stories filed under: "rootkit"

Continued Disagreement And Confusion Over Yahoo Email Scanning

from the someone-needs-to-come-clean-for-real dept

Fri, Oct 7th 2016 4:36pm — Mike Masnick

The story behind Yahoo's apparently scanning over every email for the NSA continues to be... confusing. Earlier this week we noted some conflicting reports in the media on what was actually happening. The NY Times report said that it was via a FISA Court Order, which would be interesting, and would almost certainly require a declassification of the FISA opinion. However, Reuters insisted that it was actually under Section 702 of the FISA Amendments Act (which doesn't involve a FISA Court Order). So, confusion abounded.

And now it's getting worse. That same NY Times report said that the system was just a modification of Yahoo's malware scanners for a particular snippet of text or code:

To comply, Yahoo customized an existing scanning system for all incoming email traffic, which also looks for malware, according to one of the officials and to a third person familiar with Yahoo’s response, who also spoke on the condition of anonymity

Except, according to a new report from Motherboard, that's not actually true, and instead the NSA was asking Yahoo to install its own malware which was super buggy:

Anonymous sources told The Times that the tool was nothing more than a modified version of Yahoo’s existing scanning system, which searches all email for malware, spam and images of child pornography.

But two sources familiar with the matter told Motherboard that this description is wrong, and that the tool was actually more like a “rootkit,” a powerful type of malware that lives deep inside an infected system and gives hackers essentially unfettered access.

The rootkit-like tool was found by Yahoo’s internal security testing team during one of their checkups, according to a source.

That's more consistent with the original report in Reuters, which talked about the security team finding the code and believing it was malware. And, apparently the rootkit/malware code that the NSA gave Yahoo was super buggy and put everyone at risk:

“It definitely contained something that did not look like anything Yahoo mail would have installed,” the source added. “This backdoor was installed in a way that endangered all of Yahoo users.”

Another source, who also requested anonymity and was familiar with what happened, confirmed that describing the tool as a “buggy” “rootkit” is accurate.

A different article over at the Intercept has similar claims as well. It's possible that this is the same source going to multiple publications, or it could actually be different sources. Seeing as the language in the two articles is similar, it very likely is the same source though:

According to the Yahoo alum, a mere “modification to [existing] mail filters wouldn’t have raised a red flag … [the security team] wouldn’t have been able to detect it in the first place.” Rather, Yahoo’s security team had detected “something novel, like something a hacker would have installed.” The team believed it “was or looked like a root kit,” a piece of software installed on a computer system to give a third party complete, invisible control. In this case, according to the ex-Yahoo source, it was “a program that runs on your servers that has access to incoming data.”

And the buggy nature is also discussed as well:

“The program that was installed for interception was very carelessly implemented, in a way that if someone like an outside hacker got control of it, they could have basically read everyone’s Yahoo mail,” something the source attributed to “the fact that it was installed without any security review.”

I'm guessing this is the same source who went to both publications, but it continues to raise more questions about this. Forcing Yahoo to actually install code is a big, big deal and gets back to the questions raised by the DOJ trying to force Apple to do the same thing. And, once again, this is the kind of thing the government isn't supposed to be able to do in secret. Yes, individual orders and details about who or what is being searched can and should be kept secret, but requiring a company to install code that sniffs through every email... that's not how these things are supposed to work.

Filed Under: email, malware, mass surveillance, nsa, rootkit, scanning
Companies: yahoo

22 Comments

Thought Komodia/Superfish Bug Was Really, Really Bad? It's Much, Much Worse!

