TBR News November 1, 2016
A Compendium of Various Official Lies, Business Scandals, Small Murders, Frauds, and Other Gross Defects of Our Current Political, Business and Religious Moral Lepers.
“When a government is dependent upon bankers for money, they and not the leaders of the government control the situation, since the hand that gives is above the hand that takes… Money has no motherland; financiers are without patriotism and without decency; their sole object is gain.”- Napoleon Bonaparte, 1815
“Corrupted by wealth and power, your government is like a restaurant with only one dish. They’ve got a set of Republican waiters on one side and a set of Democratic waiters on the other side. But no matter which set of waiters brings you the dish, the legislative grub is all prepared in the same Wall Street kitchen”. – Huey Long
“I fired [General MacArthur] because he wouldn’t respect the authority of the President. That’s the answer to that. I didn’t fire him because he was a dumb son of a bitch, although he was, but that’s not against the law for generals. If it was, half to three-quarters of them would be in jail “- Harry S Truman
“When the people fear their government, there is tyranny; when the government fears the people, there is liberty.” -Thomas Jefferson.
“Democracy is the art of running the circus from the monkey cage”
– H.L. Mencken
“For a quarter of a century the CIA has been repeatedly wrong about every major political and economic question entrusted to its analysis.”
-Senator Daniel Patrick Moynihan,
The New York Times, 1991.
Don’t tell a lie! Some men I’ve known
Commit the most appalling acts,
Because they happen to be prone
To an economy of facts;
And if to lie is bad, no doubt
’Tis even worse to get found out!
My children, never, never steal!
To know their offspring is a thief
Will often make a father feel
Annoyed and cause a mother grief;
So never steal, but, when you do,
Be sure there’s no one watching you.
The Wicked flourish like the bay,
At Cards or Love they always win,
Good Fortune dogs their steps all day,
They fatten while the Good grow thin.
The Righteous Man has much to bear;
The Bad becomes a Bullionaire!
The Voice of the White House
Washington, D.C. November 1, 2016:”One of the intercepts Wikileaks sent out is concerned with the projected Isreali destruction of two sacred Moslem mosques on Temple Mount in Jerusalim and a building, on their sites, of a large Jewish temple. This is, obviously, a very sensitive issue in that the Muslim community would take strong, and violent, objections to this descretation. One of the intercepts has Hillary saying that if she were elected President, she would see nothing wrong in Israel “reconstructing their most sacred site” and that the Moslems were “nothing but invaders of sacred Jewish sites.” That Hillary is pro-Israeli is not a surprise, considering that her ancestors emigrated to England from the Jewish ghetto in Lodz, Poland. Destroying the Muslim shrines would be an act of arrogant stupidity of the highest order but to those who have been reading the intercepts released by Wikileaks, not surprising. The arrogance and pure nastiness manifest in these intercepts will probably destroy the Democratic party and have brought Hillary’s election into serious question.”
Dakota pipeline tensions rise as protester charged with attempted murder
As a demonstrator at the construction site of a oil pipeline in North Dakota is charged with attempted murder, eyes shift to wider issues of corporate influence in an increasingly belligerent and iconic struggle.
November 1, 2016
DW
The 1,172-mile (1,885-km) $3.8 billion (3.46 billion euros) pipeline – being built by a group of companies led by the pipeline’s operator, Energy Transfer Partners – would offer the most direct route for shale oil from North Dakota to US Gulf Coast refineries, carrying sweet crude oil fracked from North Dakota’s Bakken oil patch through South Dakota and Iowa into Illinois.
Energy Transfer Partners insists the project is safe, while local Indian tribes and ecological groups are fighting the pipeline’s permitting process in federal court and in protests on the ground.
Shades of retribution?
The arrested demonstrator, 37-year old Red Fawn Fallis, was confronted by two officers on the evening of October 27 while taking part in a demonstration, according to a police affidavit.
During an ensuing struggle Fallis then allegedly fired at a police officer three times with a handgun, failing to hit him. Later a small amount of marijuana was found in her possession, according to court documents. If found guilty she faces a maximum penalty of 20 years in prison.
Over the weekend, construction crews were working next to the camp that authorities cleared Thursday, when they arrested more than 140 people at the sprawling encampment known as Oceti Sakowin, or Seven Council Fires camp, which is located on Army Corps of Engineers land.
Protests
The project has faced months of protest from the Standing Rock Sioux Tribe, as well as environmental activists, who say it threatens local water supplies and sacred tribal sites. Police have clashed with protesters on several occasions when they moved in to clear out a camp constructed by demonstrators on private land.
Protesters said that those arrested in the confrontation had numbers written on their arms and were housed in what appeared to be dog kennels, without bedding or furniture.
In response, some demonstrators torched three vehicles on a bridge, creating a blockade that effectively cut off easy access to the pipeline construction zone and made it far harder for the Standing Rock Sioux tribe and nearby residents to get to Bismarck for errands and medical appointments.
Others are less prepared to use force. “We don’t want people instigating things that are going to get out of hand. We don’t need them,” said Don Cuny, chief of security for the large camp near the confluence of the Missouri and Cannonball rivers. “They want the kids out of here if things get ugly,” said Emmett White Temple, a 55-year-old member of the Standing Rock Sioux.
Crowdsourcing to help the protesters has brought in $1 million (910,000 euros). One online legal defense fund has raised more than $655,000 for “the legal defense of warriors protecting land, water and human rights.”
Meanwhile, thousands of supporters of the tribe and environmental activists turned to social media on Monday aiming to confuse the police, who many believe are using it to track the protesters. Some 4,600 people used Facebook’s location tagging feature to “check in” on Monday afternoon at the Standing Rock Indian Reservation, near the site of the pipeline, vastly boosting the numbers actually there.
Bigger picture
The pipeline’s future will set a precedent for the other such ventures. The case is also seen to expose divisions within US society over the role and influence of corporate giants such as Energy Transfer Partners, in which Republican presidential candidate Donald Trump holds shares. His rival, Hillary Clinton, meanwhile, has been a very strong supporter of fracking.
Mainstream media has been slow to report the story and when it does has tended to focus on the violent confrontations at the expense of a wider narrative of competing land and environmental policy, the journalist, Amy Goodman, host of the “Democracy Now!” news broadcaster has argued. Goodman had an arrest warrant issued for her in September after her coverage of the situation, before a judge dismissed the charges, Goodman said at the time: “Not enough people realize what’s going on out there. It’s a bigger story than the amount of attention it’s received.”
Inside the Invisible Government
War, Propaganda, Clinton & Trump
October 28, 2016
by John Pilger
Unz Review
The American journalist, Edward Bernays, is often described as the man who invented modern propaganda.
