1 recommendation |
Russia wants Apple and SAP to prove that their software isn't used for spyinquote: Russia has been extra-sensitive to technological threats to its government as of late, and that's clearer than ever in the wake of a new government proposal. Communication Minister Nikolai Nikiforov has suggested that Apple and SAP should hand over their source code to prove that it doesn't have "undeclared capabilities" for spying on Russian agencies. In other words, he doesn't want to give the NSA free rein just because an official brought an iPhone to work. While he isn't certain as to whether or not institutions will keep using products whose code remains a secret, there's an implication that Apple and SAP may be locked out of government contracts if Putin and crew believe there's too much of a risk. Much of that business could go to Microsoft, which has been cooperating with Russia since 2003.
» www.engadget.com/2014/07 ··· ap-code/Interesting would be an understatement. Blake |
|
SnowyLock him up!!! Premium Member join:2003-04-05 Kailua, HI
3 recommendations |
Snowy
Premium Member
2014-Jul-31 3:28 am
I'm sure Apple keeps a clean copy somewhere. |
|
KrisnatharokPC Builder, Gamer Premium Member join:2009-02-11 Earth Orbit |
to Link Logger
Hand over their source code? lol |
|
Hitron CDA3 (Software) OpenBSD + pf
|
to Link Logger
Uggghhh, just get a team to decompile/disassemble the questionable devices and verify its capabilities. As noted, its not like Apple or SAP couldn't falsify their source code for protective measures. I'm guessing we'll soon see the compartmentalization of all software based on location by various govs and military. |
|
BlackbirdBuilt for Speed Premium Member join:2005-01-14 Fort Wayne, IN
3 recommendations |
to Link Logger
quote: ... Communication Minister Nikolai Nikiforov has suggested that Apple and SAP should hand over their source code to prove that it doesn't have "undeclared capabilities" for spying on Russian agencies.
I'd be more than a little surprised if the Russians didn't already have the source code... or could get it by "unconventional" means if they didn't. quote: ....there's an implication that Apple and SAP may be locked out of government contracts if Putin and crew believe there's too much of a risk. Much of that business could go to Microsoft, which has been cooperating with Russia since 2003.
And there's the real reason behind the move. And it's not the "risk"... it's the 'squeeze'. Nothing ever changes in the land of the oligarchs, other than the titles and the "isms". |
|
|
DownTheShorePray for Ukraine Premium Member join:2003-12-02 Beautiful NJ
2 recommendations |
to Link Logger
Keep throwing up those smokescreens, Vladimir. Classic distraction technique. Are the software companies now to be his "Jews"? ...plus ça change, plus c'est la même chose... |
|
|
to Blackbird
Have other countries requested and received source code from Apple or SAP for inspection purposes (ie is Russia request really that unique)?
Blake |
|
1 recommendation |
to Link Logger
FYI having the "source code", by itself, is almost useless IMO. One must have the build tools (compiler, linkers etc) so that one can verify that the same executable(s) can be built.
I've had to do this quite a few times in my career. It is not necessarily a simple thing to do. One time a (recently fired) coworker had at least 10 copies of source code on his PC (in different folders) none of which built the same binary as the one he'd released to manufacturing the week before. Fun times! |
|
|
to Link Logger
...there must be some pretty bored and/or insomniac people over there if Russia expects the source code to be handed over for "review."
Heck, back in school ANY review of my code for bugs (much less security issues) put me to sleep [/sarcasm]
Regards |
|
|
to Link Logger
Here ya go Russia. You can go ahead and get a few bits of the source before Apple even responds, lol: » www.opensource.apple.com/ |
|
1 recommendation |
to Link Logger
|
|
|
said by sparky007:Were pulling all sales and support from Russia And certainly that is an option, but given how the NSA has been operating I doubt that Russia will be the only country asking for code. I bet the Germans have some concerns about their own SAP given the spying and such that the NSA has been doing in Germany. Certainly Microsoft would be happy if Apple and SAP removed themselves from various markets as apparently the Russians have looked over their code and feel its not NSA tweaked. Perhaps a better question would be, why wouldn't they reveal their source code? Has Russia started selling their own version of Windows yet? Blake |
|
SnowyLock him up!!! Premium Member join:2003-04-05 Kailua, HI
1 recommendation |
Snowy
Premium Member
2014-Aug-1 1:19 am
said by Link Logger:Has Russia started selling their own version of Windows yet? No way they could compete with the street vendors selling the same product. |
|
|
to sparky007
Maybe that will be in the next round of sanctions. No more iPhone for you Vlad and entourage... |
|
1 recommendation |
And no doubt some Russians would be disappointed that they couldn't get an iPhone, but I'm pretty sure any coder would be dancing in the street if you told them they couldn't use SAP Blake |
|
|
to Link Logger
if "undeclared capabilities" for spying on Russian agencies" was added, it would only be for a smoke screen, one of many, to keep the Russians thinking they found the real spy devices.. they haven't.. |
|
Astyanax Premium Member join:2002-11-14 Melbourne, FL |
to Link Logger
This is the same country whose intelligence ministries are going back to typewriters. |
|
|
They aren't the only ones thinking about using typewriters again, for example the Germans » www.dailymail.co.uk/news ··· ies.htmlI wonder if there is a SAP module for that? Blake |
|
fartness (banned)Donald Trump 2016 join:2003-03-25 Look Outside |
to Link Logger
1. Is it a fact that the NSA or other US Government agencies are spying on the Russians via iphones? 2. How would Russia get the source code? 3. Does Apple polygraph their employees with "top secret" access to the behind the scenes "stuff" (ie. source code, etc.)? Russia could easily slip someone a few hundred thousand for their "cooperation". 4. What does Apple do to ensure that Russia's CIA equivalent hasn't planted a mole inside of Apple who works for them? Our own CIA has mechanisms in place to make sure this doesn't happen to them, but I'm sure it still does. Seems Apple might be up there but not quite CIA-class. |
|
fartness |
fartness (banned)
Member
2014-Aug-2 10:13 pm
Also an interesting read from here: » travel.state.gov/content ··· sia.html"Personal Privacy: Travelers should be aware that in 1995, the Russian Federal Law on Operational Search Activity passed, in conjunction with Order No. 130 by the Minister of Information Technology and Communications (July 25, 2000), the "System for Operative Investigative Activities." Commonly known as "SORM," this law permits the monitoring, retention and analysis of all data that traverses Russian communications networks, including fax transmissions, telephone calls, internet browsing, and e-mail messaging. U.S. citizens should be cognizant of this law when using any of these means of communication." |
|
|
to fartness
I would agree with you that it would be very difficult if not impossible to hide 'spy' code when so many people work on it, but people flamed me when I suggested this when folks were/are flaming Microsoft about having 'spy' code embedded.
