SoylentNews is people
SoylentNews
Reuter reports on an advanced iOS virus targeting Hong Kong protestors:
Cybersecurity researchers have uncovered a computer virus that spies on Apple Inc's iOS operating system for the iPhone and iPad, and they believe it is targeting pro-democracy protesters in Hong Kong.
The malicious software, known as Xsser, is capable of stealing text messages, photos, call logs, passwords and other data from Apple mobile devices, researchers with Lacoon Mobile Security said on Tuesday.
The original post on Lacoon's Web site (which Reuter used) notes:
A link to the Android spyware, disguised as an app to help coordinate Occupy Central protests in Hong Kong, was sent as an anonymous message to Whatsapp users there on Thursday. In its investigation of that spyware, Lacoon uncovered the Xsser mRAT hosted on the same Command and Control (CnC) domain with the project being named Xsser. Though called Xsser, this is not related to an XSS attack.
The Xsser mRAT is itself significant because while there have been other iOS trojans found previously, this is the first and most advanced, fully operational Chinese iOS trojan found to date. Although it shows initial signs of being a targeted attack on Chinese protesters, the full extent of how Xsser mRAT is being used is anyone’s guess. It can cross borders easily, and is possibly being operated by a Chinese-speaking entity to spy on individuals, foreign companies, or even entire governments.
[...]When infected, Xsser mRAT exposes virtually any information on iOS devices including SMS, email, and instant messages, and can also reveal location data, usernames and passwords, call logs and contact information.
In the meantime, Bloomberg says the U.S. Law Enforcement seeks to halt Apple/Google encryption of mobile data, but are not sure how to proceed: appeal to executives or seek congressional legislation.
Looks like the US and Chinese agencies aren't that dissimilar: both sides want the citizens with the pants down and the lubrication applied on their own expense (paid by taxes).
(Score: 0) by Anonymous Coward on Wednesday October 01 2014, @10:43PM
I don't really follow him at all, but has he said or written anything about systemd?
It's the kind of thing that somebody like him should be standing up against, because everything about it is tyrannical, but I can't remember ever hearing anything about it from him. Although, I may have just missed it, if he has discussed it.
(Score: 0) by Anonymous Coward on Thursday October 02 2014, @08:59AM
Makes you think:
Pieces placed in juxtaposition.:
"Opensource is going mainstream in 2014" -RedHat CEO
Systemd presents a large attack surface (where as there are few ways
to communicate with init etc, systemd is network aware), needlessly manages disc cryptography (amongst everything else, normal inits never cared one way or the other),
US government Argues For Backdoors In Personal Electronics - http://it.slashdot.org/story/14/10/01/1 [slashdot.org] ... lectronics
(Score: 2) by Bot on Thursday October 02 2014, @07:11PM
You think about backdoors, I think about the linux desktop itself. To become mainstream it must appease the hardware makers. Which had like 10 years during which they could have tossed windows aside *AS PREINSTALLED OS; NOT AT ALL*. Why didn't they? because a modular unix OS with stable APIs makes hardware eternal and users happy. But let's face it, a major hardware producer that ships with secure boot and hides the key combo to get to the bios to disable it, hates your guts.
While Systemd disrupts previous software in all possible ways (ifconfig eth3se8fasterpussycatkillkill), will probably be always a moving target, so it can replace windows as a way to make people buy new stuff because old stuff can't work well. Or at least, this is the first thing I gather from the juxtaposition.
Sure there can be backdoors, too.
Account abandoned.
(Score: 0) by Anonymous Coward on Thursday October 02 2014, @09:03AM
[quote]
Hi Gregory,
Thanks for writing. I don't think I agree with your characterization of
the situation (I am involved with the Debian community in my spare
non-FSF time and attended Debconf this past August), but of course the
FSF currently does not endorse Debian because of its integration in
various ways of nonfree software (see http://gnu.org/distros [gnu.org]). We do
endorse two distros that are "downstream" versions of Debian --
Trisquel, and gNewSense. I suggest that if you have concerns about what
Debian is doing upstream, you make your arguments in those Trisquel and
gNewSense communities. The FSF is not going to launch another new
distro; we want energy to be put into improving those which we already
endorse. Thanks!
-john
--
John Sullivan | Executive Director, Free Software Foundation
GPG Key: 61A0963B | http://status.fsf.org/johns [fsf.org] | http://fsf.org/blogs/RSS [fsf.org]
Do you use free software? Donate to join the FSF and support freedom at
[/quote]
http://www.debianuserforums.org/viewtopic.php?f=63&t=3031&start=50 [debianuserforums.org]