Pierluigi Paganini March 04, 2012

Published on The Hacker News Magazine – March 2012

During the last years we have seen the tendency to use social media as a major vector for the exchange of information. The communication concept has been totally revolutionized as billions of people could be in contact with a few clicks thanks to the social network platforms. Imperative is to be social, no matter if you need to share photos with friends, to express an opinion on a topic of public interest or manifest dissent regarding a government. Over the past year a large number of protests have been conducted through the major social networking platforms from Twitter to Facebook, because they have an extraordinary media that is able to reach an audience of planetary size with a simple click.

Governments and agencies all over the world are aware of this social phenomena, and an extraordinary quantity of information passes through these new social medias and the approach pursued by governments is to carry on monitoring actions in order to guarantee national security. (or so they say) The approach in terms of national security is correct and shared, however, raises serious questions in terms of privacy. This control often causes despicable acts of censorship and repression. At stake is the freedom of thought and protection of human rights, concepts humiliated every day in the world and the cost paid by the world community is a large number of human lives. Monitoring can lead to fierce repression, can lead to torture, can lead to death. Every day there is an unimaginable number of intercepted information, whether phone, email, SMS and data. In the name of security control,
the imperative is to spy on everybody! No one is safe from the eye of the modern Orwellian Big Brother mandated by governments everywhere. An affair of many billions of dollars a year with the involvement of government
agencies and private companies that make their services available to democracies and dictatorships in an unregulated market. If you search evidences of these activities it is sufficient to Assange’s “Spy Files” or Cryptome web sites, both provide useful info regarding electronic surveillance services provided by government and private companies in all countries. Amazingly, everything can be controlled and commoditized.

But what are the real causes of government interference?
There are two main reasons,
1. National security
2. The spying with the intent to acquire information that directly or indirectly can bring profit to a small group of people

This second intent is the most dangerous, and even those two reasons are overlapped. Too often the supposed need for national security is abused to exercise control, unfortunately for private purposes. It happened to us in Italy, it is common practice in many industrialized countries. We make a serious error if we considered the problem related only to isolated and far realities such as China, Egypt or Iran. In various ways and in varying measure all States are equipped to carry out a more or less close control of the media and of Internet in general. Western governments use a different way for this powerful platform to prevent terrorism, frauds, pornography but also to monitor the sentiment of entire populations and maybe to influence it. To understand this we can simply give a look to the “the transparency report” produced by Google that regularly receives requests from government agencies and courts around the world to remove content from their services and hand over user data. Government Requests tool discloses the number of requests we receive from each government in six-month reporting periods with certain limitations … you will notice that behind China there are countries like Germany and France. Surprised? Do you believe that all the requests are related to piracy or similar issues? Currently, it is really hard, we are facing the worst economic crisis, with social dissatisfaction and an overwhelming sense of profound vulnerability that the 9-11 has left. The mixture is explosive. On one hand, Governments that have to be able to control, hopefully for noble purposes, to ensure the safety of the people, on the other hand movements of thought that can not tolerate the interference of these preventive measures. Are you able to imagine a world in which everybody is free to communicate without being intercepted, spied on or tracked? Is it on unrealizable dream due the enormous interest involved? China has been a major proponent of government spying with the “Golden Shield Project“.
“If you open the window for fresh air, you have to expect some flies to blow in”

This Is The Deng Xiaoping’s phrase, which effectively summarizes the essence of the project, also known as the “Great Firewall of China “. The project is related to the development of the system of censorship and most efficient surveillance in the world made by the People’s Republic of China.  The monitoring model is a reference for all the authoritarian regimes for governments worldwide. Most of them have developed a specific cyber strategy that addresses surveillance procedures to ensure government security, it’s happening today in USA with SOPA where they desire to legislate cyber space and impose their control to prevent any form of terrorism and dissents. We are observing a growing trend toward Internet censorship in a range of countries that are investing in the necessary technology to implement the control. The technologies are exactly the same used to secure network infrastructure from attack. Censorship seems to be intended as a new business opportunity, control and censorship through complex content filtering platforms for sale to governments and the seller avoiding every control and international law. It has happened, for example, in a sale of a similar systems to the Iranian government by an Israeli company through a Danish seller. A few months ago I read the news regarding a tender held by the Soviet government on the implementation of an internet monitoring system. Russia’s intent is to release a massive monitoring system that will be used to control internet usage made by a nation that in September became the European country with the largest number of Internet users, according to the Comscore ratings agency. Do you not find the news disturbing? Do you remember what happened during the last election in Russia? Remember how Putin’s followers have acted against the opposition in cyberspace? Are we sure that the Russian government has acted in the name of national security and not for private purposes?
The crucial point is the legality of these actions conducted by Intelligence Agencies in the name of National Security abusing the rights of citizens. To this we must consider another significant issue , the corruption.
Corruption has no Country and is a cross problem widely diffused. The dilemma is always the same … ”who controls the controller?“ It is obvious that those who manage massive e-surveillance systems have a vantage point to gather confidential information and therefore make for powerful private interests.

Let’s give a look to a corruption perception report and related map.

It’s clear that all those States that are investing in e-Surveillance systems are the same governments that suffer major corruption problems. I believe that the combination of these two factors is dangerous and you
should want to fight the cyber threat. Here are some sample of monitoring systems deployed in Country with high level of corruption. Recently, the United Nations declared “Right to Access” to the Internet as a Human Right. This would have a positive impact upon many Human Rights in Cyberspace. For instance, Right to Speech and Expression, Right to Privacy, Right to Know, etc cannot be violated by any CMS.

Project. United Nations must expand Human Rights Protection to many more issues considered part of this violation. It makes no sense to promote human freedom closing the eyes on corruption events, because of the direct correlation that there is between corruption and policy to implement detailed traffic filtering. Let me conclude with the hope that all the Governments that have introduced monitoring systems are confident about their actual usage and that they will fight corruption in the same way they have declared war to any cyber threat.

About the Author : Pierluigi Paganini, Security Specialist
CEH – Certified Ethical Hacker, EC Council
Security Affairs
Email : [email protected]

Refarences

http://cpi.transparency.org/cpi2011/