The international hacker collective Anonymous has jumped into the battle over the Thai government’s attempts to consolidate and monitor all of the country’s internet use through a single gateway.
On Thursday evening, the website for CAT Telecom, the state-run telecommunications company tasked with implementing the gateway, went offline for several hours. CAT currently manages Thailand’s international gateways and was Anonymous’s primary target.
Earlier that day, the group announced the launch of #OpSingleGateway, saying in astatement that the government’s restriction of human rights and free speech was “going too far.”
“The land of smile [sic] will soon be similar to China, North Korea or any tyranic [sic] country providing intrusive electronic systems to spy and prosecute their own citizens having different ways of thinking,” wrote the group. “We will not only fight against the single gateway project but will expose your incompetence to the world, where depravity and personal interests prevail.”
A Twitter account, @F5CyberArmy, tweeted images saying that thousands of CAT Telecom customer logins and passwords had been compromised.
“It seems very clear that the gateway is a mechanism for control,” said Madeline Earp, a research analyst for Freedom House, a nonprofit that regularly releases reports on internet and press freedom around the world. In its 2014 report on internet, the organization rated Thailand as “not free.”
“Thailand already has an environment of prosecution and surveillance,” Earp added. “The gateway is a sign that the government is trying to consolidate the control they already have and further it with more sophisticated technology.”
Thailand’s internet use is already heavily monitored. Under the 2007 Computer Crimes Act, people convicted of using the internet inappropriately can be sentenced to prison for up to five years. In August, two people were sentenced to 28 and 30 years in prison under Thailand’s controversial lèse majesté laws for posting messages on Facebook considered insulting to the monarchy.
Arthit Suriyawongkul, a member of the cyber-freedom group Thai Netizen Network, said that the government’s effort to monitor the internet is not new, citing earlier plans by the government to create its own social media networks for the sake of improving surveillance. He is most concerned about the military junta using the gateway as a “single point of control” to shut down websites. Under current law, the government must make a request to the courts before they can take down a site. The new gateway would bypass this provision.
“We would immediately lose our checks and balances,” said Suriyawongkul. “We would have no record of which sites the government took down and when, and you would never know who was responsible.”
News site TelecomAsia wrote that it recently received documents suggesting that the Thai government had made plans to monitor the internet, including key social media networks such as Facebook and Twitter, since 2006. The documents suggest that a single internet gateway “has been a priority and pushed by the highest levels of the army for years,” according to the report.
Following public outcry against the plan, the government has continually flip-flopped on whether it will continue to pursue the gateway.
Last Thursday, Deputy Prime Minister Somkid Jatusripitak said the government would halt the plan, according to a Reuters report. But earlier this week, CAT Telecom said it would move forward. Though the government has consistently denied that the attacks have caused any damage, the announced earlier this week that it would create a new “cyber warfare unit” to tackle cyber crimes. Prime Minister Prayut has called for tightened cybersecurity in light of the attacks.
The CAT Telecom homepage currently features a disclaimer that says its website and the privacy of its users was not compromised by cyber attacks: “As for the news of a Single Internet Gateway that has caused these misunderstandings, the policy does not exist, and we are confident that there will be no suppression of citizens’ rights.”
An activist group called Citizens Against a Single Gateway has pledged to continue its war against the government.
“We have continually demanded that the government end the single gateway plan, but all they did was go forward with it,” a representative told VICE News. “It makes us feel that the government lacks any sincerity and does not listen to the people.”
“These operations will continue until the government has agreed to end the single gateway project and we have regained our internet freedom,” the group said in a statement.
Follow Kanyakrit Vongkiatkajorn on Twitter: @yukvon
The single internet gateway has been dubbed the Great Firewall of Thailand for the degree to which it allows the government to monitor, control, and shut down websites. The plan was proposed as early as May 2014, soon after the military government took power in a coup, but it gained widespread attention last month after a Thai developer posted a tweet linking to a cabinet resolution detailing the plan.The resolution outlines plans for a gateway that would “control websites that are inappropriate and the flow of information from foreign countries.” The resolution also noted that the Ministry of Information and Communication Technology should look at existing laws and determine whether new ones needed to be passed to complete the project. If so, they could be formulated under the order of the prime minister, former army chief Prayut Chan-ocha.
Thailand will carefully consider if it is necessary to join the Trans-Pacific Partnership (TPP), backed by the United States, as the country is in talks regarding another major trade pact involving China, Prime Minister Prayut Chan-o-cha says.
Speaking during his weekly televised address on Friday night, Gen Prayut said the Commerce Ministry recently invited representatives from three major private sector organisations to discuss the impact of the TPP which comprises 12 countries.
The private organisations are the Thai Bankers’ Association, the Thai Chamber of Commerce, and the Federation of Thai Industries.
The ministry said the organisations agreed that Thailand should join the TPP as it would benefit the country, particularly in terms of investment, despite the fact that some business operators harboured concerns over the impact on some goods exports, Gen Prayut said.
Despite early signs that a threat to bring down government websites had fallen through, Thai cyber-activists claimed Friday that it had inflicted damage on junta internet systems.
Copies of data related to hundreds of customers of CAT Telecom — the Thai government communication agency in charge of implementing a controversial single gateway project — were shown in twitter messages.
“CAT Telecom compromised exposing 1000s of login, passwords, Thai IDs, and more,” said a message on the twitter account of Thailand F5 cyber Army — the moniker of cyber-activists opposed to what they call “The Great Firewall”.
The activists — who claimed to be aided by international hacking collective Anonymous — thus declared “victory” in their war against the junta’s plan to control online content.
According to the Bangkok Post, the CAT Telecom website was down for several hours late Thursday.
Another result of the hack was the leaking of documents, apparently from CAT Telecom files related to the single gateway project.
“TelecomAsia has received a set of leaked documents that would suggest the Single Gateway project has been a priority and pushed by the highest levels of the army for years,” wrote Information Technology journalist Don Sambandaraksa on the TelecomAsia news site.