(Mis)Uses of Technology

from the getting-worse-by-day dept

Mon, Feb 23rd 2015 10:28am — Mike Masnick

With each passing day, it appears that new revelations come out, detailing how the Komodia/Superfish malware is even worse than originally expected. If you don't recall, last week it came out that Lenovo was installing a bit of software called "Superfish" as a default bloatware on a bunch of its "consumer" laptops. The software tried to pop up useful alternative shopping results for images. But in order to work on HTTPS-encrypted sites, Superfish made use of a nasty (and horribly implemented) "SSL hijacker" from Komodia, which installed a self-signed root certificate that basically allowed anyone to issue totally fake security certificates for any encrypted connection, enabling very easy man-in-the-middle attacks. Among the many, many, many stupid things about the way Komodia worked, was that it used the same certificate on each installation of Superfish, and it had an easily cracked password: "komodia" which was true on apparently every product that used Komodia. And researchers have discovered that a whole bunch of products use Komodia, putting a ton of people at risk. People have discovered at least 12 products that make use of Komodia.

But it gets worse. Filippo Valsorda has shown that you didn't even need to crack Komodia's weak-ass password to launch a man-in-the-middle attack, but its SSL validation is broken, such that even if Komodia's proxy client sees an invalid certificate, it just makes it valid. Seriously.

At this point a legit doubt is: what will the Komodia proxy client do when it sees a invalid/untrusted/self-signed certificate? Because copying it, changing its public key and signing it would turn it into a valid one without warnings.

Turns out that if a certificate fails validation the Komodia proxy will still re-sign it (making it trusted), but change the domain name so that a warning is triggered in the browser.

Okay, but at least there's a warning, right? Well, no, because... as Valsorda notes, there's another horrible part of the implementation that gets around this: alternative names.

The Komodia proxy copies the server certificate almost entirely... What will it do with alternative names?

Alternative names are a X509 extension that allows to specify in a special field other domains for which the certificate is valid.
Boom. The Komodia proxy will take a self-signed certificate, leave the alternate names untouched and sign it with their root. The browser will think it's a completely valid certificate.

So all you need to do to bypass verification is put the target domain in the alternate field, instead of in the main one that will be changed on failure.

An attacker can intercept any https connection, present a self-signed certificate to the client and browsers will show a green lock because Komodia will sign it for them.

As Valsorda points out, because of this, attackers don't even need to know which Komodia-compromised software you're running. They can just fuck with them all.

Thought we were done with how bad this is? Nope. Not yet.

Because another security researcher, going by the name @TheWack0lian, found that Komodia uses a rootkit to better hide itself and make it that much harder to remove.

Komodia appears to have implemented its system in the worst way possible, and a whole bunch of companies agreed to use its product without even the slightest recognition of the fact that they punched a massive vulnerability into the computers of everyone who used their products. What's really stunning is that many of these products actually pitch themselves as "security" products to better "protect" your computer.

Filed Under: alternate domains, https, komodia, man in the middle, root certificate, rootkit, superfish
Companies: komodia, superfish

61 Comments

Ubisoft DRM Fiasco: Allows Any Website To Take Control Of Your Computer

(Mis)Uses of Technology

from the punishing-your-paying-customers dept

Mon, Jul 30th 2012 4:38am — Mike Masnick

It's been nearly seven years since the great Sony rootkit fiasco, when it was discovered that Sony Music was using some DRM on its CDs that self-installed a rootkit (without letting users know) that had all sorts of security problems and vulnerabilities. The company took a massive hit for this, and you would think that others would be a lot more careful with their own DRM. You would think. But, then you don't know Ubisoft. The vast majority of times we've ever discussed Ubisoft in these pages, it's been because the company was doing something ridiculous with DRM. The company loves its DRM and seems to refuse to recognize that pissing off legitimate customers isn't such a good idea.

So would it come as any surprise that it may now be facing a "rootkit moment" of its own?

As a whole bunch of folks have been submitting, some hackers have figured out that Ubisoft's Uplay DRM appears to install an unsecure browser plugin. The details came out over the weekend, first on a security mailing list, and were then followed up with some test exploit code posted to Hacker News.

Basically, it appears that Ubisoft's DRM is installing an accidental backdoor that makes it possible for any website to effectively take control over your computer. That's... uh... pretty bad.

