LebGeeks

A community for technology geeks in Lebanon.

You are not logged in.

#26 July 8 2015

rolf
Member

Re: Lebanese army paid over 1M USD for spyware

It's funny how the total is a round $100,000, it's as if someone came up with that number, then they filled the invoice with items to come up to that amount.

Offline

#27 July 8 2015

ironman
Member

Re: Lebanese army paid over 1M USD for spyware

@rolf.

bro the invoice is for 1.1 million dollars, not 100k

and why would someone alter this image, they have other customers than the Lebanese Army (KSA, Bahrain,,,,etc)

Last edited by ironman (July 8 2015)

Offline

#28 July 8 2015

NuclearVision
Member

Re: Lebanese army paid over 1M USD for spyware

There are two invoices the other one is 100k usd for the equipement not the software itself.

Offline

#29 July 8 2015

NuclearVision
Member

Re: Lebanese army paid over 1M USD for spyware

I wonder how is this team allowed to sell such solutions.
I mean since usa for example already use it, shouldn't it as always stop others from reaching it.
Whats the point if every government use it, there will be no more secrets, thus no more spying, maybe only if it is local spying.
There's something fishy about the whole thing.
One more point, i don't think the army thinks of this as classified. i mean they could buy it as anonymous unless the team won't sell it to anonymous.

Offline

#30 July 8 2015

hussam
Member

Re: Lebanese army paid over 1M USD for spyware

So they want to use this software to spy on our communication and eavesdrop on https transmission?
If so, this may be pointless because weaknesses in common encryption libraries (openssl, nss, etc...) are being fixed all the time.

Offline

#31 July 8 2015

Joe
Member

Re: Lebanese army paid over 1M USD for spyware

samer wrote:

That doesn't mean you can't take measures to defend yourself.

Can we spend a little more time thinking about this?

I watched this interesting talk by James Mickens this morning where he did touch on the topic of Security. (If you're interested, it starts at minute 16:18, but I recommend watching the whole thing anyway). He has a very simple way of describing his security model: Mossad or not Mossad, or to use a slightly less taboo word here, "NSA or not NSA", a pretty tongue-in-cheek way of saying "What can you really do if you're being targeted by government spying agencies?" To quote him:

These guys have all kinds of things you don't even have. They have drones, they have satellites intercepting communications and looking at them. You don't have a satellite. They have guys dropping out of helicopters, you don't even have a frisbee golf team. They have night vision goggles, they have guns that shoot around corners. That's a real thing! So I don't think that having a PGP signature in your email is going to protect you from that stuff.

I understand the cyberhacker cryptoanarchist fantasy of protecting yourself from your government by applying strong crypto, but you're standing against people who control your communication at every single stage. They control the ISPs connecting you to the Internet, the networking equipment relaying your messages, the authors of the application you're using for your messages, your own encryption software, ... They're not playing fair. As usual, I think xkcd says it best.

Again, the keyword here is targeted. Sure you can protect yourself from online blind fishing, but if powerful people want to intercept your communications, they generally will.

I'm not saying it's a good thing, I'm not saying it's a bad thing either, but can we just drop the utopia of living in a world where we control our communication? That's similar to the infamous 2nd amendment controversy in the US where people think that they have the right to hold a gun to protect themselves from the tyranny of government or some bullshit. Government has squads of infantrymen armed to the teeth with bombs, missiles, drones, airplanes, tanks and bazookas and you think that your 2 shot shotgun will protect you from their tyranny??

Security is not a math problem, despite what "Security Researchers" will have you believe. Security is enforced by a 2m/130kgs henchman with an IQ below 70 and a 5$ wrench pounding on you until he gets the info he needs. and in the world we are living in, there's very little your math equations can do about it.

