South Africa, UK Acknowledge Mass Surveillance By Tapping Undersea Internet Cables

The South African government has been conducting mass surveillance on all communications in the country, reports Reclaim the Net:, citing a report from Privacy International as well as recently-revealed affidavits and other documents from former State Security Agency (SSA) director-general Arthur Fraser: Interestingly, the mass surveillance has been happening since 2008... The surveillance was supposedly designed to cover information about organized crime and acts of terrorism. It even involves surveillance on food security, water security, and even illegal financial flows.

The report also revealed that the South African government has done bulk interception of Internet traffic by way of tapping into fiber-optic cables under the sea. What is not clear though is whether the surveillance covers all Internet traffic or limited only to some of the fiber cables. The SSA said that the automated collection of data was specifically geared for foreign communications that pose threats to state security only. However, even the SSA admits to the fact that it will require human intervention to determine whether any communications that pass through the fiber cables are foreign or not. Hence, it would be difficult to distinguish between foreign and local communications.
The iAfrikan site interviewed a digital rights researcher at South Africa's amaBhungane Centre for Investigative Journalism, whose legal filings helped bring this information to light. "We had details of the state's mass surveillance activities at least as early as 2006...." he tells the site, adding later that "The government has been quite upfront that it's collecting data from a vast number of people who are not suspected of any wrongdoing... Essentially, the State Security Agency is collecting as much haystack as it can, just in case it needs to look for a needle."

Privacy International reports that the U.K. government has also recently acknowledged their "bulk interception of internet traffic by tapping undersea fibre optic cables." The site describes the work of the two countries as "some of the most pervasive surveillance programmes in human history."

The real surprise

[Tablizer]

The government has been quite upfront that it's collecting data from a vast number of people who are not suspected of any wrongdoing

That they admit this is a bigger shock than they are doing it. Most govt's do it but don't admit it.

Re:

[Anonymous Coward]

The government has been quite upfront that it's collecting data from a vast number of people who are not suspected of any wrongdoing

That they admit this is a bigger shock than they are doing it. Most govt's do it but don't admit it.

Definitely not surprised by the Brits doing it. They derive some sort of weird sexual pleasure from pervasive surveillance.

Re:

[TechyImmigrant]

The government has been quite upfront that it's collecting data from a vast number of people who are not suspected of any wrongdoing

That they admit this is a bigger shock than they are doing it. Most govt's do it but don't admit it.

Definitely not surprised by the Brits doing it. They derive some sort of weird sexual pleasure from pervasive surveillance.

Every last one of us has a secret stash of probes.

Re:

[Joce640k]

Most govt's do it but don't admit it.

Yep. The Stasi had nothing on what our governments are doing to us right now.

Re:

[arglebargle_xiv]

It's a rather different thing. Sure, our governments can now get more data than the Stasi could, but their surveillance is far more impersonal and automated, they gather everything because they can, and it's easier not to have to filter it. The Stasi/MFS OTOH were everywhere, your neighbour could be an informant, your parents, your children, anyone could inform on you. It's a very different level of paranoia, either encrypt or be careful about what you say in email/IM and the government driftnet will miss

Re:

[rtb61]

So seriously, you are saying you are comfortable with corporations and the government in power, knowing exactly who you voted for and who every single member of you family voted for. You feel good about that, knowing political parties in power and the corporations who back them, can figure out exactly who you voted for, know who you would vote for and exactly why your career should be crushed and every member of your family made unemployable for security reasons.

This level of privacy invasions is all about

How effective is it?

[Nkwe]

I am curious as to how effective tapping major Internet links like these undersea cables is. My assumption is that the bulk of traffic is encrypted - is this not a good assumption? Does anyone who moves sensitive data data across the Internet actually think that the Internet is secure and that no one is listening in?

Re:

[mrclevesque]

Sounds like they aren't really 'tapping in', there must already be equipment setup for this.

Tapping?

[BrianMarshall]

Yeah.... I am no expert, but how does one "tap" an optic fiber? Cut a fiber and install a splitter?

This is a lot harder than using an aligator clip.

Re:

[Aighearach]

Yeah.... I am no expert, but how does one "tap" an optic fiber? Cut a fiber and install a splitter?

Yes.

This is a lot harder than using an aligator clip.

That's why they buy specialized equipment and pay for training. Consider: these cables sometimes get accidentally cut or damaged. The capability to splice them is absolutely required to even build the thing in the first place. The nation's intelligence service just pays for an extra "maintenance" team.

Re:

[TechyImmigrant]

Yeah.... I am no expert, but how does one "tap" an optic fiber? Cut a fiber and install a splitter?

This is a lot harder than using an aligator clip.

You put a very sharp bend in the fibre and some of the light leaks out, but not all. So the comms keeps on running, while you make a copy of the signal in your boat.

Re:

[cdsparrow]

You just store it all and wait for the quantum computers. Or conversely, they already have the quantum computers and your encryption means nothing to them.