The nephew of Sigmund Freud, the pioneer of psycho-analysis, it was Bernays who coined the term “public relations” as a euphemism for spin and its deceptions.
In 1929, he persuaded feminists to promote cigarettes for women by smoking in the New York Easter Parade – behaviour then considered outlandish. One feminist, Ruth Booth, declared, “Women! Light another torch of freedom! Fight another sex taboo!”
Bernays’ influence extended far beyond advertising. His greatest success was his role in convincing the American public to join the slaughter of the First World War. The secret, he said, was “engineering the consent” of people in order to “control and regiment [them] according to our will without their knowing about it”.
He described this as “the true ruling power in our society” and called it an “invisible government”.
Today, the invisible government has never been more powerful and less understood. In my career as a journalist and film-maker, I have never known propaganda to insinuate our lives and as it does now and to go unchallenged.
Imagine two cities.
Both are under siege by the forces of the government of that country. Both cities are occupied by fanatics, who commit terrible atrocities, such as beheading people.
But there is a vital difference. In one siege, the government soldiers are described as liberators by Western reporters embedded with them, who enthusiastically report their battles and air strikes. There are front page pictures of these heroic soldiers giving a V-sign for victory. There is scant mention of civilian casualties.
In the second city – in another country nearby – almost exactly the same is happening. Government forces are laying siege to a city controlled by the same breed of fanatics.
The difference is that these fanatics are supported, supplied and armed by “us” – by the United States and Britain. They even have a media centre that is funded by Britain and America.
Another difference is that the government soldiers laying siege to this city are the bad guys, condemned for assaulting and bombing the city – which is exactly what the good soldiers do in the first city.
Confusing? Not really. Such is the basic double standard that is the essence of propaganda. I am referring, of course, to the current siege of the city of Mosul by the government forces of Iraq, who are backed by the United States and Britain and to the siege of Aleppo by the government forces of Syria, backed by Russia. One is good; the other is bad.
What is seldom reported is that both cities would not be occupied by fanatics and ravaged by war if Britain and the United States had not invaded Iraq in 2003. That criminal enterprise was launched on lies strikingly similar to the propaganda that now distorts our understanding of the civil war in Syria.
Without this drumbeat of propaganda dressed up as news, the monstrous ISIS and Al-Qaida and al-Nusra and the rest of the jihadist gang might not exist, and the people of Syria might not be fighting for their lives today.
Some may remember in 2003 a succession of BBC reporters turning to the camera and telling us that Blair was “vindicated” for what turned out to be the crime of the century. The US television networks produced the same validation for George W. Bush. Fox News brought on Henry Kissinger to effuse over Colin Powell’s fabrications.
The same year, soon after the invasion, I filmed an interview in Washington with Charles Lewis, the renowned American investigative journalist. I asked him, “What would have happened if the freest media in the world had seriously challenged what turned out to be crude propaganda?”
He replied that if journalists had done their job, “there is a very, very good chance we would not have gone to war in Iraq”.
It was a shocking statement, and one supported by other famous journalists to whom I put the same question — Dan Rather of CBS, David Rose of the Observer and journalists and producers in the BBC, who wished to remain anonymous.
In other words, had journalists done their job, had they challenged and investigated the propaganda instead of amplifying it, hundreds of thousands of men, women and children would be alive today, and there would be no ISIS and no siege of Aleppo or Mosul.
There would have been no atrocity on the London Underground on 7thJuly 2005. There would have been no flight of millions of refugees; there would be no miserable camps.
When the terrorist atrocity happened in Paris last November, President Francoise Hollande immediately sent planes to bomb Syria – and more terrorism followed, predictably, the product of Hollande’s bombast about France being “at war” and “showing no mercy”. That state violence and jihadist violence feed off each other is the truth that no national leader has the courage to speak.
“When the truth is replaced by silence,” said the Soviet dissident Yevtushenko, “the silence is a lie.”
The attack on Iraq, the attack on Libya, the attack on Syria happened because the leader in each of these countries was not a puppet of the West. The human rights record of a Saddam or a Gaddafi was irrelevant. They did not obey orders and surrender control of their country.
The same fate awaited Slobodan Milosevic once he had refused to sign an “agreement” that demanded the occupation of Serbia and its conversion to a market economy. His people were bombed, and he was prosecuted in The Hague. Independence of this kind is intolerable.
As WikLeaks has revealed, it was only when the Syrian leader Bashar al-Assad in 2009 rejected an oil pipeline, running through his country from Qatar to Europe, that he was attacked.
From that moment, the CIA planned to destroy the government of Syria with jihadist fanatics – the same fanatics currently holding the people of Mosul and eastern Aleppo hostage.
Why is this not news? The former British Foreign Office official Carne Ross, who was responsible for operating sanctions against Iraq, told me: “We would feed journalists factoids of sanitised intelligence, or we would freeze them out. That is how it worked.”
The West’s medieval client, Saudi Arabia – to which the US and Britain sell billions of dollars’ worth of arms – is at present destroying Yemen, a country so poor that in the best of times, half the children are malnourished.
Look on YouTube and you will see the kind of massive bombs – “our” bombs – that the Saudis use against dirt-poor villages, and against weddings, and funerals.
The explosions look like small atomic bombs. The bomb aimers in Saudi Arabia work side-by-side with British officers. This fact is not on the evening news.
Propaganda is most effective when our consent is engineered by those with a fine education – Oxford, Cambridge, Harvard, Columbia — and with careers on the BBC, the Guardian, the New York Times, the Washington Post.
These organisations are known as the liberal media. They present themselves as enlightened, progressive tribunes of the moral zeitgeist. They are anti-racist, pro-feminist and pro-LGBT.
And they love war.
While they speak up for feminism, they support rapacious wars that deny the rights of countless women, including the right to life.
In 2011, Libya, then a modern state, was destroyed on the pretext that Muammar Gaddafi was about to commit genocide on his own people. That was the incessant news; and there was no evidence. It was a lie.
In fact, Britain, Europe and the United States wanted what they like to call “regime change” in Libya, the biggest oil producer in Africa. Gaddafi’s influence in the continent and, above all, his independence were intolerable.
So he was murdered with a knife in his rear by fanatics, backed by America, Britain and France. Hillary Clinton cheered his gruesome death for the camera, declaring, “We came, we saw, he died!”
The destruction of Libya was a media triumph. As the war drums were beaten, Jonathan Freedland wrote in the Guardian: “Though the risks are very real, the case for intervention remains strong.”
Intervention — what a polite, benign, Guardian word, whose real meaning, for Libya, was death and destruction.
