Menu

Timesdelhi.com

March 26, 2019
Category archive

Security

Aluminum manufacturing giant Norsk Hydro shut down by ransomware

in Delhi/Hack/India/malware/Norway/Oslo/Politics/Prevention/ransomware/Security/security breaches by

Norsk Hydro, one of the largest global aluminum manufacturers, has confirmed its operations have been disrupted by a ransomware attack.

The Oslo, Norway-based company said in a brief statement that the attack, which began early Tuesday, has impacted “most business areas,” forcing the aluminum maker to switch to manual operations.

“Hydro is working to contain and neutralize the attack, but does not yet know the full extent of the situation,” the company said in a statement posted to Facebook. It’s understood that the ransomware disabled a key part of the company’s smelting operations.

Employees were told to “not connect any devices” to the company’s network. Norsk Hydro’s website was also down at the time of writing.

A sheet of paper with informations concerning a cyber attack (L) and one reading ‘ Hydro is under a cyber attack, don’ t plug your computer on the network unless we say so’ are pictured on a window of the headquarters of the Norwegian aluminium group ‘Norsk Hydro’ in Oslo, Norway on March 19, 2019. (Photo by Terje PEDERSEN / NTB Scanpix / AFP) / Norway OUT (Photo credit should read TERJE PEDERSEN/AFP/Getty Images)

The company manufacturers aluminum products, manufacturing close to half a million tons each year, and is also a significant provider hydroelectric power in the Nordic state.

Reuters said operations in Qatar and Brazil were also under manual operation, but the company said in a public disclosure with the Norwegian stock exchange there was “no indication” of impact on primary plants outside Norway.

“It is too early to assess the full impact of the situation. It is too early to assess the impact on customers,” said the aluminum maker.

Norway’s National Security Authority did not immediately respond to an email with questions, but told Reuters that the infection is likely LockerGoga, a new kind of digitally signed ransomware that went undetected until recently. The ransomware locks files and demands a ransom payment for a decryption key.

Security expert Kevin Beaumont said earlier this month the malware was also used to target Altran, a Paris, France-based consulting firm, last month. Beaumont said the malware doesn’t require a network connection or a command and control server like other ransomware strains. A sample of the ransomware shared to malware analysis site VirusTotal shows only a handful of anti-malware products can detect and neutralize the LockerGoga malware.

Norsk Hydro spokesperson Stian Hasle did not immediately comment.

News Source = techcrunch.com

ICE has a huge license plate database targeting immigrants, documents reveal

in california/Delhi/Government/India/law enforcement/mass surveillance/national security/Politics/privacy/Security/surveillance by

Newly released documents reveal Immigration and Customs Enforcement is tracking and targeting immigrants through a massive license plate reader database supplied with data from local police departments — in some cases violating sanctuary laws.

The documents, obtained by a Freedom of Information lawsuit filed by the American Civil Liberties Union and released Tuesday, reveal the vehicle surveillance system collects more than a hundred million license plates a month from some of the largest cities in the U.S., including New York and Los Angeles, both of which are covered under laws limiting police cooperation with immigration agencies.

More than 9,000 ICE agents have access to the database, run by Vigilant Solutions, feeding some six billion vehicle detection records into Thomson Reuters’ investigative platform LEARN, to which police departments can buy access.

“The public has a right to know when a government agency — especially an immoral and rogue agency such as ICE — is exploiting a mass surveillance database that is a threat to the privacy and safety of drivers across the United States,” said Vasudha Talla, staff attorney with the ACLU of Northern California, in an email to TechCrunch.

Talla, who sued ICE to release the documents, said the government “should not have unfettered access to information that reveals where we live, where we work, and our private habits.” Critics have noted several high-profile cases of police misusing and improperly accessing license plate data.

Automatic license plate readers (ALPR) scan and detect license plates, along with the time, date and location from thousands of cameras installed across the country to spot criminals and fugitives with warrants out for their arrest. The ACLU previously called it one of the new and emerging forms of mass surveillance in the United States. Companies like Vigilant feed data collected from ALPR cameras into databases accessible to law enforcement and federal agencies, which the ACLU accused ICE of using to find and deport immigrants.

ICE has a “hot list” of more than 1,100 license plates of suspects, felons or other subjects of interest, according to the documents released. Plates on the hot list trigger an alert to ICE that the vehicle has been spotted, including where and when.

“Hot lists are just one method by which ICE agents can track drivers with this system,” said Talla.

A spokesperson for ICE did not comment by our deadline on how many hot list detections led to deportations or removals from the U.S. Spokespeople for Thomson Reuters and Vigilant Solutions also did not comment.

It’s the third effort by ICE to secure access to the database in the past five years, after earlier attempts in 2014 over privacy concerns and 2015 over price negotiations failed. The agency rushed to secure the contract before a planned hike in cost by Thomson Reuters toward the end of 2017.

ICE spent $6.1 million on its latest contract in February 2018, gaining access to 80 law enforcement agencies covering almost two-thirds of the U.S. population. To allay fears of potential misuse, the agency was required to pass a revised privacy impact assessment explaining how ICE can and cannot use the license plate data. In one released email to an NPR reporter, ICE said agents “can only access data” uploaded by police departments if they elect to share it through the system.

But the ACLU found emails of ICE agents directly contacting local law enforcement officers to ask for license plate search data, circumventing the database.

Correspondence between ICE and a local police detective asking for license plate data outside of the ALPR database (Image: ACLU/supplied)

Over a years-long effort, one ICE agent — whose name was redacted by the government — sent several requests to a La Habra police detective by email asking for license plate data.

