South Africa, UK Acknowledge Mass Surveillance By Tapping Undersea Internet Cables (reclaimthenet.org) 56
The South African government has been conducting mass surveillance on all communications in the country, reports Reclaim the Net:, citing a report from Privacy International as well as recently-revealed affidavits and other documents from former State Security Agency (SSA) director-general Arthur Fraser:
Interestingly, the mass surveillance has been happening since 2008... The surveillance was supposedly designed to cover information about organized crime and acts of terrorism. It even involves surveillance on food security, water security, and even illegal financial flows.
The report also revealed that the South African government has done bulk interception of Internet traffic by way of tapping into fiber-optic cables under the sea. What is not clear though is whether the surveillance covers all Internet traffic or limited only to some of the fiber cables. The SSA said that the automated collection of data was specifically geared for foreign communications that pose threats to state security only. However, even the SSA admits to the fact that it will require human intervention to determine whether any communications that pass through the fiber cables are foreign or not. Hence, it would be difficult to distinguish between foreign and local communications.
The iAfrikan site interviewed a digital rights researcher at South Africa's amaBhungane Centre for Investigative Journalism, whose legal filings helped bring this information to light. "We had details of the state's mass surveillance activities at least as early as 2006...." he tells the site, adding later that "The government has been quite upfront that it's collecting data from a vast number of people who are not suspected of any wrongdoing... Essentially, the State Security Agency is collecting as much haystack as it can, just in case it needs to look for a needle."
Privacy International reports that the U.K. government has also recently acknowledged their "bulk interception of internet traffic by tapping undersea fibre optic cables." The site describes the work of the two countries as "some of the most pervasive surveillance programmes in human history."
The report also revealed that the South African government has done bulk interception of Internet traffic by way of tapping into fiber-optic cables under the sea. What is not clear though is whether the surveillance covers all Internet traffic or limited only to some of the fiber cables. The SSA said that the automated collection of data was specifically geared for foreign communications that pose threats to state security only. However, even the SSA admits to the fact that it will require human intervention to determine whether any communications that pass through the fiber cables are foreign or not. Hence, it would be difficult to distinguish between foreign and local communications.
The iAfrikan site interviewed a digital rights researcher at South Africa's amaBhungane Centre for Investigative Journalism, whose legal filings helped bring this information to light. "We had details of the state's mass surveillance activities at least as early as 2006...." he tells the site, adding later that "The government has been quite upfront that it's collecting data from a vast number of people who are not suspected of any wrongdoing... Essentially, the State Security Agency is collecting as much haystack as it can, just in case it needs to look for a needle."
Privacy International reports that the U.K. government has also recently acknowledged their "bulk interception of internet traffic by tapping undersea fibre optic cables." The site describes the work of the two countries as "some of the most pervasive surveillance programmes in human history."
The real surprise (Score:3, Insightful)
That they admit this is a bigger shock than they are doing it. Most govt's do it but don't admit it.
Re: (Score:2, Funny)
That they admit this is a bigger shock than they are doing it. Most govt's do it but don't admit it.
Definitely not surprised by the Brits doing it. They derive some sort of weird sexual pleasure from pervasive surveillance.
Re: (Score:2)
That they admit this is a bigger shock than they are doing it. Most govt's do it but don't admit it.
Definitely not surprised by the Brits doing it. They derive some sort of weird sexual pleasure from pervasive surveillance.
Every last one of us has a secret stash of probes.
Re: (Score:3)
Most govt's do it but don't admit it.
Yep. The Stasi had nothing on what our governments are doing to us right now.
Re: (Score:2)
Re: (Score:2)
So seriously, you are saying you are comfortable with corporations and the government in power, knowing exactly who you voted for and who every single member of you family voted for. You feel good about that, knowing political parties in power and the corporations who back them, can figure out exactly who you voted for, know who you would vote for and exactly why your career should be crushed and every member of your family made unemployable for security reasons.
This level of privacy invasions is all about
How effective is it? (Score:5, Insightful)
Re: (Score:2)
Sounds like they aren't really 'tapping in', there must already be equipment setup for this.
Tapping? (Score:2)
Yeah.... I am no expert, but how does one "tap" an optic fiber? Cut a fiber and install a splitter?
This is a lot harder than using an aligator clip.
Re: (Score:3)
Yeah.... I am no expert, but how does one "tap" an optic fiber? Cut a fiber and install a splitter?
Yes.
This is a lot harder than using an aligator clip.
That's why they buy specialized equipment and pay for training. Consider: these cables sometimes get accidentally cut or damaged. The capability to splice them is absolutely required to even build the thing in the first place. The nation's intelligence service just pays for an extra "maintenance" team.
