• Exploiting vulnerabilities in #Cellebrite UFED and Physical Analyzer from an app’s perspective

    By a truly unbelievable coincidence, I was recently out for a walk when I saw a small package fall off a truck ahead of me. As I got closer, the dull enterprise typeface slowly came into focus: Cellebrite. Inside, we found the latest versions of the Cellebrite software, a hardware dongle designed to prevent piracy (tells you something about their customers I guess!), and a bizarrely large number of cable adapters.

    #signal #arroseur_arrosé

  • U.S. cybersecurity firm FireEye discloses breach, theft of hacking tools

    FireEye, one of the largest cybersecurity companies in the United States, said on Tuesday that it had been hacked, likely by a government, and that an arsenal of hacking tools used to test the defenses of its clients had been stolen. The hack of FireEye, a company with an array of contracts across the national security space both in the United States and its allies, is among the most significant breaches in recent memory. The company’s shares dropped 8% in after-hours trading. The FireEye (...)

    #spyware #hacking


  • Important : en avril 2015, la stratégie des Démocrates est de promouvoir un épouvantail extrémiste à droite pour obtenir la victoire finale de Clinton :

    expédié dans ce mail :

    This memo is intended to outline the strategy and goals a potential Hillary Clinton presidential campaign would have regarding the 2016 Republican presidential field. Clearly most of what is contained in this memo is work the DNC is already doing. This exercise is intended to put those ideas to paper.

    Our Goals & Strategy

    Our hope is that the goal of a potential HRC campaign and the DNC would be one-in-the-same: to make whomever the Republicans nominate unpalatable to a majority of the electorate. We have outlined three strategies to obtain our goal:

    1) Force all Republican candidates to lock themselves into extreme conservative positions that will hurt them in a general election;

    2) Undermine any credibility/trust Republican presidential candidates have to make inroads to our coalition or independents;

    3) Muddy the waters on any potential attack lodged against HRC.

    Operationalizing the Strategy

    Pied Piper Candidates

    There are two ways to approach the strategies mentioned above. The first is to use the field as a whole to inflict damage on itself similar to what happened to Mitt Romney in 2012. The variety of candidates is a positive here, and many of the lesser known can serve as a cudgel to move the more established candidates further to the right. In this scenario, we don’t want to marginalize the more extreme candidates, but make them more “Pied Piper” candidates who actually represent the mainstream of the Republican Party. Pied Piper candidates include, but aren’t limited to:

    • Ted Cruz
    • Donald Trump
    • Ben Carson

    We need to be elevating the Pied Piper candidates so that they are leaders of the pack and tell the press to them seriously.

  • Comment Sarkozy a-t-il pu se laisser écouter ?

    Dates/Horaires de Diffusion : 12 Mars, 2014 - 08:45 - 08:50

    Au début de Conversation Secrète, Francis Ford Coppola filme un couple qui déambule sur une place. C’est l’heure du déjeuner, il y a beaucoup de monde, les gens parlent, rient, font du bruit, un groupe joue de la musique. Au milieu de tout cela, le couple parle bas, et ne cesse de se déplacer, manifestement l’homme et la femme se savent surveillés. Pourtant, le personnage principal du film, joué par Gene Hackman, et son équipe, réussissent à enregistrer et à décrypter la conversation. Grâce à plusieurs micros, disposés en plusieurs en lieux - micros aux portés différentes, et au filtrage différents - grâce à un gros travail sur les bandes, la conversation de ce couple prudent est recomposée, s’éclaire, et donne son argument à la suite du film. Ce que nous dit Coppola, et ce qu’incarne le génie de l’écoute qu’est le personnage de Gene Hackman, c’est qu’il n’y a pas à pas de conversation secrète, qu’il n’y a plus de conversation secrète.


  • NSA recruitment drive goes horribly wrong | World news | guardian.co.uk

    On Tuesday, the National Security Agency called at the University of Wisconsin on a recruitment drive.

    Attending the session was Madiha R Tahir, a journalist studying a language course at the university. She asked the squirming recruiters a few uncomfortable questions about the activities of NSA: which countries the agency considers to be “adversaries”, and if being a good liar is a qualification for getting a job at the NSA.

    She has posted a recording of the session on Soundcloud, which you can hear above, and posted a rough transcript on her blog, The Mob and the Multitude. Here are some highlights.

    The session begins ...