From the details, the real problem sounds to be one of exceptionally poor coding, rather than maliciousness. Basically, they wanted to let you launch the game via a website, but failed to limit it to just the game -- meaning that a site can make use of the plugin to basically do a whole bunch of stuff on your computer (including things you don't want it to do). The browser plugin is easy to remove (and you should, um, immediately, if you've installed any Ubisoft games), so it's not quite as messy as Sony's rootkit, which was pretty deeply buried. But it's still really bad.

Yet another case of DRM really making life difficult for legitimate customers who paid money for your product. When will companies figure out that DRM does nothing to stop piracy, but makes life really difficult for the people who actually give you money?

Filed Under: browser plugin, control, drm, rootkit, security, uplay
Companies: ubisoft

92 Comments

The Carrier IQ Saga (So Far) -- And Some Questions That Need Answers

Privacy

from the answers-we-may-never-get dept

Tue, Dec 20th 2011 2:53am — Rich Kulawiec

The story so far: security researcher Trevor Eckhart exposed some very disturbing information about the "Carrier IQ" application here. This set off a small firestorm, which quickly got much bigger when Carrier IQ responded by attempting to bully and threaten him into silence. This did not go over well. After he refused to back down, they retracted the threats and apologized.

Eckhart followed up by posting part two of his research, demonstrating some of his findings on video. Considerable discussion of that demonstration ensued, for example here and here and here. Some critics of Eckhart's research have opined that it's overblown or not rigorous enough. But further analysis and commentary suggests that the problem could well be worse than we currently know. Stephen Wicker of Cornell University has explored some of the implications, and his comments seem especially apropos given that Carrier IQ has publicly admitted holding a treasure trove of data. Dan Rosenberg has done further in-depth research on the detailed workings of Carrier IQ, leading to rather a lot of discussion about Carrier IQ's capabilities -- there's some disagreement among researchers over what Carrier IQ is doing versus what it could be doing, e.g.: Is Carrier IQ's Data-Logging Phone Software Helpful or a Hacker's Goldmine?

Meanwhile, the scandal grew, questions were raised about whether it violated federal wiretap laws, a least one US Senator noticed, and Carrier IQ issued an inept press release. Phone vendors and carriers have been begun backing away from Carrier IQ as quickly as possible; there were denials from Verizon and Apple . T-Mobile has posted internal and external quick guides about Carrier IQ. Some of the denials were more credible than others. There has been some skepticism about Carrier IQ's statements, given their own marketing claims and the non-answers to some questions. There's also been discussion about the claims made in Carrier IQ's patent.

Then the lawsuits started, see Hagens Berman and Sianna & Straite and 8 companies hit with lawsuit for some details on three of them.

Attempts to figure out which phones are infected with Carrier IQ are ongoing. For example, the Google Nexus Android phones and original Xoom tablet seem to not be infected, nor do phones used on UK-based mobile networks, but traces of are present in some versions of iOS, although their function isn't entirely clear. A preliminary/beta application that tries to detect it is now available. Methods for removing it have been discussed.

Meanhile, A Freedom of Information Act request's response has indicated (per the FBI) that Carrier IQ files have been used for "law enforcement purposes", but Carrier IQ has denied this. And there seems to be a growing realization that all of this has somehow become standard practice; as Dennis Fisher astutely observes, With Mobile Devices, Users Are the Product, Not the Buyer.

Those are the details; now what about the implications?

Debate continues about whether Carrier's IQ is a rootkit and/or spyware. Some have observed that if it's a rootkit, it's a rather poorly-concealed one. But it's been made unkillable, and it harvests keystrokes -- two properties most often associated with malicious software. And there's no question that Carrier IQ really did attempt to suppress Eckhart's publication of his findings.

But even if we grant, for the purpose of argument, that it's not a rootkit and not spyware, it still has an impact on the aggregate system security of the phone: it provides a good deal of pre-existing functionality that any attacker can leverage. In other words, intruding malware doesn't need to implement the vast array of functions that Carrier IQ already has; it just has to activate and tap into them.

