Connect with us

Technology

Emmanuel Macron ‘pushes for Israeli inquiry’ into NSO spyware concerns | France

Voice Of EU

Published

on

Emmanuel Macron has reportedly spoken to the Israeli prime minister, Naftali Bennett, to ensure that the Israeli government is “properly investigating” allegations that the French president could have been targeted with Israeli-made spyware by Morocco’s security services.

In a phone call, Macron expressed concern that his phone and those of most of his cabinet could have been infected with Pegasus, hacking software developed by the Israeli surveillance firm NSO Group, which enables operators of the tool to extract messages, photos and emails, record calls and secretly activate microphones from infected devices.

The leaked database at the heart of the Pegasus project includes Macron’s mobile phone number.

NSO has said Macron was not a “target” of any of its customers, meaning the company denies he was selected for surveillance using Pegasus. The company says that the fact that a number appeared on the list was in no way indicative of whether that number was selected for surveillance using Pegasus.

The Pegasus project could not examine the mobile phones of the leaders and diplomats, and could therefore not confirm whether there had been any attempt to install malware on their phones.

Quick Guide

What is in the Pegasus project data?

Show

What is in the data leak?

The data leak is a list of more than 50,000 phone numbers that, since 2016, are believed to have been selected as those of people of interest by government clients of NSO Group, which sells surveillance software. The data also contains the time and date that numbers were selected, or entered on to a system. Forbidden Stories, a Paris-based nonprofit journalism organisation, and Amnesty International initially had access to the list and shared access with 16 media organisations including the Guardian. More than 80 journalists have worked together over several months as part of the Pegasus project. Amnesty’s Security Lab, a technical partner on the project, did the forensic analyses.

What does the leak indicate?

The consortium believes the data indicates the potential targets NSO’s government clients identified in advance of possible surveillance. While the data is an indication of intent, the presence of a number in the data does not reveal whether there was an attempt to infect the phone with spyware such as Pegasus, the company’s signature surveillance tool, or whether any attempt succeeded. The presence in the data of a very small number of landlines and US numbers, which NSO says are “technically impossible” to access with its tools, reveals some targets were selected by NSO clients even though they could not be infected with Pegasus. However, forensic examinations of a small sample of mobile phones with numbers on the list found tight correlations between the time and date of a number in the data and the start of Pegasus activity – in some cases as little as a few seconds.

What did forensic analysis reveal?

Amnesty examined 67 smartphones where attacks were suspected. Of those, 23 were successfully infected and 14 showed signs of attempted penetration. For the remaining 30, the tests were inconclusive, in several cases because the handsets had been replaced. Fifteen of the phones were Android devices, none of which showed evidence of successful infection. However, unlike iPhones, phones that use Android do not log the kinds of information required for Amnesty’s detective work. Three Android phones showed signs of targeting, such as Pegasus-linked SMS messages.

Amnesty shared “backup copies” of four iPhones with Citizen Lab, a research group at the University of Toronto that specialises in studying Pegasus, which confirmed that they showed signs of Pegasus infection. Citizen Lab also conducted a peer review of Amnesty’s forensic methods, and found them to be sound.

Which NSO clients were selecting numbers?

While the data is organised into clusters, indicative of individual NSO clients, it does not say which NSO client was responsible for selecting any given number. NSO claims to sell its tools to 60 clients in 40 countries, but refuses to identify them. By closely examining the pattern of targeting by individual clients in the leaked data, media partners were able to identify 10 governments believed to be responsible for selecting the targets: Azerbaijan, Bahrain, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia, Hungary, India, and the United Arab Emirates. Citizen Lab has also found evidence of all 10 being clients of NSO.

What does NSO Group say?

