Author: infossl

Evaluating the NSA’s Telephony Metadata Program

Posted on By infossl
academicpapers, fisa, metadata, nationalsecuritypolicy, nsa, phones, Security technology, terrorism

Interesting analysis: “Examining the Anomalies, Explaining the Value: Should the USA FREEDOM Act’s Metadata Program be Extended?” by Susan Landau and Asaf Lubin. Abstract: The telephony metadata program which was authorized under Section 215 of the PATRIOT Act, remains one of the most controversial programs launched by the U.S. Intelligence Community (IC) in the wake … Read More “Evaluating the NSA’s Telephony Metadata Program” »

Supply-Chain Attack against the Electron Development Platform

Posted on By infossl
backdoors, Security technology, securityengineering, supplychain, vulnerabilities

Electron is a cross-platform development system for many popular communications apps, including Skype, Slack, and WhatsApp. Security vulnerabilities in the update system allows someone to silently inject malicious code into applications. From a news article: At the BSides LV security conference on Tuesday, Pavel Tsakalidis demonstrated a tool he created called BEEMKA, a Python-based tool … Read More “Supply-Chain Attack against the Electron Development Platform” »

AT&T Employees Took Bribes to Unlock Smartphones

Posted on By infossl
att, bribes, cellphones, courts, hacking, malware, Security technology, smartphones

This wasn’t a small operation: A Pakistani man bribed AT&T call-center employees to install malware and unauthorized hardware as part of a scheme to fraudulently unlock cell phones, according to the US Department of Justice. Muhammad Fahd, 34, was extradited from Hong Kong to the US on Friday and is being detained pending trial. An … Read More “AT&T Employees Took Bribes to Unlock Smartphones” »

Brazilian Cell Phone Hack

Posted on By infossl
brazil, cellphones, cybersecurity, hacking, Security technology

I know there’s a lot of politics associated with this story, but concentrate on the cybersecurity aspect for a moment. The cell phones of a thousand Brazilians, including senior government officials, were hacked — seemingly by actors much less sophisticated than rival governments. Brazil’s federal police arrested four people for allegedly hacking 1,000 cellphones belonging … Read More “Brazilian Cell Phone Hack” »

Phone Pfarming for Ad Fraud

Posted on By infossl
facebook, fraud, google, Security technology, smartphones

Interesting article on people using banks of smartphones to commit ad fraud for profit. No one knows how prevalent ad fraud is on the Internet. I believe it is surprisingly high — here’s an article that places losses between $6.5 and $19 billion annually — and something companies like Google and Facebook would prefer remain … Read More “Phone Pfarming for Ad Fraud” »

Regulating International Trade in Commercial Spyware

Posted on By infossl
marketing, privacy, Security technology, spyware, surveillance

Siena Anstis, Ronald J. Deibert, and John Scott-Railton of Citizen Lab published an editorial calling for regulating the international trade in commercial surveillance systems until we can figure out how to curb human rights abuses. Any regime of rigorous human rights safeguards that would make a meaningful change to this marketplace would require many elements, … Read More “Regulating International Trade in Commercial Spyware” »

More on Backdooring (or Not) WhatsApp

Posted on By infossl
artificialintelligence, backdoors, facebook, privacy, Security technology, whatsapp

Yesterday, I blogged about a Facebook plan to backdoor WhatsApp by adding client-side scanning and filtering. It seems that I was wrong, and there are no such plans. The only source for that post was a Forbes essay by Kalev Leetaru, which links to a previous Forbes essay by him, which links to a video … Read More “More on Backdooring (or Not) WhatsApp” »