The German government is spying on computer users in its country with a trojan horse program without their consent, a German hacker group claims.
The Chaos Computer Club (CCC), claims on its website that it has obtained and analyzed software that is ostensibly a âlawful interceptionâ program designed to legally listen in on internet-based phone calls as part of a legal wiretap. Its capabilities, the group says, go beyond legally acceptable bounds, MSNBC is reporting.
The program is capable of logging keystrokes, activating Webcams, monitoring Web usersâ activities and sending mountains of data to government officials, the club said.
Covering its tracks, through rented servers located in the United States, the program logs keystrokes, activates webcams, monitors internet activities and sends data to government officials, the club alleges.
However, the CCC said, the spyware appeared to be of poor quality and dubious application. âWe are extremely pleased that a competent programming expert couldnât be found for this computer bug of morally questionable use,â the CCC said in statement and reprinted by thelocal.de.
Focusing on IT security issues, CCC expressed concern that the program did not provide even basic protection for the data it took from peopleâs computers, reports The Local, an English-language German news outlet.
No one from the German government has commented on the report, but antivirus companies are reacting to them. Security firm F-Secure will detect and disable the alleged government monitoring software if found on clientsâ computers.
âYes, it is possible the Trojan found by CCC is written by the German government. We just canât confirm that,â said Mikko Hypponen, F-Secureâs chief technology officer, via Twitter and quoted by MSNBC. âWe do not know who created this back door and what it was used for, (but) we have no reason to suspect CCCâs findings.â
CCC criticized security measures by programmers of the alleged spyware. Shoddy encryption allows a malicious third-party to possibly intercept the government communications, or take control of government-infected machines, it said.
âThis complete control over the infected PC â owing to the poor craftsmanship that went into this trojan â is open not just to the agency that put it there, but to everyone,â the club said. âThe security level this trojan leaves the infected systems in is comparable to it setting all passwords to â1234.â â
â(This) puts the whole rationale for this method of investigation into question,â the club said.
Software companies offering antivirus programs have long said they would detect and disable any such government-monitoring software found on usersâ machines. Still, the firm said it has not yet faced a direct confrontation with a government agency over the policy.
âWe have never before analyzed a sample that has been suspected to be governmental back door,â it said Saturday. âWe have also never been asked by any government to avoid detecting their back doors.â
The Chaos Computer Club used the announcement to make a plea for less electronic monitoring by government departments. âThe (government) should put an end to the ever-growing expansion of computer spying that has been getting out of hand in recent years, and finally come up with an unambiguous definition for the digital privacy sphere and with a way to protect it effectively,â it said.
âUnfortunately, for too long the (government) has been guided by demands for technical surveillance, not by values like freedom or the question of how to protect our values in a digital world. It is now obvious that he is no longer able to oversee the technology, let alone control it.â
A Syrian-born US citizen has been charged with spying on anti-Assad protesters and handing recordings to Syrian intelligence in a bid to silence the opposition, US officials said Wednesday.
A federal grand jury charged Mohamad Anas Haitham Soueid, 47, on October 5 with six counts for spying on activists in the United States and Syria opposed to Syrian President Bashar al-Assad’s regime. He was arrested Tuesday.
The Leesburg, Virginia man was charged with conspiracy and acting as a Syrian government agent in the United States. He was also charged with two counts of providing false statements on a firearms purchase form and two counts of providing false statements to federal law enforcement.
The White House accused the Assad government of a “desperate effort” to monitor protestors in the United States and of grasping for ways to silence those speaking out against its “brutal” crackdown on protests.
“The regime’s efforts to monitor and silence protestors here in the United States will do nothing to satisfy men and women in Syria who are yearning for democracy and freedom,” said National Security Council spokesman Tommy Vietor.
“As long as Assad remains in power, we will continue working in concert with our international allies around the world to increase pressure on him and his regime until he steps down.”
The allegations were swiftly and vehemently denied by the Syrian embassy however, which said they were a “campaign of distortion and fabrications.”
“Neither Mr. Soueid nor any other citizen of the US is an agent of the Syrian government,” the embassy said in a statement.
“Contrary to the statement of the Department of Justice, Mr. Soueid is not an agent of any Syrian institution; he never worked under directions or control of any Syrian official,” it said.
The accusations, the embassy added, were “absolutely baseless and totally unacceptable.”
It also denied the Syrian government had paid travel expenses or any kinds of funds to Soueid, and rejected the notion that he had met privately with Assad.
The charges come amid escalating tensions between Damascus and Washington over the Syrian government’s months-long bloody crackdown on pro-democracy protests.
In July, top State Department officials summoned Syrian Ambassador Imad Mustapha to discuss reports that embassy staff had filmed “peaceful” US protests against the Syrian regime.
Rights group Amnesty International issued a statement applauding US officials for acting on “the numerous credible allegations of abuse brought forward by Syrian activists” in the United States.
Amnesty’s Syria researcher Neil Sammonds said the arrest “sends a message that the Syrian government’s crackdown on opposition has its limits.”
As part of his conspiracy, Soueid and others intended to “undermine, silence, intimidate and potentially harm persons in the United States and Syria who protested against the government of Syria and President al-Assad, all at the direction and control of the government of Syria and Syrian officials,” the indictment said.
Soueid was said to have ordered individuals to make audio and video recordings of protests in both countries and of conversations with activists that he would then pass on to Syrian intelligence agents.
