A Comprehensive Overview of Government Hacking Worldwide

There has been an ongoing and heated public policy debate on the appropriate role of and limitations to government hacking in maintaining a proper balance of national security and privacy. Asserting that they are compelled to use government hacking tools to protect their countries and populations, law enforcement and government agencies are increasingly strident in expressing the importance of accessing and intercepting encrypted communication data. However, many non-governmental and civil society organizations and activists strongly oppose government hacking because they consider its methods and techniques are extremely invasive and potentially compromising to the fundamental right of privacy. They are also concerned that the implementation of hacking techniques or similar methods would weaken encryption standards and place the security of the Internet at risk. This paper presents an overview of the current status of government hacking and discusses challenges to lawful interception (LI) technology and rules. The current state of LI and government hacking in five countries is reviewed, and capability is assessed in terms of several widely publicized events, in an effort to analyze the limitations of current solutions. Finally, the open challenges to and future direction of government hacking are highlighted.

[1]  Samrat Ganguly,et al.  VoIP: Wireless, P2P and New Enterprise Voice over IP , 2008 .

[2]  Anthony Ramirez,et al.  Defending Your Android App , 2015, RIIT '15.

[3]  Matt Blaze,et al.  Insecure Surveillance: Technical Issues with Remote Computer Searches , 2016, Computer.

[4]  Giuseppe Vaciago,et al.  Online searches and online surveillance: the use of trojans and other types of malware as means of obtaining evidence in criminal proceedings , 2016 .

[5]  Susan Landau,et al.  Security, wiretapping, and the Internet , 2005, IEEE Security & Privacy Magazine.

[6]  Kim-Kwang Raymond Choo,et al.  A Study of Ten Popular Android Mobile VoIP Applications: Are the Communications Encrypted? , 2014, 2014 47th Hawaii International Conference on System Sciences.

[7]  Susan Landau,et al.  Communications surveillance , 2009, Commun. ACM.

[8]  Matt Blaze Taking Surveillance Out of the Shadows , 2009, IEEE Security & Privacy.

[9]  John Scott-Railton,et al.  You Only Click Twice: FinFisher’s Global Proliferation , 2013 .

[10]  Kenton O'Hara,et al.  Everyday dwelling with WhatsApp , 2014, CSCW.

[11]  Hal Berghel Through the PRISM Darkly , 2013, Computer.

[12]  Songwu Lu,et al.  New Security Threats Caused by IMS-based SMS Service in 4G LTE Networks , 2016, CCS.

[13]  Mohammed Atiquzzaman,et al.  LTE/LTE-A Network Security Data Collection and Analysis for Security Measurement: A Survey , 2018, IEEE Access.

[14]  Justin Grover Android forensics: Automated data collection and reporting from a mobile device , 2013 .

[15]  George Lawton,et al.  Invasive Software: Who's Inside Your Computer? , 2002, Computer.

[16]  C. Martin 2015 , 2015, Les 25 ans de l’OMC: Une rétrospective en photos.

[17]  Fred Baker,et al.  Cisco Architecture for Lawful Intercept in IP Networks , 2004, RFC.

[18]  Kim-Kwang Raymond Choo,et al.  Android mobile VoIP apps: a survey and examination of their security and privacy , 2016, Electron. Commer. Res..

[19]  Higinio Mora-Mora,et al.  μ-MAR: Multiplane 3D Marker based Registration for depth-sensing cameras , 2015, Expert Syst. Appl..

[20]  Matthew Smith,et al.  To Pin or Not to Pin-Helping App Developers Bullet Proof Their TLS Connections , 2015, USENIX Security Symposium.

[21]  P.V. Mockapetris Telephony's next act , 2006, IEEE Spectrum.

[22]  Ravishankar Borgaonkar,et al.  Weaponizing Femtocells: The Effect of Rogue Devices on Mobile Telecommunications , 2012, NDSS.

[23]  Georges Kaddoum,et al.  Survey on Threats and Attacks on Mobile Networks , 2016, IEEE Access.

[24]  Scott E. Coull,et al.  Traffic Analysis of Encrypted Messaging Services: Apple iMessage and Beyond , 2014, CCRV.

[25]  Laura DeNardis,et al.  The Internet Design Tension between Surveillance and Security , 2015, IEEE Annals of the History of Computing.

[26]  John V. Rock,et al.  Jan ? ? ? ? ? ? , 2002 .

[27]  Doowon Kim,et al.  Balancing Security and Usability in Encrypted Email , 2017, IEEE Internet Computing.

[28]  Matt Blaze,et al.  Going Bright: Wiretapping without Weakening Communications Infrastructure , 2013, IEEE Security & Privacy.

[29]  Kim-Kwang Raymond Choo,et al.  Google Drive: Forensic analysis of data remnants , 2014, J. Netw. Comput. Appl..

[30]  Paulo Simões,et al.  Current and Future Trends in Mobile Device Forensics , 2018, ACM Computing Surveys.

[31]  A. Joel Telecommunications and the IEEE Communications Society , 2002 .

[32]  David Sobel Will Carnivore Devour Online Privacy? , 2001, Computer.

[33]  Leonard Kleinrock,et al.  History of the Internet and its flexible future , 2008, IEEE Wireless Communications.

[34]  Florence March,et al.  2016 , 2016, Affair of the Heart.

[35]  L.D. Paulson Key snooping technology causes controversy , 2002, Computer.

[36]  Pamela Paulsen,et al.  May , 1890, The Hospital.

[37]  Paul Hoffmann,et al.  Intelligence Support Systems : Technologies for Lawful Intercepts , 2005 .