Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Victor Gevers Profile picture
@0xDUDE
Mar 2, 2019 33 tweets 12 min read Read on X
Scrolly
Can anyone (from China) identify these Messaging services?

imsg <--...
qg <--...
qqmesg. <--
wwmsg <--...
wxmsg <--...
yymsg <--...

In China, they have a surveillance program on social networks which looks like a jerry-rigged PRISM clone of the NSA.imqq.com
So this social media surveillance program is retrieving (private) messages per province from 6 social platforms and extracts named, ID numbers, ID photos, GPS locations, network information, and all the conversations and file transfers get imported into a large online database.
Around 364 million online profiles and their chats & file transfers get processed daily. Then these accounts get linked to a real ID/person. The data is then distributed over police stations per city/province to separate operators databases with the same surveillance network name
With these "operator databases" the local law enforcement investigate 2600 to 2900 messages and profiles. The name new table per day to keep track of the progress. So they manually review the social media communication (public/private messages).
And the most remarkable part is that this network syncs all this data to open MongoDBs in 18 locations.

"r_Capture_Time" : "2019-03-03 02:58:08.0",
"r_QQMsg" : "2019-03-03 02:58:08 \"ζ°? 、XXX丶ζ说:!收【【【46--48道士号】】】卖的微信XXXXXXXXXXXぁ"
}
The most dialogs which are being monitored are typical teenager conversations. Which conversations need to be reviewed by a human based on "trigger words" is at this moment still not entirely clear. Image
One of the multiple intelligence feeds showing the distribution of triggered events routed to the police stations identified by numbers. It's a very effective way of spreading the workload from a single source to multiple operators. It will require tremendous work ethics as well Image
How many gamers live in China and who many of them are using an internet cafe (or internet bars / netbars) as they are being called there?

It is most likely that this system is only for tracking gamers as most of the sample dialogs appears to be about this subject.
”Most of the internet cafes use management softwares called "网吧管理软件", there are only a few companies develop such software, this is a gray area, the management softwares contains advertising, push notifications, even with ability to push executables to a client.”
The internet cafe management software named "网吧管理软件"

source: lygg.gov.cn/jyxx/003002/00…
Image
Daily roughly 1 billion private messages get selected & routed to the closest "operator" based on geolocation. It's fascinating how quickly new monitoring solutions are deployed in the same way as the old ones were discovered & taken down. Country-based filtering for "protection"
Image
Image
From 240 million messages to over 1 billion private messages per day.
The biggest issue is that this not only for ordering pizza. It is completely hardwired into our lives. Doing "monitoring in a safe way" still appears to be a challenge.
What we have learned from 1.081.231.257 "captured" WeChat dialogues ( 3,784,309,399 messages) made on the 18 March 2019 is that were automatically selected for "reviewing" based on a "keyword" trigger.

Not all the dialogues were in Chinese or only had GPS coordinates in China.
From 3.784.309.399 messages, 3.698.798.784 were written in Chinese.
59.378.236 in English and 26.132.379 in another language. 98% of the Chinese messages had a GPS location in China. 68% of the English messages were sent in China. More than 19 million were sent from outside 🇨🇳 Image
We were able to detect a patron of a little bit more than 800 Chinese keywords (combinations) which would be the selection criteria for having the entire WeChat dialogue being stored in this database for further "analysis" by most likely a law enforcement. Image
We could build a "dictionary" of 829 keywords (combinations) based on the intercepted WeChat messages which were written in English. I was a bit surprised to see my full name "Victor Gevers" in this generated English list. 维克多 葛弗斯 was not in the Chinese keyword list. Image
Using these keywords will not get your account locked. But I you try to send your contact a few messages contains a few hundred of these words then you need to “unblock” your account after a few minutes. Image
Based on the 3,784,309,399 WeChat messages we tried to build a "keyword trigger list" with NLP tools which possibly triggered the automatic selection criteria for having the entire conversation being stored for review.

Image:
Text: i.imgur.com/PWNQEpe.png
pastebin.com/raw/LCPyenzC
Image
From 3.784.309.399 intercepted messages. 59.378.236 were in English.
19 million were sent from outside Mainland China: South Korea, Taiwan, US, Australia, Canada, Colombia, Venezuela, Belgium, France, UK, Germany, Netherlands, Turkey, Italy, Switzerland, New Zealand & Ireland.
Image
Image
I am listening to the @riskybusiness show [], and I hear this at 21:50:

"We've got politicians in Australia who are using WeChat."

Wait!? What? So they can have been one of the 937202 "flagged" conversations recorded in Australia? 🤷‍♂️
Image
512.2 million WeChat accounts (unique wxids) sent 3,784,309,399 messages on 18-03-2019. 1 billion captured WeChat conversations contained keywords which marked for "review". 59.378.236 were written in English.
19 million were sent from 🇰🇷🇹🇼🇺🇸🇦🇺🇨🇦🇨🇴🇻🇪🇧🇪🇫🇷🇬🇧🇩🇪🇳🇱🇹🇷🇮🇹🇨🇭🇳🇿🇮🇪 Image
I wonder why the Australia politicians are willing to take a "calculated" risk when they expose the participants (the Mandarin-speaking community and themselves) to Chinese surveillance by using WeChat for "a novel political experiment."

