Uber's secret software blocked foreign law enforcement from retrieving data

By Cal Jeffrey · 6 replies
Jan 11, 2018
Post New Reply
  1. Uber is making headlines once again with another secret software referred to as "Ripley." You may recall the ride-sharing company was the subject of FBI investigations due to its use of computer programs Hell and Greyball. Hell was allegedly used to track and identify drivers who were moonlighting for competing company Lyft. Greyball was software that officials in the firm admittedly used to evade regulators trying to catch Uber drivers who were violating local taxi regulations.

    Now Uber is using Ripley to impede investigations into the company occurring in other countries. According to Bloomberg, the company has used the program to remotely “lockdown” computers in foreign offices to prevent police from retrieving records and information. Officers claim that they have gone through the proper channels to obtain information, but that Uber has shut them out.

    In one example, the Quebec tax authority in Canda tried to seize records from Uber’s Montreal office in 2015. The company was under investigation for tax violations, and authorities had warrants to take any relevant files.

    According to Bloomberg’s sources, Uber managers alerted the San Francisco headquarters of the raid and HQ used Ripley to lock up the computers in the Montreal office.

    “Like managers at Uber’s hundreds of offices abroad, they’d been trained to page a number that alerted specially trained staff at company headquarters in San Francisco. When the call came in, staffers quickly remotely logged off every computer in the Montreal office, making it practically impossible for the authorities to retrieve the company records they’d obtained a warrant to collect. The investigators left without any evidence.”

    Uber subsequently complied with authorities when the judge issued a second warrant.

    “From spring 2015 until late 2016, Uber routinely used Ripley to thwart police raids in foreign countries, say three people with knowledge of the system. “

    The software allegedly allows headquarters personnel to remotely change passwords and log out of any company-owned desktops, laptops, or even smartphones. It was officially called “the unexpected visitor protocol,” but employees who knew about it nicknamed it Ripley after the main character in the Alien movie franchise. Reportedly the name was a reference to a line in the movie Aliens.

    In the film, a squad of troops is wiped out by the aliens, and Ripley says, “Nuke the entire site from orbit. It’s the only way to be sure.”

    Uber defends the use of the software in a statement claiming that it is used to protect customer data and ensure the searches being conducted are legitimate.

    “Like every company with offices around the world, we have security procedures in place to protect corporate and customer data. When it comes to government investigations, it’s our policy to cooperate with all valid searches and requests for data.”

    To be fair, many companies employ similar tactics. Doing so allows executives time to review warrants before granting access to investigators. However, what is out of the ordinary in this case it how frequently Ripley has been employed.

    According to sources, the program was activated more than 24 times in less than a two-year period. In addition to Montreal, Ripley has been executed at offices in Amsterdam, Brussels, Hong Kong, and Paris.

    Permalink to story.

     
    Last edited by a moderator: Jan 12, 2018 at 12:54 AM
  2. psycros

    psycros TS Evangelist Posts: 1,870   +1,289

    No government entity should have the right to simply seize data from a business without the warrant having been examined first by management and their legal counsel. While its clear that Uber is a paranoid and shifty outfit, in this case their *technically* in the right. That assumes their not scrubbing their data before handing it over to law enforcement, of course..and that might well be the case.
     
    lostinlodos, Cal Jeffrey and Reehahs like this.
  3. senketsu

    senketsu TS Maniac Posts: 315   +194

    It's getting to the point where it seem like someone from Uber needs to go to jail.
    I'm a casual follower of Uber though so.....
     
    Cal Jeffrey and Reehahs like this.
  4. kapital98

    kapital98 TS Maniac Posts: 201   +145

    This is flat out wrong. Warrants may be issued at any time. If the information is too sensitive and may be destoryed upon notice, then there should be no advanced notice. This is when they bust down the doors.

    This is common in drug busts. For instance, where the police have direct knowledge of the criminal activity or overwhelming indirect knowledge (for example, controlled buys and informants).

    This is no different in the tech world. For most things, they should be given notice. However, when sensitive information may be intentionally destroyed, then they should not have notice. There is no 'right' to tell a government that their laws don't apply to the company and the company needs to determine if the government has the 'right' to do what the law says. That's just corporate welfare.
     
  5. kapital98

    kapital98 TS Maniac Posts: 201   +145

    Also, if Uber doesn't want to follow a countries laws, the laws they agree to uphold when they operate in that country, then they shouldn't operate in that country.

    Their argument about 'sensitive data' is BS in developed countries. I'd have more sympathy if they were operating in Venezuela or Zimbabwae. Not Canada or the EU.
     
  6. lostinlodos

    lostinlodos TS Enthusiast Posts: 92   +14

    There’s also no governmental right to customer’s data if those customers are not a target of the warrant!
     
  7. ErikNZ

    ErikNZ TS Member Posts: 46   +10

    Unless that data is stored separately from the financial transactions, e.g. in an entirely different database on a different server, it is impossible to sort out that data during the raid. That's not how these things work, entirely servers are confiscated and taken away. O Of course data that is not part of the warrant cannot be used in court but may still very well be seized.

    However, I'd be very surprised if Uber would be using local, on-premise systems and databases - surely they would store their data on cloud infrastructure, with "Ripley" simply being used to close any open workstation access to those systems upon entry?
     

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...