Revealed: How governments can take control of smartphones

Revealed: How governments can take control of smartphones

‘Legal malware’ produced by the Italian firm Hacking Team can take total control of your mobile phone. That’s according to Russian security firm Kaspersky Lab and University of Toronto’s Citizen Lab(which also obtained a user manual).

Operating since 2001, the Milan-based Hacking Team employs over 50 people and offers clients the ability to “take control of your targets and monitor them regardless of encryption and mobility,” while “keeping an eye on all your targets and manage them remotely, all from a single screen.”

It’s the first time Remote Control Systems (RCS) malware has been positively linked with mobile phones and it opens up a new privacy threat potential to mobile phone users.

“Our latest research has identified mobile modules that work on all well-known mobile platforms, including as Android and iOS,” wrote Kaspersky researcher Sergey Golovanov.

“These modules are installed using infectors – special executables for either Windows or Macs that run on already infected computers. They translate into complete control over the environment in and near a victim’s computer. Secretly activating the microphone and taking regular camera shots provides constant surveillance of the target – which is much more powerful than traditional cloak and dagger operations.”

Police can install the spy malware directly into the phone if there is direct access to the device, or if the owner of the phone connects to an already infected computer, according to Wired.

Various softwares can also lure users to download targeted fake apps.

Once inside an iPhone, for instance, it can access and activate all of the following: control of Wi-Fi, GPS, GPRS, recording voice, e-mail, SMS, MMS, listing files, cookies, visited URLs, cached web pages, address book, call history, notes, calendar, clipboard, list of apps, SIM change, live microphone, camera shots, support chats, WhatsApp, Skype, and Viber.

While the malware can be spotted by some of the more sophisticated anti-virus software, it takes special measures to avoid detection – such as “scouting” a victim before installation, “obfuscating” its presence, and removing traces of its activity.
Hacking Team has maintained that its products are used for lawful governmental interceptions, adding that it does not sell items to countries blacklisted by NATO or repressive regimes.

Wired reported that there have been cases where the spying apps were used in illegal ways in Turkey, Morocco, and Saudi Arabia.

Citizen Lab discovered spying malware hiding in a legitimate news app for Qatif Today, an Arabic-language news and information service that reports on events in Saudi Arabia’s eastern Qatif region. It also argued that circumstantial evidence pointed to Saudi Arabia’s government using the spying malware against Shia protesters in the area.

“This type of exceptionally invasive toolkit, once a costly boutique capability deployed by intelligence communities and militaries, is now available to all but a handful of governments. An unstated assumption is that customers that can pay for these tools will use them correctly, and primarily for strictly overseen, legal purposes. As our research has shown, however, by dramatically lowering the entry cost on invasive and hard-to-trace monitoring, the equipment lowers the cost of targeting political threats for those with access to Hacking Team and Gamma Group toolkits,” Citizen Lab said in its report.

Hacking Team controls the spying malware remotely via command-and-control servers. Kaspersky has discovered more than 350 such servers in more than 40 countries. A total of 64 servers were found in the US – more than in any other country. Kazakhstan came in second, with a total of 49 servers found. Thirty-five were found in Ecuador and 32 in the UK.

NSA can easily bug your switched-off iPhone: Here’s how you can stop them

NSA can easily bug your switched-off iPhone: Here's how you can stop them

Edward Snowden’s recent revelation that the NSA can bug cell phones even when they are turned off left some experts split on whether it is true or not. But a group of hackers claim that at least there is a way to protect your phone from spies’ ears.

Snowden, who exposed the American government’s secret mass surveillance program, has been making headlines in the media for almost a year with shocking details about the scale of snooping by the National Security Agency (NSA).

In last week’s interview with NBC, the former CIA employee yet again added to the spreading privacy panic when he said the NSA can actually eavesdrop on cellphones even when they are turned off.

“Can anyone turn it on remotely if it’s off?” Williams asked Snowden referring to the smartphone he used for travel to Russia for the interview. “Can they turn on apps? Did anyone know or care that I Googled the final score of the Rangers-Canadiens game last night because I was traveling here?”

“I would say yes to all of those,” Snowden replied. “They can absolutely turn them on with the power turned off to the device,” he added.

It is not news that American (and possibly not only American) special services have been able to use mobile phones as a spying tool for at least a decade.

