STE WILLIAMS

More than 48 hours after a software developer posted evidence Carrier IQ monitored the key taps on more than 141 million smartphones, a company official has come forward to rebut the disturbing allegations. And he’s provided enough technical detail to convince The Register the diagnostics software doesn’t represent a privacy threat to handset owners.

Yes, Carrier IQ is a vast digital fishing net that sees geographic locations and the contents of text messages and search queries swimming inside the phones the software monitors, the company’s VP of marketing, Andrew Coward, said in an extensive interview. But except in rare circumstances, that data is dumped out of a phone’s internal memory almost as quickly as it goes in. Only in cases of a phone crash or a dropped call is information transferred to servers under the control of the cellular carrier so engineers can trouble shoot bottlenecks and other glitches on their networks.

“To answer your point, we’re on a fishing boat out at sea and we’re catching fish that are too small and they go back in,” Coward explained. “And they go back in for two reasons: One, the holes in the net don’t catch small fish, i.e. the filtering, and/or the fish is the wrong type and it gets thrown out of the boat, hopefully while it’s still alive.”

The interview came as Carrier IQ faced four lawsuits and a request by a US lawmaker for an investigation by the Federal Trade Commission. US Senator Al Franken has already demanded the Mountain View, California-based company answer a battery of questions, including whether it violates federal wiretap statutes.

The reason the SMS contents and key taps are monitored at all is so they can be used to invoke Carrier IQ programming interfaces, he continued. Messages or key sequences that contain proprietary tags can be used to manually upload diagnostic information. Those that contain the special formatting dissolve into the ether as soon as they come in.

“The content of the SMS is never stored and never transmitted,” Coward said.

His version of the software has been confirmed by Dan Rosenberg, an Android security researcher who has reverse engineered Carrier IQ and examined the underlying machine language. He said he took the undertaking after viewing a video demonstration posted on Monday that showed the software echoing the precise key taps developer Trevor Eckhart typed into his HTC EVO handset.

“What the video is depicting is the application printing out what are known as bugging logs,” he said. “It’s a way that applications keep a temporary record of the things they were doing so if anything were to break, a developer could go and read that record and figure out what went wrong. That’s very different from the application actually recording that information and sending it off to the carrier.”

What follows are highlights from The Register‘s interview with Coward:

Next page: Carrier IQ speaks

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2011/12/02/carrier_iq_interview/

The BlackBerry PlayBook tablet has been rooted, just like the Amazon Kindle Fire and other fondleslabs before it, in a development that promises tech enthusiasts the ability to install apps of their choosing, rather than being stuck with those already pre-loaded onto the device.

Gadget enthusiasts have posted a video as evidence that the Research In Motion-manufactured device can be tinkered with in order to run unauthorised applications and control components that users do not normally have access to. Unlike earlier work on tablet-rooting by tech enthusiasts at the XDA Developers forum, the video fails to provide clear instructions on how to root the PlayBook.

The hacker in the video, who uses the nickname Neuralic, boasts that his team has broken RIM’s security without explaining the underlying vulnerability he might have used to pull off the trick. However Neuralic says he and two his gadget-hacking colleagues plan to develop and release a tool that will allow consumers to root the device.

In a statement, RIM said it was in the process of investigating the jailbreak claim, Kaspersky Lab’s Threatpost blog reports.

“Research In Motion is aware of a claim made on Twitter by security researchers working together that suggests the ability to ‘jailbreak’ a BlackBerry PlayBook tablet. BlackBerry smartphone users are not affected,” the firm said.

“RIM is currently investigating this claim and has been in contact with one of the security researchers to discuss it. If it is determined that the claim is accurate, RIM will follow its standard response process to develop and release a software update that is designed to minimise adverse impact to our customers or carrier partners.

