Tech Brew Ride Home - Mon. 07/19 – NSO Group (Allegedly) Pwning Everyone

Episode Date: July 19, 2021

The NSO Group is back in the headlines, and it’s maybe, the worst allegations of hacking for hire yet. The US and NATO blame China for the Exchange Server hacks. Does iOS now split the market with A...ndroid, at least in the US? And is Tesla charging customers for hardware they already paid for? Sponsors: Streak.com/techmeme TinyCapital.com Links: Private Israeli spyware used to hack cellphones journalists, activists worldwide (Washington Post) U.S. and key allies accuse China of Microsoft Exchange cyberattacks (Axios) Zoom is buying cloud contact center provider Five9 for $14.7 billion (CNBC) CIRP: iPhone catches up to Android, now accounts for 50% of new smartphone activations in the US (9to5Mac) Tesla is charging owners $1,500 for hardware they already paid for (Electrek) Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcript
Discussion (0)
Starting point is 00:00:00 On April 4th, 2023, around 2 in the morning, a man was found stabbed multiple times on a sidewalk in downtown San Francisco. Hey, who did this to you? What happened next turned the story into a political firestorm. Reports have identified the victim as Bob Lee, the founder of Cash App. From Bloomberg Podcasts, this is Foundering, the Killing of Bob Lee, beginning April 16. Welcome to the Tech meme right home for Monday, July 19th, 2021. I'm Brian McCullough today. The NSO Group is back in the headlines, and it's maybe the worst allegations of hacking for hire yet. The U.S. and NATO blamed China for the exchange server hacks. Does iOS now split the market with Android, at least in the U.S., and is Tesla charging customers for hardware they already paid for? Here's what you missed today in the world of tech. Do you remember that NSO Group, the Israeli security company that allegedly sells the ability to hack into phones, including iPhones of prominent people, especially people that various governments might want to keep track of? Stories pop up about NGO group every six months or so.
Starting point is 00:01:21 And, well, once again, get this, quoting the Washington Post. Military-grade spyware licensed by an Israeli firm to governments for tracking terrorists and criminals was used in attempted. and successful hacks of 37 smartphones belonging to journalists, human rights activists, business executives, and two women close to murdered Saudi journalist Jamal Khashoggi, according to an investigation by The Washington Post, and 16 media partners. The phones appeared on a list of more than 50,000 numbers that are concentrated in countries known to engage in surveillance of their citizens and also known to have been clients of the Israeli firm NSO Group, a worldwide leader in the growing and largely unregulated private spyware
Starting point is 00:02:00 industry the investigation found. The list does not identify who put the numbers on it or why, and it is unknown how many of the phones were targeted or surveilled. But forensic analysis of the 37 smartphones shows that many display a tight correlation between timestamps associated with a number on the list and the initiation of surveillance in some cases as brief as a few seconds. Forbidden stories, a Paris-based journalism nonprofit and Amnesty International, a human rights group, had access to the list and shared it with the news organizations which did further research and analysis. Amnesty's Security Lab did the forensic analysis on the smartphones. The numbers on the list are unattributed, but reporters were able to identify more than a thousand
Starting point is 00:02:41 people spanning more than 50 countries through research and interviews on four continents. Several Arab royal family members, at least 65 business executives, 85 human rights activists, 189 journalists, and more than 600 politicians and government officials, including cabinet ministers, diplomats, and military. military and security officials. The numbers of several heads of state and prime ministers also appeared on the list. Among the journalists whose numbers appear on the list, which dates to 2016, are reporters working overseas for several leading news organizations, including a small number from CNN, the Associated Press, Voice of America, the New York Times, the Wall Street Journal, Bloomberg News, Le Mans in France,
Starting point is 00:03:20 the Financial Times in London and Al Jazeera in Qatar. The targeting of the 37 smartphones would appear to conflict with the stated purpose of NSO's licensing of its Pegasus spyware, which the company says is intended only for use in surveilling terrorists and major criminals. The evidence extracted from the smartphones revealed here for the first time, calls into question pledges by the Israeli company to police its clients for human rights abuses, end quote. Of the 67 phones, Amnesty's security lab probed, 34 were iPhones, of which 23 showed signs of a successful Pegasus infection, and 11 showed attempts at infection. So again, it's always news when an iPhone can be demonstrated to be hackable, but wait, there's more. Is there a zero-click
Starting point is 00:04:06 iMessage exploit out there, too? Quoting from a different piece in the post, quote, the investigation found that iMessage, the built-in messaging app that allows seamless chatting among iPhone users played a role in 13 of the 23 successful infiltrations of iPhones. IMessage was also the motive attack in six of the 11 failed attempts, Amnesty Security Lab identified through its forensic examinations. One reason that iMessage has become a vector for attack, security researchers say, is that the app has gradually added features, which inevitably creates more potential vulnerabilities. They can't make iMessage safe, said Matthew Green, a security and cryptology professor at Johns Hopkins University. I'm not saying it can't be fixed, but it's pretty bad, end quote.
