Thursday, February 24, 2022
Home Bloggers Frank Macskasy EXCLUSIVE: The truth about GCSB spin

EXCLUSIVE: The truth about GCSB spin







snow job



TDB Recommends

15 September 2014

Despite being labelled a “fizzer” by some National-aligned critics, and a media expecting ‘fireworks’, the “Moment of Truth” event  presented information that raised the public’s awareness of state surveillance and data collection in this country;

…that the Government Communications Security Bureau was involved in the mass surveillance of New Zealand citizens, and that the National government and Prime Minister John Key were aware of it […] NSA leaker Edward Snowden accused Prime Minister John Key of misleading the public over the country’s spying activities…

One mass-surveillance system referred to was XKEYSCORE, which investigative-journalists on The Intercept described as;

The NSA’s XKEYSCORE program, first revealed by The Guardian, sweeps up countless people’s Internet searches, emails, documents, usernames and passwords, and other private communications. XKEYSCORE is fed a constant flow of Internet traffic from fiber optic cables that make up the backbone of the world’s communication network, among other sources, for processing. As of 2008, the surveillance system boasted approximately 150 field sites in the United States, Mexico, Brazil, United Kingdom, Spain, Russia, Nigeria, Somalia, Pakistan, Japan, Australia, as well as many other countries, consisting of over 700 servers.

These servers store “full-take data” at the collection sites — meaning that they captured all of the traffic collected — and, as of 2009, stored content for 3 to 5 days and metadata for 30 to 45 days. NSA documents indicate that tens of billions of records are stored in its database. “It is a fully distributed processing and query system that runs on machines around the world,” an NSA briefing on XKEYSCORE says. “At field sites, XKEYSCORE can run on multiple computers that gives it the ability to scale in both processing power and storage.”

Our esteemed Dear Leader, John Key, has consistently refused to confirm of deny whether or not the GCSB uses XKEYSCORE. Equally critically, Key refused to confirm or deny whether or not the spy bureau obtains information from the American NSA, which does employ XKEYSCORE.

However, seven months ago, investigative journalists Nicky Hager and Ryan Gallagher, working with the Herald on Sunday, released a damning report which presented clear evidence that the New Zealand government was indeed collecting private information using XKEYSCORE;

For the first time, New Zealanders can learn about people their government has targeted as part of its role in Five Eyes, a surveillance alliance that includes New Zealand, the United States, the United Kingdom, Canada, and Australia.

The secret document, dated from January 2013, shows some of the names and other search terms that the Government Communications Security Bureau (GCSB) entered into the internet spying system XKeyscore . XKeyscore is run by the US National Security Agency and is used to analyse vast amounts of email, internet browsing sessions and online chats that are intercepted from some 150 different locations worldwide.

GCSB has gained access to XKeyscore through its partnership in Five Eyes, and contributes data to the system that is swept up in bulk from a surveillance base in Waihopai Valley.

John Key’s assurances that New Zealanders are not under mass surveillance, nor mass data-collection being used, is also questionable after a recent TV3 The Nation’s interview with the GCSB’s  acting director, Una Jagose.

As well as XKEYSCORE, there is another programme that Key confirmed was being used by the GCSB – “Cortex”;

“We’ve never undertaken mass surveillance, we have got a programme called Cortex running over specific entities providing cyber protection.”

However, there are indications that Cortex is not merely the benign “cyber protection system” as has been made out.

It may well be a cleverly  disguised ‘Trojan Horse’ – a possibility recently raised by fellow blogger, Martyn Bradbury.

The Present.

On 3 October, the GCSB’s  acting director, Una Jagose, was interviewed by Patrick Gower.


Una Jagose - GCSB - TV3 The Nation - Patrick Gower - October 2015

Image acknowledgement: TV3 – The Nation


Whether by clever persistance or sheer dumb luck, Gower managed to elicit some intriguing responses from Jagose on the ‘Cortex’ programme.