You can read NSO Group’s full statement here. The company has always said it does not have access to the data of its customers’ targets. Through its lawyers, NSO said the consortium had made “incorrect assumptions” about which clients use the company’s technology. It said the 50,000 number was “exaggerated” and that the list could not be a list of numbers “targeted by governments using Pegasus”. The lawyers said NSO had reason to believe the list accessed by the consortium “is not a list of numbers targeted by governments using Pegasus, but instead, may be part of a larger list of numbers that might have been used by NSO Group customers for other purposes”. They said it was a list of numbers that anyone could search on an open source system. After further questions, the lawyers said the consortium was basing its findings “on misleading interpretation of leaked data from accessible and overt basic information, such as HLR Lookup services, which have no bearing on the list of the customers’ targets of Pegasus or any other NSO products … we still do not see any correlation of these lists to anything related to use of NSO Group technologies”. Following publication, they explained that they considered a “target” to be a phone that was the subject of a successful or attempted (but failed) infection by Pegasus, and reiterated that the list of 50,000 phones was too large for it to represent “targets” of Pegasus. They said that the fact that a number appeared on the list was in no way indicative of whether it had been selected for surveillance using Pegasus. 

What is HLR lookup data?

The term HLR, or home location register, refers to a database that is essential to operating mobile phone networks. Such registers keep records on the networks of phone users and their general locations, along with other identifying information that is used routinely in routing calls and texts. Telecoms and surveillance experts say HLR data can sometimes be used in the early phase of a surveillance attempt, when identifying whether it is possible to connect to a phone. The consortium understands NSO clients have the capability through an interface on the Pegasus system to conduct HLR lookup inquiries. It is unclear whether Pegasus operators are required to conduct HRL lookup inquiries via its interface to use its software; an NSO source stressed its clients may have different reasons – unrelated to Pegasus – for conducting HLR lookups via an NSO system.

Thank you for your feedback.

The Macron-Bennett phone call reportedly took place on Thursday, but was first reported by Israel’s Channel 12 News on Saturday evening after the end of Shabbat, the Jewish day of rest.

The prime minister’s office has declined to comment on the phone call or the two leaders’ conversation. According to Channel 12, an unnamed source said Bennett had stressed that the alleged events occurred before he took office in May, and that a commission was examining whether rules on Israel’s export of cyberweapons such as Pegasus should be tightened.

The Pegasus project – a consortium of 17 media outlets, including the Guardian – revealed last week that government clients around the world have used the hacking software sold by NSO to target human rights activists, journalists and lawyers.

The investigation has been based on forensic analysis of phones and analysis of a leaked database of 50,000 numbers, including that of Macron and those of heads of state and senior government, diplomatic and military officials, in 34 countries.

In multiple statements, NSO said the fact a number appeared on the leaked list was in no way indicative of whether it was selected for surveillance using Pegasus. “The list is not a list of Pegasus targets or potential targets,” the company said. “The numbers in the list are not related to NSO Group in any way.”

But the list is believed to provide insights into those identified as persons of interest by NSO’s clients. It includes people whose phones showed traces of NSO’s signature phone-hacking spyware, Pegasus, according to forensic analysis of their devices. The analysis was conducted by Amnesty International’s security lab, which discovered traces of Pegasus-related activity on 37 out of 67 phones that it analysed.

Q&A

What is the Pegasus project?

Show

The Pegasus project is a collaborative journalistic investigation into the NSO Group and its clients. The company sells surveillance technology to governments worldwide. Its flagship product is Pegasus, spying software – or spyware – that targets iPhones and Android devices. Once a phone is infected, a Pegasus operator can secretly extract chats, photos, emails and location data, or activate microphones and cameras without a user knowing.

Forbidden Stories, a Paris-based nonprofit journalism organisation, and Amnesty International had access to a leak of more than 50,000 phone numbers selected as targets by clients of NSO since 2016. Access to the data was then shared with the Guardian and 16 other news organisations, including the Washington Post, Le Monde, Die Zeit and Süddeutsche Zeitung. More than 80 journalists have worked collaboratively over several months on the investigation, which was coordinated by Forbidden Stories.

Thank you for your feedback.

While the rest of the world grapples with the seismic consequences of the revelations, in Israel reaction has been muted. Meretz, a leftwing party long in opposition but now part of the new government coalition, has asked the defence ministry for “clarification” on the issue, but no party is seeking a freeze of export licences or an inquiry into NSO’s close links to the Israeli state under the tenure of the former prime minister Benjamin Netanyahu.

The defence minister, Benny Gantz, has defended export licences for the hacking tools, claiming that “countries that purchase these systems must meet the terms of use”, which are solely for criminal and terrorism investigations.