Which brings me to a set of questions that probably should have been publicly debated and answered before software like this was installed on an estimated 150 million phones. I'm not talking about the questions that involve the details of Carrier IQ -- because I think we'll get answers to those from researchers and from legal proceedings. I'm talking about larger questions that apply to all phones -- indeed, to all mobile devices -- such as:

What kind of debugging or performance-monitoring software should be included?
Who should be responsible for that software's installation? Its maintenance?
Should the source code for that software be published so that we can all see exactly what it does?
Should device owners be allowed to turn it off/deinstall it -- or, should they be asked for permission to install it/turn it on?
Will carriers or manufacturers pay the bandwidth charges for users whose devices transmit this data?
Should carriers or manufacturers pay phone owners for access to the device owners' data?
Where's the dividing line between performance-measuring data that can be used to assess and improve services, and personal data? Is there such a dividing line?
Will data transmission be encrypted? How?
Will data be anonymized or stripped or otherwise made less personally-identifiable? Will this be done before or after transmission or both? Will this process be full-documented and available for public review?
What data will be sent -- and will device owners be able to exert some fine-grained control over what and when?
Who is is responsible for the security of the data gathered?
Who will have access to that data?
When will that data be destroyed?
Who will be accountable if/when security on the data repository is breached?
What are the privacy implications of such a large collection of diverse data?
Will it be available to law enforcement agencies? (Actually, I think I can answer that one: "yes". I think it's a given that any such collection of data will be targeted for acquisition by every law enforcement agency in every country. Some of them are bound to get it. See "FBI", above, for a case in point.)

Lots of questions, I know. Perhaps I could summarize that list by asking these three instead: (1) Who owns your mobile device? (2) Who owns the software installed on your mobile device? and (3) Who owns your data?

Filed Under: mobile, privacy, rootkit, spying
Companies: carrieriq, sprint, verizon wireless

26 Comments

Security Researcher Shows That -- Despite Carrier IQ's Claims To The Contrary -- CarrierIQ Records Keystrokes

Privacy

from the now-that's-kind-of-scary dept

Thu, Dec 1st 2011 12:11pm — Mike Masnick

Remember Carrier IQ? This was the company whose software was installed on a ton of phones out there (mainly from Verizon and Sprint), supposedly to record things like if there are dropped calls or problems or whatnot, but which actually appeared to be a rootkit that could track all sorts of info? Then, remember how, rather than respond professionally to this, Carrier IQ threatened researcher Trevor Eckhart with a copyright lawsuit over this? CarrierIQ eventually backed down... and again insisted that the claims of keystroke logging were simply not true.

Yeah. So. Don't piss off a security researcher. Eckhart is back with a video showing how CarrierIQ's software does track keystrokes and sends them to a central server. He demonstrates it recording and sending data, even though Eckhart is logging into something using HTTPS. Of course, when the software is local and tracking keystrokes, HTTPS is meaningless. Dave Kravets at Wired highlights what's really scary about all of this:

By the way, it cannot be turned off without rooting the phone and replacing the operating system. And even if you stop paying for wireless service from your carrier and decide to just use Wi-Fi, your device still reports to Carrier IQ.

It�s not even clear what privacy policy covers this. Is it Carrier IQ�s, your carrier�s or your phone manufacturer�s? And, perhaps, most important, is sending your communications to Carrier IQ a violation of the federal government�s ban on wiretapping?

And even more obvious, Eckhart wonders why aren�t mobile-phone customers informed of this rootkit and given a way to opt out?

I would imagine that lawyers are furiously drawing up a pretty massive class action lawsuit as we speak (if it hasn't already been filed).