Back in 2006, media reported that the FBI applied a technique known as a “roving bug” which allowed them to remotely activate a cell phone’s microphone and listen to nearby conversations.

Pinpointing a person’s location to within just a few meters has not been a problem either thanks to a tracking device built into mobile phones. This option, a party-spoiler for criminals, has also been helpful in finding people who have gone missing or got into trouble. The general belief has been that removing a battery would make tracking impossible.

In July last year, Washington Post wrote that “By September 2004, a new NSA technique enabled the agency to find cellphones even when they were turned off.”

The agency used it to help American forces in Iraq. Joint Special Operations Command (JSOC) called the method “The Find,” and “it gave them thousands of new targets, including members of a burgeoning al-Qaeda-sponsored insurgency in Iraq,” the paper wrote.

It is very likely that the scale of the use of such techniques has grown much bigger and more sophisticated due to SciTech developments. And with millions of people getting addicted to their smartphones – which they carry with them literally everywhere – it is much easier to spy on them.

But, according to a piece published in Wired magazine, there is a way to make sure that no one is listening to you. The article, citing security researchers, says that if an attacker had a chance to install malware before the phone is turned off, the software could make it only look like the phone is shutting down. Instead, it “enters a low-power mode that leaves its baseband chip—which controls communication with the carrier—on”.

Such “playing dead” state would allow the phone to receive commands, including one to activate its microphone, says Eric McDonald, a hardware engineer in Los Angeles told the news outlet. It also gives practical advice on how to deal with the situation. Whether it works or not – is another question.

If you’ve got totally paranoid about your iPhone, you can try to put it into device firmware upgrade (DFU) mode, Eric McDonald, a hardware engineer, told Wired. In this mode, all elements of the phone are shut down except for the USB port which waits for iTunes to install new firmware.

To enter the mode, use any power outlet or computer USB port to plug in the iPhone. Then hold the power button for three seconds, after start holding the home button, too. After 10 seconds, release the power button, but not the home button. Wait for another 10-15 seconds.

The routine is to send “hardware reset” to the phone’s power management unit that overrides any running software, including any malware designed to fake a shutdown, McDonald says.

Now the phone won’t turn on when someone holds the power button or power up when the phone is plugged into a power source and you can leak some NSA secrets to a Glenn Greenwald. But if you decide to make a phone call at some point, you will have to hold the power button and home button together until the Apple logo appears.

The video below explains it with the use of a real iPhone.

There are easier ways to enter a complete shutdown, according to Wired. You can hold the home and power buttons simultaneously for 10 seconds without the DFU button sequence. This will put the phone in too low level a state for anything to able to interact with its baseband.

NSA TO LISTEN TO CONVERSATIONS IN REAL TIME VIA CELLPHONE MIC

New Facebook app another backdoor for government snooping

by PAUL JOSEPH WATSON | MAY 23, 2014

Facebook’s new mobile spy app which listens to a user’s background noise by utilizing the device’s microphone is merely another backdoor via which the NSA and other government agencies will be able to spy on conversations in real time, a technique that we warned about eight years ago.

“Each time I think they’ve become as creepy as possible, somehow they find a way to be even creepier than that,” joked comedian Jimmy Kimmel in response to the announcement, before a skit about how Facebook would soon automatically post your thoughts as a status update.

“Facebook is to release a new feature on its mobile app that “listens” to your music and TV shows,” reports BBC News. “The feature, which will be available in a few weeks’ time, uses the microphones inside users’ smartphones to detect nearby music or TV shows.”

Although Facebook claims the app cannot record conversations, the user agreement for Facebook’s messenger service includes a term that necessitates users to agree to allow their audio to be recorded without permission. Given that microphones on cellphones exist for the sole reason of sending audio of speech, Facebook’s claim that its new app cannot also do so is dubious to say the least.

Such technology was already being mooted eight years ago, when we published an article entitled, Government, Industry To Use Computer Microphones To Spy On 150 Million Americans, in which we explained how, “Private industry and eventually government is planning to use microphones in the computers of an estimated 150 million-plus Internet active Americans to spy on their lifestyle choices and build psychological profiles which will be used for surveillance and minority report style invasive advertising and data mining.”

Given new reports based on the latest Edward Snowden documents which show that the NSA is recording nearly every phone call in entire countries, to think that the federal agency isn’t already utilizing or at least planning to use open microphones on cellphones to spy on Americans would be incredibly naive.