Gower first asked who is under attack by “cyber threats from overseas”. Jagose responded;

“We focus our attention on New Zealand companies that are holders of information, assets of importance to New Zealand, so nationally important infrastructure companies and some key government departments. So, yes, we’re definitely seeing attacks there.”

Gower then pointedly asked; “So what you’re talking about – banks, telecom companies, those kinds of things?”

At this point, Jagose became less than forthcoming;

“Well, those parts of the infrastructure, the nationally important, those sorts of things. We actually don’t talk about who they are or specifically what types of organisations they are, because revealing that also reveals to an adversary where we might have our best and richest sources of data that they might be interested.”

Which is interesting, as foreign cyber attackers would already be aware who their targets are in this country. Jagose would not be revealing anything that foreign cyber attackers would not already know.

The only people kept in the dark – us.

As Gower continued to interview Jagose, it soon became apparent why she was reticent in revealing who was being targetted by so-called “foreign cyber attacks”.

Gower followed up by asking a natural-enough question; “who is trying to get this information? Is it individual criminal organisations, or is it countries?”

Jagose replied;

“…At best it’s criminals. It’s often foreign-sourced sophisticated malware that we’re seeing…


… it could be industrial espionage. It could be IP theft. It could be just having an in to important sovereign communications or discussions by government agencies, policies, positions governments might take, positions companies might take.”

Then, she made this startling admission;

“We don’t spend too much of our time trying to track down who did that, because, in fact, we want to use our time and our technology protecting networks and systems.”


We don’t spend too much of our time trying to track down who did that…”

Jagose repeated the statement in the next response she gave to Gower – though the TV3 reporter did not appear to comprehend the implications of her candid admission;

“Well, again, I say we don’t spend our energy looking at— attribution is really difficult. It is apparently a very technical and difficult thing to work out where did that come from, who’s doing it and why are they doing it? We spend our energy on defence.”

In effect, the GCSB’s “new role” has moved from intelligence gathering (ie, finding out who is supposedly – and I use that word deliberately – launching “cyber attacks” against us) – to one of being a State-funded-and-operated, quasi-Norton Anti-Virus agency?

Is this credible?

When did National decide to go into business to offer a rival service to MacAfee, AVG, Norton, et al?

That is not a rhetorical question, as National released two Cabinet Minutes related to “Project Cortex”. The first, labelled “1”, is dated 28 July 2014, the other (labelled “4”) is simply dated “2014” (though Key refers to the document as having been written in July 2014). Both outlined a business case for “Cortex”, including costings and assessment by Treasury – though all dollar figures had been redacted.

Cabinet Minute 4 takes great pains to point out;

2. The proposal takes into account the amended GCSB Act and necessary warranting procedures, and will in all cases operate with the consent of the participating entities.

In fact, Cabinet Minute 4 refers to “consent” from organisations and entities no less than eight times. Someone was at pains to make the point to whoever was going to read the document. Which would be  unusual, as normally Cabinet Minutes are almost never made public.

Cabinet Minute 4 also makes several curious statements;

27. There will be no ‘mass surveillance’, and data will be accessed by GCSB only with the  consent of owners of relevant networks or systems.

By coincidence, a press statement from John Key dated 15 September, 2014 – two months after Cabinet Minute 4 was supposedly written shortly after a Cabinet Meeting held that year – quoted Dear Leader as stating;

“I can assure New Zealanders that there is not, and never has been, mass surveillance by the GCSB.

“In stark contrast, the Bureau actually operates a sound, individually-based form of cyber protection only to entities which legally consent to it,” Mr Key says.

Paragraph 27 of that Cabinet Minute – supposedly written before the “Moment of Truth” on 15 September 2014 – sounds remarkably similar to Key’s 15 September 2015 press statement – a year after “Moment of Truth”.

It almost seems as if Cabinet Minute 4 was prepared at some later date, knowing that it would be eventually be released to the media and the public to counter the “Moment of Truth”. Which is ridiculous… the author(s) of that Minute could not have known – in advance – that the Minute would eventually be released by  National. That would mean that the document was written well after the Cabinet meeting, and was re-worded to take into account revelations by Edward Snowden on 15 September last year.