“RIM is aware that the security researchers have stated they intend to release a tool to jailbreak the BlackBerry PlayBook tablet. If such a tool is released, RIM will investigate it,” it added. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2011/12/02/blackberry_playbook_rooted/

Security researchers have discovered an unpatched flaw in Yahoo! Messenger that allows miscreants to change any user’s status message.

Hijacked status updates are a handy way to persuade a victim’s contacts to click on a link and lead them to a dangerous website. Worse still, the bug in version 11.x of the Messenger client requires minimal user interaction to work, unlike previous exploits that relied on coning prospective marks.

The attacker sends a supposed file to a target that is actually an iframe that swaps the status message for the attacker’s customised text, as explained in a blog post by net security firm BitDefender here. The message might be, and in most attack scenarios would be, sent firm outside a targeted user’s contact list.

If successfully executed, a victim will have no indication that his or her status message has been rewritten. The ruse might be used to gain affiliate incomes by promoting dodgy sites as well as directing users towards sites loaded with exploits or scareware scams.

Bitdefender said it has notified Yahoo about the vulnerability. Attacks based on the as yet unfixed flaw have already been detected in the wild, the Romanian security firm warns.

It advises users to change the setting of their IM client to “ignore anyone who is not in your Yahoo! Contacts” (which is off by default) as a precaution pending the release of a patch. In addition, some security suites include a web filter function that ought to defend users from this attack. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2011/12/02/yahoo_im_zero_day/

US lawmakers are backing a bill that will let spy agencies share top-secret information on cyber threats with certain pre-approved companies, and allow firms to give out data on their customers to the spies.

The Permanent Select Committee on Intelligence voted to put forward the legislation (PDF), which would build on a pilot programme in the Pentagon sharing clandestine and sensitive data with defence contractors and internet firms.

“There is an economic cyber war going on today against US companies,” the chairman of the committee Mike Rogers said in a statement supporting the bill.

“There are two types of companies in this country: those who know they’ve been hacked, and those who don’t know they’ve been hacked.

“Economic predators, including nation-states, are blatantly stealing business secrets and innovation from private companies. This cybersecurity bill goes a long way in helping American businesses better protect their networks and their intellectual property,” he added.

Companies including Microsoft, IBM and Verizon have all written in support of the bill, saying it will help them to combat cyber threats more effectively.

However, the bill also provides for private entities sharing information with intelligence agencies, something that privacy advocates aren’t too happy about.

An amendment to the bill that attempts to deal with privacy concerns states that the data can only be used for cyber or national security reasons – but many would say that casts a fairly wide net.

The American Civil Liberties Union (ACLU) has already said that it will oppose the bill if more privacy protections aren’t put in place.

“The Cyber Intelligence Sharing and Protection Act would create a cybersecurity exception to all privacy laws and allow companies to share the private and personal data they hold on their American customers with the government for cybersecurity purposes,” the ACLU said in a letter to the committee.

“The bill would not limit the companies to sharing only technical, non-personal data. Instead, it would give the companies discretion to decide the type and amount of information to turn over to the government.

“While such data might be used for cybersecurity purposes, there would be no bar on the government also using it to conduct fishing expeditions for criminal, immigration or other purposes,” it added.

The US has become increasingly concerned about the cybersecurity of its firms and cyber-espionage from foreign countries.

Last month, a government report claimed that agents from both China and Russia were frequently hacking into US firms to make off with their technological and economic secrets, although it stopped short of saying that their governments were definitely behind the cyber attacks.

The House of Representatives committee on intelligence also launched an investigation last month into Chinese telecoms firms in the country, including Huawei and ZTE, to look at “the extent to which” the companies were giving their government the opportunity to spy on the US.

China’s government and its firms have hotly denied the allegations, and say they want to cooperate with investigations and sort out cyber espionage as much as the next country. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2011/12/02/us_bill_cyber_information_sharing/

Charities are unlikely to benefit from an Anonymous-led operation attempting to use stolen credit card details to make donations to worthwhile causes.

