The Hacking Team, USENET and OpSec
Last Updated: Jul 13, 2015
The Hacking Team, an Italian company that sells hacking software to governments, suffered a major hack itself during the first week of July.
Hackers leaked documents they said were taken from The Hacking Team, but the documents have not been authenticated as of yet. The 400GB worth of information, available over Bittorrent, reveals that The Hacking Team could be working with some of the most repressive regimes in the world, providing them with software that allows government snoops to get into computers without being traced while doing so.
Ironically enough, the CEO of the company, David Vincenzetti, has an impressive history of helping everyday people to secure their data against exactly the type of intrusion his company now makes possible.
In fact, Vincenzetti even hosted one of the early versions of PGP on his own server in the early 1990s, according to Ars Technica.
The young programmer also spent quite a bit of his time trying to improve security software. He even published an academic paper on his work in 1993.
So, how does The Hacking Team make a buck?
According to the documents that were leaked, by doing exactly the opposite type of work that the younger Vincenzetti put his efforts into.
From Advocating Privacy to Selling the Tools to Destroy It
Reporters Without Borders, an organization that advocates for freedom of speech, lists The Hacking Team as among The Enemies of the Internet
The organization names The Hacking Team’s DiVinci Remote Control System in their description of the company.
DiVinci is designed to allow government agencies to defeat encryption and gain control of “end points,” meaning user’s computers.
The Remote Control System is essentially malware. Reporters Without Borders notes that the software, or traces of it, has been found in use by governments that are known to repress human rights. They include Morocco and the United Arab Emirates.
According to CNET, the company’s clients also include:
- Saudi Arabia
The company has denied that their software is used to suppress human rights, but Reporters Without Borders alleges that it has been used by oppressive regimes to go after journalists and activists.
The leaked documents suggest much the same. The company, according to sources, said that it had not sold its products to Sudan, but the documents leaked by hackers indicate that The Hacking Team may actually have sold software to that nation.
This, of course, is likely disturbing to anyone that uses encryption to protect their privacy online. That group of people would include most USENET users.
Is it still safe? That’s a complicated question.
USENET and Encryption
There’s really no such thing as perfect security. According to experts, however, encryption still works , and it still enhances your privacy. Also consider using a VPN to protect your privacy online.
If you want to be as anonymous as possible when you’re on USENET, go with a provider that doesn’t keep logs of your activity. Most providers do not keep logs.
USENET providers will require that you use a specific port to download from USENET, or read or post articles, while encrypted. You can usually find which port to use in your welcome email, or you can check their site for the specifics.
Encryption is still the best way to protect your privacy online. As was said, if you’re looking for a perfect solution, you’re not going to find that, but that shouldn’t prevent you from using something that’s regarded as a good option if it’s available.