A Cybersecurity Threat That Could Be Lurking On Your Phone

A Cybersecurity Threat That Could Be Lurking On Your Phone

Gary Miliefsky, SnoopWall CEO, and founding member of the US Department of Homeland Security announces a privacy breach posed by smartphone flashlight apps. Miliefsky has advised two White House Administrations on Cybersecurity.

He was scheduled to join us on set for Special Report, but we had to make room for breaking news. We know you were all excited to hear this story and so we brought Gary in just for The Daily Bret. Share your thoughts with us on Twitter @BretBaier or here on the blog– after hearing this story will you delete your flashlight app?

Revealed: How governments can take control of smartphones

Revealed: How governments can take control of smartphones

“Our latest research has identified mobile modules that work on all well-known mobile platforms, including as Android and iOS”

RT.com
June 25, 2014

‘Legal malware’ produced by the Italian firm Hacking Team can take total control of your mobile phone. That’s according to Russian security firm Kaspersky Lab and University of Toronto’s Citizen Lab(which also obtained a user manual).

Operating since 2001, the Milan-based Hacking Team employs over 50 people and offers clients the ability to “take control of your targets and monitor them regardless of encryption and mobility,” while “keeping an eye on all your targets and manage them remotely, all from a single screen.”

It’s the first time Remote Control Systems (RCS) malware has been positively linked with mobile phones and it opens up a new privacy threat potential to mobile phone users.

“Our latest research has identified mobile modules that work on all well-known mobile platforms, including as Android and iOS,” wrote Kaspersky researcher Sergey Golovanov.

“These modules are installed using infectors – special executables for either Windows or Macs that run on already infected computers. They translate into complete control over the environment in and near a victim’s computer. Secretly activating the microphone and taking regular camera shots provides constant surveillance of the target – which is much more powerful than traditional cloak and dagger operations.”

20140625-164404-60244101.jpg
Image from citizenlab.org

Police can install the spy malware directly into the phone if there is direct access to the device, or if the owner of the phone connects to an already infected computer, according to Wired.

Various softwares can also lure users to download targeted fake apps.

Once inside an iPhone, for instance, it can access and activate all of the following: control of Wi-Fi, GPS, GPRS, recording voice, e-mail, SMS, MMS, listing files, cookies, visited URLs, cached web pages, address book, call history, notes, calendar, clipboard, list of apps, SIM change, live microphone, camera shots, support chats, WhatsApp, Skype, and Viber.

20140625-164453-60293182.jpg
Image from citizenlab.org

While the malware can be spotted by some of the more sophisticated anti-virus software, it takes special measures to avoid detection – such as “scouting” a victim before installation, “obfuscating”its presence, and removing traces of its activity.

Hacking Team has maintained that its products are used for lawful governmental interceptions, adding that it does not sell items to countries blacklisted by NATO or repressive regimes.

Wired reported that there have been cases where the spying apps were used in illegal ways in Turkey, Morocco, and Saudi Arabia.

Citizen Lab discovered spying malware hiding in a legitimate news app for Qatif Today, an Arabic-language news and information service that reports on events in Saudi Arabia’s eastern Qatif region. It also argued that circumstantial evidence pointed to Saudi Arabia’s government using the spying malware against Shia protesters in the area.

“This type of exceptionally invasive toolkit, once a costly boutique capability deployed by intelligence communities and militaries, is now available to all but a handful of governments. An unstated assumption is that customers that can pay for these tools will use them correctly, and primarily for strictly overseen, legal purposes. As our research has shown, however, by dramatically lowering the entry cost on invasive and hard-to-trace monitoring, the equipment lowers the cost of targeting political threats for those with access to Hacking Team and Gamma Group toolkits,” Citizen Lab said in its report.

20140625-164550-60350694.jpg
Map showing the countries of the current HackingTeam servers’ locations (Image from securelist.com)

Hacking Team controls the spying malware remotely via command-and-control servers. Kaspersky has discovered more than 350 such servers in more than 40 countries. A total of 64 servers were found in the US – more than in any other country. Kazakhstan came in second, with a total of 49 servers found. Thirty-five were found in Ecuador and 32 in the UK.

