"Lorenzo Franceschi-Bicchierai"

Insiders claim that Google's internet-fixing Jigsaw is a toxic vanity project for its founder, where women keep a secret post-crying touchup kit in the bathroom

In 2016, Google announced that it was renaming its small Google Ideas unit to "Jigsaw," giving the new unit a much broader, "wildly ambitious" mandate: to tackle "surveillance, extremist indoctrination, and censorship." Read the rest

Notorious forum for account-thieves hacked, login and messages stolen and dumped

OG Users is a forum for people who steal login credentials for online services, mostly to sell desirable login-names for popular services like Instagram; it attained notoriety when Motherboard's Lorenzo Franceschi-Bicchierai linked the forum to an epidemic of SIM-swapping attacks; a few months later, the Reply All podcast devoted an episode to the forum. Read the rest

Discovering whether your Iphone has been hacked is nearly impossible thanks to Apple's walled garden

This week, we learned that the notorious Israeli cyber-arms-dealer NSO Group had figured out how hijack your Iphone or Android phone by placing a simple Whatsapp call, an attack that would work even if you don't answer the call. Read the rest

DOJ accuses Verizon and AT&T employees of participating in SIM-swap identity theft crimes

The DOJ has indicted three former Verizon and AT&T employees for alleged membership in a crime-ring known as the "The Community"; the indictment says the telco employees helped their confederates undertake "port-out" scams (AKA "SIM-swapping" AKA "SIM hijacking"), which allowed criminals to gain control over targets' phone numbers, thereby receiving SMS-based two-factor authentication codes. Read the rest

Google mistakenly started handing out a reporter's cellphone number to people searching for Facebook tech support

If Facebook is broken for you in some way large or small, you can't call them to complain -- the company doesn't have a customer service number, it has a "support portal" for people suffering with the service, which combines the worst of autoresponders with the worst of underpaid, three-ring-binder constrained support staff to make a system that runs like a cost-conscious version of Kafka's "The Trial." Read the rest

Vulnerabilities in GPS fleet-tracking tools let attackers track and immobilize cars en masse

Itrack and Protrack are commercial devices for tracking fleets of commercial vehicles; they can be configured to allow for remote killswitching of the cars' engines, presumably as a theft-prevention measure. Read the rest

Trump and Twitter CEO Jack Dorsey held a closed-door meeting

Said Dorsey to staff: “Some of you will be very supportive of our meeting [with] the president, and some of you might feel we shouldn’t take this meeting at all." Read the rest

Unnamed stalkerware company has left gigabytes of sensitive personal info unprotected on the web and can't be reached to fix it

Security researcher Cian Heasley discovered an unprotected online storage folder accessible via the web that contains all the data that stalkers and snoops took from their victims' devices via a commercial program that steals photos and recordings from their devices. Read the rest

Facebook forces you to expose your phone number to the whole world in order to turn on two-factor authentication

Last September, Facebook drew fire for abusing the phone numbers users provided for two-factor authentication messages, sending spam advertising messages over the same channel -- now, rather than reforming its ways, Facebook has doubled down on poisoning the security well, by adding a no-opt-out policy of allowing anyone in the world to search for you by phone number if you provide that number for two-factor auth. Read the rest

Lawsuit: US citizen suing CBP for coercing him into unlocking his phone during boarding at LAX

Haisam Elsharkawi is a US citizen of Egyptian descent who was travelling to Mecca in 2017 when he was pulled out the boarding line for his flight from LAX by CBP agents who demanded that he unlock his phones; when he refused and asked for a lawyer, he was handcuffed and taken to an interrogation room where he was questioned and bullied until he unlocked his phones; the CBP officers spent 15 minutes paging through his emails, making snarky remarks about his Amazon purchase history and how many unread emails he had, and then let him go. Read the rest

Italian prosecutors have given up on catching the person who hacked and destroyed Hacking Team

Hacking Team (previously) was an Italian company that developed cyberweapons that it sold to oppressive government around the world, to be used against their own citizens to monitor and suppress political oppositions; in 2015, a hacker calling themselves "Phineas Fisher" hacked and dumped hundreds of gigabytes' worth of internal Hacking Team data, effectively killing the company. Read the rest

State surveillance company leaked its own data, its customers' data, and its customers' victims' data

Wolf Intelligence is a German state surveillanceware company founded by Manish Kumar, selling tools that independent researchers described as "very shitty and it’s just copy paste from open source projects," used by governments to spy on their citizens. Read the rest

A detailed anatomy of the hack that compromised Facebook's 50 million user breach

Yesterday, at least 90,000,000 Facebook users were forced to log back into the service without any explanation; later, the company revealed that at least 50,000,000 of them had been hacked, but wouldn't say how. Read the rest

Evidence of NSO Group surveillance products found in 45 countries, including notorious human-rights abusers

Researchers from the University of Toronto's outstanding Citizen Lab (previously) have published their latest research on the notorious and prolific Israeli cyber-arms-dealer The NSO Group (previously), one of the world's go-to suppliers for tools used by despots to spy on dissidents and opposition figures, often as a prelude to their imprisonment, torture and murder. Read the rest

The most popular "privacy" tool in Apple's Mac App Store was stealing users' browsing history and sending it to China

Apple pioneered the idea of "app stores," where operating system vendors got to decide who could distribute software that ran on their platforms, arguing that these "curated" stores would ensure high quality and protect users from malicious and inferior code. Read the rest

The company you hired to snoop on your kids' phones uploaded all their data to an unprotected website

As you might imagine, Spyfone is a company that offers to spy on other peoples' phones for you: its major market is parents and bosses who infect and surveil the phones their kids/minions use, peeking on their texts, emails, Facebook messages, passwords, photos, browsing history, etc. Read the rest

Qanon "codes" are consistent with an English-speaker mashing a QWERTY keyboard

Qanon (previously) is an eye-wateringly stupid far-right conspiracy theory whose proponents spend hours trying to decode alleged ciphertexts created by the cult's leader or leaders. Read the rest

Next page

:)