spying
Latest
Chinese state media accuses Cisco of helping US spies, sees turnabout as fair play
We get the impression China isn't very happy that the names of Huawei and ZTE are being dragged through the mud in the US. Almost directly mirroring some American stances, state-backed Chinese media outlets such as China Economy & Informatization and People's Daily are raising alarm bells over Cisco's presence in a large amount of local network infrastructure, alleging that it's a potential backdoor for espionage; CE&I goes so far as to cite purported experts insisting that the US government could take over Chinese communications in a crisis. China Unicom is acting on the threat by phasing out Cisco gear, the magazine says. Other allegations point to 72 members of Congress possibly being influenced by their Cisco shares and the ever-controversial Patriot Act aiding any nefarious plans. Given the publications' ultimate benefactors, the chances of politics skewing the agenda are high -- although the collective stance underscores just how much tension has surfaced ever since Chinese tech giants got the evil eye.
EVE Evolved: Impressions of the New Eden Open
If you like to watch spaceships shoot at each other with graphs and numbers all over the screen, then the New Eden Open might be right up your street. It's EVE Online's latest competitive tournament and the first one to have a cash prize, pitting teams of players against each other in a bid to win a cut of $10,000 US. Until now, EVE's only foray into the competitive gaming space has been its annual Alliance Tournament in which in-game alliances compete for billions of ISK and blueprints for rare ships. The addition of a cash-prize tournament with fewer entry restrictions is a welcome change; hopefully there are more to come. The Alliance Tournament has historically been filled with drama and politics, with some teams using spies to manipulate the outcome of matches. With real cash prizes on the table, players have worried that even more rampant spying would ruin the New Eden Open. After three weeks of great fights, however, the tournament seems to be going strong. In fact, EVE's metagame has actually helped the tournament in a way that no one expected. In this week's EVE Evolved, I give my impressions of the $10,000 New Eden Open, highlight an early match I liked, and look at the strategies players are using to win.
Huawei complains about US spying allegations, implies McCarthy-style victimization
"We must remember always that accusation is not proof." So begins a report sponsored and published by Huawei, heavily quoting a 1954 US Senate report that condemned McCarthy and his anti-Communist hysteria. The document is a prelude to Huawei's forthcoming public testimony to the U.S. House of Representatives' Intelligence Committee, and its message is clear: the Chinese manufacturer is tired of how it's being treated in America, where numerous telecoms contracts have been blocked over "national security concerns." Huawei wants to be seen as an "opportunity" rather than a "threat," claiming it has scope to expand its 140,000 workforce and would love to create more jobs in America -- if only the US government would remove its "roadblock." Many other arguments are put forward, but some of the most interesting paragraphs deal with the background of Huawei's founder, Ren Zhengfei. The document claims that Zhengfei has been "tragically misunderstood" and that his alleged roles in the People's Liberation Army and Chinese Communist Party (CCP) are "unsubstantiated." The report doesn't deny those memberships ever existed, but instead downplays their significance -- for example by insisting that the CCP is now focused on promoting "private entrepreneurs" and "democratization." We admittedly stopped reading at that point, but if you'd like to continue then the full 78-page PDF, written by Dan Steinbock of the India, China and America Institute, is linked below.
Indian official claims BlackBerry eavesdropping standoff is 'heading towards a resolution'
Oh, bureaucracies, the fun in dealing with them is that you're told exactly what they want you to know -- or at least, believe. That's the name of the game in India, where -- as you're surely aware -- the government has been at odds with RIM for years over its insistence that the Waterloo firm provide the means to monitor encrypted emails and BBM messages. In a revelation that may relate to those BlackBerry servers in Mumbai, R. Chandrasekhar of India's Department of Information Technology has asserted, "The issue is heading towards a resolution." While it's difficult to know whether monitoring is already in place, Chandrasekhar added that, "Law enforcement agencies will get what they need." Another unknown is whether RIM played a role in these developments. For its part, the company claims, "RIM maintains a consistent global standard for lawful access requirements that does not include special deals for specific countries." So, if everything is now clear as mud for you, just remember: that's how those in charge like it.
