One thing that’s clear from reading through the trove of over one million emails from Italian surveillance firm Hacking Team is that its employees despise activists, many of whom have been criticizing them for years about their disregard for human rights.
Christopher Soghoian, the ACLU’s Principal Technologist and an outspoken advocate for privacy and free speech, noticed Thursday that Hacking Team employee Daniele Milan joked about gathering enough Bitcoins to pay for his assassination. His email was dated April 16.
Translated to English, this says:
I’m very tempted to respond, but we would only unleash hell. I think it’s self evident what a inbecile Soghoian is. If I could gather up enough Bitcoin I would use a service from the DarkNet and eliminate him. An asshole of this caliber doesn’t deserve to continue to consume oxygen.
[Update: An Italian reader writes that the third sentence is more accurately translated: “If I gather up enough Bitcoin I will…”; Another reader writes that in the first sentence “a flame war” would be a more accurate translation than “hell”.]
The same day that email was sent, Hacking Team had tweeted an article opposing Bitcoin, blaming the crypto-currency for helping pedophiles hide from the authorities, saying, “This has to be stopped”.
Soghoian (picture above) shot back, asking if Ethiopia was using its Hacking Team malware to go after child porn or journalists.
Hacking Team sells malware to governments around the world, including Ethiopia, which uses that malware to hack journalists that it disagrees with.
Soghoian says he feels “pretty good” about the assassination joke. “I’ve been sad all day since I learned about Caspar,” referring to prominent privacy advocate Casper Bowden who died today.
“This cheered me up. If they are making jokes like this, it means I am doing the right thing.”
Previous coverage of Hacking Team from The Intercept:
- Secret Manuals Show the Spyware Sold to Despots and Cops Worldwide (Oct. 30, 2014)
- Hacking Team Responds in Defense of Its Spyware (Nov. 3, 2014)
- Leaked Documents Show FBI, DEA and U.S. Army Buying Italian Spyware (July 6, 2015)
- Why Did the Firm That Sold Spyware to the UAE Win a Special Export License From State Department? (July 7, 2015)
- A Detailed Look at Hacking Team’s Emails About Its Repressive Clients (July 7, 2015)
- Adviser to Cyber Program at NYU’s UAE Campus Linked to Spy Tech Used to Repress Activists (July 8, 2015)
- Hacking Team Emails Expose Proposed Death Squad Deal, Secret U.K. Sales Push and Much More (July 8, 2015)
Photo: Chris Soghoian (dubfire.net)
I’ve decided I don’t like this story. Going through someone’s emails looking for a crime is one thing. Looking for off-color jokes is something else.
Some jokes are by their vary nature outrageous and stupid. I guess you can say these people have it coming since they think little of other people’s privacy, but scanning through someone’s email looking for reasons to be offended is…
“I’m very tempted to respond, but we would only unleash hell. I think it’s self evident what a inbecile Soghoian is. If I could gather up enough Bitcoin I would use a service from the DarkNet and eliminate him. An asshole of this caliber doesn’t deserve to continue to consume oxygen.”
While Daniele may not (or may) have been 100% serious, that’s also not ‘just’ a joke, and this is not an article about people going willy-nilly through HT’s emails looking for things to be offended by. Remember, these are the people that are “supposed” to be “helping” the “good guys” — not threatening, even in jest, to kill people.
@tombrown
I see you are accessing this site using unsafe browsers. IMHO, use only Tor Browser to access TI, Wikileaks and similar blacklisted sites. I wouldn’t suggest Tails as it would be going a bit too far considering that your comments are ambiguous at best and mild at worst. But do use Tor with no add-ons.
I used firefox with Kaspersky Malecious sites block add on which showed the man in the middle attack.. It is not an unsafe system as it refused to allow me to access a site with false certificates.I then used TOr which warned me against Firstlook.org. capacipicity to identify my computer.
Tor uses the firerfox build but uses nodes to keep the client umknown. I was disappointed with Firstlook.org using a system it did not need to use and will be withdrawing it soon.
I believe this validates my concerns.
Generally I dont take criticism lightly. However with you I take everthing lightly.
“considering that your comments are ambiguous at best and mild at worst.”
My last name is Wild not mild, prepare to have at it. I can not put it more plainly.
