Resources

“Tinder isn’t as private as many of its users think, and a new website which aims to exploit that is causing concern among users of the dating app.

“Swipebuster” promises to let Tinder users find out whether people they know have an account on the dating app, and even stalk them down to their last known location.

The website charges $4.99 (£3.50) to let someone see whether the target is using Tinder, and can narrow down results by first name, age, gender and location.

But it doesn’t do so by hacking into Tinder, or even by “scraping” the app manually. Instead, it searches the database using Tinder’s official API, which is intended for use by third-party developers who want to write software that plugs in with the site. All the information that it can reveal is considered public by the company, and revealed through the API with few safeguards.

Although the site seems targeted at those who want to catch cheating partners on the app, its developer says he had a different motivation in mind, telling Vanity Fair that he wanted to highlight oversharing online.

“There is too much data about people that people themselves don’t know is available,” the anonymous developer said. “Not only are people oversharing and putting out a lot of information about themselves, but companies are also not doing enough to let people know they’re doing it.”

But the argument that Swipebuster is made to highlight privacy breaches on Tinder’s part seems questionable when one looks at the website itself. Under a headline reading “Find out if they’re using Tinder for only $4.99”, the site says nothing about privacy or expectations thereof, instead offering only a walkthrough for users who want to pay for its services. An animated gif showing the process ends with an image of the supposed target superimposed with the word “Busted”.

“Soft robots that can grasp delicate objects, computer algorithms designed to spot an “insider threat,” and artificial intelligence that will sift through large data sets — these are just a few of the technologies being pursued by companies with investment from In-Q-Tel, the CIA’s venture capital firm, according to a document obtained by The Intercept.

Yet among the 38 previously undisclosed companies receiving In-Q-Tel funding, the research focus that stands out is social media mining and surveillance; the portfolio document lists several tech companies pursuing work in this area, including Dataminr, Geofeedia, PATHAR, and TransVoyant.”

Source: https://theintercept.com/2016/04/14/in-undisclosed-cia-investments-social-media-mining-looms-large/

And…

“SKINCENTIAL SCIENCES, a company with an innovative line of cosmetic products marketed as a way to erase blemishes and soften skin, has caught the attention of beauty bloggers on YouTube, Oprah’s lifestyle magazine, and celebrity skin care professionals. Documents obtained by The Intercept reveal that the firm has also attracted interest and funding from In-Q-Tel, the venture capital arm of the Central Intelligence Agency.

The previously undisclosed relationship with the CIA might come as some surprise to a visitor to the website of Clearista, the main product line of Skincential Sciences, which boasts of a “formula so you can feel confident and beautiful in your skin’s most natural state.”

Though the public-facing side of the company touts a range of skin care products, Skincential Sciences developed a patented technology that removes a thin outer layer of the skin, revealing unique biomarkers that can be used for a variety of diagnostic tests, including DNA collection.

Skincential Science’s noninvasive procedure, described on the Clearista website as “painless,” is said to require only water, a special detergent, and a few brushes against the skin, making it a convenient option for restoring the glow of a youthful complexion — and a novel technique for gathering information about a person’s biochemistry.”

Source: https://theintercept.com/2016/04/08/cia-skincare-startup/

“Tomorrow marks the 35th anniversary of Food Not Bombs—the name given to autonomous groups and independent collectives that serve free vegan and vegetarian food in opposition of poverty and hunger, and also in protest of economic disparity and rapacious militarism. But, “despite seemingly the non-controversial nature of the activist group’s titular three-word mission statement, FBI files released earlier this week show that serving up home-cooked vegan moussaka is apparently enough to warrant suspicions of terrorism.

The files, which begin in the early naughts, appear to be focused on one particular FNB chapter based out of Virginia Commonwealth University in Richmond, Virginia. The bulk of the records concern the organization’s rather obvious opposition to the Iraq war.

