Massive Leak Of Chinese VMS Provider Exposes Xinjiang Surveillance

By Charles Rollet, Published Feb 20, 2019, 08:07am EST

A subsidiary of China’s claimed largest VMS provider is tracking the precise location and ethnicity of millions in China’s Xinjiang region, according to a massive data leak.

The news made headlines around the world, in large part due to a growing international outcry over the Chinese government’s strict surveillance and mass detention of members of the Muslim Uyghur minority in Xinjiang.

xianjiang leak2

In this note, we examine how the leak happened, which video surveillance companies are involved, and other factors, including:

  • What Happened
  • Types of Data Collected
  • Subsidiary Details
  • SenseTime relationship
  • NetPosa Background
  • Intel's Investment
  • Hikvision/Dahua Competition
  • Cybersecurity, Ethics Concerns
  • Impact

Overall, the leak raises significant privacy and human rights concerns about how video surveillance data is processed in China, a country whose firms now dominate much of the video surveillance industry.

What ********

*** ********** *** ******* by ***** ************* ********** Victor ****** [**** ** longer *********] ** ****** ********* *********:

****** **** ** *** gained ************ ****** ** the ******** ** *********, a ********-***** *******, ******* an **********************. *** ******** *** "fully ********** ** ******" from **** **** ***** he ******** *********,****** **** **** **** agency ***, *******:

*** *** ******* *** they **** ********** ** clue ***** ******* ********

****** ** *** ******** was ****** ***** ****** contacted *********, ******* ********** ********* ** *** ******* informing ********* ***** *** to *** ***** ****** concerns ***** *** **** it *********.

 “Muslim *******” *******

****** ******* ******** ********* *** personal **** ** **** 2.5 ******* ******, ********* passport ******, *******, ***, birthday, *** ******** *******. The ******* ****** ********'* ****** *********** and '******** ************ *******', which**** ********* ******* ****** ** checkpoints *** *** ****** areas. ****** ******* *** system *** *********** * "Muslim *******":

Ethnicity ********

**** ****** ** *** database ************** ** ***** *********. ***** **% **** members ** *****’* ****** Han ********, **% **** Uyghur, *** *** **** were ******* ** ***** typically ****** **********, **** as ******* *** *** people.

****: *** ********* ******** is **** ****** **** Chinese ********** *******, *** video ******** / **, though **** *************, *.*.,*********, **** **** ******* / ********* '********' *********.

Location ********

****** ** *** ******** were**** ******* ** ********, ******* ***** **** had ****** **** *** facial *********** ******* **** the **** ** *****.

**** *** ** **** period**** *.* ******* *********** were ******, ********* ** ****** like************ ******** *********** *** known ** **** ********* extensive ****** *********** *******. (See********* **** ******* ********** Forced ****** *********** ****** 967 *******.)

SenseNets *******

*********, ** 深网视界 ** Chinese, ******* “*******-**** **** learning **********” ** ***** surveillance *******, “********** ** the ****** ******** *****,”********* ** ** ******** page ** *** *******. (********** ********** **** *** ****** China's ********.)

************ ******* **** ********* *********** ******** *** “over **%” ********, **** hits ******* ** ***** matched ** “***** *** white *****” ** ********/*********** in **** ****.

** ***** **** ********* released ********* *********** ***** ******* ******* ****** ******** and ******** * ******* in * *** ******* thanks ** ****** *********** including ******** *** **** of *** *******'* ****:

SenseTime ***********

********* ********** ** ****** * ******* ***** 51% ** ******* *** provider********** **% ***********, * ****-***** ******* facial *********** ******* ********** ******** “*** *****’* **** highly ****** ** *******” (it ***  ****** ** $*.* *********** ****.)

*******, ***************** *** ******* ********* ** **** 2018, ******* **** **% of *** ******* ***** by *******. **** *** noted ** ******* ***** in ***** ******** ** the ********* ****, ****** "********* ******** *******" ******** **** *** incident. ** ********** ** ******* *****, ********* ********* ****** from *********, *******:

*** *********** ******* ********* and ********* ** ****** to ******* ********** ********* support *** **** ** their ********, *** **** not ******* ****** ***********. *** product ******* ** *** data **** *** *** provided ** *********… ********* itself **** *** **** customer ****…  ********* *** also ******* **** ******** measures **** ** **** anonymization *** **** **********.

