Search the Community
Showing results for tags 'gchq'.
Found 4 results
Government Communications Headquarters (GCHQ), the UK’s counterpart to the National Security Agency (NSA), has fired the latest shot in the crypto wars. In a post to Lawfare titled Principles for a More Informed Exceptional Access Debate, two of Britain’s top spooks introduced what they’re framing as a kinder, gentler approach to compromising the encryption that keeps us safe online. This new proposal from GCHQ—which we’ve heard rumors of for nearly a year—eschews one discredited method for breaking encryption (key escrow) and instead adopts a novel approach referred to as the “ghost.” But let’s be clear: regardless of what they’re calling it, GCHQ’s “ghost” is still a mandated encryption backdoor with all the security and privacy risks that come with it. Backdoors have a (well-deserved) horrible reputation in the security community. But that hasn’t dissuaded law enforcement officials around the world from demanding them for more than two decades. And while the Internet has become a more dangerous place for average users, making encryption more important than ever, this rhetoric has hardly changed. What has changed is the legal landscape governing encryption and law enforcement, at least in the UK. 2016 saw the passage of the Investigatory Powers Act, which gives the UK the legal ability to order a company like Apple or Facebook to tamper with security features in their products—while simultaneously being prohibited from telling the public about it. As far as is publicly known, the UK has not attempted to employ the provisions of the Investigatory Powers Act to compromise the security of the products we use. Yet. But GCHQ’s Lawfare piece previews the course that the agency is likely to take. The authors lay out six “principles” for an informed debate, and they sound pretty noncontroversial. Privacy and security protections are critical to public confidence. Therefore, we will only seek exceptional access to data where there’s a legitimate need, that access is the least intrusive way of proceeding and there is appropriate legal authorisation. Investigative tradecraft has to evolve with technology. Even when we have a legitimate need, we can’t expect 100 percent access 100 percent of the time. Targeted exceptional access capabilities should not give governments unfettered access to user data. Any exceptional access solution should not fundamentally change the trust relationship between a service provider and its users. Transparency is essential. So far so good. I absolutely agree that law enforcement should only act where there’s a legitimate need and only when authorized by a court, in a way that evolves with the tech, that doesn’t have unrealistic expectations, that doesn’t enable mass surveillance, that doesn’t undermine the public trust, and that is transparent. But unfortunately, the authors fail to apply the principles so carefully laid out to the problem at hand. Instead, they’re proposing a way of undermining end-to-end encryption using a technique that the community has started calling the “ghost.” Here’s how the post describes it: Applying this idea to WhatsApp, it would mean that—upon receiving a court order—the company would be required to convert a 1-on-1 conversation into a group chat, with the government as the third member of the chat. But that’s not all. In WhatsApp’s UX, users can verify the security of a conversation by comparing “security codes” within the app. So for the ghost to work, there would have to be a way of forcing both users’ clients to lie to them by showing a falsified security code, as well as suppress any notification that the conversation’s keys had changed. Put differently, if GCHQ’s proposal went into effect, consumers could never again trust the claims that our software makes about what it’s doing to protect us. The authors of the Lawfare piece go out of their way to claim that they are “not talking about weakening encryption or defeating the end-to-end nature of the service.” Hogwash. They’re talking about adding a “feature” that would require the user’s device to selectively lie about whether it’s even employing end-to-end encryption, or whether it’s leaking the conversation content to a third (secret) party. Is the security code displayed by your device a mathematical representation of the two keys involved, or is it a straight-up lie? Furthermore, what’s to guarantee that the method used by governments to insert the “ghost” key into a conversation without alerting the users won’t be exploited by bad actors? Despite the GCHQ authors’ claim, the ghost will require vendors to disable the very features that give our communications systems their security guarantees in a way that fundamentally changes the trust relationship between a service provider and its users. Software and hardware companies will never be able to convincingly claim that they are being honest about what their applications and tools are doing, and users will have no good reason to believe them if they try. And, as we’ve seen already seen, GCHQ will not be the only agency in the world demanding such extraordinary access to billions of users’ software. Australia was quick to follow the UK’s lead, and we can expect to see similar demands, from Brazil and the European Union to Russia and China. (Note that this proposal would be unconstitutional were it proposed in the United States, which has strong protections against governments forcing actors to speak or lie on its behalf.) The “ghost” proposal violates the six “principles” in other ways, too. Instead of asking investigative tradecraft to evolve with technology, it’s asking technology to build investigative tradecraft in from the ground floor. Instead of targeted exceptional access, it’s asking companies to put a dormant wiretap in every single user’s pocket, just waiting to be activated. We must reject GCHQ’s newest “ghost” proposal for what it is: a mandated encryption backdoor that weakens the security properties of encrypted messaging systems and fundamentally compromises user trust. GCHQ needs to give up the ghost. It’s just another word for an encryption backdoor. Source : The EFF
