A law enforcement Trojan takes advantage of the same recently patched iTunes flaw also used by Ghost Click botnet, according to a demo at a recent German trade show. Spiegel Online reports that a promo video for a variant of the FinFisher spyware application shows it exploits a vulnerability in iTunes to update the software on …
You know there is something wrong when
Goverments make 'hacking' tools illegal only for the security industry to turn around and sell hacking tools to goverments so they can spy on their citizens.
This nicely ties in with the story about Android security
Being behind so much.
I think all the delays are so that it is easy for multi-jurisdictional investigators to not lose track of a target if a wary target travels too frequently or forcibly makes the phone shut down, change firmware, or do other things.
And, since we don't always see public announcements of an update, how do we now the update we get is not crafted for us or someone in our neighborhood. If a target lives near us, but the spies/spooks/cops/union presiden'ts private investigators want to keep a firm leash on said person, then any nearby phones that can be commanded into silent wi-fi/silent blue-tooth mode could create a noose-like mesh network that "bulges" when the tracked target moves around.
Neat idea? Y/N/M?
"The latest version of iTunes requests update URLs over a secure (https) connection, thereby blocking man-in-the-middle attacks."
Unless, of course, a friendly CA is assisting the investigation.
IS WATCHING YOU!!!!!!!!
- Apple's spamtastic iBeacon retail alerts launch with Frisco FAIL
- Submerged Navy submarine successfully launches drone from missile tubes
- Cache in the Attic El Reg's contraptions confessional no.2: Tablet PC, CRT screen and more
- Pix Astroboffins spot HOT, YOUNG GIANT where she doesn't belong
- Developer unleashes bowel-shaking KILLER APP for Google Glass