****************, ******* ****** *********'* 'high ************' ****** ****, as * '**** ******* enterprise', **** ********* ******** now, ** * *** 2018 ******** *&* [**** no ****** *********]:

******* *** ********* **** certain *********** ** ***** concept ** **********. ********* has **** ************ *** technology ********** *** ******** depth. ** * **** economy **********, ******* ******* product ******* *** ************. The ****** **** *** on *** ***** ** friendly ************, [*******] **** still ********* **** ********* in ***** ******* ** the ******.

** **********, *********'* '**** requirements' ***** ** **** Netposa's ******* ****.

SenseNets ****** ******* **********

********* *****’* ******* *** provider *** *** ***** largest *** ******** ** the *****,********* ** *** *******, ****** ***. *** flagship *** ** ****** “PVG” ** ***** ***** Gateway [**** ** ****** available].

******* ***** **** ** its ******** **** ********* VMS ******** ** ******* police. ** * *&* session **** ********* ** 2018 [**** ** ****** available], ******* ******:

*** **** ******** ** the ******* ** ****** focused ** ****** ******** customers.

** *** **** *&*, NetPosa **** *** *** was **** ** ***** 3.5 ******* ******* **** by ******* ***********. ** contrast, **** *** ***** seen ******* **** ****** itself ** ***** *******.

******* ****** $*** ******* (*.** ******* ***) ** 2017*** $*** ******* (*.** billion ***) ** *** first ***** [**** ** longer *********]********** ****. ** ** highly **********, **** ** 2017 ****** ****** ** ~23%. *** ******* *** not *** ******** *** 2018 ****** *******.

No ****** ******** *********

**** ***** ** ******** disclosed ******** ********* ******* SenseNets ** ******* ** Xinjiang. *******, **** ******* exist, ** ********* ** the ********* ****.

Hikvision, ***** ** *********** *****

********** *** ********* **** won **** $* ******* projects ** ********, ** ***** ** evidence ** ******* / Sensenets ******* **** ***** or ********* ** ********. We ****** ** ******* since *********** ***** ***** projects *** ************ ******** or ******* **** *** Chinese ********.

Dismiss ***** *** *********

******* *** ********* *** companies ******, *******, ********** them ** * ********* 2018 ******** *&* [**** no ****** *********] **** as *************** ********* ** the *** *****:

*********, *****, *** ***** manufacturers *** ******** ****** have ********* ******** ***** business ** *** ****** and **** *** ** recent *****. *******, *******, as * ******** ******** focusing ** ***** ******** management *********, *** **** doing **** [*** *********] since *** *********… *** company *** * **** project ************** ******* *** customer ****, *** ** familiar **** *** ******** needs ** ******** *****

Intel **********

** ****, *****'* [**** no ****** *********] ********** arm ***** ******* ******** in *******.***** *******'* ****** ********* lits ********* ***** **** ** its *********, ** *** excerpt ***** *****:

**** ***** ****** ***** to **** ****. ******* there *** ***** *** US ********* ** *** supply ********** ** **** applications. ***** ** ******** is ****** ** ***** even **** **********.

******: *****, ** ** email, ****** ** "***** divested" **** ******* ** 2016.

NetPosa ****** ******* ***

******** ******* **** ** **********, *** ** ********** are *******. ** ** best ***** *** ******* out **** ****** ** manufacturer ******* ** ****, something ***** ******* **** NetPosa **** ******** **** $200 ******* ** ******* (see****** ******* ***** ***********).

Cybersecurity, ****** ******** ******

*** ********* **** ****** up **** *************, *******, and ****** ********.

*** **** **** ******* was **** ** ****** the ********* ******** ** easily ** * **** violation ** ***** ************* and ******* **********. *** researcher *** ******** *** database **** ****** ** could **** ******* ** destroyed *** ** *** data“**** *** *******”.

** ***** ** ******, the **** **** ********** authorities **** ********** **** on *******’ ********* *** location – **** ******* mosque ********** – ** a **** ******* ******. Going ** *** ****** ‘too *****’ ************ *** ** *** reasons******* **** **** ** China’s******* ******* ** “**-*********” camps ** ********.

