The 2011 Arab Spring captured the attention of the world. It also captured the attention of authoritarian governments in other countries, who were worried that revolution would spread. To respond, they ramped up surveillance of activists, journalists and dissidents who they feared would inspire revolution in their own countries. One prominent Bahraini activist, who was arrested and tortured by his government, has said that the interrogators showed him transcripts of his telephone calls and text messages.
2011 年阿拉伯之春 引起世界各地的關注 也提高了 其他集權政體的警覺性 他們擔心改革思潮擴大 因此,他們逐漸加強 對社會運動人士、 記者及異議分子的監視 他們害怕這群人在國內 推動改革 一個巴林的重要社運人士 被政府逮捕及虐待 他說,問話的人給他看 他的手機通聯記錄 和簡訊內容
Of course, it's no secret that governments are able to intercept telephone calls and text messages. It's for that reason that many activists specifically avoid using the telephone. Instead, they use tools like Skype, which they think are immune to interception. They're wrong. There have now been over the last few years an industry of companies who provide surveillance technology to governments, specifically technology that allows those governments to hack into the computers of surveillance targets. Rather than intercepting the communications as they go over the wire, instead they now hack into your computer, enable your webcam, enable your microphone, and steal documents from your computer.
當然,這也不是什麼新聞了 政府早就能夠監聽電話和簡訊 因為如此,許多社運人士 都會避免使用電話 他們使用 Skype 以為這樣就不會被監聽 但他們錯了 早在過去幾年 已有企業 向政府提供監聽科技 尤其是一種專門的科技 讓政府得以入侵監聽對象的電腦 與其藉由線路監聽 他們現在直接入侵你的電腦 啟動你的網路攝影機、麥克風 並竊取你電腦裡的文件 當埃及政府在 2011 年垮台時
When the government of Egypt fell in 2011, activists raided the office of the secret police, and among the many documents they found was this document by the Gamma Corporation, by Gamma International. Gamma is a German company that manufactures surveillance software and sells it only to governments. It's important to note that most governments don't really have the in-house capabilities to develop this software. Smaller ones don't have the resources or the expertise, and so there's this market of Western companies who are happy to supply them with the tools and techniques for a price. Gamma is just one of these companies. I should note also that Gamma never actually sold their software to the Egyptian government. They'd sent them an invoice for a sale, but the Egyptians never bought it. Instead, apparently, the Egyptian government used a free demo version of Gamma's software. (Laughter)
社運人士搜查秘密警察的辦公室 裡面有許多文件 有一份文件來自伽瑪(Gamma)公司 母公司是伽瑪國際 伽瑪是一家德國公司 設計監聽軟體 然後只賣給政府 值得注意的是,大部分的政府 並沒有能力 自行研發這類軟體 小國更沒有 這樣的資源與專業 因此,西方的企業 很樂意提供這些設備與技術 以換取酬佣 伽瑪只是其中一個例子 我要聲明:伽瑪從未 賣軟體給埃及政府 他們有寄出報價的發票 但是埃及並未購買 很明顯的,埃及政府使用的是 伽瑪免付費的試用版 (笑聲)
So this screenshot is from a sales video that Gamma produced. Really, they're just emphasizing in a relatively slick presentation the fact that the police can sort of sit in an air-conditioned office and remotely monitor someone without them having any idea that it's going on. You know, your webcam light won't turn on. There's nothing to indicate that the microphone is enabled.
這個抓圖是截取自 伽瑪公司的行銷影片 在這個頗具說服力的簡報中 他們強調 警察只要輕鬆地坐在 辦公室裡吹冷氣 就能進行遠端監控 而且被監聽的對象完全不知情 網路攝影機的指示燈並不會亮 也看不出來麥克風被開啟了
This is the managing director of Gamma International. His name is Martin Muench. There are many photos of Mr. Muench that exist. This is perhaps my favorite. I'm just going to zoom in a little bit onto his webcam. You can see there's a little sticker that's placed over his camera. He knows what kind of surveillance is possible, and so clearly he doesn't want it to be used against him. Muench has said that he intends for his software to be used to capture terrorists and locate pedophiles. Of course, he's also acknowledged that once the software has been sold to governments, he has no way of knowing how it can be used. Gamma's software has been located on servers in countries around the world, many with really atrocious track records and human rights violations. They really are selling their software around the world.
