Amnesty International spearphished with government spyware — Naked Security

Pegasus spyware is supposed to be used solely by governments, to enable them to invisibly track criminals and terrorists

via Amnesty International spearphished with government spyware — Naked Security

Advertisements

Google Secretly Planning to Launch a Censored Search Engine in China

Capture 14.PNG

August 01, 2018

After an eight-year-long absence from the most populated country in the world, Google search is going to dramatically make a comeback in China.

Google is reportedly planning to launch a censored version of its search engine in China that is going to blacklist certain websites and search terms to comply with Chinese government’s attempts to censor the Internet, a whistleblower revealed.

According to leaked documents obtained by The Intercept, CEO Sundar Pichai met with a Chinese government official in December 2017 to re-enter the world’s largest market for internet users.

Project Dragonfly — Censored Google Search Engine

Since spring last year Google engineers have been secretly working on a project, dubbed “Dragonfly,” which currently includes two Android mobile apps named—Maotai and Longfei—one of which will get launched by the end of this year after Chinese officials approve it.

The censored version of Google search engine in the form of a mobile app reportedly aims to “blacklist sensitive queries” and filter out all websites (news, human rights, democracy, religion) blocked by the Chinese government, including Wikipedia, BBC News, Instagram, Facebook, and Twitter.

Besides this, Google will also blacklist words like human rights, democracy, religion and peaceful protests in Chinese of its search engine app.

“Documents seen by The Intercept, marked ‘Google confidential,’ say that Google’s Chinese search app will automatically identify and filter websites blocked by the Great Firewall,” Intercept’s journalist Ryan Gallagher said.

The censorship will also be embedded in Google’s image search, spell check, and suggested search features, which eventually means the search engine will not display Chinese users potentially “sensitive” terms or images banned by their government.

Some 200 Google employees are working on the Dragonfly project, one of them spoke to the publication because he/she was “against large companies and governments collaborating in the oppression of their people.”

 

“The source said that they had moral and ethical concerns about Google’s role in the censorship, which is being planned by a handful of top executives and managers at the company with no public scrutiny,” Ryan said.

The whistleblower also expressed concern that “what is done in China will become a template for many other nations,” as well and it will be “a big disaster for the information age.”

The news about Google’s new move comes less than a month after Apple’s Chinese data center partner transferred iCloud data, belonging to 130 million Chinese users, to a cloud storage service managed by a state-owned mobile telecom provider.

To comply with Chinese law and work in the mainland China, Apple moved the encryption keys and data of its Chinese iCloud users from its US servers to local servers on Chinese soil earlier this year, despite concerns from human rights activists.

British ex-spies warn of risks dealing with Chinese telecom Huawei

By Europe bureau chief Lisa Millar

Two of Britain’s top cyber security experts have warned against ignoring Huawei, saying banning the Chinese telecommunications giant is not an option for the West.

Robert Hannigan, former director of Britain's intelligence and security organisation GCHQ.

“In the future there will be lots of technologies that we need where the best provider in the world and the best technology is Chinese,” said Robert Hannigan, the former director of Britain’s intelligence and security organisation GCHQ.

“What are we going to do about this?

“Are we going to cut ourselves off from this, or are we going to manage the risk?”

The answer, according to Mr Hannigan and Nigel Inkster — a 30-year veteran of the Secret Intelligence Service (MI6) — is to accept that with risks come rewards.

“What we need to do is look at this at the broader strategic context of who controls and dominates these technologies at a global level in the 21st century,” Mr Inkster said.

Huawei entered the British market in 2001, and by 2005 had signed off on its first UK contract with BT (formerly British Telecom) as it embarked on a multi-billion-pound upgrade of its network.

“I think those in the intelligence and security community were from the outset aware of the problem that this relationship could cause,” Mr Inkster said.

“But one has to bear in mind that … this was taking place in a different era, we were still in a kind of end-of-history moment.

“There was simply less awareness within government as a whole of these security issues, and frankly less of a disposition to take them particularly seriously.”

The Cell

In 2010, the Huawei Cyber Security Evaluation Centre (HCSEC) was created — otherwise known as The Cell.

In a nondescript brown brick building in an industrial site 90 minutes north of London sits a team of cyber security experts, employed by Huawei and overseen by the British Government.

Positions advertised for the Banbury facility say Huawei is seeking those looking to build a “rewarding career in cyber security”.

Their job is to ensure the integrity of Huawei’s products, which include equipment used across the UK’s fibre-optic network.

It is a model that has been suggested for Australia, to ease concerns about security to the critical national infrastructure.

But the July annual report from the board that oversees The Cell raised concerns, using language not seen in its three previous reports.

“Identification of shortcomings in Huawei’s engineering processes have exposed new risks in the UK telecommunication networks and long-term challenges in mitigation and management,” the report said.

“Due to areas of concern exposed through the proper functioning of the mitigation strategy and associated oversight mechanisms, the oversight board can provide only limited assurance that all risks to UK national security from Huawei’s involvement in the UK’s critical networks have been sufficiently mitigated.”

