GCHQ Asked Court To Let It Infringe On Anti-Virus Copyrights... For National Security

from the nothing-is-intact dept

Wed, Jun 24th 2015 12:38pm — Tim Cushing

National security apparently means "securing" the nation at the expense of citizens' security. New Snowden documents published by The Intercept show massive amounts of dicking around in the coding of popular anti-virus software by the NSA and GCHQ. The list of antivirus products not affected would be much, much shorter than a list of those that have been.

Much of what listed here involves the NSA and GCHQ monitoring threats reported to these antivirus makers (by intercepting email messages, naturally), obviously in hopes of finding something temporarily exploitable. But in other cases, the efforts went much, much deeper. The GCHQ obtained a warrant to reverse engineer Kapersky products because it felt the company's software was "obstructing" its hacking attempts.

“Personal security products such as the Russian anti-virus software Kaspersky continue to pose a challenge to GCHQ’s CNE [Computer Network Exploitation] capability and SRE is essential in order to be able to exploit such software and to prevent detection of our activities,” the warrant renewal request said. “Examination of Kaspersky and other such products continues.” The warrant renewal request also states that GCHQ reverse engineers anti-virus programs to assess their fitness for use by government agencies.

Not only did the GCHQ seek permission to tear apart a legitimate security product for its own ends, but it also asked for an exception to UK copyright law in order to do so.

GCHQ’s success as an intelligence agency is founded on technical knowledge and creativity. In particular this may involve modifying commercially available software to enable interception, decryption and other related tasks, or “reverse engineering” software (this means to convert it from machine readable code into the original format, which is then comprehensible to a person). These actions, and others necessary to understand how the software works, may represent an infringement of copyright. The interference may also be contrary to, or inconsistent with, the provisions of any licensing agreement between GCHQ and the owners of the rights in the software.

Recognizing this could potentially cause a problem if its efforts were discovered, GCHQ explicitly asked that it be granted permission to engage in copyright infringement in the name of national security.

There is a risk that in the unlikely event of a challenge by the copyright owner or licensor, the Courts would, in the absence of a legal authorisation, hold that such activity was unlawful and amounted to a copyright infringement or breach of contract. The purpose of this warrant is to provide authorisation for all continuing activities which involve interference with copyright or licensed software, but which cannot be said to fall within any other specific authorisation held by GCHQ and which are done without the permission of the owner.

In other words, GCHQ doesn't have specific authorization to violate copyrights or licensing agreements, but for this particular effort, the warrant would act as a blanket permission slip to engage in this illegal activity. And, in doing so, it stretched an intelligence law to cover its violation of intellectual property laws.

GCHQ obtained a warrant for reverse engineering under a section of British intelligence law that does not explicitly authorize — and had apparently never been used to authorize — the sort of copyright infringement GCHQ believed was necessary to conduct such activity.

The spy agency instead relied on the Intelligence Services Commissioner to let it use a law pertaining only to property and “wireless telegraphy,” a law that had never been applied to intellectual property, according to GCHQ’s own warrant renewal application. Eric King, deputy director of U.K. surveillance watchdog Privacy International said, after being shown documents related to the warrant, “The secret reinterpretation of powers, in entirely novel ways, that have not been tested in adversarial court processes, is everything that is wrong with how GCHQ is using their legal powers.”

On top of that, the type of warrant it obtained was only to be used for foreign surveillance, but supporting documentation notes GCHQ would also be performing its reverse engineering to support "police operations" and the domestically-focused National Technical Assistance Centre.

When it comes to national security efforts, laws just don't apply, it would appear. The NSA and GCHQ's efforts are completely indistinguishable from those of cybercriminals. While these agencies may have "good" on their side -- at least in terms of not wishing specific harm to non-targets -- the end result is the same: a less secure computing world.

Gchq Application for Renewal of Warrant Gpw 1160 (PDF)Gchq Application for Renewal of Warrant Gpw 1160 (Text)

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: anti-virus, copyright, gchq, infringement, national security, reverse engineering
Companies: kaspersky

36 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

rw (profile), 24 Jun 2015 @ 12:08pm

They may have had good on their side at some point a long time ago, but once they decided they were above any law they became nothing more than criminals.
[ link to this | view in thread ]
Nigel Lew (profile), 24 Jun 2015 @ 12:42pm

FFS
I don't link sounding like a crazy, unhinged white guy from the midwest but this shit is not going to stop until we the people start proverbially setting some shit on fire.
[ link to this | view in thread ]
Anonymous Coward, 24 Jun 2015 @ 12:46pm