Starting point is 00:04:47 One key issue. IMessage lets strangers send iPhone users messages without any warning to or approval from the recipient, a feature that makes it easier for hackers to take the first step. toward infection without detection. Security researchers have warned about this weakness for years. Quote, your iPhone and a billion other Apple devices out of the box automatically run famously insecure software to preview eye messages. Whether you trust the sender or not, said security researcher Bill Markzak, a fellow at Citizen Lab, a research institute based at the University of Toronto's Monk School of Global Affairs and Public Policy. Quote, any computer security 101 student could spot the flaw here, end quote. Indeed, let me quote from a Markzac
Starting point is 00:05:27 Twitter thread, quote, Amnesty Tech saw an iOS 14.6 device hacked with a zero-click I-message exploit to install Pegasus. We at Citizen Lab also saw 14.6 device hacks with a zero-click eye-mess exploit to install Pegasus. All this indicates that NSO Group can break into the latest iPhones. Also indicates that Apple has a major blinking red five-alarm fire problem with iMessage security that their blast door framework introduced in iOS 14 to make zero-click exploitation more difficult ain't solving. As Amnesty Tech observed, and we at Citizen Lab can confirm, NSO Group's Pegasus SpyWare delivered via zero-click exploits is no longer persistent in the strict sense of the word, i.e. doesn't come back when you reboot. Persistence is achieved via firing the
Starting point is 00:06:16 zero-click again. Because the zero-clicks they're using appear to be quite reliable, the lack of traditional persistence is a feature, not a drawback of the spyware. It makes the spyware more nimble and prevents recovery of the good stuff, i.e. the spyware and exploits from forensic analysis, end quote. I could go on and on here because also apps like Signal or WhatsApp will not help you, apparently, with this exploit. And since potential targets of surveillance included journalists from every major publication basically in the Western world. If you're a dissident or just anyone who is maybe of interest to your government and you spoke to a journalist basically anywhere in the last year, don't assume your conversation was private. What does this mean? Well,
Starting point is 00:07:03 this is Elise Jordan from NBC News. Quote, this is a huge story. Reporters ranging from local freelancers such as the Mexican journalist Cecilia Pineda Berto, who was murdered by a attackers armed with guns one month after his phone was selected through to prize-winning investigative reporters, editors, and executives, end quote. Edward Snowden tweeted this, quote, The Israeli company behind this, the NSO group should bear direct criminal liability for the deaths and detentions of those targeted by the digital infection vectors itself, which have no legitimate use, end quote.
Starting point is 00:07:44 Meanwhile, the U.S., NATO, and other allies have come out with a statement, collectively blaming China for various malicious cyber attacks, including the march attack that exploited a flaw in Microsoft's Exchange server, quoting Axios. It's the first time that NATO, a military alliance founded in 1949 to confront the Soviet Union, has signed onto a formal condemnation of China's cyber activities. Authorities are detailing more than 50 different techniques that Chinese state-sponsored actors used and offering up recommended mitigations that businesses and organizations can take. The U.S., NATO, European Union, UK, Australia, Canada, New Zealand, and Japan say they can now, quote, with high confidence, end quote, attribute the march attack
Starting point is 00:08:28 using the exchange flaw to cyber attackers affiliated with China's state security ministry. That attack crippled thousands of computers around the world. The U.S. says it has raised the concerns with Chinese authorities and said it hasn't ruled out a further response, but also caution that no one action is likely to deter China, end quote. real quick, Robin Hood's appended filing is out, so I can tell you that the company is looking to raise as much as $2.3 billion in its upcoming IPO has set a range of $38 to $42 per share, which gives it a valuation as high as $35 billion, if all goes well. Robin Hood's last private market valuation in September was $11.7 billion. There was a time when all
Starting point is 00:09:26 all eyes were on Zoom to see if they could be more than a lockdown times, one-hit wonder, if they could evolve into a larger platform for work. While attention has largely moved on, Zoom has apparently been working hard in the background because, as the company said this morning, it is acquiring 5-9, which makes cloud-based call center software for sales marketing and support in an all-stock deal valued at $14.7 billion. Gee, when your stock appreciates, that can be quite valuable currency, can it? Quoting CNBC. The deal marks Zoom's first billion dollar acquisition and comes as the company prepares for a post-pandemic world with employees returning to the office. It's the second biggest U.S. tech deal this year behind Microsoft's planned $16 billion purchase of nuanced communications,
Starting point is 00:10:17 according to Factset. We are continuously looking for ways to enhance our platform and the edition of 59 is a natural fit that will deliver even more happiness and value to our customers, said Zoom CEO Eric Yuan in a press release. 59 closed on Friday with a market cap of $11.9 billion or $177.60 a share. Zoom said 59 stockholders will receive 0.5533 shares of Zoom video communications for every 59 share. That values $5.9 at $228 a share, a 13% premium and represents about 14% of Zoom's market cap of close to $107 billion. After expanding revenue by 326% in 2020, Zoom faces a natural slowdown,