Its concerns were sent to the British Prime Minister’s national security adviser.

“It looks like a bit of a warning shot has been fired by the UK Government,” Mr Hannigan said, who until last year oversaw the board that issued the report.

“It’s [The Cell] working up to a point, is the way I’d put it.

“The question is, what’s the alternative? Is the alternative banning Huawei better? I don’t think it is actually.”

Huawei welcomed the UK report and the feedback.

“It confirms the collaborative approach adopted by Huawei, the UK Government and operators is working as designed, meeting obligations and providing unique, world-class network integrity assurance through ongoing risk management,” a spokesperson for Huawei told the ABC.

“The report concludes that HCSEC’s operational independence is both robust and effective.”

Huawei insisted it was under more scrutiny than any other telco and The Cell had been proven as the best model for compliance.

The risk

But both Mr Inkster and Mr Hannigan agreed there were risks to dealing with Huawei.

“Huawei has relied very substantially on Chinese Government investment and technological assistance to develop rapidly to the point where they are,” Mr Inkster said.

“And if the Chinese Government ask them to do something, they’re not in the position to refuse.

“The challenge for those who simply want to ban it is, what’s the alternative?” Mr Hannigan reiterated.

“The challenge for those who think they can manage it is — are you kidding yourselves?

“There is simply no magic solution.”

Topics: world-politics, government-and-politics, defence-and-national-security, information-and-communication, science-and-technology, united-kingdom, china

We unite in times of disaster

1

I was reading a fellow country man’s article titled  “Why the Southern Highlands & Hela Provinces are important to me” and it inspired me to tell this story.  It almost brought tears down as I reflected on a similar experience back in 2001 when I was at Gordon’s market in Port Moresby. I was with a young Erave youth; his name is Leme who left his village when he was aged 5 years with his older brother because of a tribal fight that destroyed his entire village and displaced the villagers.  He went back to his village after some years but he could not settle in so he drifted to Madang with some “wantoks”. Homeless and wondering around I found him in town and took him in after hearing about his ordeals. He just became part of the family and he even changed his surname to my family name. Anyway we were in Port Moresby trying to locate his older brother who lived somewhere at 5 mile area.  As soon as we got off the PMV at Gordons market and walked past some women sitting behind their esky coolers selling ice block, his face suddenly lit up and he smiled. I asked what he was smiling about and he told me, “mi harim tokples ya”. (I can hear my native language being spoken.)

We eventually found some information from the ladies and went to 5 mile where he was reunited with his brother after all these years. He decided to stay with me in Madang instead of with his older brother. He is now married to a lady from Banab, NCR Madang and lives with her in the village.

Anyway, the point of these experience after reading the article by Scott Waide, I made these comments on his blog: “from my point of view we are all Papua New Guineans despite our language barriers and cultures. I am from the coastal region and I don’t know how to speak Erave or Tari languages but that did not stop the brotherhood that developed between Leme and myself.  Personally, I disagree with provincial day events and provincial flags. It only separates our unity as Papua New Guineans. I believe we should do away with promoting provinciality as it only stereotypes us into classes. Natural disasters like the Rabaul Volcanic eruptions in 1994, Aitepe Tsuanmi in 1998 and recent disasters at Manam, Kadovar and Mendi have brought back that unity of independence in 1975 despite our Provincial barriers.  Learning of how Bougainville supplied aid to the victims of the 7.5 magnitude earthquake in Southern Highlands is a classic example of this story. The bottom line is that we unite in times of disaster and emergency despite our cultural differences is a phenomenon worth considering in reforming our government of the day, its country values and our constitutional rights.”

Scott mentioned in another article that “…in the last 10 years, the monopoly of information has shifted from government to citizens…” and “…in a disaster prone country like Papua New Guinea, it is crucial that we review our processes and use our resources better..” which I totally agree with. There is no civil defense set up in Papua New Guinea unlike most countries. I am not referring to the PNGDF or the National Disaster Center in Port Moresby but non-combatant civilians, volunteers trained in the capacity of providing humanitarian relief work. This can be taught in schools by reforming education curriculums and the national qualification framework to train civilians at all levels of education.

If we really value National Security, as citizens we should not take sides in the political arena while the current sovereignty of our nation and democracy is being manipulated by greed, foreign gain and power.  Unity in times of disaster should be the same when it concerns the governance of national security.

Phone-cracking firm Cellebrite hacked

Source: BBC

Information about the customers of Cellebrite, an Israeli firm that markets hacking tools, has been stolen in a cyber-attack.

 

The breach was first reported by tech site Motherboard, which said it was sent 900 gigabytes of data by a hacker.

Cellebrite confirmed some information had been taken but said it was not aware of any “increased risk” to clients.

The firm added that it was now notifying affected customers.

Motherboard said the data – which was not distributed online – included “what appears to be evidence files from seized mobile phones, and logs from Cellebrite devices”.