Maybe TTPP would be a good thing
I mean we know how merciless they are about copyright. They would drive the GCHQ out of business for that.
[ link to this | view in thread ]
Anonymous Coward, 24 Jun 2015 @ 12:53pm

monthly reminder
We need to be reminded just who the terrorists and patriots really are. It is abundantly clear.
[ link to this | view in thread ]
Anonymous Coward, 24 Jun 2015 @ 12:56pm

I think this is the first time I've seen a techdirt article that makes me wish copyright laws were enforced more often.
[ link to this | view in thread ]
Anonymous Coward, 24 Jun 2015 @ 1:18pm

Reverse engineering shouldn't be infringing in the first place, if you have a valid copy.
[ link to this | view in thread ]
Anonymous Coward, 24 Jun 2015 @ 1:28pm

Re:
the laws of Britania. Go figure.
[ link to this | view in thread ]
Anonymous Coward, 24 Jun 2015 @ 1:28pm

"Not wishing specific harm to non-targets" is very different from "wishing not to cause specific harm to non-targets." It is an important distinction. NSA interference has massively harmed the reputations, and consequently has harmed the business activities, of non-targeted private companies (e.g. Cisco, Google, Facebook, ...). NSA may not have wished harm to those businesses, but they clearly either failed to wish a lack of harm, or were exceptionally inept at executing such a wish.
[ link to this | view in thread ]
Anonymous Coward, 24 Jun 2015 @ 1:34pm

I would like to submit the fact that cyber criminals do not "wish specific harm to non-targets" either.
[ link to this | view in thread ]
Jeremy2020 (profile), 24 Jun 2015 @ 1:34pm

Re: FFS
There will be no change until there is revolution. Then a different set of old white guys can proceed to screw us all.
[ link to this | view in thread ]
ECA (profile), 24 Jun 2015 @ 1:50pm

a COUPLE POINTS
AV software is generally for 1 use..AV protection..
It does have ANTI encryption abilities..to FIND Virus.

The only reason to Goto the AV programs is to find ways to bypass it..Thats what hackers DO..
There is an easier way..ASK MS..
MS has pre-authorized hidden programs..Wonder why they didnt ask MS??

The Only reason for this, is to install CRAP on your machine.
Something we already have problems with and WHY we try to protect ourselves..

Also...If you are VERY smart..and encrypt your machine, you are not going to use WINDOWS... They even warn you about it..that recovery isnt easy,or even possible in many cases.

Encrypting your machine means you are NOT doing standard things...its a pain and hassle if you are a gamer. they have their OWN data checks and encryption, and verifications, and adding encryption, just confuses things on your machine.

Only good thing to use encryption on is a data server, Mail server or the like..Otherwise its not worth the hassle.
[ link to this | view in thread ]
phils, 24 Jun 2015 @ 1:50pm

Anti-virus suppliers should post a secure hash on their web sites with instructions showing users how to use that to verify that the original software has not been tampered with.
[ link to this | view in thread ]
Rikuo, 24 Jun 2015 @ 1:56pm

Re:
How do you verify if the hash on the website *is* secure?
[ link to this | view in thread ]
Anonymous Coward, 24 Jun 2015 @ 2:02pm

and what happened to people whose internet connection became less secure, because of what these agencies did? even worse, what if that lower security resulted in financial loss to the person(s) concerned? the bank or whatever would have blamed the customer when it was nothing to do with the customer at all! obviously the extra problem then is how to prove anything? the customer could have lost all the savings and what if there were 100, 1,000 or more? the banks keep advertising various software to combat theft but in actual fact, they were advertising ways for the different security forces to crack customers accounts!! a bit of 'aiding and abetting' here?
[ link to this | view in thread ]
That One Guy (profile), 24 Jun 2015 @ 2:17pm

Re:
NSA/GCHQ: 'Not our problem, weakening security makes our jobs easier, and that's all we care about.'
[ link to this | view in thread ]
toyotabedzrock (profile), 24 Jun 2015 @ 2:22pm

I don't see Symantec, should we assume they give source code voluntarily? They did hand it to the Indian government for older products and it was leaked a few years back iirc.
[ link to this | view in thread ]
Anonymous Coward, 24 Jun 2015 @ 2:49pm

Re: a COUPLE POINTS
I'm not sure whether it's ignorance or FUD, but your entire post is full of it.
[ link to this | view in thread ]
Anonymous Coward, 24 Jun 2015 @ 2:53pm

