Peek-A-Boo: GCHQ Has Been Checking You Out Through Your Webcam

from the the-all-seeing-eye dept

There appears to be something of an arms race going on between the NSA and its British counterpart, GCHQ, and the arms in question appear to be who can violate the most people’s rights in the creepiest manner possible. While the revelations about the NSA have been met mostly with an infuriating series of shrugs from the American public, GCHQ has been hard at work in the realm of dirty tricks, DDoS attacks, and their smear campaigns against anyone they don’t like. It’s one of those agencies that cause many to question exactly who they see as the enemy, given how many downright dastardly actions the agency takes against its own country’s citizens.

Well, if this latest report is correct, GCHQ may not see British citizens as the enemy so much as it sees them as its own personal playthings. I’m not sure what else to take away from reports that GCHQ intercepted and viewed Yahoo webcam images in bulk.

GCHQ files dating between 2008 and 2010 explicitly state that a surveillance program codenamed Optic Nerve collected still images of Yahoo webcam chats in bulk and saved them to agency databases, regardless of whether individual users were an intelligence target or not. In one six-month period in 2008 alone, the agency collected webcam imagery – including substantial quantities of sexually explicit communications – from more than 1.8 million Yahoo user accounts globally.

Forget the silly theater employed by America’s TSA, British intelligence actually employed the surrepticious collection of nudie images of their own citizens. If I were a British citizen, I wouldn’t know whether to be exponentially more self-conscious or disappointed that I hadn’t put on what I can assure you would be one hell of a naked show for these privacy-invading bastards. Yahoo, understandably, is pissed, indicating that it had no knowledge of this program and that this is an entirely new level of violating its customers’ privacy.

Now, if this attempt to realize the fictional telescreens in Orwell’s 1984 seems to have an exreme potential for abuse, you probably don’t even know the half of it.

The agency did make efforts to limit analysts’ ability to see webcam images, restricting bulk searches to metadata only. However, analysts were shown the faces of people with similar usernames to surveillance targets, potentially dragging in large numbers of innocent people. One document tells agency staff they were allowed to display “webcam images associated with similar Yahoo identifiers to your known target”.

Optic Nerve was based on collecting information from GCHQ’s huge network of internet cable taps, which was then processed and fed into systems provided by the NSA. Webcam information was fed into NSA’s XKeyscore search tool, and NSA research was used to build the tool which identified Yahoo’s webcam traffic.

What does this mean? Two things. First, there is no safeguard keeping images of America citizens out of the grasp of Optic Nerve. Second, this isn’t just GCHQ, it’s the NSA, too. They’re also holding onto and using these images, which certainly include British citizens and likely include American citizens as well. Let’s not mince words: the cooperation between the two agencies likely means that the NSA has webcam images of American citizens in their storage houses. And some of those images probably include naked Americans. If that doesn’t scare the hell out of you, nothing will.

Now, GCHQ boldly attempted to address the issue by building a facial recognition component that excluded images that didn’t include a face. You should already see the inherent problem in this: any private communication that may include nudity and a face would still be snared. Plus the technology, to put it mildly, barely works. And, on top of all this, this somehow came as a surprise to GCHQ.

Sexually explicit webcam material proved to be a particular problem for GCHQ, as one document delicately put it: “Unfortunately … it would appear that a surprising number of people use webcam conversations to show intimate parts of their body to the other person. Also, the fact that the Yahoo software allows more than one person to view a webcam stream without necessarily sending a reciprocal stream means that it appears sometimes to be used for broadcasting pornography.”

Oh, yeah, what a shock that people would use video communciation in a way that included nudity. Nevermind that the first thought that proceeds any technological advancement in the hisotry of mankind involves a form of the question, “How can we use this to see more nudity!?!?” It may seem like a small point, but do we really want to trust an agency that doesn’t realize how personal our communications are in collecting those same personal communications? No thanks.

The question has always been when will that final straw have been placed on the peoples’ backs such that they are unwilling to put up with this government abuse any longer. If the government peeking into your homes through your webcam doesn’t do it, nothing will.

