Tag Archives: US Law

6 simple questions

I have written about it before, yet the article last friday forces me to take more than another look, it forces me to ask questions out loud, questions that should have been investigated as this case has been running for two years, lets not forget the hairy Amazon owner had his smartphone allegedly hacked in 2018.

My article ‘The incompetent view‘ (at https://lawlordtobe.com/2020/01/28/the-incompetent-view/) was written on January 28th. I kept it alone for the longest of times, yet the accusations against Saudi Arabia, especially as that French Calamari UN-Essay writer is again involved forced my hand and the article last friday gives me the option to lash out and ask certain questions that the investigation optionally cannot answer, as such two years by these so called experts should be seen as 2 years by whatever they are, but I have doubt that expertise was part of the equation.

as such we begin with the Guardian (at https://www.theguardian.com/technology/2020/jan/31/jeff-bezos-met-fbi-investigators-in-2019-over-alleged-saudi-hack), here we see the following

NSO said: “we have not been contacted by any US law enforcement agencies at all about any such matters and have no knowledge or awareness of any investigative actions. Therefore, we cannot comment further.”“, which is a response towards the FBI who had been investigating NSO since 2017, which is based on the setting of “officials were seeking information about whether the company had received any of the code it needed to infect smartphones from US hackers

Yet it is the quote “Two independent investigators at the United Nations, Agnes Callamard and David Kaye, revealed last week that they have launched their own inquiry into allegations that Bezos’s phone was hacked on 1 May 2018 after he apparently received a video file from a WhatsApp account belonging to Mohammed bin Salman, the Saudi crown prince“, in this, can anyone explain to me why the UN is involved? I do not care how wealthy Jeff Bezos is and this has nothing to do with the Washington Post, either way this would be an initial criminal investigation, optionally running through the FBI.

  1. Why is the UN involved?

In defence we must observe “WhatsApp has said it believed NSO has violated criminal laws, including the Computer Fraud and Abuse Act, a federal law that is used to prosecute hackers. WhatsApp has claimed 1,400 users were hacked using NSO technology over a two-week period in April-May last year, after NSO was allegedly able to exploit a WhatsApp vulnerability that was later fixed

And again, we see that NSO technology is involved, yet FTI Consulting makes no mention of that part of the equation, more important whether the same atack was used, and in light of all this, we might see ‘NSO was allegedly able to exploit a WhatsApp vulnerability that was later fixed‘, yet when exactly was it fixed? That too is part of the equation.

When we look at the FTI report, other issues become surface materials. Like the quote “The phone maintained an unusually high average of 101MB of egress data per day for months thereafter, including many massive and highly atypical spikes of egress data. Forensic artifacts demonstrated that this unauthorized data was transmitted from Bezos’ phone via the cellular network.” What data was sent exactly? The report gives us: “they provide the ability to exfiltrate vast amounts of data including photos, videos, messages, and other private or sensitive files. It should be noted that spikes resembling these might occur legitimately if a user enabled iCloud backup over cellular data service. Bezos. however. had iCloud backups disabled on his device. Other legitimate causes of spikes in egress data could be if a user willingly uploaded or transmitted large amounts of data via a chat or messaging app. email client, or cloud storage service, but none of these activities were corroborated by GDBA or Bezos.

As such, as FTI Consulting gives us “Advanced mobile spyware. such as NSO Group’s Pegasus35 or Hacking Team’s Galileo,36 can hook into legitimate applications and processes on a compromised device as a way to bypass detection and obfuscate activity in order to ultimately intercept and exfiltrate data. The success of techniques such as these is a very likely explanation for the various spikes in traffic originating from Bezos’ device.” Yet is that what happened? lets not forget that the FTI Consulting report on page 16 states “The following investigative steps are currently pending.

  1. Intercept and analyze live cellular data from Bezos’ iPhone X“, as well as “2. Jailbreak Bezos’ iPhone and perform a forensic examination of the root file system.” steps that are seemingly incomplete and optionally not done at all, as such how did anyone in Saudi Arabia get fingered as the guilty party? It could be the German Cracking Service for all we know stating to Jeff Bezos ‘Copy me, I want to travel‘.
  2. Where is the evidence on the hack and the destination of the hacked data?

