spy
Latest
EFF takes the fight to Carrier IQ, requests reinforcements
If we didn't love the EFF already, we'd be proposing marriage now that it's managed to reverse-engineer Carrier IQ's pernicious monitoring software. CIQ exists in phones in three parts, the app itself, a configuration file and a database -- where your keystrokes and coded "metrics" are logged before being sent to the company. Volunteer Jared Wierzbicki cracked the configuration profile and produced IQIQ, an Android app that reveals what parts of your activity are being monitored. Now the Foundation is posting an open call for people to share their data using the app in order to decipher what personal data was collected and hopefully decrypt the rest of the software. Hopefully, our thoughts can soon turn to who's gonna play the part of Trevor Eckhart in the All the Presidents Men-style biopic.
WikiLeaks' Spy Files shed light on the corporate side of government surveillance
WikiLeaks' latest batch of documents hit the web this week, providing the world with a scarily thorough breakdown of a thoroughly scary industry -- government surveillance. The organization's trove, known as the Spy Files, includes a total of 287 files on surveillance products from 160 companies, as well as secret brochures and presentations that these firms use to market their technologies to government agencies. As Ars Technica reports, many of these products are designed to get around standard privacy guards installed in consumer devices, while some even act like malware. DigiTask, for example, is a German company that produces and markets software capable of circumventing a device's SSL encryption and transmitting all instant messages, emails and recorded web activity to clients (i.e., law enforcement agencies). This "remote forensic software" also sports keystroke logging capabilities, and can capture screenshots, as well. Included among DigiTask's other products is the WifiCatcher -- a portable device capable of culling data from users linked up to a public WiFi network. US-based SS8, Italy's Hacking Team and France's Vupen produce similar Trojan-like malware capable of documenting a phone or computer's "every use, movement, and even the sights and sounds of the room it is in," according to the publication. Speaking at City University in London yesterday, WikiLeaks founder Julian Assange said his organization decided to unleash the Spy Files as "a mass attack on the mass surveillance industry," adding that the technologies described could easily transform participating governments into a "totalitarian surveillance state." The documents, released on the heels of the Wall Street Journal's corroborative "Surveillance Catalog" report, were published alongside a preface from WikiLeaks, justifying its imperative to excavate such an "unregulated" industry. "Intelligence agencies, military forces, and police authorities are able to silently, and on mass, and [sic] secretly intercept calls and take over computers without the help or knowledge of the telecommunication providers," wrote Wikileaks in its report. "In the last ten years systems for indiscriminate, mass surveillance have become the norm." The organization says this initial document dump is only the first in a larger series of related files, scheduled for future release. You can comb through them for yourself, at the source link below.
Brits, your government needs you to solve this puzzle
Spare a thought for the British intelligence services. Every time they come up with a clever recruitment drive, their efforts are hampered by yet another off-putting death scene in a certain long-running spy drama. But relax, this particular ciphered job advert is entirely safe. It's been put out by the UK's monitoring service, GCHQ, which is altogether more 9 to 5 than MI5. You simply need to figure out the keyword buried in that daunting grid of characters, submit it via the 'canyoucrackit' link below, and a happy career in headphones and Herman Miller could be yours. On the other hand, people who claim to have beaten the puzzle seem underwhelmed by the response: all it got them, they say, was a shot at a £25k per year position that was already being openly advertised on the web. But, who knows, maybe those guys only think they cracked it?
Air Force X-37B space plane books additional time on orbital cruise, orders another margarita
If your secret space plane's in orbit and doing its secret thing well enough, why bother bringing it home? This appears to be the mindset of the Air Force regarding its experimental X-37B space plane, the billion-dollar robotic vehicle's orbital flight being extended beyond the 270 days it was initially designed for. While the Air Force has stated that the vehicle is meant only for conducting orbital science experiments, analysts say the X-37B is capable of much more, and could perform additional tasks such as acting as an orbital spy, sneaking up on and tampering with enemy satellites or hauling small batches of supplies to the International Space Station. Perhaps the most interesting thing is that the X-37B could stay in orbit for that much longer. Although the Air Force said last year that the X-37B could last nine months above the heavens before its power and fuel ran out, an inside source commented that "it sips power and fuel like a Prius." Click through the break for the full X-37B schematics, which -- crazily enough -- look nothing like a Prius.
