The National Security Agency and its closest allies planned to hijack data links to Google and Samsung app stores to infect smartphones with spyware, a top-secret document reveals.
The surveillance project was launched by a joint electronic eavesdropping unit called the Network Tradecraft Advancement Team, which includes spies from each of the countries in the “Five Eyes” alliance — the United States, Canada, the United Kingdom, New Zealand and Australia.
The top-secret document, obtained from NSA whistleblower Edward Snowden, was published Wednesday by CBC News in collaboration with The Intercept. The document outlines a series of tactics that the NSA and its counterparts in the Five Eyes were working on during workshops held in Australia and Canada between November 2011 and February 2012.
The main purpose of the workshops was to find new ways to exploit smartphone technology for surveillance. The agencies used the Internet spying system XKEYSCORE to identify smartphone traffic flowing across Internet cables and then to track down smartphone connections to app marketplace servers operated by Samsung and Google. (Google declined to comment for this story. Samsung said it would not be commenting “at this time.”)
As part of a pilot project codenamed IRRITANT HORN, the agencies were developing a method to hack and hijack phone users’ connections to app stores so that they would be able to send malicious “implants” to targeted devices. The implants could then be used to collect data from the phones without their users noticing.
Previous disclosures from the Snowden files have shown agencies in the Five Eyes alliance designed spyware for iPhones and Android smartphones, enabling them to infect targeted phones and grab emails, texts, web history, call records, videos, photos and other files stored on them. But methods used by the agencies to get the spyware onto phones in the first place have remained unclear.
The newly published document shows how the agencies wanted to “exploit” app store servers — using them to launch so-called “man-in-the-middle” attacks to infect phones with the implants. A man-in-the-middle attack is a technique in which hackers place themselves between computers as they are communicating with each other; it is a tactic sometimes used by criminal hackers to defraud people. In this instance, the method would have allowed the surveillance agencies to modify the content of data packets passing between targeted smartphones and the app servers while an app was being downloaded or updated, inserting spyware that would be covertly sent to the phones.
The government — via the DHS and CBP — has long insisted it should be able to search whatever, whenever, within X number of miles of the border for national security reasons. The DOJ has routinely argued on its behalf, delivering non sequiturs like “Not searching your laptop doesn’t protect your civil liberties” with a straight face.
The security/liberty tradeoff has routinely suffered from the government’s insistence that its Fourth Amendment-skirting efforts are in the public’s best interest, even if the public isn’t nearly as interested in seeing the drawers of their personal computing equipment emptied onto the floor every time they stray too close to the “Constitution-Free Zone.”
The courts have generally upheld the government’s arguments, with a few exceptions. The Eastern District of New York basically said that if you don’t want your stuff looked through for no reason, don’t put so much stuff in your stuff — especially sensitive stuff. The presiding judge, Edward Korman, went so far as to compare the US to countries with severe civil rights issues, like Syria and Lebanon, and declared the US the “winner,” seemingly because citizens enjoy more rights once they move further inland.
New Zealand spies teamed with National Security Agency hackers to break into a data link in the country’s largest city, Auckland, as part of a secret plan to eavesdrop on Chinese diplomats, documents reveal.
The covert operation, reported Saturday by New Zealand’s Herald on Sunday in collaboration with The Intercept, highlights the contrast between New Zealand’s public and secret approaches to its relationship with China, its largest and most important trading partner.
The hacking project suggests that New Zealand’s electronic surveillance agency, Government Communications Security Bureau, or GCSB, may have violated international treaties that prohibit the interception of diplomatic communications.
New Zealand has signed both the 1961 Vienna Convention on Diplomatic Relations and the 1963 Vienna Convention on Consular Relations, international treaties that protect the “inviolability” of diplomatic correspondance. The country’s prime minister, John Key, said in a recent speech on security that New Zealand had an obligation to support the rule of law internationally, and was “known for its integrity, reliability and independence.”
Last year, Key said that New Zealand’s relationship with China, worth an estimated $15 billion in annual two-way trade, had “never been stronger.” The relationship was not just about “purely trading,” he said, “it is so much broader and much deeper than that.”
In 2013, Key described a meeting with top Chinese officials in Beijing as “extremely warm” and told of how he was viewed as a “real friend” by the country’s premier, Li Keqiang.
At the same time, as minister in charge of the GCSB, Key was overseeing spying against China – which included the top-secret planned operation in Auckland, aimed at the Chinese consulate.
The hacking project is outlined in documents obtained by The Intercept from NSA whistleblower Edward Snowden.
Israel spied on the recent US-Iran nuclear talks, alleges America. And the US knows enough about it to say it publicly because the NSA is spying on Israel, along with everyone else.
The Wall Street Journal reports that Israel handed over confidential information from the negotiations with friendly members of the US Congress in a bid to derail any deal.
Israel denies the accusations, which highlight a widening gulf between Binyamin Netanyahu’s hawkish government in Israel and the Obama administration.
When the Republican National Committee convened in Chicago last August for its annual summer meeting, it unanimously approved a resolution urging the White House to supply a host of weapons, ranging from submarines to advanced warplanes, to the island nation of Taiwan.
