A Canadian company’s hardware is being used to hack internet users along Turkey’s border with Syria, researchers said Friday, adding that there were signs that Kurdish forces aligned with the United States might have been targeted.

The revelation comes as Turkey presses its offensive against the Kurds dug in along the country’s frontier with northwestern Syria, a conflict that threatens to disrupt the American-led effort to extinguish the Islamic State group. The apparent use of Canadian technology to target a U.S. ally was an irony underlined by Ron Deibert, the director of the internet watchdog group Citizen Lab, which published a report on the spying.

“These companies are not closely regulated, and that can lead to a lot of unintended consequences, including consequences that harm our foreign policy interests and human rights interest as well,” Deibert said. “It’s a strong argument for government control over this kind of technology.”

Canadian tech

Citizen Lab identified the hardware behind the hacking as PacketLogic devices produced by Procera, a Fremont, California-based company that was recently folded into Canada-based network management firm Sandvine, which is owned by American private equity group Francisco Partners. 

In a statement issued before the report’s release, Sandvine said it investigates all allegations of abuse but said it had been unable to complete its inquiry because Citizen Lab refused to provide the company with its findings in full. 

“Once we have the necessary data, we will conduct a full investigation and take appropriate action,” Sandvine said.

The statement also said Citizen Lab’s allegations were “technically inaccurate and intentionally misleading,” but a representative for the company has yet to supply an example of a misleading or inaccurate claim.

Government spying

Citizen Lab said it discovered the hacking after a European cybersecurity company reported that network service providers in two unidentified countries were trying to compromise their users using a powerful hacking technique known as network injection. Citizen Lab scoured the internet for signs of the spying and eventually traced the activity to the Turkish provinces of Adana, Hatay, Gaziantep, Diyarbakir and to the Turkish capital, Ankara, as well as parts of northern Syria and Egypt. 

Network injection — so-called because malicious software is injected into everyday internet traffic by whoever controls the network — has long been feared as a particularly powerful form of government spying.

“This can potentially be used to target anyone in the country with the click of the button,” said Bill Marczak, the lead author of the report.

Although the identities of those being spied on in Turkey and Egypt aren’t clear, Marczak said that the devices appeared to be installed on the network belonging to Turk Telekom, a leading phone and internet provider in Turkey as well as parts of northern Syria. He said there were hints suggesting some of the targets are affiliated with the YPG, the Kurdish Marxist rebel group which is fighting Turkish forces for control of the northwestern Syrian province of Afrin. Although Turkey considers the YPG a terrorist organization, the group provides the backbone of the U.S.-backed operations against the Islamic State in eastern Syria.

American officials acknowledged Monday that ground operations against the jihadist group’s remnants in eastern Syria were on hold because Kurdish fighters were being diverted to the battle against Turkey. 

Turk Telekom statement

Turk Telekom said in a statement that it complies with Turkish law and doesn’t interfere with internet users’ access. It added that the company “does not redirect any internet user to receive malicious downloads of popular software applications.” A representative for the company did not immediately respond to follow-up questions.

Sandvine’s ties to the Turkey government have been the subject of previous reporting. In 2016, Forbes reported that engineers at Procera were so troubled at the prospect of supplying surveillance hardware for use by Turk Telekom that six of them quit in protest. 

“I do not wish to spend the rest of my life with the regret of having been a part of (Turkish President Recep Tayyip) Erdogan’s insanity, so I’m out,” one the engineers said in a letter of resignation quoted by Forbes.

LinkedIn shows at least 16 Procera-Sandvine employees listed as working in Egypt or Turkey. One Sandvine engineer based in Cairo listed “lawful interception” — a commonly used euphemism for state-sanctioned surveillance — as one of his interests.
…

Students around the United States are creating virtual businesses that produce simulated products, which are marketed and sold for virtual money. Mike O’Sullivan reports that hundreds of student entrepreneurs came to Pasadena, California, to promote the virtual companies they have created.
…

A federal judge is expected to hear arguments on Thursday about whether President Donald Trump violated Twitter users’ free speech rights under the U.S. Constitution by blocking them from his account.

The arguments before U.S. District Judge Naomi Reice Buchwald in Manhattan are part of a lawsuit brought last July by the Knight First Amendment Institute at Columbia University and several individual Twitter users.

Trump and the plaintiffs are seeking summary judgment, asking Buchwald to decide the case in their favor without a trial.

Twitter lets users post short snippets of text, called tweets. Other users may respond to those tweets. When one user blocks another, the blocked user cannot respond to the blocker’s tweets.