However, Cellebrite did not respond to this in its statement.

When contacted by the BBC, a spokesman said its investigation was ongoing and it had no further information to add.

The firm did say that it recently detected “unauthorised access” on an external web server – activity it described as “illegal” – and that it had launched an investigation into the incident.

It added that the data taken related to an older user account system.

Last year, Cellebrite was linked to the FBI’s attempt to hack an iPhone used by San Bernardino killer Syed Rizwan Farook. The firm has neither confirmed nor denied involvement.

“The information accessed includes basic contact information of users registered for alerts or notifications on Cellebrite products and hashed passwords for users who have not yet migrated to the new system,” the company said.

Cellebrite advised users of the my.Cellebrite system to change their passwords.

“The sort of people who use Cellebrite products don’t necessarily want others to know that they’re using it,” said Prof Alan Woodward, a cybersecurity expert at the University of Surrey.

“Law enforcement agencies and perhaps security services will be using it.”

In 2015, hackers stole data from Italian surveillance company Hacking Team and released it on to the web.

The dump included information on countries that had bought Hacking Team products.

“It’s a direct analogy I would say,” Prof Woodward told the BBC. “The embarrassment factor is going to be the same.”

Shadow brokers’ farewell

Separately, 58 hacking tools for Windows PCs were released on to the web by a group calling itself “Shadow Brokers”.

The group announced the release in a farewell message, having attempted to auction the malware online last year. At the time, Shadow Brokers claimed it had been stolen from the NSA.

Besides the newly released files, Shadow Brokers said a full cache of exploits had been left online at a price of 750 bitcoins (£500,000).

Many of the exploits were not “zero days” – attack methods that have not yet been uncovered – but ones that had already been detected by cybersecurity firm Kaspersky, according to one analyst.

“Nobody was willing to pay them,” said Prof Woodward. “They sort of stomped off in a huff, basically.”

Prof Woodward added that while some of the exploits looked “sophisticated” there was no proof that any of the data had been taken from the NSA.

Competition in ICT industry to reduce charges

Source: Looppng

Asia Broadcast Satellite (ABS) introduction into the country’s ICT industry will help to lower the high cost of internet and voice charges.

Gabriel Pimentel, ABS Managing Director for the South East Asia and Asia Pacific made the comments today during the official presentation of individual operator licenses by the National Information and Communication Technology.

“ABS is a global satellite operator; traditionally we have been providing space segment bandwidth,  but we  have gone one step further, by not only being a satellite provider but in fact started to develop services on the ground, enabling a cheaper satellite bandwidth we bring which will be passed to the consumers,”  Pimentel said.

“We are providing much more competition to the existing (and) established (ISP) providers, and competition always resulted in benefit to the consumers, and in reality we have seen in the markets we have played, the more cost effective services results in more people using these facilities.”

Pimentel said providing ICT services to the rural areas are one of the company’s main objectives.

Meanwhile, NICTA chief executive officer Charles Punaha said, “for NICTA’s perspective, we are fortunate to have an international satellite operator coming into the country.

“It is our hope that it will provide for more competition in the market, and this is something we have been looking forward to for a number of years, and off course will result in the reduction of the current very high satellite bandwidth that has been offered in the market.

“It will result in the reduction on the price,” Punaha said.

International satellite operator to operate ICT services

Source: Looppng

A global international satellite operator has been given license to provide ICT services in the country.

National Information and Communication Technology Authority (NICTA) CEO, Charles Punaha today presented the individual operating licenses to Asia Broadcast Satellite (ABS).

ABS has offices in the United States, UAE, South Africa, Germany, Philippines, Indonesia and Hong Kong.

According to company’s website, ABS operates a fleet of satellites serving 93 per cent of the world.

ABS offers a complete range of End-to-End solutions including Direct to Home (DTH), Cable TV distribution (CATV), Cellular Backhaul, VSAT and Internet Backbone services with diverse IP transit through its European, Middle East and Asian internet gateways.

Punaha said one of the requirements was for ABS to incorporate a company in PNG to provide Information and Communication Technology (ICT) services, which the company had complied with.

“ABS has been one of our clients for the last 10 year, and we do filing for them, and also they assist us to do coordination.

“Most satellites are in the PNG filings, except one of them.

“And to this respect, ABS is not a newcomer to NICTA but to this occasion they have decided to open up a local office and submitted their application for licenses, which we will official handover to them three licenses approved by our board,” Punaha said.

The three licenses are;

–              Individual Network (facilities and services) license to provide data and internet services over facilities and infrastructures for its customers in PNG;

–              Individual Network Gateway License (Gateway) license to provide international connectivity services for international voice and data connectivity; and

–              Individual Application License to provide internet services (voice and data) in PNG.

Gabriel Pimentel, ABS managing director thanked NICTA for the trust and confidence in the company and said they will kick the ground running with the licenses.

“We believe PNG is sitting on wealth and needs to be developed on better communication, not only in the developed areas but also in rural areas. “