Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Privacy United Kingdom Government The Internet

South Africa, UK Acknowledge Mass Surveillance By Tapping Undersea Internet Cables (reclaimthenet.org) 56

The South African government has been conducting mass surveillance on all communications in the country, reports Reclaim the Net:, citing a report from Privacy International as well as recently-revealed affidavits and other documents from former State Security Agency (SSA) director-general Arthur Fraser: Interestingly, the mass surveillance has been happening since 2008... The surveillance was supposedly designed to cover information about organized crime and acts of terrorism. It even involves surveillance on food security, water security, and even illegal financial flows.

The report also revealed that the South African government has done bulk interception of Internet traffic by way of tapping into fiber-optic cables under the sea. What is not clear though is whether the surveillance covers all Internet traffic or limited only to some of the fiber cables. The SSA said that the automated collection of data was specifically geared for foreign communications that pose threats to state security only. However, even the SSA admits to the fact that it will require human intervention to determine whether any communications that pass through the fiber cables are foreign or not. Hence, it would be difficult to distinguish between foreign and local communications.

The iAfrikan site interviewed a digital rights researcher at South Africa's amaBhungane Centre for Investigative Journalism, whose legal filings helped bring this information to light. "We had details of the state's mass surveillance activities at least as early as 2006...." he tells the site, adding later that "The government has been quite upfront that it's collecting data from a vast number of people who are not suspected of any wrongdoing... Essentially, the State Security Agency is collecting as much haystack as it can, just in case it needs to look for a needle."

Privacy International reports that the U.K. government has also recently acknowledged their "bulk interception of internet traffic by tapping undersea fibre optic cables." The site describes the work of the two countries as "some of the most pervasive surveillance programmes in human history."
This discussion has been archived. No new comments can be posted.

South Africa, UK Acknowledge Mass Surveillance By Tapping Undersea Internet Cables

Comments Filter:
  • The real surprise (Score:3, Insightful)

    by Tablizer ( 95088 ) on Saturday September 07, 2019 @02:43PM (#59169340) Journal

    The government has been quite upfront that it's collecting data from a vast number of people who are not suspected of any wrongdoing

    That they admit this is a bigger shock than they are doing it. Most govt's do it but don't admit it.

    • Re: (Score:2, Funny)

      by Anonymous Coward

      The government has been quite upfront that it's collecting data from a vast number of people who are not suspected of any wrongdoing

      That they admit this is a bigger shock than they are doing it. Most govt's do it but don't admit it.

      Definitely not surprised by the Brits doing it. They derive some sort of weird sexual pleasure from pervasive surveillance.

      • The government has been quite upfront that it's collecting data from a vast number of people who are not suspected of any wrongdoing

        That they admit this is a bigger shock than they are doing it. Most govt's do it but don't admit it.

        Definitely not surprised by the Brits doing it. They derive some sort of weird sexual pleasure from pervasive surveillance.

        Every last one of us has a secret stash of probes.

    • Most govt's do it but don't admit it.

      Yep. The Stasi had nothing on what our governments are doing to us right now.

      • It's a rather different thing. Sure, our governments can now get more data than the Stasi could, but their surveillance is far more impersonal and automated, they gather everything because they can, and it's easier not to have to filter it. The Stasi/MFS OTOH were everywhere, your neighbour could be an informant, your parents, your children, anyone could inform on you. It's a very different level of paranoia, either encrypt or be careful about what you say in email/IM and the government driftnet will miss
    • by rtb61 ( 674572 )

      So seriously, you are saying you are comfortable with corporations and the government in power, knowing exactly who you voted for and who every single member of you family voted for. You feel good about that, knowing political parties in power and the corporations who back them, can figure out exactly who you voted for, know who you would vote for and exactly why your career should be crushed and every member of your family made unemployable for security reasons.

      This level of privacy invasions is all about

  • by Nkwe ( 604125 ) on Saturday September 07, 2019 @02:48PM (#59169352)
    I am curious as to how effective tapping major Internet links like these undersea cables is. My assumption is that the bulk of traffic is encrypted - is this not a good assumption? Does anyone who moves sensitive data data across the Internet actually think that the Internet is secure and that no one is listening in?
    • Sounds like they aren't really 'tapping in', there must already be equipment setup for this.

      • Yeah.... I am no expert, but how does one "tap" an optic fiber? Cut a fiber and install a splitter?

        This is a lot harder than using an aligator clip.

        • Yeah.... I am no expert, but how does one "tap" an optic fiber? Cut a fiber and install a splitter?