The plaintiffs have accused Trump of blocking a number of accounts whose owners criticized, mocked or disagreed with him in replies to his tweets.

They argued that Trump’s Twitter account, @realDonaldTrump, is a public forum, and that denying them access based on their views violates the First Amendment.

Trump in court papers countered that his use of Twitter is personal, not a “state action.”

Even if it were a state action, he said, his use of Twitter was a form of “government speech,” not a public forum.

Trump’s Twitter use draws intense interest for his unvarnished commentary, including attacks on critics. His tweets often shape news and are retweeted tens of thousands of times.
…

Nine teams with members from 25 countries entered the final phase of the $7 million Ocean Discovery XPRIZE competition for technologies that could cheaply and efficiently map the floors of the world’s oceans.  Using current technology this feat would take up to 600 years. VOA’s George Putic reports.
…

The FBI views companies hit by cyberattacks as victims and will not rush to share their information with other agencies investigating whether they failed to protect customer data, its chief said Wednesday. Christopher Wray, director of the Federal Bureau of Investigation, encouraged companies to promptly report when they are hacked to help the FBI investigate and prevent future data breaches.

He contrasted the FBI’s approach to that of other regulators and state authorities. Without naming other agencies, Wray referred to “less-enlightened enforcement agencies,” some of which he said take a more adversarial approach.

“We don’t view it as our responsibility when companies share information with us to turn around and share that information with some of those other agencies,” Wray said in response to an audience question at a cybersecurity conference at Boston College.

Amid a wave of high-profile data breaches at major corporations, the Federal Trade Commission (FTC) and state attorneys general are investigating how many of them secured consumer data before they were hacked.

Equifax Inc, which suffered a breach in 2017 that compromised the data of more than 147 million consumers, is fighting a lawsuit by Massachusetts Attorney General Maura Healey and faces probes by over 40 other states and the FTC.

Ride-sharing company Uber Technologies Inc is also facing investigations by state attorneys general after a data breach of 57 million accounts. Uber has been sued by the states of Washington and Pennsylvania, and like Equifax faces private class action lawsuits over the breach.

Speaking at the conference, Wray said the FBI needed to partner with the private sector to combat an evolving threat that has “turned into full-blown economic espionage and extremely lucrative cybercrime.”

Wray, who took over as director in August, said in order to prevent cyber threats, companies should approach the FBI as soon as they see signs of unauthorized access to their computer systems or malware infesting them.

“At the FBI, we treat victim companies as victims,” he said.

 
…

The South by Southwest festival in Austin, Texas, starts Friday. It’s grown from a grassroots event to a phenomenon that attracts 400,000 people.

For attendees, it can feel overwhelming. What’s worth your time? Where’s the buzz?

The latest AP Travel “Get Outta Here” podcast offers strategies for conquering FOMO (fear of missing out) at SXSW.

One approach is to let the nostalgia acts go – the former big-name bands promoting comebacks. Instead, pack your schedule with artists that have their best years ahead of them.

And you need a plan. You can’t just wing it. Be ready for long lines. But have some backups. Consider less-crowded venues outside downtown. Film screenings take place at theaters all over, and up-and-coming bands play a lot of shows.
…

Classic children’s books are getting a 21st century upgrade, as British researchers have begun testing a project that would bring 3D versions of children’s stories to life on gaming platforms. VOA’s Elizabeth Cherneff reports.
…

Tech giants Facebook, Twitter and Google are taking steps to police terrorists and hate groups on their sites, but more work needs to be done, the Simon Wiesenthal Center said Tuesday.

The organization released its annual digital terrorism and hate report card and gave a B-plus to Facebook, a B-minus to Twitter and a C-plus to Google.

Facebook spokeswoman Christine Chen said the company had no comment on the report. Representatives for Google and Twitter did not immediately return emails seeking comment.

Rabbi Abraham Cooper, the Wiesenthal Center’s associate dean, said Facebook in particular built “a recognition that bad folks might try to use their platform” into its business model. “There is plenty of material they haven’t dealt with to our satisfaction, but overall, especially in terms of hate, there’s zero tolerance,” Cooper said at a New York City news conference.

Rick Eaton, a senior researcher at the Wiesenthal Center, said hateful and violent posts on Instagram, which is part of Facebook, are quickly removed, but not before they can be widely shared.

He pointed to Instagram posts threatening terror attacks at the upcoming World Cup in Moscow. Another post promoted suicide attacks with the message, “You only die once. Why not make it martyrdom.”