*** ********* ******** **** brings ** *** ********* concerns **** *********’ ******* is **** ** *** Integrated ***** ********** ********, a ******** ********** ************ system ********** ****** ***** ****** **** ** **** troublesome ********** *** ********* in *** *****.

******

*** ********* **** ********* in ************* ****** *** invasiveness ** ******** ************ state *** *** *** Chinese ********** *** ********* video ************/****** *********** ** achieve ****.

** *** ****, ******* it ************** ********, **** **** ********** remains * **** ********* for ***********. *******, ** China,* ***-***** ************* *****, **** ****** *** simply ***********. ***** ** a *********** ************ **** for *** ***** ************ industry ** *** ******* state ***** ******* ****** Xinjiang *** *****.

**** ******* *** ** SenseNets *** ******* *** comment *** *** *** receive * *****, ** will ****** ** ** do.

Comments (23)

I have no problem with AI one day achieving the ability to track every detail imagined. If only humans from the future can come back in time to educate all the paranoid perspectives, freedom and justice thinkers of our time. Evolution is in progress. You can try to hang onto your corn field and carbureted ford truck but that will only last so long.

Congratulations China, thanks for leading us into the future. 

Agree
Disagree: 25
Informative
Unhelpful: 8
Funny: 3

"You can try to hang onto your corn field and carbureted ford truck"

this is fundamentally wrong.

what modern day humans in democratic societies (unlike China) are trying to hold on to is basic  human dignity as individuals.

 

Agree: 15
Disagree: 1
Informative
Unhelpful
Funny

Irony: A guy posting undisclosed in praise of a massive data leak from an authoritarian government torturing its own citizens in concentration camps.

Agree: 21
Disagree
Informative: 1
Unhelpful
Funny: 7

IPVMUndisclosed #1 here, glad to be of assistance. You too are somewhat undisclosed as those in china are not able to access IPVM.COM, so those here can exhibit any perspective uninhibited, freely and without restraint of the authoritarian government you so despise nor fear that some day AI China will outsource concentration camps to America. 

IMHO, I know you like controversy but some times you need to put that Alex Jones Bong down!

Still Undisclosed and for the Horde!, that is what I like about IPVM. Thanks for the freedom JH.

Agree
Disagree: 3
Informative
Unhelpful: 5
Funny

You too are somewhat undisclosed as those in china are not able to access IPVM.COM, so those here can exhibit any perspective uninhibited, freely and without restraint of the authoritarian government

You are a comedian!

Related: Chinese Government Blocks IPVM

Btw, as a point of a fact, those in China can access blocked sites like the BBC, WSJ, and IPVM if they have an authorized VPN but that's another story...

Agree: 2
Disagree
Informative
Unhelpful
Funny

If an AI could do the work of running such a camp, why would it outsource it ? Would that not go against a centralised database and fragmented control ?

Not stirring, genuinely curious.

Agree: 1
Disagree
Informative
Unhelpful
Funny

Perhaps a source segmented analysis is needed to survey option comparison a single/sole source database. This can be achieved by AI matrices multiplication instances agreeing on a live negotiated environmental structural sparse mode datacasting. Aka China Spy vs. Other spy binary combat.

Excuse, but I am now indulgent on my 3rd Pliny the Elder so I can no longer draw accurate boot strap diagrams on a brewery napkin.

Let's circle back tomorrow, once I am back in the 220+ IQ state of mind.  <insert trolls>.

Ciao~!

Edit:  I am so going to get some Asian fusion tonight, thanks IPVM.  

Yum:https://www.yelp.com/biz/teo-chow-noodle-shack-fremont

 

….exiting sparse mode environment expiration from fa0/0.

Agree
Disagree
Informative
Unhelpful: 5
Funny

Suggest you educate yourself on the Stasi, there are endless ways that this information can be used for corrupt purposes and soon governments won't even need the army of informants

https://en.wikipedia.org/wiki/Stasi

Agree: 2
Disagree
Informative
Unhelpful
Funny

You could trust AI(possibly computable). Perhaps you can trust the next MEDIA-ocre policy to unify confused argumentative intellectual pragmatic decision makers with zero day exploits on human rights circa 2019. 

