the German delegation had actually pushed back on the more extreme versions of Article 13 — and, in particular, had demanded that a final version have a clear carve-out for smaller companies, so as not to have them forced out of business by the onerous demands of the law. However, after some back and forth, Germany caved in to France’s demands, with many left scratching their heads as to why. However, some noted the “coincidence” in timing, that right after this, France also withdrew its objections to the pipeline which is very controversial in the EU (and the US, which is threatening sanctions).
In what could be a severe case of irony overload, anti-piracy company Denuvo is being accused of using unlicensed software to protect its infamous anti-piracy tool. A developer of VMProtect, software which itself protects against reverse engineering and cracking, says that Denuvo has been using the product without obtaining the necessary permission.
Lockheed Martin tells investors it will see “indirect benefits” from the war in Syria. Raytheon notes “a significant uptick.”
The National Security Agency and its closest allies planned to hijack data links to Google and Samsung app stores to infect smartphones with spyware, a top-secret document reveals.
The surveillance project was launched by a joint electronic eavesdropping unit called the Network Tradecraft Advancement Team, which includes spies from each of the countries in the “Five Eyes” alliance — the United States, Canada, the United Kingdom, New Zealand and Australia.
The top-secret document, obtained from NSA whistleblower Edward Snowden, was published Wednesday by CBC News in collaboration with The Intercept. The document outlines a series of tactics that the NSA and its counterparts in the Five Eyes were working on during workshops held in Australia and Canada between November 2011 and February 2012.
The main purpose of the workshops was to find new ways to exploit smartphone technology for surveillance. The agencies used the Internet spying system XKEYSCORE to identify smartphone traffic flowing across Internet cables and then to track down smartphone connections to app marketplace servers operated by Samsung and Google. (Google declined to comment for this story. Samsung said it would not be commenting “at this time.”)
As part of a pilot project codenamed IRRITANT HORN, the agencies were developing a method to hack and hijack phone users’ connections to app stores so that they would be able to send malicious “implants” to targeted devices. The implants could then be used to collect data from the phones without their users noticing.
Previous disclosures from the Snowden files have shown agencies in the Five Eyes alliance designed spyware for iPhones and Android smartphones, enabling them to infect targeted phones and grab emails, texts, web history, call records, videos, photos and other files stored on them. But methods used by the agencies to get the spyware onto phones in the first place have remained unclear.
The newly published document shows how the agencies wanted to “exploit” app store servers — using them to launch so-called “man-in-the-middle” attacks to infect phones with the implants. A man-in-the-middle attack is a technique in which hackers place themselves between computers as they are communicating with each other; it is a tactic sometimes used by criminal hackers to defraud people. In this instance, the method would have allowed the surveillance agencies to modify the content of data packets passing between targeted smartphones and the app servers while an app was being downloaded or updated, inserting spyware that would be covertly sent to the phones.
Europe’s top cop has taken to the BBC to once again slam encryption as the biggest threat to counter-terrorism and law enforcement.
Europol Director Rob Wainright said encrypted communications gave plods across the continent the biggest headaches, and his main gripe was with the IT companies that provide them.
“We are disappointed by the position taken by these tech firms and it only adds to our problems in getting to the communications of the most dangerous people that are abusing the internet,” he said.
He told the civil liberties committee of the European Parliament the same thing last November. Now he says there is “a significant capability gap” that must be closed.
“It’s changed the very nature of counter-terrorist work from one that has been traditionally reliant on having good monitoring capability of communications to one that essentially doesn’t provide that anymore,” he told the Beeb.
However, Wainright himself will not get his hands on any of that “capability”. According to Europol’s website, the organisation itself “has neither the technical equipment nor the legal authorisation to wiretap or monitor members of the public by any technological means”.
“Any information being analysed by Europol is provided directly by the co-operating law enforcement agencies. Europol’s principal role is to gather, analyse and re-distribute data,” he said in the interview.
That hasn’t stopped EU countries beefing up Europol with a new European Internet Referral Unit to find, identify and potentially remove websites used by terrorist groups.
National leaders across the EU have been calling for increased access to private communications since the Charlie Hebdo attacks in Paris. The European Council hopes the new unit will be up and running by June.
Meanwhile, tech companies will continue to boost end-to-end encryption after the Snowden revelations created a business case, as consumers demanded their communications be secured.
Dutch MEP Sophie In’t Veld said she found his comments (which echo those of UK PM David Cameron) extremely worrying. “What is next? Having a lock on the front door of your home being a criminal offence? Banning people from protecting their private communications is unacceptable in a democratic society. We are really on a slippery slope here.”
“Not only individual citizens have a right to privacy, but journalists, politicians, lawyers, whistleblowers, NGOs, etc must be able to communicate freely, safely and knowing they are unobserved,” she added.
“There seems to be no limit to the appetite of secret services to know EVERYTHING about us, without being subject to any meaningful kind of oversight or bound by laws,” continued In’t Veld.
