Friday, May 12, 2017

Apple iPatch

It's amazing what you find when you look under them sometimes:

"Apple issues iOS patch to thwart powerful spyware" by Raphael Satter and Daniella Cheslow Associated Press  August 25, 2016

PARIS — A botched attempt to break into the iPhone of an Arab activist using hitherto unknown espionage software has trigged a global upgrade of Apple’s mobile operating system, researchers said Thursday.

The spyware took advantage of three previously undisclosed weaknesses in Apple’s mobile operating system to take complete control of iPhone devices, according to reports published by the San Francisco-based Lookout smartphone security company and Internet watchdog group Citizen Lab. Both reports fingered the NSO Group, an Israeli company with a reputation for flying under the radar, as the author of the spyware.

So in addition to the CIA, which made the hacking tools available to anyone, we have Israeli firms flying under the radar -- and yet my paper is full of it was the Russians, Chinese, Iranians, Koreans, and whatever other enemy dugout fits the bill.

‘‘The threat actor has never been caught before,’’ said Mike Murray, a researcher with Lookout, describing the program as ‘‘the most sophisticated spyware package we have seen in the market.’’

Like most things, they are at the bottom (or top, if you will) of it.

The reports issued by Lookout and Citizen Lab — based at the University of Toronto’s Munk School of Global Affairs — outlined how an iPhone could be completely compromised with the tap of a finger, a trick so coveted in the world of cyberespionage that in November a spyware broker said it had paid a $1 million dollar bounty to programmers who had found a way to do it. Such a compromise would give hackers full control over the phone, allowing them to eavesdrop on calls, harvest messages, activate cameras and microphones, and drain the device of its personal data.

Arie van Deursen, a professor of software engineering at Delft University of Technology in the Netherlands, said both reports were credible and disturbing. Forensics expert Jonathan Zdziarski described the malicious program as a ‘‘serious piece of spyware.’’

Apple said in a statement that it fixed the vulnerability immediately after learning about it, but the security hole may have gone unpatched had it not been for the wariness of an embattled human rights activist in the United Arab Emirates.

All the tech has government trapdoors in them, don't they?

Ahmed Mansoor, a well-known human rights defender, first alerted Citizen Lab to the spyware after receiving an unusual text message on Aug. 10. Promising to reveal details about torture in the United Arab Emirates’ prisons, the unknown sender included a suspicious-looking link at the bottom of the message.

Mansoor wasn’t convinced. Not only had he been imprisoned, beaten, robbed, and had his passport confiscated by the authorities over the years, Mansoor had also repeatedly found himself in the crosshairs of electronic eavesdropping operations. In fact Mansoor already had the dubious distinction of having weathered attacks from two separate brands of commercial spyware. And when he shared the suspicious text with Citizen Lab researcher Bill Marczak, they realized he had been targeted by a third.

Marczak, who’d already been looking into the NSO Group, said he and fellow researcher John Scott-Railton turned to Lookout for help picking apart the malicious program, a process that Murray compared to ‘‘defusing a bomb.’’

‘‘It is amazing the level they’ve gone through to avoid detection,’’ he said of the software’s makers. ‘‘They have a hair-trigger self-destruct.’’

Working feverishly over a two-week period, the researchers found that Mansoor had been targeted by an unusually sophisticated piece of software that likely cost a small fortune to arm.

‘‘Ahmed Mansoor is a million-dollar human rights defender,’’ Scott-Railton said.

In a statement that stopped short of acknowledging that the spyware was its own, the NSO Group said its mission was to provide ‘‘authorized governments with technology that helps them combat terror and crime.’’

The company said it had no knowledge of any particular incidents. It said it would not make any further comment."

Related: Mexican Bubbly

So who do you think sent the texts to NATO and the Ukraine?

"Ukraine soldiers bombarded by ‘pinpoint propaganda’ texts" by Raphael Satter Associated Press  May 12, 2017

KIEV, Ukraine — The threats and disinformation represent a new form of information warfare, the 21st-century equivalent of dropping leaflets on the battlefield.

It's ‘‘pinpoint propaganda.’’ 

The Associated Press has found that the messages are almost certainly being sent through cell site simulators, surveillance tools long used by US law enforcement to track suspects’ cellphones.

Hanging out at the water cooler where they?

Photos, video, leaked documents, and other clues gathered by Ukrainian journalists suggest the equipment may have been supplied by the Kremlin.

Uh-huh.

Cell site simulators work by impersonating cellphone towers, allowing them to intercept or even fake data. Heath Hardman, a former US Marines signals analyst who operated the devices in Iraq and Afghanistan, said they were routinely used to hunt insurgents.

Sending mass text messages in wartime isn’t entirely new. Israelis have sent mass texts to urge evacuations in Gaza, for example, while the Islamic militant group Hamas sent threatening messages to random Israelis in 2009....