Huawei working with British spy service to prove its 'kit' is clean
Since Huawei's president formerly served as a senior engineer in the People's Liberation Army of China, it's unsurprising that it's raised the hackles of the US and other countries. It's been blocked from a variety of prime, security-sensitive contracts on suspicion of espionage, but the Chinese company seems bent on proving its honorable intentions, and has opened a "Cyber Security Evaluation Center" in Banbury, UK to do exactly that. According to the Economist, the company will work closely with GCHQ, the British signals-intelligence agency located in nearby Cheltenham, to persuade the UK and other governments that its equipment is trustworthy. It even has security-cleared staff, including some from the British agency, to shake down the gear and ensure it can't be exploited by spooks or crooks. Huawei already has hefty backbone contracts in Canada and New Zealand and is becoming one of the world's largest suppliers of telecom infrastructure, on top of its high ranking as a handset maker. It might hope this new approach will let it break its US and UK market logjam -- but it has a lot of pent-up distrust to overcome.
Former NSA official says agency collects Americans' web data, director denies charges
The NSA director, General Keith Alexander, is coming under scrutiny after he told a crowd gathered at the Def Con hacker conference that the spy agency "absolutely" does not collect data from and maintain files on American citizens. A former official stopped just shy of calling Alexander a liar, accusing him of playing a "word game." William Binney left the department in late 2001, when it became apparent to him that it planned to use the terrorist attacks on September 11th as an "excuse" to launch a data collection program that was already in the planning stages. Alexander for his part maintains that any data, be it web searches, Twitter posts or emails, collected from American citizens is merely incidental, and associated with intelligence gathering on foreign entities. Of course, Binney rejects this claim and testimony from Qwest CEO James Nacchio regarding the NSA's wiretapping program would seem to contradict it. ACLU attorney Alex Abdo, who was on the panel with Alexander, cast further doubt on the director's denial. He noted that loopholes in the law allow the NSA collect vast amounts of information on Americans, without them being the "target" of the surveillance. Since the agency can hold on to any data collected, it can retroactively build dossiers on citizens, should they eventually become the focus of an investigation. For a few more details, hit up the source link.
CIA dragonfly drone almost beat modern UAVs by 40 years, was swatted (video)
US intelligence agencies were just as obsessed with drone spying 40 years ago as they are nowadays -- only then, it was pipe-smoking entomologists and watchmakers who were in charge of building prototypes. Back in the '70s, the CIA needed some kind of miniature flyer to deliver an audio bug, and after considering (and rejecting) a faux bumblebee, decided that a robotic dragonfly would be the best option. The wee UAV used a "miniature fluidic oscillator" as a motor and was propelled by a small amount of gas. It was somehow guided by a laser beam, which served double-duty as the "datalink for the audio sensor payload," according to the CIA Museum. Unfortunately, the insect-based mech proved too difficult to control, especially with any degree of wind, and was eventually scuppered -- all that's left of the now-declassified project is in the video after the break.
RED5 remote control plane can fly like an eagle, spy like one too
RED5's Spy Hawk might look like the stuff of a hobbyist's dreams, but it's not such an innocent craft. The remote control glider does precisely what its moniker implies, melding one part recreation with that other time-honored tradition: espionage. That's right, aspiring CIA-types can get a headstart gathering intel by relaying video captured with the nose-embedded, 5-megapixel camera to the transmitter's built-in 3.5-inch LCD screen. And lest that precious recon get lost, an included 4GB SD card will let you safely save it all for a rainy blackmail kinda day. There's also an autopilot stabilization feature to keep it upright in windy conditions, but temper your excitement, as the drone's 7.4v Li-ion battery is only rated for 15 minutes of uninterrupted privacy invading flight time. If you're spidey senses are a-tinglin' just knowing this sneaky toy plane exists, prepare to make peace with $305 (£249) and pre-order at the source below.