In fact, the release included a CD comprised of extensive surveillance footage from an anti-war protest in Richmond on July 3rd, 2003.”

“Security researcher Mike Olsen has warned that some products sold through the Amazon marketplace are habouring a dark secret — malware.

Olsen said in a blog post that while scouring Amazon for a decent set of outdoor surveillance cameras for a friend, he came across a deal for 6 PoE cameras and recording equipment.

The seller, Urban Security Group, had generally good reviews and was offering a particular Sony setup on sale.

After purchasing the kit, Olsen started setting up the surveillance system, logging into the administrator panel to configure it.

While the page hosted the camera feed, no “normal controls or settings were available,” according to the researcher.

”Being one of those guys who assumes bad CSS, I went ahead and opened up developer tools,” Olsen said.

”Maybe a bad style was hiding the options I needed. Instead what I found tucked at the bottom of the body tag was an iframe linking to a very strange looking host name.”

Further investigation revealed the host name, Brenz.pl, is linked to malware distribution.

According to cybersecurity firm Securi, Brenz was first spotted distributing malware back in 2009 before being shut down, but reemerged in 2011. Compromised domains link to the address through malicious iFrames for the purpose of distributing malware hosted on the website.

VirusTotal recognizes the web domain as a malicious source and scans reveal that Trojans and viruses may be hosted by Brenz.pl.

If the device’s firmware links to this domain, malware can be downloaded and installed, potentially leading to unlawful surveillance and data theft.

The problem was also recently brought up in a forum post on the SC10IP firmware, which is used in commercial products and also links to Brenz.pl.

Threats do not just come from dodgy social media links, phishing campaigns or social engineering — firmware can host malware, too.

The take-home from this is that any device, especially when it contains networking or Internet capabilities, can harbour threats to personal safety and data security, and while the average person is unlikely to do a full-scale code search, checking reviews and alerts for such products online is worthwhile — even if the platform is trusted.

”Amazon stuff can contain malware,” Olsen said.”

“Research suggests that widespread awareness of mass surveillance could undermine democracy by making citizens fearful of voicing dissenting opinions in public. A paper published in Journalism and Mass Communication Quarterly, the flagship peer-reviewed journal of the Association for Education in Journalism and Mass Communication (AEJMC), found that “the government’s online surveillance programs may threaten the disclosure of minority views and contribute to the reinforcement of majority opinion.” The NSA’s “ability to surreptitiously monitor the online activities of U.S. citizens may make online opinion climates especially chilly” and “can contribute to the silencing of minority views that provide the bedrock of democratic discourse,” the researcher found.”

“About 2pm on Monday, December 15, Rebecca Kay took a phone call from NSW Police Counter-Terrorism.

The officer wondered if she could help police find an Islamic State flag. This was one of the demands of Man Haron Monis, the gunman holding 18 hostages at the Lindt cafe in Martin Place.

”And if they give him a flag he was going to exchange it for a hostage,” says Ms Kay, a convert to Islam who has become a prominent community member in western Sydney.

Ms Kay was one of several people contacted that afternoon, and she was only too willing to help.

”A lot of people in the Muslim community were devastated,” she says. “We were ready to jump – ‘just say how high’ – to help police prevent a tragedy.”

Ms Kay believes she called as many as 50 people, but finding an IS flag – or anyone willing to admit they had one – proved no easy task.

And soon her contacts started asking: “Are we being set up?”

”They were very suspicious,” she says. “Some accused me of being an informant.”

But she counselled that they should try to help.

And the officer kept calling back, “three or four times over the next hour to see if I had got an Islamic State flag or not. There was a sense of urgency that I get it and that I take it down to Bankstown police station, and they were going to put it in a patrol car, with the lights [flashing], and bring it to the city.”

Monis’s hostages recited his demands on Facebook and YouTube, as police worked to have them taken down. Hostage Julie Taylor, a barrister, said he would free five hostages if Prime Minister Tony Abbott called him to record a short conversation to be played on air. He would release two if the politicians told “the truth, which is that this is an attack by Islamic State against Australia”. And he would allow one to go if the flag were delivered.”