According to its own records, Nato launched 9,700 “strike sorties” against Libya, of which more than a third were aimed at civilian targets. They included missiles with uranium warheads. Look at the photographs of the rubble of Misurata and Sirte, and the mass graves identified by the Red Cross. The Unicef report on the children killed says, “most [of them] under the age of ten”.
As a direct consequence, Sirte became the capital of ISIS.
Ukraine is another media triumph. Respectable liberal newspapers such as the New York Times, the Washington Post and the Guardian, and mainstream broadcasters such as the BBC, NBC, CBS, CNN have played a critical role in conditioning their viewers to accept a new and dangerous cold war.
All have misrepresented events in Ukraine as a malign act by Russia when, in fact, the coup in Ukraine in 2014 was the work of the United States, aided by Germany and Nato.
This inversion of reality is so pervasive that Washington’s military intimidation of Russia is not news; it is suppressed behind a smear and scare campaign of the kind I grew up with during the first cold war. Once again, the Ruskies are coming to get us, led by another Stalin, whom The Economist depicts as the devil.
The suppression of the truth about Ukraine is one of the most complete news blackouts I can remember. The fascists who engineered the coup in Kiev are the same breed that backed the Nazi invasion of the Soviet Union in 1941. Of all the scares about the rise of fascist anti-Semitism in Europe, no leader ever mentions the fascists in Ukraine – except Vladimir Putin, but he does not count.
Many in the Western media have worked hard to present the ethnic Russian-speaking population of Ukraine as outsiders in their own country, as agents of Moscow, almost never as Ukrainians seeking a federation within Ukraine and as Ukrainian citizens resisting a foreign-orchestrated coup against their elected government.
There is almost the joie d’esprit of a class reunion of warmongers.
The drum-beaters of the Washington Post inciting war with Russia are the very same editorial writers who published the lie that Saddam Hussein had weapons of mass destruction.
To most of us, the American presidential campaign is a media freak show, in which Donald Trump is the arch villain.
But Trump is loathed by those with power in the United States for reasons that have little to do with his obnoxious behaviour and opinions. To the invisible government in Washington, the unpredictable Trump is an obstacle to America’s design for the 21stcentury.
This is to maintain the dominance of the United States and to subjugate Russia, and, if possible, China.
To the militarists in Washington, the real problem with Trump is that, in his lucid moments, he seems not to want a war with Russia; he wants to talk with the Russian president, not fight him; he says he wants to talk with the president of China.
In the first debate with Hillary Clinton, Trump promised not to be the first to introduce nuclear weapons into a conflict. He said, “I would certainly not do first strike. Once the nuclear alternative happens, it’s over.” That was not news.
Did he really mean it? Who knows? He often contradicts himself. But what is clear is that Trump is considered a serious threat to the status quo maintained by the vast national security machine that runs the United States, regardless of who is in the White House.
The CIA wants him beaten. The Pentagon wants him beaten. The media wants him beaten. Even his own party wants him beaten. He is a threat to the rulers of the world – unlike Clinton who has left no doubt she is prepared to go to war with nuclear-armed Russia and China.
Clinton has the form, as she often boasts. Indeed, her record is proven. As a senator, she backed the bloodbath in Iraq. When she ran against Obama in 2008, she threatened to “totally obliterate” Iran. As Secretary of State, she colluded in the destruction of governments in Libya and Honduras and set in train the baiting of China.
She has now pledged to support a No Fly Zone in Syria — a direct provocation for war with Russia. Clinton may well become the most dangerous president of the United States in my lifetime –a distinction for which the competition is fierce.
Without a shred of evidence, she has accused Russia of supporting Trump and hacking her emails. Released by WikiLeaks, these emails tell us that what Clinton says in private, in speeches to the rich and powerful, is the opposite of what she says in public.
That is why silencing and threatening Julian Assange is so important. As the editor of WikiLeaks, Assange knows the truth. And let me assure those who are concerned, he is well, and WikiLeaks is operating on all cylinders.
Today, the greatest build-up of American-led forces since World War Two is under way – in the Caucasus and eastern Europe, on the border with Russia, and in Asia and the Pacific, where China is the target.
Keep that in mind when the presidential election circus reaches its finale on November 8th, If the winner is Clinton, a Greek chorus of witless commentators will celebrate her coronation as a great step forward for women. None will mention Clinton’s victims: the women of Syria, the women of Iraq, the women of Libya. None will mention the civil defence drills being conducted in Russia. None will recall Edward Bernays’ “torches of freedom”.
George Bush’s press spokesman once called the media “complicit enablers”.
Coming from a senior official in an administration whose lies, enabled by the media, caused such suffering, that description is a warning from history.
In 1946, the Nuremberg Tribunal prosecutor said of the German media: “Before every major aggression, they initiated a press campaign calculated to weaken their victims and to prepare the German people psychologically for the attack. In the propaganda system, it was the daily press and the radio that were the most important weapons.”
‘Google has power to control elections, can shift millions of votes to Clinton’ – Robert Epstein
November 1, 2016
RT
People trust the “unbiased” internet search giant Google so much it can actually influence up to 10 million undecided voters to choose Hillary Clinton for president, prominent US psychologist and author Robert Epstein told RT following years of research.
Despite being a supporter of the Democratic presidential nominee, Dr. Epstein believes Google’s unchecked algorithm of placing one candidate over the other in search results constitutes a “threat to democracy.”
RT: Robert, how did you discover that Google is possibly in cahoots with the Clinton campaign?
RE: Well I didn’t find out that they were necessarily supporting Hillary Clinton, that’s not what I found at first. First, through several years of research, I found that they had the power to control elections, the power to shift the votes. So, that was more than four years of experimental research with more than 10,000 people in 39 countries.
So, we established through some very careful experiments that by favoring one candidate in search rankings Google can shift a lot of votes. More than 20 percent of undecided voters overall, and in some demographic groups up to 80 percent of undecided voters. People trust search rankings so much that if one candidate is favored in search rankings that shifts peoples’ votes.
Now, more recently, many people have established that Google has a very close relationship with Hillary Clinton. That didn’t come from my research, that came from all kinds of investigative research by many people.
RT: Are you going to take a look at Facebook and Twitter as well? It looks like social media play an even bigger role in the elections than televised debates.
RE: Well, we know now that Facebook has the power to shift about 600,000 votes to Hillary Clinton on Election Day with no one knowing this is occurring. All they have to do is send out “Go out and vote” reminders to Hillary Clinton’s supporters, but not to Trump’s supporters. That would cause a lot of people to vote who would otherwise stay home. So yes, we’ve looked at Facebook, we’ve looked at Twitter. But again, Facebook can shift 600,000 votes, Google can shift somewhere between 2.6 and 10.4 million votes.