That would mean the document was a fraud.

Ridiculous… right?

Interestingly, Cabinet Minute 4 also makes this curious statement at two different points;

7. GCSB is not proposing to procure or develop bespoke systems. No material level of software development is required of GCSB or a second party. The proposal is to procure then integrate capability components already available and tested over several years [redacted],

41. GCSB is not proposing to procure or develop bespoke systems. No material level of software development is required of GCSB or a second party. The proposal is to procure then integrate capability components already available and tested, [redacted]. The hardware and software components range from widely available commercial-off-the-shelf (COTS) systems, through to single-source COTS, to systems only available through government-to-government agreement. All of the technology has been in use for some time, [redacted].

As The Intercept website asked,

The Cortex documents [Cabinet Minutes] refer to the use of technology that “has been in use for some time.” What technology is this?

What is the Cabinet Minute referring to when it states; “ components already available and tested over several years ” and “capability components already available and tested“?

“Available” where?

“Tested” by whom?

“In use for some time” by who?

The document throws up more questions than answers. Unfortunately, despite Key’s claims to the contrary, this is not an open and transparent government that readily shares information.

So which “consenting organisations” will use Cortex? And will clients and staff be made aware that their electronic communications may be intercepted by the GCSB?

Cabinet Minute 4 states;

18. The foundation of the preferred option is a malware detection service delivered to [redacted] consenting organisations. [redacted] of the [redacted] organisations will be government agencies. The other [redacted] will be drawn from a list of approximately [redacted] organisations of national importance developed by DPMC’s National Cyber Policy Office (NCPO) and approved by ODESC on 7 June 2013. The list includes key economic generators, niche exporters, research institutions and operators of critical national infrastructure.

However, we do not know who those “consenting organisations” are. It is a secret. Remember Jagose’s first response to Gower during the 3 October interview;

“We actually don’t talk about who they are or specifically what types of organisations they are, because revealing that also reveals to an adversary where we might have our best and richest sources of data that they might be interested.”

Note that Paragraph 18 above refers to the “National Cyber Policy Office(NCPO). The NCPO is an arm of the Security and Intelligence Group. That Group, in turn, is part of  the Department of the Prime Minister and Cabinet (DPMC);


National Cyber Policy Office - Department of the Prime Minister


Note the address of the “National Cyber Policy Office“: Pipitea House, 1-15 Pipitea Street, Thorndon (arrow 1). Which happens to be the same building housing the GCSB.

Then note something called “Connect Smart” (arrow 2), which is described as;

Connect Smart is a new Government-led initiative, delivered in partnership with the private and NGO sectors, to raise awareness of cyber security issues and promote ways to protect yourself, your business and others online.

“Connect Smart” sounds remarkably like the supposedly top-secret list described by Cabinet Minute 4 as, “organisations of national importance developed by DPMC’s National Cyber Policy Office (NCPO) and  … The list includes key economic generators, niche exporters, research institutions and operators of critical national infrastructure”.

“Connect Smart” was launched on 16 June 2014 (just prior to Cabinet Minute 1   supposedly written on 28 July 2014), by Communications and Information Technology Minister, Amy Adams.

Adams warned about;

“The common thread that unites cyber threats is their capacity to cause damage; ranging in scale from the distress experienced by an individual who has had their identity hacked, to the economic damage that sustained industrial cyber espionage can cause to a country.”

She further stated;

“A range of departments are involved – from those at the front end, such as Police, Department of Internal Affairs, and the National Cyber Security Centre, through to those grappling with the policy implications of cyber security, led by the National Cyber Policy Office. 

This year, the NCPO will be working on a number of major policy initiatives:

  • A refreshed and comprehensive national Cyber Security Strategy to make sure we are coordinated and resourced across government to address this challenge;

  • A targeted inter-agency cybercrime plan;

  • An assessment of the economic balance of cyberspace for New Zealand;

  • Testing the Government’s response to a significant cyber incident; and

  • Consideration of the options for a national cyber mechanism to improve the coordination, effectiveness and efficiency of the Government’s response to cyber incidents. “

It sounds as if Adams is referring to… Cortex?