Man on vacation confused for a Russian spy, almost restarts cold war
Threats of Russian espionage can come from the unlikeliest of sources, as Jim Mimlitz, owner of Navionics Research, a small integrator firm, knows only too well. Curran Gardner Public Water District, just outside of Springfield, Illinois, employed Mimlitz's firm to set up its Supervisory Control and Data Acquisition system (SCADA), and the spy games began when Mimlitz went on vacation in Russia. While there, he logged into the SCADA system to check some data, then logged off and went back to enjoying Red Square and the finest vodka mother Russia has to offer. However, five months later a Curran Gardner water pump fails, and an IT contractor eyeballing the logs spots the Russian-based IP address. Fearing stolen credentials, he passes the info up the chain of command to the Environmental Protection Agency (as it governs the water district) without bothering to contact Mimlitz, whose name was in the logs next to the IP address. The EPA then passed along the paranoia to a joint state and federal terrorism intelligence center, which issued a report stating that SCADA had been hacked. Oh boy. A media frenzy followed bringing all the brouhaha to Mimlitz's attention. After speaking with the FBI, the massive oversight was identified, papers were shuffled, and everyone went about their day. So, next time you delete all your company's e-mail, or restart the wrong server, remember: at least you didn't almost start World War III. Tap the source link for the full story. [Image courtesy Northackton]
iSpy software can read texts and steal passwords with its little eye (video)
We spy, with our bleary eye, a new piece of software that could make it dramatically easier to steal personal data. The program, known as iSpy, allows devious voyeurs to remotely identify and read text typed on touchscreen displays. That, in and of itself, isn't exactly new, but iSpy takes shoulder surfing to slightly terrifying new areas -- namely, those beyond the "shoulder." Developed by Jan-Michael Frahm and Fabian Monrose of the UNC-Chapel Hill, this program, like those before it, takes advantage of the magnified keys found on most touchscreens. All you'd have to do is point a camera at someone else's screen and iSpy will automatically record whatever he or she types by stabilizing the video footage and identifying the enlarged keys. If you're using a smartphone camera, you'll be able to eavesdrop from up to three meters away, but if you opt for a more heavy duty DSLR device, you could steal passwords from up to 60 meters away. The software can also recognize any words typed into a device, and, according to its architects, can identify letters with greater than 90 percent accuracy. When used with a DSLR camera, iSpy can even pick up on reflections of touchscreens in sunglasses or window panes from up to 12 meters away. To avoid this, Frahm and Monrose recommend disabling the magnified key function on your smartphone, or using some sort of screen shield. We recommend checking out a video of the program, after the break.
Georgia Tech spies on nearby keyboards with iPhone 4 accelerometer, creates spiPhone
Ever plopped your cellular down next to your laptop? According Georgia Tech researchers, that common scenario could let hackers record almost every sentence you type, all thanks to your smartphone's accelerometer. They've achieved the feat with an impressive 80 percent accuracy using an iPhone 4, and are dubbing the program they've developed, spiPhone. (Although the group initially had fledgling trials with an iPhone 3GS, they discovered the 4's gyroscope aided in data reading.) If the software gets installed onto a mobile device it can use the accelerometer to sense vibrations within three-inches, in degrees of "near or far and left or right," allowing it to statistically guess the words being written -- so long as they have three or more letters. It does this by recording pairs of keystrokes, putting them against dictionaries with nearly 58,000 words to come up with the most likely results. The group has also done the same with the phone's mics (which they say samples data at a whopping 44,000 times per second vs. the accelerometer's 100), but note that it's a less likely option given the usual need for some form of user permission. Furthermore, they explained that the accelerometer data rate is already mighty slow, and if phone makers reduced it a bit more, spiPhone would have a hard time doin' its thing. The good news? Considering the strict circumstances needed, these researchers think there's a slim chance that this kind of malware could go into action easily. Looks like our iPhone and MacBook can still be close friends... For now. You'll find more details at the links below.