There are two parts in this, as I explained earlier, Vice.com gave an earlier consideration with ““Hacking Team was thoroughly owned, with its once-secret list of customers, internal emails, and spyware source code leaked online for anyone to see”” yet the stage that we see here, is merely a footnote in the FTI Consulting report and is given no weight at all.

This leads to the question 

  1. How was the phone of Jeff Bezos infected and where is that evidence?

This could lead to 3a. Who actually infected the iPhone of Jeff Bezos?

Which leads to the last part of last friday’s article and perhaps the biggest smear of all time “New revelations about the alleged hacking of Bezos’s phone have caught the attention of a handful of politicians in Washington who have sought more information about the alleged hack, including whether there was any evidence that Saudi Arabia had infected phones of any members of the Trump administration.” and because of this (as well as more) we get to:

  1. What exactly are the new revelations, as the FTI Consulting report is incomplete.
  2. Where is the evidence that Saudi Arabia infected ANY phones?

You see, someone infecting another person by claiming that they are someone they are not is at the core of this, as such any person in the room could have infected Jeff Bezos’s phone and optionally other phones too. Claiming to be MBS and being MBS are two separate parts. 

In this it was CNN who gave us “The report’s limited results are a reminder that it can be extremely challenging to reconstruct the activities of a determined, well-resourced hacker” and if hat is the setting, we again get to the stage where we cannot tell who infected the system of Jeff Bezos in the first place. As such Kenneth White (formerly with DHS) as well as  Chris Vickery (Director UpGuard) who gives us “other evidence provided by FTI increased his confidence that Bezos was being digitally surveilled“, we do not question that, we merely question the lack of evidence that points to Saudi Arabia as a perpetrator, basically the guilty party is not seen, because no evidence leading there is given, the fact that essential tests have not been done is further evidence still of the absence of any guilty party.

As that stands I merely end with the question:

  1. Why on earth is the UN involved in an alleged Criminal investigation where so much information is missing?

When we realise the small line in the Guardian “An analysis of the alleged hack that was commissioned by the Amazon founder has not concluded what kind of spyware was used” we are given a much larger consideration, if the spyware used is unknown, how can the data spy be seen? This gets an even larger mark towards the question when we consider “Check Point Research, however, recently unveiled new vulnerabilities in the popular messaging application that could allow threat actors to intercept and manipulate messages sent in both private and group conversations, giving attackers immense power to create and spread misinformation from what appear to be trusted sources.” (at https://research.checkpoint.com/2018/fakesapp-a-vulnerability-in-whatsapp/), and another source (at https://www.bleepingcomputer.com/news/security/whatsapp-vulnerability-allows-attackers-to-alter-messages-in-chats/) gives almost the same information and also has the text “Using these techniques, attackers can manipulate conversations and group messages in order to change evidence and spread fake news and misinformation“, the FTI Consulting report gives us nothing of that, and as it does not set the stage of disabling that these were options that were disregarded, we see that this mobile situation might not now or not ever see the light of day with an actual reference to an attacker that will hold water in any court. 

As such the UN will have a lot to explain soon enough, I got there through 6 simple questions, 6 questions that anyone with an application of common sense could have gotten to, I wonder why the UN did not get there, I wonder why FTI Consuilting handed over a report that was failing to this degree.

 