 
“In the end, Ms Kay says, police sourced their own flag. But then they told her it had been decided there would be no trade with Monis in any case.

By now she had burnt many bridges in her own community.

It got worse. About 2am the next morning – about the time of the deadly final shootout inside the Lindt cafe – NSW police searched the western Sydney home of one of the young men she had contacted. He had considered handing over his flag to Ms Kay but then thought, no, it was a trap.

”And so he then believed I did try to set him up,” she says.

The next morning, she was told, the Australian Federal Police raided the homes of another two men who had been contacted during the community’s urgent attempt to help save hostages.

“Obviously, they were listening to all our phone calls,” Ms Kay says.

“I want to be able to have dealings with police … but when it gets thrown back in your face, it sets us back two steps.”

Lawyer Zali Burrows, who represents some of the people who tried to help police, wonders: “Why didn’t they just print one out.” A laser printer could have produced the flag on cloth and they could have delivered it in half an hour, she says.

Lydia Shelly, a solicitor from the Muslim Legal Network, says: “Our overriding concern was with the safety of those innocent Australians being held against their will.”

Police would not respond to questions about the flag or whether they intended to allow Monis to display it to the world’s televisions and risk him winning the support of other extremists.

Ms Kay says there is nothing sinister about the flag that Islamic State has misappropriated. It depicts the prophet’s seal and “it’s a flag that Muslims should have. It’s not our fault that these barbarians have taken it as their flag.”

She says she would want to help police in another such crisis, but: “They’re not building trust. With this incident they have not built trust at all.

”You don’t understand the pressure cooker we’re in and the interference that the AFP and ASIO have, and the fear that they create, and how they stalk – and I can say stalk with confidence – members of our community and instil fear in their families and ostracise them from their workplace and the people they know, so they become paranoid and they don’t interact with anyone.”

”This is the kind of norm they’ve created here, where no one trusts anyone anymore.””

“German researchers have discovered security flaws that could let hackers, spies and criminals listen to private phone calls and intercept text messages on a potentially massive scale – even when cellular networks are using the most advanced encryption now available.

The flaws, to be reported at a hacker conference in Hamburg this month, are the latest evidence of widespread insecurity on SS7, the global network that allows the world’s cellular carriers to route calls, texts and other services to each other. Experts say it’s increasingly clear that SS7, first designed in the 1980s, is riddled with serious vulnerabilities that undermine the privacy of the world’s billions of cellular customers.

The flaws discovered by the German researchers are actually functions built into SS7 for other purposes – such as keeping calls connected as users speed down highways, switching from cell tower to cell tower – that hackers can repurpose for surveillance because of the lax security on the network.

Those skilled at the myriad functions built into SS7 can locate callers anywhere in the world, listen to calls as they happen or record hundreds of encrypted calls and texts at a time for later decryption. There also is potential to defraud users and cellular carriers by using SS7 functions, the researchers say.

These vulnerabilities continue to exist even as cellular carriers invest billions of dollars to upgrade to advanced 3G technology aimed, in part, at securing communications against unauthorized eavesdropping. But even as individual carriers harden their systems, they still must communicate with each other over SS7, leaving them open to any of thousands of companies worldwide with access to the network. That means that a single carrier in Congo or Kazakhstan, for example, could be used to hack into cellular networks in the United States, Europe or anywhere else.

“It’s like you secure the front door of the house, but the back door is wide open,” said Tobias Engel, one of the German researchers.

Engel, founder of Sternraute, and Karsten Nohl, chief scientist for Security Research Labs, separately discovered these security weaknesses as they studied SS7 networks in recent months, after The Washington Post reported the widespread marketing of surveillance systems that use SS7 networks to locate callers anywhere in the world. The Post reported that dozens of nations had bought such systems to track surveillance targets and that skilled hackers or criminals could do the same using functions built into SS7. (The term is short for Signaling System 7 and replaced previous networks called SS6, SS5, etc.)

