SEARCH

News » National

Updated: August 16, 2013 07:45 IST

Government buying deep surveillance, monitoring equipment

Shalini Singh
Comment (10)   ·   print   ·   T  T  

Amid a raging global debate on privacy versus surveillance, monitoring and use of intrusive technologies by governments, the Directorate of Forensic Sciences in the Ministry of Home Affairs (MHA) is set to purchase a range of equipment and software that will allow it to conduct deep search, surveillance and monitoring of voice calls, SMS, email, video, Internet, chat, browsing and Skype sessions on an unprecedented scale.

The shopping list may help the government counter crime and terrorism but civil liberties advocates worry about the misuse of these technologies against ordinary citizens, especially given the absence of strong privacy protection.

The MHA document of July 12, 2013 also lists software-based tool kits for logical level analysis of GSM and CDMA mobile phones — which will comprehensively cover phones and SIMs used by India’s 860 million subscribers across 2G and 3G networks. This will be capable of extracting the phone’s basic information and SIM card data, including in your phonebook and contact list, call logs, caller group information, organizer, notes, live and deleted SMSs, web browser artifacts, multimedia and email messages with attachments, multimedia image audio and video files and details of installed applications, their data, traffic and sessions log. It will allow access to iPhone backup analysis, including those which are password protected. Blackberry, considered safe by unsuspecting users, will also be fair game, since it will support Blackberry IPD backup analysis, even when password protected.

Mobiles and SMS

The specialised hardware on the MHA’s list will be able to extract all data, including call logs, phone books, SMS, email messages along with attachments, MMS, calendars, including passwords and location information. It will be able to read SIM cards and extract SIM-card-related information along with all user information on the SIM card, like phone call register and text messages, even if they have been deleted. The software will be capable of data authentication by hashing algorithms, and will even access deleted phone information by recovering or bypassing passwords. Special forensic kits are being brought in for Chinese mobile phones.

Bypassing passwords

Hardware forensic imaging devices with the capability to acquire data from live systems and content-based images are being procured. The capabilities also include the ability to search for key words in the suspected media and to acquire data over a network. Essentially, this would mean blind, across-the-board search on mass data rather than a targeted search based on an authorised target phone number, email or IP address.

The MHA is also set to acquire software for forensic previewing, for analysis of digital media and smartphones. This can acquire date from various types of storage media including in multi-sessions. It can support Windows, Unix, Linux, Sun, Solaris, Macintosh, Apple’s iOS, Android, Blackberry, HP’s palm OS, Nokia Symbian, Windows Mobile OS, etc. The software will be capable of decrypting volumes, folders and files of suspected media including that which is subject to various types of encryption — including 32 and 64-bit systems.

Software is also being ordered for previewing, image mounting, password cracking and forensic analysis of digital media. This would allow recovering folders, expanding compounded files, saved email data bases, extracting artifacts, time line analysis, and registry log analysis. It will allow the government to auto-detect passwords of protected files and their decryption across a range of encryptions.

The new forensic tool will automatically check for disk encryption, including Truecrypt, PGP, Bitlock and Safeboot. This forensic tool will be capable of collecting and recovering artifacts from live and off-line systems when using cloud artifacts like Dropbox, Carbonite, Skydrive, Googledocs, Google Drive and Flickr. It will link into, and extract data out of, users’ social networking pages like Facebook, Twitter, Bebo Chat, Myspace Chat, Google+ and Linkedin. Similarly, webmail applications like Gmail, Yahoo, Hotmail and instant messenger chat can be targeted through this kit. Instant messenger chat like GoogleTalk chat, Yahoo chat, MSN/Windows Live Messenger, AOL, Skype, ICQ, World of War Craft, Second Life and Trillian, will all be open to collection of artifacts, whether live or offline. The system will also accurately target web browser activity on Internet Explorer, Firefox, Google Chrome, Apple Safari, Opera, Google Maps, etc.

The MHA is one of the nine authorised departments, along with IB and RAW, which is allowed to order surveillance and monitoring of citizens under the Indian law. It has been in the news for being closely involved in the implementation of a nationwide Central Monitoring System covering mobile and Internet users.

