More on Hacking Team

Read this:

Hacking Team asked its customers to shut down operations, but according to one of the leaked files, as part of Hacking Team's "crisis procedure," it could have killed their operations remotely. The company, in fact, has "a backdoor" into every customer's software, giving it ability to suspend it or shut it down­ -- something that even customers aren't told about.

To make matters worse, every copy of Hacking Team's Galileo software is watermarked, according to the source, which means Hacking Team, and now everyone with access to this data dump, can find out who operates it and who they're targeting with it.

It's one thing to have dissatisfied customers. It's another to have dissatisfied customers with death squads. I don't think the company is going to survive this.

Posted on July 7, 2015 at 5:30 PM • 63 Comments

Comments

bf skinnerJuly 7, 2015 5:46 PM

"dissatisfied customers with death squads"

New rule for business model. . .total anonymity

I THINK I learned this in Gone in 30 seconds.

Allan EwingJuly 7, 2015 6:00 PM

All nice & good but what happens with the software they already sold? I think they will wait for a few months and reappear under a different name. People forget fast. Remember the German blueboxer? Hint: Mr W H...

J.R.July 7, 2015 6:04 PM

"dissatisfied customers with death squads"

"Live by the sword ..." Fitting.

The most troubling revelation I've seen is that they have and market a tool that allows fake incriminating evidence to be planted on computers. Not surprising, but troubling indeed. Wonder if any of our alphabet agencies have that?

TimHJuly 7, 2015 6:08 PM

Per http://truthvoice.com/2015/07/hacking-team-scrambling-to-limit-damage-brought-on-by-explosive-data-leak/

According to Motherboard's Lorenzo Franceschi Bicchierai, the company has sent out emails to all its customers, requesting them to shut down all deployments of its Remote Control System software ("Galileo") - even though it seems they could do that themselves, as the customer software apparently has secret backdoors. Perhaps they chose the first route because they hoped to keep that fact hidden from the customers?

Yet, according to ]Hacking Team[ Six Confidential Whitepapers on cryptome.org, HT explicitly state on page 31

NOTE HackingTeam have no way of connecting to or receiving any information from the Customer's RCS installation.

So, if HT lie to their rather high powered customers about a major detail like that, what else?

BenniJuly 7, 2015 6:21 PM

Thats typical for organisations like BND, GCHQ, NSA....

These agencies are great in creating encryption hardware (look at crypto AG) or surveillance software which then either are full of backdors, or suddenly a terrible bug happens and a service team from the company then need full access to the servers of the regime which installed this nonsense (look at Gamma)....

Dr. I. Needtob AtheJuly 7, 2015 6:26 PM

"I don't think the company is going to survive this."

That goes without saying. The question is whether the people who run the company will survive this.

Daniel KobJuly 7, 2015 6:48 PM

Why is anyone surprised of backdoors in purchased products? When you buy weapons and training from manufacturers under another country's jurisdiction, your armed forces are operating under its umbrella. This has been established since the cold war.

BTW, great coverage by Bruce. Can someone post a URL to full list of customers? that file is too big for my computer.

k10July 7, 2015 6:48 PM

At this point, when a news story pops up about "something" being found on someone's computer, is there a way to tell, or assess likelihoods of, how it came to be there?
What are the implications of the answer?

Dirk PraetJuly 7, 2015 7:12 PM

@ Daniel

So Bruce has rounded up some allies, I see.

More like the band getting back together ...

GusJuly 7, 2015 7:28 PM

Per details of their services to Spanish agencies, seems like they charged for zero-days. They are key to any powerful malware system and happen to require continuous work. So they were effectively selling engineering services as well as software.

Probably the software has some sort of off-switch when service/updates have not been received in a while. That won't require remote access.

aga beyJuly 7, 2015 7:29 PM

“How can you give all the keys to your infrastructure to a 20-something who just joined the company?” he added, referring to Pozzi, whose LinkedIn shows he’s been at Hacking Team for just over a year.

The reverse ageism is gratuitous. Quite possibly the hack was done by 20-somethings. But the other points are well taken. This was breathlessly dumb. Worthy of a eponymous play on words:
"Hacking Team and their Pozzi scheme went kaput in 2015."

This was also interesting:

But the new files reveal previously unknown customers, such as the FBI, Spain, Chile, Australia, Russia, as well as new details of known customers such as Sudan, a country where Hacking Team was likely legally barred from selling, due to international sanctions and embargoes.

So not only where they stupid but they had no moral principles either.

Coyne TibbetsJuly 7, 2015 8:39 PM

My guess: Hacking Team has a strong government "relationship."

Suggestive features include: Back door surveillance and controls in its product. Dealt with multitudes of prohibited customers without our (endlessly snoopy) government "noticing." Kept enormously detailed records, despite a strong inherent motive to do exactly the opposite. Counter-criticism of government critics, just like any government apologist. Complete shutdown of the facility on exposure. Lied a lot.

Contraindications: Hacked totally and completely. (Oh, like OPM?) No exploits for iPhone. (Apple monopoly.) Sleazy company...so?