So who are the  “Connect Smart” Partners? They are;

  • Hewlett Packard
  • Spark NZ (formerly Telecom)
  • ASB
  • Facebook
  • ANZ
  • Datacom
  • Microsoft
  • Dimension Data
  • Marsh
  • International Underwriting Agencies Ltd
  • Internal Affairs
  • Department of the Prime Minister and Cabinet
  • Vodaphone
  • Aura Information
  • Mako Networks
  • Ministry for Primary Industries
  • RSA
  • Symantec
  • NZ Post
  • Inland Revenue
  • EQC
  • Nga Pu Waea
  • NCSC
  • North Harbour Business Association
  • RealMe
  • Mastercard
  • NZ Police
  • Transpower
  • University of Auckland
  • Yahoo NZ
  • ZX Security
  • Google
  • IPENZ Engineers NZ
  • ACC
  • Air New Zealand
  • British High Commission
  • Consumer
  • Financial Markets Authority
  • Institute of IT Professionals
  • Internet NZ
  • Kiwibank
  • KPMG
  • Massey University
  • Privacy Commissioner
  • PWC
  • Senior Net
  • VISA
  • Dept of Conservation
  • Xero
  • 1st Tuesday
  • Journey Church
  • Duo
  • Digital Journey
  • Institute of Directors
  • University of Waikato
  • Unitech
  • Scots College
  • Greater East Tamaki Business Association
  • Commission for Financial Literacy
  • Delta Insurance
  • Neighbourhood Support
  • Westpac
  • Ministry of Education
  • BNZ
  • Waikator District Health Board
  • NZ Foreign Affairs & Trade
  • Waitemata District Health Board
  • Business NZ
  • Crimestoppers
  • MPA
  • Longitude 174
  • University of Canterbury
  • VMWare
  • Trademe
  • Insurance Council of NZ
  • Weta Digital
  • High Tech Youth Network
  • AJ Park
  • Noel Leeming
  • Our School
  • NZ Transport Agency
  • NZ Bankers Association
  • University of Otago
  • Gallagher
  • Chartered Accountants
  • AIG
  • ARC Solutions
  • Secure Safe
  • Safestack
  • Paymark
  • Quantum Security
  • NZ Customs Service
  • Room 9
  • NZ Trade & Enterprise
  • SSS IT Security Specialists
  • Statistics NZ
  • NZ Health IT
  • Crombie Lockwood
  • Snap
  • Lock It
  • Connect
  • Computercare
  • Meredith Connell
  • Network Box
  • Stay Smart Online
  • Sovereign
  • NZ Security Intelligence Service (SIS)
  • Eagle Technology
  • Plan B
  • Naki Cloud
  • Pentech
  • Liverton Technology Group
  • Price Me
  • Mila XAG
  • Need A Nerd
  • KD Consult
  • Senate SHJ

(I have listed all companies, in case the website suddenly disappears, or that particular page is taken down.)

“The list includes key economic generators, niche exporters, research institutions and operators of critical national infrastructure” – the DPMC’s National Cyber Policy Office’s description of their supposedly secret list of clients.

The “Connect Smart” list certainly meets that criteria – including the Security Intelligence Service. And Amy Adams’ 16 June speech appears to confirm it.

So do the staff and clients of these companies, organisations, and government departments know that they are most likely part of the Cortex programme run by the GCSB?

Are they aware that their electronic communications may be collected and stored by the GCSB?

Are they aware their communications could be read, as Jagose confirmed to Patrick Gower;

Gower: What does the analyst do if there’s a personal email there?

Jagose: Well, the analyst is looking at it not for its content but for what the email and the traffic tells us about the fingerprint or the adverse attack that is occurring. So that’s what they do with it.

Gower: But the analyst can see the content if they want to?

Jagose: Yes.