Filed Under: android, keylogger, phones, rootkit
Companies: carrieriq, sprint, verizon wireless

41 Comments

CarrierIQ Fails At The Internet: Threatens Security Researcher With Copyright Infringement Claim Over His Research [Update]

Free Speech

from the dear-barbra-streisand dept

Wed, Nov 23rd 2011 6:39am — Mike Masnick

Last week, we wrote about some research by security researcher Trevor Eckhart, detailing how software from CarrierIQ had all the qualities of a rootkit, was installed on a ton of phones from Verizon Wireless and Sprint, and could potentially reveal all sorts of info about what you do on your phone. Much of Eckhart's report came from a training manual explaining the features of CarrierIQ's system, which he found left free and open on CarrierIQ's website. These kinds of stories show up every so often, and the usual thing is for the company either to admit it wasn't careful enough on security or to deny the specific allegations... and everyone moves on. But CarrierIQ apparently doesn't get how the internet works, has never heard of the Streisand Effect, and decided to not just deny the allegations in the report (we got one of those notices), but to threaten Eckhart with copyright infringement for his posting of their training manual.

Oops. Cue Streisand Effect.

Eckhart, via the EFF, has rejected CarrierIQ's requests... and has called a lot more press attention to the original reports (which had died down pretty quickly). CarrierIQ didn't do itself any favors either, by having its marketing manager talk to Wired and stubbornly defend the copyright infringement claim by saying:

�Whatever content we distribute we want to be in control of that,� he said. �I think obviously, any company wants to be responsible for the information that gets distributed.�

What "any company wants" and what is the law are often two different things. It might have helped for CarrierIQ employees to familiarize themselves with the law first. Of course, the EFF's letter attempts a quick crash course in the subject:

With respect to your allegations of copyright infringement, Mr. Eckhart�s analysis and publication of Carrier IQ�s training materials is a classic fair use and, therefore, non-infringing. 17 U.S.C. § 107 (�the fair use of a copyrighted work . . . for purposes such as criticism, comment, news reporting . . . or research, is not an infringement of copyright.�). Courts generally consider four factors in a fair use analysis: 1) the purpose and character of the use, 2) the nature of the copyrighted work, 3) the amount and substantiality of the portion used, and 4) the effect of the use on the potential market for the work. Id.; Campbell v. Acuff-Rose Music, 510 U.S. 569, 577 (1994). Each of these factors favors Mr. Eckhart.

CarrierIQ is also claiming false allegations (i.e., defamation) over Eckhart's claims of its software being a rootkit. But, once again, the EFF and Eckhart are explaining the details of the law. Just because you don't like someone's opinion of what you do, or you don't like someone describing factually what you do, doesn't mean you get to accuse them of defamation:

You also claim that Mr. Eckhart published �false allegations� that are �without substance,� �untrue,� and that Carrier IQ considers �damaging to [its] reputation and the reputation of [its] customers.� We have repeatedly asked you to specify the statements you believe are actionable. You have failed to do so, and have instead merely repeated your broad accusations. We believe you are not able to substantiate your allegations because Mr. Eckhart�s factual findings are true. If you are able to specify any statement that you believe is false, Mr. Eckhart will be happy to provide you with the documentation of that finding.

Moreover, your client is a public figure. Under well-established Supreme Court precedent, commentary and criticism regarding Carrier IQ�s professional activities receive additional protections under the First Amendment, because there is a heightened public interest in facilitating such speech. See, e.g., New York Times Co. v. Sullivan, 376 U.S. 254, 270 (1964); Hustler Magazine v. Falwell, 485 U.S. 46 (1988).

And, of course, now we get another round of people paying attention to the allegations regarding CarrierIQ.

Update: And... commence groveling. Just received the following:

As, of today, we are withdrawing our cease and desist letter to Mr. Trevor Eckhart. We have reached out to Mr. Eckhart and the Electronic Frontier Foundation (EFF) to apologize. Our action was misguided and we are deeply sorry for any concern or trouble that our letter may have caused Mr. Eckhart. We sincerely appreciate and respect EFF�s work on his behalf, and share their commitment to protecting free speech in a rapidly changing technological world.

The company also reiterates that its software doesn't track a bunch of stuff and that it's really designed to make networks and phones perform better...