Re: (Score:2)
Yeah.... I am no expert, but how does one "tap" an optic fiber? Cut a fiber and install a splitter?
This is a lot harder than using an aligator clip.
You put a very sharp bend in the fibre and some of the light leaks out, but not all. So the comms keeps on running, while you make a copy of the signal in your boat.
Re: (Score:2)
You just store it all and wait for the quantum computers. Or conversely, they already have the quantum computers and your encryption means nothing to them.
Re: (Score:2)
You just store it all and wait for the quantum computers. Or conversely, they already have the quantum computers and your encryption means nothing to them.
1.) They don't have quantum computers that can do that yet
2.) By the time they do, the data will be several decades old.
Re: (Score:2)
>1.) They don't have quantum computers that can do that yet
They won't have quantum computers that can do that ever.
Re: (Score:2)
You MITM them from DNS down to bust the protocol wrappers, then if it is still encrypted you store it all until you raid their office and get their key.
Re: (Score:3)
I am curious as to how effective tapping major Internet links like these undersea cables is. My assumption is that the bulk of traffic is encrypted - is this not a good assumption?
The information they can harvest isn't zero, even with encryption.
a) All IP packets carry source+destination addresses so they can see who's communicating with who and how much data they're sending. They might use this to (eg) leak some information and see if there's an uptick in traffic to particular addresses.
b) Things like POP email are still unencrypted
c) How much can you trust the certificate issuers? Without real authentication they can perform man-in-the middle attacks and read anything they like.
Re: (Score:2)
Re: (Score:1)
Think back to the years of Slivermine in SA and full NSA support.
ie the Criticomm years
The NSA and SA got working before the "1980s"
Re: (Score:3)
My POP email has been encrypted for quite a while. Port 995, SSL/TLS encryption or port 110 STARTTLS depending on account. All my SMTP are similar. Now how secure my providers are, especially against government, I have no idea
Re: (Score:2)
Re: (Score:2)
Yea, that's why I don't do anything that important, especially to government, over the internet.
Re: (Score:2)
Why can't the wire have link level encryption, so all the packet header information is hidden?
Just like your 802.11 link cipher hides the IP headers of the packets it's carrying.
Re: (Score:2)
"Why can't the wire have link level encryption, so all the packet header information is hidden?"
The source and destination must be known for routing.
If you use ipsec to a gateway then you only reveal the address of the gateway. That's as good as you can reasonably get, because routing will always be a thing.
Re: (Score:2)
>The source and destination must be known for routing.
Not for an undersea wire. It has only two ends.
Re: (Score:1)
Global origin, time and destination in SA.
Share with the NSA and GCHQ like during the SA Silvermine (communications) days and all the crypto falls away
Recall Bullrun, Edgehill https://en.wikipedia.org/wiki/... [wikipedia.org]
The NSA and GCHQ find consumer grade encryption to be like plain text
Did SA have the same, get the same, share? Just collect everything for the NSA/GCHQ and have its own parallel systems?
The junk encryption d
But did they use Huawei equipment ? (Score:2)
Re: (Score:2)
The interwebs. Definitely the interwebs.
But... but... but... the Russians! (Score:2)
But we have always been told it is the Rusians who are spying, subverting, hacking... and even using submarines to "threaten" undersea cables.
And all the time it was just the good ol' trustworthy, decent Western powers who were doing it.
Well, that's all right then.
Re: (Score:2, Interesting)
But we have always been told it is the Rusians who are spying, subverting, hacking... and even using submarines to "threaten" undersea cables.
And how does this story contradict that?
Pretty much everyone in the intelligence community believes that the Russians have attempted to subvert and hack elections in the US and other countries - and are continuing to do so. The fact that other spying also goes on does not change that fact.
Re: (Score:2)
everyone in the intelligence community believes
The fact that other spying also goes on does not change that fact
Which fact? A belief is not a fact. In fact a rather long and expensive investigation proved the opposite. The Russians did NOT try to subvert US elections. "Other spying" does not suddenly convert a belief into a fact.
Re: (Score:2)
"The Russians did NOT try to subvert US elections.."
That's actually the opposite of what reports have found so far. But thanks for trolling.
Re: (Score:2)
Pretty much everyone in the intelligence community believes that the Russians have attempted to subvert and hack elections in the US and other countries - and are continuing to do so. The fact that other spying also goes on does not change that fact.
Disappointing to Americans is the broken-record of the "Chinese" or "Russsians" did it.