How do you know that this site has been “blacklisted”, and what exactly does that mean?
Perhaps it means something like this:
https://firstlook.org/theintercept/2014/08/20/u-s-military-bans-the-intercept/
Hey, those of us not planning acts of revolutionary force need to provide some chaff to keep the surveillance apparatus busy. :)
Direct assassination is old school.. Information warfare can neutralize opponents without killing them. We should expect to see some examples of this in the upcoming election cycle.
Hey, US Government — you love extraditing foreign citizens for crimes committed overseas against ‘Americans’. Chris is an ‘American’. And that sorta looked like Daniele wanted to have him killed. Then again, you guys have been wanting to hack/harass Soghoian for some time too… So maybe he’s just not worth prosecuting one of your trusted solution providers over? You also are really big on IP crimes, and HT clearly was using hacked licenses and warez software — so there’s a civil case there (or criminal, if you want it to be). The dietlibc dude wasn’t happy his libraries were used in HT’s code (against his licensing) but I’m guessing since he wasn’t American, you don’t care about that.
Oh who am I kidding? You have no desire to charge HT with anything — not when you have stuff like FIFA to go after instead. Or people who download MP3s. Or just look at you funny.
I will agree on the being against bitcoin thing, though. Bitcoin’s bad.
Anyone composing an e-mail should understand that it easily can find its way into the public domain. There may be a few neanderthals, at places like Hacking Team who don’t, but most people know that no data stored on a computer is actually secure.
Leading edge companies have already canned their e-mail systems, which are just a millstone of liability hanging around the corporate neck. There may be a few luddites who continue to use electronic communications, but the rest of us will move on to more advanced systems. One promising method for communicating consists of using slight changes of pressure in an acoustical medium.
Storage is a separate problem from communication. Unless you’re suggesting we maintain no records of any kind, one promising method consists of storing information in patterns of neurons. The technology already exists, but so far it’s been found to be highly unreliable.
Patterns of neurons are far superior to electronic storage. Neurons retain only the information which is important, while electronic storage retains everything. Relying on electronic storage would necessitate building vast data centres in Utah consuming massive amounts of power and cooling water. They would hold inconceivably large quantities of data and be totally useless.
I suppose these comments of ours are a perfect example of useless information that will be stored forever electronically but forgotten by us by tomorrow. You win, sir, as usual.
As the name suggests, the privacy associated with acoustics is pretty sound. Semaphore and Morse can also be useful as it would be hard to find anyone who still remembers.
And further evidence that HT’s true heroes are people like Ross Ulbricht.
Tried to access The Intercept with Firefox running Kaspersky Antivirius 2015, with the malecious site add-on. Was told fthat the site was spoofed that is had a false certificate and Kaspersky would not let me access. Sent a report through Kaspersky to this site.
Ran Tor and got the following:
“This website (firstlook.org) attempted to extract HTML5 canvas image data, which may be used to uniquely identify your computer.”
SERIOUS shit firstlook.
Why are you trying to identify your readers.
The first part, where you’re using Firefox and Kaspersky told you that firstlook.org had a false certificate looks like evidence of a local man-in-the-middle attack. Can you try again and send me a screenshot of the error, and a copy of the certificate you’re served if possible? [email protected]. It looks like everything worked fine when you used Tor Browser, it successfully bypassed any sort of local attack that was going on.
We’re not trying to identify our readers using HTML5 canvas image data. This website uses WordPress, and WordPress 4.2 introduced some sort of emoji support that relies on HTML5 canvas data: https://wordpress.org/support/topic/emoji-and-smiley-js-and-css-added-to-head — so you’ll see this warning in Tor Browser every time you visit any updated WordPress website. We’re working on removing this functionality we don’t use anyway, it should be gone soon.
Sorry for the delay, been sleeping.
Just googled intercept using Firefox and got the following :
This Connection is Untrusted
You have asked Firefox to connect securely to http://www.google.com, but we can’t confirm that your connection is secure.
Normally, when you try to connect securely, sites will present trusted identification to prove that you are going to the right place. However, this site’s identity can’t be verified.
What Should I Do?
If you usually connect to this site without problems, this error could mean that someone is trying to impersonate the site, and you shouldn’t continue.