Filed Under: research, rootkit, streisand effect, trevor eckhart
Companies: carrieriq

Do Tons Of Sprint And Verizon Phones Contain A Rootkit, Potentially Tracking All Sorts Of Info?

Privacy

from the privacy,-what's-that? dept

Tue, Nov 15th 2011 3:02pm — Mike Masnick

Security researcher Trevor Eckhart has put out a report suggesting that a ton of Sprint and Verizon Wireless mobile phones have what is effectively a rootkit installed on them. Specifically, he's talking about CarrierIQ, a bit of software intended to monitor device usage, supposedly for the purpose of understanding problems that a user might be having and helping to troubleshoot remotely. The description of the software seems mostly innocuous:

Carrier IQ is used to understand what problems customers are having with our network or devices so we can take action to improve service quality.

It collects enough information to understand the customer experience with devices on our network and how to devise solutions to use and connection problems. We do not and cannot look at the contents of messages, photos, videos, etc., using this tool

However, in digging into the details of the software, Eckhart realized that it can easily track all sorts of info, including what websites people are visiting and what keypresses they make. The software can also surreptitiously report where the phone is located. He further notes that the software is purposely hidden on a bunch of devices, and on many it appears that you simply can't turn it off.

Now, I don't think anyone is suggesting anything nefarious here. There are reasons why operators like to collect this kind of data and, in the aggregate, it seems useful. But, as Eckhart looked in more detail at training materials for the software, he realized it could easily be used to track at a much more granular level, down to individuals. The potential for abuse seems pretty high. Again, it's obvious why this software is installed, but it raises questions about what carriers are doing to make sure the software isn't being abused. It's also somewhat troubling that the carriers aren't all that straightforward about how this software is monitoring their users...

Filed Under: mobile, rootkit, wireless
Companies: carrieriq, sprint, verizon

24 Comments

Samsung Accused Of Installing Secret Keyloggers On New Laptops 'To Monitor Performance' [Updated]

Computers

from the that's-not-going-to-go-over-well dept

Wed, Mar 30th 2011 2:03pm — Mike Masnick

See update at the bottom

According to a report by Mohamed Hassan at Network World, Samsung has been installing secret keyloggers on laptops. After setting up a new laptop, he ran a scan and found an installation of StarLogger, a commercial keylogger program. It's a rather nefarious piece of software:

This key logger is completely undetectable and starts up whenever your computer starts up. See everything being typed: emails, messages, documents, web pages, usernames, passwords, and more. StarLogger can email its results at specified intervals to any email address undetected so you don't even have to be at the computer your[sic] are monitoring to get the information. The screen capture images can also be attached automatically to the emails as well as automatically deleted.

Hassan claims to have found the same keylogger on two separate laptops from Samsung, and after calling the company, finally had a supervisor claim that the company did it to monitor usage:

On March 1, 2011, I called and logged incident 2101163379 with Samsung Support (SS). First, as Sony BMG did six years ago, the SS personnel denied the presence of such software on its laptops. After having been informed of the two models where the software was found and the location, SS changed its story by referring the author to Microsoft since "all Samsung did was to manufacture the hardware." When told that did not make sense, SS personnel relented and escalated the incident to one of the support supervisors.

The supervisor who spoke with me was not sure how this software ended up in the new laptop thus put me on hold. He confirmed that yes, Samsung did knowingly put this software on the laptop to, as he put it, "monitor the performance of the machine and to find out how it is being used."

Of course, it's entirely possible that the supervisor was confused as well. Frankly, like some others, I find it hard to believe that Samsung corporate policy could be so clueless as to install secret keyloggers on all laptops. If it is true, however, I imagine the company will be facing one hell of a lawsuit in the very near future.

Update: It looks like my skepticism on this story may have been justified. Samsung is claiming that the researcher got a false positive, and confused a language folder for a keylogger:

"Our findings indicate that the person mentioned in the article used a security program called VIPRE that mistook a folder created by Microsoft�s Live Application for a key logging software, during a virus scan.