In sum, I'll bet our government learned more via Hacking Team software than its customers ever did. Especially since the software was probably...subtly unhelpful...with respect to things the customers wanted to know about our government's activities.

GweihirJuly 7, 2015 8:52 PM

Well, work with people that essentially have a criminal mind-set and get screwed over. If any of the customers are surprised, that can only be attributed to boundless naivety and general incompetence with regards to IT security.

This thing also nicely illustrates another point why breaking people's security is a bad idea: You cannot trust "IT Security" people that are willing to participate in such an unethical act.

MattJuly 7, 2015 10:25 PM

"It's one thing to have dissatisfied customers. It's another to have dissatisfied customers with death squads. I don't think the company is going to survive this."

Seeing as many of their customers were third world dictators, I'd say this is an understatement lol. Good riddance indeed.

LegendaryJuly 7, 2015 11:17 PM

>dissatisfied customers with death squads

In other words: 'Never go in against a Sicilian when death is on the line.'

JustinJuly 7, 2015 11:54 PM

@Bruce Schneier

It's one thing to have dissatisfied customers. It's another to have dissatisfied customers with death squads. I don't think the company is going to survive this.

"The company," is it? You are drawing some dark and dangerous parallels here...

fajensenJuly 8, 2015 1:47 AM

@Spaceman Spiff
"We" are somewhat unhappy because it is only the British* that come up with truly creative "Death by Misadventure/Suicide/Open verdict"-installations**, the other operators amongst their clients are just business, 'tis not the same. Won't make the Daily Fail, even.

*) And as "Coyne Tibbets" said, they were probably selling access to GCHQ on the side.

**) "Outbreak!: The Encyclopedia of Extraordinary Social Behavior" -> Defense Industry Suicide Clusters. Won't paste instrumented link so '"Google" death by misadventure GCHQ'. They are still "at it", it seems.

YeahJuly 8, 2015 3:38 AM

Here's an initial review of the documents from an Italian blogger:

And a follow up:


YeahJuly 8, 2015 3:42 AM

"
Apple would have given Hacking Team in a digital certificate as iOS enterprise developer to sign the app and then make them look safe and approved: Subject: UID = DE9J4B8GTF, CN = iPhone Distribution: HT srl, OU = DE9J4B8GTF, O = HT Ltd., C = US. From what I understand (thanks to Manuel W and Maurizio C), this in theory would allow Hacking Team sent to the victim via email or post on a website (not the App Store) app hostile iPhone / iPad that the device and the victim because they felt safe with the signed certificate, bypassing the controls that make it difficult to install malware on iOS devices. It will be interesting to see the reaction of Apple.
"

WaelJuly 8, 2015 5:34 AM

@Yeah,

Apple would have given Hacking Team in a digital certificate as iOS enterprise developer to sign the app and then make them look safe and approved

I find that explanation unlikely. I would think such a mechanism would require an MDM to take control of the device through user opt-in, such as what happens in a BYOD at work for reading corporate mail. That said, there were other probable mechanisms for delivery such as bypassing iOS certificate pinning and the famous SSL double goto statement. Was that cert detail a theory, or was it corroborated ?

Judging by the double incomplete post you have, you're using an iPad :)

marcoJuly 8, 2015 6:13 AM

Interesting that these systems all had back doors built in. Naturally, with the company compromised, those back doors are available for anyone's use. But even before the hack, the knowledge of those back doors could have been supplied to any third party by HackerTeam themselves. Rather daring of them to add that feature considering their customer base.

duloapedJuly 8, 2015 6:36 AM

A word of advice for the HT team: start checking for uranium in your tea.

treblaJuly 8, 2015 6:55 AM

This whole Hacking Team thing is crazy, it just keeps on growing. I suspected that government cyberwar/surveillance contractors could misbehave, but not this badly. It is time for a next level of debating how to handle cyberwar and surveillance matters in the future. This can't go on.

martinJuly 8, 2015 7:23 AM

These leaks throw light on a worrying aspect. In front of the cameras our governments pull their hair out about cyber crime and the insecurity of the net, whilst behind the scenes they funnel tax money into dodgy foreign companies that make fortunes out of breaking the protocols that keep the internet safe and sell their secrets to rogue states so they can execute dissidents and imprison free speech advocates. The more insecure it gets out there, the more money there is for a few unscrupulous bastards to be made. It turns out our governments are amongst those few unscrupulous bastards. Meanwhile, we suckers are caught in the middle.

AndyJuly 8, 2015 9:04 AM

This is a great turn of events. Your second to last line is classic. They knew who they were doing business with. If I worked for hacking team I'd be looking over my shoulder and never walking the same path twice. If you're going to do business with despots and killers, you better expect them to do what they do if things go sour. These are not people who use the courts for a remedy.

cmurfJuly 8, 2015 9:39 AM

On the surface it makes the Hacking Team customers look like idiots, perhaps especially the FBI while Comey is on cap hill this week talking about how the government should be trusted with golden master encryption keys for everything. Yet here, they have effectively an operational breach. It'll be interesting to find out if they anticipated all of this, and if they were paying the Hacking Team in order to hack them and get access to their customers, rather than use the Hacking Team for nefarious purposes they don't want anyone to know about.