Filed Under: , , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Peek-A-Boo: GCHQ Has Been Checking You Out Through Your Webcam”

Subscribe: RSS Leave a comment
sorrykb (profile) says:

From the reports, GCHQ is concerned about its employees seeing and/or disseminating nudity/sexually-explicit material, in violation of policy. Apparently, nudity is offensive. (I find spying on 1.8 million Yahoo users webcam chats offensive, but maybe that’s just me.)

Although, this does make me wonder. Since GCHQ is apparently trying to filter out the captured images to protect its employees from viewing peoples’ naughty bits, could these revelations lead to a new policy for video communications involving actual bad guys? … “I’d like to call this meeting to order. First up on the agenda: Everyone get naked.”

Arthur Moore (profile) says:

Re: Re:

Best comment I’ve seen so far on this:

Quoting part of it: “However, it doesn’t take a PhD in teenagerology to suspect that Her Majesty’s Wiretapping Crew are now sitting on one of the largest collections of illegal kiddie porn on the planet. And the kiddies are, on the whole, the unsuspecting children of the taxpayers of the UK.”

Duke (profile) says:

Re: Re: Re: Re:

Which raises the question, why aren’t these vicious, dangerous, career pedophiles being indicted and prosecuted?

Because they’re exempt from normal laws – or wasn’t that already clear? Members of GCHQ (and the other intelligence services) have their own special opt-out from the English law on indecent photographs of children. They can download, share or create as much child porn as they want, provided they do so “for the exercise of any of the functions of GCHQ.”

Mason Wheeler (profile) says:

Cameras are creepy

There’s something about being watched that creeps a lot of people out.

A few years back there was a bit of a scandal in a school district in the Seattle area, where the school got in trouble for allegedly posting a camera to spy on one of the teachers and her classes. The teacher (and the union, which backed her every step of the way) played up the whole “surveillance cameras are creepy” angle to the hilt, and the media ate it up. People throughout the area were understandably revolted when the story broke.

The thing is, they didn’t cover the true story, not by a long shot. Here’s what was actually going on:

The teacher in question had been engaged in a sexual relationship with at least one student. Apparently things weren’t going well, and he wanted out. He went to the school district looking for some help.

Something happened–I’m not clear on all the details–and the district had reason to believe that there was at least one other student also being victimized. They installed a camera in the teacher’s classroom, pointing at the door. It was unable to turn to look into the class, and it had no audio recording equipment, which meant there was no way of using it to spy on her classes; its purpose was to see if she was bringing students in after hours, and nothing else.

It seems to me that would have made an even better story, especially seeing as how it wasn’t all that far from where the infamous Mary Kay Letourneau taught, but for whatever reason that wasn’t the angle the media chose to play up. And with the district already convicted in the court of public opinion, the inevitable lawsuits ended up going in the teacher’s favor, and the school was unable to bring any disciplinary action against her.

Anonymous Coward says:

As horrific a violation as this is, I couldn’t help but be drawn to the following section:

“While the documents do not detail efforts as widescale as those against Yahoo users, one presentation discusses with interest the potential and capabilities of the Xbox 360’s Kinect camera, saying it generated “fairly normal webcam traffic” and was being evaluated as part of a wider program.”

That’s not the sort of thing Microsoft wants to hear when they’ve already caught tons of flak for attempting to make the Kinect mandatory for the Xbox One.

Anonymous Coward says:

Re: Re: Re:

See, people worried about Microsoft’s motives have already been a PR nightmare for Microsoft as they attempt to convince people that the benefits outweigh the risks and that Microsoft won’t abuse people’s privacy and spy on them.

To have the NSA/GCHQ then say “Oh, we are totally interested in the opportunities that Microsoft’s technology offers us to abuse people’s privacy and spy on them.” renders anything Microsoft might say or do meaningless as people will be making their decisions based on the actions of something almost entirely out of Microsoft’s control.

As for what does it matter which is spying on you, remember that the NSAGCHQ is the one that can send men with machine guns to break down your door if they see something they think is illegal.