這位是伽碼國際的執行董事 馬汀穆奇 (Martin Muench) 有很多他的照片 這張是我的最愛 讓我們放大看他的網路攝影機 你可以看到有一張小貼紙 貼在攝影機上 他知道監聽科技的能力 所以很明顯地,他不希望這樣的事 發生在他身上 穆奇表示 他希望他的軟體 用來對付恐怖分子或有戀童癖的人 當然,他也承認 一旦這個軟體賣給了政府 用途就不得而知了 許多伺服器都有裝載伽碼的軟體 在世界各國被使用 也的確有令人震驚的追蹤紀錄 以及違反人權的問題 伽碼的軟體在全世界都買的到
Gamma is not the only company in the business. As I said, it's a $5 billion industry. One of the other big guys in the industry is an Italian company called Hacking Team. Now, Hacking Team has what is probably the slickest presentation. The video they've produced is very sexy, and so I'm going to play you a clip just so you can get a feel both for the capabilities of the software but also how it's marketed to their government clients.
伽碼並不是唯一這樣的企業 這個產業價值 50 億美元 另外一個主要企業是 來自義大利的駭客團隊 (Hacking Team) 這家公司現在擁有 最具說服力的簡報技巧 他們製作的行銷影片非常吸引力 我會播出一段 讓你們感受一下 這個軟體的能力 以及這家公司 是如何向政府銷售這個產品
(Video) Narrator: You want to look through your target's eyes. (Music) You have to hack your target. ["While your target is browsing the web, exchanging documents, receiving SMS, crossing the borders"] You have to hit many different platforms. ["Windows, OS X, iOS, Android, Blackberry, Symbian, Linux"] You have to overcome encryption and capture relevant data. [Skype & encrypted calls, target location, messaging, relationships, web browsing, audio & video"] Being stealth and untraceable. ["Immune to any protection system Hidden collection infrastructure"] Deployed all over your country. ["Up to hundreds of thousands of targets Managed from a single spot"] Exactly what we do.
(影片) 旁白:你想要知道 你的監聽對象正在看什麼 (音樂) 你必須入侵他 [當你的監聽對象正在瀏覽網頁、 交換文件、接收簡訊、跨越國界] 你必須進入許多不同的平台 [Windows, OS X, iOS, Android, Blackberry, Symbian, Linux] 你必須解開加密 獲取有關的資料 [Skype 以及 加密通話 目標位置、簡訊、 關係、 網路瀏覽、影片及錄音] 神不知鬼不覺地 [入侵任何保護系統] 監控國家的每一個角落 [在同一個地點, 就能監控數以千計個目標] 這正是我們拿手的
Christopher Soghoian: So, it would be funny if it wasn't true, but, in fact, Hacking Team's software is being sold to governments around the world. Last year we learned, for example, that it's been used to target Moroccan journalists by the Moroccan government. Many, many countries it's been found in. So, Hacking Team has also been actively courting the U.S. law enforcement market. In the last year or so, the company has opened a sales office in Maryland. The company has also hired a spokesperson. They've been attending surveillance industry conferences where law enforcement officials show up. They've spoken at the conferences. What I thought was most fascinating was they've actually paid for the coffee break at one of the law enforcement conferences earlier this year. I can't tell you for sure that Hacking Team has sold their technology in the United States, but what I can tell you that if they haven't sold it, it isn't because they haven't been trying hard.
克里斯多夫.索荷宜恩: 若這是虛構的,那它很有意思 但事實上,駭客團隊的軟體 賣給了世界各國的政府 舉個例子,去年我們得知 摩洛哥政府 使用這個科技來監聽記者 許多國家都有類似的例子 因此,駭客團隊也面臨 美國執法單位的關切 這家公司在去年左右 在馬里蘭州成立了銷售據點 也聘請了一名代言人 他們陸續參與 監控產業的研討會 執法官員也在現場 他們在研討會上發言 我覺得最有意思的是 他們贊助會議休息時間的餐點 那是一場法律研討會 這是今年稍早的事情 我無法確定駭客團隊 是否將他們的科技賣給了美國政府 但我可以確定的是,如果他們沒賣 這並不是因為他們沒有努力銷售
So as I said before, governments that don't really have the resources to build their own tools will buy off-the-shelf surveillance software, and so for that reason, you see that the government of, say, Tunisia, might use the same software as the government of Germany. They're all buying off-the-shelf stuff. The Federal Bureau of Investigation in the United States does have the budget to build their own surveillance technology, and so for several years, I've been trying to figure out if and how the FBI is hacking into the computers of surveillance targets.
