
GCHQ intercepted foreign politicians' communications at G20 summits - bcn
http://www.guardian.co.uk/uk/2013/jun/16/gchq-intercepted-communications-g20-summits
======
alan_cx
This is precisely what the likes of GCHQ and the NSA are for.

I would imagine that any G20 host and it allies would use the opportunity to
gather intelligence. I would also assume that where ever it is hosted, many
intelligence agencies would be active.

If not, then what are these agencies for? They were never designed for crime
fighting or mass surveillance of populations. There were and still are for
spying on nations. G20 summits are a prime and legit target.

IMHO, this is a proper use of such agencies.

~~~
fchollet
So is it okay to do this? Even diplomacy has laws, you know.

These actions are in breach of Articles 27 and 30 of the Vienna Convention on
Diplomatic Relations (of which the US and UK are signatories):

Article 27: 1.The receiving State shall permit and protect free communication
on the part of the mission for all official purposes.

Article 30: 1.The private residence of a diplomatic agent shall enjoy the same
inviolability and protection as the premises of the mission. 2.His papers,
correspondence and his property, shall likewise enjoy inviolability.

~~~
Oculus
You'd have to be naive to think that every nation actually follows such laws.
If they did, most jobs that intelligence agencies are supposed to conduct
would be impossible.

~~~
zxcdw
Why aren't such laws being followed and enforced though?

------
downandout
As a software engineer and fan of Tom Clancy novels, I find this fascinating.
As an American who would like to be able to do business with people outside
the country, I find this worrisome. This type of thing will increase the
distrust of Americans (while this occurred in the UK, it was done in
conjunction with the NSA). It paints us as diabolical geniuses running around
spying on everyone and everything. Many international companies may decide
that buying technology or related services from American companies simply
isn't worth the risk that there will be some kind of monitoring going on.

------
mpyne
Not to excuse the interception, but did a "top 20" nation's diplomats _really_
use an Internet cafe to check and send email? Fake cafe or not, that seems
like an awfully irresponsible act for what should be sensitive diplomatic
traffic. Note that Russia was not nearly so inept; Medvedev's phone calls were
encrypted, though NSA tried to decrypt (it's unspecified whether they did).

I wonder what Snowden is thinking by leaking the real cloak-and-dagger stuff
though. Diplomacy has been at least somewhat adversarial since the world's
"second oldest profession" came about, and the flipside to advancing your own
citizens' negotiating position by spying is to allow the other nations to
_conspire against you_ behind your back.

Diplomacy is a dangerous, dangerous game to insert yourself into, Mr. Snowden,
and will never have clear friends _or_ enemies.

------
tarkin2
Reminds me of Clare Short's statement about the British government spying on
Kofi Annan[1] in the run up to the Iraq war.

[1]
[http://news.bbc.co.uk/1/hi/uk_politics/3488548.stm](http://news.bbc.co.uk/1/hi/uk_politics/3488548.stm)

------
jdp23
There's a companion story about the NSA targetting Russian President Medvedev
at the G20 summit: [http://www.guardian.co.uk/world/2013/jun/16/nsa-dmitry-
medve...](http://www.guardian.co.uk/world/2013/jun/16/nsa-dmitry-
medvedev-g20-summit)

------
swombat
I wonder how many more G* meetings will be hosted in the UK or US.

On a more serious note, perhaps this will spur further investment in open,
reliable encryption technologies around the world. After all, governments can
put vast amounts of money into this, that individuals and most companies
cannot.

And on a further note, I hope that these revelations keep coming, keep the
outrage up, and force politicians to realise that they're in the crosshairs
too.

~~~
mpyne
In my view it's kind of embarrassing that any nations got caught by this at
all, even in 2009 you had VPNs which could be used to setup a secure network
over a dumb and unencrypted pipe. If the keyboards are smartcard-capable you
could even have possibly used S/MIME.

In the worst case, use the telephone in your hotel room to setup a SLIP or PPP
connection back home using a known-good and known-clean laptop brought from
home. But an Internet cafe? Really?

~~~
discostrings
It's embarrassing, but it's not surprising. Clearly some of the participating
countries were more focused on an economic discussion than a game of cloak and
dagger.

But there's a lot more to this than countries not taking proper security
measures. It's not easy if your "adversary" has a 0-day exploit for your
Blackberry that came straight from the company that made it (which may be the
case).

Seeing secure, totally open hardware come out of this would be great.

~~~
signed0
I wonder if this will cause countries to abandon OSX & Windows in favor of
open source software.

The bigest takeaway from all of this is that you can't trust closed software
that was developed by foreign corporations.

~~~
mpyne
Firefox logs in to GMail and Facebook just as well as Internet Explorer does,
and the open protocols that would be used by OSS are just as susceptible to
interception on the wire as the closed protocols used by Skype.

I do agree (and have for years) that people with Important Data should rely
exclusively on open-source software if it is important that the data is
handled properly, but OSS is not a panacea to this by any means.

------
discostrings
It's impossible for business to continue as usual as more of this apparatus is
revealed. Both legal changes and more secure technologies are imminent. Let's
get working on easy, ubiquitous encryption and secure logon.

------
JulianMorrison
I love the timing on this. Just exactly when Putin is visiting the UK. So
totally deliberate. The Guardian is having fun, but I imagine there are spies
out there who are having no fun at all tonight.

------
llamataboot
"The September meeting of finance ministers was also the subject of a new
technique to provide a live report on any telephone call made by delegates and
to display all of the activity on a graphic which was projected on to the
15-sq-metre video wall of GCHQ's operations centre as well as on to the
screens of 45 specialist analysts who were monitoring the delegates.

"For the first time, analysts had a live picture of who was talking to who
that updated constantly and automatically," according to an internal review."

------
deftnerd
The fact that they talk about how this is nearly routine now would make me
expect that the UK might not be a premier destination for international
diplomatic conferences for much longer.

------
mongol
What kind of Powerpoint slides are these? Are the spying agencies trying to
"sell" their skills for larger budgets, or what?

