Group items tagged

HERE WAS A SIMPLE AIM at the heart of the top-secret program: Record the website browsing habits of “every visible user on the Internet.” Before long, billions of digital records about ordinary people’s online activities were being stored every day. Among them were details cataloging visits to porn, social media and news websites, search engines, chat forums, and blogs. The mass surveillance operation — code-named KARMA POLICE — was launched by British spies about seven years ago without any public debate or scrutiny. It was just one part of a giant global Internet spying apparatus built by the United Kingdom’s electronic eavesdropping agency, Government Communications Headquarters, or GCHQ. The revelations about the scope of the British agency’s surveillance are contained in documents obtained by The Intercept from National Security Agency whistleblower Edward Snowden. Previous reports based on the leaked files have exposed how GCHQ taps into Internet cables to monitor communications on a vast scale, but many details about what happens to the data after it has been vacuumed up have remained unclear.

Amid a renewed push from the U.K. government for more surveillance powers, more than two dozen documents being disclosed today by The Intercept reveal for the first time several major strands of GCHQ’s existing electronic eavesdropping capabilities.

The surveillance is underpinned by an opaque legal regime that has authorized GCHQ to sift through huge archives of metadata about the private phone calls, emails and Internet browsing logs of Brits, Americans, and any other citizens — all without a court order or judicial warrant

Criminals in 2017 managed to get an advanced backdoor preinstalled on Android devices before they left the factories of manufacturers, Google researchers confirmed on Thursday. Triada first came to light in 2016 in articles published by Kaspersky here and here, the first of which said the malware was "one of the most advanced mobile Trojans" the security firm's analysts had ever encountered. Once installed, Triada's chief purpose was to install apps that could be used to send spam and display ads. It employed an impressive kit of tools, including rooting exploits that bypassed security protections built into Android and the means to modify the Android OS' all-powerful Zygote process. That meant the malware could directly tamper with every installed app. Triada also connected to no fewer than 17 command and control servers. In July 2017, security firm Dr. Web reported that its researchers had found Triada built into the firmware of several Android devices, including the Leagoo M5 Plus, Leagoo M8, Nomu S10, and Nomu S20. The attackers used the backdoor to surreptitiously download and install modules. Because the backdoor was embedded into one of the OS libraries and located in the system section, it couldn't be deleted using standard methods, the report said. On Thursday, Google confirmed the Dr. Web report, although it stopped short of naming the manufacturers. Thursday's report also said the supply chain attack was pulled off by one or more partners the manufacturers used in preparing the final firmware image used in the affected devices.

A group of Chinese computer scientists from academia and industry have published a paper documenting a tool for fooling facial recognition software by shining hat-brim-mounted infrared LEDs on the user's face, projecting CCTV-visible, human-eye-invisible shapes designed to fool the face recognition software. The tactic lets the attacker specify which face the categorizer should "see" -- the researchers were able to trick the software into recognizing arbitrary faces as belonging to the musician Moby, the Korean politician Hoi-Chang and others.

On the Net Neutrality National Day of Action, Senate and House Democrats introduced a Congressional Review Act (CRA) resolution to overturn the Federal Communications Commission’s (FCC) partisan decision on net neutrality. At a press conference today, Senators Edward J. Markey (D-Mass.), Congressman Mike Doyle (PA-14), Senate Democratic Leader Chuck Schumer (D-N.Y.), and House Democratic Leader Nancy Pelosi (CA-12) announced introduction of House and Senate resolutions to fully restore the 2015 Open Internet Order. The Senate CRA resolution of disapproval stands at 50 supporters, including Republican Senator Susan Collins (R-Maine.). Rep. Doyle’s resolution in the House of Representatives currently has 150 co-sponsors.   The FCC’s Open Internet Order prohibited internet service providers from blocking, slowing down, or discriminating against content online. Repealing these net neutrality rules could lead to higher prices for consumers, slower internet traffic, and even blocked websites. A recent poll showed that 83 percent of Americans do not approve of the FCC’s action to repeal net neutrality rules.  