Gower then asked the all-important question;

Gower: Yeah, but I would be told, would I, by the company that they’ve now put Cortex on?

Jagose: You’ll be told that your communications will be screened or may be screened for cyber defence purposes.

Gower: Right. How do you get told that?

Jagose: In terms and conditions of use, for example.

I scrutinised the Terms and Conditions of Spark NZ – one of the country’s largest companies that deals with thousands of employees, contractors, and customers. Is there any reference to Cortex with Spark’s Terms and Conditions?

Answer: no.

There is, however, this brief reference to handing over information to the government;

The Operator and Spark Digital reserve the right to disclose end user information that it believes, in good faith, is appropriate or necessary to take precautions against liability; to protect the Operator and Spark Digital and others from fraudulent, abusive, predatory, or unlawful uses or activity; to investigate and defend against any third party claims or allegations; to assist government enforcement agencies; or to protect the security or integrity of the Platform.

That paragraph is at the end of the Terms and Conditions statement, at the bottom of the page. How many people will have waded through the entire document to spot it? Who even bothers to read Terms and Conditions?

And by itself, just how informative is the brief statement, “to assist government enforcement agencies“?

It is a meaningless statement.

One cannot escape the conclusion that Una Jagose has attempted a ‘snow job’ of New Zealanders. If so, it remains to be seen how effective she has been.

Meanwhile,  it is unclear what the true purpose of the  ‘Cortex’ programme really is. Can we trust anything that we are told about it by National?

Answer: no.

There is much more to this than meets the eye.



Def: “Bespoke”

Of goods, especially clothing) made to order.

(of a computer program) written or adapted for a specific user or purpose.

Addendum 2

Questions posed by The Intercept on XKEYSCORE and Cortex;

We are currently researching a number of other stories related to GCSB, and I expect we are going to shine more light on the agency’s activities in this sphere in the near future. In the meantime, Key and the GCSB face a mounting number of important questions that they have until now managed to dodge.

Here’s a few for starters:

  • Why did you inform the public that the GCSB Amendment Bill would not lead to an expansion of powers when at the same time you were planning the Speargun mass surveillance initiative?

  • Why was phase one of the Speargun project completed if it was, as Prime Minister Key has claimed, something that never made it past the “business case”?

  • Why were New Zealanders not informed about the Cortex project until the government’s hand was forced by disclosures based on documents from Snowden?

  • How much data is collected on a daily basis by GCSB under the Cortex project, and how does the agency ensure this data does not “incidentally” include the content or metadata of citizens’ communications?

  • The Cortex documents refer to the use of technology that “has been in use for some time.” What technology is this?

  • Is any information collected by GCSB under Cortex — or any other program that accesses internet data — shared with the NSA and/or other Five Eyes agencies through systems such as XKEYSCORE?

  • Does GCSB have access to XKEYSCORE and, if so, for how long has this been the case?

  • Does GCSB use its access to internet data streams — under initiatives like Cortex or similar — to launch active/offensive cyber operations that involve hacking computer systems to collect information?

  • When will you declassify documents detailing the Speargun project and showing that it was not completed?





Radio NZ: ‘Moment of Truth’ on world stage

The Intercept: Xkeyscore – NSA’s Google for the World’s private communications

Radio NZ: Key silent on spy programme

NZ Herald on Sunday: Revealed – The names NZ targeted using NSA’s XKeyscore system

TV3 The Nation: Interview – GCSB Acting Director Una Jagose

TV3 The Nation: Interview – GCSB Acting Director Una Jagose (transcript)

Beehive: Cabinet Minute 1

Beehive: Cabinet Minute 4

Beehive: PM responds to incorrect surveillance claims

Department of the Prime Minister and Cabinet: National Cyber Policy Office

Connect Smart: Partners

Spark NZ: Terms and Conditions

Other bloggers

No Right Turn: The GCSB’s PR campaign

Public Address: Crowdsourcing Project Cortex

The Daily Blog: Martyn Bradbury – GCSB begin marketing campaign to con NZers

The Daily Blog: Chris Trotter – Revolution In Pipitea Street: The Listener celebrates the Baby-Boomer takeover of the SIS and the GCSB