I would rather obligate non bias mathematical conclusions with an AI inhibitor as a strategic committee to help me get out of the cyclic "we smart monkey" syndrome.

Stop moving so fast without an in-depth calculation review. Bias only accrues the 11th hour clock.

Agree
Disagree
Informative
Unhelpful: 2
Funny

The Stasi used HUMINT as their primary means of oppression...  because that was all they had way back when.

Now, modern day SIGINT and MASINT schemes are being used to oppress citizen dissent - expanding the footprint (unchecked) of the old school Stasi-like ideologues.

except now 'they' have better tools with which to implement their undemocratic schemes. 

we live in rough times people.

Agree: 2
Disagree
Informative: 1
Unhelpful
Funny

Congratulations China, thanks for leading us into the future.

I have seen the future, it’s not pretty

Agree
Disagree
Informative
Unhelpful
Funny

Evolution is progress, but chaos reigns supreme.  You are making the assumption that all movement forward is positive.  You may want to read up on the fall of Rome, the contributors to the fall, and the result.  

Agree: 1
Disagree
Informative
Unhelpful
Funny

Good luck with that. Western education seems to be pushing the panacea of socialism these days. 

Agree: 1
Disagree
Informative
Unhelpful
Funny

"Western education seems to be pushing the panacea of socialism these days."

While I agree with this sentiment (and have a teenager that I am deathly afraid of sending off to college in a few years) - I think that what you speak of is actually just a symptom of the actual problem driving most of the 50/50 split in our current societal ideological platforms:

Morality.

Both sides imagine that 'history will prove that they were clearly the morally superior group' when looked back upon 50 years from now.

Each side is taking on the mantle of the 'morally correct' - which, of course, allows for no common ground with the 'other side'.

you can't make peace with satan.... instead, satan must be destroyed.

these are dangerous times we live in my friends.

Agree: 1
Disagree
Informative
Unhelpful
Funny

Interesting article, and very informative.

Hopefully SenseNet or NetPosa do respond, but I would not hold my breathe.

 

Their promotional video however, was something straight out of Person of Interest.

I would have a hard time believing that they are using technology that is so phantasmagorical. Plus, the video didn't show how they used cameras to see into the patients room.

Agree
Disagree
Informative: 1
Unhelpful
Funny

Update: section added on Intel

Intel Investment

In 2010, Intel's investment arm Intel Capital invested in Netposa. Intel Capital's online portfolio lits Netposa as still part of its portfolio, as the excerpt below shows:

This could expose Intel to some risk. Already there are calls for US companies to not supply technology to such applications. Being an investor is likely to raise even more objections.

Agree: 1
Disagree
Informative: 4
Unhelpful
Funny

If the data is not held, it cannot be used, abused or manipulated!

there have been some big kick-backs against badly implemented facial recognition trials in the UK. (Such as thoseby the Met Police). Others have been an amazing success...

One question remains... 

Quis custodiet ipsos custodes
Agree
Disagree
Informative
Unhelpful
Funny

This guy.

Agree
Disagree
Informative
Unhelpful
Funny: 1

I think all the posts here have missed the important point of the promotional video above.

The guy on the run was a New York Yankees fan.  Having a database being able to track them at all times might not be a bad idea.

Agree
Disagree
Informative
Unhelpful
Funny: 7

I believe the crime they tracked him for was having a beard. 

Agree
Disagree
Informative
Unhelpful
Funny

Update, in an email, Intel states that it "fully divested" from NetPosa in 2016. 

Agree
Disagree
Informative
Unhelpful
Funny

That may be true, but it looks as if even as late as Q4 of 2017 they were still working with one another, or at least that Intel has been supplying/selling equipment to them for their NetPosa Storage.

Agree
Disagree
Informative
Unhelpful
Funny

Looks like database security in China is not particularly well conceived.

https://thehackernews.com/2019/01/mongodb-chinese-database.html

So we now wonder how many other "MongoDB" are open to the eyes of everyone.

 

Agree
Disagree
Informative
Unhelpful
Funny
Read this IPVM report for free.

This article is part of IPVM's 7,203 reports and 959 tests and is only available to subscribers. To get a one-time preview of our work, enter your work email to access the full article.

Already a subscriber? Login here | Join now
Loading Related Reports