Stories
Slash Boxes
Comments

SoylentNews is people

posted by janrinok on Wednesday June 25 2014, @03:03PM   Printer-friendly
from the look-who's-listening dept.

Newly uncovered components of a digital surveillance tool used by more than 60 governments worldwide provide a rare glimpse at the extensive ways law enforcement and intelligence agencies use the tool to surreptitiously record and steal data from mobile phones. The modules, made by the Italian company Hacking Team, were uncovered by researchers working independently of each other at Kaspersky Lab in Russia and the Citizen Lab in Canada, who say the findings provide great insight into the trade craft behind Hacking Team's tools.

It's long been known that law enforcement and intelligence agencies worldwide use Hacking Team's tools to spy on computer and mobile phone users-including, in some countries, to spy on political dissidents, journalists and human rights advocates. This is the first time, however, that the modules used to spy on mobile phone users have been uncovered in the wild and reverse-engineered. In addition to the modules that were uncovered, Citizen Lab obtained from an anonymous source a copy of the lengthy user's manual that Hacking Team provides customers.

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 5, Insightful) by Phoenix666 on Wednesday June 25 2014, @03:24PM

    by Phoenix666 (552) on Wednesday June 25 2014, @03:24PM (#59913) Journal

    These guys have done all of us a great service with this information. Now we need to dig and find out who our targets are. We know who the Director of National Intelligence is and who the head of the NSA is, now we need to know everyone else who works for those criminal organizations so we can turn our attentions to them. Let them walk in fear that everyone around them is watching their every move, ready to act at any moment. They are so cavalier about violating our Constitutional rights, let them fear for their lives accordingly. Let them all be upbraided, and those who ordered these crimes swing from the highest trees in the land. Then and only then can we have a productive, adult conversation about the importance of the Constitution and the Rule of Law and Democracy and how it's a very, very, very serious deal to violate those. The thousands of men who gave their lives at Normandy didn't do it for a "damn piece of paper," but for something real and precious and worth dying for.

    NSA delenda est.

    --
    Washington DC delenda est.
    • (Score: 0, Funny) by Anonymous Coward on Wednesday June 25 2014, @03:48PM

      by Anonymous Coward on Wednesday June 25 2014, @03:48PM (#59923)

      It's a little early to start drinking so heavily there, Patrick Henry.

  • (Score: 3, Interesting) by DrMag on Wednesday June 25 2014, @03:40PM

    by DrMag (1860) on Wednesday June 25 2014, @03:40PM (#59921)

    So how does one determine if this tool is installed on their phone? I would think that would be important information to report; are there legal issues that prevent them from doing so?

  • (Score: 4, Funny) by marcello_dl on Wednesday June 25 2014, @05:28PM

    by marcello_dl (2685) on Wednesday June 25 2014, @05:28PM (#59973)

    Now, I'm taking my smartphone, go to the authorities, and DEMAND they root it for me.

  • (Score: 4, Informative) by Anonymous Coward on Wednesday June 25 2014, @05:56PM

    by Anonymous Coward on Wednesday June 25 2014, @05:56PM (#59990)

    Descriptive analysis of 'DaVinci' software by 'Hacking Team' working on an infected machine [citizenlab.org] - University Of Toronto
     
    Some tips for users who must stay on the dirty rat MS Windows platform:
     
      -- Do not trust any applications made or owned by Microsoft (such as Office, Skype, Internet Explorer etc), and do not trust any software which connects to the internet. Never allow such programs to touch the 'Registry' of your real system.
     
      -- Download and install a program named Sandboxie (shareware) [sandboxie.com] . Always install and run such programs inside a Sandboxie sandbox; All spawned Registry data will be redirected into a virtualized Registry in the sandbox; All system file droppings and spawned processes will also be redirected into the sandbox.
     
      -- Download and install a program named Shadow Defender (shareware) [shadowdefender.com] . This takes snapshots and can freeze your system state and allows to easily go back in time. It also has a 'Shadow Mode', which is an application sandboxing function similar to Sandboxie.
     
    Force yourself to learn how to thoroughly use those two tools and incorporate them into your everyday workflow.

    • (Score: 3, Informative) by captain normal on Wednesday June 25 2014, @07:24PM

      by captain normal (2205) on Wednesday June 25 2014, @07:24PM (#60021)

      It doesn't seem that simply avoiding MS products will protect you if you are afraid of being spied on.

      "Another aspect of particular interest to us was the way the malware samples are installed on mobile devices. We discovered several modules that infect mobile devices connected to infected Windows or Mac OS X computers.

      As already mentioned, the iOS module can only be used on jailbroken devices. That is why the iOS infector (sic) uses the AFP2 protocol to transfer. The "infector" (sic) has a nice GUI that enables installation if there is physical access to the victim's device or remote admin access to an infected computer.
      ...

      As mentioned above, remote admin access to an infected computer is one of the possible ways for the malware to be installed on a connected mobile device. The fact that only jailbroken iOS devices are supported can be a limiting factor. However, this is not a huge problem since an attacker can also run a jailbreaking tool such as Evasi0n via the same infected computer. In this case the only thing that can protect a user from a remote jailbreak and infection is the mobile device's passcode (sic). However, if the device is unlocked while connected to the infected computer, it can be infected by the attacker."
      http://www.securelist.com/en/blog/8231/HackingTeam_2_0_The_Story_Goes_Mobile [securelist.com]

      --
      When life isn't going right, go left.
    • (Score: 2) by tibman on Wednesday June 25 2014, @09:46PM

      by tibman (134) Subscriber Badge on Wednesday June 25 2014, @09:46PM (#60077)

      First time i've seen Sandboxie mentioned in a long time. The only thing i'd like to add to it is that you can install applications inside their own little containers/sandboxes. So other applications don't even know about each other. This way office applications cannot put hooks into your browser and so on. If some app installs an annoying toolbar you would never see it because your actual browser is in a different container.

      --
      SN won't survive on lurkers alone. Write comments.
    • (Score: 1) by mgcarley on Saturday June 28 2014, @04:31PM

      by mgcarley (2753) on Saturday June 28 2014, @04:31PM (#61361) Homepage

      And then who is this new company that has acquired Sandboxie? How do we know that Invincea isn't some front for some acronymed government agency or another? They are, after all, based in Fairfax, VA!!! {insert conspiracy theory here}

      So who owns it? Who runs it? Are there government moles? Same goes for this "Shadow Defender"... Clearly, we can't trust anybody!

      /tinfoil hat

      --
      Founder & COO, Hayai. We're in India (hayai.in) & the USA (hayaibroadband.com) // Twitter: @mgcarley