Cooper said Twitter used to merit an F rating before it started cracking down on Islamic State tweets in 2016. He said the move came after testimony before a congressional committee revealed that “ISIS was delivering 200,000 tweets a day.”

Cooper and Eaton said that as the big tech companies have gotten more aggressive in shutting down accounts that promote terrorism, racism and anti-Semitism, promoters of terrorism and hate have migrated to other sites such as VK.com, a Facebook lookalike that’s based in Russia.

There also are “alt-tech” sites like GoyFundMe, an alternative to GoFundMe, and BitChute, an alternative to Google-owned YouTube, Cooper said.

“If there’s an existing company that will give them a platform without looking too much at the content, they’ll use it,” he said. “But if not, they are attracted to those platforms that have basically no rules.”

The Los Angeles-based Wiesenthal Center is dedicated to fighting anti-Semitism, hate and terrorism.
…

Porsche is studying flying passenger vehicles but expects it could take up to a decade to finalize technology before they can launch in real traffic, its head of development said Tuesday.

Volkswagen’s sports car division is in the early stages of drawing up a blueprint of a flying taxi as it ponders new mobility solutions for congested urban areas, Porsche R&D chief Michael Steiner said at the Geneva auto show.

The maker of the 911 sports car would join a raft of companies working on designs for flying cars in anticipation of a shift in the transport market toward self-driving vehicles and on-demand digital mobility services.

“We are looking into how individual mobility can take place in congested areas where today and in the future it is unlikely that everyone can drive the way he wants,” Steiner said in an interview.

VW’s auto designer Italdesign and Airbus exhibited an evolved version of the two-seater flying car called Pop.Up at the Geneva show. It is designed to avoid gridlock on city roads and premiered at the annual industry gathering a year ago.

Separately, Porsche expects the cross-utility variant of its all-electric Mission E sports car to attract at least 20,000 buyers if it gets approved for production, Steiner said.

Porsche will decide later this year whether to build the Mission E Cross Turismo concept, which surges to 100 kph (62 mph) in less than 3.5 seconds, he said.
…

Shoes that promote health and safety were featured last week at the Mobile World Congress in Barcelona. Faith Lapidus reports.
…

Every day, billions of photos uploaded to the Internet contain faces. Experts say sophisticated algorithms can collect these images, compare and glean information – some for law enforcement agencies and some for hackers, intent on stealing and misusing that data. An Israeli company says there’s a way to prevent that. VOA’s George Putic has more.
…

Washington became the first state Monday to set up its own net-neutrality requirements after U.S. regulators repealed Obama-era rules that banned internet providers from blocking content or impairing traffic.

“We know that when D.C. fails to act, Washington state has to do so,” Gov. Jay Inslee said before signing the measure that lawmakers passed with bipartisan support. “We know how important this is.”

The Federal Communications Commission voted in December to gut U.S. rules that meant to prevent broadband companies such as Comcast, AT&T and Verizon from exercising more control over what people watch and see on the internet.

Because the FCC prohibited state laws from contradicting its decision, opponents of the Washington law have said it would lead to lawsuits.

Inslee said he was confident of its legality, saying “the states have a full right to protect their citizens.”

Oregon law has not been signed 

The new law also requires internet providers to disclose information about their management practices, performance and commercial terms. Violations would be enforceable under the state’s Consumer Protection Act. 

While several states introduced similar measures this year seeking to protect net neutrality, only Oregon and Washington passed bills. But Oregon’s measure would’t put any new requirements on internet providers. 

It would stop state agencies from buying internet service from any company that blocks or prioritizes specific content or apps, starting in 2019. It’s unclear when Oregon’s measure would be signed into law.

Washington state was among more than 20 states and the District of Columbia that sued in January to try and block the FCC’s action. There are also efforts by Democrats to undo the move in Congress. 

Governors in five states — Hawaii, New Jersey, New York, Montana and Vermont — have signed executive orders related to net-neutrality issues, according to the National Conference of State Legislatures.

Expect new rules by mid-June 

Big telecom companies have said net neutrality rules could undermine investment in broadband and introduce uncertainty about what are acceptable business practices. Net-neutrality advocates say the FCC decision would harm innovation and make it harder for the government to crack down on internet providers who act against consumer interests.

The FCC’s new rules are not expected to go into effect until later this spring. Washington’s law will take effect mid-June.

Messages left with the Broadband Communications Association of Washington, which opposed the bill, were not immediately returned.

            
…