Forgot your password?
typodupeerror
Apple Your Rights Online

India Mobile Handset Backdoor Memo Probably a Fake 151

Posted by samzenpus
from the upon-further-investigation dept.
daveschroeder writes "In the wake of previous coverage alleging that Apple, Nokia, RIM, and others have provided Indian government with backdoors into their mobile handsets — which itself spawned a US investigation and questions about handset security — it turns out the memo which ignited the controversy is probably a fake designed to draw attention to the "Lords of Dharmaraja." According to Reuters, "Military and cyber-security experts in India say the hackers may have created the purported military intelligence memo simply to draw attention to their work, or to taint relations between close allies India and the United States." Apple has already denied providing access to the Indian government."
This discussion has been archived. No new comments can be posted.

India Mobile Handset Backdoor Memo Probably a Fake

Comments Filter:
  • Or maybe not... (Score:3, Insightful)

    by Ethanol-fueled (1125189) on Wednesday January 11, 2012 @11:23PM (#38670382) Homepage Journal
    It's not a backdoor if it's "by accident..." [theregister.co.uk]
    • Re:Or maybe not... (Score:5, Insightful)

      by Anonymous Coward on Wednesday January 11, 2012 @11:30PM (#38670428)

      You can never prove a conspiracy false, because any evidence against it is dismissed as disinformation planted by the conspiracy.

      • by Anonymous Coward on Wednesday January 11, 2012 @11:37PM (#38670476)

        No, that's just what they *want* you to think.

        • Or is it....? *wink*.

          Oh wait, that wouldn't work. Doh.

          • by tnk1 (899206)

            Doesn't matter. As long as you keep speaking in conspiratorial tones, the fact that what you're saying does not logically follow is not a problem. Conspiracy is all about mood and fantasy.

      • Exactly. Blackberry's caving in to the Indian government last year (and Pakistani) to open access to their spy agencies was HUGE news and not debated at conspiracy whatsoever in mainstream press.

        Now a year later lumping Nokia and Apple in to the group all of a sudden it is FUD denials and conspiracy..... Child please..... I can read independent news, have a memory longer than 15 minutes, and can combine facts to make logical assumptions.

        News: stop insulting my intelligence
        Slashdot readers: stop jumping to c

  • n/t

  • patiently waiting for everyone who was Apple-bashing to recant their statements.

    • by bonch (38532) * on Wednesday January 11, 2012 @11:35PM (#38670458)

      Won't happen. Bashers really believe that Apple just sits around, inventing absolutely nothing, selling overpriced shiny baubles. In their view, all technology is the same, and Apple just makes products whose ideas are all entirely obvious, despite the fact that no one did things that way before. They hate Apple for being popular and widely credited for industry trends.

      • by Anonymous Coward on Wednesday January 11, 2012 @11:40PM (#38670498)

        I have to give Apple credit for the Apple II. That was awesome. Hurray for Wozniak.

        Is there any other Apple product of which you can say "no one did things that way before"?

      • by harperska (1376103) on Wednesday January 11, 2012 @11:58PM (#38670604)

        There really is a sort of sublime irony in a poster blatantly ripping off a blog post which defends the idea that certain companies are ripping off Apple.

        http://macjournals.com/blog/2012/01/10/dan-lyons-showing-self-awareness-what-self-awareness/ [macjournals.com]

        Unless, of course, bonch really is Matt Deatherage of MacJournals, in which case, congratulations on quoting yourself.

    • by artor3 (1344997)

      You'll be waiting a long time. Most of them won't even read this story, and will continue to believe that lie for the rest of their lives. They'll even casually bring it up in conversation, causing other people to believe it. "A lie will go round the world while truth is pulling its boots on."

      • by Anonymous Coward on Thursday January 12, 2012 @02:58AM (#38671306)

        Probably because we already know Apple spies on iOS users?

        If you remember, CarrierIQ is baked into iOS. It can't be uninstalled by users, because it's part of the OS. Even with jailbreaking it involves removing kernel modules.