A copy of the CRA resolution can be found HERE.   Last week, the FCC’s rule repealing net neutrality was published in the Federal Register, leaving 60 legislative days to seek a vote on the Senate floor on the CRA resolutions. In order to force a vote on the Senate resolution, Senator Markey will submit a discharge petition, which requires a minimum of 30 Senators’ signature. Once the discharge petition is filed, Senator Markey and Senate Democrats will demand a vote on the resolution.

Mark Zuckerberg faces allegations that he developed a “malicious and fraudulent scheme” to exploit vast amounts of private data to earn Facebook billions and force rivals out of business. A company suing Facebook in a California court claims the social network’s chief executive “weaponised” the ability to access data from any user’s network of friends – the feature at the heart of the Cambridge Analytica scandal. A legal motion filed last week in the superior court of San Mateo draws upon extensive confidential emails and messages between Facebook senior executives including Mark Zuckerberg. He is named individually in the case and, it is claimed, had personal oversight of the scheme. Facebook rejects all claims, and has made a motion to have the case dismissed using a free speech defence.

It claims the first amendment protects its right to make “editorial decisions” as it sees fit. Zuckerberg and other senior executives have asserted that Facebook is a platform not a publisher, most recently in testimony to Congress.

Heather Whitney, a legal scholar who has written about social media companies for the Knight First Amendment Institute at Columbia University, said, in her opinion, this exposed a potential tension for Facebook. “Facebook’s claims in court that it is an editor for first amendment purposes and thus free to censor and alter the content available on its site is in tension with their, especially recent, claims before the public and US Congress to be neutral platforms.” The company that has filed the case, a former startup called Six4Three, is now trying to stop Facebook from having the case thrown out and has submitted legal arguments that draw on thousands of emails, the details of which are currently redacted. Facebook has until next Tuesday to file a motion requesting that the evidence remains sealed, otherwise the documents will be made public.

The escalating trade war is starting to damage Apple's brand in China, according to a new survey of Chinese consumer trends.  The brand consultancy Prophet surveyed 13,500 Chinese consumers and discovered that a wave of nationalism is sweeping across the country, deterring many from using US brands.  Apple plunged in the company's latest brand-relevance index, published Wednesday, which asked respondents which brands they liked the most. Apple crashed to No.24 in the index, falling from No. 11 last year. Before the trade war began, Apple was No. 5. Rivals like Huawei soared in the index to the No. 2 spot, just behind Chinese payment service Alipay.

Attorney General William Barr asks Facebook CEO Mark Zuckerberg to hold off on his plans to encrypt the company’s three messaging services until officials can determine it will not reduce public safety in a letter dated Oct. 4.Barr’s request is backed by officials in the U.K. and Australia. BuzzFeed News first reported the story after obtaining a draft of the open letter on Thursday. The letter, which the DOJ sent to CNBC Thursday, builds on concerns about Facebook’s plans to integrate and encrypt its messaging services across Messenger, Instagram and WhatsApp. A New York Times investigation published Saturday found that encrypted technology helps predators share child pornography online in a way that makes it much harder for law enforcement to track down.

After NBC News on Wednesday published a trove of leaked documents that show how Facebook "treated user data as a bargaining chip with external app developers," White House hopeful Sen. Bernie Sanders declared that it is time "to break Facebook up."

When British investigative journalist Duncan Campbell first shared the trove of documents with a handful of media outlets including NBC News in April, journalists Olivia Solon and Cyrus Farivar reported that "Facebook CEO Mark Zuckerberg oversaw plans to consolidate the social network's power and control competitors by treating its users' data as a bargaining chip, while publicly proclaiming to be protecting that data." With the publication Wednesday of nearly 7,000 pages of records—which include internal Facebook emails, web chats, notes, presentations, and spreadsheets—journalists and the public can now have a closer look at exactly how the company was using the vast amount of data it collects when it came to bargaining with third parties.

According to Solon and Farivar of NBC: Taken together, they show how Zuckerberg, along with his board and management team, found ways to tap Facebook users' data—including information about friends, relationships, and photos—as leverage over the companies it partnered with. In some cases, Facebook would reward partners by giving them preferential access to certain types of user data while denying the same access to rival companies. For example, Facebook gave Amazon special access to user data because it was spending money on Facebook advertising. In another case the messaging app MessageMe was cut off from access to data because it had grown too popular and could compete with Facebook.