RT: Have you been able to find abnormal search results by Google in some other countries intended to influence the outcome of elections?
RE: We haven’t look carefully at too many countries. We’ve looked at the UK election in 2015, we looked at the national election in India, at the Lok Sabha election in 2014. What we do know is that it is the nature of Google’s algorithm to put one candidate ahead of another. That happens automatically. That happens, as Google would say, organically. So, this means that Google’s algorithm has probably been determining the outcomes of close elections around the world for many years, probably actually controlling the winner in as many as 25 percent of the national elections of the world.
RT: What do you think about this threat of big data? Do you think Google and other search engines analyses all search results by an individual for a good purpose?
RE: Well, big data at the moment is a threat. It’s a threat to democracy, at least as we have it in the United States, it’s a threat to human freedom, it’s a threat to civil liberties. This is mainly because the technologies are very new, and new means of control, of surveillance, of manipulation are being developed which at the moment are not regulated – they’re not covered by any laws or regulations. So, the problem is that these technologies have developed quickly, and we have not developed systems for monitoring these technologies, we’ve not developed systems for regulating these technologies. Obviously, we must do so.
RT: You’ve said that unlike Europe, Russia and China were able to overcome the Google monopoly, but a lot of people are still using this search engine. Do you think that the US company can manipulate public opinion in Russia as well?
RE: Well, it’s hard for them to manipulate opinion if they don’t dominate that country. Google dominates most of the countries in the world. The only countries it doesn’t dominate are Russia and China. So, Russia and China are protected a little bit from Google, but Russia and China have their own problems. Russia has Yandex, China has Baidu, and these companies can use techniques just as the ones that Google is using and perhaps they’re already using these techniques. These techniques can be used by any big tech company that provides a search engine. These techniques can be used by any big tech company that provides search suggestions.
My newest research shows, for example, that Google seems to be favoring Hillary Clinton in its search suggestions, the suggestions it gives you when you first start to type an item, and from new research I’ve done, we know that if you suppress negative search suggestions from one candidate, that shifts votes and opinions towards that candidate. So, Google is not the only problem. Any of these big tech companies can use these techniques for surveillance, for manipulation, for control, and I think we have to be concerned about the big tech industries in general around the world, not just Google.
RT: How do you oppose such great power being wielded by one corporation like Google?
RE: Well, the problem with a lot of power being in the hands of one company is that the private company is not answerable to the public. The private company does not have people who we voted on. The private company might be run almost like a monarchy, with the CEO having enormous power and the public having no say whatsoever in what they do, even not having access to their internal records. So we would have no idea of exactly what they’re doing or how they’re doing it and how they’re making decisions. This is potentially very dangerous. The situation right now is unprecedented in human history. There has never been so much power placed in the hands of so few people who are beyond the reach of any laws, beyond the reach of any regulations, and who don’t necessarily have the public interest in mind.
RT: What about Donald Trump? In your opinion, what methods and tricks has Donald Trump and his loyal media used in this presidential race?
RE: Well, I’ve said in writing, repeatedly and in many interviews that I’m a very strong supporter of Hillary Clinton. Hillary Clinton is by far the better candidate, Donald Trump is a very weak candidate, he would not make a good leader, he would not make a good president. Plus, I know people in his family, it makes no sense to me that he is even running for president, I don’t think he wants to be president! I think he just wants to increase his celebrity so that he can start his own television network, and I think that steps are now already being taken for him to do that.
I made a prediction on Twitter recently, you can check this: I not only have predicted that he will set up his own television network but that he will launch his network with a guaranteed hit show. It will be a reality TV show about Donald Trump running for president, and that will be a hit show, so I think that’s his only interest here. Hillary Clinton will become our next president, it’s guaranteed and in my opinion Donald Trump has no interest, never had any interest in becoming president.
RT: Do you believe that Hillary Clinton will become US president through the manipulation of public opinion?
RE: Oh, Hillary Clinton is guaranteed to win this election, and I have said previously based on polls that seem to show a kind of a close vote, that those polls did not take into account the power that Google and other companies have to shift votes. That’s missing from these polls. So, once you realize the power that these companies have, Hillary Clinton is absolutely guaranteed to win, and she will win in the margin of somewhere between 2.6 million and 10 million votes. If we take the mean, the average of those two numbers, I guess you could say it’s pretty clear that she will win by approximately 6.5 million votes.
RT: Given that the United States has such an expensive and powerful media industry, would you say that voters in the US have a real picture of the presidential campaign?
RE: Well, voters in the United States I think do get a pretty good picture because we have so many different kinds of media and people are just bombarded with information from newspapers, magazines and the internet, more than 400 different television channels. So I think we do get a pretty complex and deep picture of things, but you have to remember that all of these forms of media are competitive. So, we’re getting one perspective from one magazine, another perspective from another magazine.
But when you come to something like Google, there’s no competition. There’s no competitor. It’s a completely different kind of influence, it’s non-competitive. In other words, if you’re still trying to make up your mind and you go to Google and ask a question about the candidates or about some sort of issue related to the election, Google will show you whatever it wants to show you and that can easily, easily tip your opinion one way or the other and there’s no competitor, there’s no way for anyone to compensate what Google just told you.
So, this is a completely new and very dangerous kind of influence. It has no competition, there’s no corrective for it, and people trust Google – we know this from surveys – people trust Google more than they trust any newspaper, any magazine or any television station. People trust information that they get from a computer much more than information they’re getting from television or a newspaper because they know that television and newspapers are biased, because they know that people are actually giving them the information. But when they get information out of a computer they mistakenly believe that that information is impartial, that information is objective and of course, that’s not really true, but that’s what people believe.
The Shadow Brokers dump more intel from the NSA’s elite Equation Group
October 31, 2016
by Cory Docterow
boingboing.net
In August, anonymous hacker(s) dumped a cache of cyberweapons that appeared to originate with The Equation Group, an elite, NSA-affiliated hacking squad.
The leakers called themselves The Shadow Brokers, and they sought bTc1,000,000 for access to the remainder of The Equation Group’s files. Earlier this month, arrested NSA contractor Harold Thomas Martin was accused of being the source of the leak to The Shadow Brokers, though not necessarily deliberately (he may have been hacked by The Shadow Brokers).
The Shadow Brokers have had no takers for their auction, and so they’re now dumping more files, presumably to stir up interest.
The new leak purportedly reveals IP addresses of NSA controlled servers in 49 countries that are used to launch offensives against NSA targets. If the leaks are to be believed, they show that the NSA uses hacked servers in China and Russia to attack other countries.
