Connect with us

Technology

How the hacking of surveillance tech used by police could undermine Australian criminal cases | Australian police and policing

Published

on

Criminal lawyers could soon begin challenging a tool Australian police routinely rely on to extract messages, photos and other information from mobile phones for investigations after the discovery of security flaws that meant data could be falsified.

Last week Moxie Marlinspike, the founder of encrypted messaging app Signal, published a blog post outlining a series of vulnerabilities in Israeli company Cellebrite’s surveillance devices.

Marlinspike said the weaknesses make it easy for anyone to plant code on a phone that would take over Cellebrite’s hardware if it was used to scan the device. It would be able to surreptitiously affect future investigations, and rewrite data saved from previous analyses.

He claimed he found 100 vulnerabilities, including one which could modify “not just the Cellebrite report being created in that scan, but also all previous and future generated Cellebrite reports from all previously scanned devices and all future scanned devices.”

The revelations have brought into question whether Cellebrite data is now a reliable source of information when it is used as evidence in criminal investigations and convictions.

Cellebrite is widely used by Australian law enforcement. A search for Cellebrite on Australia’s online repository for court judgments, Austlii, reveals dozens of rulings where Cellebrite data has been relied upon by police as part of the investigation, and ultimately forms part of the prosecution’s case, on cases ranging from assault, murder, drug trafficking and child sexual abuse.

“Police will typically, where they consider that the phone might contain relevant information, simply download the entire phone and then review the material at their leisure,” Andrew Tiedt, criminal lawyer and director at J Sutton Associates told Guardian Australia. “This does require that police have physical possession of the phone, and usually also requires that someone give them the passcode.”

For example, last year, 20-year-old Fredon Botrus was found guilty of murdering Alfredo Isho in barbershop chair in Boseley Park in western Sydney in 2019. The prosecution in that case cited messages sent by Botrus over encrypted messaging app Wickr, which police were able to access using Cellebrite, showing he had admitted to someone else he had “anked” Isho.

Victoria police also used Cellebrite to obtain former commissioner Graham Ashton’s text messages from March last year as evidence in the inquiry into issues with the state’s hotel quarantine system.

Tiedt said while he wasn’t aware of any cases to date in Australia where the validity of data obtained from Cellebrite was challenged, the Signal founder’s findings could go as far as making data obtained from Cellebrite “useless”.

“Signal’s finding may go so far as to make Cellebrite downloads useless, or at least unreliable,” he said.

“A comparable example might be if it is was suddenly revealed that the laboratory that did DNA examinations leaves everything unlocked overnight, and anyone on the street could wander in without being detected and destroy or damage the samples. One can only imagine the consequences that might have for criminal prosecutions in New South Wales.

“If Signal’s claims can be proved, this could be devastating for criminal prosecutions in every jurisdiction that relies on Cellebrite.”

There are already rumblings overseas about challenges to cases that involve the technology.

A human rights lawyer in Israel has reportedly written to the country’s attorney general requesting police stop using Cellebrite “until an investigation into its efficiency and reliability is completed”.

A criminal lawyer in Marylands in the US reportedly told technology publication Gizmodo he intends to challenge an armed robbery case which turned on data police gathered from the client’s phone using Cellebrite.

The Law Council of Australia president, Dr Jacoba Brasch QC, told Guardian Australia law enforcement needed to ensure the tools they use are free from vulnerabilities to minimise the possibility that evidence is challenged and to prevent any miscarriage of justice.

“Police also need to be ready to produce appropriately qualified experts who the prosecution can call to give evidence about these systems and explain the effect of vulnerabilities on the reliability of the evidence obtained from tools such as Cellebrite,” Brasch said.

“The Law Council suggests that users should get expert advice about the credibility of the criticism and, assuming there is a problem, notify those affected, and then seek to verify the results they have obtained.”

Cellebrite did not respond to a request for comment. The company said in a statement last week it “is committed to protecting the integrity of our customers’ data, and we continually audit and update our software in order to equip our customers with the best digital intelligence solutions available.”

The company pushed out an update to its software this week in the wake of the Signal founder’s blog post, reportedly fixing security vulnerabilities and limiting one of the two ways law enforcement were able to extract data from iPhones. The announcement accompanying the update stated the company could not find instances where the vulnerability to modify data had been used.