Starting point is 00:10:59 especially as companies reopen while face-to-face meetings resume. While the company has launched new products to reckon with coming changes to its business, it's now so big that organic growth alone is unlikely to satisfy Wall Street. It also needs new revenue sources as Microsoft ramps up competition in video chat with Teams. Zoom's stock price jumped almost 400% last year, though it's dropped 36% since reaching its peak in October, end quote. This is probably worth noting, wouldn't you say? According to a new research note, iOS now, quote, splits the market with Android, at least in the U.S. after iOS and Android each accounted for 50% of new U.S. smartphone activations
Starting point is 00:11:43 in Q2 of 2021, quoting 9 to 5 Mac. A new report today from analysts at Consumer Intelligence Research Partners, CIRP, details the that Apple and Google are nearing parity in terms of new smartphone buyers in the United States. CIRP estimates that for customers that acquired a new phone in the year ending this quarter, Google Android and Apple iOS each had 50% of the new activations, the analysts say. This represents a significant victory for Apple, which has generally lagged behind Android in terms of smartphone activations. For the past several years, Android has generally secured 60% of new smartphone
Starting point is 00:12:19 activations in the United States compared to 40% for iOS. In the second calendar quarter of 2021, however, Apple closed the gap and now splits the market with Android. Mike Levin, CIRP co-founder, explained that this largely comes down to loyalty and switching to areas where iOS has dominated Android over recent years. Quote, loyalty and switching helped explain some of the change in share of new phone activations with iOS gaining loyalty in a market with minimal switching. In the most recent quarter, Apple had an edge in loyalty with 93% of prior iPhone owners upgrading to a new iPhone, compared to 88% of Android owners staying with Android. Over several years, iOS gained about 5 percentage points in loyalty while Android remained flat. This allowed Apple to steadily increase the iOS share of new smartphone activations, end quote. Finally today, I'm not quite sure how to sum this up other than to say, is Tesla charging owners $1,500 for hardware that they have?
Starting point is 00:13:24 already paid for? Quoting Electric. This weekend, Tesla started offering their long-awaited full self-driving subscription package for $199 a month. Along with the package, Tesla is offering a $1,500 hardware upgrade for early owners who have old hardware that is not capable of full self-driving tasks. The problem is Tesla previously told those same owners that their cars were capable of full self-driving tasks and isn't allowing those owners to take advantage of the new subscription scheme without paying again for a hardware upgrade that they already paid for. All Tesla's currently come with basic autopilot, a slate of driver assist and safety features. These include automatic lanekeeping, traffic aware, cruise control, and other standard safety
Starting point is 00:14:05 features like emergency brake assist. These can help reduce the stress, particularly of highway driving, and enhance the safety of the vehicle. The full self-driving package takes this further and adds other driver assist features that allow the car to make more decisions on its own. These include navigate on autopilot, auto lane change, auto park, and summon, traffic light, and stop signal control. Eventually, this package will offer full autonomy, but the software is not there yet and still requires driver attention at all times. The much-awaited subscription scheme offers a lower barrier to entry. Tesla owners with cars from late 2016 to mid-2019 might want to try out the software and see what it can do, especially since it has improved since they
Starting point is 00:14:46 purchase their car. Maybe they don't know if they'd like it enough to want to spend $10,000, or maybe they don't think they'll have the car long enough to make it worthwhile, any number of reasons. But to get that subscription, Tesla is demanding that those owners pay $1,500 up front for the hardware upgrade that was previously given to all full self-driving purchasers for free. Remember, this is an upgrade that all Tesla owners since late 2016 already paid for by purchasing a vehicle that Tesla said included full self-driving hardware. As this information has percolated through Tesla forums and by word of mouth, many owners are showing their anger with Tesla over the changes. We've received several tips and messages and read lots of furious comments over this
Starting point is 00:15:27 change, with some comments even calling for legal action. This isn't the first time Tesla has broken a promise to early customers. Tesla told early customers that prices would gradually rise for self-driving capabilities and to lock in their price now before it goes up. Then, before for any self-driving features actually rolled out, Tesla pulled a bait-and-switch and lowered the price, despite the software never having been delivered yet at that time. Some might say this is analogous to buying a product that later dropped in price, but the difference is that the early purchasers here gained no benefit from owning the software early since the software didn't do anything yet at the time. Tesla also recently broke a promise with Tesla's solar roof customers,
Starting point is 00:16:05 hiking prices on already signed contracts after stringing along those early customers for a year or more about solar roof availability. This sort of thing seems to happen a lot with Tesla. In fact, even before the aforementioned events, many early Model 3 owners purchased their vehicles with full self-driving, even though the software didn't do anything yet because they thought doing so would obligate Tesla to upgrade their computers for free if they later found out the hardware was not capable enough. So this sort of behavior is common enough from Tesla that, Many owners anticipated this happening years in advance, end quote. Nothing for you today.
Starting point is 00:16:46 I'm off to get a haircut. Talk to you tomorrow.

There aren't comments yet for this episode. Click on any sentence in the transcript to leave a comment.