web analytics

CORTEX Trojan horse?

Written By: - Date published: 10:35 am, December 11th, 2015 - 16 comments
Categories: Abuse of power, Spying - Tags: , ,

Spying, surveillance and CORTEX are back in the news. By way of background, recall the revelations that emerged just prior to the 2014 election at Dotcom’s flawed “Moment of Truth” (NEW ZEALAND LAUNCHED MASS SURVEILLANCE PROJECT WHILE PUBLICLY DENYING IT). Here’s The Guardian summary:

In trying to confuse and deflect the attention in surveillance tool Speargun, Key hastily released some details of a different tool, CORTEX. This raised many interesting questions. More of CORTEX below.

Round 2 on surveillance occurred earlier this year, with further revelations in the “Snowden Files”, as reported in The Herald by Nicky Hager and Ryan Gallagher, for example Snowden revelations / The price of the Five Eyes club: Mass spying on friendly nations. And let’s not forget David Fisher’s scoop on spying for Tim Groser’s failed WTO job bid, GCSB spies monitored diplomats in line for World Trade Organisation job.

Fast forward to today and CORTEX is back in the news. David Fisher:

GCSB ‘Cortex’ system aimed at ISPs

The “Cortex” system Prime Minister John Key made public to counter claims of mass surveillance of New Zealanders is now being aimed at the internet service providers handling the emails and online data of everyday Kiwis.

But the Government Communications Security Bureau said Kiwis’ Twitter communications were safe, with the “eligible” internet service providers (ISPs) carrying less than 1 per cent of the country’s internet traffic. Of that, it was expected 1 per cent at most of that traffic would contain suspect cyber activity and only 0.01 per cent to 0.5 per cent would be seen by a GCSB analyst alerted by an automated system.

The details were published on the GCSB website ahead of an expected announcement today by Communications Minister Amy Adams of a new cyber security action plan.

The details on the GCSB website say it is carrying out a “malware free networks” pilot with an ISP which could later be rolled out to others. It says it is not compulsory for ISPs to join and ISPs are obliged to tell customers their data is being screened.

However, it also says ISPs are not allowed to name the GCSB as being involved because doing so could give hackers a signpost to valuable targets.

It rejected any suggestion it is “mass surveillance”, saying it had an automated searching function to sniff out malicious traffic.

However, it also conceded that a rare set of circumstances could lead to GCSB staff reading people’s emails. In those cases, “all a GCSB analyst would be looking for in an email is evidence of malicious cyber activity”. …

Some pretty odd comments from the GCSB there, but never mind, it seems clear that new measures will be put in place. So is CORTEX in fact benign malware protection, or is it a Trojan horse for more? I have no way of knowing of course. But these comments in the NBR in September make me ponder:

Early successes for Cortex have included helping a government agency mitigate an attack on several officials’ emails, aiding six significant organisations recover from a newly identified source of cyber attack and detecting large-scale targeting of a nationally significant entity as part of a global campaign by a foreign threat, [acting GCSB director] Jagose said. It also helped an Auckland firm recover from overseas criminal attack, resolved a long-term compromise in a large information technology firm, helped a telecommunications provider respond and strengthen systems after suspicious activity on its network, and assisted private sector firms facing ransomware attacks.

Those claimed successes, if indeed a result of CORTEX, while vague, seem to go well beyond simple malware detection and prevention, and in to quite broad analysis of content.

Given this government’s record of secrecy, lies, and misuse of surveillance, I think we the people would be naive to believe that CORTEX and other aspects of the proposed “cyber security action plan” are anything less than another escalation of the surveillance of New Zealanders.


Final footnote – Key long ago withdrew his promise to resign if there was mass surveillance.

PM won’t give assurance NZers not caught in eavesdropping

Key says he won’t quit if mass collection of Kiwis’ communications proved

NEW ZEALAND PRIME MINISTER RETRACTS VOW TO RESIGN IF MASS SURVEILLANCE IS SHOWN

key-resign-no

16 comments on “CORTEX Trojan horse? ”

  1. ianmac 1

    How can he get away with it? Sad that there is no public vehicle where Cortex implications could be explored, or for that matter that Judith Collins “has been cleared of Dirty Tricks.” (Note that “Native Affairs” has been downsized to 30 minutes so that it can explore topical magazine things like TV at seven.)

    • Lara 1.1

      How can he get away with it?

      Easy.

      A great many Kiwis think that “if you have nothing to hide, you have nothing to fear”.

      And that is the sum total of their understanding of the concept of privacy. And its importance.

