How can spies from democracies compete with spies from autocracies?

Economist international editor Edward Lucas devotes 4,000+ words in the new issue of Foreign Policy to the changing landscape of state espionage in the 21st century; it's not particularly well-organized (if there's a reason for the order in which his thoughts are laid out, I couldn't find it), but despite that, it's well worth a read, even if there's lots I don't agree with here. Read the rest

Discovering whether your Iphone has been hacked is nearly impossible thanks to Apple's walled garden

This week, we learned that the notorious Israeli cyber-arms-dealer NSO Group had figured out how hijack your Iphone or Android phone by placing a simple Whatsapp call, an attack that would work even if you don't answer the call. Read the rest

European telcos want the right to perform "deep packet inspection" on our data

[Austria's Epicentre Works is an incredibly effective European digital rights group, most famous for getting the EU's Data Retention Directive struck down; now, they're raising the alarm about a move to relax the EU's Net Neutrality rules to allow ISPs to conduct fine-grained surveillance and discrimination against services that aren't in bed with ISPs. I'm happy to provide Epicenter Works's Thomas Lohninger a space to highlight the group's efforts -Cory]

Today 45 NGOs, Academics and Companies from 15 countries released an open letter outlining the dangers of the wide-spread use of privacy invasive Deep Packet Inspection technology in the European Union. The letter is referencing the ongoing negotiations about Europes new net neutrality rules in which some telecom regulators are pushing for the legalization of DPI technology. Read the rest

Lawyer involved in suits against Israel's most notorious cyber-arms dealer targeted by its weapons, delivered through a terrifying Whatsapp vulnerability

NSO Group is a notorious Israeli cyber-arms dealer whose long trail of sleaze has been thoroughly documented by the University of Toronto's Citizen Lab (which may or may not be related to an attempt to infiltrate Citizen Lab undertaken by a retired Israeli spy); NSO has been implicated in the murder and dismemberment of the dissident Saudi journalist Jamal Khashoggi (just one of the brutal dictatorships who've availed themselves of NSO tools), and there seems to be no cause too petty for their clients, which is why their malware has been used to target anti-soda activists in Mexico. Read the rest

Zuckerberg announces a comprehensive plan for a new, privacy-focused Facebook, but fails to mention data sharing and ad targeting

Mark Zuckerberg's 3,000 word blog post about his plan to create a parallel set of Facebook services that contain long-overdue privacy protections has plenty to please both the regulators who are increasingly ready to fine the company billions and possibly even break it up, but also privacy advocates who will rightly cheer the announcement that the service will be increasing its end-to-end encryption offerings, only storing data in countries with good track records on human rights and the rule of law, and allowing users to mark some of their conversations as ephemeral, designed to be permanently deleted after a short while. Read the rest

Bowing to public pressure, Coinbase announces it will "transition out" the ex-Hacking Team cybermercenaries whose company it just bought

The cryptocurrency service Coinbase recently acquired Neutrino, a forensics startup founded by cybermercenaries who were left unemployed by the collapse of the company Hacking Team, following a dump of internal documents that revealed the company's enthusiastic and highly profitable complicity in human rights abuses by the world's most torture- and murder-happy autocrats and dictators. Read the rest

A finance industry group is pushing an intentionally broken cryptography "standard" called ETS

ETS was originally called "Enterprise TLS," implying that it was an "enterprise-grade" version of TLS, the system used to secure internet sessions (if you visit a URL that starts with "https://", it's being protected with TLS). Read the rest

This is bad: the UAE's favorite sleazeball cybermercenaries have applied for permission to break Mozilla's web encryption

Remember Darkmatter, the UAE-based cybermercenaries who worked with the beltway bandit firm Cyberpoint to recruit ex-NSA spies to infiltrate and expose dissidents, journalists, even children who opposed the despotic regime in the Emirates? (Darkmatter is also one of the least-discriminating cybermercenary bands in the world, available to help torturers, murderers and thugs hang onto power by attacking opposition movements and letting the secret police know who to arrest, torture and kill). Read the rest

Ex-NSA whistleblower says she and other US ex-spooks targeted Americans on behalf of UAE

Lori Stroud is an ex-NSA spy who also contracted with the NSA through Booz Allen, who says that after she left the NSA, she was recruited to work on Project Raven, a secret, offensive surveillance and digital attack squad working for the autocratic United Arab Emirates regime alongside other ex-US intelligence operatives, working with the knowledge and approval of the NSA. Read the rest

Toronto cops can frequently get your public transit history without a warrant

Metrolinx, the provincial agency that supplies the Presto cards used to pay for public transit rides in Toronto, has continued to hand over riders' travel history to Toronto-area cops without asking for a warrant. Read the rest

Major vulnerability in 5G means that anyone with $500 worth of gear can spy on a wide area's mobile activity

Stingrays (AKA IMSI catchers) are a widespread class of surveillance devices that target cellular phones by impersonating cellular towers to them (they're also called "cell-site simulators"). Read the rest

Undercover who targeted Citizen Lab over Israeli cyber-arms dealer is an ex-Israeli spook linked to black ops firm used by Harvey Weinstein

Last week, Citizen Lab and the AP published a blockbuster story revealing that Citizen Lab had been targeted by undercover operatives who pumped Lab employees for information on the group's work uncovering illegal surveillance operations undertaken by authoritarian governments using tools made by the notorious Israeli cyber-arms dealer NSO Group. Read the rest

Teen Vogue counsels taping over your webcam to resist FBI (and other) surveillance

As EFF's Eva Galperin notes, Nicole Kobie's story about resisting surveillance by taping over your webcam "proves that once more, the best and most straightforward tech reporting is being done by Teen Vogue." Read the rest

El Chapo went down because his sysadmin sold him out

Here's something to remember come the next Sysadmin Appreciation Day: Mexican drug lord El Chapo was only caught because his systems administrator flipped and started working for the feds, backdooring El Chapo's comms infrastructure and providing the cops with the decryption keys needed to eavesdrop on El Chapo's operations. Read the rest

Italian prosecutors have given up on catching the person who hacked and destroyed Hacking Team

Hacking Team (previously) was an Italian company that developed cyberweapons that it sold to oppressive government around the world, to be used against their own citizens to monitor and suppress political oppositions; in 2015, a hacker calling themselves "Phineas Fisher" hacked and dumped hundreds of gigabytes' worth of internal Hacking Team data, effectively killing the company. Read the rest

State surveillance company leaked its own data, its customers' data, and its customers' victims' data

Wolf Intelligence is a German state surveillanceware company founded by Manish Kumar, selling tools that independent researchers described as "very shitty and it’s just copy paste from open source projects," used by governments to spy on their citizens. Read the rest

Evidence of NSO Group surveillance products found in 45 countries, including notorious human-rights abusers

Researchers from the University of Toronto's outstanding Citizen Lab (previously) have published their latest research on the notorious and prolific Israeli cyber-arms-dealer The NSO Group (previously), one of the world's go-to suppliers for tools used by despots to spy on dissidents and opposition figures, often as a prelude to their imprisonment, torture and murder. Read the rest

More posts