Peek-A-Boo: GCHQ Has Been Checking You Out Through Your Webcam
from the the-all-seeing-eye dept
There appears to be something of an arms race going on between the NSA and its British counterpart, GCHQ, and the arms in question appear to be who can violate the most people’s rights in the creepiest manner possible. While the revelations about the NSA have been met mostly with an infuriating series of shrugs from the American public, GCHQ has been hard at work in the realm of dirty tricks, DDoS attacks, and their smear campaigns against anyone they don’t like. It’s one of those agencies that cause many to question exactly who they see as the enemy, given how many downright dastardly actions the agency takes against its own country’s citizens.
Well, if this latest report is correct, GCHQ may not see British citizens as the enemy so much as it sees them as its own personal playthings. I’m not sure what else to take away from reports that GCHQ intercepted and viewed Yahoo webcam images in bulk.
GCHQ files dating between 2008 and 2010 explicitly state that a surveillance program codenamed Optic Nerve collected still images of Yahoo webcam chats in bulk and saved them to agency databases, regardless of whether individual users were an intelligence target or not. In one six-month period in 2008 alone, the agency collected webcam imagery – including substantial quantities of sexually explicit communications – from more than 1.8 million Yahoo user accounts globally.
Forget the silly theater employed by America’s TSA, British intelligence actually employed the surrepticious collection of nudie images of their own citizens. If I were a British citizen, I wouldn’t know whether to be exponentially more self-conscious or disappointed that I hadn’t put on what I can assure you would be one hell of a naked show for these privacy-invading bastards. Yahoo, understandably, is pissed, indicating that it had no knowledge of this program and that this is an entirely new level of violating its customers’ privacy.
Now, if this attempt to realize the fictional telescreens in Orwell’s 1984 seems to have an exreme potential for abuse, you probably don’t even know the half of it.
The agency did make efforts to limit analysts’ ability to see webcam images, restricting bulk searches to metadata only. However, analysts were shown the faces of people with similar usernames to surveillance targets, potentially dragging in large numbers of innocent people. One document tells agency staff they were allowed to display “webcam images associated with similar Yahoo identifiers to your known target”.
Optic Nerve was based on collecting information from GCHQ’s huge network of internet cable taps, which was then processed and fed into systems provided by the NSA. Webcam information was fed into NSA’s XKeyscore search tool, and NSA research was used to build the tool which identified Yahoo’s webcam traffic.
What does this mean? Two things. First, there is no safeguard keeping images of America citizens out of the grasp of Optic Nerve. Second, this isn’t just GCHQ, it’s the NSA, too. They’re also holding onto and using these images, which certainly include British citizens and likely include American citizens as well. Let’s not mince words: the cooperation between the two agencies likely means that the NSA has webcam images of American citizens in their storage houses. And some of those images probably include naked Americans. If that doesn’t scare the hell out of you, nothing will.
Now, GCHQ boldly attempted to address the issue by building a facial recognition component that excluded images that didn’t include a face. You should already see the inherent problem in this: any private communication that may include nudity and a face would still be snared. Plus the technology, to put it mildly, barely works. And, on top of all this, this somehow came as a surprise to GCHQ.
Sexually explicit webcam material proved to be a particular problem for GCHQ, as one document delicately put it: “Unfortunately … it would appear that a surprising number of people use webcam conversations to show intimate parts of their body to the other person. Also, the fact that the Yahoo software allows more than one person to view a webcam stream without necessarily sending a reciprocal stream means that it appears sometimes to be used for broadcasting pornography.”
Oh, yeah, what a shock that people would use video communciation in a way that included nudity. Nevermind that the first thought that proceeds any technological advancement in the hisotry of mankind involves a form of the question, “How can we use this to see more nudity!?!?” It may seem like a small point, but do we really want to trust an agency that doesn’t realize how personal our communications are in collecting those same personal communications? No thanks.
The question has always been when will that final straw have been placed on the peoples’ backs such that they are unwilling to put up with this government abuse any longer. If the government peeking into your homes through your webcam doesn’t do it, nothing will.
Comments on “Peek-A-Boo: GCHQ Has Been Checking You Out Through Your Webcam”
From the reports, GCHQ is concerned about its employees seeing and/or disseminating nudity/sexually-explicit material, in violation of policy. Apparently, nudity is offensive. (I find spying on 1.8 million Yahoo users webcam chats offensive, but maybe that’s just me.)
Although, this does make me wonder. Since GCHQ is apparently trying to filter out the captured images to protect its employees from viewing peoples’ naughty bits, could these revelations lead to a new policy for video communications involving actual bad guys? … “I’d like to call this meeting to order. First up on the agenda: Everyone get naked.”
