ToTok is a spying tool
4 posters
Page 1 of 1
ToTok is a spying tool
New York Times wrote:It Seemed Like a Popular Chat App. It's Secretly a Spy Tool.
The New York Times
Mark Mazzetti, Nicole Perlroth and Ronen Bergman
December 23, 2019
WASHINGTON — It is billed as an easy and secure way to chat by video or text message with friends and family, even in a country that has restricted popular messaging services like WhatsApp and Skype.
But the service, ToTok, is actually a spying tool, according to U.S. officials familiar with a classified intelligence assessment and a New York Times investigation into the app and its developers. It is used by the government of the United Arab Emirates to try to track every conversation, movement, relationship, appointment, sound and image of those who install it on their phones.
ToTok, introduced only months ago, was downloaded millions of times from the Apple and Google app stores by users throughout the Middle East, Europe, Asia, Africa and North America. While the majority of its users are in the Emirates, ToTok surged to become one of the most downloaded social apps in the U.S. last week, according to app rankings and App Annie, a research firm.
ToTok amounts to the latest escalation in a digital arms race among wealthy authoritarian governments, interviews with current and former U.S. foreign officials and a forensic investigation showed. The governments are pursuing more effective and convenient methods to spy on foreign adversaries, criminal and terrorist networks, journalists and critics — efforts that have ensnared people all over the world in their surveillance nets.
Persian Gulf nations like Saudi Arabia, the Emirates and Qatar previously turned to private firms — including Israeli and U.S. contractors — to hack rivals and, increasingly, their own citizens. The development of ToTok, experts said, showed that the governments can cut out the intermediary to spy directly on their targets, who voluntarily, if unwittingly, hand over their information.
A technical analysis and interviews with computer security experts showed that the firm behind ToTok, Breej Holding, is most likely a front company affiliated with DarkMatter, an Abu Dhabi-based cyberintelligence and hacking firm where Emirati intelligence officials, former National Security Agency employees and former Israeli military intelligence operatives work. DarkMatter is under FBI investigation, according to former employees and law enforcement officials, for possible cybercrimes. The U.S. intelligence assessment and the technical analysis also linked ToTok to Pax AI, an Abu Dhabi-based data mining firm that appears to be tied to DarkMatter.
Pax AI’s headquarters operate from the same Abu Dhabi building as the Emirates’ signals intelligence agency, which until recently was where DarkMatter was based.
The UAE is one of America’s closest allies in the Middle East, seen by the Trump administration as a bulwark against Iran and a close counterterrorism partner. Its ruling family promotes the country as an example of a modern, moderate Arab nation, but it has also been at the forefront of using surveillance technology to crack down on internal dissent — including hacking Western journalists, emptying the banking accounts of critics, and holding human rights activists in prolonged solitary confinement over Facebook posts.
The government blocks specific functions of apps like WhatsApp and Skype, a reality that has made ToTok particularly appealing in the country. Huawei, the Chinese telecom giant, recently promoted ToTok in advertisements.
Spokesmen for the CIA and the Emirati government declined to comment. Calls to a phone number for Breej Holding rang unanswered, and Pax employees did not respond to emails and messages. An FBI spokeswoman said that “while the FBI does not comment on specific apps, we always want to make sure to make users aware of the potential risks and vulnerabilities that these mechanisms can pose.”
When The Times initially contacted Apple and Google representatives with questions about ToTok’s connection to the Emirati government, they said they would investigate. On Thursday, Google removed the app from its Play store after determining ToTok violated unspecified policies. Apple removed ToTok from its App Store on Friday and was still researching the app, a spokesman said. ToTok users who already downloaded the app will still be able to use it until they remove it from their phones.
It was unclear when U.S. intelligence services first determined that ToTok was a tool of Emirati intelligence, but one person familiar with the assessment said that U.S. officials have warned some allies about its dangers. It is not clear whether U.S. officials have confronted their counterparts in the Emirati government about the app. One digital security expert in the Middle East, speaking on the condition of anonymity to discuss powerful hacking tools, said that senior Emirati officials told him that ToTok was indeed an app developed to track its users in the Emirates and beyond.