The researchers did not find evidence that their latest discoveries, which allow for the interception of calls and texts, have been marketed to governments on a widespread basis. But vulnerabilities publicly reported by security researchers often turn out to be tools long used by secretive intelligence services, such as the National Security Agency or Britain’s GCHQ, but not revealed to the public.

“Many of the big intelligence agencies probably have teams that do nothing but SS7 research and exploitation,” said Christopher Soghoian, principal technologist for the ACLU and an expert on surveillance technology. “They’ve likely sat on these things and quietly exploited them.”

The GSMA, a global cellular industry group based in London, did not respond to queries seeking comment about the vulnerabilities that Nohl and Engel have found. For the Post’s article in August on location tracking systems that use SS7, GSMA officials acknowledged problems with the network and said it was due to be replaced over the next decade because of a growing list of security and technical issues.

The German researchers found two distinct ways to eavesdrop on calls using SS7 technology. In the first, commands sent over SS7 could be used to hijack a cell phone’s “forwarding” function — a service offered by many carriers. Hackers would redirect calls to themselves, for listening or recording, and then onward to the intended recipient of a call. Once that system was in place, the hackers could eavesdrop on all incoming and outgoing calls indefinitely, from anywhere in the world.

The second technique requires physical proximity but could be deployed on a much wider scale. Hackers would use radio antennas to collect all the calls and texts passing through the airwaves in an area. For calls or texts transmitted using strong encryption, such as is commonly used for advanced 3G connections, hackers could request through SS7 that each caller’s carrier release a temporary encryption key to unlock the communication after it has been recorded.

Nohl on Wednesday demonstrated the ability to collect and decrypt a text message using the phone of a German senator, who cooperated in the experiment. But Nohl said the process could be automated to allow massive decryption of calls and texts collected across an entire city or a large section of a country, using multiple antennas.

“It’s all automated, at the push of a button,” Nohl said. “It would strike me as a perfect spying capability, to record and decrypt pretty much any network… Any network we have tested, it works.”

Those tests have included more than 20 networks worldwide, including T-Mobile in the United States. The other major U.S. carriers have not been tested, though Nohl and Engel said it’s likely at least some of them have similar vulnerabilities. (Several smartphone-based text messaging systems, such as Apple’s iMessage and Whatsapp, use end-to-end encryption methods that sidestep traditional cellular text systems and likely would defeat the technique described by Nohl and Engel.)”

 
“In a statement, T-Mobile said: “T-Mobile remains vigilant in our work with other mobile operators, vendors and standards bodies to promote measures that can detect and prevent these attacks.”

The issue of cell phone interception is particularly sensitive in Germany because of news reports last year, based on documents provided by former NSA contractor Edward Snowden, that a phone belonging to Chancellor Angela Merkel was the subject of NSA surveillance. The techniques of that surveillance have not become public, though Nohl said that the SS7 hacking method that he and Engel discovered is one of several possibilities.

U.S. embassies and consulates in dozens of foreign cities, including Berlin, are outfitted with antennas for collecting cellular signals, according to reports by German magazine Der Spiegel, based on documents released by Snowden. Many cell phone conversations worldwide happen with either no encryption or weak encryption.

The move to 3G networks offers far better encryption and the prospect of private communications, but the hacking techniques revealed by Nohl and Engel undermine that possibility. Carriers can potentially guard their networks against efforts by hackers to collect encryption keys, but it’s unclear how many have done so. One network that operates in Germany, Vodafone, recently began blocking such requests after Nohl reported the problem to the company two weeks ago.

Nohl and Engel also have discovered new ways to track the locations of cell phone users through SS7. The Post story, in August, reported that several companies were offering governments worldwide the ability to find virtually any cell phone user, virtually anywhere in the world, by learning the location of their cell phones through an SS7 function called an “Any Time Interrogation” query.

