Project for Privacy and Surveillance Accountability (PPSA)
  • Issues
  • Solutions
  • SCORECARD
    • Congressional Scorecard Rubric
  • News
  • About
  • TAKE ACTION
    • Section 702 Reform
    • PRESS Act
    • DONATE
  • Issues
  • Solutions
  • SCORECARD
    • Congressional Scorecard Rubric
  • News
  • About
  • TAKE ACTION
    • Section 702 Reform
    • PRESS Act
    • DONATE

 NEWS & UPDATES

The Shady Certification Company with Connections to Spyware

12/21/2022

 
Picture
The largest web browsers are scrutinizing their dependence on root certificate authority TrustCor Systems after researchers discovered it has links with shady spyware producers and distributors.
 
TrustCor is an agency that vouches for the legitimacy of websites reached by hundreds of millions of users every day. Web browsers employ hundreds of such root certificate authorities to fulfill a vital role in online data security. But with TrustCor Systems, malicious spyware could have had a backdoor into a critical component of U.S. internet infrastructure.
 
According to a Washington Post report on research from Joel Readon at the University of Calgary and Serge Egelman of the University of California, Berkeley, TrustCor’s “Panamanian registration records show that it has the identical slate of officers, agents and partners as a spyware maker identified this year as an affiliate of Arizona-based Packet Forensics, which public contracting records and company documents show has sold communication interception services to U.S. government agencies for more than a decade.”
 
TrustCor’s products include an email service that has been found to host spyware developed by a Panamanian company. According to The Post, Google has since banned all software containing that spyware code from its app store.
 
TrustCor also has the same president, agents, and holding-company partners listed in Panamanian records as another company known as Measurement Systems, which has been caught “paying developers to include code in a variety of innocuous apps to record and transmit users’ phone numbers, email addresses and exact locations.” Apps with that code were downloaded over “60 million times, including 10 million downloads of Muslim prayer apps.”
 
PPSA has reported how the federal government maintains an advanced surveillance network to stalk American Muslims. Who knows what they can do with these data?

Comments are closed.

    Categories

    All
    2022 Year In Review
    2023 Year In Review
    2024 Year In Review
    Analysis
    Artificial Intelligence (AI)
    Call To Action
    Congress
    Congressional Hearings
    Congressional Unmasking
    Court Appeals
    Court Hearings
    Court Rulings
    Digital Privacy
    Domestic Surveillance
    Facial Recognition
    FISA
    FISA Reform
    FOIA Requests
    Foreign Surveillance
    Fourth Amendment
    Fourth Amendment Is Not For Sale Act
    Government Surveillance
    Government Surveillance Reform Act (GSRA)
    Insights
    In The Media
    Lawsuits
    Legal
    Legislation
    Letters To Congress
    NDO Fairness Act
    News
    Opinion
    Podcast
    PPSA Amicus Briefs
    Private Data Brokers
    Protect Liberty Act (PLEWSA)
    Saving Privacy Act
    SCOTUS
    SCOTUS Rulings
    Section 702
    Spyware
    Stingrays
    Surveillance Issues
    Surveillance Technology
    The GSRA
    The SAFE Act
    Warrantless Searches
    Watching The Watchers

    RSS Feed

FOLLOW PPSA: 
© COPYRIGHT 2024. ALL RIGHTS RESERVED. | PRIVACY STATEMENT
Photo from coffee-rank