PROMIS SOFTWARE FOUND IN COMPUTERS BELONGING TO THE
ROYAL CANADIAN MOUNTED POLICE

Software open to hackers found in RCMP computers

http://www.nationalpost.com/home/story.html?f=/stories/20000826/372593.html

Rigged with trap doors:
Investigators fear police,
intelligence files compromised

Charlie Gillis
National Post
Illegally produced software suspected to have been vulnerable to hackers has

been found in RCMP computers, the National Post has learned -- a situation
that may have exposed Canadian intelligence files to theft by foreign spies.

Two sources confirmed yesterday that RCMP officers have interviewed them
about a software package called Promis, which is used to store information
and evidence compiled by police, prosecutors and intelligence agencies.

The Mounties told both men that illegal versions of the software had been
found in the RCMP's own databases -- despite the fact the licensed designers
of the package never sold it to them.

"[The investigators] have confirmed to me that they have Promis software in
the RCMP," said John Belton, a former Ontario stockbroker who has researched
the case as part of an unrelated lawsuit.

"They also told me that they have stolen computer software that was
evidently bugged to obtain access by foreign interests to sensitive police
and security related files."

A second source, requesting anonymity, said the RCMP has been looking into
the issue for more than a year, fearing that intelligence files in Canada
may have been compromised.

The case is potentially embarrassing for the Mounties, who routinely compile
intelligence on and evidence that could be of interest to other countries.
Their files include information on individuals who are considered threats to
national security and civil order, such as those linked to terrorist groups,
drug dealers and human smugglers.

Moreover, the RCMP also exchanges information with the country's civilian
spy agency, Canadian Security Intelligence Service (CSIS), whose
intelligence would be of great interest to other countries.

The RCMP confirmed yesterday that it had launched an investigation but
refused to elaborate on its purpose or scope. Nor would it disclose whether
the RCMP had been using Promis or any variation of it.

"But we want to reassure Canadians that, to date, we've found nothing to
indicate that national security was ever compromised," said Staff Sergeant
Mike Gaudet, a spokesman at RCMP headquarters in Ottawa. "Because we're
conducting an investigation I can't tell you any more than that."

The revelations come on the heels of published reports that the RCMP has
launched an investigation into the origin of software found in Canada --
reports the police confirmed yesterday.

An article published yesterday in a Toronto newspaper suggests the program
used here was a pirated version, rigged with a "trap door" to allow American
and Israeli agents to dial in to eavesdrop. The reports did not, however,
say which agencies had made use of the software, only that Canadian
intelligence files were at risk.

CSIS representatives denied yesterday that that agency had ever used a
version of Promis, legal or illegal.

And the director of the agency that oversees CSIS noted that allegations
U.S. operatives had copied versions of Promis and rigged them with trap
doors -- keys that would allow hackers who knew the code to access files
undetected -- first surfaced in 1991. According to published reports at the
time, the copies were then sold to the governments of other countries,
including Canada, Britain and Australia.

"We did ask about it at the time and CSIS investigated," said Susan Pollak
of the Security Intelligence Review Committee in Ottawa. "They looked at all
the angles and reported back that they used no version of the software,
bootlegged or otherwise."

Other branches of the federal government cannot be so sure. The National
Post has obtained copies of a letter sent by Communications Canada to Inslaw
Inc., the Washington-based makers of Promis.

In it, a bureaucrat says some branches of the government are using Promis,
and requests copies of training manuals to go with the program. Another
official with the communications department later told Inslaw by phone that
the RCMP was using the package in its field offices; altogether, the
software was at work in about 900 locations throughout the Canadian
government.

When Bill Hamilton, the owner of Inslaw, called back to inform them he had
no record of software being sold to Canadian agencies, Ottawa began
backtracking. It later claimed that it had mixed Promis up with another
software package of the same name.

-------------------------- eGroups Sponsor -------------------------~-~>
GET A NEXTCARD VISA, in 30 seconds! Get rates
of 2.9% Intro or 9.9% Ongoing APR* and no annual fee!
Apply NOW!
http://click.egroups.com/1/7872/1/_/7016/_/967305465/
---------------------------------------------------------------------_->

==============================================
SPY NEWS is OSINT newsletter
and discussion list associated to
Mario's Cyberspace Station
http://mprofaca.cro.net/mainmenu.html
==============================================
*** NOTICE: In accordance with Title 17 U.S.C.
Section 107, this material is distributed
without profit to SPYNEWS eGroup members
who have expressed a prior interest in receiving
the included information for non-profit research
and educational purposes only.

For more information go to:
http://www.law.cornell.edu/uscode/17/107.shtml

To subscribe SPYNEWS send a blank message:
mailto:spynews-subscribe@egroups.com

To unsubscribe SPYNEWS send a blank message:
mailto:spynews-unsubscribe@egroups.com

Mario Profaca, SPY NEWS eGroup
list owner, editor & moderator
mailto:mprofaca@jagor.srce.hr
mailto:spynews-owner@egroups.com

SPY NEWS home page:
http://www.egroups.com/group/spynews
=============================================