Articles about Surveillance

China's control of the internet is no secret and the government's latest encroachment into people's lives sees residents of the north-west Xinjiang -- a largely Muslim area -- being forced to install surveillance software on their phones, sparking privacy concerns.

Notifications were sent out recently informing mobile users that they had just 10 days to download and install the Jingwang spyware. Random checks are now being carried out on the street to ensure that citizens have the app installed. Anyone found without the software faces up to 10 days in jail.

Continue reading →

Some four months after the first Vault 7 leak, WikiLeaks continues to publish revealing CIA documents that detail the agency's ability to hack, infiltrate and surveil targets. The latest batch goes under the banner "UCL / Raytheon", and comprises documents from CIA contractor Raytheon Blackbird Technologies.

Dating from late 2014 and late 2015, the documents show how the CIA, through Raytheon Blackbird Technologies, monitored malware in the wild to see how it could be used by the agency. The documents cover tools produced by the infamous Hacking Team as well as the Russian HammerToss malware delivered via Twitter.

Continue reading →

BlackBerry has announced that it is now able to sell its secure messaging solutions to the US and Canadian governments. The news comes after the company received endorsement from the NSA's National Information Assurance Partnership for SecuSUITE for Government.

BlackBerry points out that governments have long had to contend with wiretapping and other forms of surveillance, and says that SecuSUITE for Government offers effective end-to-end encryption for voice calls and text messages.

Continue reading →

Anyone subject to secret surveillance by the FBI through access to their private data remains unentitled to be told about the related national security letters (NSLs). The 9th US Circuit Court of Appeals in San Francisco ruled that existing gagging orders that prevent companies from advising people about NSLs relating to them do not violate the First Amendment.

A case had been brought to court by the Electronic Frontier Foundation on behalf of Cloudfare and CREDO Mobile that challenged the legitimacy of the gagging orders. EFF won its case back in 2013, but subsequent changes to the law, coupled with the appeal court ruling, means that companies are still unable to inform customers about the existence of national security letters relating to their accounts.

Continue reading →

The latest addition to WikiLeaks' Vault 7 cache of leaked CIA documents details an app that can be used to intercept SMS messages on Android devices. The HighRise tool can grab messages before sending them on to a CIA-controlled server.

The app itself goes by the name of TideCheck and it serves as an SMS proxy to allow for the interception of messages on a target's phone. The app itself is password protected (with the word "inshallah") to prevent unwanted tinkering. It also seems to serve a dual purpose, acting as a secure communication channel for CIA operatives.

Continue reading →

The Electronic Frontier Foundation has published the latest edition of its "Who has your back" privacy report. This is the seventh report from the digital rights group, and this year it criticizes both WhatsApp and Amazon for having policies that "fall short of other similar technology companies."

Four big telecom companies -- AT&T, Comcast, T-Mobile, and Verizon -- performed very poorly, while at the other end of the scale Adobe, Credo, Dropbox, Lyft, Pinterest, Sonic, Uber, Wickr, and WordPress were all praised. In all, the report rates 26 technology companies in five key areas relating to privacy and government data requests: "Follows industry-wide best practices," "Tells users about government data requests," "Promises not to sell out users," "Stands up to NSL gag orders" and "Pro-user public policy: Reform 702."

Continue reading →

Transparency reports about government data requests have become very common from tech companies such as Facebook, Twitter and Google. But while these firms publish reports, their hands are tied when it comes to what they can reveal. Twitter wants to change that.

A federal judge in California ruled in Twitter's favour, dismissing the US government's claim that revealing precise numbers of data requests represented a "clear and present danger." The ruling against the government doesn't change anything in the short term, but it is still an important victory for freedom of speech.

Continue reading →

The latest addition to WikiLeaks' Vault 7 cache of CIA tools and documents gives details of tools used by the agency to attack Windows and Linux computers. The BothanSpy and Gyrfalcon projects can be used to intercept and exfiltrate SSH (Secure Shell) credentials.