Some documents attested that the project goes back as far as 2006, according to Sambandaraksa.
“One slide listed target media that need to be put under surveillance — Facebook, YouTube, Twitter, WordPress, Blogger, Flickr, Instagram and Tumblr,” he wrote.
In another attack, activists disrupted the Thai military’s finance department.
“The Citizens against Single Gateway claimed our victory in the first stage after our cyber-war declaration,” Thailand F5 cyber Army claimed in an online statement.
“We made the financial accounting system of the finance department of the Royal Thai armed forces unable to work for more than three hours,” it said.
The gateway came to the public’s attention at the end of September when a cabinet meeting document emerged online urging administrators to set up a system that could be used as a device to control inappropriate websites along with the flow of news and information from overseas.
Following a June 30 cabinet meeting, instructions were repeatedly delivered in July and August by the cabinet to the Information and Communications Technology Ministry to push for the realization of the project.
As the plan grew, the public reacted with dismay and tens of thousands of comments criticizing the proposal were posted online.
Shadowy cyber-activists also caused at least six government websites to crash Sept. 30.
Taken aback by the strong reaction, the government sought to deny that the project had entered the implementation stage, saying that it was just an idea floated during a cabinet meeting.
But junta leader-cum-prime minister surprised many last Wednesday when he affirmed that the plan was still on.
“You say we should not have the single gateway, but can you prevent your group from writing things that defame the nation and government?” he told local reporters.
“If you cannot, then don’t tell me what method should be used.”
After Wednesday’s apparent reversal, the Thailand F5 cyber Army announced the war on government websites.
The gateway is one of a number of factors that appeared to suggest a strengthening of government control over the Internet.
On Thursday, Defense Minister Gen. Prawit Wongsuwan announced the creation of a new Army Cyber Center with the aim of protecting the monarchy and “keeping track of information on media and social media, to sort them out systematically”.
A Chinese man and woman use their smartphones in Beijing, China. China is the largest smartphone market in the world, although the country regularly imposes restrictions on internet usage. (Kevin Frayer/Getty Images)
By Simon Denyer
The Washington Post
BEIJING — Google has been steadily strangled, and Gmail finally blocked more effectively than ever. Instagram and Flickr recently went black, while Microsoft Outlook was hacked. In the past few days, virtual private network (VPN) services, the tools that many people use here to evade online censorship, came under renewed attack.
Brick by brick, China is building its Great Firewall steadily higher, experts say. It infuriates netizens, exasperates foreign business executives, and appears to contradict China’s pretensions to be a global superpower — and its celebrated opening to the outside world.
“China’s long-term goal is to make the Internet act like an intranet, cutting off access to all encrypted sites, so that government bureaucrats can tap into anything that anyone is saying, at any time,” said one foreign IT executive, who spoke on the condition of anonymity because of the sensitive nature of the subject.
Yet Chinese IT companies, behind the wall, are flourishing, and e-commerce is booming. As dissent is crushed, the policy’s success in consolidating Communist rule suggests that there will be no turning back.
The party’s determination to seize the “commanding heights” of the Internet here was cemented by a high-speed train crash in Wenzhou in July 2011, when news broke on social media and criticism of the authorities went viral, said Jeremy Goldkorn, director of Danwei, a media and Internet consulting firm in Beijing.
The 2009 “Facebook revolution” in Iran, and the role of social media in the Arab Spring, contributed to that determination, he said, while efforts to control the Internet have intensified amid a broader crackdown on free speech under President Xi Jinping, who assumed office in 2013.
The screws were further tightened in the second half of last year, after Xi took control of a new supervisory body designed to bolster the nation’s cybersecurity.
Hacking attacks have intensified, with users of Microsoft Outlook, Google, Yahoo and Apple services all targeted in the past three months, said Charlie Smith of GreatFire.org, an organization dedicated to combating online censorship in China. Services including Flickr, Instagram and Microsoft One Drive were blocked, as well as popular Asian chat services such as Line and Kaokao Talk.
“Last year’s crackdown has been the most aggressive in the history of Chinese censorship on the Internet,” Smith, who uses a pseudonym for security reasons, wrote in an e-mail. “The authorities now not only just target public information sharing (Facebook, Twitter, YouTube, etc.) they target private communications as well (Gmail, Outlook, IMs, etc).”
The assault on Google stretches back to 2009 and 2010, when the company finally decided not to play along with Chinese demands to censor results from its search engine. But it has intensified in recent months, with access to Google’s search engine almost completely cut, and the closing late last month of a loophole that had allowed many people to access Gmail through third-party mail services.
The move frustrated many Chinese netizens, including students who used Gmail to file their applications to colleges abroad, said William Long, the pen name of a well-known blogger on IT issues, whose article calling the blocking of Gmail a “historical regression” was widely circulated here.
While larger foreign companies spend significant sums on dedicated Internet lines that evade the restrictions, smaller firms are more affected by each tightening of controls. Goldkorn called the disruptions to Gmail “a major inconvenience that has made my business less efficient.”
Last week, Astrill, a popular VPN provider whose service allows people to jump the Great Firewall, told subscribers that its product was no longer working on iPhones and iPads.
The attacks on foreign e-mail and VPN services, it told its clients, were just a way for China to say, “We don’t want you here.” In a second, widely circulated statement, Astrill added, “We know how access to unrestricted Internet is important for you, so our fight with Chinese censors is not over.”
Another provider, Golden Frog, also reported disruptions last week — although other VPN services are working, and Astrill still functions on laptops, albeit intermittently.
In 2012, China temporarily cut VPN access almost entirely, and it has not taken such an extreme step this time; it is unclear whether that is because government officials widely use these services, or because it fears a public backlash.
Either way, last week’s attack on VPN providers provoked protests online, with netizens saying China had “lost the right to mock North Korea,” and complaining that Xi sent his daughter to the United States for an education but blocked his people from accessing information.
