies. We do not sell products to individuals or private businesses.
But as we've seen from the activities of the NSA, there is great potential for governments to abuse such tools, never mind individuals. It's interesting to take a look through the RCS documentation. Despite the terrifying power of the tool, the manual has been written very much with computer novices in mind. There are even instructions about how to close a window by clicking X. But once set up, the tool can be used to record Skype calls, take screenshots, browse through calendars and contacts, record key strokes, and much more.
All readily available to a government near you, to do with just about whatever they want.