OpRobinHood aims to defraud banks for the benefit of the majority and comes as a response by hacktivists to the crackdown on the Occupy movement. Anonymous has joined forces with TeaMp0isoN, another hactivist group, to run the campaign – which is an illegal and aggressive extension of an earlier push to persuade consumers to transfer their accounts from banks to credit unions.

Banks will inevitably seek to reverse any fraudulent transaction once card-holders complain, if not before. Initially we reckoned banks might levy a chargeback in such cases, potentially leaving charities who receive fraudulent donations out of pocket.

However, a spokeswoman for the UK Cards Association explained that the picture is more complicated than that and depends on the contract charities have with their payment processors and banks, which can vary widely across the industry. She told us:

As chargeback is run by Visa and MasterCard, only they will know the detail, and partly as this will be about the commercial contract between the business and their own bank.

In general, anybody who accepts cards will have a contract which will clarify where liability lies in the case of fraudulent transactions – the general thing being that if you are plugged into the most effective fraud prevention measures, then you (the retailer) won’t lose out. Some charities may lose out (or just not get the money they thought they were getting – they won’t lose twice) but some will.

However what TeaMp0isoN may find is that because real fraudsters often test to see whether the card details they have works by making a charitable donation, the transaction may be blocked anyway.

Rob Rachwald, director of security strategy at database security firm Imperva, explained that ultimately banking customers and not the banks themselves bear the cost of credit card fraud – not directly, but through increased fees. Anonymous is mistaken if it thinks that charitable donations using stolen credit cards offer any exception to this rule, he argued.

“From a consumer standpoint, there’s no liability for a stolen card,” Rachwald explained. “The fraudulent transaction is not charged back to the consumer. The problem is that this misleads consumers – and Anonymous – into thinking that consumers are spared while banks and retailers are screwed. Wrong.”

He added: “The reality is retailers who accepted the stolen credit card (not knowing it was stolen) lose price of the merchandise purchased. Credit card companies increase fees and interest rates. Fraud costs, in effect, are distributed back to the general pool of consumers.”

So it is members of the majority, not the banks, who are ultimately going to be left out of pocket by OpRobinHood, Rachwald concluded.

“So who’s funding Operation Robin Hood? Anyone with a credit card. This very likely includes the many members of Anonymous,” he said.

PoisAnon (Anonymous/TeaMp0isoN) has allegedly hacked into the systems of two banks but without making any fraudulent transactions. Hacktivists claim to have found vulnerabilities in the web-based systems of both the First National Bank of Long Island and the National Bank of California, according to documents posted onto PasteBin, ITWorld reports.

Both reports remain unconfirmed, as neither bank would reveal if illicit access to their systems had taken place. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2011/12/02/oprobinhood_who_pays/

International boffins are chuffed today to publish cunning research in which they demonstrate quantum entanglement – the “spooky action at a distance” so disliked by Einstein – between a pair of small synthetic diamonds: and, this is the clever bit, at room temperature rather than in a cryogenic chamber or similar, so bringing the long hoped-for quantum computer hardware that bit nearer.

The scientists write:

Entanglement is usually fragile in room-temperature solids, owing to strong interactions both internally and with the noisy environment. We generated motional entanglement between vibrational states of two spatially separated, millimeter-sized diamonds at room temperature. By measuring strong nonclassical correlations between Raman-scattered photons, we showed that the quantum state of the diamonds has positive concurrence with 98% probability. Our results show that entanglement can persist in the classical context of moving macroscopic solids in ambient conditions.

The entanglement was achieved and demonstrated in the two diamonds using a complicated setup of lasers and beam splitters such that a given photon could be in either diamond, so entangling them. Physicists have demonstrated entanglement many times before, but generally have needed to use very cold environments to avoid “noise” corrupting the experiment. It’s also unusual to be able to entangle large, physically visible objects like diamond crystal, as opposed to individual atoms or similar.

