The 2011 Arab Spring captured the attention of the world. It also captured the attention of authoritarian governments in other countries, who were worried that revolution would spread. To respond, they ramped up surveillance of activists, journalists and dissidents who they feared would inspire revolution in their own countries. One prominent Bahraini activist, who was arrested and tortured by his government, has said that the interrogators showed him transcripts of his telephone calls and text messages.
Arapsko proljeće 2011. godine zaokupilo je pažnju svijeta. Privuklo je i pažnju autoritarnih vlada u drugim zemljama, koje su se zabrinule da će se revolucija proširiti. Odgovorili su pojačavanjem nadzora nad aktivistima, novinarima i disidentima, bojeći se da bi ovi mogli izazvati revolucije u njihovim vlastitim zemljama. Istaknuti aktivist iz Bahraina kojega je njegova vlada uhitila i mučila, rekao je da su mu istražitelji pokazali transkripte njegovih telefonskih poziva i tekstualnih poruka.
Of course, it's no secret that governments are able to intercept telephone calls and text messages. It's for that reason that many activists specifically avoid using the telephone. Instead, they use tools like Skype, which they think are immune to interception. They're wrong. There have now been over the last few years an industry of companies who provide surveillance technology to governments, specifically technology that allows those governments to hack into the computers of surveillance targets. Rather than intercepting the communications as they go over the wire, instead they now hack into your computer, enable your webcam, enable your microphone, and steal documents from your computer.
Naravno, nije tajna da vlade mogu presresti telefonske pozive i poruke. Iz tog razloga mnogi aktivisti pažljivo izbjegavaju upotrebu telefona. Umjesto toga koriste alate poput Skypea, za koje misle da su imuni na presretanje. Griješe. U posljednjih nekoliko godina pojavila se čitava industrija tvrtki koje opskrbljuju vlade tehnologijom nadzora, konkretno, tehnologijom koja vladama omogućava da upadnu u računala meta njihovog nadzora. Umjesto da presreću komunikacije tijekom njihova prijenosa vodovima, oni vam sada uđu u računalo, aktiviraju kameru, uključe mikrofon, i kradu vam dokumente iz računala.
When the government of Egypt fell in 2011, activists raided the office of the secret police, and among the many documents they found was this document by the Gamma Corporation, by Gamma International. Gamma is a German company that manufactures surveillance software and sells it only to governments. It's important to note that most governments don't really have the in-house capabilities to develop this software. Smaller ones don't have the resources or the expertise, and so there's this market of Western companies who are happy to supply them with the tools and techniques for a price. Gamma is just one of these companies. I should note also that Gamma never actually sold their software to the Egyptian government. They'd sent them an invoice for a sale, but the Egyptians never bought it. Instead, apparently, the Egyptian government used a free demo version of Gamma's software. (Laughter)
Kad je egipatska vlada pala 2011., aktivisti su upali u ured tajne policije; među mnogim dokumentima koje su našli bio je i dokument tvrtke Gamma Corporation, članice Gamma International. Gamma je njemačka kompanija koja proizvodi softver za nadzor i prodaje ga samo vladama. Važno je primijetiti da većina vlada ne može sama razviti takav softver. Manje vlade nemaju resurse ili znanje, i zato postoji tržište zapadnih kompanija koje su sretne da ih mogu opskrbiti alatima i tehnologijom za određenu cijenu. Gamma je tek jedna od tih kompanija. Moram napomenuti i da Gamma zapravo nikad nije prodala svoj softver egipatskoj vladi. Poslali su im predračun za softver, ali ga Egipćani nikad nisu kupili. Čini se da je egipatska vlada koristila besplatnu demo verziju softvera. (Smijeh)
So this screenshot is from a sales video that Gamma produced. Really, they're just emphasizing in a relatively slick presentation the fact that the police can sort of sit in an air-conditioned office and remotely monitor someone without them having any idea that it's going on. You know, your webcam light won't turn on. There's nothing to indicate that the microphone is enabled.
Ovo je kadar iz prodajnog videa kojega je Gamma snimila. Oni samo ističu, u relativno elegantnoj prezentaciji, činjenicu da policija može samo sjediti u klimatiziranom uredu i na daljinu nadzirati nekoga bez da ovaj zna što se događa. Znate, svjetlo vaše web kamere se neće uključiti. Ništa vam ne otkriva činjenicu da je mikrofon aktiviran.
This is the managing director of Gamma International. His name is Martin Muench. There are many photos of Mr. Muench that exist. This is perhaps my favorite. I'm just going to zoom in a little bit onto his webcam. You can see there's a little sticker that's placed over his camera. He knows what kind of surveillance is possible, and so clearly he doesn't want it to be used against him. Muench has said that he intends for his software to be used to capture terrorists and locate pedophiles. Of course, he's also acknowledged that once the software has been sold to governments, he has no way of knowing how it can be used. Gamma's software has been located on servers in countries around the world, many with really atrocious track records and human rights violations. They really are selling their software around the world.