Anonymous Coward says:

WTF are the brits doing? Are they just going to accept another “but it was legal!” excuse? F-that! If it was legal then demand a dramatic change of the law! Stuff like this SHOULDN’T be legal, even if it is right now (which probably isn’t, but you know they’re just going to say that for everything they get caught with anyway).

Anonymous Coward says:

Please stop referring to GCHQ’s syn-flood attack of an IRC server as a DDoS attack. It is just a regular DoS attack, not distributed, and thus didn’t bog down the whole network for untargeted people.

This technical inaccuracy has been repeated all over the media, and TechDirt, a site that specializes in tech news, should not be publishing this misinformation.

Read this, then read it again, then stop making your readers dumber by publishing technical inaccuracies:

Anonymous Coward says:

Re: Re: Re:

Eh… it’s significant for two reasons off the top of my head.

(1) DDoS would be more disruptive to untargeted folks, which is a significant distinction. It might also imply that GCHQ was running a botnet using innocent folks’ machines, which might be illegal, and if not, def would be very, very mean of them.

(2) It was also reported that GCHQ’s DoS was the same tactic Anonymous uses when DDoSing banks, which is not true (although maybe Anonymous also syn-floods hand-picked servers also).

Anyway, have a good one, JF (I’m the knucklehead who was recently talking about dd’ing block devices and how that would show up in file access logs).

John Fenderson (profile) says:

Re: Re: Re: Re:

You’re no knucklehead!

Yes, it was an error, but an easy one to make, and I think not of serious significance. However, I think that a syn flood attack is actually worse than a DDOS from an ethical point of view. A DDOS is not hacking in any sense, it’s just generating a lot of acceptable requests. A syn flood is a kind of hacking, it’s intentionally sending malformed packet sequences.

John Fenderson (profile) says:

Re: Re: Re:3 Re:

I didn’t say the packets were malformed, just the sequence. But you’re right, it is technically valid. It strikes me as a gray area nonetheless.

I see SYN floods as hacking because the the usual pattern of packet exchange is being manipulated in a way designed to trigger a problem. I don’t see DDOS as hacking because no such manipulation is taking place.

As to DDOS being “widely considered” as hacking — this is true amongst the average joe because they’ve been told that it is repeatedly. But it’s simply untrue, and it is not considered hacking by the majority of computer security people I’ve known.

David says:

Scary indeed...

Let’s not mince words: the cooperation between the two agencies likely means that the NSA has webcam images of American citizens in their storage houses. And some of those images probably include naked Americans. If that doesn’t scare the hell out of you, nothing will.

It would be half as scary if Americans did not adhere to that peculiar combination of diet and exercise that offset them from their European ancestors.
So citizen, how about bending over and trying to touch your toes in order to please Big Brother?

edpo says:


“While the revelations about the NSA have been met mostly with an infuriating series of shrugs from the American public…”

These sorts of comments are self-fulfilling. This is exactly what the NSA/GCHQ/ASD et al are working to manipulate opinion online. For the average person who only has so much time to get informed, stumbling across this sort of comment reinforces their feeling that it’s no big deal, since no one else cares.

Most people I know DO care, and the ones that don’t can be convinced with personalized attention to address how it matters to them. Throwaway comments like this do more harm than good.

GEMont (profile) says:

Re: Indifference

I think the poster is referring to the vast bulk of the public who use the internet for games, porn, shopping and chatting with friends, or not at all, and who – if they bother at all – get 99% of their daily news from TV, where none of this stuff is even mentioned, let alone covered in detail – making the statement a very, very accurate assessment of the current state of affairs.

More people might care if they were aware of the situation true, but this is not the case currently.

astroboi says:

Face it. THe old internet is finished.

Those of you who were on the internet back in the ’90’s when it was fun……all you have left is memories. It’s over. If tech exists it will be used. All we have going for us is that we know what is happening. It’s not going to change. Even if laws are passed forbidding the exploits our govts use against us, nothing will change. The spies will just ignore the law and lie some more. The future is minimising internet use. Or just putting up with the spying. Or maybe finding ways of bullet-proofing ones communications. How you would ever get any real confidence in hardened protocols is the question. When internet users were mostly geeks it was different. Now, with everybody on line, regulation and spying will increase with every passing day. It was a sweet ride, but now it’s over. We must learn to live with it. There are ways.