Back in March it was revealed that the NSA is masquerading as Facebook in order to infect millions of computers around the world with malware as part of its mass surveillance program.

“We are sure this will not be abused or hacked by the NSA… and we are sure there will be plenty of small digital print that users will understand… One wonders though, is there any way for non-Facebook users to know that they are being eavesdropped upon?” asks Zero Hedge.

The answer is that every virtually single user of smartphones has given their permission to have their conversations listened to via the device’s microphone. As we have previously highlighted, terms of agreement for both Android and iPhone apps now require users to agree to allow their microphone to be activated at any time without confirmation before they can download the app.

Earlier this year we also reported on how a computer programmer discovered that Google’s Chrome browser had the ability to record conversations without the user’s knowledge.

Gun Confiscati​on Hits U.S. East Coast

The State of Connecticut seems poised to be the first battleground of a new US Civil War as the state is using the Sandy Hook shooting hoax in an attempt to illegally take away the guns of law-abiding American citizens. With the 2nd Amendment and the US Constitution heavily under fire by Socialist politicians and law enforcement who are neglecting their oaths, will Connecticut soon turn into a literal battleground if and when Connecticut police attempt to illegally confiscate guns from Americans who KNOW that THEY are in the right while police and politicians are clearly on the WRONG side of the law and the US Constitution? Before It’s News does not condone violence of any kind but is a strong supporter of the 2nd Amendment and the US Constitution.

Apple security flaw could be a backdoor for the NSA

Apple security flaw could be a backdoor for the NSA

Was the National Security Agency exploiting two just-discovered security flaws to hack into the iPhones and Apple computers of certain targets? Some skeptics are saying there is cause to be concerned about recent coincidences regarding the NSA and Apple.

Within hours of one another over the weekend, Apple acknowledged that it had discovered critical vulnerabilities in both its iOS and OSX operating systems that, if exploited correctly, would put thought-to-be-secure communications into the hands of skilled hackers.

“An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS,” the company announced.

Apple has since taken steps to supposedly patch up the flaw that affected mobile devices running its iOS operating system, such as iPhones, but has yet to unveil any fix for the OSX used by desktop and laptop computers. As experts investigated the issue through the weekend, though, many couldn’t help but consider the likelihood — no matter how modicum — that the United States’ secretive spy agency exploited those security flaws to conduct surveillance on targets.

On Saturday, Apple enthusiast and blogger John Gruber noted on his personal website that information contained within internal NSA documents leaked by former intelligence contractor Edward Snowden last year coincide closely with the release of the affected mobile operating system, iOS 6.

According to a NSA slideshow leaked by Mr. Snowden last June, the US government has since 2007 relied on a program named PRISM that enables the agency to collect data “directly from the servers” of Microsoft, Yahoo, Google, Facebook and others. The most recent addition to that list, however, was Apple, which the NSA said it was only able to exploit using PRISM since October 2012.

The affected operating system — iOS 6.0 — was released days earlier on September 24, 2012.

These facts, Gruber blogged, “prove nothing” and are “purely circumstantial.” Nevertheless, he wrote, “the shoe fits.”

With the iOS vulnerability being blamed on a single line of erroneous code, Gruber considered a number of possibilities to explain how that happened.

“Conspiratorially, one could suppose the NSA planted the bug, through an employee mole, perhaps. Innocuously, the Occam’s Razor explanation would be that this was an inadvertent error on the part of an Apple engineer,” he wrote.

“Once the bug was in place, the NSA wouldn’t even have needed to find it by manually reading the source code. All they would need are automated tests using spoofed certificates that they run against each new release of every OS. Apple releases iOS, the NSA’s automated spoofed certificate testing finds the vulnerability, and boom, Apple gets ‘added’ to PRISM.”

Gruber said he sees five possible scenarios, or “levels of paranoia,” as he put it:

Nothing. The NSA was not aware of this vulnerability.
The NSA knew about it, but never exploited it.
The NSA knew about it, and exploited it.
NSA itself planted it surreptitiously.
Apple, complicit with the NSA, added it.

Of course, Guber added, there is always the possibility that “this is all a coincidence.” He certainly wasn’t the only one to consider it, though.

“Again, all of this is circumstantial and speculative, and Apple has come out numerous times vehemently denying its involvement in any NSA program,” iDownloadblog’s Cody Lee wrote on Monday. “But the timing is rather odd, and it makes you wonder how such a serious bug went undiscovered for over a year.”