Huawei blocked from first responder network contract, US cites 'national security concerns'
The inability to win US government approval isn't exactly an unfamiliar issue for Huawei, which by now must be conditioned not to expect a nod from major US telecom companies. But now, The Daily Beast reports that the U.S. Commerce Department has made it very clear that the Chinese company won't have a role in building the country's new dedicated first responder wireless network. A spokesman wasn't shy about the reason, either, explaining that Huawei "will not be taking part in the building of America's interoperable wireless emergency network for first responders due to U.S. government national security concerns." And what about those national security concerns? Well, Huawei president Ren Zhengfei's former role as a People's Liberation Army technologist may have something to do with it, considering it wouldn't be unreasonable to suspect that he still has some fairly close ties to Chinese government officials. We haven't heard a peep from the feds regarding Huawei's invitation for US officials to investigate the company earlier this year, but it's safe to assume that the investigation either didn't go very well, or more likely that it hasn't happened at all. We imagine that whole corporate espionage debacle probably didn't help the company, either.
This giant military spy blimp is really hard to miss
What's this spy blimp doing next to an 18-wheeler? We're not entirely sure, but it's certainly not being subtle about it. This jumbo-sized floater, codenamed "Blue Devil Block 2," measures some 370 feet in length and comprises a whopping 1.4 million cubic feet. Originally inflated in September, the definitely-not-blue Blue Devil took flight for the first time last week in North Carolina and, if all goes to plan, should head to Afghanistan by the middle of next year. The Air Force says the blimp will hover above the country for five days at a time, collecting surveillance data from 20,000 feet above the ground and transmitting its findings to US intelligence officers on the ground, via laser. When that's taken care of, it'll be used to make the biggest omelette ever.
Rover App-Controlled Spy Tank gives your cats another reason to hate your iPad (video)
If the only thing standing between you and the purchase of an iPad is the existence of a large, remote controlled spy tank, we've got some rough news for your bank account. Brookstone is offering up the Rover App-Controlled Spy Tank, an iPad / iPhone / iPod touch-controlled toy tank that can capture audio and video and send it back to your iOS device. The tank can be controlled at distances of up to 200 feet and works around walls. The app is available as a free download and the tank will run you $150. That price includes six AA batteries, but apparently won't cover therapy for distressed house pets.
Wireless snooping WASP drone knows you want extra jalapeños, no sliced tomato
This fearsome contraption is the handiwork of a couple of amateur DEFCON-types who reckoned that any self-respecting spy plane ought to be able to impersonate cellphone towers. And that's exactly what the Wireless Aerial Surveillance Platform does -- it tricks AT&T and T-Mobile handsets into connecting to it, then re-routes the incoming calls via VOIP so they don't drop, while simultaneously recording all conversations to 32GB of onboard storage. It can also handle a bit of WiFi snooping on the side, thanks to a Linux-based hacking toolkit and a 340 million word dictionary for guessing passwords. What's more, the WASP apparently achieves all of this without breaking a single FCC regulation. So, er, that's fine then. Oh yeah, and we don't want any of that stuffed crust nonsense, you hear?
App spies on your keyboard, steals your passwords
iPad owners using their tablet in public may want to look closely at the people around them. A new app called shoulderPad lets Mac OS X, jailbroken iPad and jailbroken iPhone owners secretly steal your login and passwords. It uses the camera on these devices to track the keyboard input. Specifically, the app looks for the slight blue glow that occurs right after your touch a key. It records these glows, analyzes the pattern and spits out your passwords. All the thief has to do is sit near you and pretend to be using their phone, tablet or computer. This same technique can be applied to recorded footage so be watch out for those surveillance cameras, too.
