Documents obtained by hackers from the Italian spyware manufacturer Hacking Team confirm that the company sells its powerful surveillance technology to countries with dubious human rights records.
Internal emails and financial records show that in the past five years, Hacking Team’s Remote Control System software — which can infect a target’s computer or phone from afar and steal files, read emails, take photos, and record conversations — has been sold to government agencies in Ethiopia, Bahrain, Egypt, Kazakhstan, Morocco, Russia, Saudi Arabia, South Sudan, Azerbaijan, and Turkey. An in-depth analysis of those documents by The Intercept shows Hacking Team’s leadership was, at turns, dismissive of concerns over human rights and privacy; exasperated at the bumbling and technical deficiency of some of its more controversial clients; and explicitly concerned about losing revenue if cut off from such clients.
With congressional hearings due on Wednesday to discuss US government plans to force tech companies to install backdoors in their encryption systems, some of the leading minds in the security world have published a paper on how, and if, such a system would work.
The authors of the 34-page paper [PDF] read like a who’s who of computer security: they are Whitfield Diffie (who along with Martin Hellman invented public key encryption); crypto guru Bruce Schneier; Ronald Rivest (the R in RSA), Matt Blazer, the killer of the Clipper Chip; Professor Ross Anderson from Cambridge University; and 11 other senior figures in the field.
A Federal Bureau of Investigation search warrant has provided a rare glimpse into the increasingly complex efforts of U.S. law enforcement to combat child pornography online, leading to the seizure this year of a website with nearly 215,000 users.
The search warrant, unsealed on Monday in federal court in Brooklyn, New York, showed that the FBI seized the website’s North Carolina server on Feb. 20 but allowed it to remain operating for about two weeks while authorities investigated its users.
Before shutting down “Website A,” as court documents call it, on March 4, the FBI obtained a search warrant from a judge in Virginia that authorized it to use a technique that would cause a computer to send it data anytime a user logged on.