        Not to mention that if you actually bothered to read your iCloud TOS, you'll discover that Apple reserves the right to continuously monitor and record your current location. They even get access to your email through iCloud.

        Basically, everything that the memo says Apple allowed India to do Apple claims the right to do in their TOS!

        So even if the memo is fake, the ability for Apple to spy on iOS users most certainly is NOT.

        • Re: (Score:3, Informative)

          by jo_ham (604554)

          So, turn off those features.

          Switch off location services, don't use iCloud (a claim that can be put to any cloud service, not just Apple's).

          It also doesn't say "continuously monitor" - you're just trying to use weasel words to make it sound worse. What it talks about is occasionally collecting anonymous location data to improve it's location-aware apps.

        • by thoromyr (673646)

          Ah, an anonymous coward spreading lies and misinformation. No wonder you posted anonymously.

          CarrierIQ is *not* "baked" into iOS. Although Apple *used* to use CarrierIQ they stopped doing so *before* the news hit.

          What information is collected is visible to the user and configurable by the user. In iOS 5 (again, *before* the CarrierIQ news hit) it is presented when first setting up the phone. To make it clear what is (or isn't, when disabled) enabled.

          If you had an iPhone and didn't want to store email in iClo

    • by DJRumpy (1345787) on Wednesday January 11, 2012 @11:40PM (#38670490)

      You may be waiting a while as these sorts of things tend to take on a life of their own regardless of the facts presented. The meat of the linked article basically says the docs are questionable but well done. They also throw in a possible link to Anonymous which is a curious twist:

      Technology blog Infosec Island said on Wednesday it had seen more data obtained by the Lords of Dharmaraja, including dozens of usernames and passwords for compromised U.S. government network accounts.
      Infosec Island blogger Anthony Freed said the hacker group claimed to have taken the data from servers belonging to India's Ministry of External Affairs and the Indian government's IT organization, among others.
      Officials in India declined to comment on the document's content or authenticity.
      The alleged memo (http://bit.ly/zYze7w), which had a number of inconsistencies, including the letterhead of a military intelligence unit not involved in surveillance, claimed India had been spying on the USCC using know-how provided by Western mobile phone manufacturers.
      While the memo looks dubious, the U.S.-China Economic and Security Review Commission has not denied the veracity of the email cache, and U.S. authorities are investigating the matter.
      The emails include conversations between U.S. embassy officials in Tripoli, DHL and General Electric about delivering medical equipment to Libya, as well as concerns that GE was helping China improve its jet engine industry.
      "ANONYMOUS"
      It is unclear whether Lords of Dharmaraja got the emails from Indian military intelligence servers, as they claim, but they first mentioned the documents in November, at the same time as they announced they hacked India's embassy server in Paris.
      That breach was confirmed at the time by India's foreign ministry, and some experts believe the cache of U.S. emails was taken from the same source, raising the question of how they ended up there in the first place.
      "An individual could have hacked someone's personal computer and handed it over to the embassy. There are so many means and measures," said Saini, who himself was charged with leaking secrets to Washington in 2006. He proclaims his innocence.
      "There may be cooperation between India and the United States, the United States may have shared them, or India could have done the hack ... or a third country may have handed it to India," said Saini.
      It is also unclear how Symantec's source code ended up with the Lords of Dharmaraja, whose public face goes by the name Yamatough on a Twitter feed.
      Yamatough, whose profile picture shows a Tibetan painting of Dharmaraja, the Hindu god of death and justice, follows many members of the "Anonymous" hacking collective, and Symantec attributes the hack to that group.

      • It is also unclear how Symantec's source code ended up with the Lords of Dharmaraja, whose public face goes by the name Yamatough on a Twitter feed.
        Yamatough, whose profile picture shows a Tibetan painting of Dharmaraja, the Hindu god of death and justice, follows many members of the "Anonymous" hacking collective, and Symantec attributes the hack to that group.

        I never knew you could follow someone Anonymous.