Re:
We will never know if an attack is caused by clever programmers or a vulnerability introduced by terrorist agencies like NSA or GCHQ etc. Their gag orders prevent the companies from disclosing that security was compromised by our so-called protectors.
There could, in theory, be the possibility of a whistleblower from said company, but the threat of hanging, shooting, stabbing, decapitation, mauling by angry dogs and other nice things people in power have suggested, will keep most people from stepping forward.
[ link to this | view in thread ]
Anonymous Coward, 24 Jun 2015 @ 2:59pm

I could describe this in one simple metaphor.
Our security is like an egg in the hands on the "security" agencies... and right now they are clapping really loudly.
[ link to this | view in thread ]
Anonymous Coward, 24 Jun 2015 @ 3:24pm

The only "good" thing about them is that they are officially on the side of a western government.
Ofcourse, one could compare the UK or the US to nazi germany and could easily draw some pararells or even overshoot and realize that not even Hitler was this crazy.
[ link to this | view in thread ]
ECA (profile), 24 Jun 2015 @ 4:09pm

Re: Re: a COUPLE POINTS
wOW,
really..
Then as an AC' disprove it..
Windows passwords and other codes are easy to pull out with programs available around the net..

Many programs with/without DMCA, go look at STEAM..its a whole system..

Encrypting a system is abit dangerous unless you have a First recovery disk and are willing to do a full reinstall and Encrypt again..
Also, we are talking about the common user. NOT people with abit more advanced knowledge..

Show me whats wrong here?

Good AV programs Check themselves FIRST..
Yes you can HIDE things under windows..and there are simple ways to find it(not to decode it, just find) And the Border patrol has the RIGHTS to ask you to OPEN IT...

Get a hint please..That you wont be using windows to hide things.. And most advanced users can do allot more..
[ link to this | view in thread ]
MrTroy (profile), 24 Jun 2015 @ 6:15pm

I don't get it
Okay, so GCHQ is reverse engineering the Kapersky product... and then what? Are they just trying to figure out how the product works to try to get around it? So are countless security researchers (citation: I didn't count them).

If they're performing a sleight of hand to replace the official strong version of Kapersky's AV with their own modified/weakened version, then that's terrible, but how would they do that? That seems like it would involve spoofing the Kapersky website across the UK... which would still be defeated by a VPN.

I'm not sure how to read this story other than as an endorsement for the official version of Kapersky's software...
[ link to this | view in thread ]
The Queen of England, 24 Jun 2015 @ 8:18pm

Re: Re: Re: a COUPLE POINTS
"Then as an AC' disprove it.."

Heh, that's funny. One anonymous commenter calling another for being anonymous.
[ link to this | view in thread ]
Anonymous Coward, 24 Jun 2015 @ 8:27pm

Re:
"and what happened to people whose internet connection became less secure, because of what these agencies did?"

How do we know that the NSA/GCHQ/etc. aren't at least partially to blame for some of the recent large database security breaches? If the are, you can bet the government has gag orders on the companies involved to prevent them disclosing it.
[ link to this | view in thread ]
Anonymous Coward, 24 Jun 2015 @ 11:31pm

Nothing can get in the way of spies. Not even copyright law. Spying trumps all laws and regulations.
[ link to this | view in thread ]
Bergman (profile), 25 Jun 2015 @ 6:02am

Re: Re:
Generally you can't without compromising the security at least a little.
[ link to this | view in thread ]
Annonimus, 25 Jun 2015 @ 7:59am

Security agencies are worse than cybercriminals
"When it comes to national security efforts, laws just don't apply, it would appear. The NSA and GCHQ's efforts are completely indistinguishable from those of cybercriminals. While these agencies may have "good" on their side -- at least in terms of not wishing specific harm to non-targets -- the end result is the same: a less secure computing world. "

Actually its the cybercriminals who do not wish harm to non-targets as any harm you do to a system leaves a mark that can be cataloged and tracked so it is in the criminals best interest to do as little harm as possible to the target in getting to the goal and to avoid collateral damage.

Compare that to the security agencies model of everyone is a suspect and as such there are no non-targets. Everybody is a target and a suspect.
[ link to this | view in thread ]
Anonymous Coward, 25 Jun 2015 @ 9:29am

Re: FFS
won't happen while most of the population blindly supports whoever is in charge because they have bread and circuses or if you prefer, something shiny to distract them.