~~~
7952
They even have a cheesy corporate template.

------
Zigurd
If you want to go exploring the rabbit hole regarding spying on diplomatic
communications, read about Crypto AG:
[http://rense.com/politics2/crypto.htm](http://rense.com/politics2/crypto.htm)

That drunk Swiss guy that Snowden knew about may be some distant echo of this
exploit.

------
lambada
I'd love to hear more information on what they mean by "penetrated
Blackberry's security". Given BlackBerry's current troubles, and their
certifications for Government use, this could cause them quite a bit of brand
damage.

~~~
discostrings
I wonder if it's related to back doors RIM was forced to include, or security
vulnerabilities that RIM shared with these agencies before fixing them.

I'm very interested to see where the argument for forcing manufacturers to
include back doors goes once events like this are part of the public
consciousness.

~~~
Spearchucker
If the debacle between RIM, India and I think it was Saudi Arabia a year or
two ago is anything to go by[1], then it's not a back door as much as giving
out the private key to the servers located in a country. India and Saudi got
those keys on the threat of disallowing Blackberries in their respective
countries. I remember thinking at the time that surely the US would have the
keys to US servers.

[1] Whenever there's doubt, there is no doubt.

~~~
lambada
My understanding is that if the phone is linked with a self-hosted Enterprise
Server (BES, not hosted by RIM) then RIM don't actually have the keys to hand
over.

I would have assumed that a government would have enough cash (and sense) to
purchase and run its own BES software, keeping the keys out of RIMs hands.

------
Silhouette
Pointed observation from the article:

 _The disclosure raises new questions about the boundaries of surveillance by
GCHQ and its American sister organisation, the National Security Agency, whose
access to phone records and internet data has been defended as necessary in
the fight against terrorism and serious crime._

So, are the diplomatic and political representatives of allied powers
suspected criminals or suspected terrorists then?

I'm not sure how they can possibly wriggle out of this one without much egg on
face, and possibly some significant consequences for diplomatic standing too,
with the G8 summit taking place this week.

~~~
objclxt
There's really no diplomatic issue here. There's some egg on face for it
becoming public, but spying pre-dates terrorism. Governments spy on other
governments. It's what's done.

I disagree with the article here. PRISM absolutely raises serious questions
about the boundaries of intelligence agencies. But spying on other governments
- which is the _whole reason_ for GCHQ existing - that's exactly what these
agencies exist to do.

It's like all those Russian sleeper agents in the US back in 2010. It was
highly embarrassing for Russia, but there was virtually no change to
diplomatic or political relations...because it's what spying is about. And
exactly the same thing happened a few months ago when Russia threw out a US
'diplomat' (or, as it turned out, CIA agent) for totally botching a
recruitment job. Embarrassing for the US, but no diplomatic consequences of
any noticeable kind.

~~~
Silhouette
I agree that spies spying on people is hardly news. As far as any possible
diplomatic consequences, it was more idly wondering whether anyone would try
to turn the fact that this time it got out to their advantage during the G8.

But it doesn't reflect well on all the politicians rushing to defend mass
surveillance/dragnet operations on the grounds that these capabilities are
only used in serious crime/terrorism/whatever other specific cases they
admitted to.

It's also rather surprising that some of these tactics were used or worked at
all, not because there was any real doubt that these kinds of organisations
could use them if they were willing to commit enough resources, but more
because anyone attending a high profile event like that actually fell for the
tactics and made it worthwhile to bother trying them in the first place.

------
abritishguy
Is this legal? I mean they aren't uk nationals so they aren't protected by the
normal laws. I'd like to know what, if any, laws were broken or whether this
is simply an ethical issue.

~~~
uh_oh
There is very little international law that governs interactions between
nations. Those governments trusted their host. They were betrayed.

~~~
objclxt
It's embarrassing that it's public, but I highly doubt the countries involved
trusted their hosts. Do you really think Russia trusts the UK and the US?

~~~
vidarh
Russia clearly didn't, given the encrypted satellite phone link for Medvedev,
but it appears some others did. And now they know better.

------
return0
Why are spies making powerpoints to brag about their achievements? Aren't
these things supposed to be secret?

~~~
drrotmos
Hence the classification "TOP SECRET STRAP 1" at the bottom of the slide.

------
6d0debc071
I've always found it odd as hell that G20 summits aren't done by
teleconferencing with one time pads. It's not like it'd be difficult, given
the resources they have, to securely exchange a few TB of stuff for when you
wanted really secure chats.

------
Oculus
This shouldn't be a concern to countries because if they are in any way
competent, they'd be securing their channels of communication regardless.

