BlackBerry’s no-phone business model isn’t working out as planned

BlackBerry Ltd, the company that once led the world’s “smartphone” market and ruled the corporate mobile e-mail world, posted its financials today for the most recent three months, and they were not pretty. Software and professional services sales were down by 4.7 percent, totaling $101 million for the quarter, and as a result the company missed analyst expectations for revenue by a wide mark.

The news comes as a blow to investors, who had pumped up the price of BlackBerry’s stock by about 60 percent over the past three months—largely because people were so bullish on BlackBerry’s software sales exploding. Today, the company’s share price fell by over 12 percent before close. In fact, the company only turned a profit because of a $940 million payment from Qualcomm to settle arbitration over royalty payments.

In 2016, BlackBerry completely outsourced manufacturing of its phones. Since then, revenues from phone sales have collapsed—totaling $37 million for the quarter ending May 31, compared to $152 million last year.

Read 1 remaining paragraphs | Comments

Obama reportedly ordered implants to be deployed in key Russian networks

In his final days as the 44th president of the United States, Barack Obama authorized a covert hacking operation to implant attack code in sensitive Russian networks. The revelation came in an 8,000-word article The Washington Post published Friday that recounted a secret struggle to punish the Kremlin for tampering with the 2016 election.

According to Friday’s article, the move came some four months after a top-secret Central Intelligence Agency report detailed Russian President Vladimir Putin’s direct involvement in a hacking campaign aimed at disrupting or discrediting the presidential race. Friday’s report also said that intelligence captured Putin’s specific objective that the operation defeat or at least damage Democratic candidate Hillary Clinton and help her Republican rival Donald Trump. The Washington Post said its reports were based on accounts provided by more than three dozen current and former US officials in senior positions in government, most of whom spoke on the condition of anonymity.

In the months that followed the August CIA report, 17 intelligence agencies confirmed with high confidence the Russian interference. After months of discussions with various advisors, Obama enacted a series of responses, including shutting down two Russian compounds, sanctioning nine Russian entities and individuals, and expelling 35 Russian diplomats from the US. All of those measures have been known for months. The Post, citing unnamed US officials, said Obama also authorized a covert hacking program that involved the National Security Agency, the CIA, and the US Cyber Command. According to Friday’s report:

Read 1 remaining paragraphs | Comments

Windows 10 S‘ security brought down by, of course, Word macros

The major premise justifying Windows 10 S, the new variant of Windows 10 that can only install and run applications from the Windows Store, is that by enforcing such a restriction, Windows 10 S can—like iOS and Chrome OS—offer greater robustness and consistency than regular Windows. For example, as Microsoft has recently written, apps from the Windows Store can’t include unwanted malicious software within their installers, eliminating the bundled spyware that has been a regular part of the Windows software ecosystem.

If Windows 10 S can indeed provide much stronger protection against bad actors—both external ones trying to hack and compromise PCs and internal ones, such as schoolkids—then its restrictions represent a reasonable trade-off. The downside is that you can’t run arbitrary Windows software; the upside is that you can’t run arbitrary Windows malware. That might not be the right trade-off for every Windows user, but it’s almost surely the right one for some.

But if that protection is flawed—if the bad guys can somehow circumvent it—then the value of Windows 10 S is substantially undermined. The downside for typical users will remain, as there still won’t be any easy and straightforward way to install and run arbitrary Windows software. But the upside, the protection against malware, will evaporate.

Read 16 remaining paragraphs | Comments

Espionage suspect totally thought messages to Chinese intel were deleted

On June 22, Kevin Patrick Mallory was brought before a US federal judge for his first hearing on charges that he sold highly classified documents to a Chinese intelligence agent. These documents, which are considered “National Defense Information,” included at least one Top Secret document and three classified as Secret and were found on a phone Mallory had been provided by his Chinese contacts. Mallory, a 60-year-old former Central Intelligence Agency employee living in Leesburg, Virginia, had thought the documents were in messages that had been deleted automatically from the device. Mallory faces life in prison if convicted.

Mallory, an independent consultant, had previously been an employee of “various government agencies” as well as several defense contractors. An Army veteran, Mallory worked at the State Department from 1987 to 1990. And according to The Washington Post, Mallory was also confirmed to have worked at the CIA, among other places. According to the FBI, Mallory was also an Army reservist during this time and served on active duty for several deployments. For much of his career, he held a Top Secret clearance, which was rescinded when he left government service in 2012.