The dump contains some 300 folders of files, all corresponding to different domains and IP addresses. Domains from Russia, China, India, Sweden, and many other countries are included. According to an analysis by the security researcher known as Hacker Fantastic, the dump contains 306 domains and 352 IP addresses relating to 49 countries in total.
If accurate, victims of the Equation Group may be able to use these files to determine if they were potentially targeted by the NSA-linked unit. The IP addresses may relate to servers the NSA has compromised and then used to deliver exploits, according to security researcher Mustafa Al-Bassam.
“So even the NSA hacks machines from compromised servers in China and Russia. This is why attribution is hard,” Al-Bassam tweeted on Monday.
Peshmerga complete advance against ISIS, Iraqi army pushes on to Mosul
November 1, 2016
Rudaw
ERBIL, Kurdistan Region – The Peshmerga consolidated their positions against ISIS near Mosul’s city limits on Monday, as the Iraqi Army continues its push ahead toward the city itself.
“The Iraqi forces are coming closer to Mosul from all directions,” said Abdulghani Assadi, a commander in Iraq’s counter-terrorism forces.
“The Peshmerga have stopped now and carried out their plans. We are completing the rest of the plan from our fronts,” he added.
Peshmerga forces have secured the Mosul periphery from the north and east after two weeks of fighting ISIS in towns and villages in those areas. There are no plans for them to move into the city. The Iraqi Army is advancing against ISIS in Mosul from the north, east and south with the ultimate goal of removing the militants completely from the urban center.
To Mosul’s west the Hashd al-Shaabi Shiite militia – which is fighting alongside the Iraqi Army — has its eye on taking the town of Tal Afar, which has a mixed Sunni and Shiite Turkmen population. If the militia is able to capture that town, it will make it more difficult for ISIS to retreat from Mosul back to its Raqqa stronghold in neighboring Syria.
Turkey is opposed to a Hashd presence in that town and has sent more soldiers to the Turkish town of Silopi on the border with Iraq, warning that it will intervene if the Hashd carries out any abuses in Tal Afar.
“If Hashd al-Shaabi causes terror there in [Tal Afar], our response to it will be different,” Turkish President Recep Tayyip Erdogan warned on Saturday.
The Hashd, like the Peshmerga, has not been asked by either Baghdad or the US-led coalition to enter the city of Mosul itself. Instead, it is expected to focus entirely on capturing and securing territory outside of that key city from ISIS.
When the FBI Has a Phone It Can’t Crack, It Calls These Israeli Hackers
October 31 2016
by Kim Zetter
The Intercept
Earlier this year, at the height of a very public battle between the FBI and Apple over whether the computer maker would help decrypt a mass murderer’s locked iPhone, it appeared that a little-known, 17-year-old Israeli firm named Cellebrite Mobile Synchronization might finally get its moment in the spotlight.
After weeks of insisting that only Apple could help the feds unlock the phone of San Bernardino killer Syed Rizwan Farook, the Justice Department suddenly revealed that a third party had provided a way to get into the device. Speculation swirled around the identity of that party until an Israeli newspaper reported it was Cellebrite.
It turns out the company was not the third party that helped the FBI. A Cellebrite representative said as much during a panel discussion at a high-tech crimes conference in Minnesota this past April, according to a conference attendee who spoke with The Intercept. And sources who spoke with the Washington Post earlier this year also ruled out Cellebrite’s involvement, though Yossi Carmil, one of Cellebrite’s CEOs, declined to comment on the matter when asked by The Intercept.
But the attention around the false report obscured a bigger, more interesting truth: Cellebrite’s researchers have become, over the last decade, the FBI’s go-to hackers for mobile forensics. Many other federal agencies also rely on the company’s expertise to get into mobile devices. Cellebrite has contracts with the FBI going back to 2009, according to federal procurement records, but also with the Drug Enforcement Administration, the Secret Service, and DHS’s Customs and Border Protection. U.S. state and local law enforcement agencies use Cellebrite’s researchers and tools as well, as does the U.S. military, to extract data from phones seized from suspected terrorists and others in battle zones.
The company is poised to seize a prominent and somewhat ominous place in the public imagination; just as Apple has come to be seen as a warrior for digital protection and privacy against overreaching government surveillance, Cellebrite is emerging as its law-and-order counterpart, endeavoring to build tools to break through the barriers Apple and other phone makers erect to protect data.
“Vendors … are implementing more and more security features into their product, and that’s definitely challenging for us,” says Shahar Tal, director of research at Cellebrite. “But we’ve solved these challenges before [and] we continue to solve these challenges today.”
In July, months after the unknown third party provided the FBI with a method for getting into the San Bernardino phone — an iPhone 5C running iOS 9 — Cellebrite announced that it had developed its own technique for bypassing the phone’s password/encryption lock. And the company is confident that it will be able to deal successfully with future security changes Apple may make to its phones in the wake of the San Bernardino case.
“If it’s going to be done, it’s going to be done in this building,” Carmil told The Intercept during a visit to the company’s Israeli headquarters earlier this year.
Cellebrite’s ascent comes at a time when mobile forensics has never been more important to law enforcement and intelligence agencies. Data extracted from phones has eclipsed data extracted from desktop and laptop computers in recent years, since the former can yield not only detailed logs about a user’s activities, interests, and communications, but also, in many cases, map the user’s whereabouts over weeks and months to produce a pattern of life.
The story of Cellebrite’s emergence as a forensic powerhouse is the story of how mobile forensics itself has evolved over the years — beginning first in the late ’90s with a simple tool for migrating user contacts from one cellphone to another, which morphed in 2007 to a solution for harvesting address book data from PDAs and feature phones, to the complex multistage operations needed today to bypass the sophisticated security mechanisms built in to smartphones.
Ahead of Competitors
Cellebrite isn’t the only forensic game in town. It has a number of rivals around the world, each with varying strengths and weaknesses. They include the Swedish firm MicroSystemation AB, also known as MSAB, whose XRY tool is used by the Department of Homeland Security, the U.S. military and others; the U.S. firms Susteen, Paraben, and BlackBag Technologies; Magnet Forensics, a Canadian firm; and Oxygen Forensics, a Russian firm whose customers include, according to its website, the IRS, U.S. Army, DOD, DHS, and the Justice Department.
But Robert Osgood, an FBI supervisory agent for more than 25 years until he retired from the bureau in 2011, says that Cellebrite and MSAB are the leaders.
“They’re the two 800-pound gorillas in the mobile forensic device world” when it comes to extracting data, says Osgood, who now directs a graduate program in computer forensics at George Mason University.
Although he says the FBI buys other forensic tools, they are primarily used in specific niches — for example, parsing and analyzing subsets of data, such as data associated with social networking apps, after it has already been extracted using a Cellebrite or MSAB tool.
