[liberationtech] Exactly how are satellite transmissions tapped/intercepted, in Syria and elsewhere?

[Brian Conley]

Thanks for your comments Jake.

Those are all essentially my perceptions as well. This is why I see the
primary goal to be informing people just how dangerous satellite phones
are, and providing the best practices possible.

In the case of Syrian activists, they've turned to satphones not because
they believe they are the magical devices seen in "24" but because they are
the best of a lot of bad options. Right now we know thuraya is compromised,
but its important to ensure activists have the best possible information
about the likelihood other networks will be compromised, etc.

Where might I locate information about tampering with the location
specifics? Would also be really happy to have your insight and other
suggestions, on or off list.

On Mon, Nov 28, 2011 at 7:16 PM, Jacob Appelbaum <jacob at appelbaum.net>wrote:

> On 11/28/2011 04:22 PM, Gustaf Bjvrksten wrote:
> > On 11/28/2011 05:42 PM, Brian Conley wrote:
> >> Hi all,
> >>
> >> First of all, thanks Brett for that article about Area SpA, great news!
> >>
> >> Secondly, I'm in the middle of some research into how satellite
> >> communications are being used by activists, as well as how they are
> being
> >> used/intercepted by Syrian authorities in an attempt to quell the
> uprising.
> >> I've read a number of articles in a disjointed fashion, and am just now
> >> beginning to coordinate my efforts. I am working on a series of best
> >> practices for being "most safe" as I'm not sure we can offer much better
> >> than that with regard to satellite equipment, furthermore I'm hoping to
> >> provide an educated understanding of just what the risks are and what
> might
> >> be done to mitigate them. However my impression is that the guide will
> >> primarily be about understanding the full extent of the risk you place
> >> yourself in.
> >>
> >> I have heard rumors about Syria's capacity direct from Syrian activists,
> >> including that some calls made with thuraya phones have been recorded,
> and
> >> that a phone simply making a call, for the first time, in a distant
> >> location was tracked by syrian authorities. unfortunately, as many of
> you
> >> know, such anecdotes are not as helpful as they might seem, and that its
> >> important to understand, as best we can, just why thuraya phones seem
> to be
> >> "less safe" than inmarsat or iridium, and to ensure that syrians don't
> >> become lax and begin to depend on an alternate tool to thuraya such as
> >> inmarsat phones, only to find themselves equally targeted via that
> means,
> >> though it may take the regime longer to establish practices.
> >>
> >> Anyhow, what I'm looking for are accounts of how satphones have been
> >> used/tracked in syria, as well as articles about syria's capacity to
> >> monitor satellite transmissions. Separately I'll be researching the
> >> practical capabilities of various satphones to ensure that readers of
> the
> >> guide have access to the best information available, though this will
> >> obviously need to evolve over time.
> >
> > Hi Brian,
> >
> > Access has also heard a number of reports from Syria that Thuraya
> > satellite devices have been giving away the location of the device
> > operators as soon as the devices are used. Our reports suggest this is
> > limited to Thuraya devices only, and that the use of satellite
> > technology from other providers does not seem to have the consequence of
> > position information leakage to the authorities at this time.
> >
>
> This is not strictly correct. All satellite communications systems are
> privacy invasive. BGAN, Thuraya, etc.
>
> > We do know that Thuraya devices transmit their location periodically as
> > part of their communications protocol[1][2].
>
> This is common in all satellite communications systems.
>
> > While this information is
> > encrypted there seems to be some doubt as to the strength of that
> > encryption. The US military complex did not have much faith in it and
> > seems to have been able to bypass or crack the encryption to access the
> > location information of Thuraya devices used by Iraqi Government
> > officials[2]. While it is not clear exactly how this was achieved we do
> > know that Thuraya devices were manufactured by Boeing and this fact may
> > have contributed to an easy decryption route for US forces.
> >
>
> Thuraya is easy to monitor. It's not even expensive. There are
> commercial solutions and there are non-commercial projects that work
> with common hardware. Satellite communication networks are absolutely
> not secure to use without additional protection. If location anonymity
> is important, I highly advise against using satellite communications
> technology. Unless you've properly tampered with the device to falsify
> the location reporting, you're probably not as secure as you'd like...
>
> > In addition to this the location information clearly appears in
> > unencrypted form in server logs at Thuraya itself[1]. This is worrying
> > as it turns out that Thuraya is predominantly owned by Etisalat, a telco
> > from the UAE with a dark history regarding surveillance of their
> users[3].
> >
>
> All of these systems keep logs. All of the satellite companies have a
> dark history.
>
> > Etisalat have telecommunications interests in places including Egypt,
> > Iran, Saudi Arabia, Qatar, Indonesia, and Sri Lanka. Etisalat was also
> > alleged to be involved in a $39 billion scam in 2010 in India[4], and
> > they deployed and manage the internet censorship system under the
> > direction of the authorities in the UAE[5].
> >
> > Due to the above-mentioned technical and ownership issues we
> > recommend civil society do not use Thuraya satellite devices in the MENA
> > region. To our knowledge devices from other vendors do not seem to be
> > affected at this time. Access is working to gather further evidence from
> > the ground in Syria and elsewhere in the MENA region to shine further
> > light on the possible misuse of Thuraya satellite device location
> > information. We also welcome any further information from anyone on this
> > mailing list.
> >
>
> It's all about threat models. If you're worried about people who have
> control of Thuraya, use a BGAN. If you're worried about upsetting people
> who have control of the Hughes network, use Thuraya. If you're worried
> about location anonymity or evading content inspection, hack your device
> to lie about the GPS location of your device. The location must be
> within the same spot beam as your physical location or your device will
> not sync with the birds in the sky. If you're using one of these devices
> to transfer data at all, I highly encourage the use of Tor as you're
> absolutely to be intercepted by multiple parties.
>
> Some BGAN devices can be programmed to only send the spot beam ID but
> again, you're trusting closed source, proprietary software/hardware with
> your life. That's not a thing I'd suggest. Certainly not in a place like
> Syria or other extremely hostile places.
>
> All the best,
> Jacob
> _______________________________________________
> liberationtech mailing list
> liberationtech at lists.stanford.edu
>
> Should you need to change your subscription options, please go to:
>
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>
> If you would like to receive a daily digest, click "yes" (once you click
> above) next to "would you like to receive list mail batched in a daily
> digest?"
>
> You will need the user name and password you receive from the list
> moderator in monthly reminders.
>
> Should you need immediate assistance, please contact the list moderator.
>
> Please don't forget to follow us on http://twitter.com/#!/Liberationtech
>



-- 



Brian Conley

Director, Small World News

http://smallworldnews.tv

m: 646.285.2046

Skype: brianjoelconley

_______________________________________________
liberationtech mailing list
liberationtech at lists.stanford.edu

Should you need to change your subscription options, please go to:

https://mailman.stanford.edu/mailman/listinfo/liberationtech

If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?"

You will need the user name and password you receive from the list moderator in monthly reminders.

Should you need immediate assistance, please contact the list moderator.

Please don't forget to follow us on http://twitter.com/#!/Liberationtech

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE