We chat with Tim Sahay and Kate Mackenzie — authors of the indispensable newsletter The Polycrisis and hosts of the new podcast Electric World Order
· · ·
We lay out what an energy transition under conditions of polycrisis actually entails: things don’t just smoothly change while staying the same, instead it’s more like a material shift in the centre of political, economic, energetic power: from the petrostate (e.g. USA) to the electrostate (e.g. China).
Via Mike Pepi who’s speaking on Friday.
4—6pm
Researchers at Google and cybersecurity firms iVerify and Lookout on Wednesday jointly revealed the discovery of a sophisticated iPhone hacking technique known as DarkSword that they’ve seen in use on infected websites, capable of instantly and silently hacking iOS devices that visit those sites. While the technique doesn’t affect the latest, updated versions of iOS, it does work against iOS devices running versions of Apple’s previous operating system release, iOS 18
· · ·
the hackers who carried out that espionage campaign left the full, unobscured DarkSword code—complete with explanatory comments in English that describe each component and include the “DarkSword” name for the tool—available on those sites for anyone to access and reuse. That carelessness, he says, practically invites other hacker groups to adopt it and target other iPhone users. “Anyone who manually grabbed all the different parts of the exploit could put them onto their own web server and start infecting phones. It’s as simple as that,” says Frielingsdorf. “It’s all nicely documented, also. It’s really too easy.”
· · ·
“Instead of using a spyware payload to brute force your way through the file system—which leaves tons of artifacts of exploitation that are pretty easy to detect—this just uses system processes the way they’re meant to be used,” iVerify’s Cole says. “And it leaves far fewer traces.”
· · ·
“People assumed that it was just going to be journalists or activists or maybe an opposition politician that was targeted, and that this wasn’t a concern for a normal citizen,” says Justin Albrecht, who leads mobile threat intelligence at Lookout. “Now that we see iOS exploits being delivered through an unscrupulous broker, there’s a whole market here for this to get to cybercriminals” who will use it with far less discretion.
· · ·
“If this one gets burned, I’ll just go get another one,” Cole says, describing the hackers’ apparent thinking. “They know there’s more where this came from.”
Quoted at length because paywall. WIRED’s reporting has been good as of late, and my subscription was absurdly inexpensive. Consider it if this is your kinda thing.
An internal DHS document obtained by 404 Media shows for the first time CBP used location data sourced from the online advertising industry to track phone locations. ICE has bought access to similar tools.
· · ·
DHS Office of the Inspector General (OIG) later found both CBP and ICE did not limit themselves to non-operational use. The OIG found that CBP, ICE, and the Secret Service all illegally used the smartphone location data, and found a CBP official used the data to track coworkers with no investigative purpose. CBP and ICE went on to repeatedly purchase access to location data.
“When you have that mosaic built from UK sovereign defence, health, roads, power networks, power stations, and our major industrial bases, you have a detailed understanding of virtually every aspect of the sovereign United Kingdom. For an adversary, or even a nation with whom we have a special relationship, that picture is worth more than all the fine art on Earth.”
This is mostly an article about the assassination of Ayatollah Ali Khamenei, but I was drawn to the intelligence operation, namely the construction of “patterns of life” through hacked traffic cameras.
Nearly all the traffic cameras in Tehran had been hacked for years, their images encrypted and transmitted to servers in Tel Aviv and southern Israel, according to two people familiar with the matter.
One camera had an angle that proved particularly useful, said one of the people, allowing them to determine where the men liked to park their personal cars and providing a window into the workings of a mundane part of the closely guarded compound.
Complex algorithms added details to dossiers on members of these security guards that included their addresses, hours of duty, routes they took to work and, most importantly, who they were usually assigned to protect and transport — building what intelligence officers call a “pattern of life”.
“Mark Leckey presenting his recent work including his solo exhibition enter through medieval wounds“
Friday, March 13
6:00 PM – 7:00 PM GMT
Online
Waves that purr
