Aggregator
SIU Carbondale students to offer free tax assistance
Comedian David Cross is over that disastrous St. Louis set — but Florida is dead to him
Comedian David Cross is over that disastrous St. Louis set — but Florida is dead to him
Vintage KSDK: A look at when the St. Louis Rams won the Super Bowl
Parson doesn't recommend funds for Holocaust Commission
Maplewood police locate van connected with Tuesday afternoon homicide
Man charged in death of St. Louis daycare worker
Chesterfield Mall owner looks to rent space to small businesses ahead of redevelopment
Missouri is among the states with the worst life expectancy, new report finds
Chesterfield Mall owners looking for short-term tenants before new development
Fatal fires in St. Louis, Baltimore expose vacant home risks
Jersey Senior Basketball/Tennis Player Kate Jones Is A Quality Chrysler Dodge Jeep Ram Female Athlete of Month
Black congresswomen urge Biden to look beyond symbolism with Supreme Court pick
The failed promise of Pruitt-Igoe
Yet Another Israeli Malware Manufacturer Found Selling To Human Rights Abusers, Targeting iPhones
Exploit developer NSO Group may be swallowing up the negative limelight these days, but let's not forget the company has plenty of competitors. The US government's blacklisting of NSO arrived with a concurrent blacklisting of malware purveyor, Candiru -- another Israeli firm with a long list of questionable customers, including Uzbekistan, Saudi Arabia, United Arab Emirates, and Singapore.
Now there's another name to add to the list of NSO-alikes. And (perhaps not oddly enough) this company also calls Israel home. Reuters was the first to report on this NSO's competitor's ability to stay competitive in the international malware race.
A flaw in Apple's software exploited by Israeli surveillance firm NSO Group to break into iPhones in 2021 was simultaneously abused by a competing company, according to five people familiar with the matter.
QuaDream, the sources said, is a smaller and lower profile Israeli firm that also develops smartphone hacking tools intended for government clients.
Like NSO, QuaDream sold a "zero-click" exploit that could completely compromise a target's phones. We're using the past tense not because QuaDream no longer exists, but because this particular exploit (the basis for NSO's FORCEDENTRY) has been patched into uselessness by Apple.
But, like other NSO competitors (looking at you, Candiru), QuaDream has no interest in providing statements, a friendly public face for inquiries from journalists, or even a public-facing website. Its Tel Aviv office seemingly has no occupants and email inquiries made by Reuters have gone ignored.
QuaDream doesn't have much of a web presence. But that's changing, due to this report, which builds on earlier reporting on the company by Haaretz and Middle East Eye. But even the earlier reporting doesn't go back all that far: June 2021. That report shows the company selling a hacking tool called "Reign" to the Saudi government. But that sale wasn't accomplished directly, apparently in a move designed to further distance QuaDream from both the product being sold and the government it sold it to.
According to Haaretz, Reign is being sold by InReach Technologies, Quadream's sister company based in Cyprus, while Quadream runs its research and development operations from an office in the Ramat Gan district in Tel Aviv.
[...]
InReach Technologies, its sales front in Cyprus, according to Haaretz, may be being used in order to fly under the radar of Israel’s defence export regulator.
Reign is apparently the equivalent of NSO's Pegasus, another powerful zero-click exploit that appears to still be able to hack most iPhone models. But it's not a true equivalent. According to this report, the tool can be rendered useless by a single system software update and, perhaps more importantly, cannot be remotely terminated by the entity deploying it, should the infection be discovered by the target. This means targeted users have the opportunity to learn a great deal about the exploit, its deployment, and possibly where it originated.
That being said, it's not cheap:
One QuaDream system, which would have given customers the ability to launch 50 smartphone break-ins per year, was being offered for $2.2 million exclusive of maintenance costs, according to the 2019 brochure. Two people familiar with the software's sales said the price for REIGN was typically higher.
With more firms in the mix -- and more scrutiny from entities like Citizen Lab -- it's only a matter of time before information linking NSO competitors to human rights abuses and indiscriminate targeting of political enemies threatens to make QuaDream and Candiru household names. And, once again, it's time to point out this all could have been avoided by refusing to sell powerful hacking tools to human rights abusers who were obviously going to use the spyware to target critics, dissidents, journalists, ex-wives, etc. That QuaDream chose to sell to countries like Saudi Arabia, Singapore, and Mexico pretty much guarantees reports of abusive deployment will surface in the future.
Another Free-Trader to a Key International Post?
The Black Crowes, Jaimoe, Trey Anastasio Band & many more to perform at 2022 Peach Music Festival
Unconstitutional prior restraint against New York Times lifted — for now — in Veritas case
A state appeals court has stayed a prior restraint order in a high-profile case between The New York Times and Project Veritas. For three months, the paper had faced an unconstitutional censorship order unprecedented in modern publishing history. The last time it had been subjected to such a broad gag order was the Pentagon Papers case over fifty years ago.
According to the new ruling, the Times is free to publish documents that had previously been restricted, and will not be forced to turn over or destroy any copies it is holding.
From Freedom of the Press Foundation directory of advocacy Parker Higgins:
It's a relief to finally see this outrageous prior restraint suspended, but frankly it never should have happened in the first place. It violates the fundamental press freedom guarantees in the First Amendment, and the potential precedent would allow plaintiffs to silence coverage and squelch all sorts of reporting. We look forward to the underlying order being thrown out entirely.
Project Veritas, the plaintiff in this case, is currently also the subject of a separate case closely watched by press freedom advocates. That case involves an FBI raid of the homes of several people involved with the conservative group.