Previous related blogposts

An Open Message to the GCSB, SIS, NSA, and Uncle Tom Cobbly

Letter to the Editor: John Campbell expose on Key and GCSB

Campbell Live on the GCSB – latest revelations – TV3 – 20 May 2014

The Mendacities of Mr Key #1: The GCSB Bill

One Dunedinite’s response to the passing of the GCSB Bill

The “man ban”; animal testing; GCSB Bill; and compulsory miltary training

Nigella Lawson, GCSB, Christchurch re-build, and Malcolm Burgess on Campbell Live

The real reason for the GCSB Bill

The Fletcher Affair – a warning for Labour

TV3 – Campbell Live’s GCSB Public Vote

The GCSB Act – Tracy Watkins gets it right

The GCSB Act – some history

The GCSB – when plain english simply won’t do

The GCSB law – vague or crystal clear?







= fs =


  1. Excellent work Frank, soundly backed up with evidence on how we are possibly being digitally monitored and observed, by a scurrilous, treasonous government, working against NZers, feeding internal information to a foreign power!

    I had my suspicion something unsavoury and deceptive was going on here, as most of us did. However I didn’t realize the depth or extent this matter had gone, which has been indicated here, through Frank’s thorough dissection of the issue. Many thanks for keeping us informed.

    Why isn’t msm (the voice of the people) pushing this at every opportunity? Or is our weak mainstream media under strict instruction to keep the sinister and possible abusive GCSB activities against Kiwis, in the dark? I suspect the intention is to keep the masses ignorant and compliant!

    Frank’s revelation here, should be screaming headlines across all NZ msm networks! But alas …….

    • Yep Frank, An excellent round up of the real truth of the GCSB real “role”.

      If it was real that GCSB was our protector then they had a funny way of beginning the use of their role?

      it was really smelling during of putting its’ “Role” to use over Phil Geoff in 2011 before the election for a start then sending the official Information request so quick to just one party remember they didn’t send it that quickly to MSM after they asked????

      Just to Slater and his “dirty politics club” of PM.

  2. Ah yes,…John XKEYSCORE.

    The liar.

    Yes, …they’ve come a long way since you could tell they were monitoring your phone calls when Telecom was called Telecom…

    You know the one….the loud ‘click’ and the sensation of an echo chamber…

    Even happened when I was talking to my mother one time… then I told them to fuck off… another loud ‘click’ and the phone line back to normal…

    But now… we have something much more juicy , don’t we , boys and girls ?

    XKEYSCORE , Cortex … quite the colourful little box of children’s toys , isn’t it?

    I’ve only got one question though ….

    Just WHY did the NSA plead guilty in the Supreme court of America to the ILLEGAL mass surveillance of the American ( USA ) public?

    Spurred on by Glen Greenwald and the data he had obtained from Ed Snowden …. the same Glen Greenwald that John XKEYSCORE called one of Dotcoms little henchmen?

    Which was then used to bring the Chief of the NSA to court…

    And a guilty verdict.

    Seems the little Forex dealer from New York has a few questions he needs to answer, doesn’t it ?…..

    • As a former Telecom technician, I also pine for those ‘good old days’, when the eavesdropping technology was so primitive that you could hear the click when the spys came onto your phone line! In these digital days, that is no longer true.

  3. Sad to say I am NOT surprised at all this.

    Dear Leader is a confirmed liar; we have plenty of evidence of this.

    But that knowledge does NOT make it right. This is clearly wrong on moral and legal counts.

    Waihopai needs to be taken down and the decision makers need to be held to account.

    If the wishy-washy middle classes won’t act perhaps we need to.

    Maybe those Christian protesters have some spare C4 lying around…

  4. Thanks Frank,
    And while we are at exposing liars and Prime Sinisters why not consider getting an —
    set up here in NZ ???