Yeah, right!! The false flags blamed on Palestinians were threats while Israel's were pure humanitarian. Says who?

--more--"

Related:

"Hamas arrests suspect in military commander’s slaying" Associated Press  May 12, 2017

GAZA CITY, Gaza Strip — Hamas’s new supreme leader announced on Thursday the arrest of the man believed responsible for the mysterious shooting death of one of his organization’s top military commanders in March, a breakthrough in a case that has embarrassed and shocked the Islamic militant group.

Hamas hopes the arrest will shore up its standing with the public at a time when it has been weakened by the shooting, an economic crisis, and rising tensions with the rival Palestinian Authority. Accusing Israel of orchestrating the assassination, Hamas declared victory and scheduled celebratory rallies across Gaza.

Ismail Haniyeh, who was named the head of Hamas’s political bureau last week, announced the arrest at a hastily scheduled news conference. He declined to identify the suspect but implied he was a Palestinian who had collaborated with Israel.

“All the evidence we have indicates that the perpetrator committed this crime based on orders from the Israeli occupation,” Haniyeh said. More details will be released in the coming days, he added, noting that the suspect would face execution.

Mazen Faqha was killed in the garage of his apartment building in March.

He must not have gotten the text.

--more--"

And who do they cast aspersions at?

"Kaspersky Lab gets thumbs down" by Dan Adams Globe Staff  May 12, 2017

On Thursday morning, the eyes of the world were trained on a tense Capitol Hill hearing room, where the new acting director of the FBI testified before the US Senate Select Committee on Intelligence about Russian meddling and the firing of FBI Director James Comey.

That is either over the top hyperbole or naked elitism on display there.

Against that charged backdrop, the spotlight unexpectedly turned to Kaspersky Lab, a prominent Russian cybersecurity company whose US headquarters are in Woburn.

“Would any one of you be comfortable with Kaspersky Lab’s software on your computers?” Florida Senator Marco Rubio asked the assembled intelligence leaders.

“A resounding ‘no’ for me,” said Dan Coats, the director of national intelligence. His five colleagues concurred, in turn. “No.” “No, senator.” “No, sir.” “No, senator.” “No, sir.”

It was the ultimate anti-endorsement — on a world stage.

Kaspersky Lab — a well-known and respected company that once sponsored a Patriots post-game radio show — makes antivirus programs and other cybersecurity products widely used by consumers, corporations, and even government agencies.

Its founder, Eugene Kaspersky, has had to repeatedly refute stories alleging the company worked on behalf of Russian security services. But it’s come under renewed scrutiny amid an FBI probe of possible Russian meddling in the US presidential election.

ABC News reported earlier this week the FBI has reinvigorated a long-running investigation into whether the cyber firm “maintains any troubling relationships with the Russian government.”

And at Thursday’s hearing, several other senators expressed concern that Moscow might use Kaspersky products to attack or spy on American networks.

I'd be more worried about NSO and CIA, senator. They could blackmail you, too.

In response, National Security Agency director Mike Rogers said he was “personally involved” in monitoring the Kaspersky issue, while Defense Intelligence Agency director Vincent Stewart said, “We are tracking Kaspersky and their software.”

Must be why so many other hackers are slipping through.

None of the US officials disclosed what information about Kaspersky Lab motivated their suspicions, nor did they cite any cases in which Kaspersky Lab’s products were used maliciously.

That's because, like with Russia hacking the election, there is no evidence. Instead they let the unsubstantiated accusation linger. 

Coincidentally, while the officials were testifying in the Senate, Eugene Kaspersky himself was conducting a live question-and-answer session on the social media site Reddit. Users immediately pounced on the remarks from the intelligence chiefs and posed them to Kaspersky.

“I respectfully disagree with their opinion, and I’m very sorry these gentlemen can’t use the best software on the market because of political reasons,” Kaspersky wrote. He also offered to testify before the Senate and said the officials’ remarks came “without any real reason or evidence of wrongdoing from our side.”

That's what they do up there!

Public attention on the company was renewed in December, when Russian authorities arrested Ruslan Stoyanov, the company’s computer incidents investigation team leader, and charged him with treason for allegedly passing state secrets to American firms before he joined Kaspersky in 2012.

Somehow that now becomes Russia spied on U.S.!!!

Senators at the hearing Thursday also asked the intelligence chiefs whether the US government used Kaspersky software to protect intelligence and defense computer networks.

“There is, as far as I know, no Kaspersky software on our networks,” Stewart testified. But he said he could not rule out that intelligence contractors with access to sensitive information might use the company’s programs....

It's probably the most secure information information under government access in the country.

--more--"

I would trust them before any CIA Silicon Valley start-up or any $elf-$erving software security firm, sorry.

So where do you think the hackers are being trained?