Ovo je direktor kompanije Gamma International. Zove se Martin Muench. Postoji mnogo fotografija gospodina Muencha. Ova mi je najdraža. Malo ću zumirati njegovu web kameru. Vidite da je preko njegove kamere postavljena naljepnica. On zna kakvo praćenje je moguće, i očito ne želi da se ono rabi protiv njega. Muench je izjavio da želi da se njegov softver koristi za hvatanje terorista i pedofila. Naravno, priznao je da nakon što softver prodaju vladama, on ne zna kako će ga one upotrebljavati. Gammin softver je pronađen na serverima u zemljama širom svijeta, mnogima sa užasnom poviješću kršenja ljudskih prava. Oni svoj program prodaju širom svijeta.
Gamma is not the only company in the business. As I said, it's a $5 billion industry. One of the other big guys in the industry is an Italian company called Hacking Team. Now, Hacking Team has what is probably the slickest presentation. The video they've produced is very sexy, and so I'm going to play you a clip just so you can get a feel both for the capabilities of the software but also how it's marketed to their government clients.
Gamma nije jedina u tom poslu. Kao što rekoh, to je industrija od 5 milijardi dolara. Jedan od značajnih igrača je talijanska kompanija pod nazivom Hacking Team. Hacking Team ima vjerojatno najbolju prezentaciju. Njihov video je vrlo seksi, pa ću vam ga pustiti kako biste dobili osjećaj i za mogućnosti softvera i za način na koji ga se prodajno prezentira vladama koje su potencijalni klijenti.
(Video) Narrator: You want to look through your target's eyes. (Music) You have to hack your target. ["While your target is browsing the web, exchanging documents, receiving SMS, crossing the borders"] You have to hit many different platforms. ["Windows, OS X, iOS, Android, Blackberry, Symbian, Linux"] You have to overcome encryption and capture relevant data. [Skype & encrypted calls, target location, messaging, relationships, web browsing, audio & video"] Being stealth and untraceable. ["Immune to any protection system Hidden collection infrastructure"] Deployed all over your country. ["Up to hundreds of thousands of targets Managed from a single spot"] Exactly what we do.
(Video) Narator: Želite gledati očima svoje mete. (Glazba) Morate hakirati svoju metu. ["Dok vaša meta pretražuje internet, razmjenjuje dokumente, prima SMS, prelazi granice"] Morate pogoditi mnogo različitih platformi. ["Windowse, OS X, iOS, Android, Blackberry, Symbian, Linux"] Morate probiti enkripciju i prikupiti važne podatke. [Skype i šifrirane pozive, lokaciju mete, poruke, odnose, pregledavanje interneta, audio i video"] Morate biti nevidljivi i ne ostavljati tragove. ["Imuni na zaštitne sustave Skrivena infrastruktura prikupljanja"] Pokrivenost čitave zemlje. ["Stotine tisuća meta koje se prati s jednog mjesta"] Baš ono što mi nudimo.
Christopher Soghoian: So, it would be funny if it wasn't true, but, in fact, Hacking Team's software is being sold to governments around the world. Last year we learned, for example, that it's been used to target Moroccan journalists by the Moroccan government. Many, many countries it's been found in. So, Hacking Team has also been actively courting the U.S. law enforcement market. In the last year or so, the company has opened a sales office in Maryland. The company has also hired a spokesperson. They've been attending surveillance industry conferences where law enforcement officials show up. They've spoken at the conferences. What I thought was most fascinating was they've actually paid for the coffee break at one of the law enforcement conferences earlier this year. I can't tell you for sure that Hacking Team has sold their technology in the United States, but what I can tell you that if they haven't sold it, it isn't because they haven't been trying hard.
Christopher Soghoian: Bilo bi zabavno da nije istinito, ali softver tvrtke Hacking Team prodaje se vladama širom svijeta. Lani smo saznali, na primjer, da ga je marokanska vlada rabila za praćenje marokanskih novinara. Pronađen je u mnogim, mnogim zemljama. Hacking Team je vrlo aktivan i na tržištu američkih vladinih agencija. U posljednjih godinu dana, tvrtka je otvorila prodajno predstavništvo u Marylandu. Zaposlili su glasnogovornika. Sudjeluju na konferencijama industrije nadzora na koje dolaze vladini dužnosnici. Drže govore na konferencijama. Meni je najfascinantnija činjenica da su platili kavu u stanci na jednoj od tih konferencija ranije ove godine. Ne mogu vam sa sigurnošću tvrditi da je Hacking Team prodao svoju tehnologiju u Sjedinjenim Državama, ali ono što vam mogu reći je da ako je nisu prodali, to nije zato što se nisu svojski trudili.
