summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
author46halbe <46halbe@berlin.ccc.de>2015-03-17 23:57:18 +0000
committer46halbe <46halbe@berlin.ccc.de>2020-05-23 13:39:47 +0000
commit6c388c26184de599fc3432d82b36f9a6444088a8 (patch)
treeda1b76ea5da144b26be55454fee28c064df59c6b
parented8ddac07291ff5c0cd4292c704985f6455c3154 (diff)
committing page revision 1
-rw-r--r--updates/2015/weltweit-computer-und-mobiltelefone-hacken.en.md132
1 files changed, 132 insertions, 0 deletions
diff --git a/updates/2015/weltweit-computer-und-mobiltelefone-hacken.en.md b/updates/2015/weltweit-computer-und-mobiltelefone-hacken.en.md
new file mode 100644
index 00000000..c076215f
--- /dev/null
+++ b/updates/2015/weltweit-computer-und-mobiltelefone-hacken.en.md
@@ -0,0 +1,132 @@
1title: UK government claims power for broad, suspicionless hacking of computers and phones
2date: 2015-03-17 21:18:00
3updated: 2015-03-17 23:57:18
4author: vollkorn
5tags: update, pressemitteilung
6
7The British Government has admitted its intelligence services have the broad power to hack into personal phones, computers, and communications networks, and claims they are legally justified to hack anyone, anywhere in the world, even if the target is not a threat to national security nor suspected of any crime.
8
9<!-- TEASER_END -->
10
11These startling admissions come from a government court document
12published today by [Privacy
13International](https://www.privacyinternational.org/). \[1\] The
14document was filed by the government in response to two court cases
15initiated last year against GCHQ that challenge the invasive
16state-sponsored hacking revealed by Edward Snowden. \[2\] In the
17document, the Government outlines its broad authority to infiltrate
18personal devices and the networks we use everyday.
19
20Buried deep within the document, Government lawyers claim that while the
21intelligence services require authorisation to hack into the computer
22and mobile phones of "intelligence targets", GCHQ is equally permitted
23to break into computers anywhere in the world even if they are not
24connected to a crime or a threat to national security.
25
26Such powers are a massive invasion of privacy. Hacking is the modern
27equivalent of entering someone's house, searching through her filing
28cabinets, diaries and correspondence, and planting devices to permit
29constant surveillance in future. If mobile devices are involved, the
30government can obtain historical information including every location
31visited in the past year and the ongoing surveillance will capture the
32affected individual wherever they go.
33
34Additionally, the intelligence services assert the right to exploit
35communications networks in covert manoeuvres that severely undermine the
36security of the entire internet. The deployment of such powers is
37confirmed by recent news stories detailing how GCHQ hacked into Belgacom
38using the malware Regin, and targeted Gemalto, the world's largest maker
39of SIM cards used in countries around the world.
40
41The court document relies heavily on a draft code on "equipment
42interference", which was quietly released to the public on the same day
43that the Investigatory Powers Tribunal (IPT) found that GCHQ had
44previously engaged in unlawful information sharing with the United
45States' National Security Agency.
46
47For the past decade, GCHQ have been involved in state-sponsored hacking,
48or "Computer Network Exploitation", without this code being available to
49the public. This lack of transparency is a violation of the requirement
50that the intelligence services act in accordance with law. The draft
51code has not yet been approved by Parliament, and is open for public
52comment until 20 March 2015.
53
54Last week's ISC report admits for the first time that GCHQ relies on
55security vulnerabilities, including, zero-day vulnerabilities, for its
56CNE operations, but redacts the exact number of vulnerabilities
57disclosed.
58
59Privacy International assisted in filing two separate complaints to the
60IPT challenging GCHQ's widespread hacking. The first, in which Privacy
61International is the claimant, centres around GCHQ and the NSA's
62reported power to infect potentially millions of computer and mobile
63devices around the world with malicious software that gives them the
64ability to sweep up reams of content, switch on users' microphones or
65cameras, listen to their phone calls and track their locations. It is
66the first UK legal challenge to the use of hacking tools by intelligence
67services.
68
69The second complaint was filed by seven internet service and
70communications providers from around the world, who are calling for an
71end to GCHQ's exploitation of network infrastructure in order to
72unlawfully gain access to potentially millions of people's private
73communications. The complaint, filed by Riseup (US), GreenNet (UK),
74Greenhost (Netherlands), Mango (Zimbabwe), Jinbonet (Korea), May
75First/People Link (US), and the Chaos Computer Club (Germany), is the
76first time that internet and communication providers have taken
77collective action against GCHQ's targeting, attacking and exploitation
78of network communications infrastructure.
79
80Cedric Knight of GreenNet said:
81
82"Our joint action has already resulted in the intelligence services
83publishing their interpretation of UK law. Unfortunately what has been
84revealed is not pretty. There is nothing in GCHQ's response to reassure
85us that they are not targeting our staff or equipment. We remain
86extremely concerned that Ed Snowden was right about GCHQ having the most
87intrusive capabilities of any security agency, and about exactly how
88widespread their computer network exploitation may be, and the risks to
89network security and the privacy, freedom and safety of internet users
90around the world."
91
92Jan Girlich, spokesperson for the Chaos Computer Club, Germany, said:
93
94"It is apparent that GCHQ feels it has unlimited powers and does not
95care to work within its legal framework. Hacking of network
96infrastructure and people’s phones and devices for claimed national
97security reasons is actually undermining the IT security on a structural
98level. It leaves our infrastructure vulnerable and the people’s personal
99information in the hands of a secret service not bound to the law,
100wielding massive power over everybody they wish. Declaring infiltration
101and hacking of arbitrary computers worldwide legal by publishing the
102rules under which these activities happen, does not make it right. Mass
103surveillance and hacking is still wrong and must be stopped."
104
105May First/People Link said:
106
107"The Internet is a technology that breaks through the destructive
108barriers of national borders by providing each of us access to the
109thinking and experiences of the rest of humanity but some governments
110use this borderless state to abuse rights and effectively pervert the
111concept of access to experience. May First joins with our colleagues in
112combating that perversion."
113
114Korean Progressive Network Jinbonet said:
115
116"It's really surprising that the British Government claims that they can
117lawfully hack anyone in the world even without any suspicion.
118Intelligence agencies of each country including GCHQ and National
119Intelligence service of Korea seem to forget for whom and for what they
120have to serve. National security which is not based on rule of law and
121human rights would serve only the interest of the powerful."
122
123Links:
124
125- \[1\] [Open response in GCHQ
126 complaint](/system/uploads/174/original/Privacy_Greennet_Open_Response_6_Feb_2015.pdf)
127 (pdf)
128- \[2\] [Chaos Computer Club files complaint against
129 GCHQ](http://ccc.de/en/updates/2014/chaos-computer-club-klagt-gegen-gchq)
130- \[3\] [Global surveillance and hacking
131 disclosures](http://en.wikipedia.org/wiki/Global_surveillance_disclosures_%282013%E2%80%93present%29)
132 (2013–present)