    • Re: (Score:2, Informative)

      by uvajed_ekil (914487)
      We've still got PLENTY of reasons to bash Apple. Don't hold your breath, this was not our hoax.
      • Don't hold your breath, this was not our hoax.

        Yeah, you just A) fell for it, and B) still ignored that the document said all major device makers had installed the backdoor and focused on Apple.

    • by thsths (31372)

      Why, because Apple said that they didn't do it? Come on, any secret service would attach a clause to the contract that keeps the content of the contract confidential. And that is not even paranoid, that is just a fact of live - think about the way the NSA works, the "secret" illegal wire-tapping, super-injunctions... misinforming the masses is fair game.

  • by Darkness404 (1287218) on Wednesday January 11, 2012 @11:30PM (#38670432)
    Meanwhile in the US, telecom companies and every other industry is bending over backwards for our police state. I find it rather funny that this accusation gets press but you rarely find mention of people actually wanting to stop warrantless wiretaps. After all, both Microsoft and Skype have quietly complied with allowing eavesdropping by the government. So honestly it wouldn't surprise me one bit that handsets have backdoors given to the US government which are then figured out by other oppressive governments to spy on their citizens.
  • Doesn't matter (Score:5, Insightful)

    by 93 Escort Wagon (326346) on Wednesday January 11, 2012 @11:35PM (#38670454)

    The Slashdot community already convicted Apple of this and have moved on.

    And yes, I realize it's about Nokia as well as RIM, too - but in the original story discussion very few people paid any attention to those players.

    • Doesn't matter in the US where the ISPs, cell service providers, heck, even Skype and Microsoft have been bowing down to the government to allow them to continue their war on US citizens. Chances are, Apple has already built in some backdoor for the US government, which is much, much more worrying than Apple building a backdoor for India/China/Russia/etc.
      • Re: (Score:3, Insightful)

        by Anonymous Coward

        Of course you don't have any evidence. It's funny how conspiracy-theorists are just as faith-based as any religion.

        • Re:Doesn't matter (Score:5, Informative)

          by Darkness404 (1287218) on Wednesday January 11, 2012 @11:56PM (#38670584)
          Lets see here, there's this law in the US called the CALEA called the "Communications Assistance for Law Enforcement Act" which states in part:

          Sec. 103. Assistance Capability Requirements. (a) CAPABILITY REQUIREMENTS.â" Except as provided in subsections (b), (c), and (d) of this section and sections 108(a) and 109(b) and (d), a telecommunications carrier shall ensure that its equipment, facilities, or services that provide a customer or subscriber with the ability to originate, terminate, or direct communications are capable ofâ" (1) expeditiously isolating and enabling the government, pursuant to a court order or other lawful authorization, to intercept, to the exclusion of any other communications, all wire and electronic communications carried by the carrier within a service area to or from equipment, facilities, or services of a subscriber of such carrier concurrently with their transmission to or from the subscriber's equipment, facility, or service, or at such later time as may be acceptable to the government; (2) expeditiously isolating and enabling the government, pursuant to a court order or other lawful authorization, to access call-identifying information that is reasonably available to the carrierâ" A before, during, or immediately after the transmission of a wire or electronic communication (or at such later time as may be acceptable to the government); and B in a manner that allows it to be associated with the communication to which it pertains, except that, with regard to information acquired solely pursuant to the authority for pen registers and trap and trace devices (as defined in section 3127 of title 18, United States Code), such call-identifying information shall not include any information that may disclose the physical location of the subscriber (except to the extent that the location may be determined from the telephone number); (3) delivering intercepted communications and call-identifying information to the government, pursuant to a court order or other lawful authorization, in a format such that they may be transmitted by means of equipment, facilities, or services procured by the government to a location other than the premises of the carrier; and

          Combine that with the PATRIOT act which basically allows the government to screw with US citizens at its leisure, means that the government can basically tap your phone for any reason that it sees fit.

