Connect with us

Tech

It Seemed Like a Popular App. But It’s Secretly an Emirati Spy Tool – News18

Published

 on


Washington: It is billed as an easy and secure way to chat by video or text message with friends and family, even in a country that has restricted popular messaging services like WhatsApp and Skype.

But the service, ToTok, is actually a spying tool, according to US officials familiar with a classified intelligence assessment and a New York Times investigation into the app and its developers. It is used by the government of the United Arab Emirates to try to track every conversation, movement, relationship, appointment, sound and image of those who install it on their phones.

ToTok, introduced only months ago, was downloaded millions of times from the Apple and Google app stores by users throughout the Middle East, Europe, Asia, Africa and North America. While the majority of its users are in the Emirates, ToTok surged to become one of the most downloaded social apps in the US last week, according to app rankings and App Annie, a research firm.

ToTok amounts to the latest escalation in a digital arms race among wealthy authoritarian governments, interviews with current and former US foreign officials and a forensic investigation showed. The governments are pursuing more effective and convenient methods to spy on foreign adversaries, criminal and terrorist networks, journalists and critics — efforts that have ensnared people all over the world in their surveillance nets.

Persian Gulf nations like Saudi Arabia, the Emirates and Qatar previously turned to private firms — including Israeli and U.S. contractors — to hack rivals and, increasingly, their own citizens. The development of ToTok, experts said, showed that the governments can cut out the intermediary to spy directly on their targets, who voluntarily, if unwittingly, hand over their information.

A technical analysis and interviews with computer security experts showed that the firm behind ToTok, Breej Holding, is most likely a front company affiliated with DarkMatter, an Abu Dhabi-based cyberintelligence and hacking firm where Emirati intelligence officials, former National Security Agency employees and former Israeli military intelligence operatives work. DarkMatter is under FBI investigation, according to former employees and law enforcement officials, for possible cybercrimes. The U.S. intelligence assessment and the technical analysis also linked ToTok to Pax AI, an Abu Dhabi-based data mining firm that appears to be tied to DarkMatter.

Pax AI’s headquarters operate from the same Abu Dhabi building as the Emirates’ signals intelligence agency, which until recently was where DarkMatter was based.

The UAE is one of America’s closest allies in the Middle East, seen by the Trump administration as a bulwark against Iran and a close counterterrorism partner. Its ruling family promotes the country as an example of a modern, moderate Arab nation, but it has also been at the forefront of using surveillance technology to crack down on internal dissent — including hacking Western journalists, emptying the banking accounts of critics, and holding human rights activists in prolonged solitary confinement over Facebook posts.

The government blocks specific functions of apps like WhatsApp and Skype, a reality that has made ToTok particularly appealing in the country. Huawei, the Chinese telecom giant, recently promoted ToTok in advertisements.

Spokesmen for the CIA and the Emirati government declined to comment. Calls to a phone number for Breej Holding rang unanswered, and Pax employees did not respond to emails and messages. An FBI spokeswoman said that “while the FBI does not comment on specific apps, we always want to make sure to make users aware of the potential risks and vulnerabilities that these mechanisms can pose.”

When The Times initially contacted Apple and Google representatives with questions about ToTok’s connection to the Emirati government, they said they would investigate. On Thursday, Google removed the app from its Play store after determining ToTok violated unspecified policies. Apple removed ToTok from its App Store on Friday and was still researching the app, a spokesman said. ToTok users who already downloaded the app will still be able to use it until they remove it from their phones.

It was unclear when U.S. intelligence services first determined that ToTok was a tool of Emirati intelligence, but one person familiar with the assessment said that U.S. officials have warned some allies about its dangers. It is not clear whether U.S. officials have confronted their counterparts in the Emirati government about the app. One digital security expert in the Middle East, speaking on the condition of anonymity to discuss powerful hacking tools, said that senior Emirati officials told him that ToTok was indeed an app developed to track its users in the Emirates and beyond.

ToTok appears to have been relatively easy to develop, according to a forensic analysis performed for The Times by Patrick Wardle, a former NSA hacker who works as a private security researcher. It appears to be a copy of a Chinese messaging app offering free video calls, YeeCall, slightly customized for English and Arabic audiences.

ToTok is a cleverly designed tool for mass surveillance, according to the technical analysis and interviews, in that it functions much like the myriad other Apple and Android apps that track users’ location and contacts.

On the surface, ToTok tracks users’ location by offering an accurate weather forecast. It hunts for new contacts any time a user opens the app, under the pretense that it is helping connect with their friends, much like how Instagram flags Facebook friends. It has access to users’ microphones, cameras, calendar and other phone data. Even its name is an apparent play on the popular Chinese app TikTok.