Nokia 700 'Zeta' caught in spyshots, ready to give mobile makeovers
While we're busy recovering from a recent overdose of Nokia eye candy, secret agents are hard at work hunting down more visual goodness for us to ogle at. These shots above are of the Nokia 700 "Zeta," which appears to be a replacement to the C6-01. The photos show it running on Symbian Belle -- Anna's successor -- and packed with a 5 megapixel camera, LED flash, and NFC support. The source indicates the Zeta will house a 1 GHz CPU and 3.2-inch nHD AMOLED display, weighs a smidge over 80g, and measures out at 10mm thick. Oddly enough, we dug up a leaked snapshot of the Zeta's spec sheet claiming it'll be the "thinnest smartphone ever," which at 10mm isn't anywhere close to earning that title. Though no other phones were pictured, the spec sheet (shown below) brought attention to three other Symbian offerings on the roadmap: the Nokia 701 Helen has the best specs of the bunch with 8 megapixel camera and 3.5-inch ClearBlack display; there's the Nokia 600 Cindy with NFC, 5 megapixel shooter, and 3.2-inch AMOLED; also, we've likely seen the Nokia 500 Fate already leaked as the N5. There's no indication on when (or if) we can expect any of these phones to hit the market, but it looks like Mr. Elop is intent on keeping his promise. More photos after the break. [Thanks to everyone who sent this in]
The Game Archaeologist jacks into The Matrix Online: Jamming with Ben 'Rarebit' Chamberlain
When we started into The Matrix Online month last week on The Game Archaeologist, one of the comments caught my eye. Massively reader stealthrider wrote: Please, please do a tribute to Rarebit. MxO was his baby, and no one took its death worse than he. He did everything for that game, much of it single-handedly. Everything from playing the canon characters and co-writing the story to fixing hundreds of bugs and even creating a new zone from scratch. Not to mention developing and implementing the story missions, new items, the RP item vendors, and pretty much everything else in MxO's final couple of years. He even implemented and moderated a player-created minigame as part of the official story. He retired from game development in the months before MxO's shutdown. He was that dedicated to this game that he couldn't work on anything else afterward. He's a god among developers, and he is as sorely missed as the game itself. I think this sums up how many Matrix Online vets feel about Ben "Rarebit" Chamberlain. So instead of a mere tribute, we drove the MassivelyMobile over to Chamberlain's house (read: send a polite email request), and he graciously said he'd be glad to reminisce with us. So hit that jump to find out the last word on MxO from the dev who held it together!
DARPA's new Space Surveillance Telescope will keep our satellites safe from interstellar debris
What's that in the sky? A bird? A plane? Oh, it's just some junk floating around in space, posing major threats to our military's spy satellites. To help keep an eye on it, engineers at DARPA, MIT and the Air Force have unleashed a new $110 million telescope that's been in the works for nine years now. The new Space Surveillance Telescope (SST) is capable of delivering wide-angle views of the Earth's firmament thanks to a curved CCD. This allows for a massive 3.5m aperture and f/1.0 exposure settings, capturing more light in a day that your average scope can in a week. As part of the Air Force's Space Surveillance Network (SSN), the telescope's primary task will be to look out for any microsatellites, meteors or other alien droppings moving at the same speed at which the Earth rotates. The system developed its first images earlier this year and the Air Force may eventually place SSTs all over the world, creating a 360-degree surveillance blanket and going a long way toward keeping our spycraft warm, cozy, and safe from galactic hazards.
Wings Over Atreia: Milking the cash cow
Although it is so far out on the scale of probability that it is tipping into impossibility, there is a remote chance that some player in Aion does not know about NCsoft's cash shop. After all, we are often assaulted with advertisements for new goodies offered at the NCsoft Store front-and-center on the launchpad; if you have logged into the game any time in the last couple of months, you have seen offerings of cosmetic clothing, exclusive pets, and weapon skins. Now I can understand ponying-up for a character name-change since the user is asking for a smidgen of change in code. Changing gender -- sure, why not? Server transfers definitely involve a bit of work, so making this a paid service also makes sense. Cosmetic surgery, however, is harder for me to accept since I have played a game that offered it in-game as a service performed by a specific class. But what about all of the extra items? The little perks, the fluff, and limited-time deals? Grab your wallet and join me past the break for a discussion on fleecing customers (I mean offering deals, really) and to see some items that I personally would like to implement.
