Search the Community
Showing results for tags 'employee'.
Found 4 results
steven36 posted a topic in General NewsHONG KONG/WARSAW (Reuters) - Chinese telecommunications equipment maker Huawei said on Saturday it had sacked an employee arrested in Poland on spying charges in a case that could intensify Western security concerns about the company. Poland’s internal affairs minister, Joachim Brudzinski, called for the European Union and NATO to work on a joint position over whether to exclude Huawei from their markets following the arrest of the Chinese employee and a former Polish security official on Friday. Huawei, the world’s biggest producer of telecommunications equipment, faces intense scrutiny in the West over its relationship with China’s government and U.S.-led allegations that its devices could be used by Beijing for spying. No evidence has been produced publicly and the firm has repeatedly denied the accusations, but several Western countries have restricted Huawei’s access to their markets. In August, U.S. President Donald Trump signed a bill that barred the U.S. government from using Huawei equipment and is mulling an executive order that would also ban U.S. companies from doing so. Brudzinski said Poland wanted to continue cooperating with China but that a discussion was needed on whether to exclude Huawei from some markets. “There are concerns about Huawei within NATO as well. It would make most sense to have a joint stance, among EU member states and NATO members,” he told private broadcaster RMF FM. “We want relations with China that are good, intensive and attractive for both sides,” he added. HUAWEI DISTANCES ITSELF FROM ARRESTS Seeking to distance itself from the incident, Huawei said in a statement it had sacked Wang Weijing, whose “alleged actions have no relation to the company.” “In accordance with the terms and conditions of Huawei’s labor contract, we have made this decision because the incident has brought Huawei into disrepute,” the statement said. “Huawei complies with all applicable laws and regulations in the countries where it operates, and we require every employee to abide by the laws and regulations in the countries where they are based,” the company’s statement added. A Huawei spokesman, Joe Kelly, declined to give any further details. The two men have heard the charges and could be held for three months. A spokesman for the Polish security services had told Reuters the allegations related to individual actions, and were not linked directly to Huawei Technologies Cos Ltd. A deputy digital affairs minister in Poland said, however, that Warsaw was analyzing any involvement by Huawei in building the country’s 5G telecommunications infrastructure, Money.pl portal reported. Any decision by Western governments over whether to exclude Huawei from their markets would have to consider the possible impact on the speed and cost of 5G development, analysts say. “My best-case outcome is that Europe uses this window of opportunity and figures out how to have a minimal risk for the best network possible,” said Jan-Peter Kleinhans, an IT security expert at Stiftung Neue Verantwortung, a Berlin-based think-tank. A LinkedIn profile for Wang showed he has worked for Huawei’s Polish division since 2011 and previously served as attache to the Chinese General Consul in Gdansk from 2006-2011. Wang did not immediately respond to a request for comment via the social media site. China’s Foreign Ministry has expressed concern over the case and is urging Poland to handle the case “justly.” Source
steven36 posted a topic in General NewsGoogle bosses have forced employees to delete a confidential memo circulating inside the company that revealed explosive details about a plan to launch a censored search engine in China, The Intercept has learned. The memo, authored by a Google engineer who was asked to work on the project, disclosed that the search system, codenamed Dragonfly, would require users to log in to perform searches, track their location — and share the resulting history with a Chinese partner who would have “unilateral access” to the data. The memo was shared earlier this month among a group of Google employees who have been organizing internal protests over the censored search system, which has been designed to remove content that China’s authoritarian Communist Party regime views as sensitive, such as information about democracy, human rights, and peaceful protest. According to three sources familiar with the incident, Google leadership discovered the memo and were furious that secret details about the China censorship were being passed between employees who were not supposed to have any knowledge about it. Subsequently, Google human resources personnel emailed employees who were believed to have accessed or saved copies of the memo and ordered them to immediately delete it from their computers. Emails demanding deletion of the memo contained “pixel trackers” that notified human resource managers when their messages had been read, recipients determined. The Dragonfly memo reveals that a prototype of the censored search engine was being developed as an app for both Android and iOS devices, and would force users to sign in so they could use the service. The memo confirms, as The Intercept first reported last week, that users’ searches would be associated with their personal phone number. The memo adds that Chinese users’ movements would also be stored, along with the IP address of their device and links they clicked on. It accuses developers working on the project of creating “spying tools” for the Chinese government to monitor its citizens. People’s search histories, location information, and other private data would be sent out of China to a database in Taiwan, the memo states. But the data would also be provided to employees of a Chinese company who would be granted “unilateral access” to the system. To launch the censored search engine, Google set up a “joint venture” partnership with an unnamed Chinese company. The search engine will “blacklist sensitive queries” so that “no results will be shown” at all when people enter certain words or phrases, according to documents seen by The Intercept. Blacklisted search terms on a prototype of the search engine include “human rights,” “student protest,” and “Nobel Prize” in Mandarin, said sources familiar with the project. According to the memo, aside from being able to access users’ search data, the Chinese partner company could add to the censorship blacklists: It would be able to “selectively edit search result pages … unilaterally, and with few controls seemingly in place.” That a Chinese company would maintain a copy of users’ search data means that, by extension, the data would be accessible to Chinese authorities, who have broad powers to obtain information that is held or processed on the country’s mainland. A central concern human rights groups have expressed about Dragonfly is that it could place users at risk of Chinese government surveillance — and any person in China searching for blacklisted words or phrases could find themselves interrogated or detained. Chinese authorities are well-known for routinely targeting critics, activists, and journalists. “It’s alarming to hear that such information will be stored and, potentially, easily shared with the Chinese authorities,” said Patrick Poon, a Hong Kong-based researcher with the human rights group Amnesty International. “It will completely put users’ privacy and safety at risk. Google needs to immediately explain if the app will involve such arrangements. It’s time to give the public full transparency of the project.” On August 16, two weeks after The Intercept revealed the Dragonfly plan, Google CEO Sundar Pichai told the company’s employees that the China plan was in its “early stages” and “exploratory.” However, employees working on the censored search engine were instructed in late July, days before the project was publicly exposed, that they should prepare to get it into a “launch-ready state” to roll out within weeks, pending approval from officials in Beijing. The memo raises new questions about Pichai’s claim that the project was not well-developed. Information stored on the company’s internal networks about Dragonfly “paints a very different picture,” it says. “The statement from our high-level leadership that Dragonfly is just an experiment seems wrong.” The memo identifies at least 215 employees who appear to have been tasked with working full-time on Dragonfly, a number it says is “larger than many Google projects.” It says that source code associated with the project dates back to May 2017, and “many infrastructure parts predate” that. Moreover, screenshots of the app “show a project in a pretty advanced state,” the memo declares. Most of the details about the project “have been secret from the start,” the memo says, adding that “after the existence of Dragonfly leaked, engineers working on the project were also quick to hide all of their code.” The author of the memo said in the document that they were opposed to the China censorship. However, they added, “more than the project itself, I hate the culture of secrecy that has been built around it.” The memo was first posted September 5 on an internal messaging list set up for Google employees to raise ethical concerns. But the memo was soon scrubbed from the list and individuals who had opened or saved the document were contacted by Google’s human resources department to discuss the matter. The employees were instructed not to share the memo. Google reportedly maintains an aggressive security and investigation team known as “stopleaks,” which is dedicated to preventing unauthorized disclosures. The team is also said to monitor internal discussions. Internal security efforts at Google have ramped up this year as employees have raised ethical concerns around a range of new company projects. Following the revelation by Gizmodo and The Intercept that Google had quietly begun work on a contract with the military last year, known as Project Maven, to develop automated image recognition systems for drone warfare, the communications team moved swiftly to monitor employee activity. The “stopleaks” team, which coordinates with the internal Google communications department, even began monitoring an internal image board used to post messages based on internet memes, according to one former Google employee, for signs of employee sentiment around the Project Maven contract. Google’s internal security team consists of a number of former military and law enforcement officials. For example, LinkedIn lists as Google’s head of global investigations Joseph Vincent, whose resume includes work as a high-ranking agent at the U.S. Immigration and Customs Enforcement agency’s Homeland Security Investigations unit. The head of security at Google is Chris Rackow, who has described himself as a former member of the Federal Bureau of Investigation’s hostage rescue team and as a former U.S. Navy SEAL. For some Google employees, the culture of secrecy at the company clashes directly with the its public image around fostering transparency, creating an intolerable work environment. “Leadership misled engineers working on [Dragonfly] about the nature of their work, depriving them of moral agency,” said a Google employee who read the memo. Google did not respond to a request for comment on this story. Source
steven36 posted a topic in Security & Privacy NewsNSO sells its potent iPhone malware to governments, including Mexico and the United Arabs Emirates. But according to a newly released indictment, a disgruntled employee stole the company's code and tried to sell it for $50 million worth of cryptocurrency. NSO Group sells some of the most potent, off-the-shelf malware for remotely breaking into smartphones. Some versions allow a law enforcement or intelligence agency to steal essentially all meaningful data from an iPhone with no interaction from the target. Others just require the victim to click one link in a carefully crafted text message, before giving up their contacts, emails, social media messages, GPS location, and much more. NSO only sells its tools to government agencies, but a newly released, explosive indictment alleges that a company employee stole NSO’s spyware product, dubbed Pegasus, and tried to sell it to non-authorized parties for $50 million worth of cryptocurrency. These capabilities “are estimated at hundreds of millions of [US] dollars,” a translated version of the indictment