Blake |
|
SnowyLock him up!!! Premium Member join:2003-04-05 Kailua, HI |
Snowy
Premium Member
2014-Aug-3 5:22 am
said by Link Logger:I would agree with you that it would be very difficult if not impossible to hide 'spy' code when so many people work on it, ... What's your definition of 'spy' code? Off the top of my head... GPS Microphone Camera Builtin SMTP server Kill switch Installed apps monitoring Activity/Event logs: Email activity URL browsing events Voice memos Calendar events SMS activity Call logs... There's no need to hide this stuff. It's almost a standard feature list. Code-wise the ability to remotely interact with the feature list is all that's needed Considering the compartmentalization of code in something as complex as iOS it makes hiding the ability to remotely control the feature list very doable, IMO |
|
|
Well then we must all be spies as these are features that consumers want. Not exactly my definition of 'spy' code as I was thinking more nefarious hidden functionality code like intentional back doors etc, ie code I wouldn't want the average Joe to know was in there.
Blake |
|
ashrc4 Premium Member join:2009-02-06 australia |
to Link Logger
Russia thinks it can be trusted with the source code.....interesting. |
|
gnome84 join:2014-04-12 Saint Paul, MN |
to Link Logger
The tech industry isn't what it used to be imho
Very left brain arguments going on here. I suppose kaspersky knows about the backdoors in windows 7. |
|
SnowyLock him up!!! Premium Member join:2003-04-05 Kailua, HI
1 recommendation |
to Link Logger
said by Link Logger:... I was thinking more nefarious hidden functionality code like intentional back doors etc, ... Your use of the word 'intentional' indicates that back doors can be present but unknown to the coders. If an obscure, unseen back door can happen unintentionally - it can happen intentionally. It's a sure bet that none of the Stuxnet coders brought a 'can't be done' attitude to the test bench. |
|
|
to Link Logger
this is silly, ECHELON captures the traffic anyway.. » en.wikipedia.org/wiki/ECHELON |
|
Nanaki (banned)aka novaflare. pull punches? Na join:2002-01-24 Akron, OH |
to sparky007
Yeh greedy apple deciding to not sell their stuff to some one. Nope that will not happen. Unless the us says stop apple will continue to sell. |
|
Nanaki |
to Link Logger
But blake didn't you know that microsoft is evil and apple is devine? I mean come on now who is it that sues the people who developed tech that they use for "steeling their design for a home button"? Oh damn wait that was apple who sued samsung who is at least in part responsible for the touch on all touch screen devices them and synaptic. So yeh nvm.
But yep i actually remember the flames etc from back then. I mean yeesh talk about not having a clue. Lets see here what was it you made again hmm something about traffic analysys if i recall. /s So if any one here is qualified to say that it would be very difficult for a company to hide this or that when it relates to traffic such as spy software phoning home i think you do qualify.
With that said how ever we do know that things like carrier iq are installed on many if not all carrier branded android devices. This was at least in part discovered by looking at the traffic from phones. We also know that at least some of this code exists on iphone but is off by default unless you choose to send the data for trouble shooting. How ever what else might apple ios be hiding in it's closed source? |
|
Nanaki |
to iknow_t
I would so not use wikipedia for information on that. If ever there was something that wikipedia is useless for it is this sort of thing. I always take wiki articles with a heavy does of salt. Any one with a account and half a brain can edit those things and no one bothers to honestly check what is put up.
What i don't get is why the gov would bother creating any thing to gather store and sift trafic. All they really need to do is hack in to the isps cell phone etc providers network and use already existing infrastructure to do most if not all the same. Every url you visit every thing you download is saved on your isps servers (at least the meta data file names etc)In some cases isps "cache" entire webpages and feed those to their customers via caching proxy. This can be any thing including entire multi gig files.
I set up a smooth wall squid proxy and some other stuff on a old comp some years back and had it "cache" every file web page etc etc i ever visisted. Other than the fact i ran out of hd space it worked just fine. I literally had what amounted to a mirror of my entire networks file downloads on my server. Basically i was raid mirroring on a networked computer. With much more storage avail today it honestly might be worth having a server in house to do exactly that. Save a copy of all downloads. Then once a week dump to the cloud.
But going off track here things like echelon seem just a tremendous waste of time and resources vs using existing infrastructure provided by isps and paid for by the very people who you may want to spy on. |
|