Ausgehend von fefes Notiz über die Superfish-Malware auf Lenovo-Rechnern habe ich mal weiter gegoogelt.
Falls ihr, wie ich, vor der Lenovo-Nummer noch nie von Superfish gehört hattet, und euch dachtet, hey, das wird irgendeine Chinesische Malwarebude sein, aus der selben Ecke wie früher die ganzen ranzigen Browser-Toolbars: Nee, das ist ein amerikanisches Startup. Hier ist deren Homepage, unter About findet man Fotos der Mitarbeiter. Und da sieht man dann: lauter israelisch klingende Namen, und der Hinweis auf ihre Investoren. Wenn man da mal ein bisschen hinterher klickt, stellt man fest, dass die durchaus großzügig Risikokapital eingesammelt haben.
Das ist offensichtlich nicht ganz richtig:
Superfish ist ein israelisches StartUp aus Herzliya (HighTech-Zentrum, Mossad, Unis, Microsoft..).
Eine weitere Google-Suche führt zu:
Superfish > Verint > Comverse > Odigo > 911
Superfish > Herzliya (Israel, Tel Aviv) > Mossad u.a. , Microsoft
Und ganz am Rande:
Herzliya > Dnipropetrovsk (Ukraine) = Schwesterstadt > Ihor_Kolomoyskyi (Gouverneur, israel. . Staatsbürger) > MH17 ( Das Flugzeug wurde von der Flusgsicherung
Dnipropetrovsk umgeleitet bevor es abgeschossen wurde)
MH17 > Israel > Yaron Mofaz (Israeli, machte letztes Photo von MH17 in Amsterdam VOR Abschuss, verwandt mit ehem. isr. Verteidigungsminister Shaul Mofaz)
Das kann einen doch sehr nachdenklich machen!
Belege / weitere Suche:
2014-07-28; Last MH17 photo BEFORE crash in Ukraine by israeli Yaron Mofaz/Reuters,foreknowledge?
Superfish, the Israeli startup that will find you the perfect pet
Or the ultimate couch. Forget texting, visual search is the future, professes Adi Pinchas
By Amitai Ziv | Sep. 2, 2014 | 3:43 PM
You want a cat and know exactly what kind. How, how to find the yearned-for feline? Or the dog of your dreams, the iguana you envisage, the ultimate long-haired guinea pig with pink eyes? PetMatch is an app to find your ideal pet using cutting-edge image search technology made by an Israeli startup called Superfish.
Superfish aims to do for searching by image what Google does for searching by text.
“Our algorithm compares two pictures and determines if they’re similar or identical,” says Adi Pinchas, the CEO of Superfish.
Helpfully, Superfish is not only developing the technology but mobile apps to use it as well. PetMatch is but one of its image-driven offerings.
“Say you’re in the park and see a cute dog,” Pinchas says, explaining the concept. “You can take its picture using the PetMatch app on your phone.���
The app then compares the picture of your new love interest with pictures in the company’s database suggests visually similar dogs. In the United States, Superfish works with PetFinder; in Israel it’s starting work with the nonprofit association Yad4.
The startup doesn’t make money from all this pet-matching. It’s a good deed, says Pinchas, who notes that two or three dogs routinely come to work at Superfish with their human companions.
Another Superfish app is WindowShopper, which is where the company makes most of its income. This is a program for computer or iOS; the mobile version is called ShopScout. When you’re shopping online, this software generates recommendations for similar products on other sites, based on the image of the original product. The company’s income is based on directing surfers to these e-commerce sites.
Some 120,000 stores with more than half a billion products – from shoes to watches to lawn mowers – have joined and been indexed in WindowShopper.
“What’s nice about WindowShopper is that it enables us to make money, but not in a way that bothers the user,” says Pinchas. “We show him similar products made by our affiliates in a way that helps him choose. If he goes into an affiliate store, or makes a purchase, we get money – it can reach 5% to 20% of the deal.” The app works in North America, Europe, Russia, Japan and India, he says.
The company plans to launch a similar app for furniture shopping soon: it has a database of 30 million items of furniture at 6,000 affiliated stores. Same principle: see a couch you like, take a picture using the app and find similar items.
Growth rate: 26,000%
It’s unusual for a company to handle both the underlying technology and the app. Why not outsource the app? Well, it started that way in 2006, developing just the technology, and basically had no real income through 2010.