Though billed as “fast and secure,” ToTok makes no claim of end-to-end encryption, like WhatsApp, Signal or Skype. The only hint that the app discloses user data is buried in the privacy policy: “We may share your personal data with group companies.”

So instead of paying hackers to gain access to a target’s phone — the going rate is up to $2.5 million for a hacking tool that can remotely access Android phones, according to recent price lists — ToTok gave the Emirati government a way to persuade millions of users to hand over their most personal information for free.

“There is a beauty in this approach,” said Wardle, now a security researcher at Jamf, a software company. “You don’t need to hack people to spy on them if you can get people to willingly download this app to their phone. By uploading contacts, video chats, location, what more intelligence do you need?”

In an intelligence-gathering operation, Wardle said, ToTok would be Phase 1. Much like the NSA’s bulk metadata collection program — which was quietly shut down this year — ToTok allows intelligence analysts to analyze users’ calls and contacts in search of patterns, though its collection is far more invasive. It is unclear whether ToTok allows the Emiratis to record video or audio calls of its users.

Each day, billions of people freely forgo privacy for the convenience of using apps on their phones. The Privacy Project by the Times’ Opinion section published an investigation last week revealing how app makers and third parties track the minute-by-minute movements of mobile phone users.

Private companies collected that data for targeted marketing. In ToTok’s case — according to current and former officials and digital crumbs the developers left behind — much of the information is funneled to intelligence analysts working on behalf the Emirati state.

In recent months, semiofficial state publications began promoting ToTok as the free app long sought by Emiratis. This month, users of a messaging service in the Emirates requiring paid subscriptions, Botim, received an alert telling users to switch to ToTok — which it called a “free, fast and secure” messaging app. Accompanying the message was a link to install it.

The marketing seems to have paid off.

In reviews, Emiratis expressed gratitude to ToTok’s developers for finally bringing them a free messaging app. “Blessings! Your app is the best App so far that has enable me and my family to stay connected!!!” one wrote. “Kudos,” another wrote. “Finally, an app that works in the UAE!”

ToTok’s popularity extended beyond the Emirates. According to recent Google Play rankings, it was among the top 50 free apps in Saudi Arabia, Britain, India, Sweden and other countries. Some analysts said it was particularly popular in the Middle East because — at least on the surface — it was unaffiliated with a large, powerful nation.

Though the app is a tool for the Emirati government, the exact relationship between the firms behind it is murky. Pax employees are made up of European, Asian and Emirati data scientists, and the company is run by Andrew Jackson, an Irish data scientist who previously worked at Palantir, a Silicon Valley firm that works with the Pentagon and U.S. spy agencies.

Its affiliate company, DarkMatter, is in effect an arm of the Emirati government. Its operations have included hacking government ministries in Iran, Qatar and Turkey; executives of FIFA, the world soccer organization; journalists and dissidents.

Last month, the Emirati government announced that DarkMatter would combine with two dozen other companies to create a defense conglomerate focused on repelling cyberattacks.

The FBI is investigating American employees of DarkMatter for possible cybercrimes, according to people familiar with the investigation. The inquiry intensified after former NSA hackers working for the company grew concerned about its activities and contacted the bureau. Reuters first reported the program they worked on, Project Raven.

At Pax, data scientists openly brag about their work on LinkedIn. One who listed his title as “data science team lead” said he had created a “message intelligence platform” that reads billions of messages to answer four questions: “who you are, what you do, how do you think, and what is your relationship with others.”

“With the answers to these four questions, we know everything about one person,” wrote the data scientist, Jingyan Wang.

Other Pax employees describe their experience creating tools that can search government data sets for faces from billions of video feeds and pinpoint Arabic dialects from transcribed video messages.

None mention an affiliation with ToTok.

Mark Mazzetti, Nicole Perlroth and Ronen Bergman c.2019 The New York Times Company

Get the best of News18 delivered to your inbox – subscribe to News18 Daybreak. Follow News18.com on Twitter, Instagram, Facebook, Telegram, TikTok and on YouTube, and stay in the know with what’s happening in the world around you – in real time.

Let’s block ads! (Why?)



Source link

Continue Reading

Tech

Flying car: Canadians bring flying car one step closer to reality – Globalnews.ca

Published

 on



A flying car could allow us to get from point A to B, exploring the skies while never sitting in traffic.

This technology is no longer the stuff of fantasy. Numerous companies around the world are racing to make theirs available.

Canada’s Marcus Leng leads one of them.