La Habra is one of 169 police departments in California, and is one of dozens of departments known to use ALPR. But the city’s police department is not on Vigilant’s list of law enforcement partners that supply license plate data to ICE, the documents show.

We asked La Habra Chief of Police Jerry Price if turning over records to ICE was in violation of California’s sanctuary status, but he would not comment.

“By going to local police informally, ICE is able to access locally collected driver location data without having to ask for formal access to the local system through the LEARN network, which could trigger local oversight or concern,” said Talla.

A list of local U.S. police departments contributing license plate data to the database, to which ICE has access (Image: ACLU/supplied)

Other police departments were named as partners that actively feed data into the ICE-accessible database, like Upland, Merced and Union City — three cities in California, which in 2018 passed state-wide laws that offer sanctuary to immigrants who might be in the country illegally or otherwise subject to deportation by ICE. The laws prohibit law enforcement in the state from sharing of license plate data with federal agencies, said Talla.

When reached, Union City Police Department chief Victor Derting did not comment. Spokespeople for Upland and Merced police departments did not respond to a request for comment.

The ACLU called on the immediate end to the license plate information sharing.

The documents also revealed how ICE initially considered trying to keep the database a secret, arguing that disclosing the capability would “almost immediately diminish its effectiveness as a law enforcement tool.”

Amid a controversial and questionable national emergency declared by the Trump administration, ICE remains a divisive agency more than ever. Last year, 19 of the top ICE investigators that investigate serious criminal cases, like drug smuggling and sex trafficking rings, called on the government to distance their work from ICE’s enforcement and removal operations unit, which investigates immigration violations and handles deportations.

In January, TechCrunch revealed dozens of ALPR cameras are still exposed on the internet — many of which are accessible without a password.

News Source = techcrunch.com

Russia blocks encrypted email provider ProtonMail

in Delhi/email/encryption/Government/India/Internet traffic/Moscow/Politics/privacy/protonmail/Russia/Security/Twitter/websites by

Russia has told internet providers to enforce a block against encrypted email provider ProtonMail, the company’s chief has confirmed.

The block was ordered by the state Federal Security Service, formerly the KGB, according to a Russian-language blog, which obtained and published the order after the agency accused the company and several other email providers of facilitating bomb threats.

Several anonymous bomb threats were sent by email to police in late January, forcing several schools and government buildings to evacuate.

In all, 26 internet addresses were blocked by the order, including several servers used to scramble the final connection for users of Tor, an anonymity network popular for circumventing censorship. Internet providers were told to implement the block “immediately,” using a technique known as BGP blackholing, a way that tells internet routers to simply throw away internet traffic rather than routing it to its destination.

But the company says while the site still loads, users cannot send or receive email.

ProtonMail chief executive Andy Yen called the block “particularly sneaky,” in an email to TechCrunch.

“ProtonMail is not blocked in the normal way, it’s actually a bit more subtle,” said Yen. “They are blocking access to ProtonMail mail servers. So Mail.ru — and most other Russian mail servers — for example, is no longer able to deliver email to ProtonMail, but a Russian user has no problem getting to their inbox,” he said.

That’s because the two ProtonMail servers listed by the order are its back-end mail delivery servers, rather than the front-end website that runs on a different system.

The letter, translated, says that the listed internet addresses caused “the mass distribution of obviously false reports of a terrorist act” in January, resulting in “mass evacuations of schools, administrative buildings and shopping centers.” (Image: supplied)

“The wholesale blocking of ProtonMail in a way that hurts all Russian citizens who want greater online security seems like a poor approach,” said Yen. He said his service offers superior security and encryption to other mail providing rivals in the country.

“We have also implemented technical measures to ensure continued service for our users in Russia and we have been making good progress in this regard,” he explained. “If there is indeed a legitimate legal complaint, we encourage the Russian government to reconsider their position and solve problems by following established international law and legal procedures.”

Russia’s internet regulator Roskomnadzor did not return a request for comment.

Yen says the block coincided with protests against government efforts to restrict the internet, which critics have dubbed an internet “kill switch.” The Kremlin, known for its protracted efforts to crack down and stifle freedom of speech, claimed it was to protect the country’s infrastructure in the event of a cyberattack.

Some 15,000 residents protested in Moscow on Sunday, during which users started noticing problems with ProtonMail.

It’s the latest in ongoing tensions with tech companies in the wake of the Russian-backed disinformation efforts. Russia’s crackdown on the internet intensified in 2014 when it ratified a law ordering tech companies operating in the country to store Russian data within its borders. LinkedIn was one of the fist casualties of the law, leading to the site’s nationwide ban in 2016.

Last month, Facebook was told to comply with the law or face its own ban. Twitter, too, also faces a possible blackout.

News Source = techcrunch.com

The other smartphone business

in africa/antitrust/Asia/Bolivia/China/data protection/Delhi/Europe/finland/GDPR/General Data Protection Regulation/geopolitics/google-android/India/Jalasoft/Jolla/mobile/mobile linux/Politics/privacy/Rostelecom/Russia/sailfish/Sami Pienimäki/Security/Startups/TC by

With the smartphone operating system market sewn up by Google’s Android platform, which has a close to 90% share globally, leaving Apple’s iOS a slender (but lucrative) premium top-slice, a little company called Jolla and its Linux-based Sailfish OS is a rare sight indeed: A self-styled ‘independent alternative’ that’s still somehow in business.

The Finnish startup’s b2b licensing sales pitch is intended to appeal to corporates and governments that want to be able to control their own destiny where device software is concerned.

And in a world increasingly riven with geopolitical tensions that pitch is starting to look rather prescient.

