Iesaki rakstu:

LR ģenerālprokurors Ēriks Kalnmeiers pirmdien ne noliedza, ne apstiprināja, ka būtu informēts par to, ka Latvijā reizē ar tādām valstīm kā Turkmenistāna, Bangladeša, Bruneja un Vjetnama valsts drošības struktūru vajadzībām slepeni tiktu izmantota datorspiegošanas programmatūra FinSpy. Šādas programmatūras izmantošanu Pietiek pirmdien ne noliedza, ne apstiprināja arī Drošības policijas priekšnieks Jānis Reiniks.

Izteiksmīga pirmdien bija Satversmes aizsardzības biroja atbilde uz uzdotajiem jautājumiem saistībā ar šīs programmatūras izmantošanu: "Saskaņā ar Satversmes aizsardzības biroja likumu, ziņas par Satversmes aizsardzības biroja finansēm un tehnisko aprīkojumu ir valsts noslēpums, tāpēc birojs sīkākus komentārus nesniegs."

Savukārt Valsts policijas preses pārstāve Sigita Pildava pirmdien ne noliedza, ne apstiprināja, ka kāda Valsts policijas struktūrvienība pēdējos piecos gados no Lielbritānijas uzņēmuma Gamma Group vai kāda cita uzņēmuma iegādājusies datorspiegošanas programmatūru FinSpy.

Valsts policija nesniedza arī nekādus komentārus par to, kādiem tieši mērķiem šī programmatūra tiek izmantota un kas un kā kontrolē šīs izmantošanas likumību.

Saeimas Nacionālās drošības komisijā, kurai it kā vajadzētu veikt drošības dienestu parlamentāro kontroli, pirmdien par šādu programmatūru neviens nebija pat dzirdējis, savukārt ne Kalnmeiers, ne prokuratūras preses pārstāve nevēlējās atbildēt uz jautājumu, kā tieši LR Ģenerālprokuratūra un viņš LR ģenerālprokurors kontrolē šīs izmantošanas likumību.

Par to, ka Latvijā šāda programmatūra tiek izmantota, aizvadītajā nedēļā paziņoja New York Times, - vismaz 25 pasaules valstu valdības izmantojot speciālas datorprogrammas, lai bez atbilstošiem uzraudzības mehānismiem izspiegotu savus pilsoņus internetā.

Līdz ar Latviju FinSpy tehnoloģijas esot izvietotas uz serveriem Austrālijā, Bahreinā, Bangladešā, Lielbritānijā, Brunejā, Kanādā, Čehijā, Igaunijā, Etiopijā, Vācijā, Indijā, Indonēzijā, Japānā, Malaizijā, Meksikā, Nīderlandē, Katarā, Serbijā, Singapūrā, Turkmenistānā, Apvienotajos Arābu Emirātos, ASV un Vjetnamā.

Publikācijā bija norādīts, ka šī programmatūra paredzēta noziedzības apkarošanai, taču daudzās valstīs to drīzāk izmantojot politiski motivētai novērošanai. Programmatūras izstrādātāji Gamma Group gan atsakās izpaust savus klientus

Pilns publikācijas teksts angliski:

Researchers Find 25 Countries Using Surveillance Software

Bill Marczak and Morgan Marquis-Boire have been studying government use of surveillance software.

Last May, two security researchers volunteered to look at a few suspicious e-mails sent to some Bahraini activists. Almost one year later, the two have uncovered evidence that some 25 governments, many with questionable records on human rights, may be using off-the-shelf surveillance software to spy on their own citizens.

Morgan Marquis-Boire, a security researcher at Citizen Lab, at the University of Toronto’s Munk School of Global Affairs, and Bill Marczak, a computer science doctoral student at the University of California, Berkeley, found that the e-mails contained surveillance software that could grab images off computer screens, record Skype chats, turn on cameras and microphones and log keystrokes. The word “FinSpy” appeared in the spyware code. FinSpy is spyware sold by the Gamma Group, a British company that says it sells monitoring software to governments solely for criminal investigations.

Now, one year later, Mr. Marquis-Boire and Mr. Marczak have found evidence that FinSpy is being run off servers in 25 countries, including Ethiopia and Serbia, without oversight.

Until Mr. Marquis-Boire and Mr. Marczak stumbled upon FinSpy last May, security researchers had tried, unsuccessfully, for a year to track it down. FinSpy gained notoriety in March 2011 after protesters raided Egypt’s state security headquarters and discovered a document that appeared to be a proposal by the Gamma Group to sell FinSpy to the government of President Hosni Mubarak .

Martin J. Muench, a Gamma Group managing director, has said his company does not disclose its customers but that Gamma Group sold its technology to governments only to monitor criminals. He said that it was most frequently used “against pedophiles, terrorists, organized crime, kidnapping and human trafficking.”

But evidence suggests the software is being sold to governments where the potential for abuse is high. “If you look at the list of countries that Gamma is selling to, many do not have a robust rule of law,” Mr. Marquis-Boire said. “Rather than catching kidnappers and drug dealers, it looks more likely that it is being used for politically motivated surveillance.”

As of last year, Mr. Marquis-Boire and Mr. Marczak, with other researchers at Rapid7, CrowdStrike and others, had found command-and-control servers running the spyware in just over a dozen countries. They have since scanned the entire Internet for FinSpy.

The Munk School is publishing their updated findings on Wednesday. The list of countries with servers running FinSpy is now Australia, Bahrain, Bangladesh, Britain, Brunei, Canada, the Czech Republic, Estonia, Ethiopia, Germany, India, Indonesia, Japan, Latvia, Malaysia, Mexico, Mongolia, Netherlands, Qatar, Serbia, Singapore, Turkmenistan, the United Arab Emirates, the United States and Vietnam.

In Ethiopia, FinSpy was disguised in e-mails that were specifically aimed at political dissidents. The e-mails lured targets to click on pictures of members of Ginbot 7, an Ethiopian opposition group. When they clicked on the pictures, FinSpy downloaded to their machines and their computers began communicating with a local server in Ethiopia.

“This continues the theme of FinSpy deployments with strong indications of politically motivated targeting,” the researchers wrote in their report.

A Turkmenistan server running the software belonged to a range of I.P. addresses specifically assigned to the ministry of communications. Turkmenistan is the first clear-cut case of a government running the spyware off its own computer system. Human Rights Watch has called Turkmenistan one of the world’s “most repressive countries” and warned that dissidents faced “constant threat of government reprisal.”

In Vietnam, the researchers found evidence that FinSpy was running on Android-powered phones. They found one Android phone infected with FinSpy that was sending text messages back to a Vietnamese telephone number. That finding was particularly troubling, researchers say, given recent clampdowns by the nation’s government. Last year, Vietnam introduced censorship laws that prohibit bloggers from speaking out against the country’s ruling Communist party. According to Human Rights Watch, at least 40 people had since been convicted and sentenced to prison terms. Many are now serving terms ranging from three to 13 years.

The sale of surveillance technology is still largely unregulated, but Mr. Marquis-Boire and Mr. Marczak’s findings have prompted greater scrutiny. Responding to their findings last fall, Germany’s foreign minister Guido Westerwelle called for an Europe-wide ban on the export of surveillance technology to repressive regimes. And last month, Privacy International and other groups filed complaints with the Organization for Economic Cooperation and Development against Gamma Group and Trovicor GmbH, a German company that also sells surveillance software.

“I don’t think you can put technology back in the bottle,” said Mr. Marquis-Boire. “I understand why police would want to use this type of technology, but I’m just not for commercial companies selling them to nondemocratic regimes with questionable human rights records.”