steven36 posted a topic in Security & Privacy NewsNobody wants to be a third wheel. Unless you’re a British spy. Two of the most senior officials at British eavesdropping agency GCHQ say one way that law enforcement could access encrypted messages is to simply add themselves to your conversations. “It’s relatively easy for a service provider to silently add a law enforcement participant to a group chat or call,” said Ian Levy, technical director of the U.K.’s National Cyber Security Center, and Crispin Robinson, cryptanalysis director at GCHQ, in an op-ed for Lawfare. “The service provider usually controls the identity system and so really decides who’s who and which devices are involved — they’re usually involved in introducing the parties to a chat or call,” they said. “You end up with everything still being end-to-end encrypted, but there’s an extra ‘end’ on this particular communication.” Law enforcement and intelligence agencies have long wanted access to encrypted communications, but have faced strong opposition to breaking the encryption for fears that it would put everyone’s communications at risk, rather than the terror suspects or criminals that the police primarily want to target. In this case, two people using an end-to-end encrypted messaging app would be joined by a third, invisible person — the government — which could listen in at will. This solution, Levy and Robinson say, would be “no more intrusive than the virtual crocodile clips” that lawmakers have already authorized police to use to wiretap communications. Presumably that would require compelled assistance from the tech companies that built the encrypted messaging apps in the first place, like Apple, Facebook’s WhatsApp, Signal, Wire and Wickr. That poses not only an ethical problem for the companies, which developed their own end-to-end encrypted services so that even they can’t access people’s communications, but also a technical one, which would require the government to ask a court to compel the companies to rework their own technologies to allow government spies in. It wouldn’t be the first time the government’s pushed for compelled assistance. Only recently that the U.S. government lost its bid to force Facebook to re-architect its Messenger app to allow the government to listen in on suspected gang members. And not just the U.S. or the U.K.. Russia, the west’s favorite frenemy, forced Telegram, another encrypted messaging app, to turn over its private keys in an effort to allow its intelligence agencies to snoop in on possible kompromat. Suffice to say, the U.K.’s plan has drawn strong criticism. And NSA whistleblower Edward Snowden, an outspoken commentator and critic of global surveillance, branded the move “absolute madness.” Source
Reefa posted a topic in Security & Privacy NewsJust as civil liberties groups challenge the legality of the UK intelligence agency’s mass surveillance programs, a catalog of exploit tools for monitoring and manipulation is leaked online. The Joint Threat Research Intelligence Group (JTRIG), a department within the Government Communications Headquarters (GCHQ), “develops the majority of effects capabilities” for UK’s NSA-flavored intelligence agency. First Look Media first published the Snowden-leaked Wikipedia-like document full of covert tools used by GCHQ for surveillance and propaganda. JTRIG tools and techniques help British spies “seed the internet with false information, including the ability to manipulate the results of online polls,” monitor social media posts, and launch attacks ranging from denial of service, to call bombing phones, to disabling users' accounts on PCs. Devil’s Handshake, Dirty Devil, Reaper and Poison Arrow are but a few vicious-sounding JTRIG system tools, but the naming convention for others are just inane like Bumblebee Dance, Techno Viking and Jazz Fusion. Perhaps the British spies were hungry when coming up with Fruit Bowl, Spice Island, Nut Allergy, and Berry Twister? Most of the tools are "fully operational, tested and reliable,” according to the 2012 JTRIG Manual, but "Don't treat this like a catalog. If you don't see it here, it doesn't mean we can't build it." Like the previously leaked TAO exploits, it’s an eye-opener as to exploits that GCHQ can deploy. Some of the especially invasive tools that are “either ready to fire or very close to being ready” include: Angry Pirate can “permanently disable a target’s account on their computer.” Stealth Moose can “disrupt” a target’s “Windows machine. Logs of how long and when the effect is active.” Sunblock can “deny functionality to send/receive email or view material online.” Swamp Donkey “silently” finds and encrypts all predefined types of files on a target’s machine. Tracer Fire is an “Office document that grabs the targets machine info, files, logs, etc and posts it back to GCHQ.” Gurkhas Sword is a tool for “beaconed Microsoft Office documents to elicit a targets IP address.” Tornado Alley is a delivery system aimed at Microsoft Excel "to silently extract and run an