The White House on Wednesday made public for the first time the rules by which the government decides to disclose or keep secret software flaws that can be turned into cyberweapons — whether by U.S. agencies hacking for foreign intelligence, money-hungry criminals or foreign spies seeking to penetrate American computers. The move to publish an un­classified charter responds to years of criticism that the process was unnecessarily opaque, fueling suspicion that it cloaked a stockpile of software flaws that the National Security Agency was hoarding to go after foreign targets but that put Americans’ cyber­security at risk.

The rules are part of the “Vulnerabilities Equities Process,” which the Obama administration revamped in 2014 as a multi­agency forum to debate whether and when to inform companies such as Microsoft and Juniper that the government has discovered or bought a software flaw that, if weaponized, could affect the security of their product. The Trump administration has mostly not altered the rules under which the government reaches a decision but is disclosing its process. Under the VEP, an “equities review board” of at least a dozen national security and civilian agencies will meet monthly — or more often, if a need arises — to discuss newly discovered vulnerabilities. Besides the NSA, the CIA and the FBI, the list includes the Treasury, Commerce and State departments, and the Office of Management and Budget. The priority is on disclosure, the policy states, to protect core Internet systems, the U.S. economy and critical infrastructure, unless there is “a demonstrable, overriding interest” in using the flaw for intelligence or law enforcement purposes. The government has long said that it discloses the vast majority — more than 90 percent — of the vulnerabilities it discovers or buys in products from defense contractors or other sellers. In recent years, that has amounted to more than 100 a year, according to people familiar with the process. But because the process was classified, the National Security Council, which runs the discussion, was never able to reveal any numbers. Now, Joyce said, the number of flaws disclosed and the number retained will be made public in an annual report. A classified version will be sent to Congress, he said.

The Israeli Deputy Foreign Minister, Member of Knesset Tzipi Hotovely, held meetings this week with representatives of YouTube and Google, to find ways of cooperating to censor Palestinian videos from occupied Palestine, videos she dubbed as “inciting violence and terrorism.”Israeli daily Maariv said Hotovely will be working with Google and YouTube officials in a joint mechanism that will be in charge of “monitoring and preventing” any publication of materials deemed by Tel Aviv to be “inflammatory.” Hotovely announced in a Hebrew-only press release that she met with YouTube CEO Susan Wojcicki, and Google’s Director of Public Policy, Jennifer Oztzistzki, at Google’s Silicon Valley Offices. Hotovely said that she received a comprehensive review mechanism for companies to monitor the films that allegedly incite violence, claiming that the supposed ‘incitement videos’ drive young children to go out and stab: ‘The attacks daily in Israel are the result of youths and children incited by the education system and the social networks, this is a daily war of incitement.’ She said that Google agreed to strengthen the bilateral relations with Israel’s Foreign Ministry, and build a mechanism of “collaborative work” that would make both parties partners in monitoring the published materials and censoring them. The Israeli move comes amidst escalating tension in occupied Palestine, and a large number of videos, including those showing Israeli soldiers and officers killing Palestinians execution-style after injuring them, and many videos that in general highlight the suffering of the Palestinian people, living under the illegal Israeli occupation of Palestine. The Israeli coordination with Google and YouTube has very serious implications, and many journalists have spoken out in opposition, saying it is a direct assault on the Freedom of the Press.

All foreign journalists who report in the Occupied Territories are required to register with the Israeli military, and any footage that they film is required to go through the Israeli Military Censor’s office before it can be released. With the recent advances in technology, many Palestinians and other civilians have been able to post videos uncensored online. The Israeli government has frequently voiced its discontent with this development, and have worked to find ways to continue to censor videos coming out of the Occupied Palestinian Territories.

A former Google engineer has released nearly 1,000 pages of documents that he says prove that the company, at least in some of its products, secretly boosts or demotes content based on what it deems to be true or false, while publicly claiming to be a neutral platform. The software engineer, Zach Vorhies, first provided the documents to Project Veritas, a right-leaning investigative journalism nonprofit, as well as the Justice Department’s antitrust division, which has been investigating Google for potentially anti-competitive behavior.