如同我之前所說 沒有能力自行設計的政府 將會去購買這些現成的監控軟體 正因如此 譬如,突尼西亞政府 以及德國政府,可能會使用相同軟體 他們都購買現成的產品 美國的聯邦調查局 (FBI) 擁有預算來自行發展監控科技 因此這些年以來 我嘗試去了解 FBI 是否能夠以及 如何入侵監控對象的電腦
My friends at an organization called the Electronic Frontier Foundation -- they're a civil society group — obtained hundreds of documents from the FBI detailing their next generation of surveillance technologies. Most of these documents were heavily redacted, but what you can see from the slides, if I zoom in, is this term: Remote Operations Unit. Now, when I first looked into this, I'd never heard of this unit before. I've been studying surveillance for more than six years. I'd never heard of it. And so I went online and I did some research, and ultimately I hit the mother lode when I went to LinkedIn, the social networking site for job seekers. There were lots of former U.S. government contractors who had at one point worked for the Remote Operating Unit, and were describing in surprising detail on their CVs what they had done in their former job. (Laughter) So I took this information and I gave it to a journalist that I know and trust at the Wall Street Journal, and she was able to contact several other former law enforcement officials who spoke on background and confirmed that yes, in fact, the FBI has a dedicated team that does nothing but hack into the computers of surveillance targets. Like Gamma and Hacking Team, the FBI also has the capability to remotely activate webcams, microphones, steal documents, get web browsing information, the works.
我有朋友在電子領域基金會 (Electronic Frontier Foundation) 這是一個公民社會組織 取得許多來自 FBI 的文件 內容描述他們下一代的監聽科技 這些文件的內容大多被大量塗改 但若我把它放大 你可以看到這個名詞: 遠端營運單位 當我第一次看到這個 我從未聽過這個單位 我已經研究監聽超過 6 年了 但我從未聽過這個單位 因此我上網搜尋 最後我找到了答案 當我進入Linkedin網站 這是求職者會使用的社群網站 裡面有許多過去美國政府的外包商 這些人曾經 任職於這個遠端營業單位 並且在他們的履歷上詳盡解釋 這份工作的內容 (笑聲) 我把這些資料 交給了一名我信任的華爾街日報記者 她聯絡了一些 過去的執法官員 這些人承認 FBI 的確有一個單位 專門入侵監聽對象的電腦 如同伽碼以及駭客團隊這樣的企業 FBI 也有能力 遠端啟動網路攝影機、麥克風、 竊取文件、取得網路瀏覽資料等 這樣的行為 這是一個很大的問題
There's sort of a big problem with governments going into hacking, and that's that terrorists, pedophiles, drug dealers, journalists and human rights activists all use the same kinds of computers. There's no drug dealer phone and there's no journalist laptop. We all use the same technology, and what that means then is that for governments to have the capability to hack into the computers of the real bad guys, they also have to have the capability to hack into our devices too.
政府可以入侵電腦 恐怖分子、有戀童癖的人、 販毒者、記者以及人權運動人士 都使用相同種類的電腦 沒有販毒專用的電話 沒有記者專用的筆電 我們都使用相同的科技 而這代表的是 政府有能力入侵電腦 那些真正是壞人的電腦 政府也有能力 入侵我們的電腦 因此全世界的政府
So governments around the world have been embracing this technology. They've been embracing hacking as a law enforcement technique, but without any real debate. In the United States, where I live, there have been no congressional hearings. There's no law that's been passed specifically authorizing this technique, and because of its power and potential for abuse, it's vital that we have an informed public debate.
都在使用這項科技 他們都在使用監聽 作為執法的工具 但並沒有人真正提出質疑 在美國,我的國家 並沒有國會聽證 並沒有通過任何法律 專門授權這項科技 鑒於它的能力以及被濫用的可能性 進行一個公開的討論是非常重要的 非常謝謝
Thank you very much.
(掌聲)
(Applause)