“Welcome to the West DPRK,” said one user, referring to the Democratic People’s Republic of Korea.
Frustration also is mounting among foreign business executives. The restrictions “massively slow Internet connection speeds,” and filter out huge amounts of non-illegal content, the European Chamber of Commerce complained last year, affecting the ability of individuals and businesses to conduct research, acting as drag on business, and diminishing quality of life.
China ranks 93rd in the world for peak Internet connection speeds, with connectivity rates less than a quarter of those in Hong Kong, according to a report by cloud computing company Akamai.
The American Chamber of Commerce in China says that “excessive control over email and Internet traffic” affects legitimate business and hampers the sharing of ideas and innovation. “That is not something in China’s best interest,” Chamber Chairman James Zimmerman said.
But it is IT companies in the United States that suffer the most from missed opportunities in China’s booming market. Even those like Microsoft that have tried to play by China’s rules have fallen out of favor here, with Beijing banning the use of Windows 8 on new government computers last year and pressing ahead with plans to develop a rival operating system.
Yet behind the Firewall, Chinese companies including Baidu, Tencent and Alibaba have thrived, drawing in talent and taking their place as some of the world’s biggest Internet firms.
The number of people online rose to nearly 650 million in 2014, many on mobile devices: Hundreds of millions are active on social media. E-commerce is booming, and powering a much-needed rebalancing of the Chinese economy toward domestic consumption. Last year, the sector’s dominant player, Alibaba, staged the largest initial public offering in history, raising $25 billion on Wall Street.
Bill Bishop, editor of the influential Sinocism newsletter, said the “gilded cage” constructed around the Chinese Internet has proved enormously profitable. At the same time, attempts to organize protests through social media have been crushed, and the faintest echo of the Arab Spring silenced.
“From this perspective, where is the problem with the policy?” Bishop asked.
Xu Jing contributed to this report.
Simon Denyer is The Post’s bureau chief in China. He served previously as bureau chief in India and as a Reuters bureau chief in Washington, India and Pakistan.
Users of mobile messaging applications Line and KakaoTalk in mainland China have been unable to access many of the features on the popular services since Tuesday, in the first major service disruption in the country for the companies.
Yahoo Inc.YHOO in Your ValueYour ChangeShort position ‘s Flickr was also inaccessible on Thursday.
Line Corp. and Kakao Corp. said they didn’t know what caused several services available on their platforms to be unavailable to users in China. In an emailed statement, a Yahoo spokeswoman said: “We are aware of reports that Flickr is blocked for users in China and our team is investigating this now.”
The timing of the outage, which began on the evening of July 1 during the pro-democracy march in Hong Kong, could indicate that the Chinese government took steps to limit usage. China’s government often blocks foreign websites and smartphone services during sensitive times, like the recent 25th anniversary of the Tiananmen Square crackdown.
WSJD is the Journal’s home for tech news, analysis and product reviews.
Officials at China’s State Council Information Office didn’t respond to a request for comment.
A Line spokeswoman said she didn’t know when the app would become available again in China. Last month, a Line executive said the Japanese company is planning to expand its presence in China because of the hundreds of millions of potential users in the market.
Sonia Im, a spokeswoman for Kakao Corp., based in Pangyo, South Korea, said that while some features of the messaging platform still worked in China, users there couldn’t add new friends, use certain emoticons or check notices. Ms. Im said the company began receiving user complaints Tuesday evening, but that the stoppage affected the bulk of its Chinese users on Wednesday.
She said the company hoped to restore full functionality to its users as soon as possible, adding that she didn’t know what caused the disruption in service. Kakao has about 140 million registered users, but doesn’t break out its user base by country.
In China, users of Line could see that they had received a message, but couldn’t access the message itself. Mobile-phone users also could download the KakaoTalk app, but couldn’t register.
An application icon for Line’s Internet messaging and calling service. Bloomberg News
While Line isn’t widely used in China, it has proved popular with younger users, many of whom were attracted to the app because of its emoticons, which are called stickers. In Hong Kong, the app is very popular and could have easily been used to share news of the pro-democracy demonstrations in Hong Kong across the border to China. Line said it has more than 400 million registered users, but doesn’t give a breakdown for China.
On local social media, censorship of references to the Hong Kong protests has been severe, even eclipsing blockages carried out during the anniversary of the Tiananmen Square crackdown, according to WeiboScope, a service provided by the University of Hong Kong that tracks censorship.
Many of Google Inc.’s services remain completely inaccessible in China since they were fully blocked last month in what analysts have described as an escalation of China’s attempts to control the flow of information over the Internet and put restrictions on foreign companies.
Since rising to power in 2012, Chinese President Xi Jinping has taken steps to tighten government control over the Internet. Under his leadership, the government has created a new high-profile committee to increase cybersecurity, has warned Internet celebrities with large numbers of followers about spreading rumors online, and has instituted a particularly strong antipornography campaign.
Other popular messaging services, such as WhatsApp, which Facebook Inc. recently agreed to buy, and WeChat, the popular service created by Shenzhen, China-based Tencent Holdings Ltd.0700.HK in Your ValueYour ChangeShort position , were working. Viber, which Japan’s Rakuten Inc. agreed to acquire earlier this year, is working as usual in China, with no reports of connection problems, said a Rakuten spokeswoman.
In May, though, the government announced that WeChat would be more heavily monitored. Saying that instant messaging services were being used to spread “violence, terrorism and pornography,” the agency charged with policing the Internet said it would “firmly fight infiltration from hostile forces at home and abroad,” according to a government statement.
In its heyday, Weibo promised much more. It came to prominence in 2011 after a high-speed rail crash killed 40 people. Weibo users detailed the mayhem and government shortcomings that led to the accident, part of a surge of criticism that prompted the resignation of the railway minister. It was a signal moment in the Internet’s coming of age in China, a reminder of how the medium could challenge even a formidable authoritarian government and one of its most powerful leaders.
