On Feb 21, 2016 10:45 AM, "Douglas Lucas" <dal@riseup.net> wrote:
>
> @OpDeathEatersUS on Twitter says -
> https://twitter.com/OpDeathEatersUS/status/619267423749828608 - that
> Hacking Team sells child porn evidence fabrication tools, and cites this
> code -
> https://github.com/hackedteam/rcs-common/blob/master/lib/rcs-common/evidence/file.rb#L17
> - in support of the claim.
>
> Can someone more programming-proficient than I look at the code and tell
> me 1) what it does overall, and 2) what the highlighted line - which
> mentions "childporn.avi" and "pedoporno.mpg" - does in particular?

From the code analyst:

Embedded in Galileo code 'pedoporn' 'childporn avi'

One idea - considering hacking team w/FBI and DEA, you can embed that code to give the appearance that the flagged target is under surveillance for child porn but since there is already an FBI flag for that, it's a lie. It's a mask to hide that your surveilling someone but you have no legitimate legal reason to do it.

a 'childporn.avi' - is a profile pic like an 'avatar' that flags the person as in a child porn ring but hacking team doesn't do 'rings' - they do targeted (activists, dissidents etc) surveillance. So that's off and since it's embedded "placed over the source code" - the LEA is using it to mask the real reason they are spying on this person

LEA likes to use child porn as a 'plant' - it's like an old school cop 'planting' cocaine on someone they've violated.

END

>
> Here's some background:
>
> http://arstechnica.com/security/2015/07/massive-leak-reveals-hacking-teams-most-private-moments-in-messy-detail/
>
> http://www.wired.com/2015/07/fbi-spent-775k-hacking-teams-spy-tools-since-2011/
>
> From the Ars Technica article:
>
> ===
> According to one spreadsheet first reported by Wired, the FBI paid
> Hacking Team more than $773,226.64 since 2011 for services related to
> the Hacking Team product known as "Remote Control Service," which is
> also marketed under the name "Galileo." One spreadsheet column listed
> simply as "Exploit" is marked "yes" for a sale in 2012, an indication
> Hacking Group may have bundled some sort of attack code that remotely
> hijacked targets' computers or phones. Previously, the FBI has been
> known to have wielded a Firefox exploit to decloak child pornography
> suspects using Tor.
>
> Security researchers have also scoured leaked Hacking Team source code
> for suspicious behavior. Among the findings, the embedding of references
> to child porn in code related to the Galileo.
> ===
>
> Thanks,
>
> Douglas