          And the (as you would put it since you obviously don't have a clue what is going on in the world) conspiracy theory website The New York Times reported in 2010 about a bill that the US government was considering that takes CALEA further by mandating that all encryption be able to be decrypted by the government (in CALEA encryption was left up to the government to decrypt on its own) https://www.nytimes.com/2010/09/27/us/27wiretap.html [nytimes.com]

          Also, according to Slashdot, quoting US laws are "lame".

        • Of course you don't have any evidence. It's funny how conspiracy-theorists are just as faith-based as any religion.

          Right, because corporate espionage among multi billion dollar corporations, government corruption, greed, and the existence of the CIA, the Mossad, the KGB, and terrorist groups are all just figments of our over-active imaginations. I suggest that most mishaps are not a result of wide-ranging conspiracies (government-perpetrated or otherwise), but such conspiracies do pop up on occasion. And you have to consider that the most successful conspiracies are the few that are never uncovered as such. So don't tak

          • by artor3 (1344997)

            Please explain how "the existence of the CIA" means that the United States is at war with its citizens (since that is what you are responding to, after all). Show your work.

      • 10 posts in, and there are already guys like you completely missing the point and going right back to baselessly accusing Apple of things. Slashdot never changes.

        • So let me get this right:

          Apple (along with many other handset manufacturers) are accused of building back doors in for the Indian government.

          Apple denies these claims.

          Meanwhile, under the provisions of various US laws and policies your iPhone on a US network can still be wiretapped and information accessed.

          So I'm supposed to say good job to Apple for standing up against the Indian government (which is really no concern of mine) while bowing to the slightest pressure of the US police state? S
          • by dissy (172727)

            Meanwhile, under the provisions of various US laws and policies your iPhone on a US network can still be wiretapped and information accessed.

            https://www.eff.org/issues/nsa-spying [eff.org]

            You said it yourself, the US NETWORK is what is tapped. Apple is not a phone network in the US or anywhere else.

            The wiretaps are done at the phone company. AT&T even admitted such and it was covered on slashdot multiple times. You trolled that thread too so you are well aware of it.

            The US government doesn't need a backdoor in any phones, the data is intercepted and logged at the phone company, and the government has retroactively indemnified them of any wrong doin

    • "Never let the facts get in the way of a good story"

    • And yes, I realize it's about Nokia as well as RIM, too - but in the original story discussion very few people paid any attention to those players.

      I'm not sure about Nokia, but we already knew that RIM was working with the Indian government on intercepts.

    • by fatphil (181876)
      Well, I can assure you that at the kernel level, Nokia's linux phones have no such back doors in. You don't have to take my word for it, I'm only the gatekeeper who vets every patch that gets included in the kernel, you can freely grab the source and diff it against upstream and check for yourself.

      Of course, there would be ways of adding back doors to the phone subsystem which is a separate core running its own OS. But all communication to the modem goes via the AP, so you could easily modify our kernel and
      • by tlhIngan (30335)

        Well, I can assure you that at the kernel level, Nokia's linux phones have no such back doors in. You don't have to take my word for it, I'm only the gatekeeper who vets every patch that gets included in the kernel, you can freely grab the source and diff it against upstream and check for yourself.

        Of course, there would be ways of adding back doors to the phone subsystem which is a separate core running its own OS. But all communication to the modem goes via the AP, so you could easily modify our kernel and

  • by Proudrooster (580120) on Wednesday January 11, 2012 @11:48PM (#38670544) Homepage
    This reminds me an X-files episode where you are left not knowing what to believe. Do you believe the convincing evidence or the "official denial" of the convincing evidence. Hmmmmm..... I guess I just won't carry around one of those personal tracking devices until I know the truth.
    • Maybe you should get yourself a tinfoil hat while doing so, won't hurt :) I know I do!

    • Sure, Apple might not give a backdoor to the Indian government, but chances are it (or your cell phone service provider) is giving a backdoor to the US government, pursuant to CALEA and other laws. And Skype is mandated to put in backdoors too...