British spies employed ‘dirty tricks’ including ‘honey traps’ to trap nations, hackers, terror groups, suspected criminals and arms dealers, according to leaked documents.
The bombshell revelations have been made public through the release of documents taken from the National Security Agency by whistle-blower Edward Snowden.
The Powerpoint slides outline techniques apparently used by the Joint Threat Research and Intelligence Group (JTRIG), a British spy unit whose goal is to ‘destroy, deny, degrade [and] disrupt’ enemies.
British spies employed ‘dirty tricks’ including honey traps’ in a bid to trap nations, hackers, terror groups, suspected criminals and arms dealers
The slides from 2010 and 2012, published by NBC News show that the JTRIG completed their mission by ‘discrediting’ adversaries through misinformation and hacking their communications.
Two main methods of attack detailed in the ‘Effects’ campaigns are cyber operations and propaganda campaigns.
The bombshell revelations have been made public through the release of documents taken from the National Security Agency by whistleblower Edward Snowden
JTRIG, which is part of the NSA’s British counterpart, the cyber spy agency known as GCHQ, used Twitter, Flickr, Facebook and YouTube for deception, mass messaging and ‘pushing stories’.
Another strategy is ‘false flag’ operations – this is when British agents carry out online actions that are designed to look like they were performed by one of Britain’s adversaries.
The main cyber attack is the ‘distributed denial of service’ (DDoS) attack.
This is when computers are taken over by hackers and they bombard a website’s host computers with requests for information causing it to crash – this is a method successfully used by Wikileaks hackers.
Earlier this week it was revealed that JTRIG agents issued their DDoS on Anonymous chat rooms, preventing its users from communicating with one another.
In one case, reported the BBC, agents are said to have tricked a hacker nicknamed P0ke who claimed to have stolen data from the US government. They did this by sending him a link to a BBC article entitled: ‘Who loves the hacktivists?’
Eric King, an attorney who currently teaches IT law at the London School of Economics, told NBC it is ‘remarkable’ that the GCHQ has become so adept at launching DDoS attacks without ‘clear lawful authority,’ particularly because the British government has criticised similar strategies used by other governments.
‘GCHQ has no clear authority to send a virus or conduct cyber-attacks,’ he said. ‘Hacking is one of the most invasive methods of surveillance.’
According to notes on the 2012 documents, a computer virus called Ambassadors Reception was ‘used in a variety of different areas’ and was ‘very effective.’
When sent to adversaries, says the presentation, the virus will ‘encrypt itself, delete all emails, encrypt all files, make [the] screen shake’ and block the computer user from logging on.
One of the ways to block a target communicating reads: ‘Bombard their phone with text messages, bombard their phone with calls, delete their online presence, block up their fax machine.’
The slide details examples of how this was used in Afghanistan including significantly disrupting the Taliban, sending targets a text message ‘every 10 seconds or so’ and ‘calling targets on a regular basis’.
The British cyber spies also used blog posts and information spread via blogs in an operation against Iran.
One of the ways to stop a target communicating reads: ‘Bombard their phone with text messages, bombard their phone with calls, delete their online presence, block up their fax machine’
The same 2012 presentation describes the ‘honey trap’ method of discrediting a target commenting it is ‘very successful’ when it works.
The individual is lured ‘to go somewhere on the internet, or a physical location’ where they are then ‘met by a friendly face.’
It does not give any examples of when the honey trap has been used by British agents, but the same slide also details how ‘paranoia’ can be heightened by changing a target’s photo on a social networking website – the slide reads ‘You have been warned JTRIG is about!’
A programme called ‘Royal Concierge’ took advantage of hotel reservation systems to track the location of foreign diplomats and the slides encourage agents to monitor targets through ‘close access technical operations’.
It also suggests they question ‘Can we influence hotel choice? Can we cancel their visits?’
According to reports in Der Spiegel last year, British intelligence tapped the reservations systems of over 350 top hotels around the world for the past three years to set up the programme.
Using the GCHQ’s SIGINT (signal-intelligence) program it was used to spy on trade delegations, foreign diplomats, and other targets with a taste for the high life.
NBC news reported GCHQ would not comment on the newly published documents or on JTRIG’s operations.
In a statement it told them: ‘All of GCHQ’s work is carried out in accordance with a strict legal and policy framework,’ said the statement, ‘which ensure[s] that our activities are authorized, necessary and proportionate, and that there is rigorous oversight, including from the Secretary of State, the Interception and Intelligence Services Commissioners and the Parliamentary Intelligence and Security Committee. All of our operational processes rigorously support this position.’
US and UK spy agencies piggyback on commercial data
Details can include age, location and sexual orientation
Documents also reveal targeted tools against individual phones
By James Ball
GCHQ documents use Angry Birds – reportedly downloaded more than 1.7bn times – as a case study for app data collection.
The National Security Agency and its UK counterpart GCHQ have been developing capabilities to take advantage of “leaky” smartphone apps, such as the wildly popular Angry Birds game, that transmit users’ private information across the internet, according to top secret documents.
The data pouring onto communication networks from the new generation of iPhone and Android apps ranges from phone model and screen size to personal details such as age, gender and location. Some apps, the documents state, can share users’ most sensitive information such as sexual orientation – and one app recorded in the material even sends specific sexual preferences such as whether or not the user may be a swinger.
Many smartphone owners will be unaware of the full extent this information is being shared across the internet, and even the most sophisticated would be unlikely to realise that all of it is available for the spy agencies to collect.
Dozens of classified documents, provided to the Guardian by whistleblower Edward Snowden and reported in partnership with the New York Times and ProPublica, detail the NSA and GCHQ efforts to piggyback on this commercial data collection for their own purposes.
Scooping up information the apps are sending about their users allows the agencies to collect large quantities of mobile phone data from their existing mass surveillance tools – such as cable taps, or from international mobile networks – rather than solely from hacking into individual mobile handsets.
