Lots of interesting details in the story: > The US Department of Justice on Wednesday announced the indictment of 12 > Chinese individuals accused of more than a decade of hacker intrusions around > the world, including eight staffers for the contractor i-Soon, two officials > at China’s Ministry of Public Security who allegedly worked with them, and two > other alleged hackers who are said to be part of the Chinese hacker group > APT27, or Silk Typhoon, which prosecutors say was involved in the US Treasury > breach late last year. > > […] > > According to prosecutors, the group as a whole has targeted US state and > federal agencies, foreign ministries of countries across Asia, Chinese > dissidents, US-based media outlets that have criticized the Chinese > government, and most recently the US Treasury, which was breached between > September and December of last year. An internal Treasury report ...

Fifteen years ago I blogged about a different SQUID. Here’s an update: > Fleeing drivers are a common problem for law enforcement. They just won’t stop > unless persuaded­—persuaded by bullets, barriers, spikes, or snares. Each > option is risky business. Shooting up a fugitive’s car is one possibility. But > what if children or hostages are in it? Lay down barriers, and the driver > might swerve into a school bus. Spike his tires, and he might fishtail into a > van­—if the spikes stop him at all. Existing traps, made from elastic, may > halt a Hyundai, but they’re no match for a Hummer. In addition, officers put > themselves at risk of being run down while setting up the traps...

I recently wrote about the new iOS feature that forces an iPhone to reboot after it’s been inactive for a longish period of time. Here are the technical details, discovered through reverse engineering. The feature triggers after seventy-two hours of inactivity, even it is remains connected to Wi-Fi.

This is from 404 Media: > The Graykey, a phone unlocking and forensics tool that is used by law > enforcement around the world, is only able to retrieve partial data from all > modern iPhones that run iOS 18 or iOS 18.0.1, which are two recently released > versions of Apple’s mobile operating system, according to documents describing > the tool’s capabilities in granular detail obtained by 404 Media. The > documents do not appear to contain information about what Graykey can access > from the public release of iOS 18.1, which was released on October 28. More ...

I’ve been writing about the problem with lawful-access backdoors in encryption for decades now: that as soon as you create a mechanism for law enforcement to bypass encryption, the bad guys will use it too. Turns out the same thing is true for non-technical backdoors: > The advisory said that the cybercriminals were successful in masquerading as > law enforcement by using compromised police accounts to send emails to > companies requesting user data. In some cases, the requests cited false > threats, like claims of human trafficking and, in one case, that an individual > would “suffer greatly or die” unless the company in question returns the > requested information...

The German police have successfully deanonymized at least four Tor users. It appears they watch known Tor relays and known suspects, and use timing analysis to figure out who is using what relay. Tor has written about this. Hacker News thread.