Once the economy goes kablooie and people stop getting their daily dose of reality tv shows and food then they will be more willing to overthrow the criminals in charge that caused it all
[ link to this | view in thread ]
tracyanne (profile), 25 Jun 2015 @ 2:40pm

One small comfort
I stopped using anti virus software on my computers some time ago.
[ link to this | view in thread ]
GEMont, 25 Jun 2015 @ 7:04pm

There's no business, like Snow Business, and snowjobs are such a breeze...
I can hardly wait till the populations of Australia, Britain, Canada, USA, and New Zealand finally grasp the simple fact that their federal governments and the agencies attached to those federal governments, have left the employ of those populations and are now working for someone else altogether. A very, very secret someone - like maybe the billionaire members of these federal governments themselves, perhaps.

At the rate the federal governments are telling their populations to fuck themselves now, it should not take much more than another 50-75 years or so, for the public to catch on - which should be - if history is any yardstick - about 50 years too late, as usual.

---
[ link to this | view in thread ]
Anonymous Coward, 25 Jun 2015 @ 7:54pm

Re: There's no business, like Snow Business, and snowjobs are such a breeze...
we can only hope it takes 50-75 years. personally I think things will turn much more dictatorial by 2017 or 2020.

Things like getting your door kicked in and your family dragged off in the middle of the night for political dissent against the self entitled party rulers.
[ link to this | view in thread ]
tracyanne (profile), 26 Jun 2015 @ 4:51am

Re: There's no business, like Snow Business, and snowjobs are such a breeze...
Your wait is over... we know.
[ link to this | view in thread ]
observer, 26 Jun 2015 @ 8:01am

Re: Security agencies are worse than cybercriminals
Evidence, if any more were needed, that the natsec industry has nothing to do with the general public - whose taxes it nevertheless spends in abundance - and everything to do with monitoring potential dissidents and compensating party donors. It happened with all the scaremongering over Russia and/or China acquiring the Snowden docs, as if their own intelligence agencies didn't have all that info already: I can't bring myself to care, because which government has the biggest metaphorical penis has no bearing on the lives of the vast majority of people.
[ link to this | view in thread ]
observer, 26 Jun 2015 @ 8:13am

Re:
That's the thing, isn't it? Of course reverse engineering can be used for nefarious purposes - just ask GCHQ! - but that's no reason for a blanket ban. It's a very interesting pastime, as it happens - as it goes on at a much lower level than most ordinary programming, it really gives you a feel for how your computer works.
[ link to this | view in thread ]
GEMont, 26 Jun 2015 @ 11:48am

Re: Re: There's no business, like Snow Business, and snowjobs are such a breeze...
"...we can only hope it takes 50-75 years. personally I think things will turn much more dictatorial by 2017 or 2020."

Actually, I said it would take the public that long - 50-75 years - to figure out exactly who the enemy is, not that it would take that long before the enemy removes all vestiges of what was once the mythical American freedoms and rights protections.

And while the poster below appears to be playing tongue-in-cheek, he/she is actually quite correct.

"We know", is pretty much the end-purpose of the Five Eyes' entire surveillance program.

And busting down your door and dragging your family off in the dead of night, is already a common practice, although the Drug War is used as a premise for the public pest extermination process, rather than political dissent - currently.

However, given the escalation of the War on Terror programs and its accompanying anti-public-rights laws, by the timely, convenient and well (Five Eyes) funded inauguration of ISIL as the new Evil Terrorist Horde, the Five Eyes will soon be using the War on Terror and the War on Drugs together, to implement their new secret War on the Adversary.

At that point, "We Know" becomes "We Gotcha" for any and all dissidents, popular anti-establishment bloggers and reporters and anyone else who gets in the way of the future Ownership Society's intended Roman Utopia.

Its just the natural progression of Fascism actually.

Fascism is very difficult for the common peasant to recognise, because its a quiet conquest of the 99%, from behind, by the nation's own wealthy 1% - the very people that the poor and middle class - the Adversary - have been trained for centuries to look up to and admire.

It is very difficult to admit that the people you want to become are the very people who are destroying your life and draining the nation in which you live.

In fact, The People almost never catch on to the process of Fascism, so fascism can be seen as the final stage of the entropy of a failed civilization.

I doubt this process will take another 20 years to accomplish, even if they do not destroy the internet through BS copyright legislation and Phony Free Trade Agreements.

---
[ link to this | view in thread ]
GEMont, 26 Jun 2015 @ 11:56am

Re: One small comfort
Actually, the news that the NSA/GCHQ wants to "legally" compromise Kapersky AV software, sounds like either an unintended promotion for the apparently highly effective software or an intended push by the Surveillance Industry towards making users purchase a now legally-compromised Kapersky.

Hard to decide which, when your dealing with criminals in all the high places.

---
[ link to this | view in thread ]