Exploiting phone information and location is a high-priority effort for the intelligence agencies, as terrorists and other intelligence targets make substantial use of phones in planning and carrying out their activities, for example by using phones as triggering devices in conflict zones. The NSA has cumulatively spent more than $1bn in its phone targeting efforts.
The disclosures also reveal how much the shift towards smartphone browsing could benefit spy agencies’ collection efforts.
One slide from a May 2010 NSA presentation on getting data from smartphones – breathlessly titled “Golden Nugget!” – sets out the agency’s “perfect scenario”: “Target uploading photo to a social media site taken with a mobile device. What can we get?”
The question is answered in the notes to the slide: from that event alone, the agency said it could obtain a “possible image”, email selector, phone, buddy lists, and “a host of other social working data as well as location”.
In practice, most major social media sites, such as Facebook and Twitter, strip photos of identifying location metadata (known as EXIF data) before publication. However, depending on when this is done during upload, such data may still, briefly, be available for collection by the agencies as it travels across the networks.
Depending on what profile information a user had supplied, the documents suggested, the agency would be able to collect almost every key detail of a user’s life: including home country, current location (through geolocation), age, gender, zip code, martial status – options included “single”, “married”, “divorced”, “swinger” and more – income, ethnicity, sexual orientation, education level, and number of children.
The agencies also made use of their mobile interception capabilities to collect location information in bulk, from Google and other mapping apps. One basic effort by GCHQ and the NSA was to build a database geolocating every mobile phone mast in the world – meaning that just by taking tower ID from a handset, location information could be gleaned.
A more sophisticated effort, though, relied on intercepting Google Maps queries made on smartphones, and using them to collect large volumes of location information.
So successful was this effort that one 2008 document noted that “[i]t effectively means that anyone using Google Maps on a smartphone is working in support of a GCHQ system.”
The information generated by each app is chosen by its developers, or by the company that delivers an app’s adverts. The documents do not detail whether the agencies actually collect the potentially sensitive details some apps are capable of storing or transmitting, but any such information would likely qualify as content, rather than metadata.
Data collected from smartphone apps is subject to the same laws and minimisation procedures as all other NSA activity – procedures that the US president, Barack Obama, suggested may be subject to reform in a speech 10 days ago. But the president focused largely on the NSA’s collection of the metadata from US phone calls and made no mention in his address of the large amounts of data the agency collects from smartphone apps.
The latest disclosures could also add to mounting public concern about how the technology sector collects and uses information, especially for those outside the US, who enjoy fewer privacy protections than Americans. A January poll for the Washington Post showed 69% of US adults were already concerned about how tech companies such as Google used and stored their information.
The documents do not make it clear how much of the information that can be taken from apps is routinely collected, stored or searched, nor how many users may be affected. The NSA says it does not target Americans and its capabilities are deployed only against “valid foreign intelligence targets”.
The documents do set out in great detail exactly how much information can be collected from widely popular apps. One document held on GCHQ’s internal Wikipedia-style guide for staff details what can be collected from different apps. Though it uses Android apps for most of its examples, it suggests much of the same data could be taken from equivalent apps on iPhone or other platforms.
The GCHQ documents set out examples of what information can be extracted from different ad platforms, using perhaps the most popular mobile phone game of all time, Angry Birds – which has reportedly been downloaded more than 1.7bn times – as a case study.
From some app platforms, relatively limited, but identifying, information such as exact handset model, the unique ID of the handset, software version, and similar details are all that are transmitted.
Other apps choose to transmit much more data, meaning the agency could potentially net far more. One mobile ad platform, Millennial Media, appeared to offer particularly rich information. Millennial Media’s website states it has partnered with Rovio on a special edition of Angry Birds; with Farmville maker Zynga; with Call of Duty developer Activision, and many other major franchises.
Rovio, the maker of Angry Birds, said it had no knowledge of any NSA or GCHQ programs looking to extract data from its apps users.
“Rovio doesn’t have any previous knowledge of this matter, and have not been aware of such activity in 3rd party advertising networks,” said Saara Bergström, Rovio’s VP of marketing and communications. “Nor do we have any involvement with the organizations you mentioned [NSA and GCHQ].”
Millennial Media did not respond to a request for comment.
In December, the Washington Post reported on how the NSA could make use of advertising tracking files generated through normal internet browsing – known as cookies – from Google and others to get information on potential targets.
However, the richer personal data available to many apps, coupled with real-time geolocation, and the uniquely identifying handset information many apps transmit give the agencies a far richer data source than conventional web-tracking cookies.
“They are gathered in bulk, and are currently our single largest type of events,” the document stated.
The ability to obtain targeted intelligence by hacking individual handsets has been well documented, both through several years of hacker conferences and previous NSA disclosures in Der Spiegel, and both the NSA and GCHQ have extensive tools ready to deploy against iPhone, Android and other phone platforms.
GCHQ’s targeted tools against individual smartphones are named after characters in the TV series The Smurfs. An ability to make the phone’s microphone ‘hot’, to listen in to conversations, is named “Nosey Smurf”. High-precision geolocation is called “Tracker Smurf”, power management – an ability to stealthily activate an a phone that is apparently turned off – is “Dreamy Smurf”, while the spyware’s self-hiding capabilities are codenamed “Paranoid Smurf”.
Those capability names are set out in a much broader 2010 presentation that sheds light on spy agencies’ aspirations for mobile phone interception, and that less-documented mass-collection abilities.
The cover sheet of the document sets out the team’s aspirations:
Another slide details weak spots in where data flows from mobile phone network providers to the wider internet, where the agency attempts to intercept communications. These are locations either within a particular network, or international roaming exchanges (known as GRXs), where data from travellers roaming outside their home country is routed.
These are particularly useful to the agency as data is often only weakly encrypted on such networks, and includes extra information such as handset ID or mobile number – much stronger target identifiers than usual IP addresses or similar information left behind when PCs and laptops browse the internet.
