WingNews logo WingNews
top | item 43923672

(no title)

leftcenterright | 9 months ago

from an intelligence perspective, this is business as usual.

- Rovio sold data to ad companies (ad companies primarily based in the US)

- They used AWS (to which of course NSA has legal access)

- Data is not end to end encrypted, all metadata sits on servers in plain text and within AWS even moves from server to server in plain text

How much insight metadata can grant to someone like NSA is still wildly underrated.

- https://www.propublica.org/article/spy-agencies-probe-angry-...

discuss

order

adeon|9 months ago

Ah yeah, I saw the propublica as well, it was one of the first articles I found when looking on the topic. I don't doubt at all that Angry Birds data was used by NSA, doesn't seem controversial.

The specific question I am interested in is: Did Rovio knowingly and willingly accept $$$ from NSA (directly or indirectly) to weaken their security? I.e. were they acting as a willing accomplice.

Because that part would be unusual for Finland (well, at least as far as I know). For US companies I wouldn't bat an eye at news like this.

leftcenterright|9 months ago

I think they definitely knew that they are embedding code from US based ad agencies who might either be selling it to the NSA or just doing it in an insecure manner (plaintext protocols).

Mostly in such cases, direct involvement and paying dollars is a clear no-go for the intelligence agencies. They could instead be paying the ad agencies.

Also note that we are talking pre-Let's encrypt and TLS everywhere world, a lot of this traffic was also just plain text making it much easier to harvest.

Some interesting insights from this piece: https://web.archive.org/web/20180719081149/https://theinterc...