Tag Archives | privacy

More on the data requested by the Information Branch

I just noticed Elnashra has published some classified communications between the interior miniter Marwan Charbel and prime minister Najib Mikati showing the data the Information Branch has requested following the assassination of General Wissam El Hassan.

In all of those documents the Information Branch is requesting the below types of data from the two mobile operators in Lebanon (Alfa and Touch), while there’s no mention of any ISP such as Cyberia, IDM, and the alike.

  • List of websites we visit along with all the information we submit to these websites including usernames and passwords. (It’s relatively difficult to obtain these information if HTTPS is enabled)
  • Copies of exchanged e-mails and chat sessions.
  • Recordings of calls made through VoIP applications.
  • List of downloaded apps.
  • Call detail records
  • SMS records.

So unlike what has been circulating in the past few days, and judging from the content of these communications, the Information Branch is only interested in data logged by mobile operators and not ISPs. In addition, there was no explicit interest in obtaining Facebook credentials as the media was reporting.

Anyway I still find it disturbing to know that mobile operators might not be only keeping track of visited websites, but also of submitted information, e-mails, chat sessions, and even VoIP calls recordings! And it seems like they’re really doing so since the telecommunications minister never claimed those records do not exist and instead is just rejecting the Information Branch’s requests.

P.S: I found it weird that some communications were dated August 18th 2012, and got received by the office of the prime minister on the same day, even though they’re requesting data from the period starting September 13th 2012 and ending November 10th 2012. It’s like asking for data from the future!

0

The information branch wants your passwords!

According to this article in Lebanon Files today, it seems that the intelligence-oriented Information Branch has asked the ministry of telecommunication for all SMSs that has been exchanged over the two months that preceded the assassination of General Wissam Al-Hassan back in October 19th, in addition to our internet accounts and Facebook passwords!

ذكرت صحيفة “السفير” ان شهية الأجهزة الأمنية ولا سيما شعبة المعلومات، فُتحت من جديد على “داتا” شبكة الاتصالات الخلوية في لبنان، مع فارق خطير هذه المرة، تمثل في عدم الاكتفاء بطلب تسليمها حركة الاتصالات، كما كان يحصل في السابق، ليصل الأمر إلى مستوى غير مسبوق، في خطورته وتداعياته، مع طلب الشعبة الاطلاع على محتوى كل الرسائل النصية الخلوية المتبادلة بين جميع المواطنين، على مدى الشهرين اللذين سبقا اغتيال اللواء وسام الحسن، إلى جانب الحصول على كلمات المرور (باسورد) لشبكات الإنترنت والفايسبوك التي يستعملها اللبنانيون.

وفي هذا السياق , أكد وزير الاتصالات نقولا صحناوي للصحيفة ان الوزارة تلقت طلباً بالحصول على محتوى الرسائل النصية وكلمات المرور (باسورد) لشبكات الإنترنت والفايسبوك العائدة إلى اللبنانيين، على مساحة كل لبنان، محذراً من أن الموافقة على هذه الاستباحة ستجر المزيد لاحقاً.

وأكد أنه رفع هذا الطلب إلى الأمانة العامة لمجلس الوزراء من أجل درسه، “مع توصية من قبله برفضه ورده، آخذاً على الهيئة القضائية المختصة بالنظر في طلبات الأجهزة الأمنية أنها تكتفي بتسجيل موقف عابر، بينما المطلوب أن تكون أكثر فعالية في صون الدستور وحقوق المواطنين.

It’s weird that the Information Branch is asking for our Facebook password since that means ISPs in Lebanon are actually keeping a log of all passwords we input! Anyway, I hope the government rejects this request and instead agfrees on supplying data related to specific people and during a reasonable time frame.

3

OMT knows more than it should!

I got this SMS from OMT a few days ago informing me that my mecanique fees which are due this month can be paid at some of their branches.

While I know this makes one’s life easier, I can’t but wonder how did OMT know my mecanique fees are due this month? And how exactly did they get hold of my phone number? It’s clear they have a deal with the ministry of finance, but that doesn’t justify giving them such kind of confidential data for marketing purposes!

I’m sure some employees at OMT can make copies of these data, so don’t be surprised if you find them online anytime soon.

5

iPhone applications violating our privacy

I saw that coming the minute a friends of mine showed me two databases that can query all info related to a registered car or phone line (be it mobile or land line) in Lebanon!


That’s how much info you can get by supplying the cars database with a car plate number


The phones database gives less info and can be queried using either the phone number or the number owner

According to Now Lebanon, Blogging Beirut, and Blog Baladi, these two database went online via two mobile applications and are now available to iPhone, iPod, and iPad users on the Apple Store, which is of course a disastrous news for each and everyone of us, as it is a pure invasion of privacy!

The fact that the two databases were stolen from the ministry of interior affairs is nothing weird, but taking advantage of it by a development company is RUDE, and it’s our privacy they’re selling!

Here’s some info about the development company (taken from their domain whois):

Ziad Salameh
DoubleU S.A.L
81St. George Bld. – Maarad Str.
Nejmeh Square ,
Beirut, Downtown, Beirut 00961
Lebanon
(961) 198-8883

Domain Name: UUAPPS.COM
Created on: 04-Mar-10

Please do report the applications to Apple by following Blogging Beirut‘s steps:

  1. Load the App Store
  2. Search for “Lebanon Directory”
  3. Select any of the following apps:
    – Lebanon Directory
    – Lebanon Cars Directory
  4. Click on the “Report a Problem” link in the top right corner
  5. Select either:
    – This application is offensive
    – My concern is not listed here
  6. Enter your Comments, something along the lines of:
    “This application uses a stolen database of confidential personal records from the Interior Ministry of Lebanon. The use of the database outside of the Ministry is illegal. The possession of this data by a non-government agency is illegal.”
  7. Click the blue Report button in the top right corner

http://itunes.apple.com/us/app/lebanon-directory/id389756749?mt=8
http://itunes.apple.com/us/app/lebanon-cars-directory/id394077287?mt=8

15

Powered by WordPress. Designed by WooThemes