This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox only connect to it securely. As a result, it is not possible to add an exception for this certificate.
http://www.google.com uses an invalid security certificate.
The certificate is not trusted because the issuer certificate is unknown.
The server might not be sending the appropriate intermediate certificates.
An additional root certificate may need to be imported.
(Error code: sec_error_unknown_issuer).
I went to firstlook.org using firefox but I am unable to reproduce the previous problem.
I did send a Kaspersky report to firstlook.org through Kaspersky and I hope that gets to you.
Sorry about freaking out about the HTML5 canvas message from Tor but I got a bit jumpy.
Getting a denial of service from Google of all people had me jumping from shadows.
Thank you for your detailed reply.
Keep up the good work and if it happens again I will grab a screen shot a but I might just use TOR on a permanent basis.
Cheeers Jimmy.
I have tried to send a detailed reply but it is not showing up.
I am sorry about freaking out at the HTML5 canvas Tor warning, I do trust you.
I will try sending my reply in small amounts and see if I can get them to post.
Thank you for your detailed reply.
This Connection is Untrusted
Got this using firefox to google intercept
You have asked Firefox to connect securely to http://www.google.com, but we can’t confirm that your connection is secure.
Normally, when you try to connect securely, sites will present trusted identification to prove that you are going to the right place. However, this site’s identity can’t be verified.
What Should I Do?
If you usually connect to this site without problems, this error could mean that someone is trying to impersonate the site, and you shouldn’t continue.
This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox only connect to it securely. As a result, it is not possible to add an exception for this certificate.
http://www.google.com uses an invalid security certificate.
The certificate is not trusted because the issuer certificate is unknown.
The server might not be sending the appropriate intermediate certificates.
An additional root certificate may need to be imported.
(Error code: sec_error_unknown_issuer)
Try a different search engine or one like Ixquick.
I tried to google intercept just now using Firefox and got the following
This Connection is Untrusted
You have asked Firefox to connect securely to http://www.google.com, but we can’t confirm that your connection is secure.
Normally, when you try to connect securely, sites will present trusted identification to prove that you are going to the right place. However, this site’s identity can’t be verified.
What Should I Do?
If you usually connect to this site without problems, this error could mean that someone is trying to impersonate the site, and you shouldn’t continue.
This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox only connect to it securely. As a result, it is not possible to add an exception for this certificate.
http://www.google.com uses an invalid security certificate.
The certificate is not trusted because the issuer certificate is unknown.
The server might not be sending the appropriate intermediate certificates.
An additional root certificate may need to be imported.
(Error code: sec_error_unknown_issuer)
I tried googling intercept using Tor and just got the following
FRom Tor
https://search.disconnect.me/searchTerms/search?ses=Google&location_option=US&source=torI tried to duplicate the firstlook.org
Unable to connect
Firefox can’t establish a connection to the server at search.disconnect.me.
The site could be temporarily unavailable or too busy. Try again in a few moments.
If you are unable to load any pages, check your computer’s network connection.
If your computer or network is protected by a firewall or proxy, make sure that Tor Browser is permitted to access the Web.
I tried pasting firstlook.org in Firefox but got through and have not been able to duplicate the previous false certificate.
I did send a report through Kaspersky to your site but did not take a screen shot. Hope that turns up for you.
Thank you again for your expertise.
Still cant get this to post
This Connection is Untrusted
You have asked Firefox to connect securely to http://www.google.com, but we can’t confirm that your connection is secure.
Normally, when you try to connect securely, sites will present trusted identification to prove that you are going to the right place. However, this site’s identity can’t be verified.
What Should I Do?
If you usually connect to this site without problems, this error could mean that someone is trying to impersonate the site, and you shouldn’t continue.
This site uses HTTP Strict Transport Security (HSTS) to specify that Firefox only connect to it securely. As a result, it is not possible to add an exception for this certificate.
http://www.google.com uses an invalid security certificate.
The certificate is not trusted because the issuer certificate is unknown.
The server might not be sending the appropriate intermediate certificates.
An additional root certificate may need to be imported.
(Error code: sec_error_unknown_issuer)
The Cert’s SHA-1 Fingerprint seems to be O.K. (For what is worth)
Checked against https://www.grc.com/fingerprints.htm independently: it reports the proper value.