Re:

[CaptainDork]

You just store it all and wait for the quantum computers. Or conversely, they already have the quantum computers and your encryption means nothing to them.

1.) They don't have quantum computers that can do that yet

2.) By the time they do, the data will be several decades old.

Re:

[TechyImmigrant]

>1.) They don't have quantum computers that can do that yet

They won't have quantum computers that can do that ever.

Re:

[Aighearach]

You MITM them from DNS down to bust the protocol wrappers, then if it is still encrypted you store it all until you raid their office and get their key.

Re:

[Joce640k]

I am curious as to how effective tapping major Internet links like these undersea cables is. My assumption is that the bulk of traffic is encrypted - is this not a good assumption?

The information they can harvest isn't zero, even with encryption.

a) All IP packets carry source+destination addresses so they can see who's communicating with who and how much data they're sending. They might use this to (eg) leak some information and see if there's an uptick in traffic to particular addresses.

b) Things like POP email are still unencrypted

c) How much can you trust the certificate issuers? Without real authentication they can perform man-in-the middle attacks and read anything they like.

Re:

[arglebargle_xiv]

Government agencies have spent vast amounts of money since at least the 1980s on traffic analysis. This is why the NSA and its brethren are so keen on metadata, they typically don't need the message contents, just who's speaking to whom, when, over what channels, and so on. If you see suspect A, B, and C communicating, and then their cellphones all head towards a certain point, you don't need to know the contents of the conversation to figure out that you want to have someone at that point too.

Re:

[AHuxley]

Re "least the 1980s on traffic analysis" ...
Think back to the years of Slivermine in SA and full NSA support.
ie the Criticomm years .... https://en.wikipedia.org/wiki/... [wikipedia.org]
The NSA and SA got working before the "1980s" :)

Re:

[dryeo]

My POP email has been encrypted for quite a while. Port 995, SSL/TLS encryption or port 110 STARTTLS depending on account. All my SMTP are similar. Now how secure my providers are, especially against government, I have no idea

Re:

[flyingfsck]

a. I do. b. Not secure.

Re:

[dryeo]

Yea, that's why I don't do anything that important, especially to government, over the internet.

Re:

[TechyImmigrant]

Why can't the wire have link level encryption, so all the packet header information is hidden?

Just like your 802.11 link cipher hides the IP headers of the packets it's carrying.

Re:

[drinkypoo]

"Why can't the wire have link level encryption, so all the packet header information is hidden?"

The source and destination must be known for routing.

If you use ipsec to a gateway then you only reveal the address of the gateway. That's as good as you can reasonably get, because routing will always be a thing.

Re:

[TechyImmigrant]

>The source and destination must be known for routing.

Not for an undersea wire. It has only two ends.

Re:

[AHuxley]

You get start location in SA, time and destination globally..
Global origin, time and destination in SA.
Share with the NSA and GCHQ like during the SA Silvermine (communications) days and all the crypto falls away :)
Recall Bullrun, Edgehill https://en.wikipedia.org/wiki/... [wikipedia.org]
The NSA and GCHQ find consumer grade encryption to be like plain text :) Collect it all.
Did SA have the same, get the same, share? Just collect everything for the NSA/GCHQ and have its own parallel systems?
The junk encryption d

But did they use Huawei equipment ?

[Big Bipper]

Probably not because it started in 2006, but then whose ? Who should we really be boycotting ?

Re:

[Aighearach]

The interwebs. Definitely the interwebs.

But... but... but... the Russians!

[Archtech]

But we have always been told it is the Rusians who are spying, subverting, hacking... and even using submarines to "threaten" undersea cables.

And all the time it was just the good ol' trustworthy, decent Western powers who were doing it.

Well, that's all right then.

Re:

[93 Escort Wagon]

But we have always been told it is the Rusians who are spying, subverting, hacking... and even using submarines to "threaten" undersea cables.

And how does this story contradict that?

Pretty much everyone in the intelligence community believes that the Russians have attempted to subvert and hack elections in the US and other countries - and are continuing to do so. The fact that other spying also goes on does not change that fact.

Re:

[Dunbal]

Logic fail.

everyone in the intelligence community believes

The fact that other spying also goes on does not change that fact

Which fact? A belief is not a fact. In fact a rather long and expensive investigation proved the opposite. The Russians did NOT try to subvert US elections. "Other spying" does not suddenly convert a belief into a fact.

Re:

[drinkypoo]

"The Russians did NOT try to subvert US elections.."

That's actually the opposite of what reports have found so far. But thanks for trolling.

Re:

[CaptainDork]

Pretty much everyone in the intelligence community believes that the Russians have attempted to subvert and hack elections in the US and other countries - and are continuing to do so. The fact that other spying also goes on does not change that fact.

Disappointing to Americans is the broken-record of the "Chinese" or "Russsians" did it.

Either the US is very very sneaky (doubt that) or the US is not competent at all (gets my vote).

