

WikiLeaks Posts Spy Firm Videos Offering Tools For Hacking iTunes, Gmail, Skype - sathishmanohar
http://www.forbes.com/sites/andygreenberg/2011/12/08/wikileaks-posts-spy-firm-videos-offering-tools-for-hacking-itunes-gmail-skype/

======
iuguy
Finfisher is an interesting product. Much of what it offers has been available
in open source projects[1][2] for quite a while. I imagine it's probably the
management overhead and GUI based interface that they sell it on.

Evilgrade (link below) is particularly interesting and handles the fake update
part of the infection. Typically you'd use something like a metasploit (or
equivalent) payload to install.

[1] - <http://www.infobyte.com.ar/developments.html> [2] -
<http://www.metasploit.com/>

------
bh42222
_After the downfall of Egyptian dictator Hosni Mubarak, the BBC obtained
evidence that Gamma had offered its technology to the country’s regime for
surveilling Egyptians’ use of tools like Hotmail, Yahoo! mail, Gmail and
Skype._

Note to self: Do not ever work for Gamma. Remember "Gamma" if you meet someone
who worked for them.

~~~
ukgent2
I work with gamma as a UK telephone operator. The divsion of gamma that was
involed with this was gamma international. Where as Gamma for UK is a pretty
much a seperate company. One of those things where the right hand does not
know what the left hand is doing.

looking at their website, they dont seem linked in anyway :/
<https://www.gammagroup.com/Default.aspx> maybe they are not part of each
other but just share a name.

------
MartinMond
Hm... does that mean that Apple's software updates aren't signed or that Apple
gave the key to that company?

~~~
cypherpunks01
Just one more reason to not use iTunes!

It appears that Apple Software Updates are indeed signed:
<http://support.apple.com/kb/HT5044>

Are there any journalists planning a story about this who can contact Apple
for a possible statement? I tweeted the author @a_greenberg to do so.

~~~
cypherpunks01
Andy replied: "It seems Apple has patched the vulnerability initially used by
this spyware. Brian Krebs wrote about it here. <http://bit.ly/vqqwvK>

------
vinhboy
Has anyone seen a exploit that allows an attacker to view your camera, without
turning on the green indicator light? This is the kind of stuff my nightmares
are made of.

~~~
morganw
[http://www.google.com/patents?id=zoetAAAAEBAJ&q=hardwire...](http://www.google.com/patents?id=zoetAAAAEBAJ&q=hardwired#v=snippet&q=hardwired&f=false)