    While we are at it – lets ask this Prime Sinister Jonkey about his connections with the economic horrors in Ireland ?
    He screwed Ireland and yet again made a bundle.

    Also lets ask him about the word DERIVATIVES AND INSIDER TRADER and and why he avoids those words or talking about them.
    Lets also look more thoroughly at why he is labeled the SMILING ASSASSIN.

    Check out Penny Bright ( www. Water Pressure)
    Check out the truths behind his investing in TRAINSRAIL.
    How is Donkey Jonkey connected with the financial trading dirty dealings and how does derivatives help the lower 99% ?

    Pin stripe ( tax haven ) mafia = tax avoidance crooks.

    Then lets look at why he is so cozy with the UN and Obama and promoting his corporate buddies in the TPPA.

    Bank of America are the biggest banking scum bags in the US and John Key is very cozy with them and has worked for them as well as Colorado Property Investments.
    NZ national debt has risen from approx. 8 to 60 Billion ! ! in the past 7 – 8 years.

    Some call John Key a ” psychopathic and corporate ( Wall St. ) HENCHMAN. In 2012 Key went to Europe and signed a new treaty with NATO which we here in NZ know practically nothing about.

    This man is far from what most know and we are being sold out under his train wreck of a govt. It is my personal opinion that behind his false smile lies sad man who cares less about the under-privileged here in NZ and his priority is not about people BUT ABOUT PROFIT ! ! ! !
    Corporate greed dominates and we must stop TPPA at all costs.

    Check out the facts and do some research. This man is by far the worst thing that has ever happened to NZ. We deserve better ! ! !

  5. Why are Journey Church and Room 9 on the list?
    One looks like a legit church in Te Kuiti and the other a beauty/massage parlour in Auckland?

  6. Thanks Frank – I hope so called ‘journos’ read this blog, to see how their job is actually done!
    @ Blake – agreed. History will show Key as a traitor! We unfortunately have to live it now!

  7. Great work, Frank – apply a little bit of scrutiny and it just doesn’t stack.

    “Well, again, I say we don’t spend our energy looking at— attribution is really difficult. It is apparently a very technical and difficult thing to work out where did that come from, who’s doing it and why are they doing it? We spend our energy on defence.”

    This is either total crap or the GCSB are incompetent.

    What are the fundamental processes of mounting a defence?
    Firstly, make a risk assessment.
    That assessment would include:
    * the probability of attack
    * the impacts of attack

    To assess these there must be some knowledge of the attacker’s ability to deploy, the technology at their disposal, their favoured techniques, their objectives,
    Also, the impact has to be assessed – loss of IP, economic impacts, strategic impacts, downtime, loss of reputation, loss of trust.

    Defences need to be applied to high probability, high impact threats. This is 101 stuff. The notion effective defences can be mounted without this knowledge is farcical.

    After 30+ years of the internet and 20+ years of the world-wide web are we really expected to believe that tracing and tracking is really that difficult?

    Why wouldn’t they look at the sources too closely? Well, either they really do or there’s something more sinister going on.

    In case you’re wondering where all that hoovered up data gets stored – it’s in places like this .

  8. Some of your best work, Frank. Concise, yet fully substantiated, lucid and readable.
    Plus the import… *shudders”

    Related, the ol’ “Terms and Conditions” loophole is how our digital rights (hah) were created in the Internet Wild West. We’d already given all sorts of privileges to third parties via T&C so governments have been collecting data under the auspices of “you’ve already given consent to third parties”; and those corporate third parties are very happy to keep putting those T&Cs in, knowing they’re very helpful to govts so won’t every be challenged.

    tl;dr – we need a digital bill of rights, which would roll back a lot of trade practices and powers we’ve already had taken away.

    P.S. Assange’s Cyberpunks is a great read on this whole topic.

  9. Well, do you ever sleep, Frank?

    I am impressed at your analytical work, and this interesting summary report, also commenting on Paddy Gower’s pathetic performance in interviewing our GCSB Spymasteress.