But as the mammoth impact of the disclosures has become clearer, the diplomatic pressure on Israel is mounting. On Thursday, the senior Israeli MP Ram Ben-Barak – a former deputy head of the Mossad spy agency – confirmed that the Israeli defence establishment had “appointed a review commission made up of a number of groups” to examine whether policy changes were needed regarding sensitive cyber exports.

US defence officials have also asked their Israeli counterparts for more details on the “disturbing” disclosures stemming from the Pegasus project, the Israeli newspaper Haaretz reported on Saturday.

Source link

Technology

‘I hope the world will be safer’, says Molly Russell’s father after inquest – video | Technology

Voice Of EU

Published

on

Molly Russell’s father has accused the world’s biggest social media firms of ‘monetising misery’ after an inquest ruled that harmful online content contributed to the 14-year-old’s death.

Ian Russell accused Meta, the owner of Facebook and Instagram, of guiding his daughter on a ‘demented trail of life-sucking content’, after the landmark ruling raised the regulatory pressure on social media companies.

The inquest heard on Friday that Molly, from Harrow, north-west London, had viewed large amounts of content related to suicide, depression, self-harm and anxiety on Instagram and Pinterest before she died in November 2017

Source link

Continue Reading

Technology

Google delays execution of deprecated Chrome extensions • The Register

Voice Of EU

Published

on

Google has delayed its browser extension platform transition for enterprise customers, giving those using managed versions of Chrome with the deprecated Manifest v2 (MV2) extensions an extra six months of support.

The Chocolate Factory has also redefined its deadlines for general Chrome users to make the transition to the new platform, called Manifest v3 (MV3), less of a shock to the system.

“Chrome will take a gradual and experimental approach to turning off Manifest V2 to ensure a smooth end-user experience during the phase-out process,” explained David Li, a product manager at Google, in a blog post. “We would like to make sure developers have the information they need, with plenty of time to transition to the new manifest version and to roll out changes to their users.”

Chrome will take a gradual and experimental approach to turning off Manifest V2 to ensure a smooth end-user experience

Developers, in other words, need more time to rewrite their extension code.

Previously, as of January 2023, Chrome was to stop running MV2 extensions. Enterprise managed Chrome installations had an extra six months with MV2, until June 2023.

The current schedule says MV2 extensions may or may not work in developer-oriented versions of Chrome used outside of enterprises. “Starting in Chrome 112, Chrome may run experiments to turn off support for Manifest V2 extensions in Canary, Dev, and Beta channels,” the timeline says.

And then in June 2023, MV2 extensions may or may not get disabled in any version of Chrome, including the Stable channel used by most people.

New MV2 extensions could no longer be added to the Chrome Web Store in June 2022, and that remains unchanged under the new roadmap; MV2 extensions already available the Chrome Web Store can still be downloaded and can still receive updates.

As of June 2023, MV2 extensions will no longer be visible in the store (so they can’t be newly installed, but can still be updated for existing users).

Come January 2024, nothing will be left to chance: the Chrome Web Store will stop accepting updates to MV2 extensions, all MV2 extensions will be removed from the store, and the MV2 usage in enterprises will end.

Li suggests developers make the transition sooner rather than later “because those [MV2] extensions may stop working at any time following the aforementioned dates.”

In recognition of the confusion among developers trying to adapt their extensions to MV3, Li said Google has implemented new APIs and platform improvements and has created a progress page to provide more transparency with regard to the state of MV2-MV3 transition.

Since 2018, Google has been revising the code that defines what browser extensions can do in Chrome. Its outgoing architecture known as Manifest v2 proved too powerful – it could be used by rogue add-ons to steal data, for example – and Google claimed use of those capabilities hindered browser performance. Critics like the EFF have disputed that.

Coincidentally, those capabilities, particularly the ability to intercept and revise network requests based on dynamic criteria, made Manifest v2 useful for blocking content and privacy-violating tracking scripts.

Under the new Manifest v3 regime, extensions have been domesticated. As a result, they appear to use computing resources more efficiently while being less effective at content blocking.