The NSA said its phone interception techniques are only used against valid targets, and are subject to stringent legal safeguards.
“The communications of people who are not valid foreign intelligence targets are not of interest to the National Security Agency,” said a spokeswoman in a statement.
“Any implication that NSA’s foreign intelligence collection is focused on the smartphone or social media communications of everyday Americans is not true. Moreover, NSA does not profile everyday Americans as it carries out its foreign intelligence mission. We collect only those communications that we are authorized by law to collect for valid foreign intelligence and counterintelligence purposes – regardless of the technical means used by the targets.
“Because some data of US persons may at times be incidentally collected in NSA’s lawful foreign intelligence mission, privacy protections for US persons exist across the entire process concerning the use, handling, retention, and dissemination of data. In addition, NSA actively works to remove extraneous data, to include that of innocent foreign citizens, as early as possible in the process.
“Continuous and selective publication of specific techniques and tools lawfully used by NSA to pursue legitimate foreign intelligence targets is detrimental to the security of the United States and our allies – and places at risk those we are sworn to protect.”
The NSA declined to respond to a series of queries on how routinely capabilities against apps were deployed, or on the specific minimisation procedures used to prevent US citizens’ information being stored through such measures.
GCHQ declined to comment on any of its specific programs, but stressed all of its activities were proportional and complied with UK law.
“It is a longstanding policy that we do not comment on intelligence matters,” said a spokesman.
“Furthermore, all of GCHQ’s work is carried out in accordance with a strict legal and policy framework that ensures that our activities are authorised, necessary and proportionate, and that there is rigorous oversight, including from the Secretary of State, the Interception and Intelligence Services Commissioners and the Parliamentary Intelligence and Security Committee. All our operational processes rigorously support this position.”
• A separate disclosure on Wednesday, published by Glenn Greenwald and NBC News, gave examples of how GCHQ was making use of its cable-tapping capabilities to monitor YouTube and social media traffic in real-time.
GCHQ’s cable-tapping and internet buffering capabilities , codenamed Tempora, were disclosed by the Guardian in June, but the new documents published by NBC from a GCHQ presentation titled “Psychology: A New Kind of SIGDEV” set out a program codenamed Squeaky Dolphin which gave the British spies “broad real-time monitoring” of “YouTube Video Views”, “URLs ‘Liked’ on Facebook” and “Blogspot/Blogger Visits”.
A further slide noted that “passive” – a term for large-scale surveillance through cable intercepts – give the agency “scalability”.
The means of interception mean GCHQ and NSA could obtain data without any knowledge or co-operation from the technology companies. Spokespeople for the NSA and GCHQ told NBC all programs were carried out in accordance with US and UK law.
When a smartphone user opens Angry Birds, the popular game application, and starts slinging birds at chortling green pigs, spies may be lurking in the background to snatch data revealing the player’s location, age, sex and other personal information, according to secret British intelligence documents.
In their globe-spanning surveillance for terrorism suspects and other targets, the National Security Agency and its British counterpart have been trying to exploit a basic byproduct of modern telecommunications: With each new generation of mobile phone technology, ever greater amounts of personal data pour onto networks where spies can pick it up.
According to dozens of previously undisclosed classified documents, among the most valuable of those unintended intelligence tools are so-called leaky apps that spew everything from users’ smartphone identification codes to where they have been that day.
The N.S.A. and Britain’s Government Communications Headquarters were working together on how to collect and store data from dozens of smartphone apps by 2007, according to the documents, provided by Edward J. Snowden, the former N.S.A. contractor. Since then, the agencies have traded recipes for grabbing location and planning data when a target uses Google Maps, and for vacuuming up address books, buddy lists, phone logs and the geographic data embedded in photos when someone sends a post to the mobile versions of Facebook, Flickr, LinkedIn, Twitter and other services.
The eavesdroppers’ pursuit of mobile networks has been outlined in earlier reports, but the secret documents, shared by The New York Times, The Guardian and ProPublica, offer far more details of their ambitions for smartphones and the apps that run on them. The efforts were part of an initiative called “the mobile surge,” according to a 2011 British document, an analogy to the troop surges in Iraq and Afghanistan. One N.S.A. analyst’s enthusiasm was evident in the breathless title — “Golden Nugget!” — given to one slide for a top-secret 2010 talk describing iPhones and Android phones as rich resources, one document notes.
The scale and the specifics of the data haul are not clear. The documents show that the N.S.A. and the British agency routinely obtain information from certain apps, particularly some of those introduced earliest to cellphones. With some newer apps, including Angry Birds, the agencies have a similar capability, the documents show, but they do not make explicit whether the spies have put that into practice. Some personal data, developed in profiles by advertising companies, could be particularly sensitive: A secret 2012 British intelligence document says that spies can scrub smartphone apps that contain details like a user’s “political alignment” and sexual orientation.
President Obama announced new restrictions this month to better protect the privacy of ordinary Americans and foreigners from government surveillance, including limits on how the N.S.A. can view “metadata” of Americans’ phone calls — the routing information, time stamps and other data associated with calls. But he did not address the avalanche of information that the intelligence agencies get from leaky apps and other smartphone functions.
And while he expressed concern about advertising companies that collect information on people to send tailored ads to their mobile phones, he offered no hint that American spies routinely seize that data. Nothing in the secret reports indicates that the companies cooperate with the spy agencies to share the information; the topic is not addressed.
The agencies have long been intercepting earlier generations of cellphone traffic like text messages and metadata from nearly every segment of the mobile network — and, more recently, computer traffic running on Internet pipelines. Because those same networks carry the rush of data from leaky apps, the agencies have a ready-made way to collect and store this new resource. The documents do not address how many users might be affected, whether they include Americans, or how often, with so much information collected automatically, analysts would see personal data.