FA:34:AB:6D:D5:68:0A:CC:38:4F:4E:28:B6:6B:43:9F:D3:0E:C4:3D
Also, enforce TLS 1.2 only in all your web browsers, and manually disable all RC4 connections:
FireFox > New tab > type about:config search for ‘rc4′ and manually set to FALSE all strings starting with ‘security.ssl3…’ containing the rc4 cipher.
Install this add-on: https://calomel.org/firefox_ssl_validation.html get it from https://addons.mozilla.org/en-us/firefox/addon/calomel-ssl-validation/
Once installed go to options > Security > Cipher restrictions > Select ONLY this two options:
* TLS 1.2 only
* 256 Perfect Forward Secrecy and GSM Cipehers.
Leave all other TLS/SSL negotiations unchecked!
Study all other options and select accordingly.
Note: once installed and configured, you will NOT be able to access sites with legacy/weak cipher protocols, e.g. https://addons.mozilla.org
Yes, I know, WTF!? They are still using SHA-1, also you will be able to access https://www.eff.org/ but not https://globalchokepoints.org/ I’ve informed them via email but received no response so far. They are still using insecure certs in some domains.
You will be able to access almost all sites with any Chromium based web browser, e.g. Iron (https://www.srware.net/en/software_srware_iron.php) or Chrome. They are perfectly fine using insecure/compromised security algorithms it seems… smh
If on Windows O.S.: Internet Explorer: Internet Options > Advanced Option’s Tab > scroll all the way down > Use TLS 1.2 Only (Uncheck all others).
Start > Run > gpedit.msc (Edit Group Directives/Policies)
System Config > Administrative Templates > Net > SSL Options:
SSL Cipher Set Priority > Enable that option and copy-paste this string:
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384_P521,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384_P384,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384_P521,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384_P384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P521,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P521,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P521,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P521,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P521,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P521,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P384,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P256
Save, restart your system.
Check every web browser you use here: https://www.ssllabs.com/ssltest/viewMyClient.html
See what ciphers are chosen and in which order, try to leave ‘Forward Secrecy’ ciphers only. It can take some trial and error.
Last but not least, install this add-on and select every option: https://github.com/dillbyrne/random-agent-spoofer or grab it form the firefox app store (not the latest version) https://addons.mozilla.org/en-US/firefox/addon/random-agent-spoofer/
Good luck, and if I may, please do not assume The intercept is up to no good, it’s not polite (or intelligent) to come here swinging and accusing them of doing something fishy. Greenwald, Lee, Soghoian, & Co. may be part of the small few that stand as the last bastion for real democracy and civil rights in this modern globalized world of ours.
Acknowledge them and be grateful, and if you have suspicions try to take them to the next level and do some research before you start throwing baseless accusations.
Cheers!
PS: sorry for any typo or grammatical error. English is not my mother tongue. Salud, from Argentina.
“Good luck, and if I may, please do not assume The intercept is up to no good, it’s not polite (or intelligent) to come here swinging and accusing them of doing something fishy. Greenwald, Lee, Soghoian, & Co. may be part of the small few that stand as the last bastion for real democracy and civil rights in this modern globalized world of ours.
Acknowledge them and be grateful, and if you have suspicions try to take them to the next level and do some research before you start throwing baseless accusations. ”
I agree with most of that but as for baseless, the HTML5 canvas image CAN tract the computer’s identity. I am pleased to hear they will withdraw it soon.
Micah Lee is world famous for his knowledge and Integrity. He is a good man.
I have apologized and explained that after being under attack from a Man in the Middle I was disapointed to find first look with the capability of undermining Tors safeguards.
Cheers for all your work.
Jimmy.
“…but as for baseless…”
“SERIOUS shit firstlook.
Why are you trying to identify your readers.”
Indeed. Your assumption was from the beginning that their INTENT was to identify users (suspecting some obscure/malicious purpose), or that your misconfiguration/intrusion/whatever had to do with something THEY were doing. That is totally baseless and uncalled for.
“…the HTML5 canvas image CAN tract the computer’s identity.”
Gee, I wonder why I suggested you install the random agent spoofer add-on…
In short, read more, accuse less. If you’ve been/are a victim of a MitM and now have a healthy dose of paranoia, do your homework first and ask nicely later.
