Insights For Success

Strategy, Innovation, Leadership and Security

Law Enforcement

Private Internet Access leaves Korea due to security concerns

GeneralEdward Kiledjian

We learned that Private Internet Access (PIA) has shut down its Korea exit nodes due to concerns about the privacy of its users. It learned through a "close contact" that South Korea law enforcement intended to clone its local data. 

Private Internet Access (PIA) didn't know why they would take these types of actions against it, but took immediate action as soon as it learned about this possibility. 

On the 21st January 2018 at 6.15pm Pacific Time, Private Internet Access was alerted by close contacts in South Korea that law enforcement would be seeking to mirror our servers tomorrow, 24th of January 2018, at 10:00 A.M without due process. Upon learning this information, we decided to remove and wipe the South Korea region from our network immediately.
— Private Internet Access blog

Even if the South Korean authorities did clone the data,  Private Internet Access (PIA) does not log any traffic or session data. 

In addition to removing its South Korea exit nodes, it also rotated its certificates as an additional security control. 

This is a great example that proves that Private Internet Access is committed to the privacy of its users. Good going PIA. 
 

Source: Private Internet Access

Hackers that hacked Cellebrite released a data dump

GeneralEdward Kiledjian

Image from the Cellebrite website

Cellebrite is an Israeli company that specializes in tools (hardware and software) to break cell phone security. The Universal Forensic Extraction Device (UFED) is their most popular product and it can extract info from a wide variety of cell phones in minutes. Needless to say, law enforcement loves Cellebrite and has made them a very wealthy company. 

Cellebrite confirmed being breached and 900 GB of data was taken (which we believed contained end user licensing information). Cellebrite was quick to point out that passwords or payment information was not taken.

The hackers have published the dump which includes source code and customer information but also more importantly exploitable vulnerabilities for IOS, Android and Blackberry.

Cellebrite's UFED uses many of these vulnerabilities to extract the information its customers want from locked or otherwise protected devices.

Motherboard spoke to world renown IOS security expert, Jonathan Zdarski, who said the IOS vulnerabilities are already commonly known and therefore nothing earth shattering. The Blackberry vulnerabilities haven't been released yet and those will be interesting.

Obviously Celebrite is continuously updating its products with the latest vulnerability discovery so it is safe to assume this won't damage their thriving business with law enforcement. 

You can see a small sliver of the 900GB on site pastebin site (which will quickly disappear of course.)

The links to download the first parts of the dump are here:

  1. https://mega.nz/#!sZUkSbDT!l740KTf5TG-TgjN-YNZcejSOfhUn43jZ8jR3Lw_w7dY

  2. https://mega.nz/#!0d9zBQLI!DdKhZDXoMEnO6RpZDHWMGVV7nBXXZ98cPzjzVqLsVuw

These files may be taken down anytime so... Your Mileage May Vary.

The hackers are promising to released another small sump with files retrieved "via the weaponized Cellebrite update service deployed on MS Windows based devices and desktops"

Analysis of the compression and obfuscation employed by Cellebrite on products supplied to British MOD juxtaposed with the protection free versions supplied to SOCOM and others is also included within.” added the hacker.

The hackers are hacking the hackers. Let's see how this story unfolds.

Skype is spying on your instant messages

SecurityEdward Kiledjian

A couple of weeks ago, a group of hackers accused Skype (now owned by Microsoft) of changing its underlying architecture to make eavesdropping easier.

It is still unknown if Skype/Microsoft can intercept your voice calls but reading their privacy policy, it is clearly written that they can and do comb through instant messages (which is stores for 30 or more when permitted by law) sent via the Skype service.

The reason voice interception is unknown is the use of a common legal term called “includes but is not limited to” which means they list some services they monitor but reserve the right to monitor others. We also know that Skype “co-operates with law enforcement agencies as is legally required and technically feasible,” so assume anything you IM via Skype may be used by them or handed over to law enforcement.

ZDNet’s Steven J. Vaughan-Nichols goes on to say “There is no reason to believe that they can’t record our  Skype voice calls as well,” “Therefore, any person or business who is concerned with their communication privacy should stop using Skype and look for an alternative.”

Interesting when these types of privacy concerns surface and get confirmed. User beware.

Read More