But as for death squads: I think the actual target will be the hackers who hacked the Hacking Team. They now have a LOT of enemies.

MarcusJuly 8, 2015 10:49 AM

The Russians, FBI, NSA, etc. probably purchased stuff from HT for the purposes of reverse engineering. These big organizations all have in-house capabilities that are better than HT. Do you think the NSA would actually be using HT's software?

The Sudanese and other third world countries... Could they manage to send a death squad to Italy?

albertJuly 8, 2015 11:22 AM

@cmurf,
Yes, the timing is interesting. It wouldn't surprise me if the FBI (some some other agency) is connected with the Hacking Team in some manner. If so, then kudos to them, because it was brilliant!

Imagine loading rather unreachable servers in hostile nations with spyware, getting open access, and making them pay for it! One wonders why anyone with at least two brain cells connected together would do business with ANY of these outfits, especially those on foreign soil. It's mind boggling.

Nah, the truth is usually simpler than that.

I'm trying to decide between "Karma's a bitch", "No honor among thieves", or "Lie down with dogs, get up with fleas"* ....Throw in "Caveat Emptor" as well.

@duloaped,
I get your point, but...
It's Polonium 210, not Uranium. (read about it in wikipedia; it's scary stuff)
.
...
* Apologies to dogs and dog lovers. Dogs are most noble animals, but that has not always been recognized in history, hence the saying.

Rufo GuerreschiJuly 8, 2015 12:29 PM

Why Hacking Team backdoor is old news from the late 80's!

The just revealed Hacking Team RCS systems backdoor (for them and presumably for their state friends) was the very reason of existence of the first such systems from the early 80-90's (!!), created by former NSA staff, and then taken over by former (?) Mossad senior agents, and sold to tens of governments worldwide.

Pushed around “presumably” with the key goal of giving Israeli intelligence full info on what other intelligence were up to. US made an illegal copy for itself and pushed that one around to other governments ...

Here is the Wikipedia file a long detailed story of it, and Here excerpts from a relatively authoritative book on the history of Mossad “Gideon’s Spies” which I finished reading last Christmas:
https://en.wikipedia.org/wiki/Inslaw
http://cryptome.info/promis-mossad.htm

CallMeLateForSupperJuly 8, 2015 12:54 PM

I found this meaty and very interesting:

"A Detailed Look at Hacking Team's Emails aBout Its Repressive Clients"
(remove the initial "h")
hhttps://firstlook.org/theintercept/2015/07/07/leaked-documents-confirm-hacking-team-sells-spyware-repressive-countries/


(From the article [emphasis mine[: "The Moroccan government has protested the spying allegations loudly, even filing a lawsuit this spring against activists who prepared a REPORT recounting first-hand experiences of the journalists and activists who had been targeted." The word "report" is an embedded link to Privacy International (dot) org. Clicking it loaded what seemed to be a hacked page; certainly there was no report.)

NathanJuly 8, 2015 1:00 PM

I'm not sure that dictators would take the risk of killing employees of an Italian company, and thereby ticking off Italy, and by extension the EU (a major trading partner in many cases) if they got caught.

Yes, Russia does it, but most of these nations don't have Russia's resources.

NikolasJuly 8, 2015 3:36 PM

..."the embedding of references to child porn in code related to the Galileo."

if thats the case, its probably for potential blackmail purposes

allJuly 8, 2015 3:46 PM

yea so if the government wants to make life difficult for some internet user...

...one way for them is to

1. send a few hundred images of p0rn involving children to the users machine, through the admin share or some M$-provided backdoor. Do such exist? Me not know.

2. report the user to local authorities. How do those authorities find out about child porn users anyway? scanning the networks? intimate knowledge of such sites?

probably an old story that has already been touched in a bunch of fiction?

mossads_little_projectJuly 8, 2015 4:07 PM


Why Did the Firm That Sold Spyware to the UAE Win a Special Export License From State Department
https://firstlook.org/theintercept/2015/07/07/baltimore-firm-supplying-united-arab-emirates-surveillance-software-won-special-export-license-state-department/

Cyberpoint International, a computer security startup based in Baltimore, has been celebrated by Maryland politicians as a positive force in the community, invited to join U.S. trade missions in Poland and Romania, and even won a special export license from the State Department to advise the United Arab Emirates. As the Washington Post reported, the license was granted to develop defensive cybersecurity capabilities.
So why is Cyberpoint listed as a “partner” to Hacking Team, the Italian company under fire for selling spyware used by repressive regimes across the world?

bkd69July 8, 2015 4:22 PM

So Hacking Team's dirty laundry gets dumped to the internet, and United Air Lines and NYSE halt operations due to "technical issues".

Nick PJuly 8, 2015 8:13 PM

@ Ew

Thanks for the story as it was an interesting read. It doesn't back up any conspiracy claims about planting evidence. If anything, the official story sounds mostly right. Plus, anyone watching non-fiction police shows will know that many investigations benefit from coincidences between parallel investigations. Usually happens at a slower pace but the charges explain why this didn't.

