Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
LOL Skype rats out alleged WikiLeaks supporter without waiting for court warrant
2 views
Skip to first unread message
BurfordTJustice
Nov 13, 2012, 6:55:51 AM11/13/12
to
Skype rats out alleged WikiLeaks supporter without waiting for court warrant
Say goodbye to online service providers protecting the identities of their
users. With just a bit of begging, a Texas-based intelligence firm succeeded
in convincing Skype to send over sensitive account data pertaining to a
teenage WikiLeaks fan.
Reports out of Amsterdam this week suggest that Microsoft-owned Skype didn't
wait for a court order or warrant with a judge's signature before it handed
over the personal info of a 16-year-old Dutch boy. The youngster was
suspected of being involved in Operation Payback, an Anonymous-endorsed
initiative that targeted the servers of PayPal, Visa, Mastercard and others
after those companies blocked WikiLeaks from receiving online payment backs
in December 2010. When hacktivists responded to the blockade by overflowing
the servers of those sites with distributed denial-of-service (DDoS)
attacks, PayPal asked Dallas, Texas' iSIGHT Partners Inc., a self-described"global
cyber intelligence firm," to investigate.
It appears that iSIGHT didn't have deals with just PayPal either. Skype is
also a client of the online private eye, and they reached out to the chat
company for assistance. Normally the court would enter the equation here and
write out a warrant to try and track down that information, but the initial
report by Brenno de Winter of Nu.nl reveals that investigators skipped that
step.
According to English-language transcription of Winter's account, "the police
file notes that Skype handed over the suspect's personal information, such
as his user name, real name, e-mail addresses and the home address used for
payment." While that in it of itself isn't all that unusual, Winter writes
that Skype sent over that information voluntarily, "without a court order,
as would usually be required."
Joep Gommers, the senior director of global research from iSIGHT, defended
the action to Winter, admitting, "On occasion, we share our research
findings with relevant law enforcement parties as a public service, just as
you would report what appeared to be a crime that you witnessed in your
neighborhood."
In emails obtained by Winter, Gommers bragged of his findings to Dutch
authorities, writing after he first received assistance from Skype, "Hey, I
will have login information soon - but not yet."
Skype doesn't stand by the move, though, and says any virtual handshake
between one of their staffers and iSIGHT doesn't fit with the company's
practices when it terms to protecting private user info.
"It is our policy not to provide customer data unless we are served with
valid request from legal authorities, or when legally required to do so, or
in the event of a threat to physical safety," Skype said in a statement to
Nu.nl. Commenting to Slate, a representative for the chat service noted that
it has worked with iSIGHT in the past to "combat spam and malware," but
acknowledged "it appears that some information may have been inappropriately
passed on to Dutch authorities without our knowledge."
Now Skype says they are conducting an internal investigation to see why
their privacy policies were ignored and the teenager's info was sent to
iSIGHT, but it might be too late for the company. Other hacktivists that
already had a bone to pick with PayPal and other targets of Operation
Payback now have their sights set on Gommers and the intelligence company.
In a post published to the AnonNews.org website, one user asks other
hacktivists to help find out more about iSIGHT and what damage they may have
already done as an intelligence firm willing to bend the rules for helping
their high-profile customers.
"It has recently come to our attention that a security company known as
isightpartners has been providing sensitive user information obtained from
their customers to governments around the world to target activists linked
to Anonymous," one user writes. "We seek your assistance and demand answers
to this activity. Who are isightpartners other customers they are using to
target Anons? How long has isightpartners targeted Anonymous? These are
questions we must answer. isightparters declared war on Anonymous so we must
declare war on them."
Meanwhile, others are unsure of what good the data will do for iSIGHT or
PayPal since it could have been obtained illegally.
"You would imagine that subscriber data aren't simply handed over. They have
to be provided when the police has a valid demand or court order, but not in
any other case," Gerrit-Jan Zwenne, a professor of Law and Information
Society in Leiden and a lawyer at Bird & Bird in The Hague, tells Winter.
"You can also wonder whether police can use that information if it was
acquired this way."
Earlier this year, Skype came under attack by privacy advocates for failing
to answer questions about whether or not authorities can access
thought-to-be private conversations carried over the chat client. In June,
Microsoft had a patent approved for the "legal intercept" of online
communications, allowing them the ability to "silently copy communication
transmitted via the communication session" without asking for user
authorization. When Ryan Gallagher of Slate asked Skype to explain if they
were using that patent already this July, he was met with rampant refusals
to answer the magazine' questions.
"But when I repeatedly questioned the company on Wednesday whether it could
currently facilitate wiretap requests, a clear answer was not forthcoming.
Citing 'company policy,' Skype PR man Chaim Haas wouldn't confirm or deny,
telling me only that the chat service 'co-operates with law enforcement
agencies as much as is legally and technically possible,'" Gallagher wrote.
Meanwhile, last month a federal judge ruled that the US Justice Department
and the Federal Bureau of Investigation (FBI) will have to go back and more
adequately respond to a Freedom of Information Act request for information
involving any of the DoJ's efforts to make back-door access for authorities
mandatory in future chat protocol updates across the board through an
initiative referred to as "Going Dark."