Should the use of Cellebrite prove problematic, law enforcement now have powers under legislation passed in 2018 to request tech companies to assist in getting access to data on devices. Although the legislation was passed with the government stressing the powers would be used in terrorism cases, to date none of the publicly reported instances of the powers being used have related to terrorism cases.

State police forces Guardian Australia contacted about use of Cellebrite either said they were unable to discuss methods of investigation, or did not respond.

Source link

Technology

Alex Gallagher: the 10 funniest things I have ever seen (on the internet) | Comedy

Published

on

There’s no way of dressing it up or making it out to be a more noble, onerous pursuit than it is: I am deeply online.

In the decade and a half that I’ve been plugged into the mainframe I’ve increasingly developed a concerning Pavlovian response to the internet, wherein joy is analogous to whatever cursed content my cyber-spelunking has managed to unearth that day.

Captivated, like the dog I am, salivating shamelessly as a faceless multinational corporation’s Twitter account posts the Bernie Sanders mittens meme, or a gang of millionaire celebrities team up to sing a John Lennon song together, or a new round of passionate Twitter discourse erupts over whether or not charcuterie boards are a tool of classism. Ring ring, the bell sounds, and my little dopamine bar is topped up. The clock resets.

Obviously, we don’t have time to process any of that in a constructive sense here and now. But, silver linings being what they are, I can at least show you some of the things that have made living on the internet for most of my adult life a less (or more, as may be the case) nightmarish journey through the abyss. Enjoy.

1. Conservative lecturer DESTROYS SJW college student

I love Jeremy Levick and Rajat Suresh, a pair of comedians and writers who make a lot of very funny, absurd content together. The crème de la crème, in my mind, is this video, which skewers the swathes of pro-conservative clips on YouTube in which we’re promised we’ll get to witness a masterly rightwing thinker obliterate a snivelling progressive worm through the power of logic. Define “special mouse”.

2. Dueling Carls

There’s a great and storied lineage of internet video built around the basic conceit that it’s funny when you make voice technology descend into fits of unintelligible screaming. Dueling Carls works on this very simple premise but has a huge and almost instantaneous payoff. You’ll probably want to turn your speakers down a little for this one.

3. Fake Tim Winton

Fake Tim Winton is a gift to Australian literature, a playful parody of the Cloudstreet author’s fondness for larrikinism, the beach, and coastal towns with terrible secrets. I think the best part about @timmwinto’s tweets are they honestly don’t require any prior knowledge of Winton’s work to be funny. All you need is to open your heart to the musings of a regular bloke who just wants to write his novels and ride his waves in a community reeling from a shocking crime that threatens to tear it apart.

4. Grimes’ pregnancy diet video

Harper’s Bazaar have a video series called Food Diaries where they get celebrities to talk about everything they eat in a day. Most of them are fairly boring – famous people trying extremely hard to be relatable and missing the mark completely. Electronic musician and genuine weirdo Grimes makes no such attempt in hers, and it’s an absolute blessing. Highlights include the revelation she ate nothing but spaghetti for two years, and the recipe for a truly cursed dish she says she invented called “sludge”.

5. Patricia Lockwood’s @parisreview tweet

Patricia Lockwood is a great poet and author whose recent book No One Is Talking About This is excellent, particularly if you are Extremely Online. You might also know Lockwood from her very popular “You kick Miette” tweet. I can understand why that’s the one that sticks with a lot people, but the simplicity of this one, from 2013, makes it for me.

6. Bin Laden has won

You may know Richard Dawkins for being a (fairly insufferable) atheist, but what you might not know is that he’s also – completely unintentionally – a master poster. Just this month he got gloriously dunked on after basically admitting he doesn’t understand the point of Kafka’s The Metamorphosis . In this 2013 tweet, we witness Dawkins’ assertion that “Bin Laden has won” because he had to throw out a jar of honey at an airport. It’s enough to make you restore your faith in a higher power.