UAE plans enterprise-class messaging ban for individuals and small companies?
Seems the United Arab Emirates wasn't satisfied with the spying agreements that RIM put in place -- now, the government's Telecommunications Regulatory Authority will reportedly restrict BlackBerry Enterprise Server (BES) services to companies with more than twenty BlackBerry accounts each. Interestingly, the TRA itself denies that any services will be halted to individuals or small firms, even as RIM itself claims that such a ban will indeed take effect, though RIM also claims that it "would be an industrywide policy applying equally to all enterprise solution providers," happily suggesting that competitors would also be affected. The ban is apparently scheduled for May 1st, so there won't be long to wait -- at the very least, we'll see who's telling the truth two weeks from today.
EVE Evolved: The great wormhole heist, part 2
One of the most common things I hear from people who don't play EVE Online is that they don't like the game itself but they absolutely love the stories that come out of it. There's something inherently brutal and visceral about the stories players act out every day in EVE's colossal sandbox. Tales of high-profile thefts and political intrigue occasionally creep into the media and grab our attention, but stories of that sort are a lot more common than you'd think. Last year, we told one such story of a player's descent into criminality and revenge taken too far. In last week's EVE Evolved, I began to tell the true tale of that same player in one of his biggest heists to date. If you haven't read the first part of this story yet, head back to last week's EVE Evolved before reading on. A matter of time Having discovered an opportunity for theft much greater than expected, Scott recognised that he would need help to pull off a successful heist. With the wormhole corporation's assets within Scott's reach, a sense of urgency began to overtake him. Based on discussions with his new corp members, he knew that the group's wormhole tenancy had just begun and that they were still in the process of clearing the starbase up following a frantic move-in. This explained the secure containers littering space -- a temporary measure to be used until an adequate hangar permission scheme could be created. In this week's conclusion of the story of the great wormhole heist, Scott discovers allies in some unexpected places and finds out first-hand whether there really is no honour amongst thieves.
India wants to spy on Nokia users, BlackBerry fans no longer feel special
Poor Nokia, between having to abandon its Symbian baby and hawk anachronistic wares at a Microsoft event, it's had a pretty rough go of it recently. Now India's Ministry of Home Affairs wants to block the launch of the company's new push email service until a monitoring system can be put in place. According to The Economic Times, the Department of Telecommunications is being asked to hold back the service until the intelligence community has a way to spy on messages being sent. RIM recently fought a similar battle with the Indian government, as well as those in Saudi Arabia and the United Arab Emirates. Looks like the two companies share more in common than just their slip from the top of the smartphone heap.
EVE Evolved: The great wormhole heist, part 1
Several years ago, EVE Online's Community Manager CCP Wrangler made a statement that I felt really crystalised the sentiment behind the game. He said that "EVE isn't designed to just look like a cold, dark and harsh world; it's designed to be a cold, dark and harsh world." Although most of us are content to indulge ourselves in PvP, market games and other traditional modes of gameplay, a criminal underworld runs beneath that innocuous surface. A significant few carve their own illicit destinies from the void, stealing and cheating their way to the top. Whether these space-faring cyber-criminals are in it for fame and riches, political influence, or their own personal goals, the stories of their actions in EVE's colossal sandbox never fail to grip us. High-profile thefts like the Guiding Hand Social Club heist of 2005, the closure of EBank, and last year's Titans4U scandal have been made very public, and smaller-scale crimes occur every day in New Eden. Last year, we brought you the true tale of one player's revenge taken too far -- a story of corporate infiltration, social deception and utter destruction. Although this was Scott's first foray into criminality, it was most certainly not his last. The events in this week's story are true, but the names of the players and corporations involved have been changed. In this week's EVE Evolved, Scott returns as I begin to tell the true story of his huge wormhole heist.
