Zahlenn bitte! 8778 hectares or worldwide monitoring: The Hacienda program
The British GCHQ used software called Hacienda to spy on many countries across the globe. When the global conquest came out, there was an uproar.
(Image: heise online)
Whether intelligence agencies have a sense of humor was clarified 10 years ago thanks to the documents collected by Edward Snowden. The British Secret Service GCHQ called its comprehensive port scan of entire countries Hacienda, after an old Mexican area measurement that corresponds to around 8778 hectares.
Canada, which is part of the Five Eyes (a partnership of intelligence services from various countries), called the search for open servers (operational relay boxes) Landmark, which can be translated as a landmark. The evaluation program was called Olympia because people from all countries come together at the Olympic Games. Ten years ago, TCP Stealth was therefore submitted to the Internet Engineering Task Force (IETF) as a protective measure against such nationwide attacks.
Videos by heise
Excitement about espionage among friends
O tempora, o mores: The fact that the British Secret Service GCHQ had leaked internet and telephone data from Germany directly to the overseas cable in Buke, UK, during Operation Tempora caused a brief diplomatic upset in 2013. The German government condemned the action and raised questions.
Thebasic procedure for covert TCP communicationwas published by Craig H. Rowland on First Monday back in 1997. Today, he is the founder and head of Sandfly Security, a company specializing in the security of Linux servers.
(Image:Â CC BY-SA 4.0, Dechurintzio)
Linux as a demonstration operating system was also in play when researchers at the Technical University of Munich published the antidote called TCP Health, which was successfully defended as a master's thesis by Julian Kirsch under the then Emmy Noether Professor Christian Grothoff. Also involved: Jacob Appelbaum from the Tor Project andHolger Kenn from Microsoft.
TCP Stealth as a defense against espionage
TCP Stealth (PDF) was submitted to the IETF as an interim solution against surveillance by GCHQ and the like. TCP Stealth should make the use of port scanners such as Nmap more difficult by carrying out a special authentication of servers with a secret key. If this is missing for a port scan request, the server does not respond and therefore does not exist.
According to the documents handed over by Snowden, the British GCHQ boasted in 2009 that it had already completely scanned 27 countries. Further Hacienda operations were to follow. Canada planned three to four raids of this kind per year. Nothing less than the "complete colonization of the network" was in mind.
Every open door was to be exploited for use as an Operational Relay Box (ORB). These ORBs conceal the real location of an attacker and are to be used for covert actions so that network attacks cannot be attributed to one of the Five Eyes (USA, UK, Canada, New Zealand and Australia).
Excitement quickly died down
In 2014, the furor over the "Snowden Files" made public by whistleblower Edward Snowden had already died down: The German government at the time proudly published its "Digital Agenda 2014-2017" with the expansion of nationwide high-speed networks and a call for technological sovereignty. (The Digital Summit 2024 in Frankfurt/Main is also coyly using this buzzword.) Only security experts are now concerned with the comprehensive port scanning of entire countries, as described in the Hacienda project published by Snowden.
Even if TCP Stealth has not been able to establish itself, it is still one of the many ideas used by netizens to evade colonization by the secret services. Even 8778 hectares cannot be harvested in one day.
(dahe)