Wi-Spi Helicopter and Intruder RC toys put the childlike wonder back into spying on your neighbors
Sick and tired of spying on the neighbors the old-fashioned way? Good news, all. Interactive Toy Designs showed off two new products in its not-so-subtly named Wi-Spi line of remote control vehicles. Really driving the notion home is the Intruder, the name given to the little red sports car. The helicopter, on the other hand, is called just that, though we're sure you can intrude upon people with the thing, if you really put your mind to it. Both vehicles have built-in cameras that beam live feeds to your iPhone or Android devices. You can also record the video and upload it instantly to social networking sites, to really get that spying 2.0 feel. The Intruder and Helicopter are both arriving in the fall, for $100 and $120, respectively. Edgar Alvarez contributed to this report.
Brits, your government needs you to solve this puzzle
Spare a thought for the British intelligence services. Every time they come up with a clever recruitment drive, their efforts are hampered by yet another off-putting death scene in a certain long-running spy drama. But relax, this particular ciphered job advert is entirely safe. It's been put out by the UK's monitoring service, GCHQ, which is altogether more 9 to 5 than MI5. You simply need to figure out the keyword buried in that daunting grid of characters, submit it via the 'canyoucrackit' link below, and a happy career in headphones and Herman Miller could be yours. On the other hand, people who claim to have beaten the puzzle seem underwhelmed by the response: all it got them, they say, was a shot at a £25k per year position that was already being openly advertised on the web. But, who knows, maybe those guys only think they cracked it?
Georgia Tech spies on nearby keyboards with iPhone 4 accelerometer, creates spiPhone
Ever plopped your cellular down next to your laptop? According Georgia Tech researchers, that common scenario could let hackers record almost every sentence you type, all thanks to your smartphone's accelerometer. They've achieved the feat with an impressive 80 percent accuracy using an iPhone 4, and are dubbing the program they've developed, spiPhone. (Although the group initially had fledgling trials with an iPhone 3GS, they discovered the 4's gyroscope aided in data reading.) If the software gets installed onto a mobile device it can use the accelerometer to sense vibrations within three-inches, in degrees of "near or far and left or right," allowing it to statistically guess the words being written -- so long as they have three or more letters. It does this by recording pairs of keystrokes, putting them against dictionaries with nearly 58,000 words to come up with the most likely results. The group has also done the same with the phone's mics (which they say samples data at a whopping 44,000 times per second vs. the accelerometer's 100), but note that it's a less likely option given the usual need for some form of user permission. Furthermore, they explained that the accelerometer data rate is already mighty slow, and if phone makers reduced it a bit more, spiPhone would have a hard time doin' its thing. The good news? Considering the strict circumstances needed, these researchers think there's a slim chance that this kind of malware could go into action easily. Looks like our iPhone and MacBook can still be close friends... For now. You'll find more details at the links below.
Huawei blocked from first responder network contract, US cites 'national security concerns'
The inability to win US government approval isn't exactly an unfamiliar issue for Huawei, which by now must be conditioned not to expect a nod from major US telecom companies. But now, The Daily Beast reports that the U.S. Commerce Department has made it very clear that the Chinese company won't have a role in building the country's new dedicated first responder wireless network. A spokesman wasn't shy about the reason, either, explaining that Huawei "will not be taking part in the building of America's interoperable wireless emergency network for first responders due to U.S. government national security concerns." And what about those national security concerns? Well, Huawei president Ren Zhengfei's former role as a People's Liberation Army technologist may have something to do with it, considering it wouldn't be unreasonable to suspect that he still has some fairly close ties to Chinese government officials. We haven't heard a peep from the feds regarding Huawei's invitation for US officials to investigate the company earlier this year, but it's safe to assume that the investigation either didn't go very well, or more likely that it hasn't happened at all. We imagine that whole corporate espionage debacle probably didn't help the company, either.