Political uncertainties around trade, high tech espionage risks and data privacy are translating into “opportunities” for the independent platform player — and helping to put wind in Jolla’s sails long after the plucky Sailfish team quit their day jobs for startup life.

Building an alternative to Google Android

Jolla was founded back in 2011 by a band of Nokia staffers who left the company determined to carry on development of mobile Linux as the European tech giant abandoned its own experiments in favor of pivoting to Microsoft’s Windows Phone platform. (Fatally, as it would turn out.)

Nokia exited mobile entirely in 2013, selling the division to Microsoft. It only returned to the smartphone market in 2017, via a brand-licensing arrangement, offering made-in-China handsets running — you guessed it — Google’s Android OS.

If the lesson of the Jolla founders’ former employer is ‘resistance to Google is futile’ they weren’t about to swallow that. The Finns had other ideas.

Indeed, Jolla’s indie vision for Sailfish OS is to support a whole shoal of differently branded, regionally flavored and independently minded (non-Google-led) ecosystems all swimming around in parallel. Though getting there means not just surviving but thriving — and doing so in spite of the market being so thoroughly dominated by the U.S. tech giant.

TechCrunch spoke to Jolla ahead of this year’s Mobile World Congress tradeshow where co-founder and CEO, Sami Pienimäki, was taking meetings on the sidelines. He told us his hope is for Jolla to have a partner booth of its own next year — touting, in truly modest Finnish fashion, an MWC calendar “maybe fuller than ever” with meetings with “all sorts of entities and governmental representatives”.

Jolla co-founder, Sami Pienimaki, showing off a Jolla-branded handset in May 2013, back when the company was trying to attack the consumer smartphone space. 
(Photo credit: KIMMO MANTYLA/AFP/Getty Images)

Even a modestly upbeat tone signals major progress here because an alternative smartphone platform licensing business is — to put it equally mildly — an incredibly difficult tech business furrow to plough.

Jolla almost died at the end of 2015 when the company hit a funding crisis. But the plucky Finns kept paddling, jettisoning their early pursuit of consumer hardware (Pienimäki describes attempting to openly compete with Google in the consumer smartphone space as essentially “suicidal” at this point) to narrow their focus to a b2b licensing play.

The early b2b salespitch targeted BRIC markets, with Jolla hitting the road to seek buy in for a platform it said could be moulded to corporate or government needs while still retaining the option of Android app compatibility.

Then in late 2016 signs of a breakthrough: Sailfish gained certification in Russia for government and corporate use.

Its licensing partner in the Russian market was soon touting the ability to go “absolutely Google-free!“.

Buy in from Russia

Since then the platform has gained the backing of Russian telco Rostelecom, which acquired Jolla’s local licensing customer last year (as well as becoming a strategic investor in Jolla itself in March 2018 — “to ensure there is a mutual interest to drive the global Sailfish OS agenda”, as Pienimäki puts it).

Rostelecom is using the brand name ‘Aurora OS‘ for Sailfish in the market which Pienimäki says is “exactly our strategy” — likening it to how Google’s Android has been skinned with different user experiences by major OEMs such as Samsung and Huawei.

“What we offer for our customers is a fully independent, regional licence and a tool chain so that they can develop exactly this kind of solution,” he tells TechCrunch. “We have come to a maturity point together with Rostelecom in the Russia market, and it was natural move plan together, that they will take a local identity and proudly carry forward the Sailfish OS ecosystem development in Russia under their local identity.”

“It’s fully compatible with Sailfish operating system, it’s based on Sailfish OS and it’s our joint interest, of course, to make it fly,” he adds. “So that as we, hopefully, are able to extend this and come out to public with other similar set-ups in different countries those of course — eventually, if they come to such a fruition and maturity — will then likely as well have their own identities but still remain compatible with the global Sailfish OS.”

Jolla says the Russian government plans to switch all circa 8M state officials to the platform by the end of 2021 — under a project expected to cost RUB 160.2 billion (~$2.4BN). (A cut of which will go to Jolla in licensing fees.)

It also says Sailfish-powered smartphones will be “recommended to municipal administrations of various levels,” with the Russian state planning to allocate a further RUB 71.3 billion (~$1.1BN) from the federal budget for that. So there’s scope for deepening the state’s Sailfish uptake.

Russian Post is one early customer for Jolla’s locally licensed Sailfish flavor. Having piloted devices last year, Pienimäki says it’s now moving to a full commercial deployment across the whole organization — which has around 300,000 employees (to give a sense of how many Sailfish powered devices could end up in the hands of state postal workers in Russia).

A rugged Sailfish-powered device piloted by Russian post

Jolla is not yet breaking out end users for Sailfish OS per market but Pienimäki says that overall the company is now “clearly above” 100k (and below 500k) devices globally.

That’s still of course a fantastically tiny number if you compare it to the consumer devices market — top ranked Android smartphone maker Samsung sold around 70M handsets in last year’s holiday quarter, for instance — but Jolla is in the b2b OS licensing business, not the handset making business. So it doesn’t need hundreds of millions of Sailfish devices to ship annually to turn a profit.

Scaling a royalty licensing business to hundreds of thousands of users is sums to “good business”, , says Pienimäki, describing Jolla’s business model for Sailfish as “practically a royalty per device”.

“The success we have had in the Russian market has populated us a lot of interesting new opening elsewhere around the world,” he continues. “This experience and all the technology we have built together with Open Mobile Platform [Jolla’s Sailfish licensing partner in Russia which was acquired by Rostelecom] to enable that case — that enables a number of other cases. The deployment plan that Rostelecom has for this is very big. And this is now really happening and we are happy about it.”