All this is important to the IT world because entangled objects can function as quantum on-off devices, or “qubits”. Qubits aren’t just 1 or 0 like regular classical bits: they could contain a whole load of info.

Entangled qubits would theoretically also be the dog’s bits, as they might be used to build hard-to-understand yet puissant “quantum computers”. Quantum computing has been modelled and theorised, and it’s known could it be achieved it would offer some interesting possibilities: not least the breaking of current encryption and, of course, the chance of new and provably unbreakable crypto to replace it.

Doing this sort of thing at normal temperatures with normal-ish objects means that the boffins, led by Ian Walmsley of Oxford uni, get a headline in prestigious boffinry journal Science for their work. Unfortunately it seems that we won’t be getting our quantum computers just yet.

“I am not sure where this particular work will go from here,” Andrew Cleland, a rival quantum boffin in California, tells rival journal Nature. “I can’t think of a particular use for entanglement that lasts for only a few picoseconds.”

But Walmsley for his part insists that “diamond could form the basis of a powerful technology for practical quantum information processing”. ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2011/12/02/diamond_quantum_computing_entanglement/

Surveillance companies can use your iPhone to take photos of you and your surroundings without your knowledge, said a representative from the Bureau of Investigative Journalism at a panel chaired by Julian Assange™ today.

Companies also sell products that will let them change the messages you write, track your location and nick your email contacts, claimed speakers on the panel that included representatives from Privacy International and the aforementioned bureau.

The privacy campaigners, speaking in London, pulled out some of the most sensational revelations in the 287 documents about the international surveillance industry published today by WikiLeaks (but you read it here first). The documents cover a total of 160 companies in 25 countries.

“Who here has an iPhone, who has a BlackBerry, who uses Gmail?” Assange asked. “Well you’re all screwed,” he continued, “the reality is that intelligence operations are selling right now mass surveillance systems for all those products”.

Speaking on the panel, Pratap Chatterjee of the Bureau of Investigative Journalism (which works out of City University, but is an independent organisation) said that your phone could be used to record and send information about you even when it is in stand-by mode. That data included location, recordings of your conversations and even photographs. This spy software could run on iPhone, BlackBerry and Windows mobile kit.

Stefania Maurizi, a journalist from Italy’s weekly news magazine L’Espresso, showed documents that suggested that software products could not only read emails and text messages sent from spied-on phones, but could actually fake new ones or alter the text of messages sent.

As The Reg has already discussed, all these software products are commercially available, and sold seemingly without any regulation.

Maurizi and N Ram, editor-in-chief of India’s The Hindu newspaper (speaking over a Skype connection) said that they were particularly worried by the lack of a legal framework and the absence of checks and balances in the surveillance system.

Steven Murdoch of Cambridge Security group said such software was being made by British companies including ones based in Surrey and Oxford.

He added that even lawful interception was no longer targeted and backed up by suspicions. “We’re seeing increasingly wholesale monitoring of entire populations with no suspicion of wrongdoing – the data is being monitored and stored in the hope that it might one day be useful.”

“Without controls on this industry, the threat that surveillance poses to freedom on expression and human rights in general is only going to increase.” ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2011/12/01/julian_assange_surveillance/

The roster of confirmed smartphone manufacturers and network providers using the controversial Carrier IQ tracking software has grown to include Apple, ATT, Sprint, HTC, and Samsung. Verizon, Nokia, and Research in Motion, meanwhile, have denied reports saying they employ it.

In a statement that was widely reported on Thursday, Apple confirmed that some undisclosed products use the software, which an independent researcher has documented secretly monitors users’ key presses even when they’re entered into webpages protected by the SSL protocol.

Apple didn’t say which devices still use the diagnostic software or how long the company has relied on it. But according to a report published on Thursday by Ars Technica, the only iOS 5 device that runs Carrier IQ is the iPhone 4. “Other devices running iOS 5, such as the iPad, the new iPhone 4S, and older iPhone models updated to iOS 5 have had Carrier IQ stripped out,” the report said, citing Apple.

