Skype monitoring, Gmail hacks, and fake iTunes updates: How governments can track you

Skype monitoring, Gmail hacks, and fake iTunes updates: How governments can track you

Summary: Wikileaks' recent 'Spy Files' shows how the private intelligence sector can access your Gmail accounts, use ISPs to spy on you, and even inject in-progress downloads to track you.

SHARE:

The chances are you're not being watched at this very moment in time.

But popular software and services, from Skype to Gmail, Hotmail, and even iTunes are vulnerable to the covert spying technologies the private sector has invented.

Wikileaks last week revealed its latest treasure trove of leaked material, showing only the tip of the iceberg for what the intelligence sector offers. Private companies sell their civil right infringing software, privacy invasive hardware, and other technologies to state organisations for widespread monitoring, hacking and surveillance of its citizens.

Click for gallery (Source: Wikileaks)

In recently released videos, Gamma Group touts the ability of how its broad range of "infection functionality" can remotely access the full hard drive of another computer, inject downloads with spy software, and trick users into downloading fake updates to gain access to their lives.

When was the last time iTunes required an update? When did you last log into Gmail? Have you recently had a seemingly private conversation with someone on Skype?

If Gamma has this capability, then your government may do as well.

Gallery A range of software, specifically designed to access computers, cell phones and networks, can inject downloads in progress with spy software, or hack cell phones. From intercepting Skype phone calls to ISP-level surveillance monitoring. This is how one company does it.

Its technology can attack a machine, smartphone or network on a specific target, or it can be installed at a Internet service provider level to offer widespread access of the innards of one's private and personal life.

It can also be used to access industry secrets, healthcare providers, or even other government networks.

While Gamma is only one example of a multitude of private sector organisations that work on behalf of governments, Wikileaks' insight into how the company practices can be applied as a minimum benchmark for others, at least.

It has long been no secret that governments spy on its own citizens.

The BBC discovered evidence post-revolution that suggested links to the repressive Mubarak-Egyptian regime. The company denied the allegations, yet were unwilling to divulge which countries or governments exactly it supplies technology or training to.

From British intelligence service GCHQ's efforts to crack BlackBerry encryption in the wake of widespread rioting, to the U.S.' National Security Agency's Echelon satellite intercepting capabilities, governments have a vast array of technology at its disposal.

Yet more often than not with government, it cannot provide the services it needs to fulfil its 'duties' to its public.

One would question whether spying on its own citizens is a duty, but "protecting the public" is the foremost role of government -- no matter how they persuade its public otherwise.

Should a government authorise the private sector use of such wide, sweeping surveillance, the matter of accountability becomes unclear.

But what the private sector offers governments, democratic and otherwise alike, leaves even the most popular software vulnerable to unauthorised snooping and interception.

Related:

Topics: Government US, Government

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

42 comments
Log in or register to join the discussion
  • RE: Skype monitoring, Gmail hacks, and fake iTunes updates: How governments can track you

    You make an enormously good point. Governments spend billions on spying on their citizens and yet spend very little on actually improving their lives.

    What kind of a way is THAT to run a country!?
    Imrhien
    • RE: Skype monitoring, Gmail hacks, and fake iTunes updates: How governments can track you

      @Imrhien

      Good point. Personally, I think that most of the 'crime' in America is stuff that should be legalized: the drug trade, prostitution (over- and 'under'-age), etc.

      Making something illegal (unless it actually involves stealing from someone, physically harming someone, or forcing someone to do or not do something that they do not or do wish to do, sexual or not and regardless of age) is the worst thing you can do with anything.

      Why? It throws that thing in question into the hands of the worst of the worst and makes those things worse than they ever would be if they were legal.
      Lerianis10
      • That would be fine logic...

        @Lerianis10 ... in a society where people have absolute morals. But in the miasma of today's "do what you want so long as it doesn't hurt anybody", the definition of hurting someone varies wildly across the spectrum of humanity. In Saudi Arabia, its acceptable to lash a women and imprison her for being raped, and she bears the blame. You and I know that is totally ass-backwards, but they accept it as "truth". You say that getting stoned and having sex with anyone who consents is ok. They say it isn't (and, it isn't).

        So because humans have this innate ability to skew things to suit themselves (the Saudi example being extreme, but is merely mysogonistic behaviour hiding behind a twisted, vested-interest interpretation of the Koran), it is totally necessary to have "illegal" things defined - else society would self-destruct in short order. Sort of what we in the west are seeing now, just like what happened to the Romans, Greeks and every other major civilization that has traded freedom for license... When we get to the stage where everyone has the same regard for others as they do themselves, and that self-regard is a healthy one born out of a genuine relationship with God, THEN we won't need rules and regulations, as everyone will KNOW what is good or bad, right and wrong, beneficial or damaging etc etc. Until then, the rules and regs, regrettably, need to stay.
        IslandBoy_77
  • I bet all the attacks target Windows PCs

    I bet all the attacks that compromise a user's computer target Windows.
    kraterz
    • RE: Skype monitoring, Gmail hacks, and fake iTunes updates: How governments can track you

      @kraterz I bet your right because MAC or Linux don't run web browser mail clients, Skype or iTunes!

      [i]"Oh look here comes another bandwagon"[/i]
      Parassassin
      • RE: Skype monitoring, Gmail hacks, and fake iTunes updates: How governments can track you

        they do make skype for mac if you look and linux to and itunes of course is apple which is mac duh
        MidnightRain38
    • RE: Skype monitoring, Gmail hacks, and fake iTunes updates: How governments can track you

      @kraterz

      well done with that comment... it was real intelligent... it targets browser mail, itunes, or skype. browser mail is available across all OS's and browsers. the targets are Skype, iTunes, and Webmail clients... next time, stay in school
      mad-doggie
  • Some common sense goes far

    No serious person would fall for any of these. I wouldn't, for sure.

