Category Archives: MOBILE STUFF

FBI head insists that Apple hack request be complied with

apple logo white on black-image www.intelagencies.com usa country flag image www.intelagencies.com

fbi_logo-blue-image www.intelagencies.com

The director of the US Federal Bureau of Investigation has defended his legal fight with Apple over encryption, saying the case involving the San Bernardino shooter’s iPhone was “quite narrow” and not intended to set a precedent.

In the latest volley of an escalating war of words between the US authorities and the world’s most valuable company, James Comey made an emotional appeal to Apple and the US public in a blog post on specialist legal site Lawfare.

More

On this story

On this topic

IN US Politics & Policy

“We can’t look the survivors in the eye, or ourselves in the mirror, if we don’t follow this lead,” he said. “We don’t want to break anyone’s encryption or set a master key loose on the land.”

The FBI director wrote that the tension between privacy and safety “should not be resolved by corporations that sell stuff for a living. It also should not be resolved by the FBI, which investigates for a living.”

Instead, he continued, the matter should be settled “by the American people” and called for a “long conversation” on the matter.

Mr Comey’s blog post comes ahead of Apple’s legal response later this week to a case that began last Tuesday when a judge in California ordered the iPhone maker to create tools that would help the FBI unlock a device used by Syed Rizwan Farook before he killed 14 people in December.

Tim Cook, Apple’s chief executive, has refused to comply with the order, calling the demand for what he called a “back door” into the iPhone an “over-reach” by the authorities that has “chilling implications” for its customers’ privacy. Several other Silicon Valley companies, including Google and Facebook, have supported Apple’s position.

On Friday the US Department of Justice and Apple traded blows over both the intent behind the order and the handling of the investigation. The DoJ accused Apple of putting concerns about its “marketing strategy” ahead of its legal obligations and said Mr Cook had made “numerous mischaracterisations” of the government’s case.

Apple executives denied that allegation and implied that the FBI had bungled an opportunity to gain access to data stored on Farook’s iPhone, by changing the iCloud password in the hours after he was killed in a shootout with officers.

That password reset prevented the iPhone from sending its data to Apple’s servers through an automatic back-up, where it could be accessed by the company and the FBI through a standard legal process.

You need JavaScript active on your browser in order to see this video.

No video

The FBI on Saturday denied wrongdoing in that situation, saying the iCloud reset was a “logical next step” in its investigation and “does not impact Apple’s ability to assist with the court order”.

“It is unknown whether an additional iCloud back-up of the phone after that date — if one had been technically possible — would have yielded any data,” the FBI said.

Mr Comey on Sunday night attempted to step over the row about the iCloud back-up and appealed to the broader principles at stake in what he called a “heartbreaking” case of terrorism.

“The San Bernardino litigation isn’t about trying to set a precedent or send any kind of message. It is about the victims and justice,” he wrote in his post, which does not directly mention Apple or the iPhone by name.

Apple must file its legal response to the judicial order by Friday, which is also the day the company holds its annual shareholder meeting at its Cupertino headquarters.

One survey late last week showed that US public opinion is finely balanced on the issue. An online poll of 1,093 US adults by SurveyMonkey found that 51 per cent agreed with the FBI while 49 per cent took Apple’s side. Even among iPhone owners, a narrow majority backed the FBI in the dispute.

dfi7v

Henry Sapiecha

Meet the phone cracker Navid Sobbi explains what a treasure trove of information your phone can be and how to protect your information.

If you thought wiping your mobile phone once to delete its contents, or having a passcode to protect it from prying eyes was enough, think again.

Meet the ultimate mobile phone data extractor, a $40,000 Israeli-made machine manufactured by Cellebrite and used by private investigator Navid Sobbi’s business National Surveillance and Intelligence and numerous law-enforcement agencies around the word.

The machine can crack passwords and extract varying degrees of data from almost every smartphone on the market bar a number of Blackberry models and the iPhone 5 and above. Photos, texts, locations and more can be extracted from the phone’s memory even if previously wiped.

The Cellebrite system phone access image www.intelagencies.com

Navid connects an iPhone up to a laptop to begin examination of the data recovered. Photo: Tessa Stevens

In total, the device claims to be able to extract varying degrees of data from about 8000 phone models. Newer iPhones are not susceptible to the password cracking because Apple’s encryption methods have improved over time, but most phones are still able to have their data extracted if the password is provided, Mr Sobbi said.

“If it’s a smartphone such as Android or Apple we can get absolutely everything,” he said.

“So that’s locations, SMS, MMS, passwords, notes, emails and call logs.”

The Cellebrite system phone access image www.intelagencies (1)

The Cellebrite system has a cable for every phone on the market. Photo: Tessa Stevens

Often data from mobile phones is used to corroborate or disprove theories in criminal trials.

