Posts Tagged ‘Cyber’

SOFT ROBOTS THAT can grasp delicate objects, computer algorithms designed to spot an “insider threat,” and artificial intelligence that will sift through large data sets — these are just a few of the technologies being pursued by companies with investment from In-Q-Tel, the CIA’s venture capital firm, according to a document obtained by The Intercept.

Yet among the 38 previously undisclosed companies receiving In-Q-Tel funding, the research focus that stands out is social media mining and surveillance; the portfolio document lists several tech companies pursuing work in this area, including Dataminr, Geofeedia, PATHAR, and TransVoyant.

Those four firms, which provide unique tools to mine data from platforms such as Twitter, presented at a February “CEO Summit” in San Jose sponsored by the fund, along with other In-Q-Tel portfolio companies.

Full Story @ [The Intercept]

Advertisements

WASHINGTON — In early 2003, F.B.I. agents hit a roadblock in a secret investigation, called Operation Trail Mix. For months, agents had been intercepting phone calls and emails belonging to members of an animal welfare group that was believed to be sabotaging operations of a company that was using animals to test drugs. But encryption software had made the emails unreadable.

So investigators tried something new. They persuaded a judge to let them remotely, and secretly, install software on the group’s computers to help get around the encryption.

That effort, revealed in newly declassified and released records, shows in new detail how F.B.I. hackers worked to defeat encryption more than a decade before the agency’s recent fight with Apple over access to a locked iPhone. The Trail Mix case was, in some ways, a precursor to the Apple dispute. In both cases, the agents could not decode the data themselves, but found a clever workaround.

Full Story @ [New York Times]

In an extensive profile on Marlinspike, The Wall Street Journal details how an encryption program he wrote was so robust, simple, and efficient that WhatsApp — one of the more popular messaging apps on the planet — “made it a standard feature for many of the app’s 800 million users.”

While he may appear to be like any other dreadlocked dude you might see at a Grateful Dead concert, don’t let the hairstyle fool you. He’s the real deal, having formerly served as the head of Twitter’s security team.

The Journal reports:

In a research paper released Tuesday, 15 prominent technologists cited three programs relying on Mr. Marlinspike’s code as options for shielding communications.

His encrypted texting and calling app, Signal, has come up in White House meetings, says an attendee. Speaking via video link last year as part of a panel on surveillance, former National Security Agency contractor Edward Snowden, who leaked troves of U.S. spying secrets, urged listeners to use “anything” that Mr. Marlinspike releases.

All the more impressive, the report relays an anecdote detailing how a Johns Hopkins University cryptography class examined Marlinspike’s code only to find that there were no errors to be found. Anywhere.

In typical coder fashion, Marlinspike is extremely private. We don’t know his age or much else about him aside from his elegant code. And while the ultimate functionality of what Marlinspike’s accomplishes may not be new in and of itself, his code stands out because it’s extremely easy to use.

Source: [BGR]

The company Hacking Team internally tested its code against a wide range of antivirus engines and Internet security apps. Testing was done using Windows 7, 64bit. In this color coded scheme, red means the code was not only detected but issued an alert whereas black just blocked with no notification. Click on the image for the full list.

  • Green – Antivirus does not react to the launch of the agent.
  • Yellow – Agent connects to the server, but can sometimes issues a warning. The antivirus has a non-standard configuration (ie the firewall turned off).
  • Black – the agent can not connect to the server, but there is no anti-virus warnings, or agent is in the antivirus black list.
  • Red – the agent can not connect to the server, an antivirus warning appears (agent is detected as malicious).

av-chart-hackingteam

Source: [exploit.in]

8edb1-url

Researchers sifting through the confidential material stolen from spyware developer Hacking Team have already uncovered a weaponized exploit for a currently unpatched vulnerability in Adobe Flash, and they also may have uncovered attack code targeting Microsoft Windows and a hardened Linux module known as SELinux.

Hacking Team documentation accompanying the Flash exploit said it targeted “the most beautiful Flash bug for the last four years,” according to a blog post published Wednesday by researchers from antivirus provider Trend Micro. The use-after-free flaw resides in a Flash Bytearray object. Researchers at competing AV company Symantec have confirmed the existence of a Flash exploit that works against the latest version of Flash (18.0..194). They also have confirmed it works against people viewing content with Internet Explorer, and it’s presumed it will work against other browsers as well.

