Connect with us

Technology

Emmanuel Macron ‘pushes for Israeli inquiry’ into NSO spyware concerns | France

Voice Of EU

Published

on

Emmanuel Macron has reportedly spoken to the Israeli prime minister, Naftali Bennett, to ensure that the Israeli government is “properly investigating” allegations that the French president could have been targeted with Israeli-made spyware by Morocco’s security services.

In a phone call, Macron expressed concern that his phone and those of most of his cabinet could have been infected with Pegasus, hacking software developed by the Israeli surveillance firm NSO Group, which enables operators of the tool to extract messages, photos and emails, record calls and secretly activate microphones from infected devices.

The leaked database at the heart of the Pegasus project includes Macron’s mobile phone number.

NSO has said Macron was not a “target” of any of its customers, meaning the company denies he was selected for surveillance using Pegasus. The company says that the fact that a number appeared on the list was in no way indicative of whether that number was selected for surveillance using Pegasus.

The Pegasus project could not examine the mobile phones of the leaders and diplomats, and could therefore not confirm whether there had been any attempt to install malware on their phones.

Quick Guide

What is in the Pegasus project data?

Show

What is in the data leak?

The data leak is a list of more than 50,000 phone numbers that, since 2016, are believed to have been selected as those of people of interest by government clients of NSO Group, which sells surveillance software. The data also contains the time and date that numbers were selected, or entered on to a system. Forbidden Stories, a Paris-based nonprofit journalism organisation, and Amnesty International initially had access to the list and shared access with 16 media organisations including the Guardian. More than 80 journalists have worked together over several months as part of the Pegasus project. Amnesty’s Security Lab, a technical partner on the project, did the forensic analyses.

What does the leak indicate?

The consortium believes the data indicates the potential targets NSO’s government clients identified in advance of possible surveillance. While the data is an indication of intent, the presence of a number in the data does not reveal whether there was an attempt to infect the phone with spyware such as Pegasus, the company’s signature surveillance tool, or whether any attempt succeeded. The presence in the data of a very small number of landlines and US numbers, which NSO says are “technically impossible” to access with its tools, reveals some targets were selected by NSO clients even though they could not be infected with Pegasus. However, forensic examinations of a small sample of mobile phones with numbers on the list found tight correlations between the time and date of a number in the data and the start of Pegasus activity – in some cases as little as a few seconds.

What did forensic analysis reveal?

Amnesty examined 67 smartphones where attacks were suspected. Of those, 23 were successfully infected and 14 showed signs of attempted penetration. For the remaining 30, the tests were inconclusive, in several cases because the handsets had been replaced. Fifteen of the phones were Android devices, none of which showed evidence of successful infection. However, unlike iPhones, phones that use Android do not log the kinds of information required for Amnesty’s detective work. Three Android phones showed signs of targeting, such as Pegasus-linked SMS messages.

Amnesty shared “backup copies” of four iPhones with Citizen Lab, a research group at the University of Toronto that specialises in studying Pegasus, which confirmed that they showed signs of Pegasus infection. Citizen Lab also conducted a peer review of Amnesty’s forensic methods, and found them to be sound.

Which NSO clients were selecting numbers?

While the data is organised into clusters, indicative of individual NSO clients, it does not say which NSO client was responsible for selecting any given number. NSO claims to sell its tools to 60 clients in 40 countries, but refuses to identify them. By closely examining the pattern of targeting by individual clients in the leaked data, media partners were able to identify 10 governments believed to be responsible for selecting the targets: Azerbaijan, Bahrain, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia, Hungary, India, and the United Arab Emirates. Citizen Lab has also found evidence of all 10 being clients of NSO.

What does NSO Group say?

You can read NSO Group’s full statement here. The company has always said it does not have access to the data of its customers’ targets. Through its lawyers, NSO said the consortium had made “incorrect assumptions” about which clients use the company’s technology. It said the 50,000 number was “exaggerated” and that the list could not be a list of numbers “targeted by governments using Pegasus”. The lawyers said NSO had reason to believe the list accessed by the consortium “is not a list of numbers targeted by governments using Pegasus, but instead, may be part of a larger list of numbers that might have been used by NSO Group customers for other purposes”. They said it was a list of numbers that anyone could search on an open source system. After further questions, the lawyers said the consortium was basing its findings “on misleading interpretation of leaked data from accessible and overt basic information, such as HLR Lookup services, which have no bearing on the list of the customers’ targets of Pegasus or any other NSO products … we still do not see any correlation of these lists to anything related to use of NSO Group technologies”. Following publication, they explained that they considered a “target” to be a phone that was the subject of a successful or attempted (but failed) infection by Pegasus, and reiterated that the list of 50,000 phones was too large for it to represent “targets” of Pegasus. They said that the fact that a number appeared on the list was in no way indicative of whether it had been selected for surveillance using Pegasus. 