“N.S.A. does not profile everyday Americans as it carries out its foreign intelligence mission,” the agency said in a written response to questions about the program. “Because some data of U.S. persons may at times be incidentally collected in N.S.A.’s lawful foreign intelligence mission, privacy protections for U.S. persons exist across the entire process.” Similar protections, the agency said, are in place for “innocent foreign citizens.”
The British spy agency declined to comment on any specific program, but said all its activities complied with British law.
Two top-secret flow charts produced by the British agency in 2012 show incoming streams of information skimmed from smartphone traffic by the Americans and the British. The streams are divided into “traditional telephony” — metadata — and others marked “social apps,” “geo apps,” “http linking,” webmail, MMS and traffic associated with mobile ads, among others. (MMS refers to the mobile system for sending pictures and other multimedia, and http is the protocol for linking to websites.)
In charts showing how information flows from smartphones into the agency’s computers, analysts included questions to be answered by the data, including “Where was my target when they did this?” and “Where is my target going?”
As the program accelerated, the N.S.A. nearly quadrupled its budget in a single year, to $767 million in 2007 from $204 million, according to a top-secret Canadian analysis written around the same time.
Even sophisticated users are often unaware of how smartphones offer a unique opportunity for one-stop shopping for information about them. “By having these devices in our pockets and using them more and more,” said Philippe Langlois, who has studied the vulnerabilities of mobile phone networks and is the founder of the Paris-based company Priority One Security, “you’re somehow becoming a sensor for the world intelligence community.”
Smartphones almost seem to make things too easy. Functioning as phones — making calls and sending texts — and as computers — surfing the web and sending emails — they generate and also rely on data. One secret report shows that just by updating Android software, a user sent more than 500 lines of data about the phone’s history and use onto the network.
Such information helps mobile ad companies, for example, create detailed profiles of people based on how they use their mobile device, where they travel, what apps and websites they open, and other factors. Advertising firms might triangulate web shopping data and browsing history to guess whether someone is wealthy or has children, for example.
The N.S.A. and the British agency busily scoop up this data, mining it for new information and comparing it with their lists of intelligence targets.
One secret 2010 British document suggests that the agencies collect such a huge volume of “cookies” — the digital traces left on a mobile device or a computer when a target visits a website — that classified computers were having trouble storing it all.
“They are gathered in bulk, and are currently our single largest type of events,” the document says.
The two agencies displayed a particular interest in Google Maps, which is accurate to within a few yards or better in some locations. Intelligence agencies collect so much data from the app that “you’ll be able to clone Google’s database” of global searches for directions, according to a top-secret N.S.A. report from 2007.
“It effectively means that anyone using Google Maps on a smartphone is working in support of a G.C.H.Q. system,” a secret 2008 report by the British agency says.
(In December, The Washington Post, citing the Snowden documents, reported that the N.S.A. was using metadata to track cellphone locations outside the United States and was using ad cookies to connect Internet addresses with physical locations.)
In another example, a secret 20-page British report dated 2012 includes the computer code needed for plucking the profiles generated when Android users play Angry Birds. The app was created by Rovio Entertainment, of Finland, and has been downloaded more than a billion times, the company has said.
Rovio drew public criticism in 2012 when researchers claimed that the app was tracking users’ locations and gathering other data and passing it to mobile ad companies. In a statement on its website, Rovio says that it may collect its users’ personal data, but that it abides by some restrictions. For example, the statement says, “Rovio does not knowingly collect personal information from children under 13 years of age.”
The secret report noted that the profiles vary depending on which of the ad companies — which include Burstly and Google’s ad services, two of the largest online advertising businesses — compiles them. Most profiles contain a string of characters that identifies the phone, along with basic data on the user like age, sex and location. One profile notes whether the user is currently listening to music or making a call, and another has an entry for household income.
Google declined to comment for this article, and Burstly did not respond to multiple requests for comment. Saara Bergstrom, a Rovio spokeswoman, said that the company had no knowledge of the intelligence programs. “Nor do we have any involvement with the organizations you mentioned,” Ms. Bergstrom said, referring to the N.S.A. and the British spy agency.
Another ad company creates far more intrusive profiles that the agencies can retrieve, the report says. The apps that generate those profiles are not identified, but the company is named as Millennial Media, which has its headquarters in Baltimore.
In securities filings, Millennial documented how it began working with Rovio in 2011 to embed ad services in Angry Birds apps running on iPhones, Android phones and other devices.
According to the report, the Millennial profiles contain much of the same information as the others, but several categories listed as “optional,” including ethnicity, marital status and sexual orientation, suggest that much wider sweeps of personal data may take place.
Millennial Media declined to comment for this article.
Possible categories for marital status, the secret report says, include single, married, divorced, engaged and “swinger”; those for sexual orientation are straight, gay, bisexual and “not sure.” It is unclear whether the “not sure” category exists because so many phone apps are used by children, or because insufficient data may be available.
There is no explanation of precisely how the ad company defined the categories, whether users volunteered the information, or whether the company inferred it by other means. Nor is there any discussion of why all that information would be useful for marketing — or intelligence.
The agencies have had occasional success — at least by their own reckoning — when they start with something closer to a traditional investigative tip or lead. The spies say that tracking smartphone traffic helped break up a bomb plot by Al Qaeda in Germany in 2007, and the N.S.A. bragged that to crack the plot, it wove together mobile data with emails, log-ins and web traffic. Similarly, mining smartphone data helped lead to arrests of members of a drug cartel hit squad for the 2010 murder of an employee of an American Consulate in Mexico.
But the data, whose volume is soaring as mobile devices have begun to dominate the technological landscape, is a crushing amount of information for the spies to sift through. As smartphone data builds up in N.S.A. and British databases, the agencies sometimes seem a bit at a loss on what to do with it all, the documents show. A few isolated experiments provide hints as to how unwieldy it can be.