Also, they felt they needed to prove the concept, explains Pinchas. “People didn’t grasp the need for visual searches, so we undertook to develop the apps, too. Now we believe visual search is going to become a structured feature in all smartphone cameras.” They’re already in talks with the big phone manufacturers, he says.
These days, Superfish is growing like an über-weed, even making fourth place in Inc. magazine’s list of the 500 fastest-growing startups (based on revenues over three years). In 2013, Superfish achieved revenues of $35.3 million, compared with $135,000 in 2010 – an increase of 26,000% in three years.
“The fact that we’re the fastest-growing software company in the Inc. 500 reflects the tremendous market traction we’re already seeing, and we’ve just scratched the surface of what is possible with visual search,” Pinchas told the magazine.
The company has 65 employees in Israel and 25 more in Palo Alto
Superfish: A History Of Malware Complaints And International Surveillance
Superfish, a little-known “visual search” and ad tech provider from Palo Alto whose CEO was once part of the surveillance industrial complex, is about to learn what it feels like to face the unwavering wrath of the privacy and security industries. Lenovo will take much of the blame for potentially placing users at risk by contracting Superfish to effectively carry out man-in-the-middle attacks on users to intercept their traffic just to get the firm’s “visual” ads up during customers’ web searches.
Superfish’s surveillance background
What of the foundations of Superfish itself? Pinhas, the co-founder, has an interesting history, especially from a privacy perspective. According to his LinkedIn profile, in 1999 he co-founded a company called Vigilant Technology, which “invented digital video recording for the surveillance market”. That company is still thriving today, boasting contracts with a diverse range of big-name clients, including the US military’s White Sands Missile Range, Paradise Casinos in California and Arizona, and a number of Israeli government organisations.
Prior to that, former Tel Aviv resident Pinhas worked at Verint, an intelligence company with a tumultuous history, where he carried out “signal processing research” in which he’d recognise and analyse anything going over a telephone line. Verint was founded by members of the elite military intelligence agency Unit 8200. It was featured in a Wired article in 2012, in which it was alleged Verint tapped Verizon’s communications lines and was supposedly working with the National Security Agency in doing so. Just a year later, Edward Snowden would reveal Verizon had let the NSA tap all customers’ communications. One wonders if Pinhas was ever involved in those shady operations. Did that lead to his move to the West Coast?
There’s more intrigue to be found here, though. As security expert Matt Suiche pointed out to me on Twitter, the password used to get the encryption key for the Superfish certificate authority (you can find more details on that in my previous article here) is “Komodia”. There’s a company called Komodia, which also does ad injection and “global proxy interception” – some very aggressive techniques. According to the company’s website (which is currently down because of an attack on the site), the founder, Barak Weichselbaum, was also part of the surveillance industrial complex in Israel, having carried out “military service as a programmer in the IDF’s Intelligence Core”. Komodia offers one service called SSL Digestor that carries out ad injects and effectively breaks encryption, just as Superfish was doing on Lenovo PCs.Suiche and Robert Graham of Errata Security are convinced that product was used by Superfish in the Lenovo case.
So ex-surveillance agents, operating in both the private and public spheres, have ostensibly combined their powers to force ads onto people’s computers, leaving web users open to other forms of attack. That’s startling and frightening for anyone who cares about privacy or security.
Regardless of the furore that’s exploded online since the Lenovo revelations, and the fascinating history of Pinhas and his firm, Superfish is still earning a packet. Forbes ranked it 64th in the most promising American companies of 2015 and reported revenues of $38 million. It pays to be invasive these days.
Odigo Messenger was an early social networking service based on instant messaging. Odigo believed in connecting and forming friendships: members would "meet" if two or more visited the same web site simultaneously. Odigo Messenger allowed members to connect to other IM networks, such as ICQ, MSN Messenger, and AOL Instant Messenger.
Odigo was purchased for an estimated $20 million by the Israeli company Comverse Technology in 2002. Comverse leveraged Odigo server software for instant messaging solutions in cell phones. However, since Comverse had no real interest in maintaining a generic IM service, it eventually shut down the free service in 2004, abandoning millions of loyal users.
The service first became available in 1998 and carried multiple brands during a spell of affiliations with different web services provider. Although originally made available by Odigo, Inc., the service was supplied by Comverse, who used it to help innovate and forward their wireless products.