Heather Mahalik, who trains about 400 federal and local law enforcement workers a year in advanced mobile forensics for the SANS Institute, says that even among these two giants, Cellebrite has been edging out its competitor over the last two years.
“There are uniqueness and little tricks in both of them that really help … but I would be lying to say it is still close [between them], because I know that Cellebrite works better for acquisition,” she told The Intercept. Mahalik says she surveys her students each year to see which tools they’re using on the job. Two years ago, Cellebrite and MSAB were almost neck and neck, but these days, she says her students mention only Cellebrite. A 2012 annual report from MSAB acknowledges that Cellebrite penetrated the U.S. market before it did, which helped it gain an advantage as a result.
Cellebrite’s forensic tools include the Universal Forensic Extraction Device (UFED), hardware bundled with proprietary software that acquires, decodes, and analyzes data from smartphones, tablets, and portable GPS devices; the UFED4PC, which is standalone software for use on a PC; and the UFED Pro, an add-on to the UFED that does something called physical extraction, which siphons data directly from a phone’s flash memory chip. This can include deleted SMS messages and call histories as well as data collected by the phone and apps that the user is unaware is being collected.
The company doesn’t help governments remotely hack into phones for real-time surveillance, as the NSO Group, another Israeli firm, reportedly does; Cellebrite focuses only on forensics — collecting data and artifacts already created and stored on phones. Physical access to the phone is required for their work.
Cellebrite’s edge lies in its ability to extract data from more mobile operating systems and chips than its competitors, often producing solutions faster than rivals. Each time a new version of a mobile phone or an update to an existing operating system is released, Cellebrite’s team of reverse engineers goes into assault mode to find zero-day vulnerabilities and other hidden pathways that will give the engineers access to data the phone makers have worked hard to block. In some cases, they’re already working on new phones before they’re released. That’s because some vendors — Cellebrite won’t say which ones, but Apple isn’t among them — ship a sample of their new phones to Cellebrite three months before they’re released, giving Cellebrite engineers a head start in cracking the devices. It’s a practice that dates back to the company’s original business, selling gear to cellular carriers that helped their customers migrate contacts from one phone to another.
The company doesn’t put all of its forensic techniques into its automated tools, however. To prevent competitors from reverse-engineering its software to uncover and steal its unique methods and to prevent phone vendors from discovering the vulnerabilities used in its techniques and patching them, some exploits are only performed manually by its staff. Its new solution for extracting data from iPhone 5C’s running iOS 9 — the San Bernardino phone — can only be performed by a Cellebrite worker as part of the company’s Advanced Investigative Services division, also known as CAIS. This is a premium unlocking subscription service that costs $250,000 a year in the U.S., according to a DEA procurement record, and will also get customers help in bypassing encryption on the iPhone 4S and 5, the Samsung Galaxy S6 and Galaxy Note 5, and some Galaxy S7s, among other devices. Though Cellebrite will also unlock phones as a one-off service, for about $1,500 per phone.
Bypassing encryption, the most vexing problem law enforcement faces today in mobile forensics, is one of Cellebrite’s biggest selling points. The company says it has been able to “crack the code to the screen locks” on a number of phone models, allowing it to access data on the phones without a password.
“Encryption is a show stopper for most of the industry,” Tal told The Intercept. “Except for us.”
How It Began
Cellebrite employs about 520 people, most in Israel, including workers at a manufacturing facility in the southern part of the country that makes its UFED devices. The company is a subsidiary of the Japanese Sun Corporation, which took ownership of 80 percent of the firm in 2007. And although Sun doesn’t influence the company’s strategy or direction, Carmil says, its secretive corporate culture appears to have affected Cellebrite’s approach with the media. “We are not telling so much about ourselves. What we tell is what Sun has allowed us to publish,” Carmil told The Intercept.
Cellebrite’s headquarters in Israel occupies several floors of a mid-sized office tower in Petach Tikva, a small city east of Tel Aviv that was once a malarial swamp until Jewish pioneers drained it in the 19th century to make way for citrus groves. The groves have largely been replaced today with hi-tech business parks like the one Cellebrite shares with IBM and Intel.
Its modern office space was dim and quiet during an afternoon visit by The Intercept in June, except for the sound of Hebrew rock playing softly on a floor where researchers worked. Down a hallway leading to the research offices was a device lab resembling a large, highly organized shoe closet that contained more than 15,000 mobile handsets stored in carefully marked boxes. These are phones that Cellebrite has bought or received in advance from vendors over the years to analyze.
About 200 new phones arrive to the lab monthly, each containing different versions of operating systems and configurations, since carriers like Verizon and AT&T like to customize the branded phones they offer customers by tweaking the operating system to disable and enable different features. There are also burner phones – pre-paid throwaway phones that criminals and terrorists often favor because they offer anonymity – and phones from China that pose a special challenge to extracting data because they often lack uniformity and standardization in their design.
Each phone that arrives to the lab gets a manual inspection to determine the software that’s running on it and any operating system changes the vendor has made since previous versions.
Cellebrite has five forensic research teams: the team that reverse-engineers phones to find zero-day vulnerabilities and other means of extracting data; a team that focuses on translating binary data into a readable format; a cloud data team; and two teams who work on analytics, which involves mining data to create leads from different sources of data — for example, to cross-reference data extracted from a phone to determine all the locations a suspect has been in the past month. The analytics team is also working on being able to automatically identify activity in video extracted from mobile devices — an act of violence, for example.
The reverse-engineer team that Tal leads, which is responsible for finding ways into phones, has about two dozen people.
“I don’t know what the NSA has for mobile research, but in the forensics industry I’ve not been made aware of any sizable research team like we have,” says Tal, who joined the company late last year after leading the vulnerability research team at the Israeli security firm Checkpoint.
All of this belongs to Cellebrite’s new life as a mobile forensics firm. But the company didn’t begin life in forensics.
Cellebrite launched in December 1999 with a tool that was only designed to transfer the contents of an address book from one phone to another. Back then, transferring contacts was a time-consuming task that was generally done manually. But Cellebrite developed the Universal Memory Exchange, a handheld device that resembled the clunky credit card readers airline stewards use to charge for in-flight beers, which could transfer data between any two phones, regardless of make and model. They later added capabilities for backing up, restoring, and synchronizing data as well.
They sold the device initially only to telecoms and phone stores — first in Israel and Europe, then in the U.S. By 2005 Cellebrite says the UME was in more than half of all Verizon and T-Mobile phone shops in the U.S, in addition to the phone departments of big-box chains like Best Buy and Wal-Mart, something The Intercept was unable to confirm. “Every place that offers cellular-handset selling, repair, and exchange activity, Cellebrite was there,” Carmil asserts.
