Tag Archives: Intelligence Agencies

Quick Reference Resource: WikiLeaks CIA Vault7 Leak #20 – CouchPotato

CouchPotato enabled CIA agents to remotely use the tool to stealthily collect RTSP/H.264 video streams (RTSP/H.264: Real Time Streaming Protocol is a network control protocol designed for use in entertainment and communication systems and is a control mechanism for streaming media servers).

The tool provided CIA operatives with a number of options:

  • Collect the media stream as a video file (AVI);
  • Capture still images (JPG) of frames from the media stream;
    • This function was capable of being triggered only when there was change (threshold setting) in the pixel count from the previous capture;

The tool uses FFmpeg to encode and decode video and images and Real Time Streaming Protocol connectivity. The CouchPotato tool works stealthily without leaving any evidence on the attacked systems facilitated by ICE v3 “Fire and Collect” loader.

This is an in-memory code execution (ICE) technique that runs malicious code without the module code being written to the disk.

Neither Wikileaks, nor the leaked user guide explains how the agency penetrates the attacked systems, but as many CIA malware, exploits and hacking tools have already leaked in the Vault 7 publications, the agency has probably used CouchPotato in combination with other tools.” – TAD Group

The 10th August 2017 WikiLeaks release overview:

“Today, August 10th 2017, WikiLeaks publishes the the User Guide for the CoachPotato project of the CIA. CouchPotato is a remote tool for collection against RTSP/H.264 video streams. It provides the ability to collect either the stream as a video file (AVI) or capture still images (JPG) of frames from the stream that are of significant change from a previously captured frame. It utilizes ffmpeg for video and image encoding and decoding as well as RTSP connectivity. CouchPotato relies on being launched in an ICE v3 Fire and Collect compatible loader.”

One document was published alongside this release:

CouchPotato v1.0 — User Guide

Previous and subsequent Vault 7 WikiLeaks CIA document dump synopses are available via the Quick Reference Resource: WikiLeaks CIA Vault 7 Leaks

ENDS 

So, So Reasonable, The Politics of Fear – Retrofitting Abnormality

I have read many, many reasonable articles about the need for law enforcement and intelligence agencies to have the ability to access the communications of person’s of interest.

Patrick Gray recently wrote in “No encryption was harmed in the making of this intercept” that:

“Over the last few days people have been losing their minds over an announcement by the Australian government that it will soon introduce laws to compel technology companies to hand over the communications of their users. This has largely been portrayed as some sort of anti-encryption push, but that’s not my take. At all. Before we look at the government’s proposed “solution,” it might make sense to define some problems, as far as law enforcement and intelligence agencies are concerned. The first problem has very little to do with end-to-end encryption and a lot more to do with access to messaging metadata.”

he continues …

“Thanks to our pal Phineas Fisher, we’ve had a glimpse into the sausage factory that is the law enforcement trojanware industry. Gamma Group and Hacking Team, two companies that make surveillance software for mobile phones, were both hacked by Mr. Fisher and the gory details of their operations laid bare. What we learned is that law enforcement organisations already have perfectly functional trojans that they can install on a target’s phone. These trojans canalready intercept communications from encrypted apps.”

and then …

“Do we believe that law enforcement bodies should have the authority to monitor the communications of people suspected of serious criminal offences? If so, what should the legal process for provisioning that access look like? I mentioned auditing access under this scheme a couple of paragraphs ago. If we’re going to have a regime like this, can we have a decent access auditing scheme please? These are the sorts of things I would prefer to be talking about.”

Think about everything that is happening at the moment in terms of the erosion of your privacy, free speech, and civil liberties. And then ask yourself the following:

  1. Do I think that politicians are concerned with striking an appropriate balance between the right to privacyfreedom of speech, and the preservation of civil liberties with the need to maintain the rule of law;
  2. Do I think that the current wave of proposed surveillance legislation is an attempt to normalise abnormal and illegal  practices by our governments and intelligence agencies, now that they have been exposed;
  3. Do I think that all of this proposed legislation is engineered to save our governments and intelligence agencies the bother of the endless crisis room PR;
  4. Do I think that our governments and intelligence agencies are tired of having to react to the publication of their illegal practices by whistleblowers;
  5. Do I think instead that they wish to fob off all objections to Mass Surveillance with a dismissive “we’ve heard it all before” hand wave, the benefit of a statute, while mumbling “imminent threat”, “terrorists”, “pedophiles”, “dark markets”;