Further reads

Offline

#32 July 8 2015

AVOlio
Member

Re: Lebanese army paid over 1M USD for spyware

@joe exactly.
All I keep hearing is this, I have the right to my privacy, I don't want anyone to know what I doing, to whom I'm talking, what am I talking about etc etc.
Like, don't worry, no one will go and willingly invade your  privacy just to read your love letters and conversations between you and your girl.
Like I had this thought in my head from start, the government or federal people in every country, just like Joe said, they have control of your entire resources that you are using, your Internet, your mobile network, the applications you use etc etc,  and I kept saying in my head, what's all this morning about privacy privacy, you can't do anything about it, if the government wants to find you, or stuff about you, they will.
But rest assured, they will not trace you because of your romance,  or your late night horny sex video calls.
They will do that, If you have committed a serious crime.

Offline

#33 July 8 2015

rolf
Member

Re: Lebanese army paid over 1M USD for spyware

I made a research on the decree cited in the "invoice", and I did fall on this:

http://www.europarl.europa.eu/sides/get … XML+V0//EN

Indicating that this decree was found illegal by some instance in the EU administration so the said decree at least seems to exist and to have to do with taxation exemption.

It's all pretty lousy it smells dirty money, but staying on the point, that seems to substantiate somehow this story.

The text of the said decree can probably be found in Italian. I don't speak italian so I'll spare myself the torture :)

Offline

#34 July 8 2015

rolf
Member

Re: Lebanese army paid over 1M USD for spyware

AVOlio wrote:

your love letters and conversations between you and your girl.

I have naked photos of my girl. Do you think I want some random military guy seeing them?
How would you feel about it?

Offline

#35 July 8 2015

rolf
Member

Re: Lebanese army paid over 1M USD for spyware

ironman wrote:

@rolf.

bro the invoice is for 1.1 million dollars, not 100k

and why would someone alter this image, they have other customers than the Lebanese Army (KSA, Bahrain,,,,etc)

I was talking about the second document posted in this thread, an invoice for, yes, you guessed it, $100K.
PS: Whoever posted it removed it now.

Last edited by rolf (July 8 2015)

Offline

#36 July 8 2015

eWizzard
Member

Re: Lebanese army paid over 1M USD for spyware

And our military institutions definitely have the training, honesty, and ethics, to make it all work seamlessly in favour of the average law-abiding person, right?

People like AVOlio can have faith in them all they want, because hey if you can't defend yourself then you might as well be at the mercy of their judgments, which apparently will always be just. No, I don't trust them, and people should know that not only do the "military intelligence" and their relatives, the "information branch", operate illegally and with disregard to human rights on a regular basis, they also have a thoroughly documented but well-guarded track record of falsely and frequently targeting innocents as well.

The software is not the problem. It's those who will misuse it.

Last edited by eWizzard (July 8 2015)

Offline

#37 July 8 2015

AVOlio
Member

Re: Lebanese army paid over 1M USD for spyware

@rolf
I have naked pictures of me also.. and videos of me and my girl.
Yea, i dont want anyone to see them of course.

Seems that you and @eWizzard understood me wrong.
I dont have faith in them,never!  You think i have faith in the lebanese military, or the government? HaaaH

My only point to prove is, they can access your private life if they want.
And you cant do anything to hide it.

Offline

#38 July 8 2015

rolf
Member

Re: Lebanese army paid over 1M USD for spyware

AVOlio wrote:

My only point to prove is, they can access your private life if they want.
And you cant do anything to hide it.

I disagree. You can for example keep your pc updated and stuff like that.
I don't think there is a guarantee but it's not that easy to break into someone's computer.

Offline

#39 July 8 2015

NuclearVision
Member

Re: Lebanese army paid over 1M USD for spyware

AVOlio wrote:

@joe exactly.
All I keep hearing is this, I have the right to my privacy, I don't want anyone to know what I doing, to whom I'm talking, what am I talking about etc etc.

Are there any laws which clearly state that we have privacy or was it privacy limited by دواعي الامن القومي.
I think the government has the right to know who are we talking to, and what are we talking about, isn't that part of the compromise for security theory?

Offline

#40 July 8 2015

Prince
Member

Re: Lebanese army paid over 1M USD for spyware

just trying to connect this two news together first one is the hacking of this Italian company  and what Julian Assange said few days before.

