Tsunami Democràtic is a radical, decentralized wing of the resurgent Catalan independence movement, centered around an anonymously authored app designed to coordinate revolutionary uprisings. Read the rest
Last month, a developer called Axi0mx released an Iphone crack called Checkm8, which attacks a defect in the Ios bootrom, a low-level piece of code that has not been successfully attacked since 2010. The bootrom is read-only, making its defects effectively unpatchable, short of removing the chip and swapping it for one with more robust code (the attack also works on version 1, 2 and 3 Apple Watches). Read the rest
Citizen Lab (previously) is one of the world's top research institutions documenting cyber-attacks against citizen groups, human rights activists, journalists and others; ten years ago, they made their reputation by breaking a giant story about "Ghostnet," malicious software that the Chinese state used to convert the computers of the world's Tibetan embassies into spying devices. Read the rest
Maria Farrell admits that comparing smartphones to abusive men (they try to keep you from friends and family, they make it hard to study or go to work, they constantly follow you and check up on you) might seem to trivialize domestic partner violence, but, as she points out, feminists have long been pointing out both the literal and metaphorical ways in which tech replicates misogyny. Read the rest
Early this month, Google's Project Zero revealed a breathtaking attack on multiple OSes, including Apple's Ios, in which a website that served Uyghur people was found to be hosting at least five different kinds of Ios malware that exploited previously unknown defects in Apple's code (the attack is presumed to have been the work of the Chinese state, which has been prosecuting a genocidal campaign against Uyghurs, whose high-tech fillips have seen both cities and apps suborned to aid in the pogrom). Read the rest
Purism (previously) is a company that crowdfunds free/open laptops and phones whose design goal is to have no proprietary software, even at the lowest levels. The company is best known for its Purism laptops, and I'm very fond of mine (it didn't end up replacing my Thinkpad, only because I'm addicted to the trackpoint for mousing, and trackpads give me raging RSI) (that said, getting any GNU/Linux to run on a current-model Thinkpad is so hard and results in such a rotten experience that I'm reconsidering whether to switch back). Read the rest
Well, it's finally official. After more than a year in regulatory limbo, The United States Justice Department has approved a $26 billion dollar deal between mobile carriers T-Mobile and Sprint. Read the rest
The Justice Department is expected to approve a $26 billion deal between mobile carriers Sprint and T-Mobile on Friday. Read the rest
In 2012, the Wall Street Journal first reported on a mysterious cellphone surveillance tool being used by law-enforcement; years later, we learned that the origin of this report was an obsessive jailhouse lawyer who didn't believe that the cops had caught him the way they said they had. Read the rest
Back in 2017, Chinese authorities in Xinjiang began stopping members of the Uyghur ethnic minority and forcing them to install spyware on their phones: it marked an intensification of the country's crackdown on Uyghur's and other ethnic/religious minorities, which acquired a new technological fervor: next came the nonconsensual collection of the DNA of every person in Xinjiang, then the creation of torture camps designed to brainwash Uyghurs out of their Islamic faith, and then a full blown surveillance smart-city rollout that turned the cities of the region into open-air prisons. Read the rest
In a new paper for IEEE Security, a trio of researchers (two from Cambridge, one from private industry) identify a de-anonymizing attack on Iphones that exploits minute differences in sensor calibration: an Iphone user who visits a webpage running the attack code can have their phone uniquely identified in less than a second, through queries to the sensors made through automated background processes running on the page. Read the rest
The DOJ has indicted three former Verizon and AT&T employees for alleged membership in a crime-ring known as the "The Community"; the indictment says the telco employees helped their confederates undertake "port-out" scams (AKA "SIM-swapping" AKA "SIM hijacking"), which allowed criminals to gain control over targets' phone numbers, thereby receiving SMS-based two-factor authentication codes. Read the rest
While 5G mobile networks promise to provide tremendous wireless speeds with low latency, they may also make it more difficult for meteorologists to provide weather forecasts. That's because 5G's neighboring frequencies are used by satellites that detect water vapor in the atmosphere, data that informs weather models used by meteorologists. From Nature:
Read the rest
Astronomers, meteorologists and other scientists have long worked to share the spectrum with other users, sometimes shifting to different frequencies to prevent conflicts. But “this is the first time we’ve seen a threat to what I’d call the crown jewels of our frequencies — the ones that we absolutely must defend come what may”, says Stephen English, a meteorologist at the European Centre for Medium-Range Weather Forecasts in Reading, UK.
They include the 23.8-gigahertz frequency, at which water vapour in the atmosphere emits a faint signal. Satellites, such as the European MetOp probes, monitor energy radiating from Earth at this frequency to assess humidity in the atmosphere below — measurements that can be taken during the day or at night, even if clouds are present. Forecasters feed these data into models to predict how storms and other weather systems will develop in the coming hours and days.
But a 5G station transmitting at nearly the same frequency will produce a signal that looks much like that of water vapour. “We wouldn’t know that that signal is not completely natural,” says Gerth.
Last September, Facebook drew fire for abusing the phone numbers users provided for two-factor authentication messages, sending spam advertising messages over the same channel -- now, rather than reforming its ways, Facebook has doubled down on poisoning the security well, by adding a no-opt-out policy of allowing anyone in the world to search for you by phone number if you provide that number for two-factor auth. Read the rest