Re:

[cdsparrow]

I figure somewhere in between. We're kinda sneaky and reasonably competent.

Re:

[cdsparrow]

For at least the last 70 or 80 years, they have messed with our elections, we have messed with theirs... Nothing new, just more efficient now. 40 years ago they just printed up pamphlets and distributed them, now it's a tweet.

Re:

[Brett Buck]

The USA and Russia were probably doing it 50 years ago, it's not news.

Re:

[Aighearach]

It is news that the UK was doing it themselves and contributing raw data, not just using American-collected data. Good on them!

And it is news that South Africa had invested in that sort of capability. Not a big surprise, but perhaps a small surprise. Submarines are expensive to maintain.

Re:

[Ol Olsoc]

But we have always been told it is the Rusians who are spying, subverting, hacking... and even using submarines to "threaten" undersea cables.

And all the time it was just the good ol' trustworthy, decent Western powers who were doing it.

Well, that's all right then.

Cool story bro!

Worst

Strawman

Ever!

Re:

[Aighearach]

What idiots do you hang out who said that?

I always heard of course we're doing it, we can, and it is useful.

Are you a refugee from AM radio? Are you OK? Do you need food or water?

Re:

[Tablizer]

Who said it must be mutually exclusive?

double standard and hypocrisy

[hackingbear]

the U.K. government has also recently acknowledged their "bulk interception of internet traffic by tapping undersea fibre optic cables.

Thieves accused others being theives [bloomberg.com], and of course without any evidence.

Re:

[DrMrLordX]

Without any evidence? Are you mad?

Re:

[Ol Olsoc]

Without any evidence? Are you mad?

Well, he's not too happy.

Re: double standard and hypocrisy

[ToasterMonkey]

How is acknowledged the same as accused?

Re:

[Aighearach]

Sorry Ivan, it isn't stealing. Everybody still received all the photons that they ordered over the pipe.

mass surveillance might be losing its usefulness

[Indy1]

In the past 10 years, there's been a HUGE push to encrypt EVERYTHING.

We've gone from old and insecure ciphers and standards( RC4, DES, and SSL 3.0 and TLS 1.0 and 1.1) to the much stronger ones like AES-GCM, Chacha20, TLS 1.2 and 1.3.

On the HTTPS side of things, virtually every site uses AES-GCM or Chacha20. So do most major email providers.

TLS 1.3 is gaining steam, and I wouldn't be surprised to see in 5 years that 95% of sites only support it and nothing older.

Even encrypted DNS is starting to take off. Cloudflare's 1.1.1.1 and Google's 8.8.8.8 support it. I just got my resolver in the house setup to use DNS over TLS a few days ago.

So, where does that leave fascists like the NSA, the various 5 eyes agencies, China, Russia, and SSA? Soon the only useful intel they'll get is which IP's you're passing traffic to.

Re:

[schwit1]

Until they mandate handing over the keys. They'll justify with 'Think of the children' or 'terrorism'.

The reality is big corps and government are the true threats to a free people.

Re:

[CaptainDork]

The Capitalist party is larger and more powerful than Republican, Democrat or Communist and all the other political parties on the planet, combined.

Their ethics is measured in units of currency.

The white zone is for immediate loading and unloading of passengers only. There is no stopping in a red zone.

The red zone is for immediate loading and unloading of passengers only. There is no stopping in a white zone.

There is no stopping the Capitalist party.

Re:

[Aighearach]

Until they mandate

THEY LIVE

Re:

[Dunbal]

So, where does that leave fascists like the NSA

Holding all the root certificates and/or sabotaging the algorithms.

Re:

[AHuxley]

Re "In the past 10 years, there's been a HUGE push to encrypt EVERYTHING."
Think back to PRISM.
US brands give the crypto keys to the USA gov/GCHQ/NSA while they work on the next product :)

Re:

[Anachronous Coward]

Cool satire, bro.

Re: DATA ENCRYPTION PROBLEM

[Malays Boweman]

I hope this is a joke, because otherwise, NO, we don't need authority making the online world the total facist shithole the phy$ical world is.

Canada does it

[mauriceh]

CSIS purchased equipment to duplicate all internet traffic leaving and entering the country around that time frame.

Just like everyone else you mean

[LordWabbit2]

The site describes the work of the two countries as "some of the most pervasive surveillance programmes in human history."

Just like the US and just like China and just like pretty much everyone. Whoopdeedooo. The only big surprise here is that South Africa had enough expertise left in the country to do it. Most IT people in South Africa have been leaving in droves. But then they probably outsourced it to India, so...

Naughty

[hoofie]

Naughty yes but two very important differences.

SA tapped everything going out of SA.

The British may well have the capability to tap any cable ANYWHERE in the world, not just the UK. If it's underwater and within an appropriate depth it's fair game. You can count the countries on two fingers that have the Naval assets to do this and both of them are the US and the UK. [hint : Nuclear submarines and long history of covert and very sneaky submarine operations].