Jolla’s “Russia operation” is now beginning “a mass deployment phase”, he adds, predicting it will “quickly ramp up the volume to very sizeable”. So Sailfish is poised to scale.

Step 3… profit?

While Jolla is still yet to turn a full-year profit Pienimäki says several standalone months of 2018 were profitable, and he’s no longer worried whether the business is sustainable — asserting: “We don’t have any more financial obstacles or threats anymore.”

It’s quite the turnaround of fortunes, given Jolla’s near-death experience a few years ago when it almost ran out of money, after failing to close a $10.6M Series C round, and had to let go of half its staff.

It did manage to claw in a little funding at the end of 2015 to keep going, albeit as much leaner fish. But bagging Russia as an early adopter of its ‘independent’ mobile Linux ecosystem looks to have been the key tipping point for Jolla to be able to deliver on the hard-graft ecosystem-building work it’s been doing all along the way. And Pienimäki now expresses easy confidence that profitability will flow “fairly quickly” from here on in.

“It’s not an easy road. It takes time,” he says of the ecosystem-building company Jolla hard-pivoted to at its point of acute financial distress. “The development of this kind of business — it requires patience and negotiation times, and setting up the ecosystem and ecosystem partners. It really requires patience and takes a lot of time. And now we have come to this point where actually there starts to be an ecosystem which will then extend and start to carry its own identity as well.”

In further signs of Jolla’s growing confidence he says it hired more than ten people last year and moved to new and slightly more spacious offices — a reflection of the business expanding.

“It’s looking very good and nice for us,” Pienimäki continues. “Let’s say we are not taking too much pressure, with our investors and board, that what is the day that we are profitable. It’s not so important anymore… It’s clear that that is soon coming — that very day. But at the same time the most important is that the business case behind is proven and it is under aggressive deployment by our customers.”

The main focus for the moment is on supporting deployments to ramp up in Russia, he says, emphasizing: “That’s where we have to focus.” (Literally he says “not screwing up” — and with so much at stake you can see why nailing the Russia case is Jolla’s top priority.)

While the Russian state has been the entity most keen to embrace an alternative (non-U.S.-led) mobile OS — perhaps unsurprisingly — it’s not the only place in the world where Jolla has irons in the fire.

Another licensing partner, Bolivian IT services company Jalasoft, has co-developed a Sailfish-powered smartphone called Accione.

Jalasoft’s ‘liberty’-touting Accione Sailfish smartphone

It slates the handset on its website as being “designed for Latinos by Latinos”. “The digitalization of the economy is inevitable and, if we do not control the foundation of this digitalization, we have no future,” it adds.

Jalasoft founder and CEO Jorge Lopez says the company’s decision to invest effort in kicking the tyres of Jolla’s alternative mobile ecosystem is about gaining control — or seeking “technological libration” as the website blurb puts it.

“With Sailfish OS we have control of the implementation, while with Android it is the opposite,” Lopez tells TechCrunch. “We are working on developing smart buildings and we need a private OS that is not Android or iOS. This is mainly because our product will allow the end user to control the whole building and doing this with Android or iOS a hackable OS will bring concerns on security.”

Lopez says Jalasoft is using Accione as its development platform — “to gather customer feedback and to further develop our solution” — so the project clearly remains in an early phase, and he says that no more devices are likely to be announced this year.

But Jolla can point to more seeds being sewn with the potential, with work, determination and patience, to sprout into another sizeable crop of Sailfish-powered devices down the line.

Complexity in China

Even more ambitiously Jolla is also targeting China, where investment has been taken in to form a local consortium to develop a Chinese Sailfish ecosystem.

Although Pienimäki cautions there’s still much work to be done to bring Sailfish to market in China.

“We completed a major pilot with our licensing customer, Sailfish China Consortium, in 2017-18,” he says, giving an update on progress to date. “The public in market solution is not there yet. That is something that we are working together with the customer — hopefully we can see it later this year on the market. But these things take time. And let’s say that we’ve been somewhat surprised at how complex this kind of decision-making can be.”

“It wasn’t easy in Russia — it took three years of tight collaboration together with our Russian partners to find a way. But somehow it feels that it’s going to take even more in China. And I’m not necessarily talking about calendar time — but complexity,” he adds.

While there’s no guarantee of success for Jolla in China, the potential win is so big given the size of the market that even if they can only carve out a tiny slice, such as a business or corporate sector, it’s still worth going after. And he points to the existence of a couple of native mobile Linux operating systems he reckons could make “very lucrative partners”.

That said, the get-to-market challenge for Jolla in China is clearly distinctly different vs the rest of the world. This is because Android has developed into an independent (i.e. rather than Google-led) ecosystem in China as a result of state restrictions on the Internet and Internet companies. So the question is what could Sailfish offer that forked Android doesn’t already?

An Oppo Android powered smartphone on show at MWC 2017

Again, Jolla is taking the long view that ultimately there will be appetite — and perhaps also state-led push — for a technology platform bolster against political uncertainty in U.S.-China relations.

“What has happened now, in particular last year, is — because of the open trade war between the nations — many of the technology vendors, and also I would say the Chinese government, has started to gradually tighten their perspective on the fact that ‘hey simply it cannot be a long term strategy to just keep forking Android’. Because in the end of the day it’s somebody else’s asset. So this is something that truly creates us the opportunity,” he suggests.

“Openly competing with the fact that there are very successful Android forks in China, that’s going to be extremely difficult. But — let’s say — tapping into the fact that there are powers in that nation that wish that there would be something else than forking Android, combined with the fact that there is already something homegrown in China which is not forking Android — I think that’s the recipe that can be successful.”

