According to a story at the Intercept, the National Security Agency and its closest allies planned to hijack data links to Google and Samsung app stores to infect smartphones with spyware, a top-secret document reveals.
As part of a pilot project codenamed IRRITANT HORN, the agencies were developing a method to hack and hijack phone users’ connections to app stores so that they would be able to send malicious “implants” to targeted devices. The implants could then be used to collect data from the phones without their users noticing.
This discussion has been archived.
No new comments can be posted.
NSA Plan to Hack Smartphones Using Google and Samsung App Stores
|
Log In/Create an Account
| Top
| 20 comments
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(Score: 2, Informative) by Anonymous Coward on Friday May 22 2015, @03:26AM
No need to install implants. There's already plenty of stuff installed by default like the Android Device Manager: https://support.google.com/accounts/topic/6160499?hl=en [google.com]
That lets you (and whoever else with control over it) locate your phone and make it do stuff.
Frigging thing drains my phone's battery so fast it's not funny (I disabled the ADM's location etc stuff and my phone is now back to more reasonable power consumption rates).
(Score: 5, Insightful) by darkfeline on Friday May 22 2015, @03:27AM
Stuff like this makes me want to lock down my smartphone, but it's really hard to do so. Unless you are running a custom Android distribution (which is not supported on all phones), it's almost impossible to completely clean off all the junk running on phones nowadays without breaking some proprietary software infrastructure your provider has set up. I've tried twice on my Galaxy S4, rendering it unbootable both times. There's also no way to install a custom kernel on my model.
Even if you do lock down your phone, you have to go without all the apps that are almost expected nowadays. For example, if you are part of a large organization, chances are they have their own internal app that you need to use.
Also, let's not forget the "There's an app for that" mentality that crushes the great idea called code reuse. If you have app A that can play sounds and app B that tracks time, you can't hook A to B, you need a separate app C to play sounds at a given time. If you want to flash the camera light at a specified time, that's yet another app D. If you want to flash the light with a custom intensity, say hello to app E. Don't forget that each app comes with its own set of ads, unless you feel like paying $10 for as many apps to do something that only requires three or four UNIX-style programs.
Ugh, I'd rather carry a dumb phone that can act as a wireless display for my laptop; keep those apps and services away from me.
Join the SDF Public Access UNIX System today!
(Score: 4, Interesting) by Nerdfest on Friday May 22 2015, @05:24AM
Tasker will do most of what you want, and you cn go even deeper by running Python or Lua scripts to do direct API calls if you like.
(Score: 2) by everdred on Friday May 22 2015, @02:34PM
Tasker is delightful. Its power makes working past the confusing UI totally worth it.
(Score: 2) by darkfeline on Friday May 22 2015, @05:24PM
That's pretty cool, but my main gripe is not that smartphones don't have enough functionality, it's that they have too much (duplicate and/or malicious and/or sloppy) functionality.
Join the SDF Public Access UNIX System today!
(Score: 2) by Nerdfest on Friday May 22 2015, @06:22PM
I rarely complain about too much choice.
(Score: 2) by darkfeline on Saturday May 23 2015, @03:10PM
I suppose you love the US's tax code then? So many rules to choose from, which one's your favorite?
Join the SDF Public Access UNIX System today!
(Score: 2) by Nerdfest on Saturday May 23 2015, @04:01PM
My favourite would be the one that has me pay the least money.
(Score: 2) by Pslytely Psycho on Saturday May 23 2015, @09:55AM
You could just buy a Windows phone.....(ducks)
:)
Alex Jones lawyer inspires new TV series: CSI Moron Division.
(Score: 0) by Anonymous Coward on Friday May 22 2015, @03:49AM
I thought spyware was already a feature of Google Play. The NSA apparently just wants a piece of the action.
(Score: 1, Insightful) by Anonymous Coward on Friday May 22 2015, @07:39AM
(Score: 0) by Anonymous Coward on Friday May 22 2015, @08:06AM
cough cough.. Microsoft... cough cough.. AT&T... cough cough...
Achoo, achoo, Apple....
(Score: 2) by tathra on Friday May 22 2015, @06:28PM
which, conveniently, is now legal for GCHQ, [soylentnews.org] who is in an intelligence alliance [wikipedia.org] with the NSA, to do.
(Score: 1, Interesting) by Anonymous Coward on Friday May 22 2015, @04:11AM
"Some of the leaking information apparently helped the agencies uncover a communication channel linked to a foreign military unit believed to be plotting “covert activities” in Western countries."
How many times have we heard this?
Think of the children right?
Also, the report says they used a tool called, " pyhttpextract", to extract info from encoded blocks.
Tried to search for this tool but found none.
Anyone know if this really exists or can post a link to a similar tool?
(Score: 2) by takyon on Friday May 22 2015, @04:27AM
https://pythonhosted.org/httpforge/httpextract.html [pythonhosted.org] ?
[SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
(Score: 0) by Anonymous Coward on Friday May 22 2015, @07:51AM
"We used a freely available tool, pyhttpextract, to decipher the contents of this encoded data block."
Wow did they ever up the geek talk on that one.
Lead me to believe they did some magic reverse cipher on that block.
sed, awk, grep are also freely available for parsing text.
Shit if you really want to wow the public, go for some Haskell.
(Score: 2) by kadal on Friday May 22 2015, @12:33PM
Argh. Motherfuckers. Bah
(Score: 2) by tibman on Friday May 22 2015, @02:45PM
Anyone else's phone running slow today?
SN won't survive on lurkers alone. Write comments.
(Score: 0) by Anonymous Coward on Friday May 22 2015, @05:06PM
As it happens, Firefox on my Nexus 5 was running very slowly this morning. No, I'm not trying to burn Firefox...typically I have no complaints
(Score: 3, Insightful) by Phoenix666 on Friday May 22 2015, @03:58PM
Can we burn Ft. Mead to the ground yet?
Washington DC delenda est.