"The confusion arose because VIPRE mistook Microsoft's Live Application multi-language support folder, labelled 'SL,' as StarLogger. Depending on the language, under C:\Windows folders are created labelled 'SL' for Slovene, 'KO' for Korean, 'EN' for English."

Filed Under: keylogger, monitoring, rootkit
Companies: samsung

41 Comments

You Would Think Sony Knew Better Than To Install A Rootkit In The PS3 [Updated]

(Mis)Uses of Technology

from the haven't-we-done-this-before? dept

Thu, Feb 3rd 2011 2:09pm — Mike Masnick

As you probably remember, a few years back there was a huge mess when Sony Music (at the time, Sony BMG) was caught installing a rootkit via the DRM it used on CDs. That created a huge legal headache for Sony, with the company eventually agreeing to replace all those CDs. You would think that Sony, as a whole, would now be a lot more careful about such things. Yet, as TorrentFreak points out, an analysis of the new PS3 firmware suggests that there's a rootkit in there, which will allow Sony to control the PS3 device that you thought (incorrectly) that you bought. It's almost as if Sony is telling people to stop buying PS3s. Update: A lot of folks are claiming this isn't really a rootkit, and that the story has been blown out of proportion. Reading through the details suggest this is absolutely a possibility.

Filed Under: ps3, rootkit
Companies: sony

89 Comments

T-Mobile's Latest Android Phone Comes With Free Freedom-Destroying Rootkit

Wireless

from the get-yours-now! dept

Wed, Oct 6th 2010 3:01pm — Mike Masnick

Lots of folks have been highlighting the news that T-Mobile, for whatever reason, has decided to include some sort of "rootkit" with its latest Android phone, the G2. Despite the fact that one of the key selling points of an Android phone is the openness of the phone, T-Mobile has apparently decided that it's way too open. So, the little bug watches if you modify the phone, and then automatically reinstalls the default Android version -- including "all of the carrier settings and restrictions." Of course, T-Mobile is free to be as dickish towards its customers as it wants to be, but those customers can simply decide to go elsewhere.

Filed Under: android, g2, rootkit
Companies: t-mobile

30 Comments

Older Stories >>

Follow Techdirt

Essential Reading

The Techdirt Greenhouse

Read the latest posts:

read all »

