Welcome

Website counter
website hit counter
website hit counters

Tuesday, November 29, 2011

Fwd: MedicalConspiracies- Firms are sending out fake iTunes updates to install spyware



---------- Forwarded message ----------
From: Grannie's Mail <granniefox@gmail.com>
Date: Tue, Nov 29, 2011 at 12:52 PM
Subject: MedicalConspiracies- Firms are sending out fake iTunes updates to install spyware
To: "1 Health_and_Healing@yahoogroups" <Health_and_Healing@yahoogroups.com>, "1 MedicalConspiracies@googlegrou" <MedicalConspiracies@googlegroups.com>




-------- Original Message --------
Subject: [Paranormal_Research] Firms are sending out fake iTunes updates to install spyware
Date: Sat, 26 Nov 2011 17:16:15 +0000 (GMT)
From: Drou <drouetda@btinternet.com>
Reply-To: Paranormal_Research@yahoogroups.com




Firms are sending out fake iTunes updates to install spyware on behalf of your government - and it's all completely legal!

Marcel Rosenbach
Der Spiegel
Tue, 22 Nov 2011 16:32 CST
Print

Homepage of the Cyberwarfare Europe conference where borgs gathered in September to discuss how better to drain the creative juices from humanity
A surveillance firm claims it can distribute its spyware via faked iTunes updates. Apple appears to have moved to eliminate the security gap, but the debate over trojans used by governments, both democratic and otherwise, continues to boil.

It was as if a far-flung secret society had gathered in Berlin at the end of September. Military officials and representatives of security authorities from around the world met in a luxury hotel to discuss threats in the digital world: cyber attacks, electronic espionage and online organized crime. But the most pressing issue on the agenda was technology that can be used to combat these perils.

The event was called "Cyberwarfare Europe," but many participants had traveled to the German capital from even further afield. The roster of participants in the event listed government employees and industry representatives from the United Arab Emirates, Malaysia and Indonesia. Each attendee had paid as much as €2,700 for the privilege of listening to lectures from IT experts and military officials -- including one given by a legal expert for current operations at the United States Cyber Command.

In the hotel's foyer, companies touted their myriad surveillance technologies. The stand that stood out most was decked out in blue and black and advertised a product called FinFisher. The business cards of the young men working the stand identified them as respresentatives of the firm Gamma International GmbH of Munich. The Gamma representatives, however, were only interested in sharing information about their service with potential customers. A banner hanging above them provided hints, however: something to do with "Governmental IT Intrusion" -- in other words, electronic tools for digital break-ins that can be used by governments and their agencies. The managing director, from Munich, told SPIEGEL the company had no interest in any reporting on its products.

iTunes Used to Install Trojan?

In contrast to their Italian competitor Hacking Team, which was also in Berlin to solicit new customers, the Gamma team even took steps to ensure that journalists left the room when their managing director gave a presentation.

The wariness of the media, it would seem, is not without reason. The FinFisher software on offer, it appears from marketing materials obtained by SPIEGEL, may work in a similar manner to that used by the online criminals they are intended to combat. Indeed, a video promoting FinFisher indicates that the software

Apparently, at least according to a video promoting FinFisher, the software uses Apple's popular iTunes in order to load snooping software onto the computers of the intended suspects.

In recent years, international demand has risen considerably for the kind of Internet surveillance software that Gamma International GmbH and Hacking Team demonstrated in Berlin. Worldwise, suspects are increasingly communicating over the Internet using encryption-protected technology. Agreements that suspects previously made over comparably easy to tap landlines or mobile phones are increasingly being conducted through encrypted Internet telephony services like Skype or through encrypted computer chats. Very often, the only thing security authorities are able to capture are suspects making mobile phone calls in order to set up their next encrypted chat date.

Firms like Gamma International GmbH and Hacking Team offer solutions that promise to solve these problems. But the surveillance offered by their software is anything but simple to implement. One has to succeed in installing the software on the suspect's computer prior to any encrypted communication so that conversations, mails and chats can be secretly channelled to security authorities. To put it more simply, the authorities have to hack into a suspect's computer.

An Electronic Break-In System

The discussion in Germany over so-called "government Trojans" created by the firm DigiTask underscore just how controversial and legally problematic such efforts are. An analysis by the Berlin based hacking organization Chaos Computer Club showed that the software is capable of doing more than German laws on wiretapping permit.

Gamma presents the FinFisher system as the most comprehensive electronic snooping software available on the market. Earlier this year, the company made headlines when protesters stormed the offices of the Egyptian state security service in Cairo and came across detailed offers for various FinFisher applications.

At the time, Mostafa Hussein, a 30-year-old doctor, told SPIEGEL ONLINE of finding a sheaf of documents when he and other protesters stormed the building in March. The documents included a software offer dated June 2010 for a complete package of surveillance software, installation and training for state investigators. The estimated cost was around €330,000, including one year of support. The offer included "Remote Intrusion Software" and "Remote Infection Tools." In other words, programs that could be used to install snooping software on a target computer. The offer contained the logo of Gamma International UK Limited and it also included mentions of programs like "FinSpy" and "FinFly Lite."