executable on a target's machine." Changeling provides UK spies with the “ability to spoof any email address and send email under that identity.” Glassback gets a target’s IP by “pretending to be a spammer and ringing them. Target does not need to answer.”Denial of Service: Rolling Thunder uses P2P for distributed denial of service. Predators Face is used for “targeted denial of service against web servers.” Silent Movie provides “targeted denial of service against SSH services.”Other JTRIG exploits include Screaming Eagle, “a tool that processes Kismetdata into geolocation information” and Chinese Firecracker for “overt brute login attempts against online forums.” Hacienda is a “port scanning tool designed to scan an entire country or city” before identifying IP locations and adding them to an “Earthling database.” Messing with cellphones: Burlesque can “send spoofed SMS text messages.” Cannonball can “send repeated text messages to a single target.” Concrete Donkey can “scatter an audio message to a large number of telephones, or repeatedly bomb a target number with the same message.” Deer Stalker provides a way to silently call a satellite and GSM phone “to aid geolocation.” Imperial Barge can connect two target phones together in a call. Mustang “provides covert access to the locations of GSM cell towers.” Scarlet emperor is used for denial of service against targets’ phones via call bombing. Scrapheap Challenge provides “perfect spoofing of emails from BlackBerry targets.” Top Hat is “a version of Mustang and Dancing Bear techniques that allows us to pull back cell tower and Wi-Fi locations targeted against particular areas.” Vipers Tongue is another denial of service tool but it’s aimed at satellite or GSM phone calls. Manipulation and propaganda Bomb Bay can “increase website hits/rankings.” Gateway can “artificially increase traffic to a website;” Slipstream can “inflate page views on websites.” Underpass “can change the outcome of online polls.” Badger can mass deliver email messages “to support an Information Operations campaign.” Gestator can amplify a “given message, normally video, on popular multimedia websites” like YouTube. The “production and dissemination of multimedia via the web in the course of information operations” can be accomplished with Skyscraper. There are also various tools to censor or report “extremist” content. Online surveillance of social networks Godfather collects public data from Facebook. While Spring Bishop finds private photos of targets on Facebook, Reservoir allows the collection of various Facebook information. Clean Sweep can “masquerade Facebook wall posts for individuals or entire countries.” Birdstrike monitors and collects Twitter profiles. Dragon’s Snout collects Paltalk group chats. Airwolf collects YouTube videos, comments and profiles. Bugsy collects users’ info off Google+. Fatyak is about collecting data from LinkedIn. Goodfella is a “generic framework to collect public data from online social networks.” Elate monitors a target's use of UK's eBay. Mouth finds, collects and downloads a user’s files from achive.org. Photon Torpedo can “actively grab the IP address of an MSN messenger user.” Pitbull is aimed at large scale delivery of tailored messages to IM services. Miniature Hero is about exploiting Skype. The description states, “Active Skype capability. Provision of real time call records (SkypeOut and SkypetoSkype) and bidirectional instant messaging. Also contact lists.” If that’s not enough mass-scale surveillance and manipulation to irk you, there are more weaponized tricks and techniques in the JTRIG Manual. Source
Reefa posted a topic in Security & Privacy NewsBritain's electronic eavesdropping center GCHQ faces legal action from seven internet service providers who accuse it of illegally accessing "potentially millions of people's private communications," campaigners said Wednesday. The claim threatens fresh embarrassment for the British authorities after leaks by fugitive NSA worker Edward Snowden showed GCHQ was a key player in covert US surveillance operations globally. The complaint has been filed at a London court by ISPs Riseup and May First/People Link of the US, GreenNet of Britain, Greenhost of the Netherlands, Mango of Zimbabwe, Jinbonet of South Korea and the Chaos Computer Club of Germany, plus campaigners Privacy International. They claim that GCHQ carried out "targeted operations against internet service providers to conduct mass and intrusive surveillance." The move follows a series of reports by German magazine Der Spiegel which claimed to detail GCHQ's illicit activities. These reportedly included targeting a Belgian telecommunications company, Belgacom, where staff computers were infected with malware in a "quantum insert" attack to secure access to customers. The legal complaint says this was "not an isolated attack" and alleges violations of Britain's Human Rights Act and the European Convention of Human Rights. "These widespread attacks on providers and collectives undermine the trust we all place on the internet and greatly endangers the world's most powerful tool for democracy and free expression," said Eric King, Privacy International's deputy director. Britain's Foreign Office did not immediately comment. GCHQ, which stands for Government Communications Headquarters, employs around 5,500 people and is housed in a giant doughnut-shaped building in the sleepy town of Cheltenham, southwest England. Snowden's leaks claimed that the NSA had been secretly funding GCHQ to the tune of £100 million ($160 million, 120 million euros) over the last three years. Source