Not all Jolla’s Sailfish bets have paid off, of course. An earlier foray by an Indian licensing partner into the consumer handset market petered out. Albeit, it does reinforce their decision to zero in on government and corporate licensing.

“We got excellent business connections,” says Pienimäki of India, suggesting also that it’s still a ‘watch this space’ for Jolla. The company has a “second move” in train in the market that he’s hopeful to be talking about publicly later this year.

It’s also pitching Sailfish in Africa. And in markets where target customers might not have their own extensive in-house IT capability to plug into Sailfish co-development work Pienimäki says it’s offering a full solution — “a ready made package”, together with partners, including device management, VPN, secure messaging and secure email — which he argues “can be still very lucrative business cases”.

Looking ahead and beyond mobile, Pienimäki suggests the automotive industry could be an interesting target for Sailfish in the future — though not literally plugging the platform into cars; but rather licensing its technologies where appropriate — arguing car makers are also keen to control the tech that’s going into their cars.

“They really want to make sure that they own the cockpit. It’s their property, it’s their brand and they want to own it — and for a reason,” he suggests, pointing to the clutch of major investments from car companies in startups and technologies in recent years.

“This is definitely an interesting area. We are not directly there ourself — and we are not capable to extend ourself there but we are discussing with partners who are in that very business whether they could utilize our technologies there. That would then be more or less like a technology licensing arrangement.”

A trust balancing model

While Jolla looks to be approaching a tipping point as a business, in terms of being able to profit off of licensing an alternative mobile platform, it remains a tiny and some might say inconsequential player on the global mobile stage.

Yet its focus on building and maintaining trusted management and technology architectures also looks timely — again, given how geopolitical spats are intervening to disrupt technology business as usual.

Chinese giant Huawei used an MWC keynote speech last month to reject U.S.-led allegations that its 5G networking technology could be repurposed as a spying tool by the Chinese state. And just this week it opened a cybersecurity transparency center in Brussels, to try to bolster trust in its kit and services — urging industry players to work together on agreeing standards and structures that everyone can trust.

In recent years U.S.-led suspicions attached to Russia have also caused major headaches for security veteran Kaspersky — leading the company to announce its own trust and transparency program and decentralize some of its infrastructure, including by spinning up servers in Europe last year.

Businesses finding ways to maintain and deepen the digital economy in spite of a little — or even a lot — of cross-border mistrust may well prove to be the biggest technology challenge of all moving forward.

Especially as next-gen 5G networks get rolled out — and their touted ‘intelligent connectivity’ reaches out to transform many more types of industries, bringing new risks and regulatory complexity.

The geopolitical problem linked to all this boils down to how to trust increasing complex technologies without any one entity being able to own and control all the pieces. And Jolla’s business looks interesting in light of that because it’s selling the promise of neutral independence to all its customers, wherever they hail from — be it Russia, LatAm, China, Africa or elsewhere — which makes its ability to secure customer trust not just important but vital to its success.

Indeed, you could argue its customers are likely to rank above average on the ‘paranoid’ scale, given their dedicated search for an alternative (non-U.S.-led) mobile OS in the first place.

“It’s one of the number one questions we get,” admits Pienimäki, discussing Jolla’s trust balancing act — aka how it manages and maintains confidence in Sailfish’s independence, even as it takes business backing and code contributions from a state like Russia.

“We tell about our reference case in Russia and people quickly ask ‘hey okay, how can I trust that there is no blackbox inside’,” he continues, adding: “This is exactly the core question and this is exactly the problem we have been able to build a solution for.”

Jolla’s solution sums to one line: “We create a transparent platform and on top of fully transparent platform you can create secure solutions,” as Pienimäki puts it.

“The way it goes is that Jolla with Sailfish OS is always offering the transparent Sailfish operating system core, on source code level, all the time live, available for all the customers. So all the customers constantly, in real-time, have access to our source code. Most of it’s in public open source, and the proprietary parts are also constantly available from our internal infrastructure. For all the customers, at the same time in real-time,” he says, fleshing out how it keeps customers on board with a continually co-developing software platform.

“The contributions we take from these customers are always on source code level only. We don’t take any binary blobs inside our software. We take only source code level contributions which we ourselves authorize, integrate and then we make available for all the customers at the very same moment. So that loopback in a way creates us the transparency.

“So if you want to be suspicion of the contributions of the other guys, so to say, you can always read it on the source code. It’s real-time. Always available for all the customers at the same time. That’s the model we have created.”

“It’s honestly quite a unique model,” he adds. “Nobody is really offering such a co-development model in the operating system business.

“Practically how Android works is that Google, who’s leading the Android development, makes the next release of Android software, then releases it under Android Open Source and then people start to backboard it — so that’s like ‘source, open’ in a way, not ‘open source’.”

Sailfish’s community of users also have real-time access to and visibility of all the contributions — which he dubs “real democracy”.

“People can actually follow it from the code-line all the time,” he argues. “This is really the core of our existence and how we can offer it to Russia and other countries without creating like suspicion elements each side. And that is very important.

“That is the only way we can continue and extend this regional licensing and we can offer it independently from Finland and from our own company.”

With global trade and technology both looking increasingly vulnerable to cross-border mistrust, Jolla’s approach to collaborative transparency may offer something of a model if other businesses and industries find they need to adapt themselves  in order for trade and innovation to keep moving forward in uncertain political times.

Antitrust and privacy uplift

Last but not least there’s regulatory intervention to consider.