What is HLR lookup data?

The term HLR, or home location register, refers to a database that is essential to operating mobile phone networks. Such registers keep records on the networks of phone users and their general locations, along with other identifying information that is used routinely in routing calls and texts. Telecoms and surveillance experts say HLR data can sometimes be used in the early phase of a surveillance attempt, when identifying whether it is possible to connect to a phone. The consortium understands NSO clients have the capability through an interface on the Pegasus system to conduct HLR lookup inquiries. It is unclear whether Pegasus operators are required to conduct HRL lookup inquiries via its interface to use its software; an NSO source stressed its clients may have different reasons – unrelated to Pegasus – for conducting HLR lookups via an NSO system.

Thank you for your feedback.

The Macron-Bennett phone call reportedly took place on Thursday, but was first reported by Israel’s Channel 12 News on Saturday evening after the end of Shabbat, the Jewish day of rest.

The prime minister’s office has declined to comment on the phone call or the two leaders’ conversation. According to Channel 12, an unnamed source said Bennett had stressed that the alleged events occurred before he took office in May, and that a commission was examining whether rules on Israel’s export of cyberweapons such as Pegasus should be tightened.

The Pegasus project – a consortium of 17 media outlets, including the Guardian – revealed last week that government clients around the world have used the hacking software sold by NSO to target human rights activists, journalists and lawyers.

The investigation has been based on forensic analysis of phones and analysis of a leaked database of 50,000 numbers, including that of Macron and those of heads of state and senior government, diplomatic and military officials, in 34 countries.

In multiple statements, NSO said the fact a number appeared on the leaked list was in no way indicative of whether it was selected for surveillance using Pegasus. “The list is not a list of Pegasus targets or potential targets,” the company said. “The numbers in the list are not related to NSO Group in any way.”

But the list is believed to provide insights into those identified as persons of interest by NSO’s clients. It includes people whose phones showed traces of NSO’s signature phone-hacking spyware, Pegasus, according to forensic analysis of their devices. The analysis was conducted by Amnesty International’s security lab, which discovered traces of Pegasus-related activity on 37 out of 67 phones that it analysed.

Q&A

What is the Pegasus project?

Show

The Pegasus project is a collaborative journalistic investigation into the NSO Group and its clients. The company sells surveillance technology to governments worldwide. Its flagship product is Pegasus, spying software – or spyware – that targets iPhones and Android devices. Once a phone is infected, a Pegasus operator can secretly extract chats, photos, emails and location data, or activate microphones and cameras without a user knowing.

Forbidden Stories, a Paris-based nonprofit journalism organisation, and Amnesty International had access to a leak of more than 50,000 phone numbers selected as targets by clients of NSO since 2016. Access to the data was then shared with the Guardian and 16 other news organisations, including the Washington Post, Le Monde, Die Zeit and Süddeutsche Zeitung. More than 80 journalists have worked collaboratively over several months on the investigation, which was coordinated by Forbidden Stories.

Thank you for your feedback.

While the rest of the world grapples with the seismic consequences of the revelations, in Israel reaction has been muted. Meretz, a leftwing party long in opposition but now part of the new government coalition, has asked the defence ministry for “clarification” on the issue, but no party is seeking a freeze of export licences or an inquiry into NSO’s close links to the Israeli state under the tenure of the former prime minister Benjamin Netanyahu.

The defence minister, Benny Gantz, has defended export licences for the hacking tools, claiming that “countries that purchase these systems must meet the terms of use”, which are solely for criminal and terrorism investigations.

But as the mammoth impact of the disclosures has become clearer, the diplomatic pressure on Israel is mounting. On Thursday, the senior Israeli MP Ram Ben-Barak – a former deputy head of the Mossad spy agency – confirmed that the Israeli defence establishment had “appointed a review commission made up of a number of groups” to examine whether policy changes were needed regarding sensitive cyber exports.

US defence officials have also asked their Israeli counterparts for more details on the “disturbing” disclosures stemming from the Pegasus project, the Israeli newspaper Haaretz reported on Saturday.

