You recall the dystopic visions of the future around the 1940s-60s, all the ominous forebodings of a totalitarian surveillance society? The most famous of them would be George Orwell’s 1984, but all of them have certain things in common that are worth reviewing.
There are common themes in these dystopic paintings of the future. Surveillance is one of them. Totalitarianism is another. A recurring theme is how the government installed surveillance cameras in households to watch over every citizen, to deny them even the privacy of their own homes.
(We remember this particularly from the so-called telescreens of “1984”, but there are many other examples.)
In retrospect, we can observe that the government hasn’t done anything like installing cameras in domestic households. But it has done something else. In Germany, it was recently uncovered that the Federal Police are planting trojan software on the computers of citizens – trojans that allow the police to break into the computer and access all of it, including its peripherals. Notably, those peripherals include its webcam and its microphone, which become available to the Police.
Many other European states are suspected of doing the same thing, based on the sales of such trojan manufacturers. And just yesterday, news emerged that the Swedish Prosecution Authority is asking for the same capability: looking through cameras into ordinary people’s homes, just like in 1984.
But nowhere has the government forcibly installed cameras in every home. So, in other words, there is one key difference in what didn’t come true of the dystopic, totalitarian visions of the future from the 1950s:
We bought and installed the cameras ourselves.
Well there´s one good thing about it being a virus/which i presume that the Trojan software is similar to.
It can be deleted without impacting the function of your computer.
If the power of the Internet is still going it will only be a matter of time before there is a guide on the Internet on how to either delete it or making it harmless.
I would imagine locating it on your drive and then change a few numbers around, so that instead of telling MAFIAA all they want to know about you all it does is sending useless data back or if you really wanted to add insult to injury make it send a virus back to the ones the Trojan is sending info to.
It may not be as simple to delete, if it is a real virus it will have infected it self into other binaries(most likely something you really need to start you computer) and that makes it hard to remove, you can’t be sure that you have removed it from all places, it can be segmentated(split into different parts at different location, all keeping tracks of all other parts and downloading them if they are missing) By this time it’s to late todo backup of any data you want to keep and do a fresh install. Any data you copy over to backup disk may be contaminated with data that does buffer overruns (case: the wmf exploit and png exploits, you view an image from the backup and you’r once again infected).
At least for the moment the Anti-virus companies has denied request by law enforcement to white-list spying tools used by the law-enforcement. But how long until they are forced to white-list them?
This did get me thinking about if you could roll your own microcode update for your processor to remap instructions and roll your own compiler(modified gcc) and in this way get a system with another instruction-sets where the binary-infecting parts of the these spying toolkits would not be able to execute. but then you would still have this problem http://cm.bell-labs.com/who/ken/trust.html could you trust your compiler!!
Fortunately the toolkits I have heard about are mostly some not kind of virus but more like simple worms/trojans with limited capability to replicate them self, and not as complicated and advanced as I describe above. And that may make them simplier to remove, but you whould have to trust your self that you really did get them all…. do you trust your self? And do not forget your router, it would be one of places I redirected all your traffic to my proxy, if I were to spy on you.
You have many good points. And there’s even more to it. Can you even trust the hardware (the cpu your compiler is running on, network equipment et.c.) In the end you have to trust someone..?
If that would become common practice it would protect against some of the ways that attackers gain access to target systems, but not all of them. Once the attackers are in they will just use your modified compiler to compile their backdoor software.
Also note that you would need the source code of all your software, which means that you would be running purely free software, and then your work might be better spent on finding and fixing the bugs that allow intruders to install the malware in the first place.
There is a way to counter that using two compilers: http://www.dwheeler.com/trusting-trust/
The thing I wanted to hint at, is that depending on the attackers knowlege and determination they could write some really nasty piece of spykit that might be near impossible to protect against.
There is a way to counter that using two compilers: http://www.dwheeler.com/trusting-trust/
Thanks, I was looking for something interesting to read in bed 🙂
It is far worse than any ordinary virus could ever be – although you describe the “bads” of such a virus. From now on, PC’s will include a “secure boot feature” – the selling point of which to the public is that it makes impossible to viruses to take over the boot control sequence – and therefore, ti would mitigate the so called “root kit” functionality.
However, what would stop an ordinary virus of taking part of the boot process is a cartographic signature on the software – so that only signed software by trustworthy vendors can run at start-up. (and even after startup, but that is another point). The point here is that such a governmental mandated “virus” would have no problem being properly signed itself – therefore enabling ti to be invisible for the O.S., and moreover, in an environment allegedly “tap proof”, provided by the secure boot feature.
(In time: the real reason for the secure boot in consumer electronics is the foundation for the ability to cripple software able to reproduce copyrighted contents in order to implement DRM, and even enable per view charges of content on one’s own computer)
A Frenchman once said (not exactly so): A product only reaches the mass market if it helps control the masses.
So, this world is not really like 1984 – it’s the horrible mix of “1984” and “Brave New World” as you can find in Bradbury’s “Fahrenheit 451”. We are being entertained to mental death, while voluntarily getting connected to the largest spy network ever.
“Amusing ourselves to death – public discourse in the age of show business”, such a prophetic book back in – oh yes – 1984.
Correct me if I’m wrong, but was’nt there some cases with authotities putting up cameras in elderly caretakers home?
How about surveilling the streets with camera’s, especially in england there are camera’s everywhere.
In the summer of ’11 it became clear during the riots in london how the system works. With the images shot during the night and with facial recognition software all participants could be recognized. The government has a huge database with all scanned passports so they know instantly who they are.