7. Donald Trump claims to have beaten Pokémon despite not “catching them all”

Predictably, Donald Trump’s presidency prompted swaths of comedians to devise convoluted bits where they impersonated him, from Sarah Cooper’s viral videos to Alec Baldwin’s SNL character. These were almost all terrible, something I attribute to the fact there’s actually very little comedy to mine from hammering home the point that Trump’s views and policies were horrific, something so obvious it’s kind of low-hanging fruit. James Austin Johnson takes a different direction in his impersonations. Instead, here is nearly four straight minutes of the former President of the United States complaining about there being too many Pokémon.

Allow Instagram content?

This article includes content provided by Instagram. We ask for your permission before anything is loaded, as they may be using cookies and other technologies. To view this content, click ‘Allow and continue’.

8. I see something Lynchian

This tweet by writer and performer Walker Caplan has stuck with me since I saw it earlier this year, and I’ve probably referenced it in conversation half a dozen times. As a painfully stubborn nightmare of a person, “[getting angry and lying]” hits me deep in my bones.

9. BUT NO OPEN MOUTH

There’s no way I could write a list like this without including @dril – the OG, the king, the account that taught me I could be weird (on Twitter dot com). There are too many incredible tweets to choose from, but this gets me every single time.

10. Hannibal Buress’ Morpheus

At this point in my life I’ve seen Hannibal Buress’ Morpheus skit from The Eric Andre Show a thousand times and it still makes me laugh. There are few things one can be truly certain of in this random and perplexing hell world, but I know with total confidence that “seashells by the seashore-pheus” will live in my brain rent-free for the rest of my life.

Alex Gallagher is a writer, journalist and poet who lives on the internet. Follow them on Twitter at @lexgallagher.



Source link

Continue Reading

Technology

School teacher accused of pocketing $1m+ in insider trading using tips from Silicon Valley pal • The Register

Published

on

A teacher who knew too much about some of Silicon Valley’s financial figures has been charged with insider dealing by the US Securities and Exchange Commission, along with five alleged accomplices.

Benjamin Wylam, a high school teacher and sports bookmaker, has been charged with participating in an insider trading ring, allegedly said on an internet message board that “insider trading is part of my investment strategy.”

Wylam, according to a complaint [PDF] filed by the US Securities and Exchange Commission, is one of six men accused of making stock trades based on non-public financial information from Silicon Valley companies.

“In 2016 and 2017, Defendants Nathaniel Brown, Benjamin Wylam, Naveen Sood, Marcus Bannon, Matthew Rauch, and Naresh Ramaiya engaged in an insider trading scheme involving the securities of Infinera Corporation and Fortinet, Inc,” the complaint says. “As a result of the scheme, Defendants obtained nearly $1.7m in illegal profits and losses avoided.”

During this period, according to the SEC complaint, Wylam, a resident of San Jose, received repeated tips about the financial performance of Infinera from Brown, a friend who served as Infinera’s revenue recognition manager at the time.

Wylam, said to have made more than $1m from insider trading, allegedly passed his information to Sood, who is also alleged to have made stock trades based on the non-public data.

Sood, it’s claimed, passed on the information to Bannon, Rauch, and Ramaiya, who subsequently made stock trades based on the non-public data. According to the SEC, Sood owed Wylam a gambling debt in excess of $100,000.

Bannon, while an employee of Fortinet in October 2016, is said to have tipped Sood, Wylam, and Ramaiya to unexpected negative earnings news about his employer before the information became public.

“Using sophisticated data analysis, the SEC was able to uncover this insider trading ring and hold each of its participants accountable to ensure the integrity of our markets,” said Joseph Sansone, Chief of the SEC Enforcement Division’s Market Abuse Unit, in a statement.

The SEC did not immediately respond to a request to elaborate on its data analysis techniques.

Bannon, Rauch, and Ramaiya, without admitting or denying the SEC claims, have agreed to settle by paying civil penalties of $281,497, $128,230, and $65,780, respectively. Sood has also agreed to settle the charges by paying a civil penalty of $178,320.

The US Attorney’s Office for the Northern District of California is simultaneously pursuing criminal securities fraud charges against Brown, Wylam, and Sood.

Sood, according to the USAO, pleaded guilty on March 31, 2021, and his plea, accepted by US District Judge Edward Chen, was unsealed on Tuesday.