Source: thesaturdaypaper.com.au/news/politics/…
Image
BBC China social media: WeChat and the Surveillance State
bbc.com/news/blogs-chi…
In the "phrase matching" process the Chinese data scientist student used these Chinese keywords from this wordlist

So we can safely assume that the keyword trigger list is far from complete. So we decided to do this research all over again from scratch... github.com/citizenlab/cha…
Image
A quick status update. The data scientist who created the current keyword list is still MIA. []. We did not make so much progress. Yet new breadcrumbs are slowing surfacing thanks to termination of third party translation services.
github.com/cookiemonster/…
Image
New sources keep contributing to the research into WeChat and other multi-purpose messaging, social media and mobile payment monitoring. Every day new development systems are randomly popping up in China and are sharing data that is all publicly available (in open databases).
Image
Image
Globally, hundreds of millions are consuming information directly produced by Chinese state media—sometimes without knowing it, says @freedomhouse
’s @Sarah_G_Cook.



Social media and multi-purpose messaging apps are being monitored, and controlled.
BREAKING: President @realDonaldTrump orders clampdown on TikTok and WeChat beginning on Sunday, prevents download in the U.S.

After almost a year, @realDonaldTrump signed Executive Order 13943 for addressing the current issues with WeChat. federalregister.gov/documents/2020…
President @realDonaldTrump ordered a ban on eight Chinese apps: Alipay, CamScanner, QQ Wallet, SHAREit, Tencent QQ, VMate, WeChat Pay, and WPS Office.

whitehouse.gov/presidential-a…
"Tencent Executive Held by China Over Links to Corruption Case."

'Zhang Feng has been investigated for alleged unauthorized sharing of personal data collected by WeChat to an ex-official.'

wsj.com/articles/tence…
@threadreaderapp unroll

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Victor Gevers

Victor Gevers Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @0xDUDE

Victor Gevers Profile picture
Jul 4, 2020
I have been looking around in the @parler_app and within the Parler platform. The app lacks basic security like certificate pinning. This makes it easy to take a look under the hood. Most of the accounts are marked as: "human": false". ImageImage
To be able to become human in the Parler, you need to get verified. Users can do this by scanning their U.S. drivers license or Passport within the app. I tried a few times with my Dutch Passport but this failed. Even Parlersupport couldn’t help. So I searched for another way. ImageImageImage
So Parler advertises to be an unbiased social media focused on real user experiences and engagement
I appreciate projects which enable free speech. On Parler, it seems that many celebrities are not 'human'. Most accounts are not verified. But even the verified ones are not human? Image
Read 4 tweets
Victor Gevers Profile picture
Oct 3, 2019
There is this Beijing-based Artificial Intelligence company known as Pensees Technology. They build passwordless, rinky-dink, AI-based security software systems using face recognition, and crowd analysis, which can detect a specific ethnic group from photos and video streams. 🤷🏻‍♂️
Peensees products are used for security applications and use existing face recognition technologies and CCTV cameras. This is a (mockup) dashboard of their open AI R&D environment. It looks like a "SenseNets disaster 2.0" in the making as they have no clue what they are doing. 🤦‍♂️
The issue with these experimental R&D AI/FRT projects is that they use real production systems and data. Realtime security footage from governmental buildings and actual police data sets used in open systems grating access to active third party mass surveillance systems in China.
Read 4 tweets
Victor Gevers Profile picture
Feb 13, 2019
There is this company in China named SenseNets. They make artificial intelligence-based security software systems for face recognition, crowd analysis, and personal verification. And their business IP and millions of records of people tracking data is fully accessible to anyone. Image
This database contains over 2.565.724 records of people with personal information like ID card number (issue & expire date, sex, nation, address, birthday, passphoto, employer and which locations with trackers they have passed in the last 24 hours which is about 6.680.348 records
The database is now "protected" with a firewall rule. Although the suspicion is that all traffic from outside China is blocked for this service. At least the data is not to access the data anymore for outlanders. Image
Read 39 tweets
Victor Gevers Profile picture
Jan 27, 2019
Responsible disclosure #4155 took 3 years, 5 months and 15 days to fix the after effect of the leaked credentials. Some breaches don't have to be big in size (as in the number of records which are exposed) to have a significant impact which can take years to fix. [1/2]
Until recently many 🇷🇺 companies were using MongoDB not securely.
Most of them are reported to the owners. The biggest issue was that @KremlinRussia_E requires remote access to businesses and used the same credentials everywhere as we found them in the thousands of open databases
One of these open databases w these Kremlin credentials was a MongoDB server holding ERDR information by @MVS_UA (RD#5019) which shows that changing a password in a system (where they had remote access) in a country with who how they are in a war with was too much effort for 🇷🇺
Read 6 tweets
Victor Gevers Profile picture
Feb 11, 2018
Looking for 0xDEADFEED to find 0x8BADF00D that went 0xBAAAAAAD.
Maybe it needs to 0xC00010FF to escape this 0xDEAD10CC situation?
Still hunting for unicorns but I only found a pony till now.
Oh I see that @Zeecka_ already found the pony : :-D
"optional, backdoor for tweaking UART config" and "Dup Tag Debug Backdoor Ram Access for CP0/CA0". At least Apple named it what it is in the #iBoot source code :-)
Read 6 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

Send Email!

:(