The DOJ has indicted three former Verizon and AT&T; employees for alleged membership in a crime-ring known as the "The Community"; the indictment says the telco employees helped their confederates undertake "port-out" scams (AKA "SIM-swapping" AKA "SIM hijacking"), which allowed criminals to gain control over targets' phone numbers, thereby receiving SMS-based two-factor authentication codes. Read the rest
While 5G mobile networks promise to provide tremendous wireless speeds with low latency, they may also make it more difficult for meteorologists to provide weather forecasts. That's because 5G's neighboring frequencies are used by satellites that detect water vapor in the atmosphere, data that informs weather models used by meteorologists. From Nature:
Read the restAstronomers, meteorologists and other scientists have long worked to share the spectrum with other users, sometimes shifting to different frequencies to prevent conflicts. But “this is the first time we’ve seen a threat to what I’d call the crown jewels of our frequencies — the ones that we absolutely must defend come what may”, says Stephen English, a meteorologist at the European Centre for Medium-Range Weather Forecasts in Reading, UK.
They include the 23.8-gigahertz frequency, at which water vapour in the atmosphere emits a faint signal. Satellites, such as the European MetOp probes, monitor energy radiating from Earth at this frequency to assess humidity in the atmosphere below — measurements that can be taken during the day or at night, even if clouds are present. Forecasters feed these data into models to predict how storms and other weather systems will develop in the coming hours and days.
But a 5G station transmitting at nearly the same frequency will produce a signal that looks much like that of water vapour. “We wouldn’t know that that signal is not completely natural,” says Gerth.
Last September, Facebook drew fire for abusing the phone numbers users provided for two-factor authentication messages, sending spam advertising messages over the same channel -- now, rather than reforming its ways, Facebook has doubled down on poisoning the security well, by adding a no-opt-out policy of allowing anyone in the world to search for you by phone number if you provide that number for two-factor auth. Read the rest
Absher is a kind of Saudi equivalent to China's Weibo, an all-in-one service that manages payments, interaction with government services, and, key to the Saudi system of sadistic, totalitarian medieval patriarchy, it lets men track the whereabouts of their wives, daughters, and employees, sending alerts to "guardians" when women use their passports. Read the rest
If you need to build an app quickly and easily, you might decide to use Facebook's SDK, which has lots of bells and whistles, including easy integration of Facebook ads in your app's UI. Read the rest
The Right to Repair movement got state legislatures to consider more than a dozen Right to Repair bills last year, and have made great strides in the EU and elsewhere, but for every two steps forward they manage, they're forced a step or two back by giant corporate lobbyists, led by Apple, who want to ensure that third parties can't repair products, and that a manufacturer's decision it's time to retire a product from the market won't be challenged by independent repair depots. Read the rest
Senator Ron Wyden has publicly denounced both Apple and Google for hosting mobile apps that connect to Absher, a Saudi government service designed to allow Saudi men to track their spouses and employees' whereabouts at all times. Read the rest
Facebook loves "zero rating," when an internet provider takes bribes from online services to exempt them from data charges on their networks: Facebook says that having a roster of (Facebook-approved) services that are free-to-use benefits the poorest people in a country (and the fact that this also makes "Facebook" synonymous with "internet" for whole nations is merely incidental). Read the rest
After a blockbuster report in Motherboard revealed that bounty hunters were able to buy realtime location data that originated with three of the four major cellular carriers (the exception is Verizon), the carriers scrambled to spin the news, insisting that the bounty hunter access represented a recent, small-scale aberration, but a new set of leaks reported on in Motherboard reveals that the practice has gone on for years, at industrial scale, and that the resellers who supplied bail bondsmen and other unsavory types in secret have changed names, but are still in business. Read the rest
Yesterday, Techcruch published a deeply reported account of Facebook's "Project Atlas,", a "research" app whose users were paid up to $20/month (plus affiliate fees) to install on Ios devices, which exploited third parties with access to Apple's developer program to install a man-in-the-middle certificate that allowed Facebook to harvest every conceivable kind of data from its users' Iphones and other Ios devices. Read the rest
The "Facebook Research" VPN is an app that circumvents Apple's ban on certain kinds of surveillance by cloaking itself as a beta app and distributing through the Applause, Betabound and Utest services, rather than Apple's App Store: users get up to $20/month, plus referral fees, to run the app, which comes with a man-in-the-middle certificate that lets Facebook intercept "private messages in social media apps, chats from in instant messaging apps – including photos/videos sent to others, emails, web searches, web browsing activity, and even ongoing location information by tapping into the feeds of any location tracking apps you may have installed." Read the rest
Stingrays (AKA IMSI catchers) are a widespread class of surveillance devices that target cellular phones by impersonating cellular towers to them (they're also called "cell-site simulators"). Read the rest
A really bad new law in Australia gives police the right to force companies like Apple to 'backdoor', or create encryption circumvention alternatives, in all their products. The issue has been controversial in the U.S. for a long time, and spiked in 2016 after the mass shooting in San Bernardino. Read the rest
Malware authors have a problem: they want their software to run aggressively when no one is looking at it, but to shut down entirely if the device it's running on is actually in some malware researcher's lab. Read the rest
America's major cellular carriers publish maps showing that virtually the entire state is well-covered, with solid signals and 5MB/s internet speeds, but Vermonters know that this is totally untrue. Read the rest
In the wake of this week's Motherboard scoop that the major US carriers sell customers' location data to marketing companies that sell it on to bounty hunters and other unsavory characters, Google has disclosed that they have told the carriers that supply service for its Google Fi mobile virtual network operator (MVNO) that they expect that Fi customers' data will not be sold this way. Read the rest