I agree with the source quoted at the end: it was about sending a message. The Administration's position on leakers has been harsh and was getting more aggressive. Setting an example out of one using the media's own records would be effective. And it was. So, that they were doing that is the best explanation with his troubled past and other charges just making it easier ("icing on the cake").

Anyone wanting examples of people being setup should look at people with cleaner backgrounds or circumstances where Occam's Razor works against Feds. The CIA does questionable retribution the most that I can tell. A great example is the guy that got a bunch of stuff cleared for FOIA release actually released... and then they tried to destroy him with muckracking. Another I found interesting was the CIA guy carrying documents somewhere who was shot dead by police after a chase. Police were told by a secret source that he was a con artist, not CIA, and to find a reason to arrest him. Briefcase contents remain unknown, of course. Don't have my old link so I'm not sure what follow-up information was posted. These are two recent ones I recall off the top of my head.

Need more like that instead of "everything looks plausible except we have wilder ideas without evidence to back them up and you can buy my next movie." Alex Jones 101: the class to avoid.

911July 8, 2015 9:31 PM

@Ew

looking at this part of the story >


...Sachtleben had a hand in some of the most important bombing investigations in recent American memory, from the Unabomber to Oklahoma City to the World Trade Center attacks of 1993 and 2001.

it wouldn't surprise me if there is a desire to discredit the dude.

He could have some information about the bombs US government had planted in those buildings.

EwJuly 9, 2015 9:12 AM

@Nick P., 911, to moi the lesson here may be that some people get hired for the skeletons in their closet. Take ambiguously-adjudicated pedophile Scott Ritter, who got the high-stakes job of pretending to find Saddam's WMD. When you blackmail a pedophile he stays blackmailed. Also when you blackmail an accused pedophile. And when you put an elite FBI official in charge of barking up the wrong tree at OKC, a funny uncle might be just the guy. You tell him to lose track of Andreas Strasmeir and you sign the email Lolita or something.

In any case the FBI's assertion that the kiddy porn came first has zero credibility. FBI are those guys that refuse to tape interviews, remember? FBI are the guys testilying about fabricated CIA terror evidence [c.f. Lockerbie and AMERITHRAX]. Any rational person would take the word of a convicted pedophile over an FBI flack. Ask Matt DeHart.

Nick PJuly 9, 2015 10:37 AM

@ Ew

" to moi the lesson here may be that some people get hired for the skeletons in their closet"

This might be true. Yet, you're illustrating the problem once again: replacing investigation with speculation. Show that this guy was involved in criminal activity in these prior investigations with evidence. Show that this benefited the FBI. Show the FBI engaging in similar activities. Then, you can begin to argue they might have canned him as a loose end to tie up. You might also cite other cases where they did this.

And this is how you make a convincing, evidence-based argument. The speculation method, on the other hand, inspires high confidence in arbitrary claims without any chance of them being true. Best to avoid that one.

EwJuly 9, 2015 6:57 PM

Hmmm, What is wrong with this picture? Nickstradamus tabulates the stars and some entrails and comes up with "If anything, the official story sounds mostly right." Then, surfing the self-evidentness of this magisterial lemma, he proceeds to give homework assignments on how to document everything.

No. FBI's documented criminality and kompromat is bobbing around in the public domain like a big greasy turd in the punchbowl. Do your own googling. It's even easier than EAL 4! You put those names in that box under the colorful letters and everything you demand is there. If you want it.

This 'prove it, prove it, prove it' when it's proven is classic propaganda. Big Tobacco does it. Big Oil does it. Big government does it. FBI does not have the benefit of the doubt, or credibility, or repute. They lost that decades ago. What they have is impunity for evidence fabrication and extrajudicial killing. You can tell FBI is lying cause their lips are moving. Even cowed, cringing federal judges know it. Mark Wolf. George O’Toole. (Here's a couple links to get you started!)

http://whowhatwhy.org/2015/05/20/tsarnaev-case-judge-fbi-interview-reports-are-unreliable-and-cast-in-stone/
http://whowhatwhy.org/2015/07/08/fbis-amazing-trick-to-avoid-accountability/

The question is not, Are FBI agents...(gasp) ...criminals? The question is, How do we stop these out-of-control FBI criminal scumbags?

J on the river Lethe July 9, 2015 9:51 PM

@nick I agree speculation accepted as facts are a problem. I would grant some bad apples or even pastures in law enforcement but systemic accusations need to be backed with real investigation like the church committee. Did that reveal everything? Probably not, but system changed anyway.