From about April 2 to June 10, Soueid emailed a Syrian intelligence agent about 20 audio and video recordings taped in the United States, according to the indictment.
“We’re in his ring now, (very) important details I have for you,” Soueid wrote in an April 6 email to a Syrian embassy official that included a link to a website for protesters in the United States.
During a late June-early July trip to Syria paid for by the government, Soueid was said to have met with Assad and spoken with him in private.
But when questioned by FBI agents around August 3, Soueid denied he had ever recorded or collected information on people in the United States and or shared any such data with Syrian government officials.
If convicted, he faces up to 15 years in prison on the spying charges, 15 years for the firearms charge and 10 years for making false statements to federal investigators.
A day after a top American lawmaker accused China of exercising “an intolerable level” of espionage in the U.S., Russia’s spy service announced it has detained a Chinese national for allegedly attempting to steal secrets about a Russian missile system.
While the accusations out of the U.S. primarily refer to cyber intrusions of American corporations, the Russian government is accusing China of an old standby in the tradecraft playbook: outright bribery.
WASHINGTON (AP) â Young people are having a harder time keeping their profile pages and email accounts secure, and though many treat hacking or spying as a joke, nearly half who have been victims were upset by it.
An Associated Press-MTV poll finds 3 in 10 teens and young adults have had people log on to their Facebook, Twitter, MySpace or other Internet accounts and either impersonate or spy on them. That’s nearly double the level seen in 2009.
The poll found solid majorities saying they knew who was behind it: 72 percent for spying, 65 percent for hacking.
Richard Lindenfelzer, 20, says it’s happened to him, but it was just a joke.
Sometimes when he walks away and leaves his laptop logged into Facebook, a roommate seizes the opportunity to fiddle with Lindenfelzer’s page, writing silly things about love interests or potty humor.
“It’s meant to be funny,” said Lindenfelzer, a junior at Ithaca College in New York. “It’s supposed to be obvious that this is something I would never say.”
The same thing happened to recent college graduate Emily Feldhake of Pickford, Mich.
The 22-year-old had used a friend’s laptop and closed the browser but hadn’t logged out. Her friend took some humorous jabs at her on her Facebook page. Not upset, she said: “I knew who it was. It was my friend and I was the one who stayed logged on.”
But sometimes the hacking can be malicious.
Courtney Eisenbraun of Saint Francis, Minn., is among the 46 percent of young people left upset by a hacking experience.
The 15-year-old says she was at practice for her high school dance team when she got a text from her sister checking to see if the 10th-grader was on Facebook. The teen’s status had been changed to say something inappropriate about girls in showers.
She says she doesn’t share her password with friends but assumes it was someone in her grade because they knew who her friends were and also posted things on their Facebook pages, pretending to be her.
“I was really confused about how they got my password,” she said. “I felt violated.”
Eisenbraun changed her password right away, and changes it often now. She hasn’t had another problem.
In the AP-MTV poll, two-thirds of those who had been hacked said at some point they’ve changed their email, instant messaging or social networking password in response to digital abuse. Forty-six percent have altered their email address, screen name or phone number, and 25 percent have deleted a social networking profile.
Josie Burris, 16, says she’s shared her Facebook password with her best friend as well as her boyfriend. Once, she spied on her boyfriend’s page to peek at his private messages and see what he was up to. He’s also spied on her private messages, she said.
“I don’t care. I’ve done it to him. He’s done it to me,” said Burris, a junior in high school who lives in Ridgeland, S.C.
She says her parents are on Facebook, too, but she doesn’t worry about them spying on her.
“I make sure I don’t put anything bad on there,” she said, but added: “Old people shouldn’t have Facebook. I firmly believe in that.”
Child safety advocates, though, say parents should be on Facebook. They don’t suggest spying, but they do say parents need to know where their kids are going online and, most importantly, they need to talk with their children about being responsible online.
Marsali Hancock at the Internet Keep Safe Coalition says children who grow up thinking they’re sending confidential messages are misled.
“It’s never private,” says Hancock, president of the coalition. “So the parents who actually check in, even just randomly every now and then, really help their child to recognize that everything can be viewed and tracked and stored and moved around.”
Of the young people who said they had been hacked, the AP-MTV poll found that about 7 in 10 said they had considered that their words or pictures could be shared without permission, compared with just over half of those who had not been hacked.
The Associated Press-MTV poll on digital abuse was conducted online Aug. 18-31 and is based on 1,355 interviews (631 teens ages 14-17 and 724 young adults ages 18-24). It was part of an MTV campaign, “A Thin Line,” aiming to stop the spread of digital abuse.
The survey was conducted by Knowledge Networks, which used traditional telephone and mail sampling methods to randomly recruit respondents. People selected who had no Internet access were given it for free. The margin of sampling error for the poll is plus or minus 3.8 percentage points.
___
Associated Press Polling Director Trevor Tompson, Deputy Polling Director Jennifer Agiesta and News Survey Specialist Dennis Junius contributed to this report.
Get caught spying on your kid and thatâs when the consequences get really serious.
Thatâs the pitch behind Safetyweb.com, a new subscription service that, according to a news release, is âa new way for parents to monitor their childrenâs online activity without spying!â For $10 a month, the site will flag parents for everything from too much texting during school hours to offensive language on a Facebook page.
Iâm not exactly sure how being notified of your childâs every online activity isnât spying, but the real question for me is: Why is spying on your kids a bad thing?