3 Comments

Filed under IT, Law, Media, Politics

That joke called the First Amendment

Well, the quick way is to wait on a bridge, but the reality of that approach is likely to be less successful! This all starts with an article in the LA Times today (at http://www.latimes.com/local/lanow/la-me-ln-james-woods-twitter-lawsuit-20150730-htmlstory.html). The object of trolling is James Wood, the actor. He has had many successes and in most of those moves he plays the badass opponent you don’t want to cross, not even when you have the Rock at your side. I had to take a little look at what I first saw that included him. Raid on Entebbe was the first movie, yet I did not realise it at that moment as it was a ‘Charles Bronson movie’ (the mind of a teenager tends to be super focussed). So James as the Captain with the glasses was not the focus of the viewer (me). I started to watch movies because James Woods was in them around the time ‘Best Seller’ was released. He had already drawn attention through Videodrome, Against all odds and Cat’s Eye. All this matters, because the way we perceive an actor (especially outside of America) is when we watch his work, not the gossip page, not some glossy magazine where dubious statements drenched in non-liability grammar. It is possible that the generation after me will form an opinion of him from his starring role as Hades in Hercules (you get the concept). So did he have issues? I am pretty sure that he has issues, which does not mean he dove into the narcotics, which several actors from the 80’s did. The fact that glossy magazines got away accusing people of murder ‘due to unnamed sources’ adds to the stress here. But what is the case? Actor James Woods filed a $10-million lawsuit this week against an anonymous Twitter user, alleging defamation and invasion of privacy. In my view there are two options, either that person is an American, or not. If not it basically becomes an FBI case (I will get back to this). Leila Knox, an attorney with the San Rafael-based First Amendment Coalition gives us some of the goods. As she states “You have to go straight after the individual”. Which is all fine and good, yet since its official adoption of December 15th 1791, the text: “Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press; or the right of the people peaceably to assemble, and to petition the Government for a redress of grievances“, has become a bit of a joke. There is no doubt in my mind that the originators had the best intentions in mind, yet for no less than 30 years the 1st amendment can be regarded as an international joke. (I will get back to this too). The next part in the article is “The next step is to subpoena the ISP, which must alert the user that he or she is being sued and that there is a request for the user’s identity to be revealed“, not just that, but the ISP can actually start a case of defence for the troll and file for quashing the subpoena. Mark Lemley, director of Stanford Law School gives us in addition the following: ““The hardest part is proving that the statements were made with bad intent” and were not accidental, said Lemley, who spoke in general and not in reference to the Woods case. “It also depends on how careful the poster has been to cover their tracks.”” in this we see the first issue and as to answering this, I will also get back on the two previous points. You see, I am all for ‘freedom of speech’, yet in that light, this freedom also needs to show a form of accountability. When we see that there is a need ‘to cover their tracks’, whilst there is supposedly freedom of speech, you know that something is wrong. So the fact becomes, should the ISP be allowed to act in the way it can? I agree that to some extent it should be protective, but when a person is hiding behind anonymity so that this person can lash out, I have to see the situation that the victim of this lashing has a right to face his/her accuser. Is that not a direct right too? In the second, when we consider the 1st amendment in another way we get the following: “Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press; or the right of the people peaceably to assemble, and to petition the Government for a redress of grievances“, let’s take this one step at a time. ‘Or abridging the freedom of speech, or of the press‘ I believe in the spirit of this, but are we not allowed to know the speaker? You see in those days, freedom of speech was done in writing or in words. In words meant that the person did this in view of others. That means that this person was a known person, even if that person was a stranger and was viewed for speaking his/her mind. The aggrieved person could face the speaker and defend the presentation. When in writing it was harder but overall we would know who spoke, because the true speaker would sign their view, if this person did not, than it was either a question the writer would ask people to answer for themselves or it could be rejected all together. The press has become an even more debatable joke. The Daily Mail for example with “source close to the family” (MH370 disaster), this is not the only case, what is also important is that we saw an issue in 2014 the Press Complaints Commission (PCC) decided to investigate a case whilst using only 1 of 83 plaintiffs. These are UK cases, and they are aligned to this issue. You see, when we look at The Atlantic, we see an issue in the article ‘Why Newspapers Often Don’t Call Out Politicians for Lying’, it states that it is a complicated controversy, which on the surface it is not. You see a statement is either true or false. Now, we must allow for a view that is regarded as ‘the eye of the beholder’, which is fair enough. A Republican will see matters