ToTok appears to have been relatively easy to develop, according to a forensic analysis performed for The Times by Patrick Wardle, a former NSA hacker who works as a private security researcher. It appears to be a copy of a Chinese messaging app offering free video calls, YeeCall, slightly customized for English and Arabic audiences.
ToTok is a cleverly designed tool for mass surveillance, according to the technical analysis and interviews, in that it functions much like the myriad other Apple and Android apps that track users’ location and contacts.
On the surface, ToTok tracks users’ location by offering an accurate weather forecast. It hunts for new contacts any time a user opens the app, under the pretense that it is helping connect with their friends, much like how Instagram flags Facebook friends. It has access to users’ microphones, cameras, calendar and other phone data. Even its name is an apparent play on the popular Chinese app TikTok.
Though billed as “fast and secure,” ToTok makes no claim of end-to-end encryption, like WhatsApp, Signal or Skype. The only hint that the app discloses user data is buried in the privacy policy: “We may share your personal data with group companies.”
So instead of paying hackers to gain access to a target’s phone — the going rate is up to $2.5 million for a hacking tool that can remotely access Android phones, according to recent price lists — ToTok gave the Emirati government a way to persuade millions of users to hand over their most personal information for free.
“There is a beauty in this approach,” said Wardle, now a security researcher at Jamf, a software company. “You don’t need to hack people to spy on them if you can get people to willingly download this app to their phone. By uploading contacts, video chats, location, what more intelligence do you need?”
In an intelligence-gathering operation, Wardle said, ToTok would be Phase 1. Much like the NSA’s bulk metadata collection program — which was quietly shut down this year — ToTok allows intelligence analysts to analyze users’ calls and contacts in search of patterns, though its collection is far more invasive. It is unclear whether ToTok allows the Emiratis to record video or audio calls of its users.
Each day, billions of people freely forgo privacy for the convenience of using apps on their phones. The Privacy Project by the Times’ Opinion section published an investigation last week revealing how app makers and third parties track the minute-by-minute movements of mobile phone users.
Private companies collected that data for targeted marketing. In ToTok’s case — according to current and former officials and digital crumbs the developers left behind — much of the information is funneled to intelligence analysts working on behalf of the Emirati state.
In recent months, semiofficial state publications began promoting ToTok as the free app long sought by Emiratis. This month, users of a messaging service in the Emirates requiring paid subscriptions, Botim, received an alert telling users to switch to ToTok — which it called a “free, fast and secure” messaging app. Accompanying the message was a link to install it.
The marketing seems to have paid off.
In reviews, Emiratis expressed gratitude to ToTok’s developers for finally bringing them a free messaging app. “Blessings! Your app is the best App so far that has enable me and my family to stay connected!!!” one wrote. “Kudos,” another wrote. “Finally, an app that works in the UAE!”
ToTok’s popularity extended beyond the Emirates. According to recent Google Play rankings, it was among the top 50 free apps in Saudi Arabia, Britain, India, Sweden and other countries. Some analysts said it was particularly popular in the Middle East because — at least on the surface — it was unaffiliated with a large, powerful nation.
Though the app is a tool for the Emirati government, the exact relationship between the firms behind it is murky. Pax employees are made up of European, Asian and Emirati data scientists, and the company is run by Andrew Jackson, an Irish data scientist who previously worked at Palantir, a Silicon Valley firm that works with the Pentagon and U.S. spy agencies.
Its affiliate company, DarkMatter, is in effect an arm of the Emirati government. Its operations have included hacking government ministries in Iran, Qatar and Turkey; executives of FIFA, the world soccer organization; journalists and dissidents.
Last month, the Emirati government announced that DarkMatter would combine with two dozen other companies to create a defense conglomerate focused on repelling cyberattacks.
The FBI is investigating American employees of DarkMatter for possible cybercrimes, according to people familiar with the investigation. The inquiry intensified after former NSA hackers working for the company grew concerned about its activities and contacted the bureau. Reuters first reported the program they worked on, Project Raven.
At Pax, data scientists openly brag about their work on LinkedIn. One who listed his title as “data science team lead” said he had created a “message intelligence platform” that reads billions of messages to answer four questions: “who you are, what you do, how do you think, and what is your relationship with others.”
“With the answers to these four questions, we know everything about one person,” wrote the data scientist, Jingyan Wang.