Best comment I’ve seen so far on this: http://yro.slashdot.org/comments.pl?sid=4840985&cid=46360727
Quoting part of it: “However, it doesn’t take a PhD in teenagerology to suspect that Her Majesty’s Wiretapping Crew are now sitting on one of the largest collections of illegal kiddie porn on the planet. And the kiddies are, on the whole, the unsuspecting children of the taxpayers of the UK.”
Re: Re: Re:
So is the NSA and every other agency.
Which raises the question, why aren’t these vicious, dangerous, career pedophiles being indicted and prosecuted?
Re: Re: Re: Re:
Because they’re exempt from normal laws – or wasn’t that already clear? Members of GCHQ (and the other intelligence services) have their own special opt-out from the English law on indecent photographs of children. They can download, share or create as much child porn as they want, provided they do so “for the exercise of any of the functions of GCHQ.”
Re: Re: Re:
I say we start making footage of our dongs and send directly to these morons. Maybe this will remind them how much we love being peeped by some creepy bastards…
It wasn’t ceiling cat watching people masturbate!
It was the government!
Cameras are creepy
There’s something about being watched that creeps a lot of people out.
A few years back there was a bit of a scandal in a school district in the Seattle area, where the school got in trouble for allegedly posting a camera to spy on one of the teachers and her classes. The teacher (and the union, which backed her every step of the way) played up the whole “surveillance cameras are creepy” angle to the hilt, and the media ate it up. People throughout the area were understandably revolted when the story broke.
The thing is, they didn’t cover the true story, not by a long shot. Here’s what was actually going on:
The teacher in question had been engaged in a sexual relationship with at least one student. Apparently things weren’t going well, and he wanted out. He went to the school district looking for some help.
Something happened–I’m not clear on all the details–and the district had reason to believe that there was at least one other student also being victimized. They installed a camera in the teacher’s classroom, pointing at the door. It was unable to turn to look into the class, and it had no audio recording equipment, which meant there was no way of using it to spy on her classes; its purpose was to see if she was bringing students in after hours, and nothing else.
It seems to me that would have made an even better story, especially seeing as how it wasn’t all that far from where the infamous Mary Kay Letourneau taught, but for whatever reason that wasn’t the angle the media chose to play up. And with the district already convicted in the court of public opinion, the inevitable lawsuits ended up going in the teacher’s favor, and the school was unable to bring any disciplinary action against her.
This must be what Paul Calandra, meant when he used the phrase, ‘Porn Spy’.
“Canadian Gov’t Responds To Spying Revelations By Saying It’s All A Lie And Calling Glenn Greenwald A ‘Porn Spy'”
As horrific a violation as this is, I couldn’t help but be drawn to the following section:
That’s not the sort of thing Microsoft wants to hear when they’ve already caught tons of flak for attempting to make the Kinect mandatory for the Xbox One.
It’s already been suspected that Microsoft’s insistence on making the kinect mandatory was very much intended to have an always-watching-eye on you while in your living room.
Whether it was for their own purposes, or the governments, what does it matter?
Re: Re: Re:
See, people worried about Microsoft’s motives have already been a PR nightmare for Microsoft as they attempt to convince people that the benefits outweigh the risks and that Microsoft won’t abuse people’s privacy and spy on them.
To have the NSA/GCHQ then say “Oh, we are totally interested in the opportunities that Microsoft’s technology offers us to abuse people’s privacy and spy on them.” renders anything Microsoft might say or do meaningless as people will be making their decisions based on the actions of something almost entirely out of Microsoft’s control.
As for what does it matter which is spying on you, remember that the NSAGCHQ is the one that can send men with machine guns to break down your door if they see something they think is illegal.
That’s one of the points that are a deal breaker for Xbone. I don’t want that fucking thing always on.
GCHQ loves its kiddie porn. Why is GCHQ exempt from Cameron’s porn filter anyway?
WTF are the brits doing? Are they just going to accept another “but it was legal!” excuse? F-that! If it was legal then demand a dramatic change of the law! Stuff like this SHOULDN’T be legal, even if it is right now (which probably isn’t, but you know they’re just going to say that for everything they get caught with anyway).
Since the odds are pretty near 100% that the NSA, CIA, and/or FBI are doing the same thing in the US, all of your questions apply equally well here, too.
Please stop referring to GCHQ’s syn-flood attack of an IRC server as a DDoS attack. It is just a regular DoS attack, not distributed, and thus didn’t bog down the whole network for untargeted people.
This technical inaccuracy has been repeated all over the media, and TechDirt, a site that specializes in tech news, should not be publishing this misinformation.
Read this, then read it again, then stop making your readers dumber by publishing technical inaccuracies:
I thought I was the only pedant here, but at least I admit up front when I’m making a big deal out of a trivial error.
Re: Re: Re:
Eh… it’s significant for two reasons off the top of my head.
