NSA WiFi Honeypot Works 8 Miles Away

Engadget reports that security guru Jacob Appelbaum told those at the Chaos Communications Congress this weekend that the NSA’s big box of tools includes Nightstand, a custom device that can compromise WiFi networks for the sake of inserting spy software. NIGHTSTAND hijacks the target network and uses packet injection to install exploits on the target network’s computers.

The Linux-powered device can exploit Windows systems from up to eight miles away. Nightstand may not see significant use today given that it dates back to 2008, but its existence suggests that the NSA also has newer, more advanced WiFi surveillance gear at its disposal.

NSA’s “active GSM base station”, for example, makes it possible to mimic a mobile phone tower and thus monitor cell phones — for $40,000.

The NSA can infiltrate virtually all areas of the iPhone, including voice mail, contact lists, instant messages, and cell tower location, in addition to reading cookies on browsers for access to browsing history and Google Analytics.

NSA Director Keith Alexander has made several appearances at major hacker conferences in the United States.

The NSA’s Office of Tailored Access Operations, or TAO, works together with other intelligence agencies such as the CIA and FBI. The NSA’s ANT division doesn’t just manufacture surveillance hardware. It also develops software for special tasks. The ANT developers have a clear preference for planting their malicious code in so-called BIOS, software.

According to Der Speigel, around 85,000 computers worldwide are projected to be infiltrated by the NSA specialists by the end of this year. By far the majority of these “implants” are conducted by TAO teams via the Internet. TAO can attack even isolated networks that aren’t connected to the Internet.

Here’s How Law Enforcement Tracks Cellular Phones.

See: How to Hack Millions of Routers, Surveillance State , How Your Location & Preferences are Recorded,

Google and Apple Battle for Connected Car

Google and Apple will be battling for digital supremacy in the automobile, reports the Wall Street Journal. Next week at the Consumer Electronics Show, Google and Audi plan to announce a partnership to develop in-car entertainment and information systems based on Google’s Android software, says the Journal.

The aim is to allow drivers and passengers to access music, navigation, apps and services that are similar to those widely available now on Android-powered smartphones.

The collaborative efforts includes other automotive and tech companies, including chip maker Nvidia. Google has provided its map technology to a range of auto makers since 2006, including Audi, Toyota and Tesla Motors.

Last June Apple announced plans to integrate its iOS operating system into car makers’ dashboards. Apple so far has the support of BMW, Mercedes-Benz, General Motors and Honda. Apple has said that it expects a dozen car brands to adopt the technology in 2014.

Apple says that 95 percent of vehicles sold today are already able to work directly with iOS devices for music and playback control, but iOS in the Car will expand that functionality to also include phone calls, maps/directions, and sending and receiving iMessages using your vehicle’s screen or eyes- and hands-free using Siri.

A year ago, Audi used the trade show to demonstrate a car that could navigate through a parking garage and pull into a parking space without a driver. BMW, also based in Germany, plans to a demonstrate related technology at CES.

Ford is also expected to demonstrate an autonomous vehicle at CES next week.

With 80 million new cars and light trucks sold each year, automobiles represent a significant new opportunity for Internet-based software and services.

Five years ago infotainment ranked 27th on a list of features most cars shopper wanted. Now it’s in the top five.

According to research firm Analysys Mason, 11.5 million connected cars will ship this year, growing to around 170 million in 2023. General Motors’ OnStar service currently has 6 million customers. Worldwide sales of HUD-equipped cars will increase from 1.2 million units in 2012 to 9.1 million in 2020.

Related DailyWireless stories on transit connectivity include; Inside Google’s Driverless Car, Driverless Cars Rolling Out in UK, Autonet Does Control and Diagnostic Apps, Verizon Forms Connected Car Venture, Automotive Telematics Goes 4G, Ford Lowers SYNC Costs, Google’s Driverless Car Explained, World Congress on Talking Cars, Connected Car Conference, Google + General Motors?, Ford Mobilizes Smartphone Apps, Hands-free Vehicular Calling, Tracking Tools, In-Vehicle Infotainment: Death Race, Mercedes myCOMAND, BMW iDrive Gets Makeover, Handheld Intelligent Transportation, Chrysler Offers Internet Access, Ford Sync.

Cisco: What Backdoor?