BothanSpy is used to target Windows, while Gyrfalcon is used for Linux machines, with both working in different ways. A number of popular distros can be hit by Gyrfalcon, including CentOS, Debian, RedHat, openSUSE and Ubuntu, and both tools function as implants that steal credentials before transmitting them to a CIA server.

Continue reading →

Section 702 of the FISA Amendments Act -- the legislation used to permit the NSA to conduct online surveillance -- is due to expire at the end of the year. We have already seen a number of the big names from the world of technology calling for a number of changes during reform.

As part of the reform, officials had promised that they would reveal broad details about the number of American citizens about whom information has been, and is, collected. This is no longer the case. The Director of National Intelligence has performed a u-turn on the promise.

Continue reading →

A letter signed by more than 30 major technology companies has been sent to the House Judiciary Committee calling for a number of key changes to be made to NSA surveillance. The letter, signed by the likes of Facebook, Twitter, Google and Mozilla, asks lawmakers to make a number of considerations when reforming Section 702 of the FISA Amendments Act.

The signatories refer to themselves as "U.S.-based companies that provide consumer and business technology, products, and services around the world through the use of electronic data." Their letter is timed to coincide with debate about the reform of Section 702 which is used to justify NSA surveillance programs, and is due to expire at the end of the year. There are calls for increased transparency and controls, as well as the suggestion that surveillance should be reined in.

Continue reading →

A federal appeals court has ruled that the Wikimedia Foundation may sue the NSA for its warrantless use of the "Upstream" surveillance program. The ruling overturns an earlier one which said the foundation could not sue due to an inability to prove that Wikimedia communication was being monitored either directly or indirectly.

The ruling by the United States Court Of Appeals for The Fourth Circuit means that the foundation is now able to proceed with legal action that was previously blocked. The amount of traffic generated by Wikimedia proved key to winning the appeal.

Continue reading →

Without a hint of irony, Facebook has told developers that they may not use data from Instagram and Facebook in surveillance tools.

The social network says that the practice has long been a contravention of its policies, but it is now tidying up and clarifying the wording of its developer policies. American Civil Liberties Union, Color of Change and the Center for Media Justice put pressure on Facebook after it transpired that data from users' feeds was being gathered and sold on to law enforcement agencies.

Continue reading →

A study by London University's Institute of Advanced Legal Studies (IALS) shows that journalists find it harder to protect their sources in the digital age, and suggests that whistleblowers should be afforded greater legal protection. The arrival of Donald Trump on the scene has created a greater sense of urgency.

The report, entitled "Protecting Sources and Whistleblowers in a Digital Age", says that monitoring of phone calls as well as online surveillance means it is now easier to identify sources that would otherwise have remained anonymous. People like Edward Snowden and Julian Assange have brought whistleblowing into the spotlight in recent years, and proposed changes to the UK's Official Secrets Act that would deny using "public interest" as a defense, coupled with the increased interest in surveillance mean that this is a hot topic once again.

Continue reading →

All the big players in the world of tech release transparency reports these days, and Twitter is no different. Like other companies, Twitter has been unable to report details of any National Security Letters (NSLs) it receives from the FBI asking for access to user account information.

These data requests are accompanied by gagging orders that prevent the recipients from informing either the public or the subject of the letter about the request. The gag has now been lifted and Twitter has shared the contents of two letters which ask for a "large amount of data."

Continue reading →

The Electronic Frontier Foundation has set out its plans for the first 100 days under Trump, during which time it says it will continue to fight for the rights of internet and technology users.

The digital rights group has already drawn up a wishlist for covering its privacy and security dreams for 2017, but the 100-day plan sees the EFF setting out its agenda for the first few months under Trump. Having claimed that "our civil liberties need an independent defense force" and that "free speech and the rights to privacy, transparency, and innovation won’t survive on their own", EFF is prepared to go to court -- again -- to hold the new administration to account when necessary.

Continue reading →