Blue Coat and Stonesoft Surveillance Software: Admissions and Denials

Steps away from the Narus booth on the RSA Expo floor was the booth for Stonesoft. This Finnish company develops and sells commercial security software including deep inspection technology.

QuickTime PlayerScreenSnapz033

Our source had heard a rumor that the U.S. State Department uses Stonesoft to prevent WikiLeaks from being accessed by its employees. When asked, the Stonesoft representative readily admitted this was true. He did the coding! It does not block each and every WikiLeaks document, just the landing pages of WikiLeaks mirror sites. But still…

Down the way from Stonesoft was the booth of Blue Coat, the Silicon Valley-based company which got caught with its surveillance software in use by the Assad regime in Syria. Our friends at the Citizen Lab did a ground-breaking report about Blue Coat a few months ago, and that in turn generated a New York Times story about Blue Coat and cyber-surveillance in Syria.

QuickTime PlayerScreenSnapz031

The Wall Street Journal did its own investigation confirming Blue Coat’s devices were recording and/or blocking a huge amount of Internet traffic inside Syria, especially among opposition activists.

Blue Coat blamed its distributor in Dubai for re-selling to Syria, instead of Iraq, the intended buyer. Their representative said Blue Coat requires clients to declare the end user of their products abroad. However, as with arms sales, it’s easy to route goods through third parties or re-sellers.

Google ChromeScreenSnapz001

The Blue Coat representative conceded its proxy servers can still be found inside Syria but their capabilities are turned off. We are looking into this now with the help of a malware researcher.

When asked if Blue Coat sells to repressive regimes such as Bahrain, the representative pointed to the official U.S. sanction list as being their litmus test. Those trade restrictions may be strict when it comes to North Korea and Cuba, but are less so for other countries. Enforcement is notoriously spotty. And those trade sanctions do not include Bahrain. Our friends at Bahrain Watch will be watching, we’re sure.