Nearing the one year anniversary of founder Chaouki Bekrar's decision to shut down Vupen and launch a new company, Zerodium, which allegedly buys but does not create its own Zero Days, we come across a curious leak: Vupen is in the process of developing -- and may have already completed -- an iOS Zero Day for its long time favorite client, the NSA. That was it: one line … [Read more...]
FBI/Apple Back Door Fracas — Much Ado About Nothing, or Zerodium?
C5IS weighs the odds that Zerodium deserves credit for hacking the San Bernardino terrorists’ iPhone. For months, liberal media have been aflame over the Apple/FBI battle over “back door” access to an iPhone that belonged to one of the San Bernardino terrorists responsible for murdering 14 individuals in a shooting spree. Apple CEO Tim Cook won the cover of TIME one week, … [Read more...]
FBI Network Investigative Techniques: Gray Realm of Legal Blackhat
Recent reports on FBI Network Investigative Techniques (NITs) skirt two key issues: What is the legal authority for the legal Blackhat activities, and once a warrant is obtained, what are the specific technologies involved -- just malware or something more? As it turns out, both the legal and technical aspects of NITs constitute a gray realm that blurs the black and white … [Read more...]
Rayzone InterApp for Wi-Fi Interception: Wintego Lookalike?
When the Rayzone InterApp Wi-Fi “cloud and app” interception product debuted at Paris Milipol in late November, it was hailed as a game-changing innovation in tactical mobile interception. InterApp can pull any data off a smartphone linked to a public Wi-Fi network, including a target’s email, texts, images, files, IMEI and MAC address -- and track & identify hundreds of … [Read more...]
Cisco: Encryption Backdoors and the Art of Public Posturing
In a joint letter to the White House, Cisco Systems and other tech companies including Facebook and Google earlier this year joined privacy advocates in defending the right to use strong encryption, and opposing mandatory “backdoors” that would permit government access to customers’ encrypted data. But hold on. Cisco and other network equipment vendors by law already provide … [Read more...]