Tech Brew Ride Home - Mon. 07/19 – NSO Group (Allegedly) Pwning Everyone
Episode Date: July 19, 2021The NSO Group is back in the headlines, and it’s maybe, the worst allegations of hacking for hire yet. The US and NATO blame China for the Exchange Server hacks. Does iOS now split the market with A...ndroid, at least in the US? And is Tesla charging customers for hardware they already paid for? Sponsors: Streak.com/techmeme TinyCapital.com Links: Private Israeli spyware used to hack cellphones journalists, activists worldwide (Washington Post) U.S. and key allies accuse China of Microsoft Exchange cyberattacks (Axios) Zoom is buying cloud contact center provider Five9 for $14.7 billion (CNBC) CIRP: iPhone catches up to Android, now accounts for 50% of new smartphone activations in the US (9to5Mac) Tesla is charging owners $1,500 for hardware they already paid for (Electrek) Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
On April 4th, 2023, around 2 in the morning, a man was found stabbed multiple times on a sidewalk in downtown San Francisco.
Hey, who did this to you?
What happened next turned the story into a political firestorm.
Reports have identified the victim as Bob Lee, the founder of Cash App.
From Bloomberg Podcasts, this is Foundering, the Killing of Bob Lee, beginning April 16.
Welcome to the Tech meme right home for Monday, July 19th, 2021. I'm Brian McCullough today. The NSO Group is back in the headlines, and it's maybe the worst allegations of hacking for hire yet. The U.S. and NATO blamed China for the exchange server hacks. Does iOS now split the market with Android, at least in the U.S., and is Tesla charging customers for hardware they already paid for? Here's what you missed today in the world of tech.
Do you remember that NSO Group, the Israeli security company that allegedly sells the ability to hack into phones, including iPhones of prominent people, especially people that various governments might want to keep track of?
Stories pop up about NGO group every six months or so.
And, well, once again, get this, quoting the Washington Post.
Military-grade spyware licensed by an Israeli firm to governments for tracking terrorists and criminals was used in attempted.
and successful hacks of 37 smartphones belonging to journalists, human rights activists,
business executives, and two women close to murdered Saudi journalist Jamal Khashoggi,
according to an investigation by The Washington Post, and 16 media partners.
The phones appeared on a list of more than 50,000 numbers that are concentrated in countries
known to engage in surveillance of their citizens and also known to have been clients of the
Israeli firm NSO Group, a worldwide leader in the growing and largely unregulated private spyware
industry the investigation found. The list does not identify who put the numbers on it or why, and it is
unknown how many of the phones were targeted or surveilled. But forensic analysis of the 37 smartphones
shows that many display a tight correlation between timestamps associated with a number on the list
and the initiation of surveillance in some cases as brief as a few seconds. Forbidden stories,
a Paris-based journalism nonprofit and Amnesty International, a human rights group, had access to the list
and shared it with the news organizations which did further research and analysis.
Amnesty's Security Lab did the forensic analysis on the smartphones.
The numbers on the list are unattributed, but reporters were able to identify more than a thousand
people spanning more than 50 countries through research and interviews on four continents.
Several Arab royal family members, at least 65 business executives, 85 human rights activists,
189 journalists, and more than 600 politicians and government officials,
including cabinet ministers, diplomats, and military.
military and security officials. The numbers of several heads of state and prime ministers also appeared on the
list. Among the journalists whose numbers appear on the list, which dates to 2016, are reporters working
overseas for several leading news organizations, including a small number from CNN, the Associated
Press, Voice of America, the New York Times, the Wall Street Journal, Bloomberg News, Le Mans in France,
the Financial Times in London and Al Jazeera in Qatar. The targeting of the 37 smartphones
would appear to conflict with the stated purpose of NSO's licensing of
its Pegasus spyware, which the company says is intended only for use in surveilling terrorists and
major criminals. The evidence extracted from the smartphones revealed here for the first time,
calls into question pledges by the Israeli company to police its clients for human rights abuses,
end quote. Of the 67 phones, Amnesty's security lab probed, 34 were iPhones, of which 23 showed signs
of a successful Pegasus infection, and 11 showed attempts at infection. So again, it's always
news when an iPhone can be demonstrated to be hackable, but wait, there's more. Is there a zero-click
iMessage exploit out there, too? Quoting from a different piece in the post, quote,
the investigation found that iMessage, the built-in messaging app that allows seamless chatting among
iPhone users played a role in 13 of the 23 successful infiltrations of iPhones. IMessage was also the
motive attack in six of the 11 failed attempts, Amnesty Security Lab identified through its forensic
examinations. One reason that iMessage has become a vector for attack, security researchers say,
is that the app has gradually added features, which inevitably creates more potential vulnerabilities.
They can't make iMessage safe, said Matthew Green, a security and cryptology professor at Johns
Hopkins University. I'm not saying it can't be fixed, but it's pretty bad, end quote.