The UME became so integral to the mobile phone business that any time a vendor launched a new phone, it shipped an advance sample to Cellebrite to ensure that the UME would work with it.
“Because we got all of [the phones] from the mobile operators … no one could compete with our phone support offering for a long time,” says Carmil, who was vice president of Siemens’s commercial division in Israel before joining Cellebrite. “We came with 1,500 [phones] supported, where the competition … were struggling for 100 or 150.”
Cellebrite touts this advance look at phones as one reason for its competitive advantage in forensics. Though MSAB and Paraben, which don’t receive advance phones, naturally downplay early research like this, saying it can be counterproductive. “Many of the times the device firmware will change so much before the release that a lot of the deep research required for forensics must be redone [if done in advance of a device’s release],” Amber Schroader, CEO of Paraben, told The Intercept.
By 2006, Cellebrite was selling its UME devices to law enforcement and security forces in Israel and abroad. It was at this point that the company’s new customers developed a novel use for the UME that caught Cellebrite’s attention — they were using it to extract call logs and other data from phones seized in criminal investigations. The method worked well for generating investigative leads, but the extracted data wasn’t forensically sound to serve as evidence in court. So the customers, Cellebrite won’t say which ones, asked for a way to show courts that data hadn’t been altered after it was removed from a phone. Cellebrite only had 18 employees at the time, but Carmil and co-CEO Ron Serber immediately saw the potential in steering the company in a new direction.
“We realized that there is a market [for mobile forensics] which is already existing and established,” Carmil says.
The next year, they released their first forensic tool, which was basically an extension of the software they were already using to transfer, back up, and restore data, but with a hash function thrown in to certify the integrity of extracted data.
“That was the beauty of the whole story,” Carmil says. “We brought the same capabilities to a completely different core business.”
A hash is a cryptographic representation of data. Run text or data through a mathematical algorithm and you get a value that represents the data. But alter the data or text, and you get a different hash when run through the same algorithm. By comparing the hash of data on a phone with the hash of data presented in court, prosecutors could show it hadn’t been altered. It can also verify that the output from two different forensic tools grabbed the same data — if hashes of the two sets of extracted data are the same.
Over time, as the number of mobile phones and data formats grew, Cellebrite added features for decoding varying formats and analyzing extracted data.
The company wasn’t the first to enter the mobile forensics field. Micro Systemation beat them to it with a mobile forensics tool in 2003; Paraben came out with a forensic tool for PDAs in 2001, followed in 2004 by a tool for mobile phones. But Cellebrite’s solution could process data from CDMA and TDMA phones, unlike competitors.
It was easy to extract data from mobile phones a decade ago, says Leeor Ben-Peretz, executive vice president for products and business development at Cellebrite. The devices had none of the sophisticated security protections they have today and there was a lot of public documentation that detailed programming interfaces, so researchers for the most part didn’t have to reverse-engineer operating systems and applications to understand how they worked.
All of that changed in January 2007 when Apple introduced the iPhone, a smartphone that blended music, email, text messaging, web browsing, camera, and desktop applications with an easy-to-use touchscreen interface. The following year, Apple added GPS to the phone.
It was a forensic bonanza for law enforcement, but Apple wasn’t generous with its documentation the way other phone makers had been. And as subsequent versions of the iPhone came out, Apple added security protections, including encryption, that made it even more difficult to extract data. Cellebrite scrambled to expand its research team. Carmil won’t say why — he’s silent on a lot of things about the company — but it seems to have coincided with the forensic challenges the iPhone brought.
Cellebrite went looking for skilled reverse engineers, particularly among former members of the Israeli military’s Unit 8200, the famed tech and signals intelligence unit where many of the country’s elite hackers and vulnerability researchers hone their skills. Tal, Cellebrite’s 33-year-old director of research, hails from the unit.
The research efforts paid off and the company’s forensic business soared, as shown by federal procurement records, particularly among U.S. law enforcement. Cellebrite has held about 230 federal contracts over the years, with the first dating to late 2007 when it signed contracts with the DEA, Secret Service, and the Navy’s Space and Naval Warfare Systems Command. The National Guard Bureau of Tennessee purchased six UFED devices in 2008, noting in its procurement document that the DEA already had “over 200” of them. On September 11, 2009, the FBI appears to have signed its first contract with Cellebrite. And by the end of that year, the company says more than 4,500 UFED devices were in use around the world.
Something else was happening to push sales in the U.S., according to Christa Miller, Cellebrite’s former director of mobile forensics marketing from 2012 to 2015. Wireless carriers were storing customer text messages for only short periods of time, and law enforcement was desperate to find a way to get evidence from customer devices even after it vanished from telecom servers and after users deleted it from their phone, Miller says.
So in November 2009, Cellebrite launched a new product, the UFED Physical Pro, to extract data from the flash memory chip of phones, including deleted data.
There are two primary ways to retrieve data from mobile phones — logical extraction and physical extraction. Logical focuses on content and data the phone allows you to extract naturally through its application programming interface, or API, such as contacts and text messages. Sometimes the method for extracting the data is well-documented, sometimes it’s not and requires reverse-engineering; but in general, the presence of the data is readily apparent to a user or piece of software. Physical extraction, by contrast, gets data from a phone’s flash chips that’s not normally available, like deleted information.
In August 2010, Cellebrite developed the means to do physical extractions from iPhones on the market at the time. By 2012, the company was also able to extract deleted messages from BlackBerry and Motorola devices, the latter using a technique that bypassed the user lock. And in 2014, Samsung’s Galaxy S4 family of devices fell to the company’s physical extraction methods as well. MSAB began offering its own physical extractions from flash memory in 2010.
Cellebrite is secretive about its methods, but a lawsuit the company filed against MSAB in 2013, accusing its competitor of stealing its Samsung and BlackBerry techniques, offered a few clues about the company’s process. It asserted, in regard to Samsung devices, that the technique didn’t require the phones to be powered-down first to do the extraction and that the solution involved a vulnerability in the phone’s memory, or RAM. Cellebrite’s researchers also had to locate several “landing addresses” in the RAM where they could inject a custom bootloader they created. A bootloader is code built in to a smartphone that launches the phone’s operating system when someone turns on the device. But Cellebrite’s custom bootloader halts the normal boot process in a way that allows their tool to then access and read the phone’s memory.
Cellebrite’s other solution, for the BlackBerry smartphone, relied on a vulnerability the company found in the process that BlackBerry phones used for authenticating BlackBerry software delivered from a desktop computer to the phones, which allowed them to load their bootloader to the phones. The Cellebrite bootloader, the company wrote in its lawsuit, piggybacked on the official signed BlackBerry bootloader, “thus tricking the extremely sophisticated BlackBerry security protocols” into allowing the Cellebrite bootloader to run on BlackBerry devices in place of the legitimate bootloader.