“Symantec has confirmed the existence of a new zero-day vulnerability in Adobe Flash which could allow attackers to remotely execute code on a targeted computer,” they wrote in a blog post published Tuesday. “Since details of the vulnerability are now publicly available, it is likely attackers will move quickly to exploit it before a patch is issued.”

Full Story @ [arstechnica]

Thomas Drake, a former senior executive at the NSA turned whistleblower, sat down with the Real News to talk about the USA Freedom Act as ersatz reform and how the public can take matters into their own hands by encrypting their phones and computers.

magic-math

A Melbourne-based PhD candidate’s online open-access publishing forum is a boon for those wishing to access texts and transcripts free. But at what cost to the authors of some of these works?

You don’t have to look far for information accessible only to the wealthy. Court documents are cynically priced to be affordable only to institutions, namely the legal firms and media organizations that daily require them. One can sit freely in court and watch proceedings, but to acquire the official record can cost thousands of dollars. A few years ago, my research required a transcript of a murder trial. It cost almost $3500, for which I had to seek a loan. Its price was a magnitude greater than the administrative labor involved in its release, and requests for a justification of the cost were ignored. I have heard more than once of a practice of defence lawyers – who receive these documents at no cost – “leaving transcripts on photocopiers”, a euphemism for making them secretly available to the prosecution.

But if there’s a ground zero for the open-access movement, it is scholarly archives. In 2008, a few years before his JSTOR operation, Swartz posted what he called his “Guerilla Open Access Manifesto”. It was a call to arms. It read, in part: “Information is power. But like all power, there are those who want to keep it for themselves. The world’s entire scientific and cultural heritage, published over centuries in books and journals, is increasingly being digitised and locked up by a handful of private corporations … Forcing academics to pay money to read the work of their colleagues? Scanning entire libraries but only allowing the folks at Google to read them? Providing scientific articles to those at elite universities in the First World, but not to children in the Global South? It’s outrageous and unacceptable.”

Full Story @ [thesaturdaypaper]

A witness told police that two of the distinct white and light blue cars from the Car2Go fleet had fled the scene after 22-year-old Daerius Churchill was gunned down Jan. 4 on the corner of Bruce Randolph Avenue and St. Paul Street.

A surveillance camera at a nearby business recorded three of the vehicles in the area, according to a search warrant affidavit.

Officials with Car2Go in Denver told detectives that GPS tracking systems on the car allow them to identify which cars are moving at any given time, the search warrant said. That should have narrowed the list to investigate.

However, the detective wrote in his affidavit that he and the Car2Go manager uncovered multiple cars that had been rented under fictitious names through a call center.

The company told police it records phone conversations between its representatives and customers. It also logs the caller ID numbers, the search warrant affidavit said.

Car2Go customers are vetted through an online application process, said Dacyl Armendariz, a company spokeswoman.

“It’s not like just anybody can jump in a car and drive away,” she said.

Full Story @ [Denver Post]

Hacker-Isloate

On Sunday, while most of Twitter was watching the Women’s World Cup – an amazing game from start to finish – one of the world’s most notorious security firms was being hacked.

Specializing in surveillance technology, Hacking Team is learning how it feels to have their internal matters exposed to the world, and privacy advocates are enjoying a bit of schadenfreude at their expense.

Hacking Team is an Italian company that sells intrusion and surveillance tools to governments and law enforcement agencies.

Source: [csoonline]

The very network nodes that relay anonymous Tor traffic for you, free of charge, may be sniffing or reading your data as it passes through. That’s the conclusion of an investigation by a security researcher known as Chloe.

The test involved setting up a dummy website with an admin sub-domain and a login page. Chloe then logged into the site through the Tor network many times – in fact, 137,319 times. Due to timeouts and other issues, only 99,271 attempts resulted in a successful connection to the dummy admin account.

Chloe was looking for instances where the unique password chosen for each login attempt was used a second time, which would indicate that the exit node, in that instance, had sniffed the credentials and someone had then decided to have a go at using the credentials to log into Chloe’s dummy site.

Chloe found 16 instances of multiple uses of a unique password. While it may appear a small number, this number should be zero. In addition, there were 650 unique page visits which points to additional sniffing activity.

Chloe estimates that the number of exit nodes tested was 1400, with each used around 95 times.

The conclusion: “We can see that there’s passive MITM [man in the middle spying] going on in the Tor network. This is done by setting up a fully functional and trustworthy exit node and start sniffing.”

Source: [scmagazineuk]