My thoughts.
1. Act like psychopath/sociopaths or work with them, don't be surprised if a bunny gets boiled.
2. Buying a security product from them? Security? For you or them? A supplier that can raise prices based on protecting your information. Or planting some. Or selling the same exploits/software to your enemies.
Who wants to bet they put a backdoor in their own network? On purpose? See 1. Such are not known to trust others. They didn't trust customers with no dangerous info supposedly on them. Coworkers? Right.
3. To them, we? "No, you is you and you is screwed" comes to mind. But skills always have market value. They may do ok after all.
4. Once again security is straightforward, complicated, and if someone really wants you? See #3
5. Sometimes I think security professionals just love the sound of shrapnel hitting their welding masks.
6. Makes me glad to be retired.
7. Umm? So some think the government can hide ET? Really? popular on tv though. Lol
8. Typed on iPad, feel ok in that. a tiny little bit. Not actually true. ;)
9. Once again the good guys and bad guys get free education for security.

gordoJuly 10, 2015 12:45 PM

Hacking Team data leak portends grim future of global cyberwar
John McAfee | IBTimes | July 8, 2015

The known fact that the company created a backdoor to its own products, and the backdoor's details have now been published, renders all of those products useless and obsolete.

[...]

You can bet that prior to the release of the hacked information, every agency using these products had already been hacked. This bodes ill for law enforcement and covert agencies.

[...]

The Dark Web has been rife with rumours for more than a year that one of the bigger players in the mass surveillance market has suffered an as-yet-undisclosed hack of far greater magnitude, and I have personally seen documents purported to have been lifted from another major company in this market which, if true, make Hacking Team's problems seem absolutely trivial.

http://www.ibtimes.co.uk/john-mcafee-hacking-team-data-leak-portends-grim-future-global-cyberwar-1509767

Mr. McAfee also talks about the global surveillance industry, the psyche of spying, and thinks that Hacking Team is done.

CarlJuly 10, 2015 5:04 PM

gordo, "You can bet that prior to the release of the hacked information, every agency using these products had already been hacked. This bodes ill for law enforcement and covert agencies."

Interesting read, but this logic is flawed. No successful authoritarian, totalitarian is the more precise word for these surveillance oriented regimes, will trust these types of software. Thus, it's correct to assume they will operate them via an org detached from the core regime to keep exposure to a minimum. The only ones that are hurt are probably non-state actors such as organized crime, profit organizations, cartels, and such. Even those who are big enough and know better will operate them within some type of deniability.

Vesselin BontchevJuly 11, 2015 2:02 AM

@Yeah,

Yep. The enterprise certificate means that their iPhone spyware can be installed from places other than Apple's store and it doesn't require the iPhone to be jailbroken. My guess is that the installation was done while having physical access to the device, because you still get a bunch of security prompts - whether to trust the certificate and whether it should be allowed to access contacts, location and calendar. There were programs to install it (via USB) when the iPhone is connected to an OS X or Windows machine. Once installed, though, the spyware would work just fine on a non-jailbroken iPhone. It is installed as a Newsstand newspaper with a blank icon and a blank name (although this is somewhat visible in settings). It also installs a custom keyboard that can capture keystrokes (not from password fields, though).

BTW, Apple has revoked the certificate.

https://blog.lookout.com/blog/2015/07/10/hacking-team/

JoeJuly 11, 2015 5:25 AM

It doesn't matter wether the persons using the software from HT
understand what it means when the trojan they are using is
backdoored; the people who approve contracts or rather who
decide on the budget for contracts need too. These are the
people in power, not the technicians working with their trojan daily.

Likely, most of them will have less than a very basic view
of how this technology works; if told that HT can shutdown
their operations, they'll say "But we have a contract
with them, if they shutdown their software, we'll call them to
fix it - and if they don't we won't pay of course".

These people are also likely not interested in publicity,
especially scrutiny on their purchasing decisions. So,
if any one of them is really concerned, they'll just terminate
the contract with HT and look for a new supplier.

In some of these organisations, other people likely will
have been lobbying for own resources instead of relying
on a contractor - now is their big day. They now have a
chance to pitch the idea to their "upper management" -
these guys have no time and interest in publicity either.

Most of the customers of HT will be worried how to keep
their operations running. Some might even take the risk and
do it a little while longer, collecting anything they
need while they still can.

And none of them would be so crazy as to actually "act" against hacking team -
that would be risky and would solve no actual problem. They know that
HT will not release anything beyond what has already been published.

So most will go into damage control mode; some will -as they don't want
to face criticism from within their own organisation- work with
HT to decrease damage wherever possible.

So, most likely HT will only loose some customers - and they might
be closing down operations and then just create a new company
headquartered elsewhere. Keeping the same offices, the same
people. Have journalists been camping in front of their doors?
No, and this is why they don't need to move an inch.

For the outcome, I'm betting Bruce one beer crate that no one working
for HT will be harmed by one of their customers and another beer crate
that they'll resume operations under their old or a new name
within 12 months.

mfpJuly 11, 2015 6:41 AM

"It's one thing to have dissatisfied customers. It's another to have dissatisfied customers with death squads. I don't think the company is going to survive this."

The company never existed. The people that you find involved are innocents previously enrolled to put their face on it. And the software that we are looking at ("RCS"; I spend 10 minutes on github: a ruby lib and a bunch of OS cores... same arch of Nagios... but looks like a toy) is old and crappy.
I've been reading also some of the mailing because one of the people involved is an MP that I know (and I'm commenting on his blog: http://blog.quintarelli.it/2015/07/hacking-team-hacked.html ); and it's pretty... timing is wrong.
It's a blackop.