WikiLeaks founder Julian Assange said Facebook is the "most appalling spy machine" ever invented. Users are creating the "world's most comprehensive database" for U.S. Intelligence.

Whole Article
I just feel its was the  trigger for the whole operation
remember its only a a feeling i might be wrong
"رأي يحتمل الخطاء"

Last edited by Prince (July 8 2015)

Offline

#41 July 8 2015

geekevo
Member

Re: Lebanese army paid over 1M USD for spyware

@ironman
What can you tell us about the "jara2em ma3lometiye", do we even have e-laws in Lebanon.

Offline

#42 July 9 2015

ironman
Member

Re: Lebanese army paid over 1M USD for spyware

@geekevo,

Well a company i used to work for, and had problems with, issued a case against me and several coworkers to the "Jara2em Ma3loumetiyye" thing,
i was called to go there (they said it's an issue of an hour)... i went, without a lawyer, because they said they will just ask me some questions.

And this was the worst experience i ever had in my life.

After asking me the questions, and answering correctly (i was the good guy), they said i am lying etc, and they will beat me till i say the truth, i was like LOL ok.

Then they went to my house, took my laptop, forced me to give them their password, they went file by file...

I think you got the point, if you need more info, i can give you the info in private

Concerning E-Laws,,, well there is a big debate about this subject, especially about this "ma3loumetiyye thing", they have guns, not skills, and they force you to do whatever they want, by the usual pressure that they do, i was like in a room alone for like 2 hours, and one guy smoking 24/7, i was like am going to die from the smokes alone.

Last edited by ironman (July 9 2015)

Offline

#43 July 9 2015

DG
Member

Re: Lebanese army paid over 1M USD for spyware

For those who are french educated... an article from Le Monde today.
http://i59.tinypic.com/219zbjl.jpg

Last edited by DG (July 9 2015)

Offline

#44 July 9 2015

ILIA_93
Member

Re: Lebanese army paid over 1M USD for spyware

AVOlio wrote:

My only point to prove is, they can access your private life if they want.
And you cant do anything to hide it.

Joe wrote:

...in the world we are living in, there's very little your math equations can do about it.

We also live in a world where the laws of our life are defined by people who have the power, and I'm sure most of them don't care about what the people are demanding if it doesn't serve them grow stronger. So why don't we just accept it and turn into "sheeps", and never demand our rights and do something about it?

For me I see it as everyone is looking for his own interests, and the state only cares about making its job easier in controlling people. I'm sure the state (any state) won't be sad if it could turn all of the citizens into "sheeps" controlled in the direction of bringing prosperity to the state, and there's nothing wrong with that, but would anyone want to live this way? (Exhibit A: Communism)

The solution is that the population should push too, and look after their interests, against the "great monster" that is controlling us with his 2m/130kg slaves and his spying tools... At least we can do that by spreading awareness that what goes on the internet or on the smartphones, is actually going public. A lot of people have no idea about how the internet works and how it is possible to access their smartphone by other people across the globe. Also people and NGOs (well mostly outside Lebanon) are doing their best to protect the privacy of people on the internet. (And fighting for internet neutrality) I hope the GNU project dominate the applications market soon, it will surely improve the security and privacy of all user hosts connected to the internet. And the list goes on...

Recklessness and giving up would just make our (the common people) situation even worse, and especially when people who are geeks and interested in these things are the ones giving up to the "great monster".

I'm not going to be Leonidas and start my 300 army, but I'm never going to go silent when the state pushes me to become a "sheep" (and most will argue that people are "sheeps" even if they want to deny it, but who wants to be a "sheep", let him accept it alone), and I know my values, and I believe that evolution will just accept people with good values to survive (people filled with hatred already started killing each others), and it may sounds corny or I may sound like a dreamer, but I will live my life playing my role in making this world a place for freedom, wisdom, justice, and love, and I know we won't be there if we're "sheeps" and "robots" controlled by people in power. The history proved that a person will go crazy when he has great powers.