    Tahir: “Do you consider Germany and the countries that the NSA has been spying upon to be adversaries, or are you, right now, not speaking the truth?”

    Recruiter 1: “You can define adversary as ’enemy’ and, clearly, Germany is not our enemy. But would we have foreign national interests from an intelligence perspective on what’s going on across the globe? Yeah, we do.”

    Tahir: “So by ’adversaries’, you actually mean anybody and everybody. There is nobody, then, by your definition that is not an adversary. Is that correct?”

    Recruiter 1: “That is not correct.”

    Recruiter 2: “… for us, our business is apolitical, OK? We do not generate the intelligence requirements. They are levied on us ... We might use the word ’target’.”

    Tahir: “I’m just surprised that for language analysts, you’re incredibly imprecise with your language. And it just doesn’t seem to be clear.”

    Later ...

    Tahir: “... this is a recruiting session and you are telling us things that aren’t true. And we also know that the NSA took down brochures and factsheets after the Snowden revelations because those factsheets also had severe inaccuracies and untruths in them, right? So how are we supposed to believe what you’re saying?”

    Even later ...

    Tahir: “I think the question here is do you actually think about the ramifications of the work that you do, which is deeply problematic, or do you just dress up in costumes and get drunk?” [A reference to an earlier comment the recruiter made about NSA employees working hard and going to the bar to do karaoke.]

    Recruiter 2: “... reporting the info in the right context is so important because the consequences of bad political decisions by our policymakers is something we all suffer from.”

    Unnamed female student: “And people suffer from the misinformation that you pass along so you should take responsibility as well.”

    Later still ...

    Male student: “General Alexander [head of the NSA] also lied in front of Congress.”

    Recruiter 1: “I don’t believe that he did.”

    Male student: “Probably because access to the Guardian is restricted on the Department of Defence’s computers. I am sure they don’t encourage people like you to actually think about these things. Thank God for a man like Edward Snowden who your organisation is now part of a manhunt trying to track down, trying to put him in a little hole somewhere for the rest of his life. Thank God they exist.”

    And finally ...

    Recruiter 2: “This job isn’t for everybody, you know ...”

    Tahir: “So is this job for liars? Is this what you’re saying? Because, clearly, you’re not able to give us forthright answers. I mean, given the way the NSA has behaved, given the fact that we’ve been lied to as Americans, given the fact that factsheets have been pulled down because they clearly had untruths in them, given the fact that Clapper and Alexander lied to Congress – is that a qualification for being in the NSA? Do you have to be a good liar?”

    Recruiter 1: I don’t believe the NSA is telling complete lies. And I do believe that you know, I mean people can, you can read a lot of different things that are, um, portrayed as fact and that doesn’t make them fact just because they’re in newspapers."

    Unnamed female student: “Or intelligence reports.”

    Recruiter 1: “That’s not really our purpose here today and I think if you’re not interested in that ... there are people here who are probably interested in a language career.”

  • Pendant que les pédo-terroristes se réunissent à PSES, chez Amesys, on fait une petite fête | kitetoa

    Dans l’esprit des politiques, depuis que le réseau est accessible, il est infesté de criminels en puissance. Des pédophiles, des terroristes, des pirates… Il faut dire qu’un outil qui offre à chaque utilisateur une tribune d’égale puissance… et quelle puissance… c’est louche. Et même dangereux. Observez, une Nadine Morano qui jusque là aurait représenté l’autorité incontestable, peut devenir en un tweet, en une connerie phrase la risée de centaines de milliers de personnes qui n’hésitent plus à la railler sans ménagement… Ça énerve. Du coup, les barbus et les charmantes jeunes femmes qui peuplent ces jours-ci la réunion Pas Sage en Seine ne sont dans l’esprit des autorités qu’une poignée de crypto-pédo-terroristes-anarcho-gauchistes. Forcément. Notez qu’ils appellent à crypter les communications, contourner la censure, aider des « rebelles » en Syrie ou ailleurs… Ça fout la trouille… Nadine Morano piégée par Gérald Dahan door LeNouvelObservateur Donc, nos crypto-pédo-terroristes-anarcho-gauchistes sont réunis à Pas Sage en Seine et ils s’amusent à refaire le monde de les Internetz et partant, le vrai monde de l’extérieur du réseau. Mais ils ne sont pas les seuls. Pendant qu’à PSES le Club Mate coule à flots, Reflets est sur la brèche. Nous vous avons promis une #AmesysFest, un papier (...)