Take care. Over and out.
No you dont see what I see but you assume you see all.
The vpurpose of the HTML5 cavas image is to see the computer.
from Micah Lee
his website uses WordPress, and WordPress 4.2 introduced some sort of emoji support that relies on HTML5 canvas data: https://wordpress.org/support/topic/emoji-and-smiley-js-and-css-added-to-head — so you’ll see this warning in Tor Browser every time you visit any updated WordPress website. We’re working on removing this functionality we don’t use anyway, it should be gone soon.
Install the Firefox Add-on ‘CanvasBlocker’
Done.
PS: Though you don’t need scripts on here anyway most of the time, so just using NoScript with block-all will also work — but both is better for obvious reasons (most people don’t want all scripts blocked from everywhere).
Cheers.
You are not an Idiot you are a human being.
I run Tor with no script.
May as well grab ssleverywhere from eff’s site, and self-destructing cookies from firefox’s addons. I’d also advise the ixquick ssl, startpage ssl and disconnect search add-ons so you can use those instead of google (why are you using google?). SSL Everywhere is good practice without exception — and doubly useful if you’re willing to enable EFF’s SSL observatory it’ll also help you suss out cert forgeries (however, enabling SSL observatory has some potential privacy implications, so it might not fit your model of acceptable — ie, there’s a privacy risk vs reward to decide upon, so you might want to read up on that part).
Don’t know why I repeatedly said ssleverywhere there and only noticed it now. It’s httpseverywhere.
It’s easy to snipe at this issue from the edges, but at some point believers in free speech and privacy are going to have to find the balls to wade right into the mucky center of it and proclaim what they ought to know: that there is no such thing as obscenity, and no one should go to jail for it.
The mythical need to fight “child pornography” is the Crusader castle that sits right smack dab in the middle of our vanishing kingdom of inalienable rights. Even though the idea (as opposed to prohibition of “pornography” in general) was carved out only in the 1970s, groups like the ACLU haven’t dared to try to fight on for the total elimination of obscenity as a legal concept, and as a result not only are our liberties being shredded — children are being harmed.
I’ve read claims that the market in illegal child pornography could be as much as $4 billion. Children are being abducted just to make movies for profit by organized crime. Now organized crime used to dominate regular pornography, and in some settings still has far too much of a lingering influence because of the iffy legality of having sex for money (on film). But if we would just blow up the idea of obscenity altogether, then the pedo consumer would go download stuff from utterly horrible but legit sites on the web, and there’d be no profit in abusing the kids.
Now to be sure, so long as copyright persists (and in these comments I’ve previously advocated total reform of that also) I would never deny an abused child any power that is granted to the Disney Corporation, when it comes to controlling the films of his or her abuse. That means that if some kids want to show everyone how horrible it was, that’s their right; if they want to get it off the web entirely they can serve DMCA notices and sue sites, or farm that out to some company to do on their behalf for profit. If police want to use the film of their abuse to get legislators to pass new laws, they can do that — if the kids give them permission. Currently the kids don’t have that power; the child porn is not copyrighted and police are exempted from the censorship, so they don’t ask, don’t tell what they are showing around in global conferences. AND, if the kids grow up and decide that whatever else their abuse is, it’s also a source of compensation, then they should have the right to license it for commercial distribution.
What is the message that society would send with such a thing? Easy. That no matter what perverse compulsions, what disease a person might have, we don’t judge them based on their disease, nor their fantasies. We’d be saying: don’t go out and rape children, and we won’t have a problem. I don’t actually think that’s a bad message to send. When we rub the magic lamp of the law and wish for a hundred different things, who knows what the genie will do? We need to focus all our punitive and dissuasive power on the one single thing we care about: the actual safety of the real life child. Not the picture, not the perv who wanks to the picture, not the businessman who had it on his server, not the nerd who had encrypted pieces of it pass over his peer-to-peer network while he was trying to download Game of Thrones. Just the child.