Say goodbye to online service providers protecting the identities of their
users. With just a bit of begging, a Texas-based intelligence firm succeeded
in convincing Skype to send over sensitive account data pertaining to a
teenage WikiLeaks fan.
Reports out of Amsterdam this week suggest that Microsoft-owned Skype didn't
wait for a court order or warrant with a judge's signature before it handed
over the personal info of a 16-year-old Dutch boy. The youngster was
suspected of being involved in Operation Payback, an Anonymous-endorsed
initiative that targeted the servers of PayPal, Visa, Mastercard and others
after those companies blocked WikiLeaks from receiving online payment backs
in December 2010. When hacktivists responded to the blockade by overflowing
the servers of those sites with distributed denial-of-service (DDoS)
attacks, PayPal asked Dallas, Texas' iSIGHT Partners Inc., a self-described"global
cyber intelligence firm," to investigate.
It appears that iSIGHT didn't have deals with just PayPal either. Skype is
also a client of the online private eye, and they reached out to the chat
company for assistance. Normally the court would enter the equation here and
write out a warrant to try and track down that information, but the initial
report by Brenno de Winter of Nu.nl reveals that investigators skipped that
step.
According to English-language transcription of Winter's account, "the police
file notes that Skype handed over the suspect's personal information, such
as his user name, real name, e-mail addresses and the home address used for
payment." While that in it of itself isn't all that unusual, Winter writes
that Skype sent over that information voluntarily, "without a court order,
as would usually be required."
Joep Gommers, the senior director of global research from iSIGHT, defended
the action to Winter, admitting, "On occasion, we share our research
findings with relevant law enforcement parties as a public service, just as
you would report what appeared to be a crime that you witnessed in your
neighborhood."
In emails obtained by Winter, Gommers bragged of his findings to Dutch
authorities, writing after he first received assistance from Skype, "Hey, I
will have login information soon - but not yet."
Skype doesn't stand by the move, though, and says any virtual handshake
between one of their staffers and iSIGHT doesn't fit with the company's
practices when it terms to protecting private user info.
"It is our policy not to provide customer data unless we are served with
valid request from legal authorities, or when legally required to do so, or
in the event of a threat to physical safety," Skype said in a statement to
Nu.nl. Commenting to Slate, a representative for the chat service noted that
it has worked with iSIGHT in the past to "combat spam and malware," but
acknowledged "it appears that some information may have been inappropriately
passed on to Dutch authorities without our knowledge."
Now Skype says they are conducting an internal investigation to see why
their privacy policies were ignored and the teenager's info was sent to
iSIGHT, but it might be too late for the company. Other hacktivists that
already had a bone to pick with PayPal and other targets of Operation
Payback now have their sights set on Gommers and the intelligence company.
In a post published to the AnonNews.org website, one user asks other
hacktivists to help find out more about iSIGHT and what damage they may have
already done as an intelligence firm willing to bend the rules for helping
their high-profile customers.
"It has recently come to our attention that a security company known as
isightpartners has been providing sensitive user information obtained from
their customers to governments around the world to target activists linked
to Anonymous," one user writes. "We seek your assistance and demand answers
to this activity. Who are isightpartners other customers they are using to
target Anons? How long has isightpartners targeted Anonymous? These are
questions we must answer. isightparters declared war on Anonymous so we must
declare war on them."
Meanwhile, others are unsure of what good the data will do for iSIGHT or
PayPal since it could have been obtained illegally.
"You would imagine that subscriber data aren't simply handed over. They have
to be provided when the police has a valid demand or court order, but not in
any other case," Gerrit-Jan Zwenne, a professor of Law and Information
Society in Leiden and a lawyer at Bird & Bird in The Hague, tells Winter.
"You can also wonder whether police can use that information if it was
acquired this way."
Earlier this year, Skype came under attack by privacy advocates for failing
to answer questions about whether or not authorities can access
thought-to-be private conversations carried over the chat client. In June,
Microsoft had a patent approved for the "legal intercept" of online
communications, allowing them the ability to "silently copy communication
transmitted via the communication session" without asking for user
authorization. When Ryan Gallagher of Slate asked Skype to explain if they
were using that patent already this July, he was met with rampant refusals
to answer the magazine' questions.
"But when I repeatedly questioned the company on Wednesday whether it could
currently facilitate wiretap requests, a clear answer was not forthcoming.
Citing 'company policy,' Skype PR man Chaim Haas wouldn't confirm or deny,
telling me only that the chat service 'co-operates with law enforcement
agencies as much as is legally and technically possible,'" Gallagher wrote.
Meanwhile, last month a federal judge ruled that the US Justice Department
and the Federal Bureau of Investigation (FBI) will have to go back and more
adequately respond to a Freedom of Information Act request for information
involving any of the DoJ's efforts to make back-door access for authorities
mandatory in future chat protocol updates across the board through an
initiative referred to as "Going Dark."
0 new messages