"On the issue of repressive regimes, Hacking Team goes to great lengths to assure that our software is not sold to governments that are blacklisted by the EU, the US, NATO, and similar international organizations or any "repressive regime."
"Hacking Team has made a number of statements that seem intended to reassure the public, as well as potential regulators, that they conduct effective due diligence and self-regulation regarding their clients, and the human rights impact of their products," the Citizen Lab researchers report on Monday. "They also market their RCS product as untraceable. Our research suggests that both of these claims ring hollow."
"Our research reveals that the RCS collection infrastructure uses a proxy-chaining technique, roughly analogous to that used by general-purpose anonymity solutions like Tor, in that multiple hops are used to anonymize the destination of information," reads the report. "Despite this technique, we are still able to map out many of these chains and their endpoints using a specialized analysis." Citizen Lab researchers explained.
"We have established an outside panel of technical experts and legal advisors, unique in our industry that reviews potential sales. This panel reports directly to the board of directors regarding proposed sales."
"If the Ethiopian government is not a Hacking Team customer, then I would sure like to know how their tools wound up being used to spy on Ethiopian journalists."