UK's GCHQ Admits To Using Vulnerabilities To Hack Target Systems

Bismillah (993337) writes "Lawyers for the GCHQ have told the Investigatory Powers Tribunal in the UK that the agency carries out the same illegal Computer Network Exploitation (CNE) operations that criminals and hackers do. Except they do it legally. GCHQ is currently being taken to court by Privacy International and five ISPs from UK, Germany, the Netherlands, Zimbabwe and South Korea for CNE operations that the agency will not confirm nor deny as per praxis."

Hmm

[cascadingstylesheet]

"Police carry the same projectile weapons that criminals do. Except they do it legally."

Re:Who says it's "illegal"? Timothy?

I look forward to those responsible being identified and prosecuted to the full extent of the law.

Or past offences ignored and new laws enacted to make future actions legal or new laws enacted and applied retrospectively.

Re:You're not going to get anywhere with this crow

What they've done is to use a blanket warrant to grab ALL data on the excuse of 'terrorism', that gives them a searchable database, which no longer has the individual judicial checks. In particular they've done a full take on the pipes into the UK, which by its nature carries mostly UK to UK data.

GCHQ then handed this feed to the NSA, who have indexed it, on the promise they won't misuse it, and NSA in return has given them access to a search interface, PRISM back on this data and others.

NSA built a haystack, and the one thing we know is it isn't likely to contain needles, because its easy-to-get bulk data on everyone, not difficult-to-get signals intelligence on terrorists. The quantity of 'hay' they collect is connected to the ease by which they can intercept it, not the likeliness of it for 'terrorism'.

And of course once you remove the judicial protections and checks and balances, it all goes out the window. We learned of the memo saying NSA should keep any UK intelligence useful to the US, despite the 5 eyes 'no-spy' treaty, and that the SWIFT agreement was circumvented by simply assigning NSA staff to the treasury. Well duh!

In the process of turning US industry into surveillance machines, they've undermined encryption, withheld security holes, signed secret corporate commercial surveillance agreements. Undermining US products by coercion and bribery.

All because one General decided that instead of 'thin thread' approach of going after just the info they needed, they'd do a big 'store it all', and then do the searches adhoc without judicial checks after the fact.

You say 'clear legal framework' but it was clear from the leaks that the FISA judge was misled about the database stuff. He approved a tap, for a specific purpose, and instead it went into a database for other purposes. If FISA judges cannot be told the truth then how can this be a 'clear' anything?

NSA lied to the court:
https://www.techdirt.com/articles/20130821/16331524274/declassified-fisa-court-opinion-shows-nsa-lied-repeatedly-to-court-as-well.shtml

None of this has been approved by the democracy it operates in. We get glimpses of how abused the systems was sometimes:
https://www.techdirt.com/articles/20140813/23203228207/unsealed-jewel-v-nsa-transcript-doj-has-nothing-contempt-american-citizens.shtml

Keep in mind we're not talking about detail here, the basis of "collect everything one judicial warrant then search it later without warrant", for Britain this was one of the parts of Snoopers Charter. When GCHQ failed to get it, it went ahead with Tempora anyway with a faulty legal interpretation. It was clearly a breach of the law, yet they did it anyway.

So now we're in the position where politics is corrupted in 5 eyes countries, where the hard line military leaders win elections, and up coming parties have their telephone calls leaked against them. All of that needs to be pulled back in, the protections put back in place, GCHQ staff involved need to be ejected (prosecuted even) and replaced by people loyal to their country, and GCHQ need to only hand narrow data over, on terrorism, with proper judicial checks each time.

Should GCHQ be spying on data, which is mostly British, including sensitive data on commercial, political, journalistic and democratic actors from 200 fibre optics, handing it to NSA who give it to 800,000 NSA staff and private contractors ? It's a no-brainer. No they should not.

https://orderoftruth.wordpress.com/2013/06/22/uk-communications-bill-snoopers-charter-legalises-illegal-activity-of-gchq-and-nsa-in-uk-exposed-by-snowden/

GCHQ staff, to me you are compartmentalized into seeing tiny parts of the bigger picture. Classic 'rubes'.