In one recent case, US forensic investigators looked at data stored on murder suspect Pedro Bravo’s smartphone to infer he used the phone’s flashlight when he buried the body of a former friend in a remote wooded area. Bravo was later found guilty of the murder.

Mr Sobbi said most phones were “easy” to get into.

The Cellebrite system phone access image www.intelagencies (2)

The Cellebrite system can extract data from a variety of phones. Photo: Tessa Stevens

He said the could bypass an iPhone 4 passcode and get into the phone “within about five minutes”.

Some Android phones, such as the HTC One, were also easy to crack but piecing the data together was a time consuming task. Blackberrys for example were “extremely hard to get into”, he said.

Blackberry is well known for its secure phones, being the preferred brand of governments for their leaders and diplomats. Sydney bikies have also reportedly used them to thwart police efforts to intercept their communications.

Based in Sydney, Mr Sobbi has worked with NSW Police on criminal matters and also in tendering evidence for family court cases. He has also assisted with corporate leak investigations, where employees have taken a company’s intellectual property to a competitor.

Those that have accidentally deleted data – like family photos – also go to him for help and in about 90 to 95 per cent of cases he has been able to successfully retrieve the data.

“But it all comes down to how the phone is used,” he said. “So if, for example, the phone has been factory-reset a number of times or damaged, then our success rate is a lot less.”

After using the Cellebrite tool for several years, Mr Sobbi said it was most surprising it could get location data even when a phone’s GPS was turned off.

“We’ve noticed that [some phones] still store probably every 15 minutes or once every hour … a location of where the device is,” Mr Sobbi said.

“Even if [location is] off in the GPS option, it might store it from the cell tower option.”

He advised people to wipe their phones several times before selling or disposing of them.

“When a consumer wants to change their phone or just wants to give their phone to someone else, the best thing to do is at least restore it back to factory settings a minimum of about five times.

“The more you do that the harder it becomes for the forensic examiner to recover the data.”

He said he could also extract data from tablets and computer hard drives.

Although many law-enforcement agencies praise the Cellebrite system, not everyone is happy.

The American Civil Liberties Union of Michigan has previously expressed concern about how its state police force has used the gadget, saying it can “quickly download data from cell phones without the owner of the cell phone knowing it”.

commercial business loans info flyer www.money-au (22)

Henry Sapiecha

Massive security flaw that undermines privacy of mobile phone networks revealed by German researchers

INFORMATION SUPER MOBILE PHONE HIGHWAY SYMBOL IMAGE www.intelagencies.com

Researchers have found a huge security flaw in a system used by the world’s mobile networks. Photo: Glenn Hunt

German researchers have discovered security flaws that could let hackers, spies and criminals listen to private phone calls and intercept text messages on a potentially massive scale – even when mobile networks are using the most advanced encryption now available.

The flaws, to be reported at a hacker conference in Hamburg this month, are the latest evidence of widespread insecurity on SS7, the global network that allows the world’s mobile carriers to route calls, texts and other services to each other. Experts say it’s increasingly clear that SS7, first designed in the 1980s, is riddled with serious vulnerabilities that undermine the privacy of the world’s billions of mobile customers.

The flaws discovered by the German researchers are actually functions built into SS7 for other purposes – such as keeping calls connected as users speed down highways, switching from cell tower to cell tower – that hackers can repurpose for surveillance because of the lax security on the network.

Those skilled at the myriad functions built into SS7 can locate callers anywhere in the world, listen to calls as they happen or record hundreds of encrypted calls and texts at a time for later decryption. There also is potential to defraud users and mobile carriers by using SS7 functions, the researchers say.

These vulnerabilities continue to exist even as mobile carriers invest billions of dollars to upgrade to advanced 3G technology aimed, in part, at securing communications against unauthorised eavesdropping. But even as individual carriers harden their systems, they still must communicate with each other over SS7, leaving them open to any of thousands of companies worldwide with access to the network. That means that a single carrier in Congo or Kazakhstan, for example, could be used to hack into mobile networks in the United States, Europe or anywhere else.

large loan application banners image www.money-au (4)

“It’s like you secure the front door of the house, but the back door is wide open,” said Tobias Engel, one of the German researchers.

Engel, founder of Sternraute, and Karsten Nohl, chief scientist for Security Research Labs, separately discovered these security weaknesses as they studied SS7 networks in recent months, after The Washington Post reported the widespread marketing of surveillance systems that use SS7 networks to locate callers anywhere in the world. The Post reported that dozens of nations had bought such systems to track surveillance targets and that skilled hackers or criminals could do the same using functions built into SS7. (The term is short for Signaling System 7 and replaced previous networks called SS6, SS5, etc.)