      • Hanswurst 1.1.1

        It’s also the reverse engineering of “If you have nothing to hide, you have nothing to fear”. Key appears not to be consumed by fear, ergo he has nothing to hide… at least for those who buy into his laid-back public presentation.

  2. Murray Simmonds 2

    Given the fact that Windows 10 now spies on most of its users, and as of last week, Windows Vista, Windows 7 and Windows 8 do likewise (unless you have succeeded in stopping them from doing so), I can’t see that it makes a helluva lot of difference.

    Except I suppose that Mac Users and Linux users may now come under the spyware-net via Cortex, whereas they’d previously been exempt by virtue of being non-Microsoft users.

    It seems to be one of the many prices that we pay for being connected to the internet. That, plus the fact that we now live in a Global-corporation-controlled world. Pity they aren’t as good at doing something about Global Climate Change as they seem to be at doing things about mass-surveillance.

    • Gareth 2.1

      Windows Vista, 7 & 8 are not suddenly spying on users. If you’ve turned on the Customer Experience Improvement Program, then there are 4 Optional KBs which change what is collected by that program.

      You must have CEIP turned on, and you must be installing Optional updates, not just mandatory and recommended ones, to notice any difference.

      Windows 10 on the other hand, does spy on you to be able to serve personalised ads and whatever else Microsoft comes up with.

      • BLiP 2.1.1

        Its not just “Optional” updates Micro$oft is sneaking onto Windows 7 and 8 . . .

        . . . Yes, in a quite bizarre move Infoworld spotted Microsoft has simultaneously reissued no less than four controversial user tracking patches for Windows 7 and Windows 8. Stranger still in an attempt to get them onto more computers, Microsoft has even reclassified one as ‘Important’ so it will now install automatically on any PCs and laptops running default Windows Update settings (read: the vast majority) . . .

        . . . users of Windows 7 and 8 would be advised to check to see if updates KB 2952664, KB 2976978, KB 2977759, and KB 3035583 have been installed. These dodgy “updates” have been rolling out since at least September and there’s bound to more.

        It should also be remembered that Nicro$oft has been colluding with NSA for years.

      • DH 2.1.2

        That’s not true Gareth. I don’t have CEIP turned on and KB3068708 shows as an important update, not an optional one. I had to uninstall that one and then hide it with the other KBs to stop them being installed.

    • Liberal Realist 2.2

      With ISP involvement CORTEX looks to be network based. They’ll likely be intercepting and filtering raw traffic (packets) sniffing for metadata, hence every subscriber using that ISP will be potentially affected. Malware prevention my arse!

      When you install Windows 10 you can disable most of the invasive privacy settings. You can also disable these settings post install. You’ll lose a few features such as Cortana (Which doesn’t do much in NZ region at present). The weirdest one is ‘Wifi Sense’ which can inadvertently share your Wifi password! WTF!

      Anyway, there is plenty of information out there on how to disable these features for normal users.

      Examples:
      http://www.techrepublic.com/article/windows-10-violates-your-privacy-by-default-heres-how-you-can-protect-yourself/

      http://arstechnica.com/information-technology/2015/08/windows-10-doesnt-offer-much-privacy-by-default-heres-how-to-fix-it/

      If you really want to avoid your privacy being compromised you can make it really difficult for the snoops.

      Whonix is an open source, high privacy architecture OS (linux) that you can run in a virtual machine.

      https://www.whonix.org/

      Some detail on Virtual Machines:

      https://theintercept.com/2015/09/16/getting-hacked-doesnt-bad/

  3. Paul Campbell 3

    It was weird, the GCSB director gave a talk about cortex at Kiwicon today …. Almost no technical content …. I see the working with ISPs to protect from malware is basically a Trojan horse to get deep packet inspection into ISP’s premises … If all ISPs offer this ‘service’ we’ll have no choice but having every network packet we send or receive inspected by the GCSB

  4. BLiP 4

    Encrypting your data yet? Its not as difficult as some might think but be careful, some encryption tools are not up to the task. So . . .

    In the face of widespread Internet surveillance, we need a secure and practical means of talking to each other from our phones and computers. Many companies offer “secure messaging” products—but are these systems actually secure? We decided to find out, in the first phase of a new EFF Campaign for Secure & Usable Crypto.

    This scorecard represents only the first phase of the campaign. In later phases, we are planning to offer closer examinations of the usability and security of the tools that score the highest here. As such, the results in the scorecard below should not be read as endorsements of individual tools or guarantees of their security; they are merely indications that the projects are on the right track. For practical advice and tutorials on how to protect your online communication against surveillance, check out EFF’s Surveillance . . . Self-Defense guide.