One key issue. IMessage lets strangers send iPhone users messages without any warning to or approval
from the recipient, a feature that makes it easier for hackers to take the first step.
toward infection without detection. Security researchers have warned about this weakness for years.
Quote, your iPhone and a billion other Apple devices out of the box automatically run
famously insecure software to preview eye messages. Whether you trust the sender or not, said
security researcher Bill Markzak, a fellow at Citizen Lab, a research institute based at the
University of Toronto's Monk School of Global Affairs and Public Policy. Quote, any computer
security 101 student could spot the flaw here, end quote. Indeed, let me quote from a Markzac
Twitter thread, quote, Amnesty Tech saw an iOS 14.6 device hacked with a zero-click I-message
exploit to install Pegasus. We at Citizen Lab also saw 14.6 device hacks with a zero-click
eye-mess exploit to install Pegasus. All this indicates that NSO Group can break into the latest
iPhones. Also indicates that Apple has a major blinking red five-alarm fire problem with
iMessage security that their blast door framework introduced in iOS 14 to make zero-click
exploitation more difficult ain't solving. As Amnesty Tech observed, and we at Citizen Lab can confirm,
NSO Group's Pegasus SpyWare delivered via zero-click exploits is no longer persistent in the strict
sense of the word, i.e. doesn't come back when you reboot. Persistence is achieved via firing the
zero-click again. Because the zero-clicks they're using appear to be quite reliable, the lack of
traditional persistence is a feature, not a drawback of the spyware. It makes the spyware more
nimble and prevents recovery of the good stuff, i.e. the spyware and exploits from forensic analysis,
end quote. I could go on and on here because also apps like Signal or WhatsApp will not
help you, apparently, with this exploit. And since potential targets of surveillance included
journalists from every major publication basically in the Western world. If you're a dissident or just
anyone who is maybe of interest to your government and you spoke to a journalist basically anywhere
in the last year, don't assume your conversation was private. What does this mean? Well,
this is Elise Jordan from NBC News. Quote, this is a huge story. Reporters ranging from local
freelancers such as the Mexican journalist Cecilia Pineda Berto, who was murdered by a
attackers armed with guns one month after his phone was selected through to prize-winning investigative
reporters, editors, and executives, end quote.
Edward Snowden tweeted this, quote,
The Israeli company behind this, the NSO group should bear direct criminal liability for the
deaths and detentions of those targeted by the digital infection vectors itself, which have
no legitimate use, end quote.
Meanwhile, the U.S., NATO, and other allies have come out with a statement,
collectively blaming China for various malicious cyber attacks, including the march attack that
exploited a flaw in Microsoft's Exchange server, quoting Axios. It's the first time that NATO,
a military alliance founded in 1949 to confront the Soviet Union, has signed onto a formal
condemnation of China's cyber activities. Authorities are detailing more than 50 different techniques
that Chinese state-sponsored actors used and offering up recommended mitigations that businesses and
organizations can take. The U.S., NATO, European Union, UK, Australia, Canada, New Zealand,
and Japan say they can now, quote, with high confidence, end quote, attribute the march attack
using the exchange flaw to cyber attackers affiliated with China's state security ministry.
That attack crippled thousands of computers around the world. The U.S. says it has raised
the concerns with Chinese authorities and said it hasn't ruled out a further response,
but also caution that no one action is likely to deter China, end quote.
real quick, Robin Hood's appended filing is out, so I can tell you that the company is looking to raise
as much as $2.3 billion in its upcoming IPO has set a range of $38 to $42 per share, which gives it a
valuation as high as $35 billion, if all goes well. Robin Hood's last private market
valuation in September was $11.7 billion. There was a time when all
all eyes were on Zoom to see if they could be more than a lockdown times, one-hit wonder, if they could
evolve into a larger platform for work. While attention has largely moved on, Zoom has apparently
been working hard in the background because, as the company said this morning, it is acquiring
5-9, which makes cloud-based call center software for sales marketing and support in an all-stock deal
valued at $14.7 billion. Gee, when your stock appreciates, that can be quite valuable currency,
can it? Quoting CNBC. The deal marks Zoom's first billion dollar acquisition and comes as the company
prepares for a post-pandemic world with employees returning to the office. It's the second biggest
U.S. tech deal this year behind Microsoft's planned $16 billion purchase of nuanced communications,
according to Factset. We are continuously looking for ways to enhance our platform and the
edition of 59 is a natural fit that will deliver even more happiness and value to our customers,
said Zoom CEO Eric Yuan in a press release.
59 closed on Friday with a market cap of $11.9 billion or $177.60 a share.
Zoom said 59 stockholders will receive 0.5533 shares of Zoom video communications for every
59 share.