In 2009, the American and British spy agencies each undertook a brute-force analysis of a tiny sliver of their cellphone databases. Crunching just one month of N.S.A. cellphone data, a secret report said, required 120 computers and turned up 8,615,650 “actors” — apparently callers of interest. A similar run using three months of British data came up with 24,760,289 actors.
“Not necessarily straightforward,” the report said of the analysis. The agencies’ extensive computer operations had trouble sorting through the slice of data. Analysts were “dealing with immaturity,” the report said, encountering computer memory and processing problems. The report made no mention of anything suspicious in the enormous lumps of data.
Hackers posted a picture of North Korean leader Kim Jong Un portrayed as a pig on the country’s official flickr account today.
The account and the official Uriminzokkiri Twitter account were apparently hacked today as tensions in the Korean Peninsula continued to rise.
The North’s Uriminzokkiri Twitter and Flickr accounts stopped sending out content typical of that posted by the regime in Pyongyang, such as photos of North’s leader Kim Jong Un meeting with military officials.
.This picture of Kim Jong Un as a pig appeared on the official Flickr page after activists hacked the account
Instead, a picture posted today showed Kim’s face with a pig-like snout and a drawing of Mickey Mouse on his chest.
Underneath, text read: ‘Threatening world peace with ICBMs and Nuclear weapons/Wasting money while his people starve to death.’
The mocked-up Wanted poster included a $1million ‘bounty’ placed on Kim and accusations of ‘human rights violations’.
Another posting says ‘We are Anonymous’ in white letters against a black background.
Anonymous is a name of a hacker activist group. A statement purporting to come from the attackers and widely circulated online said that they had compromised 15,000 user records hosted on Uriminzokkiri.com and other websites.
The images have since been taken down but the Twitter account stills appears to be hacked.
Tweets on the North’s Twitter account said ‘Hacked’ followed by a link to North Korea-related websites. One tweet said ‘Tango Down’ followed by a link to the North’s Flickr page.
Tweets the Uriminzokkiri Twitter account said ‘Hacked’ with a link to the Flickr page
North Korea opened its Twitter account in 2010. It has more than 13,000 followers. The North uses the social media to praise its system and leaders and also to repeat commentaries sent out by North’s official Korean Central News Agency.
Anonymous have previously been accused of a number of planned cyber-attacks government websites across the world.
One of their biggest coups was to secretly record a conference call between U.S. and British cyber investigators tasked with bringing the group to justice.
Kim Jong Un has been ratcheting up tensions on the Korean Peninsula in recent days.
North Korea warned today that ‘the moment of explosion is near’ as it declared that troops have been cleared to attack the U.S. using ‘smaller, lighter and diversified’ nuclear weapons.
The rogue state has moved a missile with a range of 3,000km (1,800m) to its east coast – within range of Japan – and claimed it would be ‘merciless’ against its enemies.
Kim Jong Un’s dramatic deployment came after the U.S. announced it was sending ballistic missile defences to Guam – the tiny Pacific Island on a list of possible targets for attack including Hawaii.
Here are 16 social media stats that stood out to me as particularly insightful for Catholics and our Church:
1)“By 2010 Gen Y will outnumber Baby Boomers…96% of them have joined a social network.” Are we meeting them where they’re at?
2)“Social Media has overtaken porn as the #1 activity on the Web.”
3)“1 out of 8 couples married in the U.S. last year met via social media.”
4)“If Facebook were a country it would be the world’s 4th largest.” Do we need an “Archdiocese of Facebook”? :-)
By Matthew Warner
5)“On average, online students out perform those receiving face-to-face instruction.” Is the Church teaching online as much as we could?
6)“80% of companies use LinkedIn as a primary tool to find employees.” Still looking for a job anyone? How about is your parish using LinkedIn to find the most qualified and passionate employees?
7)“What happens in Vegas stays on YouTube, Flickr, Twitter, Facebook, etc.” Thank goodness for the confessional.
8)“Wikipedia has over 13 million articles…some studies show it’s more accurate than Encyclopedia Britannica.” Have Catholics been writing these articles? Contributing to them? Making sure they are correct?
9)“There are over 200,000,000 Blogs.” How many of them are Catholic?
10)“Facebook USERS translated the site from English to Spanish via a Wiki in less than 4 weeks and cost Facebook $0.” How can the Catholic Church or the parish accomplish such feats on limited budgets?
11)“78% of consumers trust peer recommendations.” How many peers are recommending the Catholic Church on social media?
12)“25% of Americans in the past month said they watched a short video…on their phone.” Is the Church doing enough to create these videos? And to create them well?
13)“35% of book sales on Amazon are for the Kindle when available.” How many of our great Catholic treasures (books) have been digitized and made available on the Kindle and other electronic formats?
14)“24 of the 25 largest newspapers are experiencing record declines in circulation because we no longer search for the news, the news finds us.” Are we as a Church going out and finding people? Or are we just waiting for people to find us?
15)“More than 1.5 million pieces of content (web links, news stories, blog posts, notes, photos, etc.) are shared on Facebook…daily.” How many of them reflect the Gospel? How many share the fullness of Truth?
16)“Successful companies in social media act more like Dale Carnegie and less like David Ogilvy – listening first, selling second.” Is the Catholic Church present enough in social media to be listening? And are we listening first?
For the next generation, the social web is defining sex, marriage and family. The Church must be a force there. The social web is on the cutting edge of education and communication. The Church must be on that edge. The social web is developing the language that future generations will speak. The Church must speak it fluently. Social media is changing the world. The Church must be fully present there to help guide that change.
Matthew Warner is a lover of God, his wife, his kids, his life, cookies, hot-buttered bread, snoozin’ & awkward (as well as not awkward) silence. He is the founder and CEO of Flocknote, the creator of Tweet Catholic, a contributing author to The Church and New Media book, and the purveyor of his popular blog, Fallible Blogma. Matt has a B.S. in Electrical Engineering from Texas A&M and an M.B.A. in Entrepreneurship. He and his family hang their hats in Texas.