Source link

Technology

California’s net neutrality law dodges Big Telecom bullet • The Register

Voice Of EU

Published

on

The US Ninth Circuit Court of Appeals on Friday upheld a lower court’s refusal to block California’s net neutrality law (SB 822), affirming that state laws can regulate internet connectivity where federal law has gone silent.

The decision is a blow to the large internet service providers that challenged California’s regulations, which prohibit network practices that discriminate against lawful applications and online activities. SB 822, for example, forbids “zero-rating” programs that exempt favored services from customer data allotments, paid prioritization, and blocking or degrading service.

In 2017, under the leadership of then-chairman Ajit Pai, the US Federal Communications Commission tossed out America’s net neutrality rules, to the delight of the internet service providers that had to comply. Then in 2018, the FCC issued an order that redefined broadband internet services, treating them as “information services” under Title I of the Communications Act instead of more regulated “telecommunications services” under Title II of the Communications Act.

California lawmaker Scott Wiener (D) crafted SB 822 to implement the nixed 2015 Open Internet Order on a state level, in an effort to fill the vacuum left by the FCC’s abdication. SB 822, the “California Internet Consumer Protection and Net Neutrality Act of 2018,” was signed into law in September 2018 and promptly challenged.

In October 2018, a group of cable and telecom trade associations sued California to prevent SB 822 from being enforced. In February, 2021, Judge John Mendez of the United States District Court for Eastern California declined to grant the plaintiffs’ request for an injunction to block the law. 

So the trade groups took their case to the Ninth Circuit Court of Appeals, which has now rejected their arguments. While federal laws can preempt state laws, the FCC’s decision to reclassify broadband services has moved those services outside its authority and opened a gap that state regulators are now free to fill.

“We conclude the district court correctly denied the preliminary injunction,” the appellate ruling [PDF] says. “This is because only the invocation of federal regulatory authority can preempt state regulatory authority.

The FCC no longer has the authority to regulate in the same manner that it had when these services were classified as telecommunications services

“As the D.C. Circuit held in Mozilla, by classifying broadband internet services as information services, the FCC no longer has the authority to regulate in the same manner that it had when these services were classified as telecommunications services. The agency, therefore, cannot preempt state action, like SB 822, that protects net neutrality.”

The Electronic Frontier Foundation, which supported California in an amicus brief, celebrated the decision in a statement emailed to The Register.

“EFF is pleased that the Ninth Circuit has refused to bar enforcement of California’s pioneering net neutrality rules, recognizing a very simple principle: the federal government can’t simultaneously refuse to protect net neutrality and prevent anyone else from filling the gap,” a spokesperson said.

“Californians can breathe a sigh of relief that their state will be able to do its part to ensure fair access to the internet for all, at a time when we most need it.”

There’s still the possibility that the plaintiffs – ACA Connects, CTIA, NCTA and USTelecom – could appeal to the US Supreme Court.

In an emailed statement, the organizations told us, “We’re disappointed and will review our options. Once again, a piecemeal approach to this issue is untenable and Congress should codify national rules for an open Internet once and for all.” ®

Source link

Continue Reading

Technology

RCSI scientists find potential treatment for secondary breast cancer

Voice Of EU

Published

on

An existing drug called PARP inhibitor can be used to exploit a vulnerability in the way breast cancer cells repair their DNA, preventing spread to the brain.

For a long time, there have been limited treatment options for patients with breast cancer that has spread to the brain, sometimes leaving them with just months to live. But scientists at the Royal College of Surgeons Ireland (RCSI) have found a potential treatment using existing drugs.

By tracking the development of tumours from diagnosis to their spread to the brain, a team of researchers at RCSI University of Medicine and Health Sciences and the Beaumont RCSI Cancer Centre found a previously unknown vulnerability in the way the tumours repair their DNA.

An existing kind of drug known as a PARP inhibitor, often used to treat heritable cancers, can prevent cancer cells from repairing their DNA because of this vulnerability, culminating in the cells dying and the patient being rid of the cancer.

Prof Leonie Young, principal investigator of the RCSI study, said that breast cancer research focused on expanding treatment options for patients whose disease has spread to the brain is urgently needed to save the lives of those living with the disease.

“Our study represents an important development in getting one step closer to a potential treatment for patients with this devastating complication of breast cancer,” she said of the study, which was published in the journal Nature Communications.

Deaths caused by breast cancer are often a result of treatment relapses which lead to tumours spreading to other parts of the body, a condition known as secondary or metastatic breast cancer. This kind of cancer is particularly aggressive and lethal when it spreads to the brain.

The study was funded by Breast Cancer Ireland with support from Breast Cancer Now and Science Foundation Ireland.