“I think we’ve all had dreams of complete three-dimensional freedom,” said Leng, who is the CEO of Opener, a company developing a personal aerial vehicle.

As a young boy walking to school, he would wonder if there would ever be an aircraft that you could just jump in “and be able to take off vertically and fly wherever you wanted.”

He started designing and building prototypes in his basement in the small community of Warkworth, Ont.

Read more:
Ground-breaking flying taxi cruises through Paris

“I think our house became a factory,” he recalls.

“The basement was used for basically doing all the structure work … and the kitchen was basically used for manufacturing motors,” he told Global’s current affairs show, The New Reality. “We used to bake the motors in the oven. Boy, would that stink.”

It took over a year for him to fly his first proof-of-concept vehicle in his front yard.

“I found myself eventually at the end of our driveway and my friends and neighbours … were behind a barrier of cars that we had set up,” Leng said.


Marcus Leng flying BlackFly. Photo: Opener.


Opener

“And I figure, just like in skiing, I’ll do a skidding turn in front of them. All went very well, except during the skidding turn, the edge of the wing made contact with the lawn … but the propulsion systems reacted so fast that it basically created this long divot as it scraped through grass without the aircraft losing any control.”

Using eVTOL, which stands for electric-powered vertical takeoff and landing, Leng said he was able to produce a vehicle that doesn’t need a runway to get off the ground.

It’s called BlackFly. Some people often refer to it as a flying car. Leng calls it a personal aerial vehicle designed to fit one person.

Read more:
Flying car completes intercity test flight in Slovakia

Anyone up to six feet six inches and weighing 200 pounds or less can use it.

It has a joystick, can fly in -20 Celsius weather, and operate in about 32 km/h winds.

“In the United States, which is our primary market, we have very serious weight restrictions. So, the American vehicles have a 20-plus mile (32 km) range for an operator that’s 200 pounds,” Leng said.

“In Canada, we don’t have those weight constraints and also we don’t have speed constraints,” said Leng, who in 2014 relocated the majority of his operations to Palo Alto, Calif.

One of the key features about BlackFly is you don’t need a pilot’s licence to fly it.

According to Leng, a potential owner would have to complete a training course and be at least 18 years old.

The nice thing about our vehicle is (that in) both the United States and Canada (it’s) classified as an ultralight aircraft,” he said. “In Canada, you require an ultralight licence, which is relatively easy and straightforward to obtain.”

In order to fly it, you need to take a short training course.

I think the most unique thing is that I can be an operator, you can be an operator … in the course of about two days and a few hours of simulation how to safely fly this aircraft,” said Kristina Menton, who is the director of operations, flight testing and propulsion lead at Opener.

“That is something that is exceptionally novel and really incredible — to be able to give that type of experience of three-dimensional flight to regular people.”  


Kristina Menton, director of operations at Opener, flying BlackFly.


Opener

She said the aircraft is almost exclusively made from carbon fibre, including the wings, fuselage and propellers. It’s electric, and therefore emissions-free.

“We have autoland features. So basically, when you get close to the ground, the aircraft will take over,” Menton said.

Canadians who help make BlackFly … fly

Menton has been working on BlackFly for years. When she first signed on with the company, she had no idea what product she’d be working on.

“I first met Marcus on a phone call the day before my last exam of university. He was looking to hire two mechanical engineers. At the time, the company was completely in stealth mode and he wasn’t able to say what the product was, who the investors were, really any of the technical details,” Menton told Global News.

“But I could get from the phone call that it was a pretty exciting and innovative opportunity and decided to take the leap to jump on board.”

She wasn’t the only one who took the leap. Eleanor Li, Menton’s classmate at the University of Toronto in mechanical engineering, did too. She joined Opener and moved to Silicon Valley without knowing the project she was hired to work on.

“Marcus basically came along and said, ‘Oh, we’re making this huge carbon epoxy part. Do you want to be part of our team?’ And I just said, ‘Yes, yes, here I am,’” said Li, who is now the plant manager at Opener.


Eleanor Li, plant manager at Opener, in a flight simulator at the company headquarters in Palo Alto, Calif.


Global News

For years, Leng had been secretly working on his invention while recruiting.

It wasn’t until 2018 that he started letting the world get a glimpse of BlackFly.

In July 2021, Li, Menton and Leng flew Blackfly at the Experimental Aircraft Association AirVenture show in Oshkosh, Wisc. The annual event can bring in hundreds of thousands of spectators.

“The flight is incredible. You have a panoramic view of anywhere,” said Li. “I told this to a few people at Oshkosh: when you’re in the aircraft, you feel like you are the aircraft and the aircraft is you.”