The Apple statement, as reported by AllThingsD read:

We stopped supporting Carrier IQ with iOS 5 in most of our products and will remove it completely in a future software update. With any diagnostic data sent to Apple, customers must actively opt-in to share this information, and if they do, the data is sent in an anonymous and encrypted form and does not include any personal information. We never recorded keystrokes, messages or any other personal information for diagnostic data and have no plans to ever do so.

Apple’s admission, which leaves open the possibility that earlier iDevices still contain Carrier IQ, contrasted with blanket denials from Verizon, Nokia, and Research in Motion, all of which were named by Trevor Eckhart as providing devices that had the software installed.

“The reports we have seen about Verizon using Carrier IQ are false,” Verizon spokeswoman Debi Lewis wrote in an email to The Register.

In his own email, Nokia spokesman Mark Durrant wrote: “Further to your piece, CarrierIQ does not ship products for any Nokia devices, so reports that they have been found on Nokia phones are wrong.”

A statement from RIM, reported by IDG News, was even more categorical.

“RIM does not pre-install the CarrierIQ app on BlackBerry smartphones or authorize its carrier partners to install the CarrierIQ app before sales or distribution,” the company said in a statement. “RIM also did not develop or commission the development of the CarrierIQ application, and has no involvement in the testing, promotion, or distribution of the app.”

The denials contradicted research findings Eckhart published last month that claimed phones made or used by all three companies contained the tracking software. In an interview on Thursday, Eckhart conceded he had no hard proof. But he stood by the assertions that Verizon and Nokia had ties to Carrier IQ and cited links on Carrier IQ’s website as support.

Eckhart said pages here and here both include executable files that install Carrier IQ on a variety of Nokia handsets. He also dug up this page, which appears to show IP address lookups for the subdomains vzw-collector.demo.carrieriq.com, vzw-dis.demo.carrieriq.com and hupload-vzw99.carrieriq.com. None of the three URLs responded to pings at time of writing.

A statement from Sprint, meanwhile, said:

Carrier IQ provides information that allows Sprint, and other carriers that use it, to analyze our network performance and identify where we should be improving service. We also use the data to understand device performance so we can determine when issues are occurring and how to resolve them. We collect enough information to understand the customer experience with devices on our network and how to address any connection problems, but we do not and cannot look at the contents of messages, photos, videos, etc., using this tool. The information collected is not sold and we don’t provide a direct feed of this data to anyone outside of Sprint.

A key element of our privacy practices involves communicating with our customers about our information privacy practices. The Sprint privacy policy explains that certain data is collected automatically by Sprint including how a device is functioning and how it is being used. Carrier IQ is an integral part of the Sprint service. Sprint uses Carrier IQ to help maintain our network performance.

An ATT spokesman, meanwhile, said only: “In line with our privacy policy, we solely use CIQ software data to improve wireless network and service performance.”

Both HTC and Samsung, according to IDG, said they add Carrier IQ to their phones as required by unnamed carriers who buy the devices. An HTC statement went on to say that HTC isn’t a Carrier IQ customer and receives no data from the app.

With a chorus of companies coming out of the wings to confirm or deny their use of the software, Carrier IQ’s reticence is becoming deafening. If the software is really as innocuous as Android security researcher Dan Rosenberg suspects, it should be relatively simply for the Mountain View, California-based company to provide documentation that will put the matter to rest.

Instead, Carrier IQ representatives have have maintained radio silence for more than a week now. ®

This article was updated to add details in the third paragraph about the iPhone 4.

Follow dangoodin001

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2011/12/01/apple_sprint_carrier_iq/

Surveillance companies can use your iPhone to take photos of you and your surroundings without your knowledge, said a representative from the Bureau of Investigative Journalism at a panel chaired by Julian Assange™ today.

