The hack game continues

The press continues to assault Mohammad Bin Salman and Saudi Arabia, the same press that has ignored hostile acts by Iran, the same press who have knowingly and from my point of view ignored (read: and downplayed) several issues in Yemen caused by Hezbollah. 

So as I got to see (at https://www.theguardian.com/technology/video/2020/jan/22/jeff-bezos-phone-hacked-allegation-saudi-crown-prince-video-explainer) the video that was placed two weeks ago, in light of what I wrote yesterday. I thought that the video gives light to several questions that link to this. It is also important, because it shows a global FAILING of cyber security, not by the hairless man (Jeff Bezos) by the way, who in this is basically a consumer (one with deep pockets that is).

The video starts off with Stephanie Kirchgaessner, where she says (at 00:14) ‘who is somehow personally involved‘ (1). Then we get (at 00:32) ‘according to his own security team victim of some sort of hack by Saudi Arabia‘ (2) we get more accusations, but with the word ‘allegation’, as such she is in the clear. After that we get a clip from CBS This morning (at 1:08) with a followup and direct accusation towards the WhatsApp account ‘from the account of the Crown Prince of Saudi Arabia‘ (3), even as I am tempted to ignore ‘We can’t know what was going on in the mind of Mohammad Bin Salman‘ (at 1:55) (4)

After that there is a reference to ‘the experts that she spoke to‘ (at 2:12) and they point to the fact that he is the owner of the Washington Post, not the owner of Amazon or merely a rich dude. ‘It was an attack on the Press‘ is what seemingly comes out of this. 

We get a few more events, but nothing that is too interesting, not in this view.

Personally I actually do not care about Bezos and his needs, I do not give a hoot about a few items, and my personal view is that any person is innocent until PROVEN guilty and the attacks on Saudi Arabia as well as the Crown Prince are offensive to me as we should know and act better.

So as we get to the stage of the why, we need to see the stage we are entering. This is not (merely) a Criminal situation, this is a cyber ploy and that is where the focus is, I have written more than enough about the joke that is the FTI Consulting report, but in the end it is linked to all this. 

  1. Who is somehow personally involved

How? I am not referring to item 3, there is a larger stage here. The alleged infecting file was received on May 1st 2018. In this I am using alleged as the investigation did not start until February 2019. However, the FTI Consulting report on page 12, item 22 gives us that hours after the reception of a file resulting in egress data in excess of 29,000%. I do not question that, I do not question that Bezos got hacked. 

Why am I opposing here?

As I stated in ‘6 simple questions‘ (at https://lawlordtobe.com/2020/02/03/6-simple-questions/) yesterday. Other experts give us “Check Point Research, however, recently unveiled new vulnerabilities in the popular messaging application that could allow threat actors to intercept and manipulate messages sent in both private and group conversations, giving attackers immense power to create and spread misinformation from what appear to be trusted sources.” This is important when we consider ‘allow threat actors to intercept‘ as well as ‘spread misinformation from what appear to be trusted sources‘ as such Check Point research gives us that false information could be sent to a person from anyone claiming to be anyone else. The source of the infection cannot be verified in this. that is an important fact, one that was out in the open and FTI Consulting never went there.

  1. According to his own security team victim of some sort of hack by Saudi Arabia

So his security team are cyber experts? And they know somehow that Saudi Arabia did the attack? Based on what evidence? I showed in the previous point that this is optionally not the case and the FTI Consulting report is nothing short of a joke (as I personally see it), there is no path to where the data is going, there is no evidence on where the infection came from. 

  1. from the account of the Crown Prince of Saudi Arabia

Here is the larger issue and even as I debunked it in point one, we must not ignore this, there is one path that is not investigated and not one that can no longer be investigated. The mobile of the Crown Prince might be infected itself. My point one avoids it, but we cannot ignore it. The chances of Saudi Arabia or its officials in light of the attacks cooperating is close to zero and as such this point will remain on the books. From my point of view gathering intel and evidence before shouting foul would have been a much better approach and why the UN gets involved in this is still open to debate on a few sides. 

  1. We can’t know what was going on in the mind of Mohammad Bin Salman

In this we can speculate and debate until we are blue in the face, but the truth is that all this started 2 years ago and the evidence is largely missing, more important, whomever was involved has removed whatever sides they needed to and as such the actual guilty party will never be found. Yet the foundation of the accusation is larger.