More to the point in the current context, child pornography has long been the equivalent of spitting on the King’s portrait.
actually the Drug War is what gave the three branches of government the ability to wipe its ass with the constitution
Not really – look up Eugene Debs, Marcus Garvey, Sacco and Vanzetti etc. It dates back at least until some pompous ass on the Supreme Court argued that you didn’t have the right to yell fire in a crowded theater (that was Debs, speaking against the draft!!!). Of course, in reality every few years somebody yells fire in a crowded theater – nowadays it doesn’t usually kill people because there are enough doors, but even when it did they were never really prosecuted because they could always just say someone else yelled it first, thought they smelled smoke… it was just bullshit from start to finish. But the court wasn’t particularly serious about defending rights even before that, so some might dispute it began there – though that racist Wilson with his capitalists’ war fought with unpaid draftlings to get rid of the surplus unemployed led about as choice a group of villains as might be found.
Time those overpaid draft-dodging punks at the FBI removed their pinheads from their skankholes and acted upon threats of assassination to Mr. S!
Or do the feebs at that D.C. freak show only answer to Goldman Sachs?
Anyway, those Berlusconi-sucking Itals had best read Eric Bogosian’s book, Operation Nemesis for an idea of what is to follow.
The same “logic” these buttholes use to justify computer spying (“child porn! terrorism!”) could be used to justify random inspections/raids on our homes, random strip searches on the streets, or any other such outrages.
People have a right to have privacy and secrets. Some people will abuse those rights. That sucks, but it’s the price of not living under tyranny.
I’ve certainly run into my fair share of people who think that activists are wasting oxygen. And yes, I know that malicious hackers are intentionally deceptive, but on some occasions at least, I’ve found myself wondering how people don’t see through them more easily.
Italy? If these sleazebags were found to be working out of The Vatican, I wouldn’t be surprised in the slightest. Ratzinger is still around.
Apparently the Mafia no longer has a monopoly on paying hit men to have opponents killed/silenced/disappeared. Must be Capitalism and the Free Market.
>I agree with serge and daniele. The standard answer by david and eric is very effective with the press, but could be counterproductive with a customer that is not concerned about the civil rights but whether using rcs is safe or not for him.
>Tomorrow, starting from the points listed by daniele in his mail, we should create a technical standard response (only for the customers).
So, that happened.
that’s why it’s a joke
Thats why whats a joke?
Civil Engnerring 2015 | Christopher Soghoian On The Growing Trade in Sofware Security Exploits
https://m.youtube.com/watch?v=-nl7nC8w_Zo
HackingTeam today published a news report that says that their viruses are roaming freely in the internet:
While the legit agencies already have their malware, now the bad guys getting to download and use them is going to be a problem for all.
Fear not General.
The White Hats are already documenting the exploits that this sleezy company had published and is getting them closed (the Adobe Flash update yesterday was one of their exploits). This is actually a good thing, as it will close up some open back doors only the bad guys knew about.
I have had notifications from Adobe to update to the latest version.
Using Firefox I hit the link and choose not to install the free McAfee Security Scan Plus utility to check the status of my PC security, download the Player set up and then my machine locks up when I try to run the App. I had turned off my AVG Antivirus and allow the App but the Adobe download manager wont run. My Internet exployer browser then displays a dead adobe page.
Whats up with that.
I hit that from google…once. Immediately got suspicious, because of the way it tried to work. Ditched it.
Italy? If these sleazebags were found to be working out of The Vatican, I wouldn’t be surprised in the slightest. Ratzinger is still around.
Whoops, my ‘Italy’ post went on a reply to you by mistake. Sorry.
It got added to the three most active exploit kits (what’s used for driveby exploitation) in something like a day. Something to ponder.
There’s now admitted to be a second exploit in the same files, which they might patch in a week… current advice is to disable Flash until then. Omitted is the perhaps more useful advice not to turn it on after that, because the government will probably just arrange another backdoor for its plausibly deniable hackers to enter.
There’s no need to completely remove Flash. Just remove the autoplay and set it to click to play. Use NoScript. Only click to play on sites you explicitly are willing to trust. There are some sites that require Flash that you’re probably willing to trust. Some older Youtube vids for instance will only play in Flash.
That news isn’t new news, and it’s one reason I was pointing a finger with an implied question mark at/about their “strangely fast” patch time for one of the bugs and not the other.
BTW you do realise ‘backdoor’ and ‘exploit’ aren’t the same thing, yes?
No, I think enough bad guys already had it.
This is fucking disgusting and a signifier of both the principles and MO this organization runs by.