Privacy SOS

New series: a surveillance tech tool a week

Many of you have likely seen the Wall Street Journal's fabulous new document trove, containing advertisements and informational packets produced by surveillance technology purveyors, describing their wares. The document library is a treasure trove for security researchers and the concerned public alike, but it is so large that it's a bit unwieldy for those of us who have other things to do besides comb through it all day. So instead of trying to give you dear readers a one-time, totalizing analysis of the terrible things we find in the documents, we're going to offer you one piece of technology per week, replete with the dedicated analysis and research each of these tools of the trade deserve.

Today's entry is one that has already garnered significant media attention, but deserves as much as we can muster because of how dastardly it is, partially as a result of how innocuous its delivery system makes it appear.

Gamma International UK Ltd.'s FinFLY SP boasts that it can infect computers with malware and spyware via fake iTunes update alerts, fake Adobe Flash update alerts, and like tricks. Gamma is the manufacturer of the notorious "Fin Fisher" surveillance program. According to Gamma International, Fin Fisher allows government agencies or others who purchase the system to remotely infect mobile and desktop computers with malware enabling "full access to stored information with the ability to take control of the target systems functions to the point of capturing encrypted data and communications."

In combination with enhanced remote infection methods, the Government Agency will have the capability to remotely infect target systems.

Gamma International was a sponsor of this year's ISS world conference, a gathering of government spy agencies and the many profitable companies that sell them surveillance technologies. ISS and the other companies involved have faced serious criticism from human rights and technology liberation groups for providing spy technology to repressive regimes, including Syria and Mubarak's Egypt. (There has been less public criticism of technology sales to the US government, even though these tools have likely been used to commit human rights abuses including torture, indefinite detention and rendition, in addition to other anti-Constitutional measures allowed under the USA Patriot Act.)

Likely in response to the news about Gamma's fake iTunes software spyware installation trick, Apple has posted this security update. But assuming Gamma creates a workaround to get past this security update and like measures from other companies, how can you keep yourself safe from being tricked into downloading the spyware?

Though you can never be fully secure, you can take some steps to protect yourself. When using iTunes, don't ever accept an 'automatic update' window when it pops up in iTunes. Instead, click on "Check for Updates" in the iTunes scroll-bar at the top of the page.

Since companies like Gamma International spend lots of money and time trying to figure out how to get inside users' computers, there are likely other ways they go about remotely installing spyware that we don't know about. But knowing about at least some of their tricks can help stop you from falling into at least some of their traps.

But the larger problem is official cooperation with these kinds of attacks. Since we'll never be able to stop these companies from infecting our machines if they are so dedicated, what we really need is legislative reform in the United States that will prevent our own government from using this kind of malware unless they have a warrant to search through our stuff.

The Fourth Amendment must apply to our daily lives in the digital age, or it is increasingly meaningless. 

Look out for our next installment next week, highlighting another surveillance tool included in the WSJ's fabulous (and scary) document dump!

© 2021 ACLU of Massachusetts.