Travis Biehn wrote:
> It's pretty clear that these files just contain dummy values for
> debugging / test / placeholder purposes. There's no indication that
> these ever end up being pushed to devices.
>
> -Travis
>
Just for giggles I did a search on those file names.
pedoporno.mpg turns up articles on top about the Hacking Team
childporn.avi turns up hits about the BAT_ETIMOLOD.A virus followed by
Hacking Team hits farther down the page. At least one of these files is
not always a dummy.
--
RR
"Through counter-intelligence it should be possible to pinpoint potential trouble-makers ... And neutralize them, neutralize them, neutralize them"
> On Mon, Feb 22, 2016 at 11:26 PM, Rayzer <Rayzer@riseup.net
> <mailto:Rayzer@riseup.net>> wrote:
>
> Cari Machet wrote:
> >
> >
> > On Feb 21, 2016 10:45 AM, "Douglas Lucas" <dal@riseup.net
> <mailto:dal@riseup.net>
> > <mailto:dal@riseup.net <mailto:dal@riseup.net>>> wrote:
> > >
> > > @OpDeathEatersUS on Twitter says -
> > > https://twitter.com/OpDeathEatersUS/status/619267423749828608
> - that
> > > Hacking Team sells child porn evidence fabrication tools, and
> cites this
> > > code -
> > >
> >
> https://github.com/hackedteam/rcs-common/blob/master/lib/rcs-common/evidence/file.rb#L17
> > > - in support of the claim.
> > >
> > > Can someone more programming-proficient than I look at the
> code and tell
> > > me 1) what it does overall, and 2) what the highlighted line -
> which
> > > mentions "childporn.avi" and "pedoporno.mpg" - does in particular?
> >
> >
> > From the code analyst:
> >
> > Embedded in Galileo code 'pedoporn' 'childporn avi'
> >
> > One idea - considering hacking team w/FBI and DEA, you can embed
> that
> > code to give the appearance that the flagged target is under
> > surveillance for child porn but since there is already an FBI
> flag for
> > that, it's a lie. It's a mask to hide that your surveilling someone
> > but you have no legitimate legal reason to do it.
> >
> > a 'childporn.avi' - is a profile pic like an 'avatar' that flags the
> > person as in a child porn ring but hacking team doesn't do 'rings' -
> > they do targeted (activists, dissidents etc) surveillance. So that's
> > off and since it's embedded "placed over the source code" - the
> LEA is
> > using it to mask the real reason they are spying on this person
> >
> > LEA likes to use child porn as a 'plant' - it's like an old
> school cop
> > 'planting' cocaine on someone they've violated.
> >
> > END
> >
>
> "childporn.avi" and "pedoporno.mpg"
>
> Those vids... Are they being planted on the site under attack by the
> hacking team or it's software or is it linked offsite?
>
>
>
> > >
> > > Here's some background:
> > >
> > >
> >
> http://arstechnica.com/security/2015/07/massive-leak-reveals-hacking-teams-most-private-moments-in-messy-detail/
> > >
> > >
> >
> http://www.wired.com/2015/07/fbi-spent-775k-hacking-teams-spy-tools-since-2011/
> > >
> > > From the Ars Technica article:
> > >
> > > ===
> > > According to one spreadsheet first reported by Wired, the FBI paid
> > > Hacking Team more than $773,226.64 since 2011 for services
> related to
> > > the Hacking Team product known as "Remote Control Service,"
> which is
> > > also marketed under the name "Galileo." One spreadsheet column
> listed
> > > simply as "Exploit" is marked "yes" for a sale in 2012, an
> indication
> > > Hacking Group may have bundled some sort of attack code that
> remotely
> > > hijacked targets' computers or phones. Previously, the FBI has
> been
> > > known to have wielded a Firefox exploit to decloak child
> pornography
> > > suspects using Tor.
> > >
> > > Security researchers have also scoured leaked Hacking Team
> source code
> > > for suspicious behavior. Among the findings, the embedding of
> references
> > > to child porn in code related to the Galileo.
> > > ===
> > >
> > > Thanks,
> > >
> > > Douglas
> >
>
>
