A law enforcement Trojan takes advantage of the same recently patched iTunes flaw also used by Ghost Click botnet, according to a demo at a recent German trade show. Spiegel Online reports that a promo video for a variant of the FinFisher spyware application shows it exploits a vulnerability in iTunes to update the software on …
You know there is something wrong when
Goverments make 'hacking' tools illegal only for the security industry to turn around and sell hacking tools to goverments so they can spy on their citizens.
This nicely ties in with the story about Android security
Being behind so much.
I think all the delays are so that it is easy for multi-jurisdictional investigators to not lose track of a target if a wary target travels too frequently or forcibly makes the phone shut down, change firmware, or do other things.
And, since we don't always see public announcements of an update, how do we now the update we get is not crafted for us or someone in our neighborhood. If a target lives near us, but the spies/spooks/cops/union presiden'ts private investigators want to keep a firm leash on said person, then any nearby phones that can be commanded into silent wi-fi/silent blue-tooth mode could create a noose-like mesh network that "bulges" when the tracked target moves around.
Neat idea? Y/N/M?
"The latest version of iTunes requests update URLs over a secure (https) connection, thereby blocking man-in-the-middle attacks."
Unless, of course, a friendly CA is assisting the investigation.
IS WATCHING YOU!!!!!!!!
- 'Windows 9' LEAK: Microsoft's playing catchup with Linux
- Review A SCORCHIO fatboy SSD: Samsung SSD850 PRO 3D V-NAND
- Was Earth once covered in HELLFIRE? No – more like a wet Sunday night in Iceland
- Every billionaire needs a PANZER TANK, right? STOP THERE, Paul Allen
- First Irish boy band U2. Now Apple pushes ANOTHER thing into iPhones, iPods, iPads