GigaOm reports that Cisco is investigating a claim by Germany’s Der Spiegel, that the company is among many whose devices have been backdoored by the NSA to assist in the agency’s espionage efforts.

The Sunday article, based on leaked NSA documents, said an NSA unit had “burrowed its way into nearly all the security architecture made by the major players in the industry — including American global market leader Cisco and its Chinese competitor Huawei.” The report also named a variety of other manufacturers, both American and non-U.S., as targets of NSA cracking.

Der Spiegel on Monday said the affected products include the company’s 500-series PIX and ASA (5505, 5510, 5520, 5540 and 5550) firewalls. However, the documents date back to 2007, and newer products may also have been cracked.

In a Cisco blog post, the company said it was “deeply concerned with anything that may impact the integrity of our products or our customers’ networks” and was trying to find out more about the claims.

According to Cisco’s John Stewart; “As we have stated prior, and communicated to Der Spiegel, we do not work with any government to weaken our products for exploitation, nor to implement any so-called security ‘back doors’ in our products.”

U.S. manufacturers of networking equipment have long been required by a law called CALEA to build surveillance capabilities into their products. So when Cisco says it never works with governments to include backdoors, it’s worth noting that the company has several pages online describing the “lawful intercept” capabilities built into some of its equipment, allowing voice and data wiretaps, notes GigaOm.

T-Mobile: Free Facebook Access on GoSmart

GoSmart, the prepaid service of T-Mobile US, said on Monday it would offer its customers free access to Facebook whether or not they subscribe to its data service.

T-Mobile hopes to attract customers and encourage existing customers to buy its data service.

T-Mobile executive Gavin Dillon said while some of these customers would be content with using Facebook on slower speeds, it could entice others to upgrade to service plans ranging from $35 to $45 per month, which include data.

GoSmart is geared toward consumers more interested in voice and text services than high-speed Internet access. Customers can use their own GSM phone on the service.

GoSmart is separately branded to differentiate it from T-Mobile’s other prepaid service, which includes HSPA+ data, faster data plans, and higher-end handsets.

Related Dailywireless articles include; T-Mobile Includes Mobile Hotspot with Prepaid Data, T-Mobile: 200 MB Free, T-Mobile Lowers Cost of International Roaming, T-Mobile’s Value Plan, AT&T Prepaid Going Nationwide

Senate Report on Data Brokers: Exploitative

A Senate committee released a report this week (pdf) that said data brokers, the companies that trade in consumer data, are taking advantage of credit-challenged people, using big data to craft exploitative scams.

“The disclosures about U.S. intelligence activities over the past few months have sparked a very public debate in this country about what kinds of information the government should be gathering, and how we protect the privacy of Americans who have done nothing wrong,” said Chairman John (Jay) Rockefeller.

These days, data brokers don’t just know our address, our income level, and maybe our political affiliation. They have collected thousands of data points about each one of us, said the report:

  • They know if you have diabetes or suffer from depression;
  • They know if you smoke cigarettes;
  • They know your reading habits;
  • They know how much you and your family members weigh;
  • And they may even know how many whiskey drinks you have consumed in the last 30 days.

Like the pieces of a mosaic, data brokers combine data points like these into startlingly detailed and intimate profiles of American consumers. Under current laws, we have no right to see these pictures of ourselves that these companies have created.

Companies covered in the report include well-known firms, like Datalogix and Acxiom, as well as credit reporting companies that also trade in consumer data, like Experian and TransUnion.

The Senate committee set out to answer four questions: what data is collected, how specific it is, how it’s collected, and how it’s used. The companies stonewalled the Senate committee on substantial answers to the latter two.

The report harkens back repeatedly to the good old days of data collection, when many of the same companies queried used demographic information like zip codes to help marketers figure out where to send catalogs, notes ArsTechnica.

The business of spying on Internet users so that the information can be sold to advertisers is one of the fastest-growing businesses today, explains Fresh Air.

Julia Angwin (twitter) recently led a team of reporters from The Wall Street Journal in analyzing the tracking software and discovered that nearly all of the most commonly visited websites gather information in real time about the behavior of online users. Visiting the top 50 internet websites resulted in more than 3,000 cookies embedded into a “clean” computer. Wikipedia had no cookies. Dictionary.com had the most, with over 250 attached to their computer on a single visit.

