Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?

Hacking Team Manuals: Sobering Reminder That Privacy is Elusive 37

Advocatus Diaboli writes with a selection from The Intercept describing instructions for commercial spyware sold by Italian security firm Hacking Team. The manuals describe Hacking Team's software for government technicians and analysts, showing how it can activate cameras, exfiltrate emails, record Skype calls, log typing, and collect passwords on targeted devices. They also catalog a range of pre-bottled techniques for infecting those devices using wifi networks, USB sticks, streaming video, and email attachments to deliver viral installers. With a few clicks of a mouse, even a lightly trained technician can build a software agent that can infect and monitor a device, then upload captured data at unobtrusive times using a stealthy network of proxy servers, all without leaving a trace. That, at least, is what Hacking Team's manuals claim as the company tries to distinguish its offerings in the global marketplace for government hacking software. (Here are the manuals themselves.)
This discussion has been archived. No new comments can be posted.

Hacking Team Manuals: Sobering Reminder That Privacy is Elusive

Comments Filter:
  • Let's use them to evade the spies, and spy back on them.

    • by Anonymous Coward

      When "how we snoop on you" stuff comes to light take it as advisement but don't trust it

      Kinda like those anarchist cookbooks that include instructions that, if followed, lead to said anarchist blowing themselves up

    • by TheCarp ( 96830 ) <> on Thursday October 30, 2014 @12:30PM (#48270155) Homepage

      You know, that is not the worst idea...better though, make it backfire.

      So a stealthy network of proxies? So that means J Random Hacker is indistinguishable from Agent Bob?

      Use this against Mayors, DAs, Governors, State legislators, State Reps, Police chiefs.... and release not a drop of the information found, instead....just make sure you eventually get discovered and the full extent of it gets exposed.

      Then without a leaking group taking responsibility, blame will be tossed around, and nobody using such tools or even suspected of using them will be able to fully shake the blame.

      • ...make it backfire.

        That's the idea. When ol' boy punches up the video, expecting to see the secret terrorist operation, instead gets a video of him engaging in some, uh... "rough sex" with the maid.

        Hey, mister, you got any pictures of your wife naked?
        Wanna buy some?

        • by TheCarp ( 96830 )

          That's not so much what I was thinking.

          My thought was more like the Merkle incident. A friend of mine, with much snark, pointed out that it was funny how some of the very same people who defended mass surveillance suddenly changed their tune when it was someone with a name, a "real person"

          The american people are not a "real person". The public is just an abstract collection. Merkle is a real make sure it happens to lots and lots of people who they see as "real people". Make them all outraged.

  • Sounds like fluffery. "We can do anything; we're the best!"

  • PDF page 10 or manual page viii.

    Top of the page.

    Console section that reports all user and system actions. Used to monitor abuse of RCS.

    Even the manual assumes the system will be abused. Any doublespeak marketer would have changed the work 'abuse' to 'use' .
    Obviously they are already marketing the system to be abused be governments/law enforcers.

  • ...does it run in Linux?
    • ...does it run in Linux?

      Yes, but they request that you install Wine first.

    • i looked really hard for a matrix of all their promised features showing which ones worked on which systems. What we saw with finfisher was that non-jailbroken could not be directly penetrated. they could do roundabout means like compromising third-party apps or infecting the computers you use if you connect the phone to a computer (there's no need to do that anymore btw).

      on the other hand if you're jailbroken then they basically own you (note the ios7/ios8 jealbreaks were released by a mysterious chinese h

  • Nifty Overview (Score:5, Interesting)

    by VorpalRodent ( 964940 ) on Thursday October 30, 2014 @01:38PM (#48270839)
    Questions about government overreach and whatnot aside, the analyst's manual is quite a nice read on how mundane intelligence analysis can be. They've apparently got a very nice application for establishing persons of interest and automatically creating a directed graph of who knows whom based on address books / calendars, but the rest is still human analysis. I particularly liked the pictures which clearly showed location information as being "somewhere in this two block radius".
    • by B5_geek ( 638928 )

      You have obviously R'd TFS, TFA, and TFM.
      What are you doing on /.?
      You are too perfect an imposter. No spelling or grammar errors either. Probably some AI.

      Should I refer to you as Wintermute?

  • Isn't what they are selling against EU privacy laws?
  • Selection: OS X or Windows. Yay!

  • by HangingChad ( 677530 ) on Thursday October 30, 2014 @06:34PM (#48274059) Homepage

    I didn't see Ubuntu or *nix flavors listed in their target operating systems. All the more reason to support open source.

    • by dwye ( 1127395 )

      All that this lack indicates is that Linux has too small a market share among probable targets to be worth setting up a cookie-cutter process to hack it. Neither Al Quaida (sp? and whose?) nor the German Chancellor's office are likely to have dedicated SAs determined to keep out others by security through obscurity, regardless of it preventing easy usability of popular software that their principals demand.

      Use any distribution out of the box, without doing something that makes things interesting (like Sun

Happiness is twin floppies.