It was carried out as an international collaboration with the Mayo Clinic and the University of Pittsburgh in the US. Apart from Prof Young, the other RCSI researchers were Dr Nicola Cosgrove, Dr Damir Varešlija and Prof Arnold Hill.

“By uncovering these new vulnerabilities in DNA pathways in brain metastasis, our research opens up the possibility of novel treatment strategies for patients who previously had limited targeted therapy options”, said Dr Varešlija.

Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.

Source link

Continue Reading

Technology

Surface Duo 2 review: Microsoft’s dual-screen Android needs work | Microsoft

Voice Of EU

Published

on

Microsoft’s second attempt at its interesting dual-screen Android smartphone corrects some mistakes of the original, but falls short of a revolution due to a series of oddities created by its physical laptop-like form.

Looking more like a tiny convertible computer than a phone, the Surface Duo 2 starts at £1,349 ($1,499/A$2,319), a lot for a regular smartphone but slightly cheaper than folding-screen rivals.

It opens like a book, with each half just 5.5mm thick, and a hinge that allows it to fold all the way over.

Microsoft Surface Duo 2 review
There is no screen on the outside, but the time and some basic alerts for SMS and calls can be shown down the spine of the hinge. Photograph: Samuel Gibbs/The Guardian

Inside are a pair of 90Hz OLED screens each measuring 5.8in on the diagonal. They can be used on their own or combined as one display measuring 8.3in – a similar size to an iPad mini. Both screens are covered in traditional scratch-resistant smartphone glass and have large, old-fashioned bezels top and bottom.

Having two separate displays rather than one that folds in half creates a major drawback: a gap in the middle of the screen big enough that you can see through it, which is much harder to ignore than the crease in the middle of a flexible display as found on the Samsung Galaxy Z Fold 3.

Microsoft Surface Duo 2 review
The gap between the screens sits right in the middle of the combined display, which makes full-screen reading, scrolling and watching video awkward. Photograph: Samuel Gibbs/The Guardian

You can use two different apps at the same time on the two screens. The theory is sound, but I found few pairings were useful beyond simple messaging apps and a browser. More useful was using one screen for a note-taking app and the other for a full keyboard like a mini laptop.

Some apps spanned across both displays, like Outlook, can put different information on each screen, such as your inbox on one side and an open message on the other. Some games, including Asphalt 9 and Microsoft’s Xbox Game Pass streaming service, put controls on one screen and the action on the other. But there are very few apps and games optimised for this setup.

microsoft surface duo 2 review
The two screens can be folded into various configurations, including just a single display, both combined into one large display, propped up like a tent or open like a mini laptop. Photograph: Samuel Gibbs/The Guardian

Specifications

  • Screens: two 5.8in AMOLED 90Hz displays

  • Processor: Qualcomm Snapdragon 888

  • RAM: 8GB of RAM

  • Storage: 128, 256 or 512GB

  • Operating system: Android 11

  • Cameras: 12MP wide, 16MP ultra-wide, 12MP 2x telephoto; 12MP selfie

  • Connectivity: 5G, USB-C, wifi 6, NFC, Bluetooth 5.1 and location

  • Water resistance: IPX1 (dripping water)

  • Dimensions closed: 145.2 x 92.1 x 11.0mm

  • Dimensions open: 145.2 x 184.5 x 5.5mm

  • Weight: 284g

2021’s top Android chip

microsoft surface duo 2 review
It takes two hours 15 minutes to fully charge the Duo 2 hitting 50% in 45 minutes, using a 45W USB-C charger (not included), which is pretty slow compared to rivals. Photograph: Samuel Gibbs/The Guardian

The Duo 2 has last year’s top Qualcomm Snapdragon 888 chip with 8GB of RAM, matching the performance of top-flight Android smartphones from 2021 and capable of running two apps running side-by-side without slowdown.

Battery life is more variable than a traditional phone. It lasts about 32 hours between charges, with both screens used for about four hours with a variety of messaging, browsing and work apps. It lasts about a third longer if you mostly use only one screen. That’s a considerably shorter battery life than a regular smartphone and behind the Z Fold 3.

Sustainability

Microsoft Surface Duo 2 review
The camera sticks quite far out of the glass back stopping it from sitting flat on a desk. Photograph: Samuel Gibbs/The Guardian

Microsoft does not provide an expected lifespan for the Duo 2’s battery; those in similar devices typically maintain at least 80% of their original capacity for in excess of 500 full charge cycles. Microsoft charges an out-of-warranty service fee of £593.94 to repair devices and £568.44 to replace the battery. The previous generation Surface Duo scored only two out of 10 on iFixit’s repairability scale.