After I got nailed down by fake allegations and abnormal investigative procedures, abducted to Dominican Republic (fake job: got a big Christ over the head of my bed), escaped to Australia (fake school: got a huge MS-sponsored piece of toilet paper), escaped to Thailand (party, oh yeah, finally) ... some of the italian security env (that I met in previous nerd camps) tried to enrol me about 3 years ago to 'present their security tools' saying 'no worry, I write you the speeches'. I gently refused because I don't present stuff I don't know. And other details that smell bad.
But when they realised that I'm deeply against the use of personal data for any purpose (with very few, constitutional, exceptions; and if, and only if, other details are met) I got three probes on my devices... from italians... the first one by USB, the second one by SD, the third one by USB again... they popped up every time I changed my devices, since I moved out from a network managed in the traditional way (ie: Neurolinguisting Programming): turn off your internet connection if you stay in the room too much, make dramas in front of your eyes, etc.
Since then I got recorded in every telephone call, couldn't buy a computer on the internet, my telephone calls from TH to IT were diverted and recorded (skype reinit of the driver at every sensible videoconference), and whatever profile manipulated in front of my eyes. I even got money stolen from my bank account (me in TH, transfer from ARG), ads in israeli language (and one popped up a few times here, we got drunk together... he bought me a bracelet 'I love ladyboy', I gave him one 'I'm gay'... I've never told him that, when I was in AU, someone pushed a video of him advocating to go to China, because China is good and lovely), etc.
All this without being able to count on my GOV, my bank, or whoever with a big gun, because of their shit; I got a person in my embassy, where I went to be able to have a certified communication channel with the prosecutor office in charge of my case, bothering me with things that span between 'you sell drugs' and 'your girlfriend is a bitch' and finally... 'you are a spy'.
EU already gave up on italian cases because of our (fake) judicial procedures; too much shit coming from Italy (and I can explain why).
I tried to contact other european embassys with no luck; what they do is sending strangers to interview without qualifying themselves.
I even went to have a look at the local UN HQ and there was a bunch of scammers in front of it... their sentinel made the mistake to be too much interested to my telephone calls... and in any case it's not acceptable to bother them for this reason; in this area there are too many major problems of life and death, to spend resources on things like mine.
Then, ID theft; people from Italy asked me about supposed-to-be-mine accounts on LINE, Viber, WhatIsTheFuckApp ... and it wasn't me.

And they keep going even now. But local italians don't have my GOV support any more; they started with classics (microphones and cameras).
Basically they don't want to follow the rules for my trial, to not debunk the mess they've done, and the money they must refund, for all the false positives they manipulated.
Because have already been paid to Zuckemberg.

I'm scared to death, without money, can't have a clean terminal, can't work because of lack of civil right, background clearances, and a clean terminal; and even having the money to buy myself a flight, can't backup anywhere.
I even finish the IDs that I can't spread around me to hide (ex: original copy of Windows7; sim cards registered to me, on other's mobile, etc).

Is there anyone out there that can fix this crap without killing me?

Dr.NoJuly 12, 2015 10:43 PM

"Is there anyone out there that can fix this crap without killing me?"

Its either called rehab or its "go see a doctor".

I met these *** at various occasions and noted their arrogant stupidity immediately. Never would have thought they manage to survive for so long.
This outfit deserved to be pwned.first finfisher, now these. Next is vupen?
btw. vincenzetti, nelson and bekrar: you reap what you sow...
and to pellicione: turn reaqta into freeware NOW!

mfpJuly 13, 2015 7:35 AM

This email pasted at the end of this message is interesting. He evaluates the differences between the US and the EU status quo; legal framework and the fact that all the major tech providers are based in US, ie: NSA can force those companies to include backdoors and be notified of 0-days before everyone else in the world; EU::IT cannot: european offices of american companies are... merely branches of the marketing and legal departments.
This allows NSA to have backdoors at no cost, while other national security agencies must collect them by other means (find, buy, wait for NSA to release to the allies, etc).

Quote: "On comparison with NSA, our road is uphill, but nothing can stop us".

Then he foresee big business chances for companies world wide, because after Snowden nobody will trust american companies any more (Apple, Google, Microsoft).

Quote: "The end result will be a 'usual suspect' against whatever is designed and produced in US".

Again: some of the names on those emails *might* be the wrong ones.
Consider them as a whole, Anonymous, and don't shoot the messenger.
I have my own good reasons to believe that some of the names in those emails are a result of a nasty dragnet. Innocents dragged in, to cover other ops.
In any case, in all those emails I don't see any illegal activity (by itself). A lot of 'unappropriate jokes' (racial, sexist, etc) but ... no more unappropriate than reading their mail.

