
The technical report suggesting Saudi Arabia's prince hacked Bezos' phone - mudil
https://www.vice.com/en_uk/article/v74v34/here-is-the-technical-report-suggesting-saudi-arabias-prince-hacked-jeff-bezos-phone
======
9nGQluzmnq3M
Remember when American Media tried to extort Bezos with dick pics? In the
terms they tried to force him to agree to, this line stands out:

 _4\. AM affirms that it undertook no electronic eavesdropping in connection
with its reporting and has no knowledge of such conduct._

[https://medium.com/@jeffreypbezos/no-thank-you-mr-
pecker-146...](https://medium.com/@jeffreypbezos/no-thank-you-mr-
pecker-146e3922310f)

And note this all happened after the suspected hack. Curiouser and curiouser
-- it looks like the Saudis were the source of the images, which also explains
why AMI was trying so hard to stifle Washington Post's reporting regarding the
Saudi murder of Khashoggi.

------
mzs
journalist's thread >

NEW: Saudi officials close to MBS tell WSJ they were aware of a plan to hack
Bezos' phone, but not of any attempt to blackmail him. Qahtani was involved in
the hacking effort as part of a broader intimidation campaign against
Khashoggi, officials said.

More: FBI is investigating the hack, source says. Bezos didn’t want to provide
his phone directly to the FBI, so FTI Consulting, where several former FBI
officials work, conducted probe but stayed in touch with law enforcement, the
person said.

WhatsApp was not contacted by FTI during the investigation, a person familiar
with the matter said.

Also new: Oct 2018 contract btwn Michael Sanchez and AMI gave rights to
“certain information, photographs, and text messages documenting an affair
between Jeff Bezos and Lauren Sanchez.”

Mr. Sanchez "acquired Confidential Information lawfully,” stated contract,
seen by WSJ.

[https://twitter.com/dnvolz/status/1220073641326665731](https://twitter.com/dnvolz/status/1220073641326665731)

~~~
wyxuan
Sure they said that, but they likely did that to cover up the Saudi hack of
Bezo's phone

~~~
mzs
Of course it's possible that in April the folks working for MBS realized that
Bezos was not going to place his thumb on the reporting done by WaPo so they
hacked his phone primarily as a means to spy and get ahead of future news,
then they found compromising materials and used AMI to try and blackmail
Bezos, but that is all speculation.

------
cryoshon
hacking of bezos' phone by MBS of KSA suggests an effort by the saudis to
influence news coverage so that their backwards petrostate is not excoriated
as routinely or as comprehensively for its cornucopia of egregiously
unacceptable faults. there may also be some sort of wrondoing on behalf of
trump in this incident, but i think it's too early to say either way.

on the bright side, this flap is a battle of billionaires. whoever loses, we
win. at the current stage of the news cycle, it looks like MBS is down for the
count, meaning that we're that much closer to being able to exclude KSA from
world affairs until it modernizes. but, we'll have to see where it goes. if
the media and the UN don't carry this investigation to its conclusion, there's
still a chance the perpetrators could weasel away.

relatedly, this is the second incident in which someone has sought to
blackmail bezos and failed horribly. i usually don't appreciate bezos, but the
guy's unflappable. i wonder what bezos is doing behind the scenes to get back
at the perpetrators, if anything.

~~~
threatofrain
> ...this flap is a battle of billionaires. whoever loses, we win

Why? Does power or wealth leak back to society amid the Game of Thrones?

~~~
yingw787
Yeah...OP's comment doesn't make sense to me either. And frankly, MBS is far
more powerful than Bezos is. It's a battle between a billionaire living
amongst other billionaires in a republic, and a multi-trillionaire who's an
absolute monarch leading a great power.

~~~
cryoshon
saudi arabia isn't a great power. it has economic power via oil, but this
power is eroding at a lightning speed thanks to the end of the petrochemical
era. it has no military power to speak of, nor any cultural influence
whatsoever outside of the muslim world. at the same time, its own culture is
being eroded by the west's at a blinding pace. its institutions are weak and
too corrupt to be taken seriously. its labor force is non-competitive. its
citizens are not educated, nor are they interested in a transition to being
more educated and competitive.

it is entirely reliant on foreign labor, foreign weapons, and foreign
intellectual property. it has no natural resources to speak of, other than
oil. it isn't a member of any powerful geopolitical blocs, and its fear of its
more powerful neigbor (iran) has dictated its disposition for a long time.

in short, it's a billionaire's playground, but it isn't a nation that's very
formidable. in the realm of cybersecurity/cyberwarfare, i'd put my money on
bezos.

------
jdkee
“Making my job harder, every day.”

-W. Gibson via Twitter, 01/22/2020.

[https://twitter.com/GreatDismal/status/1219791756830466049](https://twitter.com/GreatDismal/status/1219791756830466049)