The researchers did not find evidence that their latest discoveries, which allow for the interception of calls and texts, have been marketed to governments on a widespread basis. But vulnerabilities publicly reported by security researchers often turn out to be tools long used by secretive intelligence services, such as the National Security Agency or Britain’s GCHQ, but not revealed to the public.

“Many of the big intelligence agencies probably have teams that do nothing but SS7 research and exploitation,” said Christopher Soghoian, principal technologist for the ACLU and an expert on surveillance technology. “They’ve likely sat on these things and quietly exploited them.”

The GSMA, a global cellular industry group based in London, did not respond to queries seeking comment about the vulnerabilities that Nohl and Engel have found. For the Post’s article in August on location tracking systems that use SS7, GSMA officials acknowledged problems with the network and said it was due to be replaced over the next decade because of a growing list of security and technical issues.

The German researchers found two distinct ways to eavesdrop on calls using SS7 technology. In the first, commands sent over SS7 could be used to hijack a mobile phone’s “forwarding” function – a service offered by many carriers. Hackers would redirect calls to themselves, for listening or recording, and then onward to the intended recipient of a call. Once that system was in place, the hackers could eavesdrop on all incoming and outgoing calls indefinitely, from anywhere in the world.

The second technique requires physical proximity but could be deployed on a much wider scale. Hackers would use radio antennas to collect all the calls and texts passing through the airwaves in an area. For calls or texts transmitted using strong encryption, such as is commonly used for advanced 3G connections, hackers could request through SS7 that each caller’s carrier release a temporary encryption key to unlock the communication after it has been recorded.

Nohl on Wednesday demonstrated the ability to collect and decrypt a text message using the phone of a German senator, who cooperated in the experiment. But Nohl said the process could be automated to allow massive decryption of calls and texts collected across an entire city or a large section of a country, using multiple antennas.

“It’s all automated, at the push of a button,” Nohl said. “It would strike me as a perfect spying capability, to record and decrypt pretty much any network. … Any network we have tested, it works.”

Those tests have included more than 20 networks worldwide, including T-Mobile in the United States. The other major US carriers have not been tested, though Nohl and Engel said it’s likely at least some of them have similar vulnerabilities. (Several smartphone-based text messaging systems, such as Apple’s iMessage and Whatsapp, use end-to-end encryption methods that sidestep traditional mobile text systems and likely would defeat the technique described by Nohl and Engel.)

In a statement, T-Mobile said: “T-Mobile remains vigilant in our work with other mobile operators, vendors and standards bodies to promote measures that can detect and prevent these attacks.”

The issue of mobile phone interception is particularly sensitive in Germany because of news reports last year, based on documents provided by former NSA contractor Edward Snowden, that a phone belonging to Chancellor Angela Merkel was the subject of NSA surveillance. The techniques of that surveillance have not become public, though Nohl said that the SS7 hacking method that he and Engel discovered is one of several possibilities.

US embassies and consulates in dozens of foreign cities, including Berlin, are outfitted with antennas for collecting cellular signals, according to reports by German magazine Der Spiegel, based on documents released by Snowden. Many mobile phone conversations worldwide happen with either no encryption or weak encryption.

The move to 3G networks offers far better encryption and the prospect of private communications, but the hacking techniques revealed by Nohl and Engel undermine that possibility. Carriers can potentially guard their networks against efforts by hackers to collect encryption keys, but it’s unclear how many have done so. One network that operates in Germany, Vodafone, recently began blocking such requests after Nohl reported the problem to the company two weeks ago.

Nohl and Engel also have discovered new ways to track the locations of mobile phone users through SS7. The Post story, in August, reported that several companies were offering governments worldwide the ability to find virtually any mobile phone user, virtually anywhere in the world, by learning the location of their mobile phones through an SS7 function called an “Any Time Interrogation” query.

Some carriers block such requests, and several began doing so after the Post’s report. But the researchers in recent months have found several other techniques that hackers could use to find the locations of callers by using different SS7 queries. All networks must track their customers in order to route calls to the nearest cellular towers, but they are not required to share that information with other networks or foreign governments.

Carriers everywhere must turn over location information and allow eavesdropping of calls when ordered to by government officials in whatever country they are operating in. But the techniques discovered by Nohl and Engel offer the possibility of much broader collection of caller locations and conversations, by anyone with access to SS7 and the required technical skills to send the appropriate queries.

“I doubt we are the first ones in the world who realise how open the SS7 network is,” Engel said.

Secretly eavesdropping on calls and texts would violate laws in many countries, including the United States, except when done with explicit court or other government authorization. Such restrictions likely do little to deter criminals or foreign spies, say surveillance experts, who say that embassies based in Washington likely collect cellular signals.