    With National Ltd™’s plans to involve corporations in its mass-surveillance progrom, its not just government we have to protect ourselves from.

  5. Bill 5

    something about lobotomy…

  6. vto 6

    I think the world has accepted that government and spies cannot be trusted one iota, and that all of their internet traffic is under surveillance and is stored.

    As such people’s habits are changing. For example, use cash pretty much all the time now. Cash is also faster, more convenient and easier. If cash had been invented now it would be held up as the next great technology, such are its benefits. Doh.

  7. Murray Simmonds 7

    I posted this link earlier in the week (or was it last week??)

    http://www.forbes.com/sites/gordonkelly/2015/09/06/windows-10-worst-feature-now-installing-on-windows-7-and-windows-8/

    There are several other interesting articles in Forbes magazine, including situations reported where Microsoft automatically installed the Windows 10 upgrade on machines where it wasn’t wanted; they did so WITHOUT the permission of the owners.

    Its well worth checking out those articles in Forbes magazine.

  8. Esoteric Pineapples 8

    I think we can take it as read that the government has the capacity to spy on anyone it wants to. It would be so easy to set up someone you want to bring down. As just one example, set up a false identity on Facebook as an attractive young woman (or using a real one). Develop an online a comproming online sexual relationship. Save the target’s communications and then publically release them. (Probably works mostly with men). Basically the “honeypot” manouvre.
    Someone wants to know my real identity from comments on the Standard? Just hack into the site using survelliance technology to find my email etc. I’ve joined a Facebook page on the Kurds. I take it as read that I run the risk that if I ever go to Turkey my name may pop up when they read my passport as someone undesirable. Protecting your privacy is something that really only applies to not wanting friends, family and the community to know stuff about you. Politically you might as well lay your heart on your sleeve.

Recent Comments

Recent Posts

  • What’s Labour achieved so far?
    Quite a bit! This Government was elected to take on the toughest issues facing Aotearoa – and that’s what we’re doing. Since the start of the pandemic, protecting lives and livelihoods has been a priority, but we’ve also made progress on long-term challenges, to deliver a future the next generation ...
    6 days ago
  • Tackling the big issues in 2022
    This year, keeping Kiwis safe from COVID will remain a key priority of the Government – but we’re also pushing ahead on some of New Zealand’s biggest long-term challenges. In 2022, we’re working to get more Kiwis into homes, reduce emissions, lift children out of poverty, and ensure people get ...
    1 week ago
  • Happy new year, Aotearoa!
    Welcome to 2022! As we look ahead to another year of progress on the big issues facing our country, we’re taking a look back at the year that’s been and everything the team of five million achieved together in 2021. ...
    3 weeks ago

