Serpo
2nd May 2013, 05:39 PM
Spyware used by governments poses as Firefox, and Mozilla is angry
Mozilla sends cease and desist letter to maker of FinFisher software.
by Jon Brodkin - May 2 2013, 2:41am -1000
Privacy
115
That's not the real Firefox, either.
Nayu Kim
Mozilla has sent a cease-and-desist letter to a company that sells spyware allegedly disguised as the Firefox browser to governments. The action follows a report by Citizen Lab, which identifies 36 countries (including the US) hosting command and control servers for FinFisher, a type of surveillance software. Also known as FinSpy, the software is sold by UK-based Gamma International to governments, which use it in criminal investigations and allegedly for spying on dissidents.
Mozilla revealed yesterday in its blog that it has sent the cease and desist letter to Gamma "demanding that these illegal practices stop immediately." Gamma's software is "designed to trick people into thinking it's Mozilla Firefox," Mozilla noted. (Mozilla declined to provide a copy of the cease and desist letter to Ars.)
The spyware doesn't infect Firefox itself, so a victim's browser isn't at risk. But the spyware "uses our brand and trademarks to lie and mislead as one of its methods for avoiding detection and deletion" and is "used by Gamma’s customers to violate citizens’ human rights and online privacy," Mozilla said. Mozilla continues:
Through the work of the Citizen Lab research team, we believe Gamma’s spyware tries to give users the false impression that, as a program installed on their computer or mobile device, it’s related to Mozilla and Firefox, and is thus trustworthy both technically and in its content. This is accomplished in two ways:
1. When a user examines the installed spyware on his/her machine by viewing its properties, Gamma misrepresents its program as “Firefox.exe” and includes the properties associated with Firefox along with a version number and copyright and trademark claims attributed to “Firefox and Mozilla Developers.”
2. For an expert user who examines the underlying code of the installed spyware, Gamma includes verbatim the assembly manifest from Firefox software.
The Citizen Lab research team has provided us with samples from the following three instances that demonstrate how this misuse of our brand, trademarks and public trust is a designed feature of Gamma’s spyware products and not unique to a single customer’s deployment:
A spyware attack in Bahrain aimed at pro-democracy activists;
The recent discovery of Gamma’s spyware apparently in use amidst Malaysia’s upcoming General Elections; and
A promotional demo produced by Gamma.
Each sample demonstrates the exact same pattern of falsely designating the installed spyware as originating from Mozilla. Gamma’s own brochures and promotional videos tout one of the essential features of its surveillance software is that it can be chttp://cdn.arstechnica.net/wp-content/uploads/2013/05/fake-firefox-640x455.pngovertly deployed on the person’s system and remain undetected.
The Citizen Lab report provides pictorial evidence of the impersonation:
http://arstechnica.com/information-technology/2013/05/spyware-used-by-governments-poses-as-firefox-and-mozilla-is-angry/
This Powerful Spy Software Is Being Abused By Governments Around The World Michael Kelley Today 6:01 AM
Share Discuss Bookmark
FinFisher aims its products at intelligence and law enforcement services.
A new report presents overwhelming evidence that sophisticated spying software is being abused by governments around the world.The findings by The Citizen Lab, a digital research laboratory at the University of Toronto, detail how the software marketed to track criminals is being used against dissidents and human rights activists.
Titled “For Their Eyes Only: The Commercialization of Digital Spying,” the report focuses on a type of surveillance software called FinSpy that can remotely monitor webmail and social networks in real time as well as collect encrypted data and communications of unsuspecting targets.
In December 2011 WikiLeaks began publishing FinFisher brochures and videos, which tout the software as enabling governments to monitor targets who “regularly change location, use encrypted and anonymous communication channels, and reside in foreign countries.”
The remarkable thing about the FinSpy, Jean Marc Manach of OWNI notes, is that it can take control of any major operating system while none of the top 40 antivirus systems can even recognise it, much less block it.
The report caused Mozilla, the maker of the Firefox browser, to send a cease-and-desist letter to UK-based Gamma International, FinFisher’s parent company, because it says FinSpy “is designed to trick people into thinking it’s Mozilla Firefox.”
During the downfall of Egyptian ruler Hosni Mubarak, dissidents ransacking the offices of Egypt’s secret police discovered a contract from Gamma detailing a $380,000 licence to run the software for five months.
The Citizen Lab report lays out how the surveillance tech has also been widely used to monitor activists and dissidents in Bahrain.
Here are the 36 countries that have been found to host FinFisher Command & Control Servers, which the malware connects to begin harvesting reams of data (click to enlarge):
Manach notes that FinFisher also offers a mobile version of its spying system so that authorities can spy on data and communications from mobile phones, even when encrypted.
The report comes two weeks after Google CEO Eric Schmidt wrote in the Wall Street Journal that “the dark side to the digital revolution that is too often ignored” involves technology that “can provide powerful new tools for dictators to suppress dissent.”
Schmidt noted that “everything a regime would need to build an incredibly intimidating digital police state — including software that facilitates data mining and real-time monitoring of citizens — is commercially available right now.”
The Citizen Lab report reveals that governments are increasingly taking advantage of that reality.