When he returned to work, however, Google sent him a letter demanding, among other things, that he turn over his employee badge and work laptop, which he did, and “cease and desist” from disclosing “any non-public Google files.” Afraid for his safety, he posted on Twitter that if something would happen to him, all the documents he took would be released to the public.Google then did a “wellness check” on him, he said. The San Francisco police received a call that Vorhies may be mentally ill. A group of officers waited for him outside his house and put him in handcuffs. “This is a large way in which they intimidate their employees that go rogue on the company,” he said.Vorhies then decided that it would be safer for him to go public.

One of the goals of the effort was a “clean & regularly sanitized news corpus,” it reads.

California’s attorney general has gone to court to force Facebook to hand over documents as part of an investigation into the company. Xavier Becerra filed a “petition to enforce investigative subpoena” with the Superior Court of California in San Francisco on Wednesday morning, arguing that Facebook’s response to his subpoenas has been “patently inadequate.” Citing a “lack of cooperation” not just with his office but also the Federal Trade Commission (FTC), Xavier Becerra points out [PDF] that it took Facebook a year to respond to his initial inquiry to produce documents relating to the Cambridge Analytica scandal, where Facebook allowed a third party to access vast amounts of personal information through its systems.

Not only that but Facebook flat out refused to “search communications involving senior executives,” meaning that it refused to search for relevant information in the emails and other communications of CEO Mark Zuckerberg and COO Sheryl Sandberg, among others. “Facebook is not just continuing to drag its feet, it is failing to comply with lawfully issued subpoenas and interrogatories,” the filing states.

The filing comes the same day that 7,000 pages of internal Facebook files were published online. Those documents were obtained and leaked amid a lawsuit between Facebook and a third-party app developer and were labelled as “highly confidential” by the antisocial network. The main upshot of those files is that they show Facebook used the data it gathered on millions of its users as a business weapon: it provided people's profile information to companies that, for instance, agreed to spend hundreds of thousands of dollars on adverts within Facebook, and it cut off developers that posed a competitive threat to its ever-growing stable of companies and services (or developers that wouldn't pay up, or were just too sketchy for the internet giant.) This confirms earlier reporting. CEO Zuckerberg also continues to avoid visiting London, or anywhere in the UK, out of fear he will be arrested for repeatedly failing to comply with a request by Parliament to answer questions about Facebook’s actions, as revealed in the tranche of documents.

Just before midnight on Friday, at the close of what was a hectic month for markets, WSJ dropped a bombshell of a story: The paper reported that the DoJ has opened an anti-trust investigation of Alphabet Inc., which could "present a major new layer of regulatory scrutiny for the search giant, according to people familiar with the matter." The report was sourced to "people familiar with the matter," but was swiftly corroborated by the New York Times, Bloomberg and others. For months now, the FTC has appeared to be gearing up for a showdown with big tech. The agency - which shares anti-trust authority with the DoJ - has created a new commission that could help undo big-tech tie-ups like Facebook's acquisition of Instagram, and hired lawyers who have advanced new anti-monopoly theories that would help justify the breakup of companies like Amazon. But as it turns out, the Trump administration's first salvo against big tech didn't come from the FTC; instead, this responsibility has been delegated to the DoJ, which has reportedly been tasked with supervising the investigation into Google. That's not super surprising, since the FTC already had its chance to nail Google with an anti-monopoly probe back in 2013. But the agency came up short. From what we can tell, it appears the administration will divvy up responsibility for any future anti-trust investigations between the two agencies, which means the FTC - which is already reportedly preparing to levy a massive fine against Facebook - could end up taking the lead in those cases.