Other Pax employees describe their experience creating tools that can search government data sets for faces from billions of video feeds and pinpoint Arabic dialects from transcribed video messages.
None mention an affiliation with ToTok.
This article originally appeared in The New York Times.
https://news.yahoo.com/seemed-popular-chat-app-secretly-125738897.html?.tsrc=notification-brknews
Alexa, Record the lovemaking of me and my wife. Hey Google, Wake the children at 3 am. We are allowing these spies into our homes, without thought of how they work, or what they listen to.
If they 'awake' when I address them, what else wakes them up? Can they be accessed remotely? They are 'ears' that we allow in our homes, most certainly, but what certainty do we have they are only private ears? Are they commercial ears, recording our words to decipher what products we want, or might need? Worse, are they hackers' ears, listening for when we will be on vacation or at work, so that our home might be burgled?
Here, above, is the first chapter in that story.
Original Quill- Forum Detective ????♀️
- Posts : 37540
Join date : 2013-12-19
Age : 59
Location : Northern California
Re: ToTok is a spying tool
Information = money = power.
That means we're constantly surrounded by people who want our information. As the saying goes, "if you're not paying for the product, you're the product."
That means we're constantly surrounded by people who want our information. As the saying goes, "if you're not paying for the product, you're the product."
Re: ToTok is a spying tool
Let's not forget, either, that our three countries here are at the centre of the most successful intelligence-sharing network that the world has ever known :
https://en.wikipedia.org/wiki/Five_Eyes
And the NSA is likely still the world leader in electronic media surveilance ?
While the rest of the world races to catch up -- now the Arabs have joined the likes of the Russians and Chinese in upping their spying efforts.
I wonder if the recent surge in the uptake of that ToTok app in western countries, is due to Arab families preparing for the concentration of Muslim, Christian and Jewish holidays over the next few weeks ?
'Wolfie- Forum Detective ????♀️
- Posts : 8189
Join date : 2016-02-24
Age : 66
Location : Lake Macquarie, NSW, Australia
Re: ToTok is a spying tool
Add to the electronic surveillance, all these store ID cards, without which you do not get the sales and savings. Every purchase goes into a computer file they keep on you, so that they know your drugs, drinking habits, whether you are a smoker, etc. They know the food you purchase, the likelihood that you are obese, alcoholic, or have heart disease.
It's scary.
It's scary.
Original Quill- Forum Detective ????♀️
- Posts : 37540
Join date : 2013-12-19
Age : 59
Location : Northern California
Re: ToTok is a spying tool
Original Quill wrote:Add to the electronic surveillance, all these store ID cards, without which you do not get the sales and savings. Every purchase goes into a computer file they keep on you, so that they know your drugs, drinking habits, whether you are a smoker, etc. They know the food you purchase, the likelihood that you are obese, alcoholic, or have heart disease.
It's scary.
If you have any of those life-threatening maladies then being spied on is the least of your problems.
And you're right, spies are everywhere. I wouldn't say it's ''scary'' exactly, as it's nothing new. It's always been like that.
I'd say it's irritating - and a damn cheek. Nosey bleeders!
JulesV- Forum Detective ????♀️
- Posts : 4275
Join date : 2016-07-30
Location : Vantage Point
Re: ToTok is a spying tool
JulesV wrote:Original Quill wrote:Add to the electronic surveillance, all these store ID cards, without which you do not get the sales and savings. Every purchase goes into a computer file they keep on you, so that they know your drugs, drinking habits, whether you are a smoker, etc. They know the food you purchase, the likelihood that you are obese, alcoholic, or have heart disease.
It's scary.
If you have any of those life-threatening maladies then being spied on is the least of your problems.
And you're right, spies are everywhere. I wouldn't say it's ''scary'' exactly, as it's nothing new. It's always been like that.
I'd say it's irritating - and a damn cheek. Nosey bleeders!
Being spied upon is probably the least of anyone's problems, unless it leads to greater things. I'm particularly sensitive to these kinds of things, because I was involved in abscam and fast-and-furious defenses in Arizona. I was amazed at what kind of targeting the police can do, even without a warrant. I have an uneasiness or angst of any surreptitious data collecting. And knowing what I do about runaway cops...I'm glad I do.
