Virginia State cops have blown a fortune on useless cellphone spying gear

050-056c026d-1c66-4d42-9fae-a8

Muckrock has been sending Freedom of Information requests to state police forces to find out how they're using "cell-site simulators" (AKA IMSI catchers/Stingrays), and they hit the motherlode with the Virginia State Police. Read the rest

UK cops beat phone encryption by "mugging" suspect after he unlocked his phone

_92805318_n267-2016-yew

Detectives from Scotland Yard's cybercrime unit decided the easiest way to get around their suspect's careful use of full-disk encryption and strong passphrases on his Iphone was to trail him until he made a call, then "mug" him by snatching his phone and then tasking an officer to continuously swipe at the screen to keep it from going to sleep, which would reactivate the disk encryption. Read the rest

Barnes & Noble's releasing a $50 Android tablet that does all the things Amazon won't let Kindles do

screen_20shot_202016-10-28_20a

Chris Meadows writes, "Barnes & Noble is coming out with a $50 Nook Android tablet, with hardware specs similar to Amazon's $50 Fire. The kicker is, this new Nook tablet will run plain-vanilla Android 6.0 Marshmallow and include the full suite of Google Play apps--unlike the Fire, which only permits installation of those apps Amazon deems suitable. Will this be enough to rescue the ailing Nook brand?" Read the rest

Walmart smears worker-based chat app with lies and scare tactics

workitwalmartgrabs

Workit is an Android app from OUR Walmart, a pro-labor/pro-union organization: it allows Walmart workers to ask questions about Walmart policy and employee rights, which are answered by a database compiled by using IBM's Watson to come up with answers to hundreds of frequently posed questions; questions can also be answered by other users. Read the rest

Your user data is secretly sent to China through a backdoor on some U.S. Android phones

blurgh

Included for free with some Android phones: “a backdoor that sends all your text messages to China every 72 hours.”

Read the rest

Samsung abuses copyright to censor satirical exploding phone Grand Theft Auto mod

gtav_mod

Samsung's got problems: its Galaxy Note devices are bursting into flames, and have been banned from the skies. Read the rest

Every Android device potentially vulnerable to "most serious" Linux escalation attack, ever

mud_cow_racing_-_pacu_jawi_-_w

The Dirty Cow vulnerability dates back to code included in the Linux kernel in 2007, and it can be trivially weaponized into an easy-to-run exploit that allows user-space programs to execute as root, meaning that attackers can take over the entire device by getting their targets to run apps without administrator privileges. Read the rest

The FCC helped create the Stingray problem, now it needs to fix it

og-stingrayfcc

An outstanding post on the EFF's Deeplinks blog by my colleague Ernesto Falcon explains the negligent chain of events that led us into the Stingray disaster, where whole cities are being blanketed in continuous location surveillance, without warrants, public consultation, or due process, thanks to the prevalence of "IMSI catchers" ("Stingrays," "Dirtboxes," "cell-site simulators," etc) that spy indiscriminately on anyone carrying a cellular phone -- something the FCC had a duty to prevent. Read the rest

I have found a secret tunnel that runs underneath the phone companies and emerges in paradise

netgear-fuse

Calyx is a famous, heroic, radical ISP that has been involved in groundbreaking litigation -- they were the first company to ever get a secret Patriot Act warrant unsealed, fighting for 11 years to overturn the gag order. Read the rest

Wishlist for the ultimate music phone

animation

DJ Jesse Jarnow polled a bunch of "hardcore music nerds" to get their feature wish-list for a music-centric phone for Wired; here's what I suggested: Read the rest

Xiaomi phones are pre-backdoored; your apps can be silently overwritten

iC1yJL.kSM3w

Thijs Broenink audited the AnalyticsCore.apk app that ships pre-installed on all Xiaomi phones (Xiaomi has their own Android fork with a different set of preinstalled apps) and discovered that the app, which seemingly serves no useful purpose, allows the manufacturer to silently install other code on your phone, with unlimited privileges and access. Read the rest

Leaked Stingray manual shows how easy warrantless mass surveillance can be!

Screen-Shot-2016-09-12-at-10.16.46-AM-1000x591

The Intercept has got hold of a set of Harris's super-secretive manuals for their even-more-secret Stingray devices: fake cellular towers used to spy indiscriminately on whole populations by hacking their cellphones into giving up identifying information and more. Read the rest

The “Emergency Mode” Every Smartphone Should Have

An emergency phone sign is seen next to the euro sculpture outside headquarters of the European Central Bank  in Frankfurt
Most phones already come equipped with an Airplane Mode for flights, a Do Not Disturb mode for watching movies or ignoring people, and a Low Power mode for when your battery is about to die. But what happens when you’re in an emergency? Read the rest

Thai telcoms regulator wants tourists to use location-tracking SIMs

056c026d-1c66-4d42-9fae-a8e96df290c5-1020x1155

Thailand’s National Broadcasting and Telecommunications Commission has proposed issuing tracking-chips to all visitors to the country, which would allow the government to monitor the movements of all foreign nationals while in-country, in order to "locate them which will help if there are some tourists who overstay or run away (from police)." Read the rest

Web companies can track you -- and price-gouge you -- based on your battery life

6997580445_80f70581c8_b

In Online tracking: A 1-million-site measurement and analysis, eminent Princeton security researchers Steven Englehardt and Arvind Narayanan document the use of device battery levels -- accessible both through mobile platform APIs and HTML5 calls -- to track and identify users who are blocking cookies and other methods of tracking. Read the rest

Ed Snowden and Andrew "bunnie" Huang announce a malware-detecting smartphone case

Acr821342097496832-8341-1024x768

Exiled NSA whistleblower Edward Snowden and legendary hardware hacker Andrew bunnie" Huang have published a paper detailing their new "introspection engine" for the Iphone, an external hardware case that clips over the phone and probes its internal components with a miniature oscilloscope that reads all the radio traffic in and out of the device to see whether malicious software is secretly keeping the radio on after you put it in airplane mode. Read the rest

Baseband vulnerability could mean undetectable, unblockable attacks on mobile phones

Qualcomm_MDM9615

The baseband firmware in your phone is the outermost layer of software, the "bare metal" code that has to be implicitly trusted by the phone's operating system and apps to work; a flaw in that firmware means that attackers can do scary things to your hone that the phone itself can't detect or defend against. Read the rest

More posts