Sunday, March 11, 2018
It’s good to be the king.
Chinese Intelligence Agencies Are Doctoring the Country's Vulnerability Database
Chinese intelligence agencies are doctoring the Chinese National Vulnerabilities Database (CNNVD) to hide security flaws that government hackers might have an interest in, according to a report released on Friday by US threat intelligence firm Recorded Future.
… "CNNVD’s manipulation of its vulnerability publication data ultimately reveals more than it conceals," the Recorded Future team says.
"First, the selective backdating of vulnerability publication for the outliers is essentially a tacit confirmation from CNNVD of their vulnerability evaluation program and the operational use of some delayed vulnerabilities.
"Second, while many think of the MSS (Ministry of State Security) as primarily a foreign intelligence service, it also has a large, and arguably more important, domestic intelligence mandate."
Are similar phones available to non-criminals on the open market? I’d venture a ‘yes’ on that.
Feds Bust CEO Allegedly Selling Custom BlackBerry Phones to Sinaloa Drug Cartel
For years, a slew of shadowy companies have sold so-called encrypted phones, custom BlackBerry or Android devices that sometimes have the camera and microphone removed and only send secure messages through private networks. Several of those firms allegedly cater primarily for criminal organizations.
Now, the FBI has arrested the owner of one of the most established companies, Phantom Secure, as part of a complex law enforcement operation, according to court records and sources familiar with the matter.
… A complaint filed in the Southern District of California on Thursday charges Vincent Ramos, the founder and CEO of Canada-based Phantom, with racketeering conspiracy to conduct enterprise affairs, as well as conspiracy to distribute narcotics, and aiding and abetting. Authorities arrested Ramos on Thursday, according to the court docket. Crucially, the complaint alleges that Ramos and Phantom were not simply incidental to a crime, like Apple might be when a criminal uses an iPhone, but that the company was specifically created to facilitate criminal activity.
… In addition to removing the microphone and camera from BlackBerry devices, Phantom also takes out GPS navigation, internet browsing, and normal messenger services, the complaint reads. Phantom then installs Pretty Good Privacy (PGP) software to send encrypted messages, and routes these messages through overseas servers, the complaint alleges. The complaint points to Hong Kong and Panama as countries “believed by PHANTOM SECURE to be uncooperative with law enforcement.” Phantom can also remotely wipe devices in the event they are seized by authorities.
… Law enforcement agencies have cracked down on other encrypted phone companies allegedly catering to organised crime over the past few years. In 2016, Dutch investigators arrested the owner of Ennetcom, whose customers allegedly include hitmen, drug traffickers, and other serious criminals. And then in 2017, Dutch authorities also busted PGP Sure, which also allegedly catered to organized crime.
Perspective. If the government says “NO!” ignore them?
Stealth startup launches four unauthorized rogue satellites into orbit
The Indian-built PSLV-C40, which launched in January, had 31 satellites onboard. It carried a lot of cool stuff into orbit, including the Arkyd-6 satellite which could lead to asteroid mining, as well as the first commercial satellite for Finland.
It also carried an unauthorized payload: four tiny satellites from a stealth startup called Swarm Technologies, which didn’t have permission from the Federal Communications Commission (FCC). The nearly undetectable satellites could pose a hazard to the thousands of other orbiting spacecraft, the agency said.
… Realizing that their tiny satellites would raise red flags at the agency, the company installed GPS responders and covered the satellites in radar-reflecting material to make them easier to track.
The FCC disagreed, however, and rejected Swarm’s application for its satellite launch in December, citing safety concerns.
Perspective. For my Data Management Students.
The History of Digital Content (Infographic)
2.5 quintillion bytes of digital data are created every day -- that’s equivalent to the storage capacity of 36 million iPads.