          Yes.

          This is a lot harder than using an aligator clip.

          That's why they buy specialized equipment and pay for training. Consider: these cables sometimes get accidentally cut or damaged. The capability to splice them is absolutely required to even build the thing in the first place. The nation's intelligence service just pays for an extra "maintenance" team.

        • Yeah.... I am no expert, but how does one "tap" an optic fiber? Cut a fiber and install a splitter?

          This is a lot harder than using an aligator clip.

          You put a very sharp bend in the fibre and some of the light leaks out, but not all. So the comms keeps on running, while you make a copy of the signal in your boat.

    • You just store it all and wait for the quantum computers. Or conversely, they already have the quantum computers and your encryption means nothing to them.

      • You just store it all and wait for the quantum computers. Or conversely, they already have the quantum computers and your encryption means nothing to them.

        1.) They don't have quantum computers that can do that yet

        2.) By the time they do, the data will be several decades old.

      • You MITM them from DNS down to bust the protocol wrappers, then if it is still encrypted you store it all until you raid their office and get their key.

    • I am curious as to how effective tapping major Internet links like these undersea cables is. My assumption is that the bulk of traffic is encrypted - is this not a good assumption?

      The information they can harvest isn't zero, even with encryption.

      a) All IP packets carry source+destination addresses so they can see who's communicating with who and how much data they're sending. They might use this to (eg) leak some information and see if there's an uptick in traffic to particular addresses.

      b) Things like POP email are still unencrypted

      c) How much can you trust the certificate issuers? Without real authentication they can perform man-in-the middle attacks and read anything they like.

      • Government agencies have spent vast amounts of money since at least the 1980s on traffic analysis. This is why the NSA and its brethren are so keen on metadata, they typically don't need the message contents, just who's speaking to whom, when, over what channels, and so on. If you see suspect A, B, and C communicating, and then their cellphones all head towards a certain point, you don't need to know the contents of the conversation to figure out that you want to have someone at that point too.
      • by dryeo ( 100693 )

        My POP email has been encrypted for quite a while. Port 995, SSL/TLS encryption or port 110 STARTTLS depending on account. All my SMTP are similar. Now how secure my providers are, especially against government, I have no idea

      • Why can't the wire have link level encryption, so all the packet header information is hidden?

        Just like your 802.11 link cipher hides the IP headers of the packets it's carrying.

        • "Why can't the wire have link level encryption, so all the packet header information is hidden?"

          The source and destination must be known for routing.

          If you use ipsec to a gateway then you only reveal the address of the gateway. That's as good as you can reasonably get, because routing will always be a thing.

    • by AHuxley ( 892839 )
      You get start location in SA, time and destination globally..
      Global origin, time and destination in SA.
      Share with the NSA and GCHQ like during the SA Silvermine (communications) days and all the crypto falls away :)
      Recall Bullrun, Edgehill https://en.wikipedia.org/wiki/... [wikipedia.org]
      The NSA and GCHQ find consumer grade encryption to be like plain text :) Collect it all.
      Did SA have the same, get the same, share? Just collect everything for the NSA/GCHQ and have its own parallel systems?
      The junk encryption d
  • Probably not because it started in 2006, but then whose ? Who should we really be boycotting ?
  • But we have always been told it is the Rusians who are spying, subverting, hacking... and even using submarines to "threaten" undersea cables.

    And all the time it was just the good ol' trustworthy, decent Western powers who were doing it.

    Well, that's all right then.

    • Re: (Score:2, Interesting)

      But we have always been told it is the Rusians who are spying, subverting, hacking... and even using submarines to "threaten" undersea cables.

      And how does this story contradict that?

      Pretty much everyone in the intelligence community believes that the Russians have attempted to subvert and hack elections in the US and other countries - and are continuing to do so. The fact that other spying also goes on does not change that fact.

      • by Dunbal ( 464142 ) *
        Logic fail.

        everyone in the intelligence community believes

        The fact that other spying also goes on does not change that fact

        Which fact? A belief is not a fact. In fact a rather long and expensive investigation proved the opposite. The Russians did NOT try to subvert US elections. "Other spying" does not suddenly convert a belief into a fact.

        • "The Russians did NOT try to subvert US elections.."

          That's actually the opposite of what reports have found so far. But thanks for trolling.

      • Pretty much everyone in the intelligence community believes that the Russians have attempted to subvert and hack elections in the US and other countries - and are continuing to do so. The fact that other spying also goes on does not change that fact.