Techdirt Deals

Report this ad | Hide Techdirt ads

Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Older Stuff

Thursday
13:33	Former Employees Say Mossad Members Dropped By NSO Officers To Run Off-The-Books Phone Hacks (2)
12:01	No, Creating An NFT Of The Video Of A Horrific Shooting Will Not Get It Removed From The Internet (18)
10:49	San Francisco Cops Are Running Rape Victims' DNA Through Criminal Databases Because What Even The Fuck (18)
10:44	Daily Deal: The Complete 2022 Java Coder Bundle (0)
09:31	As Expected, Trump's Social Network Is Rapidly Banning Users It Doesn't Like, Without Telling Them Why (44)
06:30	Comcast Continues To Bleed Olympics Viewers After Years Of Bumbling (19)
Wednesday
20:42	Apple Finally Defeats Dumb Diverse Emoji Lawsuit One Year Later (6)
15:39	Clearview Pitch Deck Says It's Aiming For A 100 Billion Image Database, Restarting Sales To The Private Sector (10)
13:41	Peloton Outage Prevents Customers From Using $2,500 Exercise Bikes (16)
12:09	The GOP Knows That The Dem's Antitrust Efforts Have A Content Moderation Trojan Horse; Why Don't The Dems? (16)
10:51	Hertz Ordered To Tell Court How Many Thousands Of Renters It Falsely Accuses Of Theft Every Year (24)
09:21	Even As Trump Relies On Section 230 For Truth Social, He's Claiming In Lawsuits That It's Unconstitutional (34)
06:16	Medical, Home Alarm Industries Warn Of Major Outages As AT&T Shuts Down 3G Network (25)
Tuesday
20:37	Video Game History Foundation: Nintendo Actions 'Actively Destructive To Video Game History' (29)
15:35	Massachusetts Court Says No Expectation Of Privacy In Social Media Posts Unwittingly Shared With An Undercover Cop (17)
13:30	Techdirt Podcast Episode 312: Regulating The Internet (2)
12:03	US Copyright Office Gets It Right (Again): AI-Generated Works Do Not Get A Copyright Monopoly (60)
10:42	LA Sheriff Threatens To 'Subject' City Council To 'Defamation Law' If They Won't Stop Calling His Deputies 'Gang Members' (20)
10:37	Daily Deal: codeSpark Academy Sibling Bundle (0)
09:25	Trump's Truth Social Bakes Section 230 Directly Into Its Terms, So Apparently Trump Now Likes Section 230 (128)
06:22	15 Years Late, The FCC Cracks Down On Broadband Apartment Monopolies (31)
Sunday
12:05	Funniest/Most Insightful Comments Of The Week At Techdirt (11)
Saturday
12:00	This Week In Techdirt History: February 13th - 19th (1)
Friday
19:39	Letter From High-Ranking FBI Lawyer Tells Prosecutors How To Avoid Court Scrutiny Of Firearms Analysis Junk Science (25)
15:52	Nintendo Is Beginning To Look Like The Disney Of The Video Game Industry (44)
13:49	Seattle Public Radio Station Manages To Partially Brick Area Mazdas Using Nothing More Than Some Image Files (44)
12:13	Thankfully, Jay Inslee's Unconstitutional Bill To Criminalize Political Speech Dies In The Washington Senate (8)
10:52	How Our Convoluted Copyright Regime Explains Why Spotify Chose Joe Rogan Over Neil Young (136)
10:47	Daily Deal: The Complete Blocs Website Builder Bundle (0)
09:33	Arizona Prosecutor Who Brought Bogus Gang Charges Against Protesters Files Ridiculous Defamation Suit Against Her Boss (12)

Continued Disagreement And Confusion Over Yahoo Email Scanning

from the someone-needs-to-come-clean-for-real dept

Thought Komodia/Superfish Bug Was Really, Really Bad? It's Much, Much Worse!

from the getting-worse-by-day dept

Ubisoft DRM Fiasco: Allows Any Website To Take Control Of Your Computer

from the punishing-your-paying-customers dept

The Carrier IQ Saga (So Far) -- And Some Questions That Need Answers

from the answers-we-may-never-get dept

Security Researcher Shows That -- Despite Carrier IQ's Claims To The Contrary -- CarrierIQ Records Keystrokes

from the now-that's-kind-of-scary dept

CarrierIQ Fails At The Internet: Threatens Security Researcher With Copyright Infringement Claim Over His Research [Update]

from the dear-barbra-streisand dept

Do Tons Of Sprint And Verizon Phones Contain A Rootkit, Potentially Tracking All Sorts Of Info?

from the privacy,-what's-that? dept

Samsung Accused Of Installing Secret Keyloggers On New Laptops 'To Monitor Performance' [Updated]

from the that's-not-going-to-go-over-well dept

You Would Think Sony Knew Better Than To Install A Rootkit In The PS3 [Updated]

from the haven't-we-done-this-before? dept

T-Mobile's Latest Android Phone Comes With Free Freedom-Destroying Rootkit

from the get-yours-now! dept

The Techdirt Greenhouse

Thursday

Wednesday

Tuesday

Sunday

Saturday

Friday

More

Tools & Services

Company

Contact

More

from the someone-needs-to-come-clean-for-real dept

from the getting-worse-by-day dept

from the punishing-your-paying-customers dept

from the answers-we-may-never-get dept

from the now-that's-kind-of-scary dept

from the dear-barbra-streisand dept

from the privacy,-what's-that? dept

from the that's-not-going-to-go-over-well dept

from the haven't-we-done-this-before? dept

from the get-yours-now! dept

Techdirt Daily Newsletter

The Techdirt Greenhouse

Tools & Services

Company

Contact

More