It's pretty clear that these files just contain dummy values for debugging / test / placeholder purposes. There's no indication that these ever end up being pushed to devices. -Travis On Mon, Feb 22, 2016 at 11:26 PM, Rayzer <Rayzer@riseup.net> wrote:
Cari Machet wrote:
On Feb 21, 2016 10:45 AM, "Douglas Lucas" <dal@riseup.net <mailto:dal@riseup.net>> wrote:
@OpDeathEatersUS on Twitter says - https://twitter.com/OpDeathEatersUS/status/619267423749828608 - that Hacking Team sells child porn evidence fabrication tools, and cites
this
code -
https://github.com/hackedteam/rcs-common/blob/master/lib/rcs-common/evidence...
- in support of the claim.
Can someone more programming-proficient than I look at the code and tell me 1) what it does overall, and 2) what the highlighted line - which mentions "childporn.avi" and "pedoporno.mpg" - does in particular?
From the code analyst:
Embedded in Galileo code 'pedoporn' 'childporn avi'
One idea - considering hacking team w/FBI and DEA, you can embed that code to give the appearance that the flagged target is under surveillance for child porn but since there is already an FBI flag for that, it's a lie. It's a mask to hide that your surveilling someone but you have no legitimate legal reason to do it.
a 'childporn.avi' - is a profile pic like an 'avatar' that flags the person as in a child porn ring but hacking team doesn't do 'rings' - they do targeted (activists, dissidents etc) surveillance. So that's off and since it's embedded "placed over the source code" - the LEA is using it to mask the real reason they are spying on this person
LEA likes to use child porn as a 'plant' - it's like an old school cop 'planting' cocaine on someone they've violated.
END
"childporn.avi" and "pedoporno.mpg"
Those vids... Are they being planted on the site under attack by the hacking team or it's software or is it linked offsite?
-- RR "Through counter-intelligence it should be possible to pinpoint potential trouble-makers ... And neutralize them, neutralize them, neutralize them"
Here's some background:
http://arstechnica.com/security/2015/07/massive-leak-reveals-hacking-teams-m...
http://www.wired.com/2015/07/fbi-spent-775k-hacking-teams-spy-tools-since-20...
From the Ars Technica article:
=== According to one spreadsheet first reported by Wired, the FBI paid Hacking Team more than $773,226.64 since 2011 for services related to the Hacking Team product known as "Remote Control Service," which is also marketed under the name "Galileo." One spreadsheet column listed simply as "Exploit" is marked "yes" for a sale in 2012, an indication Hacking Group may have bundled some sort of attack code that remotely hijacked targets' computers or phones. Previously, the FBI has been known to have wielded a Firefox exploit to decloak child pornography suspects using Tor.
Security researchers have also scoured leaked Hacking Team source code for suspicious behavior. Among the findings, the embedding of
references
to child porn in code related to the Galileo. ===
Thanks,
Douglas
-- Twitter <https://twitter.com/tbiehn> | LinkedIn <http://www.linkedin.com/in/travisbiehn> | GitHub <http://github.com/tbiehn> | TravisBiehn.com <http://www.travisbiehn.com> | Google Plus <https://plus.google.com/+TravisBiehn>