ENDS

My Privacy Lobotomy or How I Learned to Stop Worrying & Love the IP Act

(Please Note: This post is a partial reblog. The re-blogged bits are all the bits under the Malcolm Tucker “grenade app” GIF – Featured Image “Bring me Corbyn, Solo & the Wookie” (Credit to @Trouteyes on Twitter))

After weeks of posting hysterical objections to and concerns about the Investigatory Powers Act I now realise that I was worrying needlessly. It suddenly occurred to me that the Investigatory Powers Act is nothing that I should worry about at all. This radical change of heart came as a result of the following statement from the Home Office which Dave Howe on Peerlyst kindly sent to me:

“The safeguards in this Act reflect the UK’s international reputation for protecting human rights. The unprecedented transparency and the new safeguards – including the ‘double lock’ for the most sensitive powers – set an international benchmark for how the law can protect both Privacy and security.”

This is the civil servant who issued the statement:

author

The patronisingly misleading statement has caused me to make an immediate and unconditional U-Turn on my previous opinion of the legislation.

I am now immensely grateful to Theresa May and everyone who had a part in authoring this document. Hopefully it will soon take it’s rightful place alongside the Magna Carta and the Bill of Rights as milestones in the relentless march toward a privacy protected, liberty guaranteed and freedom based utopia.

tucker

Hardly Anyone Has Access To All My Data

Access to my internet connection records is set out in Schedule 4 of the Act and it only says that the following forty plus departments and about 600,000 government employees can mine my private life:

  • Metropolitan Police force
  • City of London Police force
  • Police Forces maintained under section 2 of the Police Act 1996
  • Police Service of Scotland
  • Police Service of Northern Ireland
  • British Transport Police
  • Ministry of Defence Police
  • Royal Navy Police
  • Royal Military Police
  • Royal Air Force Police
  • Security Service
  • Secret Intelligence Service
  • GCHQ
  • Ministry of Defence
  • Department of Health
  • Home Office
  • Ministry of Justice
  • National Crime Agency
  • HM Revenue & Customs
  • Department for Transport
  • Department for Work and Pensions
  • NHS trusts and foundation trusts in England that provide ambulance services
  • Common Services Agency for the Scottish Health Service
  • Competition and Markets Authority
  • Criminal Cases Review Commission
  • Department for Communities in Northern Ireland
  • Department for the Economy in Northern Ireland
  • Department of Justice in Northern Ireland
  • Financial Conduct Authority Fire and rescue authorities under the Fire and Rescue Services Act 2004
  • Food Standards Agency
  • Food Standards Scotland
  • Gambling Commission
  • Labour Abuse Authority
  • Health and Safety Executive
  • Independent Police Complaints Commissioner
  • Information Commissioner
  • NHS Business Services Authority
  • Northern Ireland Ambulance Service Health and Social Care Trust
  • Northern Ireland Fire and Rescue Service Board
  • Northern Ireland Health and Social Care Regional Business Services Organisation
  • Office of Communications Office of the Police Ombudsman for Northern Ireland
  • Police Investigations and Review Commissioner
  • Scottish Ambulance Service Board
  • Scottish Criminal Cases Review Commission
  • Serious Fraud Office
  • Welsh Ambulance Services National Health Service Trust

Hackers

Bulk surveillance of the population and dozens of public authorities with the power to access your internet connection records is a grim turn of events for a democracy.

Unfortunately, bulk collection and storage will also create an irresistible target for malicious actors, massively increasing the risk that your personal data will end up in the hands of:

  • People able to hack / infiltrate your ISP
  • People able to hack / infiltrate your Wi-Fi hotspot provider
  • People able to hack / infiltrate your mobile network operator
  • People able to hack / infiltrate a government department or agency
  • People able to hack / infiltrate the government’s new multi-database request filter

If the events of the past few years are anything to go by, it won’t take long for one or more of these organisations to suffer a security breach. Assuming, of course, that the powers that be manage not to just lose all of your personal data in the post.

So – nothing to worry about at all.

END