Here Are 17 Top Bug And Issue Tracking Apps For Developers!

http://www.efytimes.com/e1/fullnews.asp?edid=130338

Tuesday, February 18, 2014: Developers come across a plethora of bugs and issues while creating hundreds, or even thousands, of lines of code! The same can be quite frustrating. In such a situation, making use of bug and issue tracking within your workflow leads to a better end product.

20140218-070449.jpg

Stand Up and Be Counted

My fellow Americans and Friends; on Tuesday, November 6th we stand to either choose a new President or to give 4 more years to the incumbent.  The choice is up to you and the Electoral College.  This is a bit astray from Networking, but every bit as important in my book.  I would ask you to give great thought towards your choice and truly research that which is best for the country, as a whole.

If you should choose to vote for someone other than the primary Republican or Democratic parties or if you should choose not to vote at all, is your vote thrown away?  I would say no, because it is your right and therefore whatever you choose to do with it is completely up to you and no one else.  However, by choosing to cast your vote toward some other party you do not waste your vote because you are telling the country that you do not agree with, or like, the two primary parties.  By voting for someone other than the norm, which we have had ingrained in our minds since childhood, you have the power to say it is time for true change not the façade of change.  At some point in time the third party candidate(s) will get enough votes to truly become a great threat to the party norms and the establishment as a whole.

If you should choose to not vote at all, you are telling the country that you are disgusted with all  of the political BS that is going on these days, or perhaps you are just plain lazy.  In either case, you are telling the country that the party norm(s) are no longer the values that represent America.

Either road you may choose, I would implore you to be an informed voter by studying the issues and not just picking and choosing them.  All of the issues are important, important to you and others.  I urge you neither to vote not as your friends would, nor as your co-workers would, nor as your family would!  Think long and hard and, as John Quincy Adams told us to do, “Always vote for principle, though you may vote alone, and you may cherish the sweetest reflection that your vote is never lost.”  And his father, John Adams, told us that we must vote as a matter of conscience.  So, vote your way, vote your conscience!

You will choose between the following parties:  Republican, Democratic, Constitution, Libertarian, Green, Socialist, and Independent.  Think hard and choose well my friends, the future of the country is at hand and the rhetoric always seems to remain the same.  I have always believed that if you want true change, you must do things differently (think, approach, and vote).

We may not agree with each other, but we do need to respect one another.  Unfortunately, I have little faith that our present representation has any respect for those they purportedly serve.  For example, no matter the party affiliation demanded that the President does not serve more than two terms, but look at the dynasties that have been built by Congressman and Senators.  Some have served as many as 50 years, some 40…the list is quite long.  What of the benefits package, while the American people have 8% unemployment, loss of jobs, wages, and benefits, our representatives want an increase in pay and benefits…and for what?

Our Founding Fathers had the idea, the notion, that people would as a matter of public service represent their fellow Americans and they would not do so for benefits, retirement, etc.  Again, unfortunately, when did we vote for such a thing?  We didn’t, our public servants voted themselves these benefits, pays, and luxuries.  So I would urge you to consider these things when you cast your ballot.

 

Keep these words in mind: “Democracy never lasts long. It soon wastes, exhausts and murders itself. There was never a democracy that did not commit suicide.” ~John Adams

 

Updating to iOS 6

I have read several articles on the updating iPhone 3GS to the newly released iOS 6.

Most were good, a few bad; however, the bad seemed to be primarily with a different iPhone platform or a jail broken phone.

The reviews I have read were:

http://www.gottabemobile.com/2012/09/19/ios-6-on-iphone-3gs-first-impressions-and-performance/

http://answers.yahoo.com/question/index?qid=20120920164714AAYV0dg

http://www.product-reviews.net/2012/09/22/ios-6-problems-incorporate-iphone-battery/

http://arstechnica.com/apple/2012/09/tempting-fate-installing-ios-6-on-the-iphone-3gs/

While I got relatively good information, I remained a bit apprehensive to performing the update…but went ahead with it anyway.

I will play with it for about a week and make my final decision about it and will let you know my opinion.

Please feel free to passing along your thoughts.