Legal Beagle: Kim Dotcom and the GCSB
97 Responses
First ←Older Page 1 2 3 4 Newer→ Last
-
More generally, if you were involved in the process of spying on a group if people who ran a business of making money off the internet, and whose paranoia was fed by the "h4xx0r" culture, you would probably go in to any warrant request aiming for stuff that you knew you could access and get relevant info out of, which just screams "smartphones" combined with basic traffic data on Megaupload's servers. Hacking CCTV feeds (for example) seems like a fishing trip in comparison.
-
andin, in reply to
Wellington is a small place, with its own communities. I know a number of people who work or have worked at GCSB. I went to university with some of them.
I dont see that as any great recommendation of workplace neutrality and transparency. Seems more like a breeding ground of some sort
-
Joe Wylie, in reply to
However, I do object to be told I'm swapping one bedtime story for another.
No-one here, as far as I'm aware, has characterised local intelligence operatives in infantile pop culture terms. Like most of those who presume to indulge in a little high-handed deconstruction, you object when it's done to you. If that kind of casual presumption of informed superiority is all the go amongst your GCSB acquaintances then us lesser mortals have yet another reason to feel uneasy.
-
Geoff Lealand, in reply to
None of them seem particularly bright nor perceptive?
-
Rich of Observationz, in reply to
I'm sure that most of the worker bees in telcos have the attitudes you suggest.
But that needn't matter. What would probably happen is that they'd install a lawful intercept configuration as described here and stick it in a cage at the data centre. Access would be limited to a small group of GCSB cleared (or even GCSB supplied) employees (a bit as described in this New Scientist article ).
(There's a legitimate reason for this in preventing the disclosure of the targets of monitoring activity).
Once you've done this, the actual configuration of the routers becomes something that isn't known outside the intelligence organisation, and can readily be changed to e.g. route all port 25 traffic off to NSA.
-
Andre Alessi, in reply to
But that needn’t matter. What would probably happen is that they’d install a lawful intercept configuration as described here and stick it in a cage at the data centre. Access would be limited to a small group of GCSB cleared (or even GCSB supplied) employees (a bit as described in this New Scientist article ).
(There’s a legitimate reason for this in preventing the disclosure of the targets of monitoring activity).
Yep, and all that happens after the relevant legal hoops are jumped through. It's not done as some kind of favour to Big Brother (which was what your original post suggested.)
Lawful intercepts are not all that uncommon, but there's a process that everybody involved follows to ensure things are done correctly.
-
Sacha, in reply to
GCSB's assurance that the person is under investigation
Investigation would be a Police role. I suspect we'll hear more about that over the next day or two.
-
Sacha, in reply to
And the NSA already gets any traffic routed through US telcos and ISPs - oh and all the Echelon intel for our broader region via the GCSB.
-
Rich of Observationz, in reply to
there's a process that everybody involved follows to ensure things are done correctly
I'm sure this happens for Police requests, and for the "two or three" GCSB warranted wiretaps each year. What I'm unconvinced of is that GCSB don't also have a backdoor that they can use to gather "foreign intelligence". This wouldn't be visible to ordinary telco employees at any level.
And my original question was whether *if* they had such a facility, it would be an illegal interception.
-
Sacha, in reply to
And my original question was whether *if* they had such a facility, it would be an illegal interception.
Seems to hinge on the residency status of the target.
-
Danyl adds some pertinent questions.
...what strikes me as the real issue is that someone in the GCSB must have known that they broke the law, and they kept it quiet for months before notifying anyone. That’s a sacking/resignation level offense.
I’m still a bit unclear on Bill English’s level of complicity. ...
And this gem from the comments had me in stitches:
It has all become suddenly clear to me. John Banks… John Banks must be a covert CGSB operative. What else can explain his fiendishly clever and successful machinations to get close to Kim Dotcom, his mansion and his bank account? The man is a hero – for the sake of his country and to protect it against the scourge of pirated music he has sacrificed his reputation, his integrity and his career. For the sake of future generations he has taken on the role of public buffoon. This has been a brilliant diversion worthy of the great Raffles himself. We will forever be in his debt.
-
However, I do object to be told I’m swapping one bedtime story for another. Wellington is a small place, with its own communities. I know a number of people who work or have worked at GCSB. I went to university with some of them. I base my description of the people working there on that rather than on my imagination.
Nicky Hager, who has interviewed many GCSB employees over the years, would probably agree with you. Many are just ordinary people, doing a job that interests them, and they have mixed views on some of their activities as does everyone else.
Indeed, we wouldn't know as much as we do about the GCSB and about the Echelon system if these people hadn't been willing to come forward and talk and give Hager documents.
No doubt there’s others who are dicks, but I think it’s a bit simplistic to label everyone in an organisation, or indeed everything an organisation does (and I’ve spent several weekends in Blenheim protesting against the GCSB) as bad.
-
Sacha, in reply to
that must have caused some family tension. :)
-
I've known a few people that worked for GCSB - they used to have a very high turn-over rate due to a dysfunctional culture. I'm not sure if this has been resolved.
The complaint I always heard from staffers and ex-staffers is that the organisation consists of (a) computer scientists and mathematicians working for (b) ex-military officers with no background in those fields, and that this worked about as well as you'd expect it to.
-
Something Graeme might be able to help with regarding jurisdiction: if the GCSB receives information from intercepts conducted outside NZ, that isn't an offence, right?
-
DexterX, in reply to
Danyl adds some pertinent questions.
...what strikes me as the real issue is that someone in the GCSB must have known that they broke the law, and they kept it quiet for months before notifying anyone. That’s a sacking/resignation level offense.