Either the US is very very sneaky (doubt that) or the US is not competent at all (gets my vote).
Re: (Score:2)
I figure somewhere in between. We're kinda sneaky and reasonably competent.
Re: (Score:2)
For at least the last 70 or 80 years, they have messed with our elections, we have messed with theirs... Nothing new, just more efficient now. 40 years ago they just printed up pamphlets and distributed them, now it's a tweet.
Re: (Score:2)
The USA and Russia were probably doing it 50 years ago, it's not news.
Re: (Score:2)
It is news that the UK was doing it themselves and contributing raw data, not just using American-collected data. Good on them!
And it is news that South Africa had invested in that sort of capability. Not a big surprise, but perhaps a small surprise. Submarines are expensive to maintain.
Re: (Score:2)
But we have always been told it is the Rusians who are spying, subverting, hacking... and even using submarines to "threaten" undersea cables.
And all the time it was just the good ol' trustworthy, decent Western powers who were doing it.
Well, that's all right then.
Cool story bro!
Worst
Strawman
Ever!
Re: (Score:2)
What idiots do you hang out who said that?
I always heard of course we're doing it, we can, and it is useful.
Are you a refugee from AM radio? Are you OK? Do you need food or water?
Re: (Score:1)
Who said it must be mutually exclusive?
double standard and hypocrisy (Score:3)
the U.K. government has also recently acknowledged their "bulk interception of internet traffic by tapping undersea fibre optic cables.
Thieves accused others being theives [bloomberg.com], and of course without any evidence.
Re: (Score:2)
Without any evidence? Are you mad?
Re: (Score:2)
Without any evidence? Are you mad?
Well, he's not too happy.
Re: double standard and hypocrisy (Score:2)
How is acknowledged the same as accused?
Re: (Score:2)
Sorry Ivan, it isn't stealing. Everybody still received all the photons that they ordered over the pipe.
mass surveillance might be losing its usefulness (Score:4, Insightful)
In the past 10 years, there's been a HUGE push to encrypt EVERYTHING.
We've gone from old and insecure ciphers and standards( RC4, DES, and SSL 3.0 and TLS 1.0 and 1.1) to the much stronger ones like AES-GCM, Chacha20, TLS 1.2 and 1.3.
On the HTTPS side of things, virtually every site uses AES-GCM or Chacha20. So do most major email providers.
TLS 1.3 is gaining steam, and I wouldn't be surprised to see in 5 years that 95% of sites only support it and nothing older.
Even encrypted DNS is starting to take off. Cloudflare's 1.1.1.1 and Google's 8.8.8.8 support it. I just got my resolver in the house setup to use DNS over TLS a few days ago.
So, where does that leave fascists like the NSA, the various 5 eyes agencies, China, Russia, and SSA? Soon the only useful intel they'll get is which IP's you're passing traffic to.
Re: (Score:2)
Until they mandate handing over the keys. They'll justify with 'Think of the children' or 'terrorism'.
The reality is big corps and government are the true threats to a free people.
Re: (Score:2)
The Capitalist party is larger and more powerful than Republican, Democrat or Communist and all the other political parties on the planet, combined.
Their ethics is measured in units of currency.
The white zone is for immediate loading and unloading of passengers only. There is no stopping in a red zone.
The red zone is for immediate loading and unloading of passengers only. There is no stopping in a white zone.
There is no stopping the Capitalist party.
Re: (Score:2)
Until they mandate
THEY LIVE
Re: (Score:2)
So, where does that leave fascists like the NSA
Holding all the root certificates and/or sabotaging the algorithms.
Re: (Score:1)
Think back to PRISM.
US brands give the crypto keys to the USA gov/GCHQ/NSA while they work on the next product
Re: (Score:2)
Re: DATA ENCRYPTION PROBLEM (Score:1)
Canada does it (Score:3)
CSIS purchased equipment to duplicate all internet traffic leaving and entering the country around that time frame.
Just like everyone else you mean (Score:2)
Just like the US and just like China and just like pretty much everyone. Whoopdeedooo. The only big surprise here is that South Africa had enough expertise left in the country to do it. Most IT people in South Africa have been leaving in droves. But then they probably outsourced it to India, so...
Naughty (Score:2)
Naughty yes but two very important differences.
SA tapped everything going out of SA.
The British may well have the capability to tap any cable ANYWHERE in the world, not just the UK. If it's underwater and within an appropriate depth it's fair game. You can count the countries on two fingers that have the Naval assets to do this and both of them are the US and the UK. [hint : Nuclear submarines and long history of covert and very sneaky submarine operations].