As part of its ongoing Spyfiles series of posts, Wikileaks has released the back and front-end systems used by the German Government to spy on journalists, dissidents, and others. The files appear to be weaponized Windows malware although the software, called FinFisher, also works on OS X.
From the post:
￼FinFisher (formerly part of the UK based Gamma Group International until late 2013) is a German company that produces and sells computer intrusion systems, software exploits and remote monitoring systems that are capable of intercepting communications and data from OS X, Windows and Linux computers as well as Android, iOS, BlackBerry, Symbian and Windows Mobile devices. FinFisher first came to public attention in December 2011 when WikiLeaks published documents detailing their products and business in the first SpyFiles release.
Three back-end programs route and manage traffic which is sent to FinSpy Master, a collection program. The system can steal keystrokes, Skype conversations, and even watch you via your webcam.
While there is no definitive proof that any one organization is using the software, a list of FinFisher customers leaked as well shows us that Pakistan, Estonia, and Italy (among others) have bought the service.
Wikileaks’ Julian Assange hopes the malware will allow researchers to pinpoint and destroy the command and control structure in the wild and help prevent the software from infecting new users.
This morning, Dropbox released new information detailing government requests for its user data, and information about certain user accounts. The company also called for the passage of the Senate’s version of the USA FREEDOM Act.
In the first half of 2014, Dropbox received “268 requests for user information from law enforcement agencies and 0-249 national security requests.” In a separate post, the company described that level of request as growing in keeping its user base. The amount of inquiry is expanding geometrically, in other words, and not exponentially.
The data itself, in terms of its gist, is mostly in line with other technology companies that report this sort of thing, with one interesting addition. Dropbox was comfortable calling out the government for being overly demanding in its requests for secrecy:
Government agencies keep asking us not to notify users of requests for their data, even when they are not legally entitled to do so. If we receive a request that comes with a gag order, we’ll inform requesting agency of our policy and let users know about the request unless the agency provides a valid court order (or an equivalent).
That’s worth knowing.
But perhaps most importantly it Dropbox’s notes in both its posts today, asking for support of the USA FREEDOM Act that the Senate is considering. Unlike the bill the House passed — the two share a name — the Senate’s version is noted for not being a gutted, useless pile of bilge.
What the House passed was rammed through to a vote so quickly, after a long period of useless dithering, that about half of its cosponsors didn’t vote for it. That’s just standard operating procedure. Having Dropbox’s support behind what the Senate is considering is a vote in the right direction.
Go here to see the original: Dropbox Calls For Support Of The Senate’s NSA Reform Bill