A law enforcement Trojan takes advantage of the same recently patched iTunes flaw also used by Ghost Click botnet, according to a demo at a recent German trade show. Spiegel Online reports that a promo video for a variant of the FinFisher spyware application shows it exploits a vulnerability in iTunes to update the software on …
You know there is something wrong when
Goverments make 'hacking' tools illegal only for the security industry to turn around and sell hacking tools to goverments so they can spy on their citizens.
This nicely ties in with the story about Android security
Being behind so much.
I think all the delays are so that it is easy for multi-jurisdictional investigators to not lose track of a target if a wary target travels too frequently or forcibly makes the phone shut down, change firmware, or do other things.
And, since we don't always see public announcements of an update, how do we now the update we get is not crafted for us or someone in our neighborhood. If a target lives near us, but the spies/spooks/cops/union presiden'ts private investigators want to keep a firm leash on said person, then any nearby phones that can be commanded into silent wi-fi/silent blue-tooth mode could create a noose-like mesh network that "bulges" when the tracked target moves around.
Neat idea? Y/N/M?
"The latest version of iTunes requests update URLs over a secure (https) connection, thereby blocking man-in-the-middle attacks."
Unless, of course, a friendly CA is assisting the investigation.
IS WATCHING YOU!!!!!!!!
- Just TWO climate committee MPs contradict IPCC: The two with SCIENCE degrees
- 14 antivirus apps found to have security problems
- Apple winks at parents: C'mon, get your kid a tweaked Macbook Pro
- Feature Scotland's BIG question: Will independence cost me my broadband?
- Driverless car SQUADRONS to hit Britain in 2015