According to the indictment, at some point during his service at the unnamed agency or at a defense contractor, Mallory—who is fluent in Mandarin—secreted out a collection of documents. Mallory told the FBI that while in China doing consulting work for a state-funded think tank in March and April of this year, he was approached by individuals he then believed to be with China’s intelligence service and was given a phone to communicate with them secretly. During an interview with the FBI on May 24, FBI agent Stephen Green recounted in an affidavit requesting an arrest warrant:

Read 6 remaining paragraphs | Comments

Low-latency satellite broadband gets approval to serve US residents

A company seeking to offer low-latency broadband from satellites yesterday received a key approval from the Federal Communications Commission.

“Over a year ago, OneWeb was the first company to seek approval to enter the US market with a system of high-capacity satellites that orbit closer to Earth than any satellite has ever before,” FCC Chairman Ajit Pai said before yesterday’s vote. “The goal of this non-geostationary satellite orbit (NGSO) technology is to provide global, high-speed broadband service—and its use case is particularly compelling in remote and hard-to-serve areas.”

Today’s satellite ISPs have average latencies of 600ms or more, according to FCC measurements, with satellites orbiting the Earth at about 35,400km. By contrast, OneWeb satellites would orbit at altitudes of about 1,200km. The company says its Internet access would have latencies of around 30ms, just a bit higher than typical cable systems. Speeds would be around 50Mbps.

Read 8 remaining paragraphs | Comments

Check Point says Fireball malware hit 250 million; Microsoft says no

Microsoft sparked a curious squabble over malware discovery and infection rates. At the start of the month security firm Check Point reported on a browser hijacker and malware downloader called Fireball. The firm claimed that it had recently discovered the Chinese malware and that it had infected some 250 million systems.

Today, Microsoft said no. Redmond claimed that actually, far from being a recent discovery, it had been tracking Fireball since 2015 and that the number of infected systems was far lower (though still substantial) at perhaps 40 million.

The two companies do agree on some details. They say that the Fireball hijacker/downloader is spread through being bundled with programs that users are installing deliberately. Microsoft further adds that these installations are often media and apps of “dubious origin” such as pirated software and keygens. Check Point says that the software was developed by a Chinese digital marketing firm named Rafotech and fingers similar installation vectors; it piggy backs on (legitimate) Rafotech software and may also be spread through spam, other malware, and other (non-Rafotech) freeware.

Read 5 remaining paragraphs | Comments

How the CIA infects air-gapped networks

Documents published Thursday purport to show how the Central Intelligence Agency has used USB drives to infiltrate computers so sensitive they are severed from the Internet to prevent them from being infected.

More than 150 pages of materials published by WikiLeaks describe a platform code-named Brutal Kangaroo that includes a sprawling collection of components to target computers and networks that aren’t connected to the Internet. Drifting Deadline was a tool that was installed on computers of interest. It, in turn, would infect any USB drive that was connected. When the drive was later plugged into air-gapped machines, the drive would infect them with one or more pieces of malware suited to the mission at hand. A Microsoft representative said none of the exploits described work on supported versions of Windows.

The infected USB drives were at least sometimes able to infect computers even when users didn’t open any files. The so-called EZCheese exploit, which was neutralized by a patch Microsoft appears to have released in 2015, worked anytime a malicious file icon was displayed by the Windows explorer. A later exploit known as Lachesis used the Windows autorun feature to infect computers running Windows 7. Lachesis didn’t require Explorer to display any icons, but the drive of the drive letter the thrumbdrive was mounted on had to be included in a malicious link. The RiverJack exploit, meanwhile, used the Windows library-ms function to infect computers running Windows 7, 8, and 8.1. Riverjack worked only when a library junction was viewed in Explorer.

Read 4 remaining paragraphs | Comments

Scammer who made 96 million robocalls should pay $120M fine, FCC says

The Federal Communications Commission today said that a scammer named Adrian Abramovich “apparently made 96 million spoofed robocalls during a three-month period” in order to trick people into buying vacation packages. The FCC proposed a fine of $120 million, but it will give the alleged perpetrator a chance to respond to the allegations before issuing a final decision.

The robocalls appeared to come from local numbers, and they told recipients to “press 1” to hear about exclusive vacation deals from well-known hotel chains and travel businesses such as Marriott, Expedia, Hilton, and TripAdvisor, the FCC said.

“Consumers who did press the button were then transferred to foreign call centers where live operators attempted to sell vacation packages often involving timeshares,” the FCC said. “The call centers were not affiliated with the well-known travel and hospitality companies mentioned in the recorded message.”

Read 10 remaining paragraphs | Comments