reads. Several Israeli outlets were the first to report on and upload the indictment. The news shows a danger often highlighted by critics of the malware industry: that hacking tools or exploits typically reserved for law enforcement or intelligence agencies may fall into other hands. Omri Lavie, the co-founder of NSO, told Motherboard in an online chat “no comment.” Ron Deibert, director of the Citizen Lab, Munk School of Global Affairs at the University of Toronto, and which has exposed abuses of NSO's products, told Motherboard in an email "The commercial spyware industry as a whole is new, lucrative and powerful, but also immature, largely unregulated, lacking in professional conduct, and prone to abuse. Theft and illicit sale of powerful surveillance technologies will happen in such circumstances, and provides yet another example of the need for greater regulatory control over the industry." NSO has faced serious controversy for repeatedly providing phone spying tools to governments that went on to abuse them. In Mexico, authorities used NSO’s malware to spy on journalists and human rights activists. In the United Arab Emirates, the government targeted prominent activist and political dissident Ahmed Mansoor with Pegasus. According to Amnesty International, Mansoor was recently given a 10 year prison term. According to the indictment, the unnamed employee started work as a senior programmer at NSO last year. As part of his job, the employee had access to NSO’s product and its source code, the document adds. NSO’s computers have systems in place to stop employees attaching external storage devices to company computers. But the employee searched the internet for ways to disable those protections, turned them off, and then stole a cache of data, the document reads. That cache includes NSO’s product source code, “which allows exposure and a full understanding of how the system operates” and “cyber capabilities.” Shortly before the alleged theft, managers called the employee into a meeting, as the company was considering firing him, the document says. After stealing the bevvy of powerful malware, the employee allegedly took to the so-called dark net to try and sell the code for $50 million in cryptocurrencies such as Monero, Zcash, and Verge, the indictment adds. The document says the defendant created an account on the Mail2Tor email service. The defendant also allegedly searched Google for ways to sell cyber capabilities, and who to sell them to. A potential customer engaged the employee, who was now posing as a hacker that had penetrated NSO’s systems, but reported the attempted sale back to NSO. Then in collaboration with NSO, the customer asked the defendant for more details. Days later, police raided the employee’s apartment, the document adds. The indictment says that the defendant’s alleged actions have harmed the security of Israel, in part, because it could have “caused the collapse of NSO.” John Scott-Railton, a senior researcher also from Citizen Lab, told Motherboard in an online chat that "The concern about proliferation of spyware and exploit tech is not just about sales to paying customers, it's about the potential diversion and theft of the technology." The document says that, during the period relevant to the indictment, NSO employed around 500 workers and its market value was estimated at some $900 million. In May, Reuters reported that US surveillance giant Verint was in talks to buy NSO in a deal worth about $1 billion. Verint did not respond to a request for comment. Francisco Partners, the global equity firm which currently owns most of NSO, did not respond either. "If I were an investor looking at NSO, this case would make me deeply concerned: how much liability would I be exposed to if leaked or stolen code/exploits are used by non-customers are part of an attack?" Scott-Railton added. Update: This piece has been updated to include additional comment. Source
lurch234 posted a topic in General NewsWalmart partnered with Lockheed Martin, FBI for employee surveillance Between 2012 and 2013, Walmart reportedly hired Lockheed Martin and later began working with the Federal Bureau of Investigation (FBI) to monitor its employees suspected of being involved in labor protests. Walmart partnered with Lockheed Martin and FBI to monitor employee protests between 2012 and 2013 Walmart contracted Lockheed Martin in the fall of 2012 to canvass and analyze social media sites so that they can keep tabs on employees when it caught wind of news that an advocacy group might stage a protest on Black Friday. according to Bloomberg Businessweek. More than 1,000 pages of e-mails, reports, playbooks, charts, and graphs, as well as testimony from its head of labor relations at the time detail the retail giant's efforts to conduct surveillance on its employees and members of the Organization United for Respect at Walmart (OUR Walmart), according to the report. The documents were obtained prior to a National Labor Relations Board (NLRB) hearing into OUR Walmart's allegations of retaliation against employees who joined protests, the report said. While Lockheed Martin is one of the biggest defense contractors in the world it also operates a tool called LM Wisdom, which the company advertises as having the power to analyze content that could â€œincite organized movements, riots and sway political outcomes.â€ While there is no evidence that the tool was used, Bloomberg reported a single reference to it in the documents obtained in the form of a question asking a Walmart corporate employee if she had heard of it. Walmart reportedly also used assistance from the contractor in April 2013 to monitor the movements of a â€œRide for Respectâ€ bus caravan organized by the protesters to arrive in Bentonville, Ark., the location of Walmart's corporate office, during a week long annual shareholder meeting. Upon learning that members of the Occupy movement might join the protest, Walmart contacted the FBI Joint Terrorism Task Forces although the documents don't contain any details about the collaboration, according to the report. SCMagazine attempted to contact Lockheed Martin and Walmart for comment however a Lockheed Martin spokesperson declined and Walmart has yet to respond. December 01, 2015 Source