I'm also pretty disturbed by three facts:
1) After I started to comment this story, I can't directly access wikileaks.org any more... I did it by (NL) proxy.
2) there's no directory listing of those emails (DMOZ), search engine only (Google).
3) I couldn't find this email searching it directly, it was at the bottom of another one containing the world (a surname) I searched for. Someone is using our searches to refine his job: is there any abuse@wikileaks.org ? If that address exists ... who's taking those signals? (I JOKE, DON'T WANT TO KNOW IT)

And that's why about 1 year ago I got so much noise on my (bugged) terminal about 'fucking american companies'.
And that's why about 2 years ago I got so much noise on my (bugged) terminal about 'fucking american agencies'.
And that's why about 3 years ago I got so much noise on my (bugged) terminal about 'fucking american gov'.
And that's why since 4 years ago italians around me tried to settle me down off side track.
And that's why since 5 years ago I got sued, cited, manipulated, etc; but my trial never stepped forward. Someone at that time (2009) wrote in a mail (with fake sender): "you are dangerous for us".

They probably didn't take into consideration the survival of people like me, italian, that "exist without skin color, without nationality, without religious bias". They just "call us criminals". And that's why the psycochick in the italian embassy, 8 months ago, called me: "spy".
And that's why I targeted AISI (italian FBI), and AISE (italian CIA), since the beginning: spies calling me spy after spying me? "You build atomic bombs, you wage wars, you murder, cheat, and lie to us, and try to make us believe it's for our own good [TO OVERRIDE THE JUDICIAL AUTHORITY TO USE US AS PISS POT], yet we're the criminals."
Nowadays, in all this crap, I'm asking myself: why the fuck NATO still exists? why the hell UN security council haven't been randomized a bit to avoid this kind of trust problems?

mfp, over.

---

From: David Vincenzetti [mailto:vince@hackingteam.it]
Sent: Friday, June 14, 2013 08:37 AM
To: Alberto Ornaghi
Cc: ornella-dev
Subject: Re: Microsoft e gli exploit....

Molto probabile, caro Alberto.
Pero' se ci pensi la NSA ha vita facile: obbliga i vendor a fornire informazioni, creare backdoor o backdoor che hanno le sembianze di una semplice vulnerabilità - mentre noi facciamo tutto in salita ma con il vantaggio che non ci fermiamo di fronte a nulla.
Il risultato finale e' che ci saranno sempre più sospetti su quello che viene disegnato e prodotto negli US a discapito delle aziende tecnologiche americane. Tanto per cominciare, dubito fortemente che i governativi di altri paesi useranno ancora Microsoft o Google o Apple per le loro comunicazioni. E dopo i governativi seguiranno anche le principali aziende private.
C'e' quindi un'enorme opportunità per terze parti indipendenti, e.g., un nuovo player svizzero.
David
--
David Vincenzetti
CEO

Hacking Team
Milan Singapore Washington DC
www.hackingteam.com

email: d.vincenzetti@hackingteam.com
mobile: +39 3494403823
phone: +39 0229060603

Fascist NationJuly 13, 2015 10:26 AM

It is a good thing those clients with death squads have complete dossiers on who works for the company as it should hold down collateral damage. Unless there is a drone strike.

mfpJuly 13, 2015 12:43 PM

@ Dr. No

'Its either called rehab or its "go see a doctor".'

Oh yeah! The Vitamin D people! Stalkers!

I've already seen a 'fisiatra' (doctors specialised in rehab). In 2010; when I turned on my gLatte+ rehab procedure; as a result of cops search and siege, and take down of my mail server. I locked everything in court, and quit; because an Irish said to me that rehab is for quitters.

After being sued - fake allegations, never got my trial - a 'friend' called me and gave to me the number of a guy that needed computer assistance. After a few mails, and a couple telephone calls, we went together to the Apple Store (Roma Est Shopping Mall) to buy him a brand new Macbook Pro, and within a few weeks we met two times more, to follow up: the first time in my home, the second time in his 'office'. When I arrived there it turned out that his 'office' was a branch of S. Giovanni hospital, that in turn is in the same building of the second church of Rome; and he was a 'fisiatra'. A rehab doctor. So I set him up with GPG, as he requested, and walk away, scared, crying.
And that was just the second chapter of the beginning.

Prequel: the 'friend' that called me offering that 'job' is a good guy but ... 'an underachiever', as an arrogant american wrote a few decades ago about computer capabilities of the kids that got caught every single fucking day.
The 'social club' where me and my friend gathered was supposed to be building a grassroots wireless network in Rome called Ninux (.org) on the same track of Athens' Wireless, Barcellona's GuiFi, Berlin's Freifunk, Seattle Wireless, Melbourne Wireless ... David P. Reeds OpenSpectrum Manifesto ... picopeering ... ad-hoc networks... Locustsworld in UK (but I don't like AODV); just to name a few.
Indeed, there were other activities going on in that shit hole (the social club); apparently. Just to make you an example: outside of that social club I heard of a chance of a job in Dominican Republic about wireless networks; so, when a few months later a guy from skype offered me the chance to do it, I went there. But there was no job; it was fake; it was another fucking 'priest joke' (another italian idiom). Abduction. And I found myself sleeping under the roof of 5 polish priests instead! Nice people, good mission, fair food, but... that's not exactly what I'm trying to stay close to... it's more what I'm trying to stay far from. And in fact, I setup 3 out of 6 of the wireless nodes, setup the server, gave basic instruction to a local guy, and walk away: the italian in charge want for me to setup a proxy to filter out porno and whatever they want to filter out... no way. The network must be content agnostic; digital encoding does the trick already. Neutral is the trendy word, nowadays.
Don't count how many times I wrote 'church'; I didn't write them all to shorten the story; but that people is stalking me all the way to the caribbean, australia and asia.
In Rome is simply impossible to distinguish Italy from Vatican. Unless, you were born there, you studied latin, you got psycotested from the Vatican University when you were 8yo, choosen to be one of their future bright stars, and being stalked and robbed all your life.

