CIA warning over Huawei
Telecoms giant accused of being funded by Chinese state security
A Chinese telecoms giant that wants to supply vital technology for Britain’s new 5G mobile network has received funding from branches of Beijing’s state security apparatus, the CIA has told spy chiefs.
American intelligence shown to Britain says that Huawei has taken money from the People’s Liberation Army, China’s National Security Commission and a third branch of the Chinese state intelligence network, according to a UK source.
The US shared the claims with Britain and its other partners in the Five Eyes intelligence alliance — Australia, New Zealand and Canada — earlier this year, with the UK entering the final stages of a wider review into its next generation mobile network rollout.
The funding allegation is the most serious claim linking the world’s largest telecoms equipment manufacturer to the Chinese state. Huawei insists that it is a private company that is independent of influence from the government and has repeatedly denied posing any security risks. Critics, however, warn that China’s laws oblige companies to co-operate with its security branches, and that “backdoors” could be built into software allowing it to spy on or disrupt British communications.
https://www.thetimes.co.uk/edition/news/cia-warning-over-huawei-rz6xc8kzk
https://www.forbes.com/sites/zakdoffman/2019/04/20/cia-offers-proof-huawei-has-been-funded-by-chinas-military-and-intelligence/
#Huawei #Spy #Warning #CIA #USA #China
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
Telecoms giant accused of being funded by Chinese state security
A Chinese telecoms giant that wants to supply vital technology for Britain’s new 5G mobile network has received funding from branches of Beijing’s state security apparatus, the CIA has told spy chiefs.
American intelligence shown to Britain says that Huawei has taken money from the People’s Liberation Army, China’s National Security Commission and a third branch of the Chinese state intelligence network, according to a UK source.
The US shared the claims with Britain and its other partners in the Five Eyes intelligence alliance — Australia, New Zealand and Canada — earlier this year, with the UK entering the final stages of a wider review into its next generation mobile network rollout.
The funding allegation is the most serious claim linking the world’s largest telecoms equipment manufacturer to the Chinese state. Huawei insists that it is a private company that is independent of influence from the government and has repeatedly denied posing any security risks. Critics, however, warn that China’s laws oblige companies to co-operate with its security branches, and that “backdoors” could be built into software allowing it to spy on or disrupt British communications.
https://www.thetimes.co.uk/edition/news/cia-warning-over-huawei-rz6xc8kzk
https://www.forbes.com/sites/zakdoffman/2019/04/20/cia-offers-proof-huawei-has-been-funded-by-chinas-military-and-intelligence/
#Huawei #Spy #Warning #CIA #USA #China
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
www.thetimes.co.uk
CIA warning over Huawei
A Chinese telecoms giant that wants to supply vital technology for Britain’s new 5G mobile network has received funding from branches of Beijing’s state security apparatus, the CIA has told spy chiefs.American intelligence shown to Britain says that Huawei…
Forwarded from BlackBox (Security) Archiv
Kasper-Spy: Kaspersky Anti-Virus puts users at risk
Kaspersky promises security and data protection. However, a data leak allowed third parties to spy on users while they were surfing the web. For years.
A strange discovery on my office computer led me to unearth an astonishing data leak caused by Kaspersky's antivirus software. Originally, I had installed the software in order to experience the promised added value during everyday use. We, journalists at c't magazine, regularly test antivirus software, and this was part of a test for our c't issue 3/2019.
The following weeks and months seemed to offer little excitement – the Kaspersky software worked essentially as well or as badly as Windows Defender. One day, however, I made a strange discovery. I looked at the HTML source code of an arbitrary website and came across the following line of code:
To investigate, I experimented with webbrowsers Firefox, Edge, and Opera. Again, the same line of code popped up everywhere. Since I had no suspicious browser extensions installed which could be responsible, the simple conclusion was that Kaspersky's virus protection was manipulating my traffic. Without my permission, it was injecting that code. Before that day, I had observed such behaviour only from online banking Trojans. That is malware built to manipulate bank websites, for example to secretly change the recipient of a money transfer. But what the heck was Kaspersky doing there?
My first examination of Kaspersky's script main.js showed me that, among other things, it displays green icons with Google search results if Kaspersky believes the relevant link to lead to a clean website. This could have been the end of my analysis, but there was this one small detail: The address from which the Kaspersky script was loaded contained a suspicious string:
I expanded my experiment and installed the Kaspersky software on other computers. Kaspersky also injected JavaScript on those other systems. However, I discovered a crucial difference: The UUID in the source address was different on each system. The IDs were persistent and did not change, even several days later. So it was clear that each computer had it's own permanently assigned ID.
👉🏼 Read more:
https://www.heise.de/ct/artikel/Kasper-Spy-Kaspersky-Anti-Virus-puts-users-at-risk-4496138.html
#Kaspersky #AntiVirus #software #Spy #DataLeak
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
Kaspersky promises security and data protection. However, a data leak allowed third parties to spy on users while they were surfing the web. For years.
A strange discovery on my office computer led me to unearth an astonishing data leak caused by Kaspersky's antivirus software. Originally, I had installed the software in order to experience the promised added value during everyday use. We, journalists at c't magazine, regularly test antivirus software, and this was part of a test for our c't issue 3/2019.
The following weeks and months seemed to offer little excitement – the Kaspersky software worked essentially as well or as badly as Windows Defender. One day, however, I made a strange discovery. I looked at the HTML source code of an arbitrary website and came across the following line of code:
<script type="text/javascript" src="https://gc.kis.v2.scr.kaspersky-labs.com/9344FDA7-AFDF-4BA0-A915-4D7EEB9A6615/main.js" charset="UTF-8"></script>Obviously, an external JavaScript script named main.js was being loaded from a Kaspersky domain. This is not uncommon, since a website nowadays hardly works without external JavaScript resources. However, when I checked the HTML source of other websites displayed in my browser, I found the strange code on each and every page. Without exception, even on the website of my bank, a script from Kaspersky was introduced. So I had an inkling that the Kaspersky software might have something to do with it.
To investigate, I experimented with webbrowsers Firefox, Edge, and Opera. Again, the same line of code popped up everywhere. Since I had no suspicious browser extensions installed which could be responsible, the simple conclusion was that Kaspersky's virus protection was manipulating my traffic. Without my permission, it was injecting that code. Before that day, I had observed such behaviour only from online banking Trojans. That is malware built to manipulate bank websites, for example to secretly change the recipient of a money transfer. But what the heck was Kaspersky doing there?
My first examination of Kaspersky's script main.js showed me that, among other things, it displays green icons with Google search results if Kaspersky believes the relevant link to lead to a clean website. This could have been the end of my analysis, but there was this one small detail: The address from which the Kaspersky script was loaded contained a suspicious string:
https://gc.kis.v2.scr.kaspersky-labs.com/9344FDA7-AFDF-4BA0-A915-4D7EEB9A6615/main.jsThe part marked bold has a characteristic pattern. The structure matches a so-called Universally Unique Identifier (UUID). These IDs are used to make things, well, uniquely identifiable. But who or what can be identified using the Kaspersky ID?
I expanded my experiment and installed the Kaspersky software on other computers. Kaspersky also injected JavaScript on those other systems. However, I discovered a crucial difference: The UUID in the source address was different on each system. The IDs were persistent and did not change, even several days later. So it was clear that each computer had it's own permanently assigned ID.
👉🏼 Read more:
https://www.heise.de/ct/artikel/Kasper-Spy-Kaspersky-Anti-Virus-puts-users-at-risk-4496138.html
#Kaspersky #AntiVirus #software #Spy #DataLeak
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES