12/13/2014

#belgacomhack and De Standaard the good and the bad

First we should honour the courage and persistance of De Standaard for several reasons

* to give its journalists the possibility to research, read and understand what has happened

* to contact the keepers of the Snowden cache of documents to get more documents about this operation

* to publish a story on 4 pages about this particular hacking

we are also very impressed that

* they have understood that this is NOT a hacking operation but an espionage operation and it is important to understand this because this needs another framework of interpretation and analysis

* they seem to have read a lot from this blog and have understood some of the points that we were and are making

but

* they seem to have misunderstood that with this Regin that was found at Belgacom the question of the certificates was also resolved. It were fake Microsoft certificates that signed the code as if it was from Microsoft. This also makes it necessary for Microsoft and others to think about some way to control those cerfiticates without any doubt

* the Belgacompeople said at their securityevent that they were suprised that only so few data effectively left the company. It were very small textpackages. This is understandable if you understand that both operations were according to the Canadians and the British Official Operations (which means that there will have been given permission to look for certain specific information and nothing more and that everything should have been programmed like that). We also know that it was not Belgacom but the mobile network of BICS that was targeted and more particulary certain networks that was used by certain telephone numbers. (nowadays one would install the IMTS spy mobilecatchers that were discovered in Norway today) This means that only certain metadata was extracted. The possible repercussions for all the other instances and organisations is maybe limited but we also don't know what some services or representatives have been telling all those people since than. The fact that so few of their important customers are protesting is maybe a sign that they have been briefed or informed that this operation was linked to the tracking of terrorists and some other people.

So that they have hacked the NATO and the European Union is a bit jumping to conclusions. As a legal spyoperation it could also have gone rogue this way and made some big problems for those involved and those who gave the permission.

and as we have said, we have moved on from Snowden, the real question is not Snowden but how we can incorporate the european intelligence services in the five eyes operations as we have to prepare for the new cold war (that may become hotter during some local wars in Eastern Europe and the baltics)

we don't have to wait too long to start those negotiations and to build a new extended framework for the democratic intelligence services to exchange information faster and more effectively with the necesary democratic oversight and the strict definition of rights and duties of those agencies.

this important question should also have been asked

Permalink | |  Print |  Facebook | | | | Pin it! |

The comments are closed.