Indeed, Apple has since the start of the Snowden leaks adamantly fended off allegations concerning a possible collusion with the NSA. On December 31, 2013, the company even issued a statement insisting “Apple has never worked with the NSA to create a backdoor in any of our products, including iPhone.”

“We will continue to use our resources to stay ahead of malicious hackers and defend our customers from security attacks, regardless of who’s behind them,” Apple said then — nearly two months after acknowledging the major security vulnerability discovered last week.

At the time, though, Apple was responding to another serious allegation that, if correct, gives much more credence to the latest accusations. The Dec. 31 statement was sent hours after security researcher Jacob Appelbaum presented previously unpublished NSA slides at a hacking conference in Germany, including some where the spy agency boasted about being able to infiltrate any iPhone owned by a targeted person.

The NSA, Appelbaum said, “literally claim that any time they target an iOS device, that it will succeed for implantation.”

“Either they have a huge collection of exploits that work against Apple products — meaning they are hoarding information about critical systems American companies product and sabotaging them — or Apple sabotages it themselves.”

Last year, RT reported that the NSA entered into a contract in 2012 with VUPEN, a French security company that sells so-called 0-day exploits to governments and agencies so that vulnerabilities and flaws can be abused before the affected product’s owner is even made aware. It’s likely just another major coincidence that fits the timeframe eerily well, but that contract was signed only days before iOS 6 was released — and, coincidentally, days before the NSA boasted about being able to access Apple communications through its PRISM program.

HOW THE NSA HACKS YOUR IPHONE

.
Following up on the latest stunning revelations released yesterday by German Spiegel which exposed the spy agency’s 50 page catalog of “backdoor penetration techniques”, today during a speech given by Jacob Applebaum (@ioerror) at the 30th Chaos Communication Congress, a new bombshell emerged: specifically the complete and detailed description of how the NSA bugs, remotely, your iPhone. The way the NSA accomplishes this is using software known as Dropout Jeep, which it describes as follows: “DROPOUT JEEP is a software implant for the Apple iPhone that utilizes modular mission applications to provide specific SIGINT functionality. This functionality includes the ability to remotely push/pull files from the device. SMS retrieval, contact list retrieval, voicemail, geolocation, hot mic, camera capture, cell tower location, etc. Command, control and data exfiltration can occur over SMS messaging or a GPRS data connection. All communications with the implant will be covert and encrypted.”

The flowchart of how the NSA makes your iPhone its iPhone is presented below:

•NSA ROC operator
•Load specified module
•Send data request
•iPhone accepts request
•Retrieves required SIGINT data
•Encrypt and send exfil data
•Rinse repeat
And visually:

What is perhaps just as disturbing is the following rhetorical sequence from Applebaum:

“Do you think Apple helped them build that? I don’t know. I hope Apple will clarify that. Here’s the problem: I don’t really believe that Apple didn’t help them, I can’t really prove it but [the NSA] literally claim that anytime they target an iOS device that it will succeed for implantation. Either they have a huge collection of exploits that work against Apple products, meaning that they are hoarding information about critical systems that American companies produce and sabotaging them, or Apple sabotaged it themselves. Not sure which one it is. I’d like to believe that since Apple didn’t join the PRISM program until after Steve Jobs died, that maybe it’s just that they write shitty software. We know that’s true.”

Or, Apple’s software is hardly “shitty” even if it seems like that to the vast majority of experts (kinda like the Fed’s various programs), and in fact it achieves precisely what it is meant to achieve.

Either way, now everyone knows that their iPhone is nothing but a gateway for the NSA to peruse everyone’s “private” data at will. Which, incidentally, is not news, and was revealed when we showed how the “NSA Mocks Apple’s “Zombie” Customers; Asks “Your Target Is Using A BlackBerry? Now What?”

How ironic would it be if Blackberry, left for dead by virtually everyone, began marketing its products as the only smartphone that does not allow the NSA access to one’s data (and did so accordingly). Since pretty much everything else it has tried has failed, we don’t see the downside to this hail mary attempt to strike back at Big Brother and maybe make some money, by doing the right thing for once.

We urge readers to watch the full one hour speech by Jacob Applebaum to realize just how massive Big Brother truly is, but those who want to just listen to the section on Apple can do so beginning 44 minutes 30 seconds in the presentation below.