“He believes all of this is caused by the ‘revelations’ on NSA mass surveillance. “One would think it was the secret and illegal mass surveillance itself, not the fact it was revealed, that has breached trust,” said In’t Veld.
We’ve been writing a lot about the Trans Pacific Partnership (TPP) agreement over the past few years. There are many, many problems with it, but the two key ones are the intellectual property chapter and the investment chapter. Unlike some who are protesting TPP, we actually think that free trade is generally a good thing and important for the economy — but neither the intellectual property section nor the investment chapter are really about free trade. In many ways, they’re about the opposite: trying to put in place protectionist/mercantilist policies that benefit the interests of a few large legacy industries over the public and actual competition and trade. We’ve already discussed many of the problems of the intellectual property chapter — which is still being fought over — including that it would block the US from reforming copyright to lower copyright term lengths (as even the head of the Copyright Office, Maria Pallante has argued for).
And, last week, Wikileaks leaked the investment chapter, which is focused on corporate sovereignty provisions, officially known as “investor state dispute settlement” or “ISDS” (named as such, in part, because the negotiators know it sounds boring, so they hope the public won’t pay attention). As people go through the details and the fine print, they’re finding some serious problems with it. Sean Flynn has a very in-depth look at how the combination of these two chapters — the IP chapter and the investment chapter — could very likely threaten fair use (and, with it, undermine the First Amendment).
The full details as to how are a bit tricky to understand, because it involves digging through the leaked versions of both chapters, and understanding some of the subtle language choices, but it’s a serious concern. Flynn’s article also goes through the history of how such corporate sovereignty provisions have been expanded and increasingly used over the past decade or so. But the key part is this: the investment chapter certainly can (and will) be read to cover intellectual property as well, including the idea that a company can invoke the ISDS process if it feels its “intellectual property” has been “expropriated” in some manner. The word “investment” in the investment chapter is defined incredibly broadly and explicitly includes “intellectual property” as well as “other tangible or intangible, movable or immovable property.” It also, importantly, notes that an investment, for the purpose of ISDS, covers:
every asset that an investor owns or controls, directly or indirectly, that has the characteristics of an investment, including such characteristics as the commitment of capital or other resources, the expectation of gain or profit, or the assumption of risk.
Now, it’s no secret that the legacy entertainment industry is no fan of fair use (even if they often rely on it themselves). While fair use is officially part of the law in the US, the entertainment industry just recently fought very hard to block it in the UK and Australia, arguing (ridiculously) that fair use would harm innovation.
Even where there are very strong arguments for fair use — such as in helping the blind access works — the entertainment industry has twisted the so-called “three step” test from the Berne Agreement to argue that that is the most that is allowed for fair use. The three step test is actually really about limiting fair use, rather than enabling it. It is in the Berne agreement (as a relatively recent addition) as one possible “exception” to copyright, but not the only one. However, the haters of fair use like to pretend that it is the only one allowed under that agreement.
Under the three step test, “exceptions” to copyright occur when there are:
limitations and exceptions to exclusive rights to (Step 1) certain special cases (Step 2) which do not conflict with a normal exploitation of the work and (Step 3) do not unreasonably prejudice the legitimate interests of the rights holder
And, of course, in the US, fair use goes way beyond that already. And, as Flynn points out, it appears from the leaked text of TPP, the US would now be opening itself up to an ISDS challenge from a foreign owned company (remember: Universal Music is owned by a French company, Sony Music is owned by a Japanese company and Warner Music is owned by Russians…) that the fair use doctrine itself “expropriates” its “intellectual property” rights by going beyond the three steps test. Here’s Flynn:
And here is a major one lurking in the shadows. Many copyright intensive industries are hostile to the U.S. fair use doctrine and many of the decisions of courts emanating from it. There have been arguments raised from time to time that the doctrine or its applications are contrary to the so-called Berne 3-step test requiring that limitations and exceptions to rights be limited to certain special cases, not conflict with a normal exploitation of the work and not unreasonably prejudice the legitimate interests of the author (see this rebuttal from Gervais et al.). No other country has attempted to sue the U.S. or the nearly dozen other countries around the world that have fair use. But will the content industry be so reticent with such challenges in the future? With the TPP ISDS chapter, they will not have to in 40% of the global economy.
And this isn’t so far fetched. As we’ve been discussing, under existing ISDS/corporate sovereignty provisions in NAFTA, Eli Lilly is currently suing Canada for $500 million because Canada refused to grant it some patents. Eli Lilly is arguing that this “expropriated” Eli Lilly’s “intellectual property” and took away its “expected profits.”
Is it that difficult to believe that a recording studio or movie studio might make a similar argument on a fair use determination on one of its copyright-covered works?
And, if fair use is undermined, so is free speech. As we’ve noted, the Supreme Court itself has long argued that current fair use doctrine is a necessary “safety valve” in making sure that copyright does not violate the First Amendment. In other words, fair use is a key part of your First Amendment rights.