Wireless snooping WASP drone knows you want extra jalapeños, no sliced tomato
This fearsome contraption is the handiwork of a couple of amateur DEFCON-types who reckoned that any self-respecting spy plane ought to be able to impersonate cellphone towers. And that's exactly what the Wireless Aerial Surveillance Platform does -- it tricks AT&T and T-Mobile handsets into connecting to it, then re-routes the incoming calls via VOIP so they don't drop, while simultaneously recording all conversations to 32GB of onboard storage. It can also handle a bit of WiFi snooping on the side, thanks to a Linux-based hacking toolkit and a 340 million word dictionary for guessing passwords. What's more, the WASP apparently achieves all of this without breaking a single FCC regulation. So, er, that's fine then. Oh yeah, and we don't want any of that stuffed crust nonsense, you hear?
Automated shoulder surfing makes it easier to steal passwords, isn't very tubular, brah (video)
Here's something mildly terrifying to chew on: researchers in Italy have developed a way to automatically harvest anything you type on your smartphone's touchscreen, using only a camera placed over your shoulder. The software, created by Federico Maggi and his team from the Politecnico di Milano, takes advantage of the magnified touchscreen keys you'll find on most iOS, Android and BlackBerry devices. Because these magnifications often pop up in predictable positions, the spying system can recognize and record them with relative ease, with the help of a camera aimed at a targeted display. And it's not like bobbing and weaving around will help evade its watchful eye, since the apparatus can instantly detect sudden movements and adjust its gaze accordingly. Researchers say their tool is capable of accurately recognizing up to 97 percent of all keystrokes and is fast enough to transmit copied passwords in "quasi real-time," which must be music to a lazy criminal's ears. Tiptoe past the break to see the beast in action and spend the rest of your life in an everlasting state of fear.
Wings Over Atreia: Milking the cash cow
Although it is so far out on the scale of probability that it is tipping into impossibility, there is a remote chance that some player in Aion does not know about NCsoft's cash shop. After all, we are often assaulted with advertisements for new goodies offered at the NCsoft Store front-and-center on the launchpad; if you have logged into the game any time in the last couple of months, you have seen offerings of cosmetic clothing, exclusive pets, and weapon skins. Now I can understand ponying-up for a character name-change since the user is asking for a smidgen of change in code. Changing gender -- sure, why not? Server transfers definitely involve a bit of work, so making this a paid service also makes sense. Cosmetic surgery, however, is harder for me to accept since I have played a game that offered it in-game as a service performed by a specific class. But what about all of the extra items? The little perks, the fluff, and limited-time deals? Grab your wallet and join me past the break for a discussion on fleecing customers (I mean offering deals, really) and to see some items that I personally would like to implement.
UAE plans enterprise-class messaging ban for individuals and small companies?
Seems the United Arab Emirates wasn't satisfied with the spying agreements that RIM put in place -- now, the government's Telecommunications Regulatory Authority will reportedly restrict BlackBerry Enterprise Server (BES) services to companies with more than twenty BlackBerry accounts each. Interestingly, the TRA itself denies that any services will be halted to individuals or small firms, even as RIM itself claims that such a ban will indeed take effect, though RIM also claims that it "would be an industrywide policy applying equally to all enterprise solution providers," happily suggesting that competitors would also be affected. The ban is apparently scheduled for May 1st, so there won't be long to wait -- at the very least, we'll see who's telling the truth two weeks from today.