      Personally, its a whole lot more worrying for information to be sent to the US government than to the Indian/Chinese/Russian/Iranian/North Korean government.
      • Re:X-Files Episode (Score:4, Insightful)

        by onefriedrice (1171917) on Thursday January 12, 2012 @01:08AM (#38670954)

        Sure, Apple might not give a backdoor to the Indian government, but chances are it (or your cell phone service provider) is giving a backdoor to the US government, pursuant to CALEA and other laws. And Skype is mandated to put in backdoors too...

        It's cute that you think the US government needs handset manufacturers to include backdoors in order to wiretap. It's much easier to just control the networks. \tinfoil

    • don't matter. Now you know the truth.

  • Good news. (Score:4, Insightful)

    by Voline (207517) on Thursday January 12, 2012 @12:04AM (#38670636)

    As the submitter of the original story, I'll be relieved if the leaked memo is a fake. It gives me an excuse to put off migrating from Mac OS X to Linux, which was going to be a good deal of work.

    But the earlier case of RIM agreeing to provide in-country servers [cnet.com] to enable government surveillance in the UAE, India and Saudia Arabia shows the leverage that governments can wield over companies that operate within their territory. Vigilance is warranted.

    • It gives me an excuse to put off migrating from Mac OS X to Linux, which was going to be a good deal of work.

      Unless you've heavily modified the OS itself, difficulty in migrating OSes is a sign that you've either locked yourself in or are about to lock yourself in, and your choice of destination OS rules out the latter.

      You should do it anyway, it'll save you money and time in the future and reduce funding to a tyrant megacorp. You know they're going to wall-in MacOS at some point, there's too much money to be made.

      Apart from gaming, migrating from Windows to Linux was easy for me, even back in the days when I was

  • by Loopy (41728)

    People will believe something because they want it to be true, or because they're afraid it is true. This holds in spite of evidence to the contrary or the absence of any corroborating data.

    Doubly unfortunate is that assertions like this ask the accusee to prove a negative, knowing full well that proving it would necessarily reveal source code and/or trade secrets and/or secret agreements with governments.

    • by Hentes (2461350)

      This holds in spite of evidence to the contrary or the absence of any corroborating data.

      A simple denial is far from evidence of the contrary.

      Doubly unfortunate is that assertions like this ask the accusee to prove a negative, knowing full well that proving it would necessarily reveal source code and/or trade secrets and/or secret agreements with governments.

      And why exactly revealing those is unfortunate?

  • CALEA (Score:4, Interesting)

    by bl968 (190792) on Thursday January 12, 2012 @01:29AM (#38671028) Journal

    What these companies have done is grant the same access the CALEA law gives the US Government to other countries. Other countries have taken this authority and used it for espionage. Thus these companies statements that "We didn't build a back door for India" then is correct. They built it for the U.S. Government.

    • by Guy Harris (3803)

      What these companies have done is grant the same access the CALEA law gives the US Government to other countries. Other countries have taken this authority and used it for espionage. Thus these companies statements that "We didn't build a back door for India" then is correct. They built it for the U.S. Government.

      ...which is probably not correct; the EU, for example, has a council resolution concerning requiring capabilities for "lawful interception of communications" [europa.eu] and I suspect the Member States have implemented laws for that. I.e., they built it for all countries that require lawful interception capabilities, which probably covers most countries in which they sell mobile phones.

      • What these companies have done is grant the same access the CALEA law gives the US Government to other countries. Other countries have taken this authority and used it for espionage. Thus these companies statements that "We didn't build a back door for India" then is correct. They built it for the U.S. Government.

        ...which is probably not correct; the EU, for example, has a council resolution concerning requiring capabilities for "lawful interception of communications" [europa.eu] and I suspect the Member States have implemented laws for that. I.e., they built it for all countries that require lawful interception capabilities, which probably covers most countries in which they sell mobile phones.

        What both of you are missing is that all of these laws are about wiretapping at the network level, not at the device level.

"The chain which can be yanked is not the eternal chain." -- G. Fitch

Working...