Archive for August 2016

iPhone Spyware Flaw Unfolds

Apple’s most recent iOS operating system was found to have software flaws that made it incredibly easy for a hacker to install spyware on a victim’s device. According to security experts, the security breach could be set in motion simply by tricking a target into clicking on a link.

apple2The vulnerability was discovered when a human rights lawyer alerted security researchers that he was receiving unsolicited text messages. The researchers ultimately isolated three previously unknown flaws within the most recent version of Apple’s iOS, a discovery which has already resulted in Apple’s release of a software update that patches the vulnerabilities.

The security researchers were employees of two different firms: Citizen Lab and Lookout. Both firms held back on announcing the discovery until Apple had issued the new update.

The text messages received by human rights lawyer Ahmen Mansoor were sent on August 10th and 11th. The texts promised Mansoor that if he clicked the links, he would be able to access “secrets” regarding people being allegedly held and tortured in the United Arab Emirates’ jails.

According to Citizen Lab, had Mansoor clicked on the links, his iPhone 6 would have become jailbroken and unauthorized software would have been installed on his device.

“Once infected, Mansoor’s phone would have become a digital spy in his pocket, capable of employing his iPhone’s camera and microphone to snoop on activity in the vicinity of the device, recording his WhatsApp and Viber calls, logging messages send in mobile chat apps, and tracking his movements,” Citizen Lab explained. “We are not aware of any previous instance of an iPhone remote jailbreak used in the wild as part of a targeted attack campaign, making this a rare find.”

Lookout called the malware “the most sophisticated spyware package we’ve seen.”

“It takes advantage of how integrated mobile devices are in our lives and the combination of features only available on mobile- always connected (wi-fi, 3G/4G), voice communications, camera, email, messaging, GPS, passwords and contact lists.”

apple3Researchers have attributed the bug’s creation to an Israeli cyber-war company called the NSO Group. NSO then issued a statement confirming that it creates technology to “combat terror and crime” but denying that it was responsible for the spyware.

Previously unknown vulnerabilities that are readily exploitable in a product’s hardware or software are called “zero-day flaws.” According to Professor Alan Woodward, for a zero-day to be found in the software of something so widely used is “rather rare.”

“To have several found at once is even rarer. As can be seen from how these have been exploited to date, it represents a serious threat to the security and privacy of iOS users,” he continued.

“Apple has been remarkably responsive in providing fixes for these issues, so I would encourage any iOS users to update to the latest version of the operating system.”

While the flaw reveals the intimidating reality of sophisticated hackers with political agendas, the response made by the wary target, security researchers and Apple demonstrate the responsibility and capability of people set on countering cyber crime.

Why Facebook isn’t a Technology Company

Believe it or not at the close of the trading this last Monday, the top 5 global companies in terms of their market capitalization were all U.S. tech companies. Not surprisingly they were in this order: Apple at number one, Alphabet(google) coming in at number 2, Microsoft in a respectable number 3 spot, Amazon coming in at 4, and finally in the number 5 sport was Facebook.

Bloomberg, which reported on this apparent milestone insisted that this “tech sweep” is unprecedented, not even during the dot-com boom did anything close to this happen. Back in 2011 however, we can remember when the Exxon and Shell held the 2 top spots was the last time anything kind of similar happened so that should give you some perspective.

However, if we look a bit deeper at what Facebook is, and the service they provide is peculiar to call them a technology company as such. But to deny that moniker to firms that make diesel trains, oil drilling platforms, vital infrastructure and engineering designs seems a bit odd.

Consider that part of the problem in this regard has to do with the private language that we use when it comes to business and more importantly finance. Because think about it what technology has Facebook put out that has ever been ground breaking in and of itself, and how can it be said that they are even capable to doing so. They really can’t nor are they in a position to ever make mores in this regard. Why should they, as long as they keep the lights on and maintain a website that is great in spite of their direct influence not because of it, people will continue to beat down the doors to throw money at them and jam it down their throats.

Consider a company like Microsoft for example. Microsoft very easily and neatly fits into their square definition of what it is to be a technology company, given their development of things like technology and software and computer services. Almost the entirely of Google’s and Facebook’s money is generated from their advertising. In Facebook’s case it is more than 95 percent on most days. By that metric it is ease to see that there is in fact an argument that those firms are really media industry companies with a focus on broadcasting and entertainment. In the case of Alphabet though it is a lot like GE or in a lot of ways it aspires to be, with its investments in automotive self driving cars as well as health care, and in more than one case they try to do the whole utilities thing. Now When we look at what Facebook is doing in regards to other plays there simply aren’t any. Facebook has never created an original idea, they just branded and marketed the hell out of old ones. So to say that they are a tech company is confused from the onset if the only qualification to be one is that you take advantage of the technological developments of your time. If that were the case every company would fall under this umbrella.

-->