Wylam’s legal representative did not immediately respond to a request for comment; court filings haven’t yet made Brown’s legal representative known. Both men are presumed innocent until proven otherwise. ®

Source link

Continue Reading

Technology

4 Galway companies to compete in global medtech competition

Published

on

MedTech Innovator has selected 50 companies to take part in its annual showcase, highlighting future innovators in the medical field.

The international MedTech Innovator competition this week announced its selection of 50 leading medical device, diagnostic and digital health start-ups from nearly 1,100 applications.

Of the 50 start-ups selected for the non-profit contest, four companies are based in Galway, Ireland.

Atrian Medical, Lifelet Medical, Neurent Medical and Tympany Medical are the four Irish start-ups that will be participating. The programme, taking place virtually, commenced on Tuesday (15 June), when the leadership of the 50 chosen start-ups participated in the annual MedTech Innovator Summit.

During this online event, the selected companies collaborated with MedTech Innovator’s partners, participating in virtual networking events and interactive workshops.

A subset of 25 early-stage companies will participate in MedTech Innovator’s award-winning accelerator programme, in which medtech start-ups are matched with senior industry leaders to receive continual in-depth, customised mentorship and support, as well as being eligible to compete for scholarships and cash prizes. Atrian, Lifelet and Tympany have all been selected as participants in this accelerator.

Galway’s medtech innovators

The four Irish companies chosen by MedTech Innovator represent broad approaches to the medical field. They have been selected among start-ups from the US, the UK, France, The Netherlands, Belgium and Israel.

Atrian Medical has developed non-invasive techniques for treating atrial fibrillation. This restores the heart’s steady rhythm through targeting neuronal cells in clusters known as ganglionated plexi.

While most treatments for this heart condition involve ablation (both burning and freezing), this start-up aims to permanently disable errant signals.

Also working on the heart is Lifelet Medical. By developing a fully synthetic polymer-based material, Lifelet is working to provide new heart valve replacements. The company hopes to improve clinical outcomes, achieve increased valve durability and reduce the carbon footprint involved in the process.

In doing so, they aim to improve the lives of the millions of patients suffering from heart valve disease.

Next is Neurent Medical – a start-up that has designed the Neuromark system for addressing rhinitis.

Support Silicon Republic

Rhinitis is a disease of the nose that is characterised by persistent symptoms of nasal congestion, nasal discharge (rhinorrhoea), sneezing, postnasal drainage, and numerous other symptoms that have a large impact on the patient’s overall quality of life and wellbeing.

The Neuromark system applies controlled low-power radio frequency energy to target regions of the nasal cavity. In doing so, it aims to disrupt the parasympathetic nerve signals and halt the inflammatory response, thereby eliminating core symptoms such as congestion and rhinorrhoea.

As nearly one out of four rhinitis sufferers develops new respiratory comorbidity – including new allergen sensitivity, sinusitis, and asthma – Neurent Medical researchers hope to considerably reduce the burden on the healthcare system through this innovation.

Finally, Tympany Medical is developing new sterile panoramic endoscope technology.

Endoscopes are typically long, thin tubes with a light source and camera attached to their tip. They are used to provide an internal view of the body’s structures and organs.

By considering issues in the usability and flexibility of existing devices, Tympany hopes to enable a new generation of minimally invasive ear surgery.

MedTech Innovator showcase

These four Irish companies will participate in a four-month programme that culminates in The MedTech Conference from 27 to 30 September, where all 50 companies will present in showcase panels.

During the conference, five start-ups from the accelerator cohort will compete for the Execution Award, and another five companies will advance to compete in the grand final.

An audience vote will determine the winner of the $350,000 grand prize and the title of 2021 MedTech Innovator. Additional awards will be presented, including incubator space at JLABS.

“Our goal at MedTech Innovator is to find the most promising medical innovations and make sure they actually reach the patients who need them,” said Paul Grand, CEO of MedTech Innovator.

“We are thrilled with the calibre of the start-ups participating in this year’s cohort and we look forward to providing them with the resources and mentorship they need to succeed.”

The MedTech Innovator competition is supported in its review and feedback by its partners, including Johnson & Johnson, Baxter and Olympus Medical Systems Group.

Source link

Continue Reading

Trending

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates 
directly on your inbox.

You have Successfully Subscribed!