John Fenderson (profile) says:

Re: Face it. THe old internet is finished.

The old (good) internet effectively died a decade ago, and had been obviously dying for at least five years prior to that.

Replacements do currently exist, and more are being developed. Check out dark nets. The problem is that if any of them become anywhere near as popular as the internet, then their days will be likewise numbered.

This is as it has always been. The battle between the two forces is an eternal back-and-forth.

Anonymous Coward says:

Isn't that ironic

NSA and GCHQ defender : I have nothing to hide… so go ahead”
NSA and GCHQ : “No you really don’t *snicker*”

How many times have we used the example of the intelligence agencies looking through webcams at people in their homes as a scary future scenario? turns out it wasn’t that far fetched. We need people with bigger imaginations in order to come up with with scary examples that aren’t already true… that is kind of scary.

Well at least the nakedscanners don’t seem as bad anymore.

FM Hilton (profile) says:

Web Porn at its' best

I expect that while everyone who isn’t concerned isn’t going to care, but what about a little set of laws for the NSA to consider when they’re doing this?

Child pornography laws in the United States specify that child pornography is illegal under federal law and in all states. The Supreme Court of the United States has found child pornography to be “legally obscene”, a term that refers to offensive or violent forms of pornography that have been declared to be outside the protections of the First Amendment to the United States Constitution.

Federal sentencing guidelines regarding child pornography differentiate between production, distribution, and purchasing / receiving, and also include variations in severity based on the age of the child involved in the materials, with significant increases in penalties when the offense involves a prepubescent child or a child under the age of 12.

US law distinguishes between pornographic images of an actual minor, realistic images that are not of an actual minor, and non-realistic images such as drawings. The latter two categories are legally protected unless found to be obscene, whereas the first does not require a finding of obscenity.


It’s a federal offense. Punishable by prison time.

The NSA had better start deleting all those images of anyone considered to be under the age of 12, because they’re breaking the law, for real this time.

It’s about time we got really pissed. One set of laws for them, and another for us.

Guess who gets to go to prison?

GEMont (profile) says:

Re: Web Porn at its' best

Delete them!!!

Good grief man, can you imagine how much money the Five Eyes pulls in every year on the sale of kiddie selfies alone, not to mention all the footage captured daily of youngsters surfing web porn one handed, unaware that their cameras are live and recording them for posterity and profit.

Even a government can steal only so much tax-payer money before its noticed, so various means of income are always appreciated to help finance secret operations such as a global dirty tricks program… like looking the other way while the banks rob the world blind for a few years, and then exchanging a Get Out Of Jail Free Card and a tax-payer funded Bailout in exchange for fifty percent of the take.

A trillion dollars will get you a lot of high tech.

Remember, these people see themselves as not only above the law, but as the very law itself.

Where there is no consequence upon actions, there is no restraint or limit to the means and methods that can be entertained and employed.

Crusty the Ex-Clown says:

If I weren't so damn lazy ....

… I was gonna come out with a line of kiddie undies printed – in metallic ink – with the slogans:

Instant Child Porn — Just Add TSA


TSA = Technological Sexual Abuse

to make a point regarding the cognitive dissonance inherent in the concept of putting children through TSA scanners vs. the “Oh, but think of the children!” mentality.

GEMont (profile) says:

i + i + i + i + i

GCHQ and NSA are only two arms of the global surveillance network octopus that calls itself the Five Eyes.

What you learn about any one of the Five Eyes, describes all the others as well. As with organized crime, this is a “corporate based organization“.

“Corporate Based Organization” meaning they have a board of directors, regular meetings between the leaders of all five member nations, and most importantly, stock holders.

Its member nations can be seen listed at the bottom of all the recent GCHQ documents describing the dirty tricks programs deployed on all civilians who utilize electronic communications.

Its stock holders are governments, multinational corporations, foreign and domestic billionaires, royalty and organized crime.

It would appear that the Next Evil Empire is already here.

Welcome to 1984 plus 5.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...