    The GCSB same as the NSA do of course work together, with the other parties to the Five Eyes Network, so they will also share technology, as not doing so would be utterly stupid in a world where cybercrime is as rampant as old type cyberspying.

    So they will of course of Trojans and so to their avail, which will be smart and geared to find exactly the kinds of programs and computers that they are programmed to find. They will look for certain communicated bits, and data, and that will send the trojan off, and somehow find its way to a target. That target may be a hostile nation’s spy service, it may be a certain overseas business trying to hack computers of NZ government or businesses, it may be an ordinary resident’s computer, which downloads certain stuff from YouTube or elsewhere, that “may” be of some interest.

    One spymaster’s Trojan is another one’s legitimate “defence weapon”, and it is most certain, that the GCSB use both XKEYSCORE and Cortex and other programs, and various little bits of other “utensils” that make their lives easier and interesting.

    So while they will do the mass data gathering also, or at least condone the NSA do it on a cable connecting us with the rest of the world (we all use services based in the US by the way, daily), they will also have that “Norton Antivirus” service they offer or provide.

    It is convenient for the GCSB to publicly talk about the “benevolent” side of their business, as that polishes up their image, and is a great PR exercise. At the same time the focus goes off the other bits of their business, and people will simply tell themselves, nah, it is all ok, John the boss says so also, and pull the blankets over their faces again, and go back to sleep.

    By the way, only a few weeks ago I found one of those common Trojans on my computer, and it was sitting in a file where it may not have been able or had the time to do much “nosing around” yet. So it was detected and put into quarantine.

    Maybe the mercenaries of Ms Jagose did send one of their Trojans to check on me, as a “caring” party, wanting to protect me and others from all bad and nasty stuff? I can only guess, but will move on. Most certainly, they will also keep and eye on some “activists” who are active on the web, there is not much needed to do this.

    And Paddy sounded a wee bit concerned, asking repeatedly if they could read his emails. Yes, Paddy, wake up, even you journalists, or especially you, will not be safe from our friends working under Ms Jagose. It may be for the very fact that some people send you in the media stuff, that they may also have an interest in.

  10. Interesting comments from everyone; yes I read them all. (Even if I don’t always comment, as I’m working on several other stories and awaiting OIA responses.)

    Mike In Auckland; I try and squeeze in a few hours sleep between midnight and 1am… 😉

  11. Frank’s excellent analytical work and appreciated summary tells us something, but like the interview with Ms Jagose, it raises endless questions. I have little trust in the PR work we were presented, but I also do not think that the GCSB itself is going quite as far with their surveillance, as some here may dread.

    Nevertheless, it is absolutely important and necessary to ask the hard questions, and to keep an eye on them, and to dig deeper, as it is our responsibility as critical citizens to keep a check on all government services, particularly as they are run under this government, which just loves to keep things secret, while telling us lies about how “transparent” they are. Only the ill informed will believe that spin.

    There is another interesting discussion started by Graeme Edgeler on Public Address, by the way, which I would also recommend. He comes from a slightly different angle, and raises yet more deserved questions.

    We are none the smarter, and I suggest the double speak terminology in many user and privacy agreements requires firm scrutiny, so we can perhaps more correctly assess what they really mean, those “terms”.

    • Mike In Auckland – thanks. Very much appreciated! I’ve added to Graeme Edgeler’s list. And also adding his blogpost to my list of “Other Bloggers” at the end of my story.

  12. Surely Connect Smart cannot be Cortex, it is another program, simply assisting users and providers of communication services to operate in a precautionary manner, using perhaps yet other tools, or perhaps careful day to day processes.

  13. The GCSB is cunningly publicising one of its roles, the job of ‘cyber security’. This used to be the main role of the GCSB, originally they never were mainly a spy agency. But somewhere along they way they also became the NZ version of the NSA, and began mass spying. I would argue that the two roles are incompatible with each other, and that the GCSB should go back to their original role and sever all ties with the NSA.

    This latest publicity spurt is a cunning ploy, a red herring PR stunt, to divert attention from their other role as the local franchise of the Evil Empire.

Comments are closed.