More In: National | News

I was amused to read such a sci-fi story.When quoting documents please
mention the context of MHA document, were the purchases being made are
for forensic analysis inside lab or over the air theft of data.There is
no need to sensationalise the things. We as readers expect better
reporting of wholesome facts rather than news articles just to create
panic.

from:  P K Singh
Posted on: Aug 17, 2013 at 10:16 IST

I don't think this will be any helpful for government to minimize the terror attacks because
terrorists are increasingly using sophisticated contact methods and its really
impossible to crack their system unless you have some sort of exploit or spy on them.

Also I don't think India have much professionals to handle this and think about
mishaps..what if china has exploited the system and steal all our data. Certainly the
government its risking its 10 billions peoples privacy.

from:  Vivek
Posted on: Aug 16, 2013 at 16:19 IST

Either the author of this article, or whoever has given her the information (or even
those buying this equipment) have failed to distinguish between over-the-air access
with physical forensic analysis. This has resulted in a rather alarmist and inaccurate
view.

Many of the capabilities described here (for example, old browser sessions and
deleted data etc) will be available only when the investigators have physical
possession of the device in question. Over the air analysis is limited to the
unencrypted data that is flowing through the network.

Also of interest is the fact that most of these capabilities are freely available with
software anyone can find on the net, some of it free and open source. Accessing old
browser sessions and deleted photographs, for example, is child's play. Of course,
that doesn't stop the 'sleuths' from taking out tenders and paying large sums of
money for it. Or from feeding news of these as some special capabilities to gullible
journalists!

from:  Vivek
Posted on: Aug 16, 2013 at 10:52 IST

Those who want to do things without seeing by law only need to fear. I don't care about their watch. & as a normal citizen I believe that our govt have the right except, personal one, to do so.

from:  Joe
Posted on: Aug 16, 2013 at 10:23 IST

Honestly, it was scary to read the shopping list of equipments which
make the word 'privacy' meaningless however I have faith in our
government that government will use it for national security purpose and
will not indulge in other unlawful activities.

Also, it gives me comfort (its my assumption) that such equipments will
enable government intelligence agencies to intercept terrorist messages
and minimize terror attacks on our soil.

from:  Santosh Singh
Posted on: Aug 16, 2013 at 09:50 IST

This is the same government that cannot provide stability, efficiency and usability on a simple railway ticket booking system?

Could the author please let us know if this great new software is capable of retrieving information from devices that are switched off?

from:  B S Kumar
Posted on: Aug 16, 2013 at 09:00 IST

So, are you telling me that the guys who cannot run MS Office properly
will be able to use all of that^? Come on!

from:  Sai Deepak
Posted on: Aug 16, 2013 at 01:45 IST

Info US joke deal?

from:  Akshay S Dinesh
Posted on: Aug 16, 2013 at 01:39 IST

would i get trained pigeon on OLX.....

from:  subodh kumar
Posted on: Aug 16, 2013 at 00:51 IST

This is Insane stuff and shows a perverted government mentality. While every one is pushing for transparency in governance, government is interested in holding everyone under them. Did we not celebrate freedom yesterday ? How can be trust with governments with our data with incidents like delhi metro rail video leaks? This kind of big brother attitude is sick. Where are they purchasing this from? U.S? that shows why Kurshid was happy with the U.S collecting phone calls for analysis.

from:  Krishna Kumar
Posted on: Aug 16, 2013 at 00:49 IST
Show all comments
This article is closed for comments.
Please Email the Editor

Avian Influenza Outbreak

More Avian Influenza Outbreak »

International

Tamil Nadu

Andhra Pradesh

Karnataka

Kerala


O
P
E
N

close

Recent Article in National

Congress president Sonia Gandhi. File photo: V. Sudershan

Sonia Gandhi feeling better, will remain under observation: doctors

Congress president Sonia Gandhi, who has been hospitalised for lower respiratory tract infection, is feeling better but will remain unde... »