Uber had a mystery software to protect knowledge at far off places of work from legislation enforcement: report
Uber had a mystery software to protect knowledge at far off places of work from legislation enforcement: report

Uber workers primarily based in San Francisco may just remotely lock down equipment in the company ’s overseas offices to stymie native authorities from acquiring any incriminating knowledge, according to a document in Bloomberg.

While many corporations have remote “panic buttons” that close off computers right through police raids, Uber ’s secret machine stood out for the collection of occasions it used to be hired. the name of the game instrument, referred to as “Ripley” after Sigourney Weaver ’s hero from the Alien franchise, was once used over dozen times to thwart doubtlessly legitimate information-accumulating efforts by means of native officials, resources with knowledge told Bloomberg.

Named after Sigourney Weaver ’s hero from the ‘Alien ’ franchise

One such example occurred in Montreal in Would Possibly 2015. As described by way of Bloomberg, round 10 investigators from the provincial tax authority stormed Uber ’s administrative center with a warrant to look for proof bearing on an alleged tax violation. Employees remotely tipped off a distinct staff at the corporate ’s headquarters in San Francisco, who then used this instrument to remotely log out each laptop in the Montreal administrative center, in effect blocking the authorities from obtaining the records they sought, in line with Bloomberg. The investigators left empty passed.

(Closing 12 months, Uber threatened to go away Quebec after the government proposed new rules that will require drivers to undergo 35 hours of coaching and feature prison historical past tests done by way of a police power, but the corporate later sponsored down.)

it will now not technically quantity to obstruction of justice, because the definition of obstruction tends to shift from united states of america to u . s ., nevertheless it certainly doesn ’t make Uber look just right. in line with Bloomberg:

The Uber HQ crew overseeing Ripley could remotely modification passwords and another way lock up knowledge on corporate-owned smartphones, laptops, and desktops in addition as close down the gadgets. This routine was first of all referred to as the surprising visitor protocol. Staff acutely aware of its existence in the end took to calling it Ripley, after Sigourney Weaver ’s flamethrower-wielding hero within the Alien motion pictures. The nickname was impressed via a Ripley line in Extraterrestrial Beings, after the acid-blooded extraterrestrials easily best a squad of flooring troops. “Nuke all of the site from orbit. It ’s the only technique to be certain that.”

Ripley now joins the rogues ’ gallery of Uber ’s different sketchy, codenamed device equipment, including “Hell,” “Greyball,” “God View,” “Firehouse,” and “Surfcam.” The Corporate is being probed by way of the u.s. Justice Department for no less than five alleged schemes. But as a result of the multi-jurisdictional nature of this application, it ’s uncertain whether or not law enforcement authorities will inspect Ripley in addition.

Update January eleventh, 11:51am ET: An Uber spokesperson supplied the following comment: “like all corporate with workplaces across the international, we have security procedures in position to offer protection to corporate and purchaser data. as an example, if an employee loses their computer, we have the power to remotely log them out of Uber ’s systems to forestall someone else from accessing personal consumer knowledge thru that pc. While it comes to govt investigations, it ’s our policy to cooperate with all legitimate searches and requests for knowledge.”

Replace January 11th, 3:25pm ET: The hits stay coming. After the Bloomberg tale was published, a brand new document detailing secret tools used by Uber to thwart investigators hit TechCrunch. This one is called uLocker, and it used by Uber to “ransomware” its personal data to make it inaccessible to investigators.

in keeping with the story:

The source stated uLocker used to be being written in-area via Uber ’s engineering-security and Marketplace Analytics divisions (the latter being the unit prior to now pronounced to be concerned about collecting intelligence from competition).

The Same source told us that Uber had some other program meant to orchestrate the physical destruction of end-element workstations in the adventure of a raid by means of legislation enforcement — again as a method to render corporate information inaccessible to external investigators.

An Uber spokesperson confirmed the existence of uLocker to TC, however denied its use as a cryptolocker to ransomware Uber ’s data. “There ’s most effective ever been one model of uLocker,” the spokesperson told TC. “there were in advance conversations approximately what it’ll include — however there ’s most effective ever been one model of it. And all it does is the locking and encryption.”

The spokesperson additionally mentioned she wasn ’t acutely aware of any software that would physically wreck Uber ’s computer systems remotely in the adventure of a raid, mentioning present corporate protocol regarding investigations that states, “do not delete, destroy, conceal any record or data”.

LEAVE A REPLY

This site uses Akismet to reduce spam. Learn how your comment data is processed.