The word Odigo comes from the Greek "οδηγώ" which means "I guide/lead/drive/steer".
Odigo and the 9/11 investigation
Odigo reported that, two hours before the September 11, 2001 attacks, two of their employees who were working in an Odigo office in Herzliya Pituah, a city near Tel Aviv, received a hostile English electronic instant message non-specifically threatening them that a terrorist attack would happen. They did not mention this to their employer until after they heard reports of a terrorist attack in the United States on the news, after which they informed the company's management. One of Odigo's New York offices was then situated under a kilometer away from the World Trade Center complex. However, the threatening message did not mention the location of an attack. The company took the initiative in tracking down the originating IP address of the message, giving the information to the FBI, so that the FBI could track down the Internet Service Provider, and the actual sender of the original message. Using the "people-search" function, Odigo users can send anonymous messages anywhere in the world to other users, who they can find based on demographics or location. According to The Washington Post, the message declared "that some sort of attack was about to take place. The notes ended with an anti-Semitic slur. The messages said 'something big was going to happen in a certain amount of time'".
Herzliya Pituach (Hebrew: הרצליה פיתוח) is a wealthy beachfront district in western Herzliya, Israel, home to about 10,000 residents. It is part of the Tel Aviv District. Herzliya Pituach is known for its hotels, restaurants and high-tech industry.
Herzlia Pituach ist in den letzten Jahren stark gewachsen und gilt als wohlhabender Stadtteil mit einem großen Villenviertel, in dem israelische Geschäftsleute, aber auch ausländische Botschafter, leben. Im Industriegebiet im Süden des Ortes haben sich mehrere Hightech-Unternehmen angesiedelt, darunter das Pharmaunternehmen Immune Pharmaceuticals, Microsoft Israel, Verint Systems Israel und das israelische IT-Unternehmen matrix.
Herzliya, named after Theodor (Benjamin Zeev) Herzl, was founded in 1924 as a semi-cooperative farming community (moshava) with a mixed population of new immigrants and veteran residents. After the establishment of the state in 1948, large numbers of immigrants settled there. In 1960, when the population reached 25,000, Herzliya was declared a city.
Twin towns and sister cities : Dnipropetrovsk, Ukraine
Within the Dnipropetrovsk Metropolitan area the population is about 1,004,000 to 1,360,000 people.
A vital industrial centre of Ukraine, Dnipropetrovsk was one of the key centres of the nuclear, arms, and space industries of the Soviet Union. In particular, it is home to the Yuzhmash, a major space and ballistic missile design bureau and manufacturer. Because of its military industry, Dnipropetrovsk was a closed city until the 1990s.
Dnipropetrovsk is a powerhouse of Ukraine's business and politics as the native city for many of the country's most important figures. Ukraine's politics is still defined by the legacy of Leonid Kuchma, Pavlo Lazarenko and Yuliya Tymoshenko whose intermingled careers started in Dnipropetrovsk.
Ihor Valeriyovych Kolomoyskyi (Ukrainian: Ігор Валерійович Коломойський; Russian: Игорь Валерьевич Коломойский, Igor Kolomoisky; born February 13, 1963) is a Ukrainian-Cypriot-Israeli business oligarch of Jewish descent and the current Governor of Dnipropetrovsk Oblast.
A multibillionaire, Kolomoyskyi is rated as the second or third richest person in Ukraine (after Rinat Akhmetov and/or Viktor Pinchuk) since 2006 and 377th richest person in the world by the Forbes (as of 2011.) According to the Forbes, his net worth is USD 3b, while the Korrespondent considers it to be USD 6.5b. Kolomoyskyi is the leading partner of the Privat Group and a de facto chairman of the FC Dnipro Dnipropetrovsk.
Kolomoyski and Jewish politics
Kolomoyski is a prominent supporter of Ukraine's Jewish community and the president of the United Jewish Community of Ukraine. In 2010 he was appointed as the president of the European Council of Jewish Communities after promising the outgoing president he would donate $14 million, with his appointment being described as a "putsch" and a "Soviet-style takeover" by other EJCJ board members. After several ECJC board members resigned in protest, Kolomyski quit the ECJC and, together with fellow Ukrainian oligarch Vadim Rabinovich, founded the European Jewish Union.