So as I said before, governments that don't really have the resources to build their own tools will buy off-the-shelf surveillance software, and so for that reason, you see that the government of, say, Tunisia, might use the same software as the government of Germany. They're all buying off-the-shelf stuff. The Federal Bureau of Investigation in the United States does have the budget to build their own surveillance technology, and so for several years, I've been trying to figure out if and how the FBI is hacking into the computers of surveillance targets.
Kao što sam već rekao, vlade koje nemaju resurse za izradu vlastitih alata kupit će gotov nadzorni softver, i zato ćete vidjeti, da vlada, na primjer,Tunisa, upotrebljava isti program kao i njemačka vlada. Svi oni kupuju gotove programe. Savezni istražni biro (FBI) Sjedinjenih Država ima proračun za razvoj vlastite nadzorne tehnologije, i ja nekoliko godina nastojim otkriti da li FBI i na koji način provaljuje u računala osoba koje su mete nadzora.
My friends at an organization called the Electronic Frontier Foundation -- they're a civil society group — obtained hundreds of documents from the FBI detailing their next generation of surveillance technologies. Most of these documents were heavily redacted, but what you can see from the slides, if I zoom in, is this term: Remote Operations Unit. Now, when I first looked into this, I'd never heard of this unit before. I've been studying surveillance for more than six years. I'd never heard of it. And so I went online and I did some research, and ultimately I hit the mother lode when I went to LinkedIn, the social networking site for job seekers. There were lots of former U.S. government contractors who had at one point worked for the Remote Operating Unit, and were describing in surprising detail on their CVs what they had done in their former job. (Laughter) So I took this information and I gave it to a journalist that I know and trust at the Wall Street Journal, and she was able to contact several other former law enforcement officials who spoke on background and confirmed that yes, in fact, the FBI has a dedicated team that does nothing but hack into the computers of surveillance targets. Like Gamma and Hacking Team, the FBI also has the capability to remotely activate webcams, microphones, steal documents, get web browsing information, the works.
Moji prijatelji u organizaciji pod nazivom Electronic Frontier Foundation -- oni su udruga građana — u posjedu je stotina dokumenata FBI-ja koji objašnjavaju sljedeću generaciju tehnologija nadzora. Većina tih dokumenata je značajno obrađena, ali ono što vidite iz slajdova, ako zumiram, je ovaj termin: Jedinica za operacije na daljinu. Kad sam to prvi puta vidio, nikada ranije nisam čuo za tu jedinicu. Proučavam nadziranje već dulje od 6 godina. Nikad nisam čuo za nju. Pa sam otišao na internet, obavio istraživanja, i konačno pronašao zlatnu žilu kad sam otišao na LinkedIn, društvenu mrežu za one koji traže posao. Mnošto je bivših podugovaratelja američke vlade u neko doba radilo za Jedinicu za operacije na daljinu, i u svojim su životopisima iznenađujuće detaljno opisivali što su radili na svom prethodnom poslu. (Smijeh) Prikupio sam informacije i dao ih novinarki koju znam i kojoj vjerujem u Wall Street Journalu, i ona je uspjela stupiti u kontakt s nekolicinom bivših djelatnika vladinih službi koji su objasnili pozadinu i potvrdili da FBI zaista ima poseban tim zadužen samo za provale u računala osoba koje su meta nadzora. Kao Gamma i Hacking Team, i FBI ima mogućnost daljinskog aktiviranja kamera, mikrofona, krađe dokumenata, prikupljanja informacijama o posjećenim stranicama, i drugo.
There's sort of a big problem with governments going into hacking, and that's that terrorists, pedophiles, drug dealers, journalists and human rights activists all use the same kinds of computers. There's no drug dealer phone and there's no journalist laptop. We all use the same technology, and what that means then is that for governments to have the capability to hack into the computers of the real bad guys, they also have to have the capability to hack into our devices too.
Ima jedan velik problem u tome što se vlade bave hakiranjem, a sastoji se u tome da se teroristi, pedofili dileri droge, novinari i aktivisti za ljudska prava svi koriste istim računalima. Ne postoji telefon za dilere droge, ne postoji laptop za novinare. Svi rabimo istu tehnologiju, i to znači da kad vlade imaju mogućnost ulaska u računala stvarno opasnih tipova, također imaju mogućnost upada i u vaše uređaje.
So governments around the world have been embracing this technology. They've been embracing hacking as a law enforcement technique, but without any real debate. In the United States, where I live, there have been no congressional hearings. There's no law that's been passed specifically authorizing this technique, and because of its power and potential for abuse, it's vital that we have an informed public debate.
Vlade širom svijeta preuzimaju ovu tehnologiju. Primjenjuju hakiranje kao tehniku provedbe zakonitosti, ali se to odvija bez prave rasprave. U Sjedinjenim Državama gdje živim, nije bilo kongresnih saslušanja. Nijedan zakon nije donijet koji bi odobrio tu konkretnu tehniku, a zbog njene moći i potencijalne zloporabe, ključno je da održimo informiranu javnu raspravu.
Thank you very much.
Mnogo vam hvala.
(Applause)
(Pljesak)