    To clarify:
    * My WiFi is protected with WPA2-PSK AES with a non-random passphrase nobody can guess.
    * Everything I do is over HTTPS.
    * I change my passwords regularly.
    * I don't use the same passwords for different sites.
    * I don't use password managers. Ever.
    * I never use public WiFi. If I would, at all, I would not transmit any passwords without proper precautions (such as using VPN).
    * I don't use 'automatic updating' for iTunes or anything like that (I don't use iTunes in any case).
    * I would never accept an OTA update for my phone without knowing the exact details, and most likely would get it from the manufacturers' site and update manually.

    Can't imagine why anyone would want to 'track' me anyway. But whoever wants to try will have a serious job doing so.

    That said, this is really a serious problem, it is quite worrisome and should not be allowed.
    Daniel Breslauer
    • RE: Skype monitoring, Gmail hacks, and fake iTunes updates: How governments can track you

      @Daniel Breslauer
      This isn't a secure site, the remote VPN is still vulnerable and your machine, just like everyone else's in the world is still succeptable to drive-by malware attacks. Your cautious on your end but that doesn't speak for your remote end point or other variables.
      Nate_K
    • RE: Skype monitoring, Gmail hacks, and fake iTunes updates: How governments can track you

      @Daniel Breslauer Someone could always sneak into your house with a USB key. How secure is your front door?
      zwhittaker
      • RE: Skype monitoring, Gmail hacks, and fake iTunes updates: How governments can track you

        @zwhittaker - they'd have to be REALLY motivated to do that. Software allows the snoop (public *or* private) to easily monitor thousands of people (or more) in a very, very short time, using one or two agents. Breaking into someone's house unnoticed requires several agents + hours *per person.* That's just common sense.
        twicker
      • RE: Skype monitoring, Gmail hacks, and fake iTunes updates: How governments can track you

        @zwhittaker My two dovermans' say "hi"
        dtdono0
      • RE: Skype monitoring, Gmail hacks, and fake iTunes updates: How governments can track you

        @zwhittaker

        With all due respect, Mr. Whittaker, I have cameras situated inside my home and around my home, with no or few 'blind spots'. You aren't getting into my home to mess with my computer without me knowing about it and if I looked at the surveillance footage and saw someone I didn't know entering my home when I wasn't home, especially if it was LEA?

        Hard drive wipe on my computer and re-image, which I keep a backup on a daily basis with 7 days worth of backups.
        Lerianis10
      • RE: Skype monitoring, Gmail hacks, and fake iTunes updates: How governments can track you

        @twicker

        You must have a really awesome security system. There is a show on the discovery channel. A "reformed" thief breaks into someone's home in a few minutes ransacks it, and takes everything of value in under 15 minutes. Then, they show the "victim" how they could harden their home against break-in.

        Yeah, there is tech that will capture millions of packets per second. I've done it only for R&D and diagnostic purposes, but if you think analyzing that data is cheap, easy, or fast, you're wrong.
        tkejlboom
      • RE: Skype monitoring, Gmail hacks, and fake iTunes updates: How governments can track you

        @zwhittaker That's why my hard drive is encrypted. :-) In addition, one could employ an Intrusion Detection System to compare checksums of files against a secure, generated list to determine if any changes have occurred to executable files.
        jgm@...
    • RE: Skype monitoring, Gmail hacks, and fake iTunes updates: How governments can track you

      @Daniel Breslauer SO? What makes you think that they haven't thought of that?
      Mahegan
    • RE: Skype monitoring, Gmail hacks, and fake iTunes updates: How governments can track you

      @Daniel Breslauer Okey... But we're here to work & live and not to spend time undercover. Or are we to wear camouflage nets not to be recognized, helmets and bulletproof vests not to be injured, regularly change our way when getting home not to be tracked or wear black glasses so our eyes wouldn't betray us?
      No. We don't do it and so we don't treat our computers. Hacking my data is a criminal act of the same seriousness as hacking my phone or spying myself. This is what the government must deal with. It seems to me that techies and security guys love this competitive environment and make "the rest of us" feel stupid and guilty.
      I do use the same password for tens of website logins, I never change them and yes a I use password manager to keep them in one place for I can't imagine myself remembering 165 different usernames and passwords only to work with my photos, emails, songs, tweets, tunes, news, rss, updates, magazines... It's just too much to keep.

      Don't blame me to carry my keys on one ring. It's just normal. Or do you have your keys spread across all your pockets just for a case? Your girl would find you funny, wouldn't she...
      Ondrax
      • RE: Skype monitoring, Gmail hacks, and fake iTunes updates: How governments can track you

        @Ondrax Exactly - You want to know what song I'm listening to? spend your time and resources. Want to know where I am? At work, room 402. That's public knowledge. However, there are things that should remain private, and for those things, I take appropriate actions.
        sporkfighter
  • RE: Skype monitoring, Gmail hacks, and fake iTunes updates: How governments can track you

    It is easy not to be tracked. Don't use a smartphone and don't use gmail. Don't use Skype. If you use other peoples systems to communicate, then by definition it really isn't private.
    hayneiii@...
    • RE: Skype monitoring, Gmail hacks, and fake iTunes updates: How governments can track you

      @hayneiii@... Don't use any phone at all actually. Smartphones, especially Android, are relatively transparent. It's actually much easier to embed tech in a "dumb" phone which has all the same tracking options and none of the user access. CarrierIQ is a perfect example. You think they aren't putting that in phones where random college students can't find it? Phone calls on "conventional" switches can be rerouted, but not to the extent TOR offers. Tech has offered more privacy. Luddism is not protection.
      tkejlboom