The team is working hard to make the aircraft available to consumers soon.

But first adopters will only be able to fly in rural areas. BlackFly is not allowed to go over built-up areas.

Leng is keeping the price tag to himself, but he believes as the industry advances, BlackFly will become more accessible to people.

“Our objective for next year is to produce 260 vehicles. But the ultimate goal is to be producing tens of thousands of these at a price that would be in line with an SUV,” he said.

See this and other original stories about our world on The New Reality airing Saturday nights on Global TV, and online.

Adblock test (Why?)



Source link

Continue Reading

Tech

Poll: The Hype For Grand Theft Auto: The Trilogy Is High, Is It In Your Switch Plans? – Nintendo Life

Published

 on


Grand Theft Auto: The Trilogy – The Definitive Edition getting official release details, along with a trailer and lots of screens, was certainly the standout and dominant news item at the end of the week. Perhaps counter to expectations the visual overhaul is a bit more than a simple upscale, with the footage looking rather familiar but undoubtedly fresh. That’s not to say it would be mistaken for footage of games developed from scratch in the 2020s, as characters in particular still have that angular look familiar from past generations.

The official information does point to key gameplay changes, such as controls more in tune with what players know from GTA V. Yet we’d suggest those control updates will need to be good; you may have fond memories of the original ‘3D’ GTA trilogy, but they’re of their time and don’t necessarily feel particularly smooth to play now. Perhaps The Trilogy will fix that, it’s certainly one of the big tests it’ll face.

Another question will be how it’ll stack up on Switch. We don’t think it’s a particularly outrageous suggestion to say we’ll be looking at it targeting 30fps on Nintendo’s system, at best, and if previous reports were accurate and Unreal Engine has been used, that makes some caution advisable. While Unreal games can certainly run on Switch, the system’s library is also full of dodgy ports where the different iterations of the engine simply don’t play nice with the hardware. Here’s hoping that the sheer volume of resources at Rockstar’s disposal – and the knowledge that the release could be a big seller on Switch – will ensure that a carefully optimised version arrives on the hybrid.

Image: Rockstar

As for the release details, it’s split up between eShop and retail. The digital / eShop version isn’t far away on 11th November, while those that want the physical edition need to wait until 7th December. It’ll cost £49.99 / $59.99, though that is three games in the package of course, while the file size is 25.4GB; we’ll need to wait and see whether Rockstar will opt for a Switch cartridge big enough to hold the full package or force mandatory downloads. We’ll keep an eye out for updates.

For some this trilogy release will be revisiting old classics, and no doubt for many it’ll represent their first playthroughs of these iconic games. We’re curious where you fall in these categories, so by all means pitch in with the polls and comments below – is this a November (eShop) or December (physical) pick-up for you?

Adblock test (Why?)



Source link

Continue Reading

Tech

Epic Games opposes Apple's effort to pause antitrust trial orders – Reuters

Published

 on


Smartphone with Epic Games logo is seen in front of Apple logo in this illustration taken, May 2, 2021. REUTERS/Dado Ruvic/Illustration/File Photo

Oct 22 (Reuters) – “Fortnite” creator Epic Games on Friday opposed Apple Inc’s (AAPL.O) efforts to put on hold orders handed down in an antitrust trial as a potentially lengthy appeals process plays out.

U.S. district Judge Yvonne Gonzalez Rogers in September struck down some of the iPhone maker’s App Store rules, including a prohibition on developers directing their users to other payment options beside Apple’s in-app payment system, in a partial win for Epic and other app makers. read more

Apple has until Dec. 9 to comply with the injunction, but earlier this month the company said it will appeal the ruling and asked Gonzalez Rogers to put her order on hold as the appeals process, which could take more than a year, unfolds.

Epic on Friday argued in a court filing that Apple has not met the legal standard for that pause, which requires Apple show that it will be irreparably harmed by even temporarily complying with the order if the injunction is later reversed on appeal.

Epic said that Apple’s positive comments about the ruling shortly after it landed, and its delay in asking for a pause, showed that it would not be harmed by enacting the orders.

“The public interest favors denying (Apple’s request); an injunction is the only path to effective relief,” Epic wrote. “History shows … that in the absence of an injunction, Apple will not make any changes.”

Apple did not immediately respond to a request for comment.

A hearing on Apple’s request is set for Nov. 9.

Reporting by Stephen Nellis in San Franicsco; Editing by Himani Sarkar

Our Standards: The Thomson Reuters Trust Principles.

Adblock test (Why?)



Source link

Continue Reading

Trending