The researchers also found that it was possible to use SS7 to learn the phone numbers of people whose cellular signals are collected using surveillance devices. The calls transmit a temporary identification number which, by sending SS7 queries, can lead to the discovery of the phone number. That allows location tracking within a certain area, such as near government buildings.

The German senator who cooperated in Nohl’s demonstration of the technology, Thomas Jarzombek of Merkel’s Christian Democratic Union party, said that while many in that nation have been deeply angered by revelations about NSA spying, few are surprised that such intrusions are possible.

“After all the NSA and Snowden things we’ve heard, I guess nobody believes it’s possible to have a truly private conversation on a mobile phone,” he said. “When I really need a confidential conversation, I use a fixed-line” phone.

Washington Post

project & construction finance banner image www.money-au.com

Henry Sapiecha

Mobile phone apps still collect data on kids

game playing image www.intelagencies.com

WASHINGTON (AP) — Worried that toy stores, fast food chains, and other retailers are tracking your kids online this holiday season? A landmark 2013 law aimed at protecting the privacy of America’s youngest mobile consumers hasn’t stopped app developers from collecting vast amounts of data, including a person’s location and even recordings of their voice, according to privacy researchers and consumer advocates.

Whether mobile app developers seek parental consent first – as required by law – or pass the information on to advertisers isn’t entirely clear. But if you prefer to stay anonymous, your options are limited: Wade through each mobile app’s privacy policies to make sure you are OK with the terms, or stick the phone on “airplane mode” to shut off the wireless connection and risk losing functionality.

“Kids are such a lucrative market, especially for apps,” said Jeff Chester, executive director of the Center for Digital Democracy. “Unfortunately, there are still companies out there that are more concerned about generating revenue than protecting the privacy of kids.”

Americans have traded vast amounts of personal data in exchange for the ease and functionality of fun mobile applications on their phones. But how is industry using that information? Chester and other consumer advocates allege that fast food chains are increasingly focusing advertising dollars on digital media, targeting blacks and Hispanics. They also warn that data from phones can be combined with offline information like home prices, race or income in ways that could violate fair lending laws. And a new site, PrivacyGrade.org, found that many popular kids’ apps like Talking Tom and Fruit Ninja collect information in ways parents wouldn’t necessarily expect.

Concerned in particular about industries’ focus on kids online, the Federal Trade Commission in July 2013 expanded the Child Online Privacy Protection Act, or COPPA, to require app developers to get parental consent before collecting personal data on anyone younger than 13. That includes information like the unique identifying device on a phone, a person’s phone number or a device’s location.

“It’s upped the ante for companies deciding whether they are going to market to kids,” said Michelle De Mooy of the Center for Democracy and Technology. “And that’s a good thing.”

But with the number of smartphones expected to reach 3.5 billion in the next five years, according to Forrester Research, the mobile app and advertising industry has exploded. Regulators don’t have an easy, automated way of analyzing the hundreds of mobile apps popping up each day.

Since the updated regulation went into effect, the FTC has brought about only two enforcement actions against mobile apps. Last September, the commission announced that Yelp Inc. agreed to pay $450,000 and TinyCo. $300,000 to settle separate charges that their companies knowingly collected information on young children through their mobile apps.

“Our ultimate goal is compliance,” said Kandi Parsons, an attorney in the FTC’s Bureau of Consumer Protection. But “that doesn’t undermine our desire to bring cases against companies that violate COPPA … where we find violations, we will bring cases against mobile apps.”

According to PrivacyGrade.org, which is run by computer scientists at Carnegie Mellon University, scores of apps that collect information are still aimed at kids.

For example, Fruit Ninja collects a phone’s location, which could be passed on to advertisers. And Talking Tom, where kids can talk to and “tickle” an alley cat using the touch screen, collects a child’s audio recordings along with other information that can uniquely identify a phone.

Whether these apps would violate COPPA would depend on a number of factors, including whether and how they seek parental consent. But because these apps collect information in surprising ways, PrivacyGrade.org gave them both D grades.

Outfit7, the developer behind Talking Tom, said in a statement that personal information and recordings are never shared with advertisers. The developer says its app also complies with COPPA by providing “appropriate gate protections … to distinguish adults from minors and restrict sharing on social media,” according to the statement.

Halfbrick Studios, which developed Fruit Ninja, said in a statement that it planned to release updates to Fruit Ninja and other apps to increase privacy protections.

“Parents and players are understandably cautious about the privacy aspects of online games, and the way their data is handled,” said company CEO Shainiel Deo. “Creating a safe and secure app is no longer enough to answer consumers’ needs for assurance. Developers must also ensure that permissions are clearly explained and easy to access at every applicable point in a game.”

Henry Sapiecha