Though WSJ didn't specify which aspects of Google's business might come under the microscope, a string of multi-billion-euro fines recently levied by the EU might offer some guidance. The bloc's anti-trust authority, which has been far more eager to take on American tech giants than its American counterpart (for reasons that should be obvious to all), has fined Google over its practice of bundling software with its standard Android license, the way its search engine rankings favor its own product listings, and ways it has harmed competition in the digital advertising market. During the height of the controversy over big tech's abuses of sensitive user data last year, the Verge published a story speculating about how the monopolistic tendencies of each of the dominant Silicon Valley tech giants could be remedied. For Google, the Verge argued, the best remedy would be a ban on acquisitions - a strategy that has been bandied about in Congress.

As traders focused on bank earnings and the outlook for global growth, NBC News wrested the market's attention back toward Facebook by publishing a report on what appears to be the largest leak of internal documents since the data privacy scandal that has dogged the company for more than a year erupted with the first reports about Cambridge Analytica's 'improper' leveraging of Facebook user data to influence elections.

Some 4,000 pages of documents shared with the network news organization by a journalist affiliated with the ICIJ, the same organization that helped bring us the Panama Papers leaks, revealed that Facebook had employed sensitive user data as a bargaining chip to attract major advertisers and close other deals between 2011 and 2015, when the company was struggling to cement its business model following its botched 2012 IPO.

Facebook essentially offered companies like Amazon unfettered access to its data in exchange for agreeing to advertise on Facebook's platform, according to the documents, only a small fraction of which have been previously reported on. All of this was happening at a time when the company publicly professed to bee safeguarding user data.

Facebook Inc on Wednesday pledged to invest at least $1bn in the news industry over the next three years, days after a high-profile standoff with the Australian government over paying news outlets for content. The social network’s commitment to the news industry follows Google’s $1bn investment last year, as technology giants come under scrutiny over their business models as well as the proliferation of misinformation on their platforms.

Facebook on Tuesday restored Australian news pages, ending an unprecedented weeklong blackout after the company wrung concessions from the government over a proposed law that will require tech giants to pay traditional media companies for their content. The brief blackout shocked the global news industry, which has already seen its business model upended by the tech giants.

Facebook said on Wednesday that it has already invested $600m in the news industry since 2018. The social media company added it was in active negotiations with news publishers in Germany and France for a deal to pay for content for its news product, where users can find headlines and stories next to a personalised news feed.

House lawmakers who spent the last 16 months investigating the practices of the world’s largest technology companies said on Tuesday that Amazon, Apple, Facebook and Google had exercised and abused their monopoly power and called for the most sweeping changes to antitrust laws in half a century.In a 449-page report that was presented by the House Judiciary Committee’s Democratic leadership, lawmakers said the four companies had turned from “scrappy” start-ups into “the kinds of monopolies we last saw in the era of oil barons and railroad tycoons.” The lawmakers said the companies had abused their dominant positions, setting and often dictating prices and rules for commerce, search, advertising, social networking and publishing.The House ReportRead the full report here »

To amend the inequities, the lawmakers recommended restoring competition by effectively breaking up the companies, emboldening the agencies that police market concentration and throwing up hurdles for the companies to acquire start-ups. They also proposed reforming antitrust laws, in the biggest potential shift since the Hart-Scott-Rodino Act of 1976 created stronger reviews of big mergers.

Three states and the District of Columbia allege that the tech giant misled consumers by continuing to track those who had changed their privacy settings to prevent data collection.

Google is also fighting an antitrust lawsuit led by Texas in which states have accused the company of obtaining and abusing a monopoly over the systems that allow publishers to auction off ad space to marketers. On Friday, Google asked a federal court to dismiss the lawsuit.The lawsuits add to a mounting offensive by regulators to curtail the power and business practices of Silicon Valley giants like Google, Facebook, Amazon and Apple. State and federal regulators have filed dozens of antitrust, consumer protection, privacy and trade lawsuits in an attempt to curb the business models or break up the companies. A Senate committee last week advanced potentially landmark antitrust legislation that tries to weaken the dominance of the internet giants.

The former Senior Director of Safety & Security at eBay, and the company’s former Director of Global Resiliency, have been sentenced to prison for their roles in a cyberstalking campaign. The targets of the campaign were the editor and publisher of a newsletter that eBay executives viewed as critical of the company.