Illustration of the Facebook logo surrounded by thumbs down

Facebook is one bad Chrome extension away from another Cambridge Analytica scandal

READ MORE

Whether or not this results in meaningful performance improvement, the MV3 change has been championed by Google for Chrome and the open source Chromium project, and is being supported by those building atop Chromium, like Microsoft Edge, as well as Apple’s WebKit-based Safari and Mozilla’s Gecko-based Firefox.

However, Brave, Mozilla, and Vivadi have said they intend to continue supporting Manifest v2 extensions for an indeterminate amount of time. How long that will last is anyone’s guess.

Brave, like other privacy-oriented companies and advocacy groups, has made it clear this regime change is not to its liking. “With Manifest V3, Google is harming privacy and limiting user choice,” the developer said via Twitter. “The bottom line, though, is that Brave will still continue to offer leading protection against invasive ads and trackers.”

With Manifest V3, Google is harming privacy and limiting user choice

Google, on its timeline, suggests MV3 is approaching “full feature parity with Manifest V2.”

Extension developers appear to be skeptical about that. On Friday, in response to Google’s timeline revision posted to the Chromium Extension Google Group, a developer forum member who goes by the pseudonym “wOxxOm” slammed Google for posts full of corporate lingo about safety and security and pushed back against its statement about feature parity.

“[T]his definitely sounds reasonable if you don’t know the context, but given the subsequently plotted timeline it becomes a gross exaggeration and a borderline lie, because with the progress rate we all observed over the past years it’ll take at least several years more for MV3 to become reliable and feature-rich enough to replace MV2, not half a year or a year,” wOxxOm posted.

“Neither the issue list nor the announcement acknowledge that MV3 is still half-broken and unusable for anything other than a beta test due to its unreliable registration of service workers that break extensions completely for thousands of users, soon for millions because no one in Chromium has yet found out the exact reason of the bug, hence they can’t be sure they’ll fix it in the next months.”

This may not be the last time Google revises its transition timeline. ®



Source link

Continue Reading

Technology

Irish Research Council pumps €27m to fund next generation of researchers

Voice Of EU

Published

on

A total of 316 awardees of the IRC’s Government of Ireland programme will receive funding to conduct ‘pioneering’ research.

Postgraduate and postdoctoral researchers in Ireland are set to get €27m in funding from the Irish Research Council (IRC) through its flagship Government of Ireland programme.

In an announcement today (30 September), the IRC said that a total of 316 Government of Ireland awards will be given to researchers in the country, including 239 postgraduate scholarships and 77 postdoctoral fellowships.

Awardees under the scheme will conduct research on a broad range of topics, from machine translation and social media to protecting wild bee populations and bioplastics.

“The prestigious awards recognise and fund pioneering research projects along with addressing new and emerging fields of research that introduce creative and innovative approaches across all disciplines, including the sciences, humanities and the arts,” said IRC director Louise Callinan.

Awardees

One of the science-focused postgraduate awardees, University of Galway’s Cherrelle Johnson, is working on the long-term sustainability of bioplastics as an alternative to fossil fuel-based plastics.

Another, Royal College of Surgeons in Ireland’s Tammy Strickland, is studying the role of the circadian rhythm, or the sleep-wake cycle, of immune cells in the brain in epilepsy.

Khetam Al Sharou of Dublin City University, one of the postdoctoral researchers to win the award, is looking into the use of machine translation in social media and the associated risks of information distortion.

Meanwhile, Robert Brose from the Dublin Institute for Advanced Studies is investigating the particles and radiation that are emitted by high-energy sources in our milky way to try and find the most likely sources of life.

Diana Carolina Pimentel Betancurt from Teagasc, the state agency providing research and development in agriculture and related fields, is looking for natural probiotics in native honeybees to mitigate the effect of pesticides.

“Funding schemes like the IRC’s Government of Ireland programmes are vitally important to the wider research landscape in Ireland, as they ensure that researchers are supported at an early stage of their career and are given an opportunity to direct their own research,” Callinan said.

53 early-career researchers across Ireland got €28.5m in funding last month from the SFI-IRC Pathway programme, a new collaborative initiative between Science Foundation Ireland and the IRC. SFI and IRC are expected to merge to form one funding body in the coming years.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

Source link

Continue Reading

Trending

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates 
directly on your inbox.

You have Successfully Subscribed!