Original Quill- Forum Detective ????♀️
- Posts : 37540
Join date : 2013-12-19
Age : 59
Location : Northern California
Re: ToTok is a spying tool
Who runs it, Quill? Or owns it?
Weinstein's victims complained that he hired professionals to spy on them.
I feel very sorry for him for the jail sentence he got today, but him using his money to have his victims spied on - that's vile behaviour, unforgiveable.
Weinstein's victims complained that he hired professionals to spy on them.
I feel very sorry for him for the jail sentence he got today, but him using his money to have his victims spied on - that's vile behaviour, unforgiveable.
JulesV- Forum Detective ????♀️
- Posts : 4275
Join date : 2016-07-30
Location : Vantage Point
Re: ToTok is a spying tool
Right now, it is run by Safeway, Comcast, Tesco, and a miriad of interest, mainly private corporations. But look at Trump. The corporate is being merged with the political.
Weinstein is a special, highly unusual case of a criminal with interests of his own. I'm more worried if it is business-as-usual and happens everyday, all over the world.
Weinstein is a special, highly unusual case of a criminal with interests of his own. I'm more worried if it is business-as-usual and happens everyday, all over the world.
Original Quill- Forum Detective ????♀️
- Posts : 37540
Join date : 2013-12-19
Age : 59
Location : Northern California
Similar topics
» interesting tool to compare nations
» Lawsuit filed over NSA spying
» Chrome to become Malware Collection tool.
» This Supreme Court Case Made School District Lines A Tool For Segregation
» Government Spying losing the US money
» Lawsuit filed over NSA spying
» Chrome to become Malware Collection tool.
» This Supreme Court Case Made School District Lines A Tool For Segregation
» Government Spying losing the US money
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum
Sat Mar 18, 2023 12:28 pm by Ben Reilly
» TOTAL MADNESS Great British Railway Journeys among shows flagged by counter terror scheme ‘for encouraging far-right sympathies
Wed Feb 22, 2023 5:14 pm by Tommy Monk
» Interesting COVID figures
Tue Feb 21, 2023 5:00 am by Tommy Monk
» HAPPY CHRISTMAS.
Sun Jan 01, 2023 7:33 pm by Tommy Monk
» The Fight Over Climate Change is Over (The Greenies Won!)
Thu Dec 15, 2022 3:59 pm by Tommy Monk
» Trump supporter murders wife, kills family dog, shoots daughter
Mon Dec 12, 2022 1:21 am by 'Wolfie
» Quill
Thu Oct 20, 2022 10:28 pm by Tommy Monk
» Algerian Woman under investigation for torture and murder of French girl, 12, whose body was found in plastic case in Paris
Thu Oct 20, 2022 10:04 pm by Tommy Monk
» Wind turbines cool down the Earth (edited with better video link)
Sun Oct 16, 2022 9:19 am by Ben Reilly
» Saying goodbye to our Queen.
Sun Sep 25, 2022 9:02 pm by Maddog
» PHEW.
Sat Sep 17, 2022 6:33 pm by Syl
» And here's some more enrichment...
Thu Sep 15, 2022 3:46 pm by Ben Reilly
» John F Kennedy Assassination
Thu Sep 15, 2022 3:40 pm by Ben Reilly
» Where is everyone lately...?
Thu Sep 15, 2022 3:33 pm by Ben Reilly
» London violence over the weekend...
Mon Sep 05, 2022 2:19 pm by Tommy Monk
» Why should anyone believe anything that Mo Farah says...!?
Wed Jul 13, 2022 1:44 am by Tommy Monk
» Liverpool Labour defends mayor role poll after turnout was only 3% and they say they will push ahead with the option that was least preferred!!!
Mon Jul 11, 2022 1:11 pm by Tommy Monk
» Labour leader Keir Stammer can't answer the simple question of whether a woman has a penis or not...
Mon Jul 11, 2022 3:58 am by Tommy Monk
» More evidence of remoaners still trying to overturn Brexit... and this is a conservative MP who should be drummed out of the party and out of parliament!
Sun Jul 10, 2022 10:50 pm by Tommy Monk
» R Kelly 30 years, Ghislaine Maxwell 20 years... but here in UK...
Fri Jul 08, 2022 5:31 pm by Original Quill