Amid
a raging global debate on privacy versus surveillance, monitoring and
use of intrusive technologies by governments, the Directorate of
Forensic Sciences in the Ministry of Home Affairs (MHA) is set to
purchase a range of equipment and software that will allow it to conduct
deep search, surveillance and monitoring of voice calls, SMS, email,
video, Internet, chat, browsing and Skype sessions on an unprecedented
scale.
The
shopping list may help the government counter crime and terrorism but
civil liberties advocates worry about the misuse of these technologies
against ordinary citizens, especially given the absence of strong
privacy protection.
The
MHA document of July 12, 2013 also lists software-based tool kits for
logical level analysis of GSM and CDMA mobile phones — which will
comprehensively cover phones and SIMs used by India’s 860 million
subscribers across 2G and 3G networks. This will be capable of
extracting the phone’s basic information and SIM card data, including in
your phonebook and contact list, call logs, caller group information,
organizer, notes, live and deleted SMSs, web browser artifacts,
multimedia and email messages with attachments, multimedia image audio
and video files and details of installed applications, their data,
traffic and sessions log. It will allow access to iPhone backup
analysis, including those which are password protected. Blackberry,
considered safe by unsuspecting users, will also be fair game, since it
will support Blackberry IPD backup analysis, even when password
protected.
Mobiles and SMS
The
specialised hardware on the MHA’s list will be able to extract all
data, including call logs, phone books, SMS, email messages along with
attachments, MMS, calendars, including passwords and location
information. It will be able to read SIM cards and extract
SIM-card-related information along with all user information on the SIM
card, like phone call register and text messages, even if they have been
deleted. The software will be capable of data authentication by hashing
algorithms, and will even access deleted phone information by
recovering or bypassing passwords. Special forensic kits are being
brought in for Chinese mobile phones.
Bypassing passwords
Hardware
forensic imaging devices with the capability to acquire data from live
systems and content-based images are being procured. The capabilities
also include the ability to search for key words in the suspected media
and to acquire data over a network. Essentially, this would mean blind,
across-the-board search on mass data rather than a targeted search based
on an authorised target phone number, email or IP address.
The
MHA is also set to acquire software for forensic previewing, for
analysis of digital media and smartphones. This can acquire date from
various types of storage media including in multi-sessions. It can
support Windows, Unix, Linux, Sun, Solaris, Macintosh, Apple’s iOS,
Android, Blackberry, HP’s palm OS, Nokia Symbian, Windows Mobile OS,
etc. The software will be capable of decrypting volumes, folders and
files of suspected media including that which is subject to various
types of encryption — including 32 and 64-bit systems.
Software
is also being ordered for previewing, image mounting, password cracking
and forensic analysis of digital media. This would allow recovering
folders, expanding compounded files, saved email data bases, extracting
artifacts, time line analysis, and registry log analysis. It will allow
the government to auto-detect passwords of protected files and their
decryption across a range of encryptions.
The
new forensic tool will automatically check for disk encryption,
including Truecrypt, PGP, Bitlock and Safeboot. This forensic tool will
be capable of collecting and recovering artifacts from live and off-line
systems when using cloud artifacts like Dropbox, Carbonite, Skydrive,
Googledocs, Google Drive and Flickr. It will link into, and extract data
out of, users’ social networking pages like Facebook, Twitter, Bebo
Chat, Myspace Chat, Google+ and Linkedin. Similarly, webmail
applications like Gmail, Yahoo, Hotmail and instant messenger chat can
be targeted through this kit. Instant messenger chat like GoogleTalk
chat, Yahoo chat, MSN/Windows Live Messenger, AOL, Skype, ICQ, World of
War Craft, Second Life and Trillian, will all be open to collection of
artifacts, whether live or offline. The system will also accurately
target web browser activity on Internet Explorer, Firefox, Google
Chrome, Apple Safari, Opera, Google Maps, etc.
The
MHA is one of the nine authorised departments, along with IB and RAW,
which is allowed to order surveillance and monitoring of citizens under
the Indian law. It has been in the news for being closely involved in
the implementation of a nationwide Central Monitoring System covering
mobile and Internet users.
No comments:
Post a Comment
please leave your opinion about his blog ,
this will help us to give some more quality information.