Some carriers block such requests, and several began doing so after the Post’s report. But the researchers in recent months have found several other techniques that hackers could use to find the locations of callers by using different SS7 queries. All networks must track their customers in order to route calls to the nearest cellular towers, but they are not required to share that information with other networks or foreign governments.

Carriers everywhere must turn over location information and allow eavesdropping of calls when ordered to by government officials in whatever country they are operating in. But the techniques discovered by Nohl and Engel offer the possibility of much broader collection of caller locations and conversations, by anyone with access to SS7 and the required technical skills to send the appropriate queries.

“I doubt we are the first ones in the world who realize how open the SS7 network is,” Engel said.

Secretly eavesdropping on calls and texts would violate laws in many countries, including the United States, except when done with explicit court or other government authorization. Such restrictions likely do little to deter criminals or foreign spies, say surveillance experts, who say that embassies based in Washington likely collect cellular signals.

The researchers also found that it was possible to use SS7 to learn the phone numbers of people whose cellular signals are collected using surveillance devices. The calls transmit a temporary identification number which, by sending SS7 queries, can lead to the discovery of the phone number. That allows location tracking within a certain area, such as near government buildings.

The German senator who cooperated in Nohl’s demonstration of the technology, Thomas Jarzombek of Merkel’s Christian Democratic Union party, said that while many in that nation have been deeply angered by revelations about NSA spying, few are surprised that such intrusions are possible.

“After all the NSA and Snowden things we’ve heard, I guess nobody believes it’s possible to have a truly private conversation on a mobile phone,” he said. “When I really need a confidential conversation, I use a fixed-line” phone.”

“An inconspicuous Melbourne apartment block is home to a monitoring service that keeps watch on environment groups at the request of the federal government.

The National Open Source Intelligence Centre, a private intelligence company, works under contract for the Australian Federal Police and Federal Attorney-General’s Department to monitor activist websites, blogs, Facebook and Twitter to provide warning and analysis of protest activity.

It aims to provide law enforcement agencies and other private clients with internet monitoring and analysis directed at groups engaged in “radical activism, criminal (terrorist) activity or unlawful behaviour.”

Services provided by NOSIC include “issue monitoring,” “tactical intelligence,” “threat analysis” and “trend analysis and forecasting focus on emerging patterns and trends in activism.”

NOSIC has been engaged on contract by the AFP and the Attorney-General’s Department since at least 2003. From 2006 to 2008, it was paid $184,800.

In addition to its ongoing work for the federal agencies and state police, NOSIC also provides services relating to specific events…”

“The Australian government has been building a state-of-the art, secret data storage facility just outside Canberra to enable intelligence agencies to deal with a ‘’data deluge’’ siphoned from the internet and global telecommunications networks.

The high-security facility nearing completion at the HMAS Harman communications base will support the operations of Australia’s signals intelligence agency, the top-secret Defence Signals Directorate.

Privately labelled by one Defence official as ‘’the new black vault’’, the data centre is one of the few visible manifestations of Australia’s deep involvement in mass surveillance and intelligence collection operations such as the US National Security Agency’s PRISM program revealed last week by US intelligence leaker Edward Snowden.

Fairfax Media has confirmed Australian intelligence agencies receive what Defence intelligence officials describe as ‘’huge volumes’’ of ‘’immensely valuable’’ information derived from PRISM and other US signals intelligence collection programs.

Australian agencies assist the US to target foreign nationals and Australian citizens who are of security and intelligence interest to both countries.”

“Australia’s leading telecommunications company, Telstra, has installed highly advanced surveillance systems to “vacuum” the telephone calls, texts, social media messages and internet metadata of millions of Australians so that information can be filtered and given to intelligence and law enforcement agencies.

The Australian government’s electronic espionage agency, the Australian Signals Directorate, is using the same technology to harvest data flows carried by undersea fibre-optic cables in and out of Australia.

