令人震驚(因為證實)卻不意外(我們認為2012年台灣的總統選舉就已經是這樣)的,就是有能力改變選舉結果,特別是操作網路調查 (online polls) 的程式 Underpass

Take a look inside GCHQ's manipulation toolkit○WIRED.CO.UK (2014.06.05) http://www.wired.co.uk/news/archive/2014-07/15/gchq-social-media-tools
If you were rather irked by the news that Facebook conducted a mass experiment on users by modifying news feeds to manipulate emotions, look away now.
Glenn Greenwald has revealed that GCHQ has developed the means to manipulate online polls, boost website page views and automatically extract social media data.  The tools, which have been published in full online via Greenwald's publication the Intercept, come from GCHQ's Joint Threat Research Intelligence Group (JTRIG). They follow up from a series of JTRIG tactics already revealed by Edward Snowden, including the fact the agency spied on Facebook and YouTube users.

The list of "Tools and Techniques", compiled in the style of a Wikipedia article, features a few old favourites, including distributed denial of service attacks.  But there are a host of new ones, each with its own ridiculous name.  Angry Pirate, for instance, is a tool that helps GCHQ disable a user's account on their computer. Godfather and Fatyak involve public data collection from Facebook and LinkedIn respectively, while other programmes allow GCHQ to make automatic postings itself.

Miniature Hero is for listening in on Skype calls in "real time", which immediately flags up concerns about the level of Microsoft's involvement.  It was in 2013, shortly after Snowden's leaks first hit the papers, that it was revealed Microsoft had handed encrypted messages over to the NSA, so that it could infiltrate email, cloud storage and web chats.

There are also a few odd tools in the document that make the agency sound far from the professional, confident enterprise you might imagine, including Viewer, "A programme that (hopefully) provides advance tip off of the kidnappers IP address for MHMG personnel".

It is the manipulations of online media, however, that sound the most unnerving.  Clean Sweep, for instance, is designed to let the agency "masquerade Facebook wall posts for individuals or entire countries".  Gateway is designed to increase traffic to a particular website while Slipstream lets GCHQ increase page views.  Underpass lets the agency "change outcome of online polls" while Badger acts as an email spammer and Warpath as an SMS spamming system.  Gestator lets GCHQ "amplify" a message on platforms like YouTube.

The entries are listed alongside a status column, which tells us whether they were "in development" or "ready to fire" at the time Snowden took them in 2012.  It's safe to assume, plenty more have been added to the roster since this time.

The idea that GCHQ is boosting the online presence of particular videos or articles online, is alarming.  It could be that GCHQ is boosting these articles in some shape of form to engender peace, as it sees it.  But it's also highly likely that they would be used to a political end that is not rigidly reviewed.

This week, the spy agency is on trial at the Investigatory Powers Tribunal (IPT) to decide whether the mass surveillance of British citizens is justified under law.  It is the evident lack of checks and balances that has led GCHQ here, to a place where the public does not trust that it is holding our human rights in as high regard as it is legally bound to.

You can see the full list of JTRIG tools here, but below are a few lowlights:
Spring Bishop:  Find private photos of targets on Facebook
Photon Torpedo:  A technique to actively grab the IP address of an MSN messenger user
Reservoir:  Facebook application allowing collection of various information
Elate:  A suite of tools for monitoring target use of the UK auction site eBay
Silverlord:  disruption of video-based websites hosting extremist content through concerted target discovery and content removal
Burlesque:  The capability fo send spoofed SMS text messages

英諜報機関がネットで民意操作するために使っているツール類wired (2014.07.17) http://www.wired.co.uk/news/archive/2014-07/15/gchq-social-media-tools


GCHQの脅威研究情報合同部門(Joint Threat Research Intelligence GroupJTRIG)によって開発されたこれらのツール類は、グリーンウォルド氏が運営するサイト「The Intercept」で公表されている。今回の情報は、エドワード・スノーデンによって明らかにされた一連の情報(GCHQが「Facebook」や「YouTube」のユーザーをスパイしていた件など)の続報となるものだ。

Wikipedia記事の形式でまとめられた「ツールとテクニック(Tools and Techniques)」という一覧には、DDoS攻撃など、かつて好まれた手法がいくつかある。しかし、新しいものもたくさん入っており、それぞれに奇妙な名前がついている。たとえば、GCHQが標的とするコンピューターのアカウントを無効にするためのツールは「Angry Pirate。また、Facebookと「LinkedIn」から公開データを集める機能はそれぞれ「Godfather」と「Fatyak」と名付けられている。ほかに、GCHQ自動投稿できるようにするプログラムもある
Miniature Hero」は、「Skype」通話をリアルタイムで聴くためのツールだ。となると、Skypeを所有するマイクロソフトがどの程度関与していたかが懸念される。マイクロソフトが暗号化されたメッセージを米国家安全保障局(NSA)に渡し、NSAがそれにより電子メール、クラウドストレージ、およびウェブチャットに潜入できていたことが明らかになったのは、スノーデン氏のリークが最初に紙面に出てからすぐの、2013年の出来事だった。

最もひどいのは、オンラインメディアの操作だ。たとえば「Clean Sweep」は、GCHQが「個人、あるいは複数の国向けにFacebookのウォールの投稿を装う」ことができるようにつくられている。「Gateway」は、特定のウェブサイトへのトラフィックを増やすことを目的とするもの。「Slipstream」では、GCHQがページヴューを増やすことができる。





Spring Bishop