Methods like this for doing physical extractions, however, were soon thwarted by Apple and other vendors, who began to increase the security of their phones by encrypting data stored on the devices and adding other security protections. A physical extraction yields a greater wealth of information over a logical extraction, unless the data extracted is encrypted and therefore unreadable. The problem was particularly acute with iPhones.
“Modern iPhones, if the user configures them correctly, are virtually impossible to get into,” says Osgood.
In June 2009, for example, Apple introduced full-disk encryption with iOS 3 and the iPhone 3GS (the term “full-disk encryption” has come to refer to routine encryption of all data stored on a device, even those, like the iPhone, that do not actually use a physical disk). It was the first stage in the Going Dark problem for law enforcement, though it was only a partial eclipse, since the encryption key was not user-generated but was generated from a unique ID embedded in the phone, which meant Apple still had the ability to unlock phones. With iOS4, Apple introduced a file-encryption scheme that used a key derived from the user’s password and the embedded ID. Apple also added a time delay of 80 milliseconds to password guesses, which made it harder, though not impossible, to bruteforce the user’s password. Then with iOS 8, Apple expanded the data it encrypted on the phone — photos, messages, contacts, call history — and added even more delay to password guesses. By the ninth failed password, the wait became an hour before another password could be tried. If the user enabled an erase feature, the decryption key would disappear altogether after 10 failed password attempts.
Despite measures like these, Cellebrite has developed methods to get around or disable encryption in a number of phone models, including iPhones, though certainly not all of them.
“If you can do it, the competitive barrier is huge,” says Ben-Peretz. “And this is where we excel.”
In June 2015, for example, Cellebrite developed a way to unlock Apple devices running iOS 8, without the risk of erasing the encryption key. Earlier this year, a forensic specialist in Italy, stymied by an iPhone 5 running iOS 8, reportedly paid $1,500 for a Cellebrite team to help get him into the phone.
This doesn’t mean full-disk encryption isn’t still a challenge.
Encryption is “definitely more complex than it was five years ago or 10 years ago,” Tal says. “There are more and more mechanisms involving encryption. … And today our typical forensic capability would be constructed out of several chains of blocks, each of which [is] solving a different technology layer or mechanism in order to provide the eventual result.”
To defeat password locks and encryption, the company has developed custom bootloaders that in some cases can interrupt the boot process of the legitimate bootloader on a phone before the operating system loads and before the password-locking mechanism kicks in. The details of how it does this vary depending on the phone, says Tal. And the process for cracking an iPhone is much more complicated than this, though he won’t elaborate.
A lawsuit Cellebrite filed last year against Oxygen Forensics touched on its solution for disabling the screenlock on some Samsung Android devices. According to a court document in the case, Cellebrite developed special lock disabler code — commands that can run on the phones, despite their screens being locked, and disable the locks. Cellebrite did something similar with LG Android phones, by identifying which files on the phone control the screen-locking function and manipulating them to disable the lock.
Limits of Encryption Cracking
Bollö, the MSAB CEO, admitted that encryption is hard for his company to address, though he told The Intercept, “we have solutions for either working around or trying to bypass” encryption. Asked to elaborate on those methods, however, he couldn’t provide a clear example.
“It is not as simple as getting around encryption or not,” he wrote in an email. He noted that these days, the problem isn’t just the extra security and encryption built in to phones themselves, but also the encryption in mobile apps.
“I think both Google and Apple have more than 2 million apps on their app stores, and each app has their own database or encryption — they are updated 10 times as often [as phone operating systems],” he said during an interview in the company’s Virginia office. “That’s a much bigger challenge than specific phones.”
Indeed, each forensic tool can only extract data from a small percentage of apps, so they focus on the most popular ones that are likely to yield important forensic data. The data for each app requires decoding if it’s in a special format. And once data is extracted, it has to be analyzed and presented in a format customers can understand.
This is largely what makes mobile forensic tools so expensive — the many variations of phones, operating systems and applications they have to address. Mobile forensic tools can cost $10,000 to $14,000 for the base tool or software, with an additional annual subscription for upgrades — the release notes for new versions of Cellebrite’s tools and software list dozens of mobile apps and mobile handsets and operating systems that are newly supported by each upgrade.
Tal says the breakthroughs they achieve in cracking phones are rewarding, but his research team gets other satisfaction from the work. “You see murderers, you see child molesters get behind bars because of data that we extracted yesterday, and it’s a very immediate connection with the purpose of what we’re doing here,” he says. “We’re not just security researchers who work on this forensic capability to make money for the company; there’s a story behind this for the people.”
Cellebrite, he insists, gives highly skilled researchers a more ethical and acceptable outlet for their talents than, say, selling vulnerabilities and exploits to questionable buyers as some researchers do. He doesn’t name names, but researchers at the Citizen Lab in Canada recently found that Cellebrite’s compatriots at the NSO Group had supplied iPhone zero-days to the United Arab Emirates government to install a spy tool on a phone used by a local human rights activist. “[T]here are a lot of very good people, very good talents in this space who don’t necessarily feel very comfortable working for someone who may sell their product to a foreign government that may or may not use it against journalists in their countries and oppressive regimes,” Tal says.
He says their customers are first-world Western law enforcement agencies and notes that he’s had interest from a lot researchers lately who have been expressing an interest in working for Cellebrite “because they know the research we do doesn’t go into the ‘shady’ areas. We have a strong ethics backbone, a clear-use case for our capabilities, and dramatically less potential for abuse should ‘evil customers’ attempt to deceive us.”
This doesn’t mean that Cellebrite is without controversy. The company works at the epicenter of an increasingly important U.S. policy debate about government use of computing vulnerabilities and exploits for surveillance purposes and about how keeping those vulnerabilities secret leaves the devices of millions of people vulnerable to intruders of all sorts. Apple still doesn’t know what iOS vulnerability the mystery party used to help the FBI hack into the San Bernardino phone, leaving many iPhone users at risk of someone else using the same vulnerability on their phones.
Tal says Cellebrite’s researchers have deliberated at times about disclosing vulnerabilities they found to vendors, but won’t say if they’ve actually disclosed any.
“Sometimes we do want to disclose a vulnerability because we think that’s in the best interest of our customers and in the best interest of maintaining some aspect of privacy and security,” he says. “But then of course [the] forensics business is entailed with getting access to information the vendor maybe did not want you to have access to. So there’s somewhat of a delicate dance around this.