Lawyers representing Gamma International UK Limited explained that no products from the FinFisher line had been delivered to the Egyptian government. They said the company only delivers its products to governments and that, in doing so, it adheres to British law and any other relevant regulations. In addition, the company said it could not provide any information about "confidential business relationships and the type of products it offers."

Since then, the secret dealings with technologies for so-called lawful interception have come under increasing scrutiny in Germany and abroad -- not least because the most modern Western surveillance technologies have also been popping up in other authoritarian states like Syria, Libya and Bahrain in recent months. In the hands of dictators, they can easily be used as instruments of repression.

Some of the first details about the FinFisher surveillance software can be found in the material obtained by Spiegel. The firm's own advertising videos show that the firm offers a whole palette of possibilities for infiltrating and installing spy software on target computers.

'Full Access to the Target Phone'

The simplest way noted is if the "agent" has physical access to the targeted person's computer. In such instances, it is sufficient to stick a USB stick ("FinFly USB") into the computer. But what can one do when that isn't possible? The company also offers solutions for those instances -- even for mobile devices. The animated promotion video for "FinSpy Mobile," for example, states: "The Target is using a Blackberry phone for his communication." It then sends a message to the target in a format that looks like an update for the phone. "The Target receives a fake update message from FinSpy Mobile," the video states. "The Target accepts the Blackberry Update." And, finally, "The Target System is now infected with FinSpy software. ... The Headquarter has full access to the Target Phone."

The firm's promotion material also suggests that in an infection through "FinFly ISP," the recipient receives a "fake iTunes update." If the update is clicked on and downloaded, "headquarters" will have full access to the targeted computer -- at least according to the company's promotional materials.

Blackberry developer Research in Motion did not respond to a query from SPIEGEL about what the company thought of the fake update messages.

At Apple, officials seemed unenthused about the apparent actions of the Munich firm and contrite about the vulnerability in its software that the company might be using to distribute spy software. It appears the Munich firm had taken advantage of the fact that, so far, Apple has not sent out its iTunes Update messages in a secure format. FinFisher software was apparently able to latch on to the communications to perpetrate what is known as a "man in the middle attack."

Apple Confirms Attackers Could Fake Updates

"The security and privacy of our users is extremely important and we actively work to find and fix any issues that could compromise their systems," an Apple spokesman answered in response to a query from SPIEGEL.

Representatives of the offices of Gamma International GmbH in Munich directed calls to the company's British division. However, the British division of Gamma International had not replied by the time of publication.

It appears that Apple has already responded and has sought to eliminate the iTunes vulnerability that may have been used in the FinFisher software. A few days ago, the California-based company released the new iTunes Update 10.5.1 -- a real one, not a fake update from the spy software developer.

"A man-in-the-middle attacker may offer software that appears to originate from Apple," the update listed on Apple's site states. "The issue has been mitigated by using a secured connection when checking for available updates." In other words, the iTunes vulnerability appears to have been eliminated.




--
Palash Biswas
Pl Read:
http://nandigramunited-banga.blogspot.com/

No comments:

मैं नास्तिक क्यों हूं# Necessity of Atheism#!Genetics Bharat Teertha

হে মোর চিত্ত, Prey for Humanity!

मनुस्मृति नस्ली राजकाज राजनीति में OBC Trump Card और जयभीम कामरेड

Gorkhaland again?আত্মঘাতী বাঙালি আবার বিভাজন বিপর্যয়ের মুখোমুখি!

हिंदुत्व की राजनीति का मुकाबला हिंदुत्व की राजनीति से नहीं किया जा सकता।

In conversation with Palash Biswas

Palash Biswas On Unique Identity No1.mpg

Save the Universities!

RSS might replace Gandhi with Ambedkar on currency notes!

जैसे जर्मनी में सिर्फ हिटलर को बोलने की आजादी थी,आज सिर्फ मंकी बातों की आजादी है।

#BEEFGATEঅন্ধকার বৃত্তান্তঃ হত্যার রাজনীতি

अलविदा पत्रकारिता,अब कोई प्रतिक्रिया नहीं! पलाश विश्वास

ভালোবাসার মুখ,প্রতিবাদের মুখ মন্দাক্রান্তার পাশে আছি,যে মেয়েটি আজও লিখতে পারছেঃ আমাক ধর্ষণ করবে?

Palash Biswas on BAMCEF UNIFICATION!

THE HIMALAYAN TALK: PALASH BISWAS ON NEPALI SENTIMENT, GORKHALAND, KUMAON AND GARHWAL ETC.and BAMCEF UNIFICATION! Published on Mar 19, 2013 The Himalayan Voice Cambridge, Massachusetts United States of America

BAMCEF UNIFICATION CONFERENCE 7

Published on 10 Mar 2013 ALL INDIA BAMCEF UNIFICATION CONFERENCE HELD AT Dr.B. R. AMBEDKAR BHAVAN,DADAR,MUMBAI ON 2ND AND 3RD MARCH 2013. Mr.PALASH BISWAS (JOURNALIST -KOLKATA) DELIVERING HER SPEECH. http://www.youtube.com/watch?v=oLL-n6MrcoM http://youtu.be/oLL-n6MrcoM

Imminent Massive earthquake in the Himalayas

Palash Biswas on Citizenship Amendment Act

Mr. PALASH BISWAS DELIVERING SPEECH AT BAMCEF PROGRAM AT NAGPUR ON 17 & 18 SEPTEMBER 2003 Sub:- CITIZENSHIP AMENDMENT ACT 2003 http://youtu.be/zGDfsLzxTXo

Tweet Please

Related Posts Plugin for WordPress, Blogger...

THE HIMALAYAN TALK: PALASH BISWAS BLASTS INDIANS THAT CLAIM BUDDHA WAS BORN IN INDIA

THE HIMALAYAN TALK: INDIAN GOVERNMENT FOOD SECURITY PROGRAM RISKIER

http://youtu.be/NrcmNEjaN8c The government of India has announced food security program ahead of elections in 2014. We discussed the issue with Palash Biswas in Kolkata today. http://youtu.be/NrcmNEjaN8c Ahead of Elections, India's Cabinet Approves Food Security Program ______________________________________________________ By JIM YARDLEY http://india.blogs.nytimes.com/2013/07/04/indias-cabinet-passes-food-security-law/

THE HIMALAYAN TALK: PALASH BISWAS TALKS AGAINST CASTEIST HEGEMONY IN SOUTH ASIA

THE HIMALAYAN VOICE: PALASH BISWAS DISCUSSES RAM MANDIR

Published on 10 Apr 2013 Palash Biswas spoke to us from Kolkota and shared his views on Visho Hindu Parashid's programme from tomorrow ( April 11, 2013) to build Ram Mandir in disputed Ayodhya. http://www.youtube.com/watch?v=77cZuBunAGk

THE HIMALAYAN TALK: PALASH BISWAS LASHES OUT KATHMANDU INT'L 'MULVASI' CONFERENCE

अहिले भर्खर कोलकता भारतमा हामीले पलाश विश्वाससंग काठमाडौँमा आज भै रहेको अन्तर्राष्ट्रिय मूलवासी सम्मेलनको बारेमा कुराकानी गर्यौ । उहाले भन्नु भयो सो सम्मेलन 'नेपालको आदिवासी जनजातिहरुको आन्दोलनलाई कम्जोर बनाउने षडयन्त्र हो।' http://youtu.be/j8GXlmSBbbk

THE HIMALAYAN DISASTER: TRANSNATIONAL DISASTER MANAGEMENT MECHANISM A MUST

We talked with Palash Biswas, an editor for Indian Express in Kolkata today also. He urged that there must a transnational disaster management mechanism to avert such scale disaster in the Himalayas. http://youtu.be/7IzWUpRECJM

THE HIMALAYAN TALK: PALASH BISWAS CRITICAL OF BAMCEF LEADERSHIP

[Palash Biswas, one of the BAMCEF leaders and editors for Indian Express spoke to us from Kolkata today and criticized BAMCEF leadership in New Delhi, which according to him, is messing up with Nepalese indigenous peoples also. He also flayed MP Jay Narayan Prasad Nishad, who recently offered a Puja in his New Delhi home for Narendra Modi's victory in 2014.]

THE HIMALAYAN TALK: PALASH BISWAS CRITICIZES GOVT FOR WORLD`S BIGGEST BLACK OUT

THE HIMALAYAN TALK: PALASH BISWAS CRITICIZES GOVT FOR WORLD`S BIGGEST BLACK OUT

THE HIMALAYAN TALK: PALSH BISWAS FLAYS SOUTH ASIAN GOVERNM

Palash Biswas, lashed out those 1% people in the government in New Delhi for failure of delivery and creating hosts of problems everywhere in South Asia. http://youtu.be/lD2_V7CB2Is

THE HIMALAYAN TALK: PALASH BISWAS LASHES OUT KATHMANDU INT'L 'MULVASI' CONFERENCE

अहिले भर्खर कोलकता भारतमा हामीले पलाश विश्वाससंग काठमाडौँमा आज भै रहेको अन्तर्राष्ट्रिय मूलवासी सम्मेलनको बारेमा कुराकानी गर्यौ । उहाले भन्नु भयो सो सम्मेलन 'नेपालको आदिवासी जनजातिहरुको आन्दोलनलाई कम्जोर बनाउने षडयन्त्र हो।' http://youtu.be/j8GXlmSBbbk