~~~
kryogen1c
“The difference between fiction and reality? Fiction has to make sense”

Tom Clancy

------
jml7c5
What does a WhatsApp .enc file contain, apart from its media? The report
describes it as a "downloader", but that doesn't make a lot of sense. Are they
suggesting the .enc file is malformed, such that when WhatsApp tries to parse
it (or when creating it), some security flaw in WhatsApp allows arbitrary code
execution? (I.e., .enc files in general are not "downloaders".)

~~~
mirimir
So maybe this involves a WhatsApp 0day?

If it's something that's been fixed since May 2018, then the malicious .enc
file would either not work, or work normally.

One thinks that such possibilities could be explored in a suitable test
environment.

------
sytelus
You might ask who can touch the man with $100 billion? Turns out its the man
with $1 trillion.

So that the amount of wealth one needs where you can truly be above justice
and law under all and any circumstances turns out to be $1 trillion. With that
wealth, one can purchase all of the available human labor in the entirety of a
big city like Los Angeles for his sole purpose perpetually or you can maintain
a human army that is twice as big as the US army! This is the magic level of
wealth where you are not obeying the law but rather creating ones. You, in
essence, become the law at that level of wealth.

~~~
meowface
I understand your point, but it's really his bloodline and position that's the
bulk of his power, not his wealth. The position grants the wealth, but the
inverse is definitely not implied. A random private citizen worth $1 trillion
would be much less powerful and probably much less brazen. (Though certainly
still very powerful.)

~~~
sytelus
When the president of the United States gave him a pass, it wasn't because of
his bloodline but the fact he was willing to spend a few billion dollars on
purchasing some army equipment.

~~~
meowface
Was it "his" money, or Saudi Arabia's, though?

------
poundtown
came here to find out how it was done....disappointed

------
viburnum
A good solution would be if the news media wasn’t owned by billionaires.

~~~
ergothus
Actually, in this case Bezos has shown a resistance to corrupt influence
BECAUSE he's a billionaire. (I'm not disputing the list of corrupting
influences DUE to being a billionaire, just pointing out this particular case
may have the opposite)

Having a larger number of respected media outlets could help. Having news and
money separated is great, but hard to implement. (patches welcome!) . Having
media outlets that no individual or small group can control, regardless of
their money, also good but tricky.

~~~
frandroid
Meh. I mean sure, Bezos has been a different media owner than Rupert Murdoch,
but in the end, the WaPo enforces the neoliberal order, with some sprinkling
of liberal concern to re-assure people that yes, humanist concerns are
important. But you won't find an editorial line that challenges capitalism, or
wanton CO2 emissions which will rapidly kill our planet.

Or Amazon, for that matter. Not an unimportant factor considering Bezos'
position atop the pyramid...

~~~
Consultant32452
You might find this tweet thread interesting about a large list of 'anti-
interesting' stories. Stories that have been conspicuously ignored by the
corporate media.

[https://twitter.com/EricRWeinstein/status/122017967080239513...](https://twitter.com/EricRWeinstein/status/1220179670802395137?s=19)

------
mirimir
Edit: It'd be really useful if someone could say where I've gone wrong here.
Just sayin', y'all.

This is very confusing.

> “Due to end-to-end encryption employed by WhatsApp, it is impossible to
> decrypt the contents of the downloader to determine if it contained any
> malicious code in addition to the delivered video,” the investigators found.

That's a pretty standard malware trick, right? It decrypts itself when it
executes. So why can't they execute it in a test environment?

> “During the initial attempt to collect a forensic image of the iPhone, FTI
> determined that the device had iTunes backup encryption enabled, and that
> full analysis of the contents of the forensic image would require the
> encryption password,” the report states.

Well, then. Why didn't they get it?

Too great a threat to Bezos' privacy, I guess.

> They apparently never obtained the password, however, because the report
> states that on May 20, 2019, the investigators “tested options for bypassing
> the iTunes backup encryption password” and ended up resetting “All Settings”
> on Bezos’ iPhone X to restore the device’s settings to factory defaults,
> thereby “removing the encryption password while preserving the file system
> and any relevant data and artifacts. FTI received authorization to perform
> this resetting step, did so, and then commenced acquisition of an
> unencrypted Cellebrite forensic image.”

That is totally bizarre. I mean, isn't that almost evidence destruction? You
might to that to a clone, but not to the actual device.

But then, I'm just a punter.