A European Commission antitrust decision against Google’s Android platform last year caused headlines around the world when the company was slapped with a $5BN fine.

More importantly for Android rivals Google was also ordered to change its practices — leading to amended licensing terms for the platform in Europe last fall. And Pienimäki says Jolla was a “key contributor” to the Commission case against Android.

European competition commissioner Margrethe Vestager, on April 15, 2015 in Brussels, as the Commission said it would open an antitrust investigation into Google’s Android operating system. (Photo credit: JOHN THYS/AFP/Getty Images)

The new Android licensing terms make it (at least theoretically) possible for new types of less-heavily-Google-flavored Android devices to be developed for Europe. Though there have been complaints the licensing tweaks don’t go far enough to reset Google’s competitive Android advantage.

Asked whether Jolla has seen any positive impacts on its business following the Commission’s antitrust decision, Pienimäki responds positively, recounting how — “one or two weeks after the ruling” — Jolla received an inbound enquiry from a company in France that had felt hamstrung by Google requiring its services to be bundled with Android but was now hoping “to realize a project in a special sector”.

The company, which he isn’t disclosing at this stage, is interested in “using Sailfish and then having selected Android applications running in Sailfish but no connection with the Google services”.

“We’ve been there for five years helping the European Union authorities [to build the case] and explain how difficult it is to create competitive solutions in the smartphone market in general,” he continues. “Be it consumer or be it anything else. That’s definitely important for us and I don’t see this at all limited to the consumer sector. The very same thing has been a problem for corporate clients, for companies who provide specialized mobile device solutions for different kind of corporations and even governments.”

While he couches the Android ruling as a “very important” moment for Jolla’s business last year, he also says he hopes the Commission will intervene further to level the smartphone playing field.

“What I’m after here, and what I would really love to see, is that within the European Union we utilize Linux-based, open platform solution which is made in Europe,” he says. “That’s why we’ve been pushing this [antitrust action]. This is part of that. But in bigger scheme this is very good.”

He is also very happy with Europe’s General Data Protection Regulation (GDPR) — which came into force last May, plugging in a long overdue update to the bloc’s privacy rules with a much beefed up enforcement regime.

GDPR has been good for Jolla’s business, according to Pienimäki, who says interest is flowing its way from customers who now perceive a risk to using Android if customer data flows outside Europe and they cannot guarantee adequate privacy protections are in place.

“Already last spring… we have had plenty of different customer discussions with European companies who are really afraid that ‘hey I cannot offer this solution to my government or to my corporate customer in my country because I cannot guarantee if I use Android that this data doesn’t go outside the European Union’,” he says.

“You can’t indemnify in a way that. And that’s been really good for us as well.”

News Source = techcrunch.com

Tufts expelled a student for grade hacking. She claims innocence

in connecticut/Delhi/Education/India/law enforcement/malwarebytes/north america/Politics/Security/toronto/tufts university/Xiaomi by

As she sat in the airport with a one-way ticket in her hand, Tiffany Filler wondered how she would pick up the pieces of her life, with tens of thousands of dollars in student debt and nothing to show for it.

A day earlier, she was expelled from Tufts University veterinary school. As a Canadian, her visa was no longer valid and she was told by the school to leave the U.S. “as soon as possible.” That night, her plane departed the U.S. for her native Toronto, leaving any prospect of her becoming a veterinarian behind.

Filler, 24, was accused of an elaborate months-long scheme involving stealing and using university logins to break into the student records system, view answers, and alter her own and other students’ grades.

The case Tufts presented seems compelling, if not entirely believable.

There’s just one problem: In almost every instance that the school accused Filler of hacking, she was elsewhere with proof of her whereabouts or an eyewitness account and without the laptop she’s accused of using. She has alibis: fellow students who testified to her whereabouts; photos with metadata putting her miles away at the time of the alleged hacks; and a sleep tracker that showed she was asleep during others.

Tufts is either right or it expelled an innocent student on shoddy evidence four months before she was set to graduate.

– – –

Guilty until proven innocent

Tiffany Filler always wanted to be a vet.

Ever since she was a teenager, she set her sights on her future career. With almost four years under her belt at Tufts, which is regarded as one of the best schools for veterinary medicine in North America, she could have written her ticket to any practice. Her friends hold her in high regard, telling me that she is honest and hardworking. She kept her head down, earning cumulative grade point averages of 3.9 for her masters and 3.5 for her doctorate.

For a time, she was even featured on the homepage of Tufts’ vet school. She was a model final-year student.

Tufts didn’t see it that way.

Filler was called into a meeting on the main campus on August 22 where the university told her of an investigation. She had “no idea” about the specifics of the hacking allegations, she told me on a phone call, until October 18 when she was pulled out of her shift, still in her bloodied medical scrubs, to face the accusations from the ethics and grievance committee.

For three hours, she faced eight senior academics, including one who is said to be a victim of her alleged hacks. The allegations read like a court docket, but Filler said she went in knowing nothing that she could use to defend herself.

Tufts said she stole a librarian’s password to assign a mysteriously created user account, “Scott Shaw,” with a higher level of system and network access. Filler allegedly used it to look up faculty accounts and reset passwords by swapping out the email address to one she’s accused of controlling, or in some cases obtaining passwords and bypassing the school’s two-factor authentication system by exploiting a loophole that simply didn’t require a second security check, which the school has since fixed.

Tufts accused Filler of using this extensive system access to systematically log in as “Scott Shaw” to obtain answers for tests, taking the tests under her own account, said to be traced from either her computer — based off a unique identifier, known as a MAC address — and the network she allegedly used, either the campus’s wireless network or her off-campus residence. When her grades went up, sometimes other students’ grades went down, the school said.