        Disappointing to Americans is the broken-record of the "Chinese" or "Russsians" did it.

        Either the US is very very sneaky (doubt that) or the US is not competent at all (gets my vote).

      • For at least the last 70 or 80 years, they have messed with our elections, we have messed with theirs... Nothing new, just more efficient now. 40 years ago they just printed up pamphlets and distributed them, now it's a tweet.

    • The USA and Russia were probably doing it 50 years ago, it's not news.

      • It is news that the UK was doing it themselves and contributing raw data, not just using American-collected data. Good on them!

        And it is news that South Africa had invested in that sort of capability. Not a big surprise, but perhaps a small surprise. Submarines are expensive to maintain.

    • But we have always been told it is the Rusians who are spying, subverting, hacking... and even using submarines to "threaten" undersea cables.

      And all the time it was just the good ol' trustworthy, decent Western powers who were doing it.

      Well, that's all right then.

      Cool story bro!

      Worst

      Strawman

      Ever!

    • What idiots do you hang out who said that?

      I always heard of course we're doing it, we can, and it is useful.

      Are you a refugee from AM radio? Are you OK? Do you need food or water?

    • by Tablizer ( 95088 )

      Who said it must be mutually exclusive?

  • by hackingbear ( 988354 ) on Saturday September 07, 2019 @03:05PM (#59169398)

    the U.K. government has also recently acknowledged their "bulk interception of internet traffic by tapping undersea fibre optic cables.

    Thieves accused others being theives [bloomberg.com], and of course without any evidence.

  • by Indy1 ( 99447 ) on Saturday September 07, 2019 @03:10PM (#59169410)

    In the past 10 years, there's been a HUGE push to encrypt EVERYTHING.

    We've gone from old and insecure ciphers and standards( RC4, DES, and SSL 3.0 and TLS 1.0 and 1.1) to the much stronger ones like AES-GCM, Chacha20, TLS 1.2 and 1.3.

    On the HTTPS side of things, virtually every site uses AES-GCM or Chacha20. So do most major email providers.

    TLS 1.3 is gaining steam, and I wouldn't be surprised to see in 5 years that 95% of sites only support it and nothing older.

    Even encrypted DNS is starting to take off. Cloudflare's 1.1.1.1 and Google's 8.8.8.8 support it. I just got my resolver in the house setup to use DNS over TLS a few days ago.

    So, where does that leave fascists like the NSA, the various 5 eyes agencies, China, Russia, and SSA? Soon the only useful intel they'll get is which IP's you're passing traffic to.

    • by schwit1 ( 797399 )

      Until they mandate handing over the keys. They'll justify with 'Think of the children' or 'terrorism'.

      The reality is big corps and government are the true threats to a free people.

      • The Capitalist party is larger and more powerful than Republican, Democrat or Communist and all the other political parties on the planet, combined.

        Their ethics is measured in units of currency.

        The white zone is for immediate loading and unloading of passengers only. There is no stopping in a red zone.

        The red zone is for immediate loading and unloading of passengers only. There is no stopping in a white zone.

        There is no stopping the Capitalist party.

      • Until they mandate

        THEY LIVE

    • by Dunbal ( 464142 ) *

      So, where does that leave fascists like the NSA

      Holding all the root certificates and/or sabotaging the algorithms.

    • by AHuxley ( 892839 )
      Re "In the past 10 years, there's been a HUGE push to encrypt EVERYTHING."
      Think back to PRISM.
      US brands give the crypto keys to the USA gov/GCHQ/NSA while they work on the next product :)
  • by mauriceh ( 3721 ) <mhilarius@gm[ ].com ['ail' in gap]> on Sunday September 08, 2019 @10:04AM (#59171136)

    CSIS purchased equipment to duplicate all internet traffic leaving and entering the country around that time frame.

  • The site describes the work of the two countries as "some of the most pervasive surveillance programmes in human history."

    Just like the US and just like China and just like pretty much everyone. Whoopdeedooo. The only big surprise here is that South Africa had enough expertise left in the country to do it. Most IT people in South Africa have been leaving in droves. But then they probably outsourced it to India, so...

  • Naughty yes but two very important differences.

    SA tapped everything going out of SA.

    The British may well have the capability to tap any cable ANYWHERE in the world, not just the UK. If it's underwater and within an appropriate depth it's fair game. You can count the countries on two fingers that have the Naval assets to do this and both of them are the US and the UK. [hint : Nuclear submarines and long history of covert and very sneaky submarine operations].

Genius is ten percent inspiration and fifty percent capital gains.

Working...