However, Justice Department records show the resolution was not written by any of the RNC’s members, but by Marshall Harris, a lobbyist who had been hired by the Taiwanese government to further its interests in Washington.
Under the Foreign Agents Registration Act, lobbyists representing foreign governments are required to disclose their activities to the U.S. attorney general. According to the disclosure documents filed by Harris’ employer Alston & Bird, an Atlanta-based law firm, he wrote a draft of the resolution a month before the RNC’s 2014 summer meeting.
Once the text reached the RNC, committee members cut several phrases and paragraphs, one of which called for Taiwan’s inclusion in the Trans-Pacific Partnership, a proposed free trade agreement that has been described as a “high priority” by the Obama administration. The text that remained, however, was copied nearly word for word from Harris’ draft.
Neither the RNC nor Harris responded to questions about the resolution. Taiwan’s Economic and Cultural Representative Office in Washington, D.C. said the RNC often passes resolutions supporting Taiwan, and that the country has “a longstanding and solid friendship” with the Republican Party.
Taiwan engages in extensive lobbying of the U.S. government — not just representatives and senators but congressional staffers and even state-level officials — that receives less public attention than that of countries such as Israel and Saudi Arabia.
Last year the decryption licensing outfit AACS launched a crackdown on DRM-circumvention software.
The company sued the makers of popular DVD ripping software DVDFab. It won a preliminary injunction based on the argument that the “DVDFab Group” violates the DMCA’s anti-circumvention clause, since their software can bypass DVD encryption.
Initially DVDFab did not respond to the court, so the order was entered by default. However, after the injunction was issued the company responded in the name of Feng Tao, with a request for the court to revise its earlier judgment.
One of the counterarguments DVDFab raised was that the DMCA’s anti-circumvention provisions don’t apply worldwide, and DVDFab was promising to no longer do business with U.S. customers.
“It is well-established that the Copyright Act doesn’t apply extra-territorially,” the company argued, asking the court to quash the injunction or limit it to the United States.
AACS contested the good intentions of DVDFab and showed the court that the software was still readily available to the U.S. public. According to AACS the circumvention software was still being offered and promoted though new domains and services.
For example, new circumvention tools and services were offered from TDMore.com, BluFab.com, Boooya.org, DVDFab.de, and FabImg.net, among others. To stop DVDFab from bypassing the court order, AACS asked for an updated injunction to cover these new products and domains.
This week District Court Judge Vernon Broderick ruled on the motions from both sides with AACS the clear winner
The Judge argues that DVDFab’s explanations for the continued offering of software in the U.S. are not credible so has ordered the seizure of several new domain names.
“Tao’s explanations for his continued trafficking of infringing products into the United States—the product is not his, the product was not created ‘primarily’ for AACS circumvention, or the product was not intended for U.S. users — is simply not credible. The record overwhelmingly demonstrates these statements are not true,” Judge Broderick writes.
The injunction bars DVDFab from distributing its software in public and allows AACS to seize seizure a wide range domain names. In addition, the company’s social media accounts are to be blocked and other services including online banks cut off as well.
While the Judge understands that the DMCA doesn’t apply in other countries he argues that, considering DVDFab’s conduct after the initial injunction, it will only be effective if it applies worldwide.
“It was not my intention to sweep within the Preliminary Injunction lawful conduct, i.e. entirely extraterritorial conduct. However, Defendant’s recalcitrant persistence in accessing the United States market makes clear to me that no more narrowly-tailored relief would be effective,” the Judge writes.
As a result DVDFab will lose control over TDMore.com, BluFab.cn, BluFab.com, Boooya.org, DVDFab.de, DVDFab.cn, FabImg.net, Woookao.cn, and Woookao.com which were found to be in violation of the DMCA. Two other domains, TDMore.cn and Boooya.com, were not added as there’s not enough evidence that they are operated by the software vendor.
There is no doubt that the broad injunction will severely impact the Chinese company. Aside from its domain names, the court also ordered payment processors to stop working with DVDFab, which will make it very hard for the company to sell its products anywhere in the world.
New Zealand launched a covert surveillance operation targeting candidates vying to be director general of the World Trade Organization, a top-secret document reveals.
In the period leading up to the May 2013 appointment, the country’s electronic eavesdropping agency programmed an Internet spying system to intercept emails about a list of high-profile candidates from Brazil, Costa Rica, Ghana, Indonesia, Jordan, Kenya, Mexico, and South Korea.
New Zealand’s trade minister Tim Groser was one of nine candidates in contention for the position at the WTO, a powerful international organization based in Geneva, Switzerland that negotiates trade agreements between nations. The surveillance operation, carried out by Government Communications Security Bureau, or GCSB, appears to have been part of a secret effort to help Groser win the job.
Groser ultimately failed to get the position.
A top-secret document obtained by The Intercept and the New Zealand Herald reveals how GCSB used the XKEYSCORE Internet surveillance system to collect communications about the WTO director general candidates.
XKEYSCORE is run by the National Security Agency and is used to analyze billions of emails, Internet browsing sessions and online chats that are vacuumed up from about 150 different locations worldwide. GCSB has gained access to XKEYSCORE because New Zealand is a member of the Five Eyes surveillance alliance alongside the United States, the United Kingdom, Canada and Australia.