Now, it is 2015. My 'friend' (the underachiever) is working for an historical Microsoft Partner based in Rome (Unidata) and... about my actual health. Well.

My father - that is my doctor, but not a 'fisiatra'; a paediatrician, funny coincidences eh!? - came here (10000km far from home), about two weeks ago, and checked up me: everything's good except for eyes (glasses since I was 6 years old), teeth (I can't afford to fix them), and lungs ("I smoke like a Turkish", another italian idiom).
Nothing that I don't assess myself every morning.

The good side of this visit is that ... he didn't know anything about the 'fisiatra' from S. Giovanni! That was not one of his nasty tricks.
They all just gave for granted that the sick one, between the two in the implicit test of evaluation between two and each individuals, it's me. The same you did, suggesting rehab.
Thank you for your com-passione, that in latin means 'to feel together'; but my case is locked in court already. There's no need of cum-passion, there's the need to exec the process in court, and get one of the 4-only possible outcomes, that allow me to successfully quit the rehab.

When I say 'Is there anyone out there that can fix this crap without killing me?', I'm saying that I'd be grateful to anyone that can enforce judicial procedures over my case; a safe harbour for trial; that is what I was searching around the globe. Because in Italy the National Security took over the Rule of Law; so there are no fair trials any more.
I tried hard by myself ... my version of the story is the only coherent with facts, but the only that doesn't satisfy a huge amount of other fantasies. National Fantasies.
BTW, cum-passione, is the feeling I get any time some "three-piece psychology and 1950's technobrain" goes behavioural, pointing out the need of rehab, for someone else. It's the same arrogance you pointed your finger to, about 'David Vincenzetti'.
I've never seen him; don't know who he is; but that kind of arrogance is pretty common both in corporate and security envs; when the two envs mix, you get idiots on steroids. Psychopaths. Are you sure to feel good?

Because probably you're right: I got sick in time because of all this Vitamin D acolytes in the world. I was fine before the 'fisiatra'. You might be experiencing something similar but you still don't know it! I didn't realise that for years! I realised when I got a guy calling me vampire, and a few days later a sharpened wooden stick in front of my door. I was scared, so I went to study the 'sistema endocrino' and figure out that all this story of the VitaminD is just... bullshit. I didn't make any bodhe/nyquist diagram but I'm pretty confident that my internal equilibrium is correct in this lifestyle.
But when my father came, a few weeks ago, he really want to go to have a walk on the beach; and he was pushy... so I start screaming about the VitaminD: 'You came here to bother me about the VitaminD, The Sun, and all the rest of the bullshit? Eh!? You too!? Eh!? What the fuck... you're a doctor, you know how it works, and you live under oath, you can't damage a person, shame on you dad, shame on you...'. So, yeah, after 5 years of world wide mobbing, I got sick. And someone has to pay for this. HT maybe?

In any case, no, I don't need a doctor. But thank you for your advice anyway. Appreciated.

mfpJuly 13, 2015 2:34 PM

@ Fascist Nation

I hope you're kidding. What You See Is Not What You Get.

To make it simple: there are two levels of monitoring. One we can play with, IP. The other one is at datalink level: token ring, ethernet, X.25, ATM, fiber and radio protocols. That layer carries the whole IP one. That layer can manipulate the whole IP one; even an encrypted tcp session can be ... something between cracked or just classified using a statistical filter. Even a padded and then encrypted tcp session can be ... tagged.
And with udp is even worse.

HT showed IP technology only; toys. Suppliers of datalink technologies are: Israeli, Swedish, Finnish, British, American, companies. Alvarion, Ericsson, Northel Networks, Nokia, etc.
I don't think that Pirelli, Athesia, Italcable, etc, have been making any kind of tech in the past 20 years; they are more likely Olivetti... buying american and chinese products, rebranded, for the italian market.

It's more likely that the AISI/AISE (italian FBI/CIA), NATO, etc, are flushing their toilets. I don't think any death squad is ever going to loose their time on these guys.
It's simply not worth it.

There are others, the ones that ported the X.25 network to ATM, that are ahead in their careers in the security agencies, that rised up from hell to point their fingers on those guys... isn't strange?
And there are others - Fine Young Cannibals - that are inventing capabilities to steal those careers ... isn't strange?

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Resilient, an IBM Company.