
American Hackers Helped UAE Spy on Al Jazeera Chairman, BBC Host - thefounder
https://www.reuters.com/investigates/special-report/usa-raven-media/
======
dmix
If I was a journalist covering any sort of geopolitical stuff I'd 100% have my
phone reviewed by infosec experts regularly and change devices frequently. And
ideally use separate phones for external work related contacts, day-to-day in-
office work, and personal life.

~~~
dontbenebby
IIRC most of these exploits require either physical access, or clicking a link
in an email or text.

I'm not sure anyone will burn a no interaction zero day on a human rights
journalist. I suspect that kind of thing is hoarded by the big boys for when
life and limb are on the line.

~~~
crummy
The article mentions the no-interaction exploit used:

> The attacks utilized a cyber weapon called Karma. As Reuters reported in
> January, Karma allowed Raven operatives to remotely hack into iPhones by
> inputting a target’s phone number or associated email address into the
> attack software. Unlike many exploits, Karma did not require a target to
> click on a link sent to an iPhone, they said. Apple declined to comment.

~~~
dontbenebby
Wow. Sorry, I didn't see that part.

I'm surprised it's still circulating then, it sounds like a very serious bug.
It's still not known? (No CVE?)

~~~
lawnchair_larry
It’s been patched. There may be others currently in use, or that will be found
and used in the future, but this specific bug was killed.

------
NeoBasilisk
I wonder how many of these hackers "just liked to solve interesting problems"
for work.

~~~
tptacek
Too many. Your comment probably sounds like snark to a lot of people but
touches on a very real problem.

------
munk-a
Hey America, do you think you might find a bit of time to persecute these
Americans that are being such obviously terrible actors?

Sure, the crime wasn't on US soil and so-and-so but... I feel like in the
modern world it'd really help America's cred to actually try and take action
against these terrible actors. The fact that these folks were former three-
letter probably means there's some contract somewhere out there where they
signed away all their rights forever.

(Also, I get that America is probably fine with this sort of hacking, given
that it targeted "the evil" but why not just prosecute these folks for the
image of it)

~~~
boomboomsubban
If you read their earlier investigation, the employees aren't any more
terrible than the average NSA rep, and the firm is mostly careful about making
an Emarati operative actually perform the attacks on people from the US making
prosecution difficult. The FBI was investigating as of January at least.

~~~
Gibbon1
I would think running your own foreign espionage operation as an American
citizen would get you 25 to life. Or should.

~~~
boomboomsubban
That isn't what happened here, and why would your companies location make the
acts worthy of more or less prison time?

------
Bhilai
It's probably a lot more lucrative to work on such projects than may be
working for the NSA while doing the exactly same things but aren't there laws
that prevent ex-spies and hackers to work for foreign governments ?

~~~
rcMgD2BwE72F
If governments / law makers cared, they would react.

I remember when the French government learnt that all the top officials of the
country where tapped by the NSA, including the President
([https://fr.wikipedia.org/wiki/Espionnage_de_l%27%C3%89lys%C3...](https://fr.wikipedia.org/wiki/Espionnage_de_l%27%C3%89lys%C3%A9e_par_la_NSA)).

France did absolutely _nothing_.

~~~
bilbo0s
> _France did absolutely nothing..._

...that we know about.

~~~
soraminazuki
Sure, but doing nothing publicly does mean a lot.

------
tibbydudeza
And they are bleating about China and Huawei.

------
Simple_Guy
When I was a kid I did dream of being a cyber-mercenary. Given that the US
recognise cyberspace as being a battlespace, would being a hacker for another
country count as being a mercenary. Would that make you a combatant?

------
Latteland
Why isn't it illegal for Americans to hack into phones in other countries?

------
craftyguy
Can we not turn HN into /r/politics? Or, if we are, be very up-front about HN
supporting political 'news' and gossip?

~~~
pvg
This report is not scare-quoted news or gossip.