In other cases, she’s alleged to have broken into the accounts of several assessors in order to alter existing grades or post entirely new ones.

Tiffany Filler, left, with her mother in a 2017 photo at Tufts University.

The bulk of the evidence came from Tufts’ IT department, which said each incident was “well supported” from log files and database records. The evidence pointed to her computer over a period of several months, the department told the committee.

“I thought due process was going to be followed,” said Filler, in a call. “I thought it was innocent until proven guilty until I was told ‘you’re guilty unless you can prove it.’”

Like any private university, Tufts can discipline — even expel — a student for almost any reason.

“Universities can operate like shadow criminal justice systems — without any of the protections or powers of a criminal court,” said Samantha Harris, vice president of policy research at FIRE, a rights group for America’s colleges and universities. “They’re without any of the due process protections for someone accused of something serious, and without any of the powers like subpoenas that you’d need to gather all of the technical evidence.”

Students face an uphill battle in defense of any charges of wrongdoing. As was the case with Filler, many students aren’t given time to prepare for hearings, have no right to an attorney, and are not given any or all of the evidence. Some of the broader charges, such as professional misconduct or ethical violations, are even harder to fight. Grade hacking is one such example — and one of the most serious offenses in academia. Where students have been expelled, many have also faced prosecution and the prospect of serving time in prison on federal computer hacking charges.

Harris reviewed documents we provided outlining the university’s allegations and Filler’s appeal.

“It’s troubling when I read her appeal,” said Harris. “It looks as though [the school has] a lot of information in their sole possession that she might try to use to prove her innocent, and she wasn’t given access to that evidence.”

Access to the university’s evidence, she said, was “critical” to due process protections that students should be given, especially when facing suspension or expulsion.

A month later, the committee served a unanimous vote that Filler was the hacker and recommended her expulsion.

– – –

A RAT in the room

What few facts Filler and Tufts could agree on is that there almost certainly was a hacker. They just disagreed on who the hacker was.

Struggling for answers and convinced her MacBook Air — the source of the alleged hacks — was itself compromised, she paid for someone through freelance marketplace Fiverr to scan her computer. Within minutes, several malicious files were found, chief among which were two remote access trojans — or RATs — commonly used by jilted or jealous lovers to spy on their exes’ webcams and remotely control their computers over the internet. The scan found two: Coldroot and CrossRAT. The former is easily deployed, and the other is highly advanced malware, said to be linked to the Lebanese government.

Evidence of a RAT might suggest someone had remote control of her computer without her knowledge. But existence of both on the same machine, experts say, is unlikely if not entirely implausible.

Thomas Reed, director of Mac and Mobile at Malwarebytes, the same software used to scan Filler’s computer, confirmed the detections but said there was no conclusive evidence to show the malware was functional.

“The Coldroot infection was just the app and was missing the launch daemon that would have been key to keeping it running,” said Reed.

Even if it were functional, how could the hacker have framed her? Could Filler have paid someone to hack her grades? If she paid someone to hack her grades, why implicate her — and potentially the hacker — by using her computer? Filler said she was not cautious about her own cybersecurity — insofar that she pinned her password to a corkboard in her room. Could this have been a stitch-up? Was someone in her house trying to frame her?

The landlord told me a staff resident at Tufts veterinary school, who has since left the house, “has bad feelings” and “anger” toward Filler. The former housemate may have motive but no discernible means. We reached out to the former housemate for comment but did not hear back, and therefore are not naming the person.

Filler took her computer to an Apple Store, claiming the “mouse was acting on its own and the green light for the camera started turning on,” she said. The support staff backed up her files but wiped her computer, along with any evidence of malicious software beyond a handful of screenshots she took as part of the dossier of evidence she submitted in her appeal.

It didn’t convince the grievance committee of possible malicious interference.

“Feedback from [IT] indicated that these issues with her computer were in no way related to the alleged allegations,” said Angie Warner, the committee’s acting chair, in an email we’ve seen, recommending Filler’s expulsion. Citing an unnamed IT staffer, the department claimed with “high degree of certainty” that it was “highly unlikely” that the grade changes were “performed by malicious software or persons without detailed and extensive hacking ability.”

Unable to prove who was behind the remote access malware — or even if it was active — she turned back to fighting her defense.

– – –

‘Why wait?’

It took more than a month before Filler would get the specific times of the alleged hacks, revealing down to the second when each breach happened

Filler thought she could convince the committee that she wasn’t the hacker, but later learned that the timings “did not factor” into the deliberations of the grievance committee, wrote Tufts’ veterinary school dean Joyce Knoll in an email dated December 21.

But Filler said she could in all but a handful of cases provide evidence showing that she was not at her computer.

In one of the first allegations of hacking, Filler was in a packed lecture room, with her laptop open, surrounded by her fellow vet school colleagues both besides and behind her. We spoke to several students who knew Filler — none wanted to be named for fear of retribution from Tufts — who wrote letters to testify in Filler’s defense.

All of the students we spoke to said they were never approached by Tufts to confirm or scrutinize their accounts. Two other classmates who saw Filler’s computer screen during the lecture told me they saw nothing suspicious — only her email or the lecture slides.

Another time Filler is accused of hacking, she was on rounds with other doctors, residents and students to discuss patients in their care. One student said Filler was “with the entire rotation group and the residents, without any access to a computer” for two hours.