Companies also sell products that will let them change the messages you write, track your location and nick your email contacts, claimed speakers on the panel that included representatives from Privacy International and the aforementioned bureau.

The privacy campaigners, speaking in London, pulled out some of the most sensational revelations in the 287 documents about the international surveillance industry published today by WikiLeaks (but you read it here first). The documents cover a total of 160 companies in 25 countries.

“Who here has an iPhone, who has a Blackberry, who uses Gmail?” Assange asked. “Well you’re all screwed,” he continued, “the reality is that intelligence operations are selling right now mass surveillance systems for all those products”.

Speaking on the panel, Pratap Chatterjee of the Bureau of Investigative Journalism (which works out of City University, but is an independent organisation) said that your phone could be used to record and send information about you even when it is in stand-by mode. That data included location, recordings of your conversations and even photographs. This spy software could run on iPhone, Blackberry and Windows mobile kit.

Stefania Maurizi, a journalist from Italy’s weekly news magazine L’Espresso, showed documents that suggested that software products could not only read emails and text messages sent from spied-on phones, but could actually fake new ones or alter the text of messages sent.

As The Reg has already discussed, all these software products are commercially available, and sold seemingly without any regulation.

Maurizi and N Ram, editor-in-chief of India’s The Hindu newspaper (speaking over a Skype connection) said that they were particularly worried by the lack of a legal framework and the absence of checks and balances in the surveillance system.

Steven Murdoch of Cambridge Security group said such software was being made by British companies including ones based in Surrey and Oxford.

He added that even lawful interception was no longer targeted and backed up by suspicions. “We’re seeing increasingly wholesale monitoring of entire populations with no suspicion of wrongdoing – the data is being monitored and stored in the hope that it might one day be useful.”

“Without controls on this industry, the threat that surveillance poses to freedom on expression and human rights in general is only going to increase.” ®

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2011/12/01/julian_assange_surveillance/

Senior police officers and a Cabinet minister may have been targeted for computer hacking by unscrupulous journalists at News International.

This is according to Sir Hugh Orde, president of the Association of Chief Police Officers (ACPO). At the time of the alleged hack, he was chief constable of the Police Service of Northern Ireland, a position he held until 2009.

He told a newspaper yesterday that he had been warned that computers he used may have been compromised by private investigators hired by the News of the World. Orde said he was furious and in disbelief when officers from The Met – working on Operation Tuleta* – told him he had been targeted, the Irish Independent reports.

The police chief is the latest in a string of senior figures involved in Northern Ireland intelligence who may have been targeted by hacks working for News international.

Police are also investigating leads suggesting the PC of Peter Hain – who was Secretary of State for Northern Ireland between 2005 and 2007 – might have been hacked. Hain was reportedly asked to confirm that sensitive information obtained by investigators might have originated from his computer.

A former British army intelligence officer tasked with handling informants within the IRA in Northern Ireland told the Leveson Inquiry into media ethics of his suspicions that he had also fallen victim to a malware-driven hack attack. Ian Hurst reckons his computer was compromised sometime during 2006. The possible motives for the alleged hacks, which raise obvious national security concerns, remain unclear.

Computer hacking tactics were also allegedly deployed against targets outside the Northern Ireland intelligence community. Actress Sienna Miller last week told the Leveson Inquiry of her suspicions that her email account had been broken into. Miller said her concerns stemmed from the content of notes made by disgraced private detective Glenn Mulcaire and shown to her by police.

Mulcaire was jailed for six months back in 2007 after he was convicted of hacking into the voicemail messages of royal aides at the behest of the News of the World. ®

Bootnote

* Operation Tuleta is a separate inquiry by the Metropolitan Police into alleged computer hacking by the press. It is running parallel to the more high-profile inquiries into mobile phone voicemail hacking and payments from the media to police. A 52-year-old man from Milton Keynes was arrested and questioned by officers working on Operation Tuleta late last month.

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2011/12/01/ni_computer_hacking/