During the day the police went to the houses and arrested everyone who was involved in the riots. the main task for the police officers who served at night was to uncover the faces of the people (mostly guy fawkes masks), not to protect the property of the shops.
The police claimed to have 20,000 hours of CCTV to study and eventually arrested more than 5,000 people out of an estimated 30,000 rioters.
http://goo.gl/SQc8I [pdf]
http://www.wsws.org/articles/2012/aug2012/pers-a08.shtml
http://www.iol.co.za/dailynews/opinion/return-of-the-english-riot-1.1118109
Orwell’s 1984 seems quie predictive about the way that the 1945-89 “Cold War” between Communism & Capitalism morphed into the 2001-2012 “War on Terror” which pitched Islam against Anglo-Saxon capitalism, and the way that things started to swing back towards Col War style confrontation over Syria.
Orwell’s Newspeak has it’s turn when politicians talk about ‘reforming’ systems when they really mean taking away the rights of workers to have effective trade unions and when they take away the right of people to marry who they want to (tougher visas) ….. and for that matter they are taking away the right of”tech oriented companies” to hire who they like from a world market place.
As far as surveillance and computer subversion is concerned I think the situation has moved closer to William Gibson ‘Neuramancer’ scenario with private companies enabling user tracking technology on communications devices, and the involvement of state actors in cyberwarfare scenarios.
I do not necessarily support the various Green Parties’ stance on nuclear power, but I cannot resist telling Greenies they need to start talking seriously about Open Source and Cyberwarfare, given the fact that StuxNet attacks are targeting nuclear installations.
In the politically unstable Middle East we are hearing more and more about energy companies like Aramco getting their computers trashed and even the big media corp aka Aljazeera is not immune.
This blogsite is extremely educational.
Don’t forget your cell phone camera and microphone can be turned on remotely as well. Even if your phone is off the microphone can still be accessed. You’re carrying around a bug everywhere you go. I keep my webcams unplugged when not in use and leave my cell phone home as often as possible.
that is, if your phone is new enough to have such features, mine at least doesn’t contain such advanced features, my previous phone did(turn itself on that is, no camera), but not this one.
There is one more interesting difference. It’s the fakt that it’s not only the government that can do this, and it’s not even limited to companies. EVERYONE has the abilities to do this, it’s mostly limited by time, money, cleverness and other resources. We are living in a time that is basically a stalkers dream. Sometimes I think of this as ‘little brother is watching’.
Hey Rick,
If you’re feeling up to it, this could be one of the better times to compile and post a FOSS migration and security roadmap or primer (especially the security bit). I know I could use it, and I’m sure there are others that could, as well. Perhaps you can refer to an existing resource; that would be fine, too.
Well, European Union funds truly 1984-esque project now. The future they prepare for all of us is a United States of Europe socialist and totalitarian superstate.
How we can stop this?
http://dvice.com/archives/2012/09/european-union.php
Doesn’t the law in Sweden say that the police can install spy cameras in peoples homes? I read about it on the Swedish Pirate Party’s website. Something about “hemliga tvångsmedel”.
Found it: http://www.piratpartiet.se/lista_over_overvakningslagar
Förändringar som redan trätt i kraft:
Länk: Regeringen Riksdagen
(Prop. 2002/03:74) Hemliga tvångsmedel – offentliga ombud och en mer ändamålsenlig reglering: Polisen får telefonavlyssna personer som ej är misstänkta för brott, utan bara råkar ha någon form av kontakt med en misstänkt för brott som kan leda till 2 års fängelse, samt för ett antal brott med lägre straffsatser. Polisen får även installera hemliga spionkameror i dessa ”misstänkta bekantas” hem.
Last sentence reads: “The Police is also allowed to install secret spy cameras in these “suspected aquaintances” homes”
Of course, they don’t do it en masse like in 1984, but the law says it can happen.
I’m surprised no one has mentioned that the HBGary breach revealed plans to develop “undetectable” boot sector rootkits (bootkits) for use by the US government. Don’t take my word for it: look it up.
Nowdays I don’t have a webcam becouse I don’t need one, but when I had I used a very simple yet very effective methode preventing potential spying: when I didn’t use it, I simply turned the webcam to the wall. “You wanna spy on me? Have fun watching my wall!”
Also a simple and foolproof methode of protecting your sensitive data from spying: keep them on a computer that’s not connected to the internet! Even if that computer somehow gets infected by a trojan, they can’t use it becouse they can’t connect to your computer.
“Also a simple and foolproof methode of protecting your sensitive data from spying: keep them on a computer that’s not connected to the internet! Even if that computer somehow gets infected by a trojan, they can’t use it becouse they can’t connect to your computer.”
If only this was true. Even when the computer is shut down, harddrive with OS removed and no network hardware connected, your files are available for anyone determined enough since the CPU has built in transmission hardware for remote control.
http://www.popularresistance.org/new-intel-based-pcs-permanently-hackable/
[…] there was the infamous telescreen which enabled governments to look into anybody’s home. (We have those now, by the way.) In this scene, we also see the protagonist hide out of sight of the surveillance […]
Excellent article. Ҡeep writing ѕuch кind
of info ߋn yօur site. Іm really impressed by
yօur blog.
Hi therе, You’ve done an excellent job. I’ll сertainly digg it and in my opinion ѕuggest to my friends.
Ι ɑm confident they’ll be benefited frοm this website.