If (keyword) the "intelligence" community - 5 eyes flavor, doesn't know who else is doing it - it's themselves.
You know they'd find out a lot quicker than EFF could - it's not like they have no money or resources.
An investigation by the Electronic Frontier Foundation and security biz Lookout has uncovered Dark Caracal, a surveillance-toolkit-for-hire that has been used to suck huge amounts of data from Android mobiles and Windows desktop PCs around the world. Dark Caracal [PDF] appears to be controlled from the Lebanon General …
This article is in serious need of being properly edited. Paragraphs that don't follow on from the previous one, words and even entire sentences repeated. I'm surprised this was put live in it's current state.
EDIT: And it's been completely rewritten. Perhaps the hacks here need the same 10 minute cooldown between submitting something and it being visible to everyone else.
Due to a technical cockup, an old draft of the piece went live instead of the final edit. We keep a history of all article revisions, and an early revision overwrote the latest one.
I just restored the final edit. The piece was edited hours ahead of publication, and set to go live at 8am PT / 4pm UTC. We don't publish stuff straight to the web - it gets edited by at least one editor.
Basically, someone with a browser tab open with an old version of the story clicked on 'save and close', rather than 'close', in our web publishing system, and overwrote the clean version. Oops. But it's fixed.
Don't forget to email firstname.lastname@example.org if you spot anything wrong.
This reminds me of what a colleague (it was not me!) did once.
Working in a large ISP, he had two terminal windows open. One was to his lab box and another one was a live LNS with approx 20k DSL subscriber services terminating.
I think you know what happened next. If you aren't sure, he copied some intended for the lab box into the live kit and instantly killed 20k user services.
I thought it was funnier than what he did.
Yeah, I've been caught out by something similar myself. Now I tend to colour-code windows to make it easy to tell them apart.
@Diodesign: That sounds fair enough, we've all done similar I don't doubt. I did think it was pretty shocking compared to the normal standards around here. Maybe this tale should get cross-referenced to On-Call?
I had a Samsung Galaxy S8 come into reserve stock off someone who was let go, and when I was checking how to set it up for another user I abandoned it and instead started a search for whoever authorised its purchase so they could start talking to our lawyer.
We have extreme high privacy demands, and what the Samsung Galaxy demands to be accepted before it even wants to work is not just excessive, I would venture it is effectively illegal under existing privacy laws.
There is an aspect to Data Protection that does not permit companies to force users to give access to their personal data, and the Samsung Galaxy S8 breaks that in many important ways. I am up to my eyeballs in work right now, but I reckon I will have time next week to report this formally to the Privacy Commission and CC the EU Art 29 working group.
From what I've seen, I reckon getting a deal with Samsung would be easier than installing spyware..
I would love to see the report!
Alcatel recently "upgraded" it's factory installed File Manager to include McAfee "antivirus" software as well as pushing advertising on to the users device.
It has the ability to scan the users network and Bluetooth connections.
Mind you, the devices already had AVG antivirus pre-installed from the factory as well.
There was no warning, no opt-in or opt-out and no prominent "privacy" policy displayed anywhere.
Users have complained loudly to both Alcatel and McAfee to no avail.
The line between "malware" and "legitimate" apps is no longer distinguishable.
Seems you need to do quite alot of manual steps to get this. Essentially you don't accidentally get this, someone needed physical access to your phone and deliberately put it there...
The sooner Google remove the ability to allow untrusted sources the better. Sure everyone will kick off and start crying like babies, some will shout about monopoly, as FDroid and Amazon app store and such would be obsolete, but it's the right thing to do, and it's no different to what Apple already does.
Biting the hand that feeds IT © 1998–2019