The researchers conclude that the proliferation of this type of increasingly powerful surveillance equipment “has serious implications not just for dissidents and activists, but for all of us, no matter our citizenship” given the popular notion that people have a right to secure communications.
http://au.businessinsider.com/countries-with-finfisher-spying-software-2013-5
Mozilla sends cease and desist letter to maker of FinFisher software.
by Jon Brodkin - May 2 2013, 2:41am -1000
Privacy
115
That's not the real Firefox, either.
Nayu Kim
Mozilla has sent a cease-and-desist letter to a company that sells spyware allegedly disguised as the Firefox browser to governments. The action follows a report by Citizen Lab, which identifies 36 countries (including the US) hosting command and control servers for FinFisher, a type of surveillance software. Also known as FinSpy, the software is sold by UK-based Gamma International to governments, which use it in criminal investigations and allegedly for spying on dissidents.
Mozilla revealed yesterday in its blog that it has sent the cease and desist letter to Gamma "demanding that these illegal practices stop immediately." Gamma's software is "designed to trick people into thinking it's Mozilla Firefox," Mozilla noted. (Mozilla declined to provide a copy of the cease and desist letter to Ars.)
The spyware doesn't infect Firefox itself, so a victim's browser isn't at risk. But the spyware "uses our brand and trademarks to lie and mislead as one of its methods for avoiding detection and deletion" and is "used by Gamma’s customers to violate citizens’ human rights and online privacy," Mozilla said. Mozilla continues:
Through the work of the Citizen Lab research team, we believe Gamma’s spyware tries to give users the false impression that, as a program installed on their computer or mobile device, it’s related to Mozilla and Firefox, and is thus trustworthy both technically and in its content. This is accomplished in two ways:
1. When a user examines the installed spyware on his/her machine by viewing its properties, Gamma misrepresents its program as “Firefox.exe” and includes the properties associated with Firefox along with a version number and copyright and trademark claims attributed to “Firefox and Mozilla Developers.”
2. For an expert user who examines the underlying code of the installed spyware, Gamma includes verbatim the assembly manifest from Firefox software.
The Citizen Lab research team has provided us with samples from the following three instances that demonstrate how this misuse of our brand, trademarks and public trust is a designed feature of Gamma’s spyware products and not unique to a single customer’s deployment:
A spyware attack in Bahrain aimed at pro-democracy activists;
The recent discovery of Gamma’s spyware apparently in use amidst Malaysia’s upcoming General Elections; and
A promotional demo produced by Gamma.
Each sample demonstrates the exact same pattern of falsely designating the installed spyware as originating from Mozilla. Gamma’s own brochures and promotional videos tout one of the essential features of its surveillance software is that it can be chttp://cdn.arstechnica.net/wp-content/uploads/2013/05/fake-firefox-640x455.pngovertly deployed on the person’s system and remain undetected.
The Citizen Lab report provides pictorial evidence of the impersonation:
http://arstechnica.com/information-technology/2013/05/spyware-used-by-governments-poses-as-firefox-and-mozilla-is-angry/
This Powerful Spy Software Is Being Abused By Governments Around The World Michael Kelley Today 6:01 AM
Share Discuss Bookmark
FinFisher aims its products at intelligence and law enforcement services.
A new report presents overwhelming evidence that sophisticated spying software is being abused by governments around the world.The findings by The Citizen Lab, a digital research laboratory at the University of Toronto, detail how the software marketed to track criminals is being used against dissidents and human rights activists.
Titled “For Their Eyes Only: The Commercialization of Digital Spying,” the report focuses on a type of surveillance software called FinSpy that can remotely monitor webmail and social networks in real time as well as collect encrypted data and communications of unsuspecting targets.
In December 2011 WikiLeaks began publishing FinFisher brochures and videos, which tout the software as enabling governments to monitor targets who “regularly change location, use encrypted and anonymous communication channels, and reside in foreign countries.”
The remarkable thing about the FinSpy, Jean Marc Manach of OWNI notes, is that it can take control of any major operating system while none of the top 40 antivirus systems can even recognise it, much less block it.
The report caused Mozilla, the maker of the Firefox browser, to send a cease-and-desist letter to UK-based Gamma International, FinFisher’s parent company, because it says FinSpy “is designed to trick people into thinking it’s Mozilla Firefox.”
During the downfall of Egyptian ruler Hosni Mubarak, dissidents ransacking the offices of Egypt’s secret police discovered a contract from Gamma detailing a $380,000 licence to run the software for five months.
The Citizen Lab report lays out how the surveillance tech has also been widely used to monitor activists and dissidents in Bahrain.
Here are the 36 countries that have been found to host FinFisher Command & Control Servers, which the malware connects to begin harvesting reams of data (click to enlarge):
Manach notes that FinFisher also offers a mobile version of its spying system so that authorities can spy on data and communications from mobile phones, even when encrypted.
The report comes two weeks after Google CEO Eric Schmidt wrote in the Wall Street Journal that “the dark side to the digital revolution that is too often ignored” involves technology that “can provide powerful new tools for dictators to suppress dissent.”
Schmidt noted that “everything a regime would need to build an incredibly intimidating digital police state — including software that facilitates data mining and real-time monitoring of citizens — is commercially available right now.”
The Citizen Lab report reveals that governments are increasingly taking advantage of that reality.
The researchers conclude that the proliferation of this type of increasingly powerful surveillance equipment “has serious implications not just for dissidents and activists, but for all of us, no matter our citizenship” given the popular notion that people have a right to secure communications.
http://au.businessinsider.com/countries-with-finfisher-spying-software-2013-5