P.S: I'm sorry if this got out of the technical and geeky side of the topic, but this had to be said.

Offline

#45 July 9 2015

rolf
Member

Re: Lebanese army paid over 1M USD for spyware

ironman wrote:

And this was the worst experience i ever had in my life.

That sounds pretty bad, I'm sorry it happened to you.

Offline

#46 July 9 2015

bermudapineapple
Member

Re: Lebanese army paid over 1M USD for spyware

ironman wrote:

@geekevo,

Well a company i used to work for, and had problems with, issued a case against me and several coworkers to the "Jara2em Ma3loumetiyye" thing,
i was called to go there (they said it's an issue of an hour)... i went, without a lawyer, because they said they will just ask me some questions.

And this was the worst experience i ever had in my life.

After asking me the questions, and answering correctly (i was the good guy), they said i am lying etc, and they will beat me till i say the truth, i was like LOL ok.

Then they went to my house, took my laptop, forced me to give them their password, they went file by file...

I think you got the point, if you need more info, i can give you the info in private

Concerning E-Laws,,, well there is a big debate about this subject, especially about this "ma3loumetiyye thing", they have guns, not skills, and they force you to do whatever they want, by the usual pressure that they do, i was like in a room alone for like 2 hours, and one guy smoking 24/7, i was like am going to die from the smokes alone.

You are not the first person I've heard from who has gone through something like this. I'm sorry this happened to you. I know of a story that happened to someone a few years ago. Basically, they went to his house and completely ransacked it. Then they threatened his life and he had to leave to somewhere in South America, maybe Brazil, I don't remember.

I don't want any kind of technology in the hands of filthy people like this. This is unfortunately a symptom of a weak government and a failing state. The police here are above the law and I have no doubt that such technology is not guaranteed to be used in a moral and lawful way.

When I was mentioning how such tech is not necessarily a bad thing if it is used in the right way, I meant by law-abiding, just police and not street thugs in uniform. Sorry again about your experience.

Offline

#47 July 10 2015

ironman
Member

Re: Lebanese army paid over 1M USD for spyware

Just a small hint about what happened with me: i had a MAC, when they got it, they didn't know how to use it, so they asked me to go through the file manager so they can check the files.

Those are the people with guns....

Just watch out guys, and if any of you is asked to go there, get a lawyer, it will save you a lot of trouble.

Offline

#48 July 10 2015

Truepeace
Member

Re: Lebanese army paid over 1M USD for spyware

So is the best protection keeping all programs updated and using vpn+tor combination?

Offline

#49 July 16 2015

Sup3r
Member

Re: Lebanese army paid over 1M USD for spyware

I won't go into sharing what to use, and how to use freely available tools to mind-f$#k anyone who might force you to do or reveal something on your pc, Even if he's a forensics graduate with NSA training. As it can and might as well be used against us, you get the idea(resistance isn't futile). it's very interesting to see the invoice screenshot. Glad to see these discussions in the forum.

NSA was accused with proof of installing spyware aka rookits in brand new hard disks firmware (samsung, seagate, western digital and other popular brands are all affected), let alone, intercepting cisco routers at the customs and applying their magic onto them before shipping.

These stories will continue to happen, nothing surprising. It's just a matter of time till every possible tech/idea arrives in our fellow "LSA" minds and with the budget to implement them. No, nothing will stop them.

EDIT: researching further, this is just a fully-featured RAT, meaning you have to accept or install the rat on your pc to get monitored Lol. A plot twist is that there's 0day vulnerabilities in which the rat would get deployed on your pc/device automatically if some or more of the affected software is found on your pc or is outdated or is triggered. By then only, they could start to monitor you. For $1M? You've been ripped off! Use f$%king Darkcomet. It's free. Or just resort to 2m/130kg. Way cost effective.

Last edited by Sup3r (July 16 2015)

Offline

#50 July 16 2015

rolf
Member

Re: Lebanese army paid over 1M USD for spyware

Ripped off or money laundering.

Offline

Board footer