Stories
Slash Boxes
Comments

SoylentNews is people

posted by takyon on Wednesday July 22 2015, @02:14PM   Printer-friendly
from the no-cyberwarriors-admitted dept.

Security researcher Collin Mulliner was surprised and angered to learn an open source toolkit he authored to enable hacking of Android phones, had been incorporated into the arsenal of spyware sold by the Hacking Team to its clients, which include a variety of police states around the world. Of course the discovery was made possible by the recent leak of over 400 GB of Hacking Team's source code; the tipster found Mulliner's contact info in the source code and figured he was a paid consultant.

Mulliner, a German researcher currently affiliated with Boston's Northeastern University, presented the toolkit at a security conference in 2012; it combines mechanisms for hooking Android API functions in Linux userspace, with NFC/RFID hardware-level hacking, the latter apparently done in collaboration with fellow researcher Charlie Miller. Installation requires being in close physical proximity to the target's phone, to exploit NFC.

Mulliner stops short of accusing the Hacking Team of using his code unlawfully, but feels violated nonetheless. He vowed that his future projects will come with a license prohibiting use by "bad actors" - while admitting he doesn't know what such a license would look like.

Richard Stallman has consistently opposed tacking a "no military use" or similar onto the GPL:

Freedom 0 is the freedom to run the program as you wish. If a license restricts how you can run the program, the program is not free software.

This criterion is crucial. We cannot accept programs in the GNU system which have limits on what they can be used for. If we did, different programs would come with different limits. One program, perhaps written by Muslims, might ban use by restaurants that serve alcohol; another program, perhaps written by the Munich Oktoberfest committee, might ban use by restaurants that do not serve alcohol. Continuing along these lines, we might end up with a system that nobody would be allowed to use.

But of course, even open source advocates are free to disagree with Stallman on many issues.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 0) by Anonymous Coward on Wednesday July 22 2015, @05:24PM

    by Anonymous Coward on Wednesday July 22 2015, @05:24PM (#212407)

    > By extension I would argue that since the Hacking Team software runs on devices they do not own, they would already be in violation of GPLv2.

    Unless they tivoized it.