Category: legal

Sinister Saudi Tracking App – Absher

It’s quite incredible to believe that in 2019 that there exists an application who’s primary purpose for Saudi men is to monitor and track women’s movements.  It’s provided by the Saudi government and it’s called Absher.

Now for anyone from a Western style democracy this would seem obscene, inhuman and unbelievable, yet it’s very real and currently even available on the Google Play Store to install on your smartphone.  First though there’s a couple of background facts that you need to be aware of  –

  • Saudi Law stipulates that every woman must have a male guardian.
  • Much of this guardian system has been computerized and put online.
  • Guardians are allowed to specify which airports women can travel from (or not)
  • System send text message alerts to guardians when women use their passports.
  • This is not a new system it has existed for years.

It’s incredible, amazing, the digital 21st century meets the medieval ages courtesy of the Saudi Arabian State.  What’s more it seems that this is application has even been given mainstream approval by appearing in places like the Google Play Store and Apple App store too.

Looks quite friendly and innocuous, doesn’t it?  Absher has many meanings in Arabic which don’t really tell the real story – ‘your request is granted’, ‘good tidings’ and ‘at your service’.   However these phrases are only really true if you’re male, for this application and digital service effectively enslaves women under the guardianship laws.

Imagine sitting behind this application is a database of Saudi Arabian women, with details and settings which are controlled by their male guardians.  Now much of the Absher system is very ordinary and wouldn’t look out of place in London or New York.  You can pay government fines, register the birth of a baby or renew your driving license (if you’re male obviously!).

Yet you really can use Absher to specify which (if any airport) a women can use to fly out of the country.  Permission can be given or revoked with a couple of button clicks, so for example you could block local airports.   If your digitally tracked female attempts to use one of these airports their ‘male guardians’ would notified by an SMS message to their phone.

The control over women is just restricted to which airports they can use either.  The guardian can specify how many journeys the woman can take, where they can travel to and for how long.  It’s supposedly there for safety yet obviously it is capable of much more.   Many women attempting to escape from the confines of Saudi Arabia are caught using this system.  As soon as any women attempts to use a passport they are effectively alerting any male guardian of their location and intentions.

The state argue that Absher app is available for women to use too, however this doesn’t include the travel permission pages.  Any woman who wants to escape what in some cases is little more than legal slavery has to find a solution to evade Abshar.  Many young women steal guardians phones and reset passwords, they can then give themselves permission to leave.  Obviously this has to be done quickly before hte guardian realizes and resets those permissions.

Digital technology does offer some balance though to this grim story of modern day repression.  It comes from the internet and social media which is full of stories of women escaping Saudi Arabia and starting new lives.  There are lots of forums and groups where women and girls share tips and advice about making their own escape plans.   Women are becoming aware that there are options and that other countries will offer them asylum if the escape the Kingdom itself. News and documentaries are spreading word of their plight too including some programmes still on the BBC iPlayer which are available by proxy.  The pictures of happy, escaped Saudi women living normal lives in other countries are in themselves inspirational.

 

Mansfield Radio Station Hacked

Now this is class, a great example of a childish, yet sophisticated attack on an local radio station.    The station is Mansfield 103.2 FM a small local independent radio station based in Mansfield, Nottingham.   Since June 2017 the station has found it’s frequency hijacked by an unknown individual who has been transmitting an adult song called ‘The Winker’s Song’ sung by errmm Ivor Biggun (scroll down for song).

This is of course pretty funny, although some people of course have been offended.  The problem is that it’s actually quite difficult to stop this happening.   The attacker is obviously using some sort of high powered mobile transmitter, and the police would have to catch someone in the act to do anything.

It is apparently a criminal act with the communications regulator Ofcom trying to track the offender several times without success.  They have Spectrum Engineering Officers (cool job title!) working with the radio station in an attempt to identify the culprits.

Having listened to Mansfield 103.2 many years ago, I suspect it will have probably brought them a few more listeners waiting for the next attack.   The prankster had better be careful though as the kill joys have pointed out that maliciously causing radio interference carries a maximum punishment of two years imprisonment and an unlimited fine.

I for one would look carefully to people who have an association with the radio company, perhaps a disgruntled ex-employee.   The song selected has to be a big clue – it is of course a rude little ditty about mastrubation which basically loops through the words – “I’m a W*nker” to a George Formby type soundtrack.   It is also introduced by a male voice with a local Nottinghamshire accent, that song is a message dedicated to someone in the radio station I suspect.

To save you all googling – here’s the song –

The prankster also seems to be trying a little comedic timing too, with the latest hijack taking place half way through a live family broadcast from a local Mansfield event.    Hopefully he’ll now stop, because he’s bound to get caught eventually and we need more proper hackers around like this guy.

Maybe though, perhaps he’s a millionaire super hacker who’s adapted some long range drones with a radio transmitters controlled by a secure VPN and will never actually be caught – just the drone shot down. Only to mysteriously return and play the same song every time Nigel Farage does a radio interview somewhere, excellent….

 

 

UK Users to Receive Piracy Warning Letters

A couple of weeks ago I sat in the front room of an elderly neighbour, on the TV screen was a Premier League football match being broadcast on Sky Sports.    I was surprised because I knew this chap struggled on a basic pension and the Sky Sports package is not cheap!   However I then noticed the digital box, it was not the standard Sky digital  box but a custom TV media box complete with VPNs.

For a few pounds a year to cover updates, this box was pre-installed with a version of Kodi and a few extras which granted free access to every single Sky subscription channel.  The cost of these channels if paid for legitimately would be over a hundred pounds a month, yet the cost for these was virtually nothing.  The box even simulated the Sky selection screen which meant that this 80 year old man was happily surfing at the cutting edge of digital piracy.