For those that missed the reason for these sentences, we’ll need a quick rewind to 2019. Many see this letter by a hedge fund demanding better results from eBay as a direct cause for what followed. The letter caused some stress among eBay management, and for some reason they saw the negative reviews by EcommerceBytes as an obstacle that was holding their desired success back. EcommerceBytes was and is a resource for sellers on a number of platforms that enable users to sell items online. The website was set up by a couple that were both e-commerce bloggers. The eBay management team at the time was very unhappy with the criticism it got on the site. A third victim of their attention was the handler of a Twitter account named Fidomaster.

It was not that EcommerceBytes focused on ebay. Lots of similar companies featured in its e-commerce newsletter. Only the eBay employees felt the need to act and tried to silence them. A campaign was launched by eBay’s staff to harass and threaten the critics. This campaign featured packages being sent containing cockroaches, a bloody pig mask and pornography, death threats, physical surveillance, and late-night pizza deliveries. A full recount of what they had to go through makes for a gruesome read.

Google and Amazon are both set to help build “Project Nimbus,” a mammoth new cloud computing project for the Israeli government and military that is spurring intense dissent among employees and the public alike. Shareholders of both firms will soon vote on resolutions that would mandate reconsideration of a project they fear has grave human rights consequences. Little is known of the plan, reportedly worth over $1 billion, beyond the fact that it would consolidate the Israeli government’s public sector cloud computing needs onto servers housed within the country’s borders and subject solely to Israeli law, rather than remote data centers distributed around the world. Part of the plan’s promise is that it would insulate Israel’s computing needs from threats of international boycotts, sanctions, or other political pressures stemming from the ongoing military occupation of Palestine; according to a Times of Israel report, the terms of the Project Nimbus contract prohibit both companies from shutting off service to the government, or from selectively excluding certain government offices from using the new domestic cloud.

While a wide variety of government ministries will make use of the new computing power and data storage, the fact that Google and Amazon may be directly bolstering the capabilities of the Israeli military and internal security services has generated alarm from both human rights observers and company engineers. In October 2021, The Guardian published a letter from a group of anonymous Google and Amazon employees objecting to their company’s participation. “This technology allows for further surveillance of and unlawful data collection on Palestinians, and facilitates expansion of Israel’s illegal settlements on Palestinian land,” the letter read. “We cannot look the other way, as the products we build are used to deny Palestinians their basic rights, force Palestinians out of their homes and attack Palestinians in the Gaza Strip — actions that have prompted war crime investigations by the international criminal court.” In March, an American Google employee who had helped organize the employee opposition to Nimbus said the company abruptly told her she could either move to Brazil or lose her job, a move she said was retaliation for her stance. Nimbus will now face a referendum of sorts among Google and Amazon shareholders, who next month will vote on a pair of resolutions that call for company-funded reviews of their participation in that project and others that might harm human rights.

Facebook and Google are among multiple Big Tech companies seeking to have Texas’ new law banning political censorship on social media axed by the Supreme Court. According to The Washington Post, advocacy groups NetChoice and the Computer & Communications Industry Association (CCIA) filed an emergency application with the U.S. Supreme Court on Friday on behalf of Facebook, Google and other Big Tech companies, with the intention of striking down the new Texas law that prohibits censorship based on political ideology on social media. In a statement about the emergency filing, NetChoice counsel Chris Marchese argues that the Texas law, which went into effect last Wednesday, “strips private online businesses of their speech rights, forbids them from making constitutionally protected editorial decisions, and forces them to publish and promote objectionable content.”

“Left standing, [the Texas law] will turn the First Amendment on its head — to violate free speech, the government need only claim to be ‘protecting’ it,” Marchese added. Under the law, Texas residents and the state’s attorney general would be permitted to sue social media companies based in the United States if they believe their social media accounts were censored based on their political views. While the law was initially blocked by a federal district judge after it was signed last September by Texas Gov. Greg Abbot, the injunction was ultimately lifted by an appeals court last Wednesday. Big Tech companies have been consistently charged with weaponizing their “Terms of Service” agreements with users in an effort to ban or censor those expressing traditionally conservative or right-wing views on their extremely large and influential platforms.