That values $5.9 at $228 a share, a 13% premium and represents about 14% of Zoom's market
cap of close to $107 billion. After expanding revenue by 326% in 2020, Zoom faces a natural slowdown,
especially as companies reopen while face-to-face meetings resume. While the company has launched
new products to reckon with coming changes to its business, it's now so big that organic
growth alone is unlikely to satisfy Wall Street. It also needs new revenue sources as Microsoft ramps up
competition in video chat with Teams. Zoom's stock price jumped almost 400% last year, though it's
dropped 36% since reaching its peak in October, end quote.
This is probably worth noting, wouldn't you say?
According to a new research note, iOS now, quote, splits the market with Android, at least
in the U.S. after iOS and Android each accounted for 50% of new U.S. smartphone activations
in Q2 of 2021, quoting 9 to 5 Mac.
A new report today from analysts at Consumer Intelligence Research Partners, CIRP, details the
that Apple and Google are nearing parity in terms of new smartphone buyers in the United States.
CIRP estimates that for customers that acquired a new phone in the year ending this quarter,
Google Android and Apple iOS each had 50% of the new activations, the analysts say.
This represents a significant victory for Apple,
which has generally lagged behind Android in terms of smartphone activations.
For the past several years, Android has generally secured 60% of new smartphone
activations in the United States compared to 40% for iOS.
In the second calendar quarter of 2021, however, Apple closed the gap and now splits the market with Android.
Mike Levin, CIRP co-founder, explained that this largely comes down to loyalty and switching to areas where iOS has dominated Android over recent years.
Quote, loyalty and switching helped explain some of the change in share of new phone activations with iOS gaining loyalty in a market with minimal switching.
In the most recent quarter, Apple had an edge in loyalty with 93% of prior iPhone owners upgrading to a new iPhone, compared to 88% of Android owners staying with Android.
Over several years, iOS gained about 5 percentage points in loyalty while Android remained flat.
This allowed Apple to steadily increase the iOS share of new smartphone activations, end quote.
Finally today, I'm not quite sure how to sum this up other than to say, is Tesla charging owners $1,500 for hardware that they have?
already paid for? Quoting Electric. This weekend, Tesla started offering their long-awaited
full self-driving subscription package for $199 a month. Along with the package, Tesla is offering
a $1,500 hardware upgrade for early owners who have old hardware that is not capable of full
self-driving tasks. The problem is Tesla previously told those same owners that their cars were
capable of full self-driving tasks and isn't allowing those owners to take advantage of the new
subscription scheme without paying again for a hardware upgrade that they already paid for.
All Tesla's currently come with basic autopilot, a slate of driver assist and safety features.
These include automatic lanekeeping, traffic aware, cruise control, and other standard safety
features like emergency brake assist. These can help reduce the stress, particularly of highway
driving, and enhance the safety of the vehicle. The full self-driving package takes this further
and adds other driver assist features that allow the car to make more decisions on its own. These
include navigate on autopilot, auto lane change, auto park, and summon, traffic light,
and stop signal control. Eventually, this package will offer full autonomy, but the software is not
there yet and still requires driver attention at all times. The much-awaited subscription scheme
offers a lower barrier to entry. Tesla owners with cars from late 2016 to mid-2019 might want
to try out the software and see what it can do, especially since it has improved since they
purchase their car. Maybe they don't know if they'd like it enough to want to spend $10,000,
or maybe they don't think they'll have the car long enough to make it worthwhile, any number of
reasons. But to get that subscription, Tesla is demanding that those owners pay $1,500 up front for
the hardware upgrade that was previously given to all full self-driving purchasers for free.
Remember, this is an upgrade that all Tesla owners since late 2016 already paid for by
purchasing a vehicle that Tesla said included full self-driving hardware. As this information has
percolated through Tesla forums and by word of mouth, many owners are showing their anger with Tesla
over the changes. We've received several tips and messages and read lots of furious comments over this
change, with some comments even calling for legal action. This isn't the first time Tesla has broken
a promise to early customers. Tesla told early customers that prices would gradually rise for
self-driving capabilities and to lock in their price now before it goes up. Then, before
for any self-driving features actually rolled out, Tesla pulled a bait-and-switch and lowered the price,
despite the software never having been delivered yet at that time. Some might say this is
analogous to buying a product that later dropped in price, but the difference is that the early
purchasers here gained no benefit from owning the software early since the software didn't do
anything yet at the time. Tesla also recently broke a promise with Tesla's solar roof customers,
hiking prices on already signed contracts after stringing along those early customers for a year or more about solar roof availability.
This sort of thing seems to happen a lot with Tesla.
In fact, even before the aforementioned events, many early Model 3 owners purchased their vehicles with full self-driving,
even though the software didn't do anything yet because they thought doing so would obligate Tesla to upgrade their computers for free
if they later found out the hardware was not capable enough.
So this sort of behavior is common enough from Tesla that,
Many owners anticipated this happening years in advance, end quote.
Nothing for you today.
I'm off to get a haircut.
Talk to you tomorrow.