The phone contains no recycled materials, but Microsoft operates recycling schemes for old devices, publishes a company-wide sustainability report and a breakdown of each product’s environmental impact.

Android 11

Microsoft Surface Duo 2 review
The single screen mode is hard to use one-handed and most Android apps and websites are designed for longer screens, not short and fat ones, so you end up having to do a lot more scrolling than you would on a regular phone. Photograph: Samuel Gibbs/The Guardian

The Duo 2 runs Android 11 – not the latest Android 12 – and generally behaves like a standard Android smartphone or tablet with a few small additions that make it easier to use each screen separately. One of the best is the ability to drag the gesture bar at the bottom of an app to move it between screens or to drop it on to the gap between the screens to span it across both displays.

The software can be a bit unpredictable at times, such as opening the keyboard or text box of an app on another screen or hiding a second app from the screen when you try to type. But it is generally a fast and responsive experience given how unusual the device is.

The Duo 2 will receive three years of software updates from release, including monthly security patches, which is disappointingly at least a year short of what rivals, including Samsung and Apple, offer. Microsoft’s last planned update for the Duo 2 will be 21 October 2024.

Camera

Microsoft Surface Duo 2 review
Because the camera is on the back of the device, it would be blocked if you fold one of the screens over, meaning you have to shoot photos with both screens open – which is unwieldy. Photograph: Samuel Gibbs/The Guardian

The Duo 2 has a triple camera on the back and a 12-megapixel selfie camera above the right-hand screen.

The rear main 12MP camera and 2x telephoto cameras are good, capable of producing detailed shots in a range of lighting conditions. The 16MP ultra-wide camera is reasonable, but a bit soft on detail and struggles with challenging scenes. The camera app has most of the features you’d expect, such as portrait mode, night mode and slow-mo video, and can shoot regular video at up to 4K at 60 frames a second.

The 12MP selfie camera is capable of shooting detailed photos even in middling light, and has access to the dedicated night mode when it gets dark.

Overall, the camera system on the Duo 2 is solid, but it can’t hold a candle to the best in the business.

Observations

Microsoft Surface Duo 2 review
The camera lump on the back stops the device folding fully flat, creating a wedge shape when using one screen only. The shiny power button is also a fingerprint scanner, which was fairly fast and reliable. Photograph: Samuel Gibbs/The Guardian
  • The Duo 2 supports Microsoft’s Slim Pen stylus, which can be magnetically stored and charged on the back of the device when not in use.

  • The stereo speakers are decently loud but a bit tinny, fine for watching YouTube videos.

  • The width of the device makes it a challenge to fit into smaller pockets.

Price

The Surface Duo 2 costs £1,349 ($1,499/A$2,319) with 128GB, £1,429 ($1,599/A$2,469) with 256GB or £1,589 ($1,799/A$2,769) with 512GB of storage.

For comparison, the Samsung Galaxy Z Fold 3 costs £1,599 and the Galaxy Z Flip 3 costs £949.

Verdict

The Surface Duo 2 is an improvement on its predecessor, but is still a very odd proposition that’s neither a good phone nor a good tablet.

The individual screens are short and stout, forcing lots of scrolling in apps when using it like a phone and making one-handed use very difficult. The gap at the hinge makes combining them into one big tablet screen awkward too.

Using two apps side-by-side works well, but few combinations proved useful or faster than just quick switching between two apps on one screen on a normal phone. There is more potential in apps like Outlook that provide a multi-pane view, but few apps or games are optimised for the dual-screen system.

Microsoft is only offering a disappointing three years of software and security updates from release for the Duo 2, too, losing it a star.

It is good to see Microsoft trying something different. But ultimately the Duo 2’s two screens are just not yet as good or useful as either a single phone screen or a bigger folding screen, making it an expensive halfway house.

Pros: two screens, two apps side-by-side, multiple modes, top performance, hardened glass screens, decent camera, head-turning design.

Cons: gap between screens, few optimised apps, average battery life, bulky camera lump, chunky in pocket, hard to use one-handed, no real water resistance, only three years of software updates from release.

Microsoft Surface Duo 2 review
The outside of the device is smooth glass front and back with quality-feeling plastic edges and a metal hinge. Photograph: Samuel Gibbs/The Guardian

Other reviews

Source link

Continue Reading

Trending

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates 
directly on your inbox.

You have Successfully Subscribed!