He was being attacked by the press and we seemingly forget that the infection started BEFORE someone seemingly ended the life of some columnist named Jamal Khashoggi, as such we can argue that there was no attack on the Washington Post. To be more honest, at the time of the infection Jamal Khashoggi was some columnist most people on the planet had never heard of (apart from the Washington Post readers) 

Yet when we look at the Vice article (at https://www.vice.com/en_us/article/v74v34/saudi-arabia-hacked-jeff-bezos-phone-technical-report), there we see that former FBI investigator Anthony J Farrante gets into the fight and the report gives us ““to assess Bezos’ phone was compromised via tools procured by Saud al Qahtani,” the report states“, it is an interesting plot, especially when we consider another Vice article (at https://www.vice.com/en_us/article/8xvzyp/hacking-team-investor-saudi-arabia) where we saw “Hacking Team was thoroughly owned, with its once-secret list of customers, internal emails, and spyware source code leaked online for anyone to see“, so lets put this in the right frame, Anthony J Farrante is going out to prove that a tool procured by Saud al Qahtani, and as far as we can speculate is in the possession of thousands of hackers through ‘spyware source code leaked online for anyone to see‘ is the guilty perpetrator. How is that ever going to work? 

Well that is optionally still the case if we can examine the source of the problem, and that is basically already debunked by Alex Stamos, the former chief information security officer at Facebook who gave us “Lots of odd circumstantial evidence, for sure, but no smoking gun“, in this I also got to “several high-profile and respected researchers, highlights the limits of a report produced by FTI Consulting, the company Bezos hired to investigate the matter“, as well as “A key shortcoming of the analysis, Edwards said, was that it relied on a restricted set of content obtained from Bezos’s iTunes backup. A deeper analysis, she said, would have collected detailed records from the iPhone’s underlying operating and file systems. Other security experts characterized the evidence in the report as inconclusive“, and “a research group at the University of Toronto, offered a suggestion that could allow investigators to gain access to encrypted information that FTI said it could not unlock” (source: CNN), we see a whole range of experts giving out claims towards non-conclusivity, lack of expertise and optionally students in Toronto giving out solutions to a situation that FTI said it could not unlock. 

These are all matters that played out over time, some before the video report and it seems to me that the press is bashing with smoke signals as loud as possible hoping someone will scream ‘fire!‘. That is my view on the matter!

Now, all what I see and expose does not make any party innocent, it merely shows that there is no evidence to call anyone guilty on and that is what matters, because we want to turn this into an event where a person needs to prove that they are innocent, we must prove that anyone is guilty. In some cases beyond all reasonable doubt and in some cases on the setting of probability of guilt set against the average man. The entire cyber event fails on both terms and that is not merely me, and when we see ‘Other security experts characterized the evidence in the report as inconclusive‘ we need to realise that (apart from) FTI Consulting did a piss poor job in this case, the finding of actual and factual evidence is a lot harder in this day and age. The WhatsApp vulnerability showed that there is a larger problem and when we cannot determine the origin of any hack or virus, we are in for a much larger problem and this is happening before 5G is fully rolled out. That nightmare was brought nicely by Kenneth White, former advisor to DHS with “it can be extremely challenging to reconstruct the activities of a determined, well-resourced hacker“, this is what the Jeff Bezos team faced and from my view, they went about it the wrong way. Their report was never ready for release and the fact that basic parts were missed gives out a much larger problem, if billionaires rely on someone like FTI Consulting and this report is the standard, then the entire cyber setting in the United States could be regarded as a larger problem from beginning to end.

In this there is one highlight that Vice gave us that matters here, it is “The second obstacle regarded the password for the iTunes backup“, and “They apparently never obtained the password” that makes no sense, because the owner should have his backup, so unless Jeff was hit by the ID10T virus, we see a failing on more than one level and as such at what stage, in light of EVERYTHING out there in 2018 why was Crown Prince Mohammed bin Salman ever accused?

That is what angers me, not who was accused, but that an accusation came whilst there was a whole truckload of information out there making it a bad choice from beginning to end, so was the Washington Post owner hacked, or was the hack a way for the Washington Post to strike out to someone? That is the larger game that is now in the court of perception, a massive failing of properly assessing pieces of evidence by the media (and the UN). 

 

Leave a comment

Filed under IT, Media, Politics

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.