When users connect to Facebook, Twitter, or Hotmail—as well as many other popular websites—they are vulnerable to passive network surveillance and active attacks, such as account hijacking. These services are vulnerable because they do not use HTTPS encryption to protect all data as it is transmitted over the Internet.
Such attacks are trivially easy for hackers to perform against users of an open WiFi network using tools like Firesheep. They are also relatively easy for government agencies to perform on a larger scale, when they can compel the assistance of upstream ISPs.
As I described above, because Google will not respond to formal requests for user data from certain governments, it is likely that the state security agencies in these countries have come to depend on network interception, performed with the assistance of domestic ISPs.
Unfortunately for these governments, in January 2010, Google enabled HTTPS by default for Gmail and a few other services. Once the firm flipped the default setting, passive network surveillance became impossible. Thus, in January 2010, the governments of Iran and a few other countries lost their ability to watch the communications of domestic Google users.
Unlike normal communication tapping methods, packet tapping is a technology that allows a real-time view of all content coming and going via the Internet. It opens all packets of a designated user that are transmitted via the Internet. This was impossible in the early days of the Internet, but monitoring and vetting of desired information only from among huge amounts of packet information became possible with the development of “deep packet inspection” technology. Deep packet inspection technology is used not only for censorship, but also in marketing such as custom advertising on Gmail and Facebook.
The fact that the NIS taps Gmail, which uses HTTP Secure, a communication protocol with reinforced security, means that it possesses the technology to decrypt data packets transmitted via Internet lines after intercepting them.
“Gmail has been using an encrypted protocol since 2009, when it was revealed that Chinese security services had been tapping it,” said one official from a software security company. “Technologically, decrypting it is known to be almost impossible. If it turns out to be true [that the NIS has been packet tapping], this could turn into an international controversy.”
“The revelation of the possibility that Gmail may have been tapped is truly shocking,” said Jang Yeo-gyeong, an activist at Jinbo.net. “It has shown once again that the secrets of people’s private lives can be totally violated.” Lawyer Lee Gwang-cheol of MINBYUN-Lawyers for a Democratic Society, who has taken on Kim’s case, said, “I think it is surprising, and perhaps even good, that the NIS itself has revealed that it uses packet tapping on Gmail. I hope the Constitutional Court will use this appeal hearing to decide upon legitimate boundaries for investigations, given that the actual circumstances of the NIS’s packet tapping have not been clearly revealed.”
Please direct questions or comments to [englishhani[at]hani.co.kr]
NIS admits to packet tapping Gmail: If proven, international fallout could occur over insecurity of the HTTP Secure system
By Noh Hyung-woong