A New Breed of Digital Pirate?

It turns out his nephew has installed it and he’d been using it for several months.   He was blissfully unaware that technically he was stealing all this content from Sky and to be honest I didn’t feel the need to spoil his enjoyment by telling him

The reality is that in the UK and indeed across the world, digital piracy is starting to hit the mainstream.  In millions of households, neat little digital boxes sit happily under TVs streaming illegal copies of US cable channels or UK satellite channels.  It’s got to the point that it’s so common that most people don’t even consider it illegal, something like taping a radio programme or copying a DVD.  After all why pay a fortune monthly to some huge media conglomerate when you can purchase a pre-installed media streamer that supplies the same for nothing.

It does of course, cost the media companies huge amounts of lost revenue and obviously they are trying to stop this.  In the UK this month, will see the first phase of action designed to stop this behaviour.  The biggest ISPs in the UK will all be sending out emails to any individual who’s internet connection is being used to download copyrighted material illegally.

It’s been discussed for years but has always been postponed for a variety of reasons.   For example there was a lot controversy when copyright holders started using a practice dubbed as speculative invoicing.  These were basically demands for money threatening legal action against anyone who’s internet connection was being used to download copyrighted material – you can read about in this article – Bittorrents Monitored.   The issue has never been detecting the downloads but rather what actions can be taken, legally it was very difficult to prove an individual was responsible even if their internet connection was being used.

The letters will be sent in the form of emails, and will simply inform the user that their internet connection is being used to download copyrighted material and information about where it can be obtained legitimately.    There will be no threats, fines or further action and critics have pointed out that it will have little effect.   The action will only target P2P users, those who download using torrents and file shares – however the use of these methods has fallen dramatically over the last few years.  The majority of people who view copyrighted material now stream directly using these TV boxes and programs such as Kodi which are slightly more difficult to detect.

It is likely that these users will be targeted later although who knows how long this will take.

The Big Business Hackers

When you imagine a team of highly skilled hackers attempting to make money, most people will probably think of some criminal exercise of exploitation, cyber crime or extortion.   You certainly wouldn’t think of the stock market or investment firms profiting directly from this sort of enterprise – yet it seems this is exactly what is happening.

Hacking is going mainstream and it looks likely that there will be a lot more profit going legitimate than through the standard ransom or blackmailing routes.   Others will perhaps argue that these new methods are pretty much the same as the criminals use.

The story arises from the tactics of a company called MedSec a cyber security firm which has recently started up.  They investigated a range of hospitals and medical hardware for potential security issues and identified one medical devices company to be at particular risk – St Jude Medical Incorporated, more specifically the pacemakers and defibrillators they make.

At this point MedSec faced a classic, traditional ‘hackers dilemma’ – you find a serious vulnerability – what do you do?   For the ethical hacker it often represented a difficult choice particularly if a little digital trespassing was involved.  Many individuals have found themselves behind bars after attempting to inform a company or organisation about a vulnerability in their software or network, while some have been praised and rewarded.   The MedSec guys though have a plan to inform and profit at the same time, although the ethics seem fairly dubious to many.

They approached an investment firm run by Carson Block called Muddy Waters Capital LLC with their money making initiative.   The idea was unusual, MedSec team would prepare all the evidence demonstrating the problems with the medical devices, however before making this public the investment company would take out a short position on the parent company of St Jude Medical.    Basically they would both make money if the share price fell in response to the negative news.

Sounds like insider dealing? Perhaps, although it is assumed legal advice was taken before this unusual tactic  – here’s a MedSec representative justifying their tactics.

Convinced? Nope me neither, I suspect they may be in trouble for using this tactic. Where will it end ? The false concern about patients using these medical devices to try and justify their money making scheme was particularly hard to believe. Currently the tactic seems to have paid off though with the share price falling significantly and presumably making the ‘short’ position profitable.

Facebook Crime – Removal Scam

There is a very real and fundamental problem with buying and selling anything using social media, identifying whether the person you are dealing with is legitimate. Think about it, normally when you find a trader or company they will have premises, registered offices, land lines. You may have responded to an advert or directory listing, all these things take time and money to set up.

Now let’s compare that with a Facebook Company page, which takes two minutes and no verification. In fact, you can set up a Facebook page for a fictitious company and then add hundreds of fake likes and reviews in an hour or so. The result can look extremely legitimate and representative of a well respected, reliable company or tradesman. It’s not hard to do and costs very little money, what is more if you’re reasonably careful almost impossible to trace back.

moving-312082_640

 

 

This is unfortunately what happened to Becky Szenk and her partner Mark Higgins when they moved from their flat in Wolverhampton.

They needed to find a inexpensive removal firm, and like many of us turned to the social media site Facebook to see if they could find someone. They managed to find one of those ‘man with a van’ services and immediately contacted them to book his services. Many of us do exactly the same, only last month I booked a roofing contractor who came up in a Facebook search. My experience was good despite my lack of care, however it was a very different story for Becky Szenk.

The removal guys turned up on time, and two of them quickly and efficiently loaded up their worldly possessions into a large transit van. What was notable was the speed in which they completed the task, loading up in about 45 minutes and driving off to the pub that they had invested their savings in.  Or so they thought, in fact that was the very last time they saw their stuff – the men and their possessions were never seen again.

“I have never cried more in my life than I did on Friday afternoon – I am so distraught that they have taken my engagement ring and my baby’s toys.”
Becky Szenk

It’s not an isolated case, police have reported several similar incidents just within the West Midlands area of the UK.  It is an easy crime to perpetrate, you can easily hide your tracks and the payoff can be extremely large – the possessions lost by Betty Szenk and her partner were estimated in the region of £10, 000.