I’m still a bit unclear on Bill English’s level of complicity. ...The role of the GCSB only came to light when the Police were giving evidence in Court on the extradition and disclosure issues.
How do armed FBI operatives get entry into NZ and then escort/observe the GCSB and the NZ Police raid on the Kim Dot Com home - the purpose of the raid is to take him into custody, gather evidence and get him extradited to the USA - without the Government of the day, at the highest level, knowing this?
I feel it is likely that the GCSB were directed by the Government, at the highest level, to conduct the surveillance and it took place much earlier on than has been admitted.
-
that must have caused some family tension. :)
Not at Waihopai. CHOGM in 1995 however...
-
Read no evil...
One thing that seems odd to me in the whole chain of this, is that English signed the order in Key's absence, but apparently Key only heard about this last week...
Why was there no update on this (major intelligence approval) for the Prime Minister on his return?
Was this yet another document Key refuses to read? In an attempt to keep up his stance that he had never heard of Dotcom prior to the day of the arrest... -
Sacha, in reply to
Why was there no update on this (major intelligence approval) for the Prime Minister on his return?
Key seemed to claim in Question Time today that his acting PM didn't brief him because English expected the GCSB to do so. Right.
-
Matthew Poole, in reply to
We could simplify that to "any wireless connection" given the speed with which wireless security can be broken.
Best of British to you breaking into the SSL VPN that I sometimes tunnel across WiFi, to give one example of wireless traffic that you would not call insecure.
Also, the vulnerability in WPA2 requires that the listening station be inside the network. WPA2 is not, at least publicly, weak to outsiders sniffing the traffic. Even the "WiFi Protected Setup" hole doesn't weaken the cryptographic security of WPA2 with a good key.Plus given that the very fact of having implemented even as little as WEP demonstrates an intent to keep the network private, I would suggest that anything sniffed off a WiFi network running other than wide open could be easily argued to be inadmissible in a court hearing if there was no interception warrant. After all, if you had to break in then you were obviously not authorised, and knew it.
-
Matthew Poole, in reply to
And they have some responsibility for government computer security.
GCSB have ultimate responsibility for government computer security because they're the body that publishes the New Zealand Information Security Manual (NZISM), the Bible on InfoSec in NZ Government.
Rich's comment is, as you point out, well short of the mark. GCSB's budget is for their non-warrant interception and monitoring, for the maintenance of NZISM and providing advice to all government agencies on compliance with its requirements, and for the running of the National Cyber Security Centre, plus their tiny number of warranted intercepts.
-
Matthew Poole, in reply to
Guess where the problem probably lies?
We know exactly where it lies: OFCANZ.
I'm actually not that bothered that GCSB didn't make their own enquiries about KDC's residency status. We all know, now, that he's a resident, and was at the time, but I'd never really even heard of him until this all blew up. With hindsight people are saying "A quick Google would've resolved the matter", but when you're talking about matters of absolute legal accuracy the first course of action for getting a correct answer should be to rely on the word of a law-enforcement agency that has asked you to do the work. After all, if they don't have it right...
Considering that GCSB is meant to operate in secret - and I have no particular problem with that - it would make more sense for them to rely on agencies with a public face to make inquiries about someone's residency status. After all, legal confirmation of that can only come from DIA and making the approach potentially blows operational cover. It would be quite normal, I imagine, for the Police to ask DIA to confirm residency status of individuals, and people shouldn't lose sight of the fact that it was the Police who initiated this investigation. If GCSB had started the work on their own initiative and not enquired further it would be a different story.
-
Matthew Poole, in reply to
an idemniity that could bugger the surplus in 2015
You appear to have an inaccurate impression of the scale of damage awards in such cases in New Zealand.
Given how tenuous the projected surplus is, if KDC were to sue on the basis that the detention of his funds in NZ prevented him from defending Mega Upload and thus brought about the demise of a half-billion-dollar business, it wouldn't actually be at all out of the realm of possibility for a very reasonable damages award to be greater than the projected surplus (ignoring the minor possibility of such an argument being successful). I believe the surplus is only at the order of $100m at this point, and a one-third award for damages would shoot that all to hell.
-
Matthew Poole, in reply to
Does anyone have a map showing the routes of the fibre optic links around the country? Including where they go from offshore into NZ? Any detours they make etc. Needs to be down to road level probably.
That kind of tapping would be very definitely in the "interception device" category for reasons that start with being indiscriminately monitoring multiple circuits and continue with being a physical device installed on the line. If GCSB weren't needing a warrant for this, they weren't tapping the fibre out of Chez DotCom.
-
Matthew Poole, in reply to
What would probably happen is that they’d install a lawful intercept configuration as described here and stick it in a cage at the data centre
Except that that would not be lawful in the absence of an interception warrant, and that includes ISP staff acting on behalf of the GCSB. There is no provision for GCSB-controlled interception devices to be connected to ISP networks on a permanent basis, and as Andre has pointed out the people who can make such devices work or otherwise are not, generally, sympathetic to the cause of the GCSB. ISP network engineers are fairly universally suspicious of people who want to monitor the communications of other people, and because of the fundamental security principle that anyone with physical access to your stuff owns it the GCSB won't be wanting to expose their kit to any greater risk of compromise than strictly necessary.
This is not the UK or the US. Things that might be plausible in their legal environments are not plausible here. When looking at the UK, consider that it's the home of the DA Notice before trying to transplant their culture to here, and the US was the home of massive levels of utterly-illegal wire-tapping at the level of telephone circuits.
Post your response…
This topic is closed.