EVE Evolved: The great wormhole heist, part 2
One of the most common things I hear from people who don't play EVE Online is that they don't like the game itself but they absolutely love the stories that come out of it. There's something inherently brutal and visceral about the stories players act out every day in EVE's colossal sandbox. Tales of high-profile thefts and political intrigue occasionally creep into the media and grab our attention, but stories of that sort are a lot more common than you'd think. Last year, we told one such story of a player's descent into criminality and revenge taken too far. In last week's EVE Evolved, I began to tell the true tale of that same player in one of his biggest heists to date. If you haven't read the first part of this story yet, head back to last week's EVE Evolved before reading on. A matter of time Having discovered an opportunity for theft much greater than expected, Scott recognised that he would need help to pull off a successful heist. With the wormhole corporation's assets within Scott's reach, a sense of urgency began to overtake him. Based on discussions with his new corp members, he knew that the group's wormhole tenancy had just begun and that they were still in the process of clearing the starbase up following a frantic move-in. This explained the secure containers littering space -- a temporary measure to be used until an adequate hangar permission scheme could be created. In this week's conclusion of the story of the great wormhole heist, Scott discovers allies in some unexpected places and finds out first-hand whether there really is no honour amongst thieves.
India wants to spy on Nokia users, BlackBerry fans no longer feel special
Poor Nokia, between having to abandon its Symbian baby and hawk anachronistic wares at a Microsoft event, it's had a pretty rough go of it recently. Now India's Ministry of Home Affairs wants to block the launch of the company's new push email service until a monitoring system can be put in place. According to The Economic Times, the Department of Telecommunications is being asked to hold back the service until the intelligence community has a way to spy on messages being sent. RIM recently fought a similar battle with the Indian government, as well as those in Saudi Arabia and the United Arab Emirates. Looks like the two companies share more in common than just their slip from the top of the smartphone heap.
EVE Evolved: The great wormhole heist, part 1
Several years ago, EVE Online's Community Manager CCP Wrangler made a statement that I felt really crystalised the sentiment behind the game. He said that "EVE isn't designed to just look like a cold, dark and harsh world; it's designed to be a cold, dark and harsh world." Although most of us are content to indulge ourselves in PvP, market games and other traditional modes of gameplay, a criminal underworld runs beneath that innocuous surface. A significant few carve their own illicit destinies from the void, stealing and cheating their way to the top. Whether these space-faring cyber-criminals are in it for fame and riches, political influence, or their own personal goals, the stories of their actions in EVE's colossal sandbox never fail to grip us. High-profile thefts like the Guiding Hand Social Club heist of 2005, the closure of EBank, and last year's Titans4U scandal have been made very public, and smaller-scale crimes occur every day in New Eden. Last year, we brought you the true tale of one player's revenge taken too far -- a story of corporate infiltration, social deception and utter destruction. Although this was Scott's first foray into criminality, it was most certainly not his last. The events in this week's story are true, but the names of the players and corporations involved have been changed. In this week's EVE Evolved, Scott returns as I begin to tell the true story of his huge wormhole heist.
Researchers eavesdrop on encrypted GSM call: all you need is a $15 phone and 180 seconds
It's hardly a fresh idea -- researchers have claimed that GSM calls could be cracked and listened in on for years. But there's a difference between being able to do something with a $50,000 machine and a warrant, and being able to do the same thing with a few $15 Motorola phones, a laptop, open source software and 180 seconds of spare time. Security Research Labs researcher Karsten Nohl and OsmocomBB project programmer Sylvain Munaut recently spoke about a new GSM hack at the Chaos Communication Conference in Berlin, and they were able to walk the audience through the eavesdropping process in a matter of minutes. According to them, it's not terribly difficult to use a $15 handset to "sniff out" location data used to correctly route calls and texts, and once you've nailed that down, you could use modified firmware to feed raw data into a laptop for decryption. Using a 2TB table of precomputed encryption keys, a cracking program was able to break in within 20 seconds -- after that, you're just moments away from recording a live GSM call between two phones. Of course, speeches like these are made to encourage security officials to beef up the layers between you and ill-willed individuals, but it's hard to say what (if anything) will change. For now, we'd recommend just flying to each and every person you'd like to speak with. Unless you live in the Greater New York area -- you're probably better off risking a hacked conversation than heading out to LGA / JFK / EWR.