(1) DDoS would be more disruptive to untargeted folks, which is a significant distinction. It might also imply that GCHQ was running a botnet using innocent folks’ machines, which might be illegal, and if not, def would be very, very mean of them.
(2) It was also reported that GCHQ’s DoS was the same tactic Anonymous uses when DDoSing banks, which is not true (although maybe Anonymous also syn-floods hand-picked servers also).
Anyway, have a good one, JF (I’m the knucklehead who was recently talking about dd’ing block devices and how that would show up in file access logs).
Re: Re: Re: Re:
You’re no knucklehead!
Yes, it was an error, but an easy one to make, and I think not of serious significance. However, I think that a syn flood attack is actually worse than a DDOS from an ethical point of view. A DDOS is not hacking in any sense, it’s just generating a lot of acceptable requests. A syn flood is a kind of hacking, it’s intentionally sending malformed packet sequences.
Re: Re: Re:2 Re:
There is nothing malformed about the packets in a SYN flood. The 3-way handshake simply isn’t completed. This is technically valid behavior. A SYN flood is a form of DOS attack. Both of which are widely considered “hacking”.
Re: Re: Re:3 Re:
I didn’t say the packets were malformed, just the sequence. But you’re right, it is technically valid. It strikes me as a gray area nonetheless.
I see SYN floods as hacking because the the usual pattern of packet exchange is being manipulated in a way designed to trigger a problem. I don’t see DDOS as hacking because no such manipulation is taking place.
As to DDOS being “widely considered” as hacking — this is true amongst the average joe because they’ve been told that it is repeatedly. But it’s simply untrue, and it is not considered hacking by the majority of computer security people I’ve known.
> First, there is no safeguard keeping images of America citizens out of the grasp of Optic Nerve
Nor do they exclude anyone else, like the Germans, Russians and the other 180something nations you fuckin shithead.
It would be half as scary if Americans did not adhere to that peculiar combination of diet and exercise that offset them from their European ancestors.
So citizen, how about bending over and trying to touch your toes in order to please Big Brother?
“While the revelations about the NSA have been met mostly with an infuriating series of shrugs from the American public…”
These sorts of comments are self-fulfilling. This is exactly what the NSA/GCHQ/ASD et al are working to manipulate opinion online. For the average person who only has so much time to get informed, stumbling across this sort of comment reinforces their feeling that it’s no big deal, since no one else cares.
Most people I know DO care, and the ones that don’t can be convinced with personalized attention to address how it matters to them. Throwaway comments like this do more harm than good.
I think the poster is referring to the vast bulk of the public who use the internet for games, porn, shopping and chatting with friends, or not at all, and who – if they bother at all – get 99% of their daily news from TV, where none of this stuff is even mentioned, let alone covered in detail – making the statement a very, very accurate assessment of the current state of affairs.
More people might care if they were aware of the situation true, but this is not the case currently.
So, that’s where the convicted celeb paedophiles got their stuff!
Face it. THe old internet is finished.
Those of you who were on the internet back in the ’90’s when it was fun……all you have left is memories. It’s over. If tech exists it will be used. All we have going for us is that we know what is happening. It’s not going to change. Even if laws are passed forbidding the exploits our govts use against us, nothing will change. The spies will just ignore the law and lie some more. The future is minimising internet use. Or just putting up with the spying. Or maybe finding ways of bullet-proofing ones communications. How you would ever get any real confidence in hardened protocols is the question. When internet users were mostly geeks it was different. Now, with everybody on line, regulation and spying will increase with every passing day. It was a sweet ride, but now it’s over. We must learn to live with it. There are ways.
Re: Face it. THe old internet is finished.
Time to make a new internet then, one that can’t be spied on.
It’s happening, it will happen.
Either that or someone’s going to get into power and throw the whole alphabet soup of spying agencies out the window.
Re: Face it. THe old internet is finished.
Those of us who were on the ARPAnet and Usenet many years before that know this. The ignorant assholes in the NSA and GCHQ and elsewhere have destroyed it for everyone, thanks to their stupidity and hubris.
Re: Face it. THe old internet is finished.
The old (good) internet effectively died a decade ago, and had been obviously dying for at least five years prior to that.
Replacements do currently exist, and more are being developed. Check out dark nets. The problem is that if any of them become anywhere near as popular as the internet, then their days will be likewise numbered.
This is as it has always been. The battle between the two forces is an eternal back-and-forth.
Re: Face it. THe old internet is finished.
Indeed, it’s over.
We make ourselves a GNU one!
Isn't that ironic
NSA and GCHQ defender : I have nothing to hide… so go ahead”
NSA and GCHQ : “No you really don’t *snicker*”
How many times have we used the example of the intelligence agencies looking through webcams at people in their homes as a scary future scenario? turns out it wasn’t that far fetched. We need people with bigger imaginations in order to come up with with scary examples that aren’t already true… that is kind of scary.