differently from a Democrat and if that person explains his/her view that should not matter and the truth is still told. So the issue now becomes is it the truth or is it flaccid? That issue comes to mind when we consider the quote “diminish their perceived objectivity, especially among unsophisticated news consumers“, from there we get ‘there is no truth, there is just a flaccid context because the reader could be regarded as stupid’, that would make you feel loads better wouldn’t it? So we now have a little bit of an issue, in one part the press needs to get a lot more leeway, so that it can bearing a point of view across, which is still informing the public, yet, we cannot allow for the press to continue to the extent it had for too long a time. In all this the 1st amendment is as I regard it a joke in today’s society, yet altering it is equally dangerous, because I believe in an accounted freedom of speech. In that view, the anonymous person is not a person perse, this person is a mere fabrication of nothing. Now, this is a dangerous statement from my side and I realise that. There is a clear need for anonymity, especially as there is a need to truly protect a person from prosecution, but such a person does not go out and states “James Woods is a cocaine addict”, which more than malicious. You see, as we regard a person with issues on alcohol and narcotics, the view of him is altered. In his case it will affect his ability to gain jobs. In a world where he relies on public opinion (even more than a politician), there is the need to make sure that people cannot make claims against others unless they can back this up. As far as I have been able to tell, James Woods has never been in court for any criminal transgression, and he seems to keep a decently healthy lifestyle, the fact that he has been in two relationships with women 40 years younger than him seems to vouch for that part. In all this I still have a partial issue with the quote by Leila Knox. She speaks the truth, but is she correct? The quote “One has the right to go out and speak and not be identified”, is truthful, but was it speaking? Basically James Woods fell under psychic assault, moreover, the assault can be regarded as intentional malicious assault. It is malicious as there is no evidence and no publications that James Woods has been addicted to drugs. the fact that this could be the statement of a person who does not know James Woods, making the claim malicious, an intentional act to do harm, at which point the victim (James Woods) has every right to face his accuser (Abe List), so now we get to the point how to solve this. Now for the case, there is little chance of James Woods to get a decent chance of confronting his attacker. The law seems too flaccid to do anything and in defence of the FBI, if they have to track down every defamation case they will never get to do the things they need to actually get done. You see, I am over some of these trolls, as we see how they just attack for the mere fun of it. Wouldn’t it be great if there was some anonymous hackers group that could give aid to these victims, a group that would retweet the accusation, but now with the added identity and address of that person, would that not be great? An approach that is enlightening and dangerous at the same time, because at times there are people who must be able to rely on anonymity, those people who do not attack, but speak out for their own hardship, they need protection, I do not deny it, making the first amendment a dangerous thing, because the more it protects the oppressors, the less it regards the victims, which was never the intent of the first amendment. So has the first amendment truly become a joke? The fact that people hide behind it whilst the location of the transgressor (read troll) is not a given is one side to this statement, the fact that the press can insinuate with impunity for mere profit is another part. Twitter seems to do whatever it can, to remain the ‘innocent disseminator’. When we look at this we legally get “The defence of innocent dissemination is intended to protect people such as newsagents, booksellers, librarians and internet service providers (ISP) who unwittingly publish defamatory matter without negligence on their part“, which is Australian Law, but the US has something very similar. And in all this, Twitter for the most has left interactions to almost zero, which gives strength to their ‘innocent dissemination’ even though the Troll has been removed, it is relatively easy to create a new profile, so that the troll can strike again. I think that on a case to case basis Twitter needs to re-evaluate its choices. It is not impossible that Twitter becomes another reddit through the bashing by trolls, which means that Twitter people will seek another venue at some point. For now Twitter is highly accepted in the business community. If that changes and trolls take over, the loss of accounts could spell long term hardship for Twitter, taking into account how quickly social media evolves, hanging onto the community as they have, Twitter did a fine choice in remaining the innocent disseminator. Yet the future is slightly altered. I personally believe that losing thousands of accounts due to a few trolls is a bad choice, not intensely protecting them would also send a stronger message to the people at large. So when in the speculated scenario where the people in a street learn that someone’s 15 year old kid has been trolling the hell out of some could be a revelation, especially for the troll. If a troll is nothing more than a cyber-bully, why do we give them protection? Aren’t we supposed to be united against bullies?

1 Comment

Filed under IT, Law, Media, Politics