Confidential documents obtained by Fairfax Media reveal the secret technology used to trawl Australians’ telecommunications and internet data for analysis by ASIO, the ASD and law enforcement agencies.

All Australian telecommunications and internet service providers by law must maintain interception and data-collection capabilities for government.

The leaked documents reveal that a little-known Melbourne-based company is a key provider of the secret monitoring technology.

Newgen Systems, owned and managed by local telecommunications engineer Robert Perin, is the sole Australian supplier for Gigamon, a large Silicon Valley-based information technology firm that specialises in what it terms “network traffic visibility solutions’’.

Gigamon’s hardware enables telecommunications and IT network administrators to track, inspect and analyse all data flows undetected without affecting the performance of networks.

A key application of the technology is interception of telecommunications and internet data.”

“When Matthew Whisker picks his children up from their north shore childcare centre he doesn’t automatically have to ask how their day went – he already knows.

The Neutral Bay father has an app which alerts him to the daily activities and achievements of his children Harry, 11 months, and Lulu, five, almost immediately via his smart phone.

The app is being trialled in three Sydney centres operated by Only About Children, with plans to roll it out more widely later this year. Victoria’s Woodland Education has developed a similar app which also alerts parents to the real-time minutiae and milestones of their children’s lives, including what they had for lunch and if they soiled their nappies.

But experts have questioned whether young children need to have their lives documented in such detail and how it might affect normal interactions between parents, kids and carers.

Only About Children’s chief operations officer, Kathryn Hutchins, said the group, which has 31 centres in NSW, Victoria and Queensland, developed the app in response to parental demand.

‘‘We want to capture the moments working parents may want to see but don’t have the opportunity to because they are at work,’’ she said. ‘‘For example, if your child is just learning to walk, there will be a photo that shows that activity.’’

Educators carry a small handset tablet, photographing the children and writing short descriptions of what they are doing before uploading the content. The parent then gets a push notification, alerting them to the status update.”

“In some cases the NSA has masqueraded as a fake Facebook server, using the social media site as a launching pad to infect a target’s computer and exfiltrate files from a hard drive. In others, it has sent out spam emails laced with the malware, which can be tailored to covertly record audio from a computer’s microphone and take snapshots with its webcam. The hacking systems have also enabled the NSA to launch cyberattacks by corrupting and disrupting file downloads or denying access to websites.

The implants being deployed were once reserved for a few hundred hard-to-reach targets, whose communications could not be monitored through traditional wiretaps. But the documents analyzed by The Intercept show how the NSA has aggressively accelerated its hacking initiatives in the past decade by computerizing some processes previously handled by humans. The automated system – codenamed TURBINE – is designed to “allow the current implant network to scale to large size (millions of implants) by creating a system that does automated control implants by groups instead of individually.

When TURBINE implants exfiltrate data from infected computer systems, the TURMOIL sensors automatically identify the data and return it to the NSA for analysis. And when targets are communicating, the TURMOIL system can be used to send alerts or “tips” to TURBINE, enabling the initiation of a malware attack.

The NSA identifies surveillance targets based on a series of data “selectors” as they flow across Internet cables. These selectors, according to internal documents, can include email addresses, IP addresses, or the unique “cookies” containing a username or other identifying information that are sent to a user’s computer by websites such as Google, Facebook, Hotmail, Yahoo, and Twitter.

Other selectors the NSA uses can be gleaned from unique Google advertising cookies that track browsing habits, unique encryption key fingerprints that can be traced to a specific user, and computer IDs that are sent across the Internet when a Windows computer crashes or updates.

What’s more, the TURBINE system operates with the knowledge and support of other governments, some of which have participated in the malware attacks.

Classification markings on the Snowden documents indicate that NSA has shared many of its files on the use of implants with its counterparts in the so-called Five Eyes surveillance alliance – the United Kingdom, Canada, New Zealand, and Australia.”