The multi-billion dollar data mining industry is taking target marketing into a New Frontier. Every time you swipe a rewards card at a store, that data goes somewhere to get analyzed. Marketplace’s Stacey Vanek-Smith takes a look and visits a data mining company.

Location data has long been seen as the key to increasing mobile advertising spending, which hovered at $4.06 billion in 2012, according to eMarketer. eMarketer expects US mobile ad spending to reach $7.19 billion in 2013 and nearly $21 billion by 2016.

Mobile is expected to reach an 11% share of total US ad spending by 2016—when it will overtake radio but still be below print (combining magazines and newspapers).

Related Dailywireless articles include Behavioral Advertising, Advertisers Link Phones to More Devices, Behavioral Targeting: Kill/Capture, Behavioral Advertising Opt Out, NSA Stores Social MetaData on US Persons, Phone Companies Sell Subscriber Data

Apple and China Mobile Do Deal

Apple and China Mobile have (finally) announced an agreement to bring iPhone to the world’s largest mobile network. As part of the agreement, iPhone 5s and iPhone 5c will be available across mainland China beginning on Friday, January 17.

The iPhone on China Mobile will support TD-SCDMA (3G) and TD-LTE (4G) which have not previously been available on Apple’s iPhones.

China Mobile’s TD-LTE network uses 2.5 GHz, virtually identical technology used by Sprint’s Clearwire, making it likely that Apple will introduce a Sprint Spark model in the future to compete with the Spark-enabled Galaxy S4.

China Mobile, the world’s largest mobile phone company with over 760 million subscribers, is rolling out the world’s largest 4G network. The company says it now has over 1.2 million 2G/GSM, 3G/TD-SCDMA, 4G/TD-LTE base stations and over 4.2 million Wi-Fi access points. By the end of 2013, China Mobile’s 4G services will be available in 16 cities including Beijing, Shanghai, Guangzhou and Shenzhen.

By the end of 2014, China Mobile plans to complete the rollout of more than 500,000 4G base stations, which will cover more than 340 cities with 4G service.

Apple could sell millions of iPhones next year through China Mobile, reports All Things D. Piper Jaffray sees the potential for 17 million sales by China Mobile, while ISI analyst Brian Marshall said sales could reach nearly 39 million iPhones next year.

China Mobile controls the vast majority of its domestic mobile services market with a 70% market share, according to Wikipedia. China Unicom (GSM) and China Telecom (CDMA) have 20% and 10% shares, respectively.

According to the Associated Press, China Mobile rivals China Telecom and China Unicom, with than 450 million subscribers between them, pays $410 of the iPhone’s $900 cost in exchange for a customer signing a two-year contract to pay a minimum of $30 per month. China Mobile will likely have to match those terms to achieve significant sales.

But most of China Mobile’s subscribers are still using 2G. Their S-CDMA (3G) system has not been broadly adopted as a world-wide standard, unlike the TD-LTE (4G) standard.

China Mobile’s iPhone supports all major network standards, making a global phone.

Apple’s net sales in China for the fiscal year ended September 2013 were $25.4 billion, accounting for about 15 per cent of Apple’s $171 billion in total net sales.

Apple could expect as much as a $3 billion bump in 2014 revenue, say industry observers. China is Apple’s second-largest market after the United States. Apple currently sells phones to China Telecom and China Unicom but not China Mobile.

TD-LTE is spectrally efficient because it allows asymmetrical use of unpaired spectrum, for both uplink and downlink. The FCC, however, auctions spectrum in paired (Frequency Division) lots. That’s because the carriers write the FCC guidelines, say critics. Efficient use of spectrum is not the carrier’s main concern. They can just raise prices.

Selling more iPhones is not the real story here. It’s 2-3 billion people coming on-line with smartphones and broadband. It’s going to be a different world in the next few years. In ways difficult to foresee.

Related Dailywireless articles include; No Apple Announcement (Yet) from China Mobile, Apple TD-LTE Phones to China Mobile , China Issues TD-LTE Licenses, AlcaLu Wins Big TD-LTE Contracts for China, Ericsson Wins Big China Mobile TD-LTE Contract, China Mobile Getting iPhones?, China Mobile Awards Initial TD-LTE Contracts