A law enforcement Trojan takes advantage of the same recently patched iTunes flaw also used by Ghost Click botnet, according to a demo at a recent German trade show. Spiegel Online reports that a promo video for a variant of the FinFisher spyware application shows it exploits a vulnerability in iTunes to update the software on …
You know there is something wrong when
Goverments make 'hacking' tools illegal only for the security industry to turn around and sell hacking tools to goverments so they can spy on their citizens.
This nicely ties in with the story about Android security
Being behind so much.
I think all the delays are so that it is easy for multi-jurisdictional investigators to not lose track of a target if a wary target travels too frequently or forcibly makes the phone shut down, change firmware, or do other things.
And, since we don't always see public announcements of an update, how do we now the update we get is not crafted for us or someone in our neighborhood. If a target lives near us, but the spies/spooks/cops/union presiden'ts private investigators want to keep a firm leash on said person, then any nearby phones that can be commanded into silent wi-fi/silent blue-tooth mode could create a noose-like mesh network that "bulges" when the tracked target moves around.
Neat idea? Y/N/M?
"The latest version of iTunes requests update URLs over a secure (https) connection, thereby blocking man-in-the-middle attacks."
Unless, of course, a friendly CA is assisting the investigation.
IS WATCHING YOU!!!!!!!!
- JLaw, Kate Upton exposed in celeb nude pics hack
- Google flushes out users of old browsers by serving up CLUNKY, AGED version of search
- GCHQ protesters stick it to British spooks ... by drinking urine
- China: You, Microsoft. Office-Windows 'compatibility'. You have 20 days to explain
- Something for the Weekend, Sir? If you think 3D printing is just firing blanks, just you wait