Well at least the nakedscanners don’t seem as bad anymore.
Coming soon: GCHQporn.uk
The worlds largest online collection of voyeurism porn on the internet.*
* Not available within the UK unless you opt-in so we can “protect the children”, you pervert!
The “snoopers charter” is aptly named
GCHQ is run by a bunch of wankers……..literately
And yet again NOTHING, of substance will be done
It wont last, theres only so much people will take, and it looks like our governments are eager to take everything
how can i go about installing surveilance cameras in peoples homes/lives, without them knowing or making a silly fuss?……
Heaps of material to discredit in the future
Those images are also a huge stockpile of ammunition to discredit a person in the future.
Re: Heaps of material to discredit in the future
Blackmail you mean
So is this covered under SCORPION STARE, for use by authorized MAGINOT BLUE STARS users, as part of the preparation for CASE NIGHTMARE GREEN, as part of the remaining Special Operations Executive branch, the Laundry Service?
Re: SCORPION STARE
SCORPION STARE only works with two (or more) cameras. So unless you’re broadcasting yourself in 3D, or waving a Nintendo 3DS around, you’re reasonably safe.
I am still patiently awaiting mp4 of that night pillow gay talk between justice Scalia and rep. King. I give it 3 months to pop.
And more seriously, we have totaly inept Congress, so I predict it will take enraged judges to monkeywrench this BS.
Web Porn at its' best
I expect that while everyone who isn’t concerned isn’t going to care, but what about a little set of laws for the NSA to consider when they’re doing this?
Child pornography laws in the United States specify that child pornography is illegal under federal law and in all states. The Supreme Court of the United States has found child pornography to be “legally obscene”, a term that refers to offensive or violent forms of pornography that have been declared to be outside the protections of the First Amendment to the United States Constitution.
Federal sentencing guidelines regarding child pornography differentiate between production, distribution, and purchasing / receiving, and also include variations in severity based on the age of the child involved in the materials, with significant increases in penalties when the offense involves a prepubescent child or a child under the age of 12.
US law distinguishes between pornographic images of an actual minor, realistic images that are not of an actual minor, and non-realistic images such as drawings. The latter two categories are legally protected unless found to be obscene, whereas the first does not require a finding of obscenity.
It’s a federal offense. Punishable by prison time.
The NSA had better start deleting all those images of anyone considered to be under the age of 12, because they’re breaking the law, for real this time.
It’s about time we got really pissed. One set of laws for them, and another for us.
Guess who gets to go to prison?
Re: Web Porn at its' best
Good grief man, can you imagine how much money the Five Eyes pulls in every year on the sale of kiddie selfies alone, not to mention all the footage captured daily of youngsters surfing web porn one handed, unaware that their cameras are live and recording them for posterity and profit.
Even a government can steal only so much tax-payer money before its noticed, so various means of income are always appreciated to help finance secret operations such as a global dirty tricks program… like looking the other way while the banks rob the world blind for a few years, and then exchanging a Get Out Of Jail Free Card and a tax-payer funded Bailout in exchange for fifty percent of the take.
A trillion dollars will get you a lot of high tech.
Remember, these people see themselves as not only above the law, but as the very law itself.
Where there is no consequence upon actions, there is no restraint or limit to the means and methods that can be entertained and employed.
If I weren't so damn lazy ....
… I was gonna come out with a line of kiddie undies printed – in metallic ink – with the slogans:
Instant Child Porn — Just Add TSA
TSA = Technological Sexual Abuse
to make a point regarding the cognitive dissonance inherent in the concept of putting children through TSA scanners vs. the “Oh, but think of the children!” mentality.
I have to wonder, now that people know about this, if the spooks at GCHQ will be confronted with more images that they find disturbing, such as pictures of pressed hams, or seventh planet shots…
So, they’ve had since 2008 to perfect it, and theres no guarantee that they havent COMPRIMISED more camera based systems,
I wonder how the mainstream media will spin this to feed to the apathetic masses… We should be all grabbing out pitchforks and marching towards the nearest intelligence structure and set all ablaze.
i + i + i + i + i
GCHQ and NSA are only two arms of the global surveillance network octopus that calls itself the Five Eyes.
What you learn about any one of the Five Eyes, describes all the others as well. As with organized crime, this is a “corporate based organization“.
“Corporate Based Organization” meaning they have a board of directors, regular meetings between the leaders of all five member nations, and most importantly, stock holders.
Its member nations can be seen listed at the bottom of all the recent GCHQ documents describing the dirty tricks programs deployed on all civilians who utilize electronic communications.
Its stock holders are governments, multinational corporations, foreign and domestic billionaires, royalty and organized crime.
It would appear that the Next Evil Empire is already here.
Welcome to 1984 plus 5.