  • New Zealand prepared to send support to Tonga
    New Zealand is ready to assist Tonga in its recovery from Saturday night’s undersea eruption and tsunami, Foreign Affairs Minister Nanaia Mahuta and Defence Minister Peeni Henare said today. “Following the successful surveillance and reconnaissance flight of a New Zealand P-3K2 Orion on Monday, imagery and details have been sent ...
    BeehiveBy beehive.govt.nz
    1 day ago
  • Aotearoa New Zealand stands ready to assist people of Tonga
    The thoughts of New Zealanders are with the people of Tonga following yesterday’s undersea volcanic eruption and subsequent tsunami waves, Foreign Affairs Minister Nanaia Mahuta says. “Damage assessments are under way and New Zealand has formally offered to provide assistance to Tonga,” said Nanaia Mahuta. New Zealand has made an ...
    BeehiveBy beehive.govt.nz
    3 days ago
  • Record high of new homes consented continues
    In the year ended November 2021, 48,522 new homes were consented, up 26 per cent from the November 2020 year. In November 2021, 4,688 new dwellings were consented. Auckland’s new homes consented numbers rose 25 per cent in the last year. Annual figures for the last nine months show more ...
    BeehiveBy beehive.govt.nz
    6 days ago
  • Report trumpets scope for ice cream exports
    Latest research into our premium ice cream industry suggests exporters could find new buyers in valuable overseas markets as consumers increasingly look for tip top quality in food. Economic Development Minister Stuart Nash has released a new report for the Food and Beverage Information Project. The project is run by ...
    BeehiveBy beehive.govt.nz
    1 week ago
  • Honouring the legacy of legendary kaumātua Muriwai Ihakara
    Associate Minister for Arts, Culture, and Heritage Kiri Allan expressed her great sadness and deepest condolences at the passing of esteemed kaumātua, Muriwai Ihakara. “Muriwai’s passing is not only a loss for the wider creative sector but for all of Aotearoa New Zealand. The country has lost a much beloved ...
    BeehiveBy beehive.govt.nz
    1 week ago
  • Have your say on proposed changes to make drinking water safer
    Associate Minister for the Environment Kiri Allan is urging all New Zealanders to give feedback on proposed changes aimed at making drinking water safer. “The current regulations are not fit for purpose and don’t offer enough protection, particularly for those whose water comes from smaller supplies,” Kiri Allan said. “This ...
    BeehiveBy beehive.govt.nz
    1 week ago
  • Planting the seeds for rewarding careers
    A boost in funding for a number of Jobs for Nature initiatives across Canterbury will provide sustainable employment opportunities for more than 70 people, Conservation Minister Kiri Allan says. “The six projects are diverse, ranging from establishing coastline trapping in Kaikōura, to setting up a native plant nursery, restoration planting ...
    BeehiveBy beehive.govt.nz
    2 weeks ago
  • New Zealand congratulates Tonga's new Prime Minister on appointment
    Minister of Foreign Affairs Nanaia Mahuta today congratulated Hon Hu'akavameiliku Siaosi Sovaleni on being appointed Prime Minister of the Kingdom of Tonga. “Aotearoa New Zealand and Tonga have an enduring bond and the Kingdom is one of our closest neighbours in the Pacific. We look forward to working with Prime ...
    BeehiveBy beehive.govt.nz
    2 weeks ago
  • High-tech investment extends drought forecasting for farmers and growers
    The Government is investing in the development of a new forecasting tool that makes full use of innovative climate modelling to help farmers and growers prepare for dry conditions, Agriculture Minister Damien O'Connor said.  The new approach, which will cost $200,000 and is being jointly funded through the Ministry for ...
    BeehiveBy beehive.govt.nz
    2 weeks ago
  • Support for fire-hit Waiharara community
    The government will contribute $20,000 towards a Mayoral Relief Fund to support those most affected by the fires in Waiharara in the Far North, Minister for Emergency Management Kiri Allan says. “I have spoken to Far North Mayor John Carter about the effect the fires continue to have, on residents ...
    BeehiveBy beehive.govt.nz
    2 weeks ago
  • Manawatū’s ‘oases of nature’ receive conservation boost
    The Government is throwing its support behind projects aimed at restoring a cluster of eco-islands and habitats in the Manawatū which were once home to kiwi and whio. “The projects, which stretch from the Ruahine Ranges to the Horowhenua coastline, will build on conservation efforts already underway and contribute ...
    BeehiveBy beehive.govt.nz
    2 weeks ago
  • New Zealand to continue Solomon Islands support
    A New Zealand Defence Force and Police deployment to help restore peace and stability to Solomon Islands is being scaled down and extended. The initial deployment followed a request for support from Solomon Islands Government after riots and looting in capital Honiara late last month. They joined personnel from Australia, ...
    BeehiveBy beehive.govt.nz
    2 weeks ago
  • Our Pacific community shares in New Year’s Honours
    Prominent Pacific health champion Faumuina Professor Fa’afetai Sopoaga has been made a Companion of the New Zealand Order of Merit in the New Year’s Honours list. Professor Sopoaga has been a champion for Pacific Health at Otago University, said Minister of Pacific Peoples Aupito William Sio. “She’s overseen changes in ...
    BeehiveBy beehive.govt.nz
    3 weeks ago
  • Congratulations to Māori New Year’s Honours stars of 2022
    Kei aku rangatira kua whakawhiwhia koutou ki ngā tohu ā tō tātou kuīni hei whakanui nui i ā koutou mahi rangatira i hāpai i te manotini puta noa i a Aotearoa. Ko koutou ngā tino tauira. I whanake i ngā hapori, iwi, hapū, whānau me te motu anō hoki. Mauri ...
    BeehiveBy beehive.govt.nz
    3 weeks ago
  • Top honours for women in sport
    Minister of Sport and Recreation Grant Robertson has congratulated Olympian Lisa Carrington and Paralympian Sophie Pascoe on being made Dames Companion of the New Zealand Order of Merit (DNZM) in the 2022 New Year Honours. Lisa Carrington is New Zealand’s most successful Olympian, having won five gold and one bronze ...
    BeehiveBy beehive.govt.nz
    3 weeks ago
  • PM congratulates 2022 New Year Honours recipients
    The New Zealanders recognised in the New Year 2022 Honours List represent the determination and service exemplified by so many New Zealanders during what has been another tough year due to the global COVID-19 pandemic, Prime Minister Jacinda Ardern said. “I never fail to be amazed by the outstanding things ...
    BeehiveBy beehive.govt.nz
    3 weeks ago