For another accusation, Filler was out for dinner in a neighboring town. “She did not have her laptop with her,” said one of the fellow student who was with Filler at dinner. The other students sent letters to Tufts in her defense. Tufts said on that occasion, her computer — eight miles away from the restaurant — was allegedly used to access another staff member’s login and tried to bypass the two-factor authentication, using an iPhone 5S, a model Filler doesn’t own. Filler has an iPhone 6. (We asked an IT systems administrator at another company about Duo audit logs: They said if a device not enrolled with Duo tried to enter a valid username and password but couldn’t get past the two-factor prompt, the administrator would only see the device’s software version and not see the device type. A Duo spokesperson confirmed that the system does not collect device names.)

Filler, who wears a Xiaomi fitness and sleep tracker, said the tracker’s records showed she was asleep in most, but not all of the times she’s accused of hacking. She allowed TechCrunch to access the data in her cloud-stored account, which confirmed her accounts.

The list of accusations included a flurry of activity from her computer at her residence, Tufts said took place between 1am and 2am on June 27, 2018 — during which her fitness tracker shows she was asleep — and from 5:30 p.m. and 6:30 p.m. on June 28, 2018.

But Filler was 70 miles away visiting the Mark Twain House in neighboring Hartford, Connecticut. She took two photos of her visit — one of her in the house, and another of her standing outside.

We asked Jake Williams, a former NSA hacker who founded cybersecurity and digital forensics firm Rendition Infosec, to examine the metadata embedded in the photos. The photos, taken from her iPhone, contained a matching date and time for the alleged hack, as well as a set of coordinates putting her at the Mark Twain House.

While photo metadata can be modified, Williams said the signs he expected to see for metadata modification weren’t there. “There is no evidence that these were modified,” he said.

Yet none of it was good enough to keep her enrolled at Tufts. In a letter on January 16 affirming her expulsion, Knoll rejected the evidence.

“Date stamps are easy to edit,” said Knoll. “In fact, the photos you shared with me clearly include an ‘edit’ button in the upper corner for this exact purpose,” she wrote, referring to the iPhone software’s native photo editing feature. “Why wait until after you’d been informed that you were going to be expelled to show me months’ old photos?” she said.

“My decision is final,” said her letter. Filler was expelled.

Filler’s final expulsion letter. (Image: supplied)

– – –

The little things

Filler is back home in Toronto. As her class is preparing to graduate without her in May, Tufts has already emailed her to begin reclaiming her loans.

News of Filler’s expulsion was not unexpected given the drawn-out length of the investigation, but many were stunned by the result, according to the students we spoke to. From the time of the initial investigation, many believed Filler would not escape the trap of “guilty until proven innocent.”

“I do not believe Tiffany received fair treatment,” said one student. “As a private institution, it seems like we have few protections [or] ways of recourse. If they could do this to Tiffany, they could do it to any of us.”

TechCrunch sent Tufts a list of 19 questions prior to publication — including if the university hired qualified forensics specialists to investigate, and if law enforcement was contacted and whether the school plans to press criminal charges for the alleged hacking.

“Due to student privacy concerns, we are not able to discuss disciplinary matters involving any current or former student of Cummings School of Veterinary Medicine at Tufts University,” said Tara Pettinato, a Tufts spokesperson. “We take seriously our responsibility to ensure our students’ privacy, to maintain the highest standards of academic integrity, and to adhere to our policies and processes, which are designed to be fair and equitable to all students.”

We asked if the university would answer our questions if Filler waived her right to privacy. The spokesperson said the school “is obligated to follow federal law and its own standards and practices relating to privacy,” and would not discuss disciplinary matters involving any current or former student.

The spokesperson declined to comment further.

But even the little things don’t add up.

Tufts never said how it obtained her IP address. Her landlord told me Tufts never asked for it, let alone confirmed it was accurate. Courts have thrown out cases that rely on them as evidence when others share the same network. MAC addresses can identify devices but can be easily spoofed. Filler owns an iPhone 6, not an iPhone 5S, as claimed by Tufts. And her computer name was different to what Tufts said.

And how did she allegedly get access to the “Scott Shaw” password in the first place?

Warner, the committee chair, said in a letter that the school “does not know” how the initial librarian’s account was compromised, and that it was “irrelevant” if Filler even created the “Scott Shaw” account.

Many accounts were breached as part of this apparent elaborate scheme to alter grades, but there is no evidence Tufts hired any forensics experts to investigate. Did the IT department investigate with an inherent confirmation bias to try to find evidence that connected Filler’s account with the suspicious activity, or were the allegations constructed after Filler was identified as a suspect? And why did the university take months from the first alleged hack to move to protect user accounts with two-factor authentication, and not sooner?

“The data they are looking at doesn’t support the conclusions they’ve drawn,” said Williams, following his analysis of the case. “It’s entirely possible that the data they’re relying on — is far from normal or necessary burdens of evidence that you would use for an adverse action like this.

“They did DIY forensics,” he continued. “And they opened themselves up to legal exposure by doing the investigation themselves.”

Not every story has a clear ending. This is one of them. As much as you would want answers reading this far into the story, we do, too.

But we know two things for certain. First, Tufts expelled a student months before she was set to graduate based on a broken system of academic-led, non-technical committees forced to rely on weak evidence from IT technicians who had discernible qualifications in digital forensics. And second, it doesn’t have to say why.

Or as one student said: “We got her side of the story, and Tufts was not transparent.”

Extra Crunch members — join our conference call on Tuesday, March 12 at 11AM PST / 2PM EST with host Zack Whittaker. He’ll discuss the story’s developments and take your questions. Not a member yet? Learn more about Extra Crunch and try it free.

Read more on TechCrunch:

News Source = techcrunch.com

1 2 3 61
Go to Top