And yet… the USTR is basically putting in place a plan and system to undermine this, because the big copyright players are among the very few people who are allowed to see the negotiating text and to “advise” the USTR on what should be in it. Once again, it would seem like the most obvious way to deal with this would be for the USTR to release the negotiating documents, so that the public would be aware of what’s being negotiated, and could discuss the possible consequences — like how the current rules have the potential to undermine fair use and free speech. But, for reasons that the USTR still will not explain (perhaps because they reveal the USTR’s true reasoning for such provisions), it refuses to do so.
Israel spied on the recent US-Iran nuclear talks, alleges America. And the US knows enough about it to say it publicly because the NSA is spying on Israel, along with everyone else.
The Wall Street Journal reports that Israel handed over confidential information from the negotiations with friendly members of the US Congress in a bid to derail any deal.
Israel denies the accusations, which highlight a widening gulf between Binyamin Netanyahu’s hawkish government in Israel and the Obama administration.
German Vice Chancellor Sigmar Gabriel said this week in Homburg that the U.S. government threatened to cease sharing intelligence with Germany if Berlin offered asylum to NSA whistleblower Edward Snowden or otherwise arranged for him to travel to that country. “They told us they would stop notifying us of plots and other intelligence matters,” Gabriel said.
The vice chancellor delivered a speech in which he praised the journalists who worked on the Snowden archive, and then lamented the fact that Snowden was forced to seek refuge in “Vladimir Putin’s autocratic Russia” because no other nation was willing and able to protect him from threats of imprisonment by the U.S. government (I was present at the event to receive an award). That prompted an audience member to interrupt his speech and yell out: “Why don’t you bring him to Germany, then?”
There has been a sustained debate in Germany over whether to grant asylum to Snowden, and a major controversy arose last year when a Parliamentary Committee investigating NSA spying divided as to whether to bring Snowden to testify in person, and then narrowly refused at the behest of the Merkel government. In response to the audience interruption, Gabriel claimed that Germany would be legally obligated to extradite Snowden to the U.S. if he were on German soil.
Afterward, however, when I pressed the vice chancellor (who is also head of the Social Democratic Party, as well as the country’s economy and energy minister) as to why the German government could not and would not offer Snowden asylum — which, under international law, negates the asylee’s status as a fugitive — he told me that the U.S. government had aggressively threatened the Germans that if they did so, they would be “cut off” from all intelligence sharing. That would mean, if the threat were carried out, that the Americans would literally allow the German population to remain vulnerable to a brewing attack discovered by the Americans by withholding that information from their government.
Kaspersky malware probers have uncovered a new ‘operating system’-like platform they was developed and used by the National Security Agency (NSA) in its Equation spying arsenal.
The EquationDrug or Equestre platform is used to deploy 116 modules to target computers that can siphon data and spy on victims.
“It’s important to note that EquationDrug is not just a trojan, but a full espionage platform, which includes a framework for conducting cyberespionage activities by deploying specific modules on the machines of selected victims,” Kaspersky researchers say in a report.
“Other threat actors known to use such sophisticated platforms include Regin and Epic Turla.
“The architecture of the whole framework resembles a mini-operating system with kernel-mode and user-mode components carefully interacting with each other via a custom message-passing interface.”
The platform is part of the NSA’s possibly ongoing campaign to infect hard disk firmware. It replaces the older EquationLaser and is itself superseded by the GrayFish platform.
Kaspersky says the newly-identified wares are as “sophisticated as a space station” thanks to the sheer number of included espionage tools.
Extra modules can be added through a custom encrypted file system containing dozens of executables that together baffle most security bods.
Most of the unique identifiers and codenames tied to modules is encrypted and obfuscated. Some modules capabilities can be determined with unique identification numbers. Others are dependent on other plugins to function.
Each plugin has a unique ID and version number that defines a set of functions it can provide. Some of the plugins depend on others and might not work unless dependencies are resolved.
Kaspersky bods have found 30 of the 116 modules estimated to exist.
“The plugins we discovered probably represent just a fraction of the attackers’ potential,” the researchers say.
Executable timestamps reveal NSA developers likely work hardest on the platform on Tuesdays to Fridays, perhaps having late starts to Monday.
Modules detected in the tool include code for:
- Network traffic interception for stealing or re-routing
- Reverse DNS resolution (DNS PTR records)
- Computer management
- Start/stop processes
- Load drivers and libraries
- Manage files and directories
- System information gathering
- OS version detection
- Computer name detection
- User name detection
- Locale detection
- Keyboard layout detection
- Timezone detection
- Process list
- Browsing network resources and enumerating and accessing shares
- WMI information gathering
- Collection of cached passwords
- Enumeration of processes and other system objects
- Monitoring LIVE user activity in web browsers
- Low-level NTFS filesystem access based on the popular Sleuthkit framework
- Monitoring removable storage drives
- Passive network backdoor (runs Equation shellcode from raw traffic)
- HDD and SSD firmware manipulation
- Keylogging and clipboard monitoring
- Browser history, cached passwords and form auto-fill data collection.