~~~
scottlocklin
I'm guessing we're supposed to believe the conspiracy theory being shilled in
the media for some zany political reasons. Nobody sent me the memo as to what
these zany political reasons are either; maybe I should buy a TV. This
"report" is obvious bullshit -I mean, conclusions may be true, but if the
report is all they have ... I hope it's a weak attempt at parallel
construction.

~~~
mirimir
Hey, thanks.

It just seems so damn obvious that there's nothing more in the report than "he
downloaded file, and his phone started sending lots of data". That is
suspicious, I admit. But correlation isn't causation. And we don't even know
how good the correlation was, and what else he was doing.

~~~
scottlocklin
Since it seems to be a time query on sqlite.... I'm not even sure it is real.
If it is... maybe he turned backups on? More questions than answers from the
report.

------
m0zg
To me the report sounds like an amateur job TBH and there's nothing in it to
tie anything to anybody conclusively. They don't have the malware. They don't
know which data was exfiltrated or where it went. They don't know how the
supposed "malware" achieved persistence. They don't know how it worked around
Apple's (rather elaborate) encryption and sandboxing.

Basically if you read the report all they really have is "Bezos received a
video, and the phone started sending a bunch of data afterwards, we don't know
to who, what data, or how any this was done. That'll be one million dollars in
fees, Jeff, thank you very much". Maybe Bezos was just sending a bunch of dick
pics to his girlfriend? Have they considered this possibility?

Could an actual, prominent security researcher take a look and
confirm/disprove my suspicions?

~~~
MiroF
If the video contains an encrypted binary as suggested in the report, then
that is telling..

~~~
m0zg
"Encrypted binary" is something that you'd say if you wanted to impress the
mainstream media who can't tell a cipher from a hole in the ground. It can't
run if it's fully encrypted. It'd have to decrypt itself somehow. If it can do
it, it can be done outside the device, too.

~~~
szc
The code signing system on iOS doesn't let you dynamically add code to your
app. I am also very curious about what "it is a downloader" means - if the
architecture of WhatsApp means that it has a built in; externally accessible /
triggerable, network capable scripting engine then that is really, really bad.
I would be really worried about that app if it is true.

[added] The report writer may not have chosen the best way to phrase this.
What it might mean is that the investigators believe that the "malicious"
payload that compromises WhatsApp is in that part of the message, not in the
video. As they weren't able to get that piece, they weren't able work out how
the exploit worked.

~~~
m0zg
It probably isn't true though. The whole document is full of red flags to me
from just purely a position of a computer literate person, and I'm not even an
expert at this.

~~~
szc
Sorry, I added some additional text after you replied. I now think the report
is just poorly phrased and it should have said "exploit" instead of
"downloader". It is very likely the exploit, once run, did download more
stuff.

------
scottlocklin
Jayzus the "forensics" on this are ridiculously shallow.[1] In fact, they are
a giant nothingburger. And I'm not the only one who thinks so.[2] And now I'm
being lectured by a couple of no-name UN ding dongs as to why "it" was done as
if "it" were a fact.

I have a more parsimonious explanation: Bezos was cheating on his wife and
feeling guilty about it, and was paranoid about being caught. The memes which
were supposedly veiled threats ... the women doesn't look remotely like his
girlfriend.

Saudi Barbaria is a terrible place, and you probably shouldn't accept whatsapp
messages from the scum who run it. That doesn't mean they hacked Oligarch
Bezos' cell phone.

[1] [https://t.co/fxesTmeD40](https://t.co/fxesTmeD40)

[2] [https://medium.com/@billmarczak/bezos-hack-mbs-mohammed-
bin-...](https://medium.com/@billmarczak/bezos-hack-mbs-mohammed-bin-salman-
whatsapp-218e1b4e1242)

