Tag Archives: Technology

Exclusive: Hackers accessed Telegram messaging accounts in Iran – researchers

Guy working with those whose accounts were hacked

By Joseph Menn and Yeganeh Torbati

SAN FRANCISCO/WASHINGTON (Reuters) – Iranian hackers have compromised more than a dozen accounts on the Telegram instant messaging service and identified the phone numbers of 15 million Iranian users, the largest known breach of the encrypted communications system, cyber researchers told Reuters.

The attacks, which took place this year and have not been previously reported, jeopardized the communications of activists, journalists and other people in sensitive positions in Iran, where Telegram is used by some 20 million people, said independent cyber researcher Collin Anderson and Amnesty International technologist Claudio Guarnieri, who have been studying Iranian hacking groups for three years.

Telegram promotes itself as an ultra secure instant messaging system because all data is encrypted from start to finish, known in the industry as end-to-end encryption. A number of other messaging services, including Facebook Inc’s <FB.O> WhatsApp, say they have similar capabilities.

Headquartered in Berlin, Telegram says it has 100 million active subscribers and is widely used in the Middle East, including by the Islamic State militant group, as well as in Central and Southeast Asia, and Latin America.

Telegram’s vulnerability, according to Anderson and Guarnieri, lies in its use of SMS text messages to activate new devices. When users want to log on to Telegram from a new phone, the company sends them authorization codes via SMS, which can be intercepted by the phone company and shared with the hackers, the researchers said.

Armed with the codes, the hackers can add new devices to a person’s Telegram account, enabling them to read chat histories as well as new messages.

“We have over a dozen cases in which Telegram accounts have been compromised, through ways that sound like basically coordination with the cellphone company,” Anderson said in an interview.

Telegram’s reliance on SMS verification makes it vulnerable in any country where cellphone companies are owned or heavily influenced by the government, the researchers said.

A spokesman for Telegram said customers can defend against such attacks by not just relying on SMS verification. Telegram allows – though it does not require – customers to create passwords, which can be reset with so-called “recovery” emails.

“If you have a strong Telegram password and your recovery email is secure, there’s nothing an attacker can do,” said Markus Ra, the spokesman.

Iranian officials were not available to comment. Iran has in the past denied government links to hacking.

ROCKET KITTEN

The Telegram hackers, the researchers said, belonged to a group known as Rocket Kitten, which used Persian-language references in their code and carried out “a common pattern of spearphishing campaigns reflecting the interests and activities of the Iranian security apparatus.”

Anderson and Guarnieri declined to comment on whether the hackers were employed by the Iranian government. Other cyber experts have said Rocket Kitten’s attacks were similar to ones attributed to Iran’s powerful Revolutionary Guards.

The researchers said the Telegram victims included political activists involved in reformist movements and opposition organizations. They declined to name the targets, citing concerns for their safety.

“We see instances in which people … are targeted prior to their arrest,” Anderson said. “We see a continuous alignment across these actions.”

The researchers said they also found evidence that the hackers took advantage of a programing interface built into Telegram to identify at least 15 million Iranian phone numbers with Telegram accounts registered to them, as well as the associated user IDs. That information could provide a map of the Iranian user base that could be useful for future attacks and investigations, they said.

“A systematic de-anonymization and classification of people who employ encryption tools (of some sort, at least) for an entire nation” has never been exposed before, Guarnieri said.

Ra said Telegram has blocked similar “mapping” attempts in the past and was trying to improve its detection and blocking strategies.

Cyber experts say Iranian hackers have become increasingly sophisticated, able to adapt to evolving social media habits. Rocket Kitten’s targets included members of the Saudi royal family, Israeli nuclear scientists, NATO officials and Iranian dissidents, U.S.-Israeli security firm Check Point said last November.

POPULAR IN THE MIDDLE EAST

Telegram was founded in 2013 by Pavel Durov, known for starting VKontakte, Russia’s version of Facebook, before fleeing the country under pressure from the government.

While Facebook and Twitter are banned in Iran, Telegram is widely used by groups across the political spectrum. They shared content on Telegram “channels” and urged followers to vote ahead of Iran’s parliamentary elections in February 2016.

Last October, Durov wrote in a post on Twitter that Iranian authorities had demanded the company provide them with “spying and censorship tools.” He said Telegram ignored the request and was blocked for two hours on Oct. 20, 2015.

Ra said the company has not changed its stance on censorship and does not maintain any servers in Iran.

After complaints from Iranian activists, Durov wrote on Twitter in April that people in “troubled countries” should set passwords for added security.

Amir Rashidi, an internet security researcher at the New York-based International Campaign for Human Rights in Iran, has worked with Iranian hacking victims. He said he knew of Telegram users who were spied on even after they had set passwords.

Ra said that in those cases the recovery email had likely been hacked.

Anderson and Guarnieri will present their findings at the Black Hat security conference in Las Vegas on Thursday. Their complete research is set to be published by the Carnegie Endowment for International Peace, a Washington-based think tank, later this year.

(Reporting by Joseph Menn in San Francisco and Yeganeh Torbati in Washington; Additional reporting by Michelle Nichols at the United Nations and Parisa Hafezi in Ankara; Editing by Jonathan Weber and Tiffany Wu)

U.S. to sanction cyber attackers, cites Russia, China

US sanctioning cyber attackers

WASHINGTON (Reuters) – The United States will use sanctions against those behind cyber attacks that target transportation systems or the power grid, the White House said on Tuesday, citing Russia and China as increasingly assertive and sophisticated cyber operators.

The sanctions will be used “when the conditions are right and when actions will further U.S. policy,” White House counter terrorism adviser Lisa Monaco said in prepared remarks to a cyber security conference.

Monaco cited an “increasingly diverse and dangerous” global landscape in which Iran has launched denial-of-service attacks on U.S. banks and North Korea has shown it would conduct destructive attacks.

“To put it bluntly, we are in the midst of a revolution of the cyber threat – one that is growing more persistent, more diverse, more frequent and more dangerous every day,” she said.

The United States is working with other countries to adopt voluntary norms of responsible cyber behavior and work to reduce malicious activity, she said. At the same time, it will use an executive order authorizing sanctions against those who attack U.S. critical infrastructure.

Monaco introduced a new directive from President Barack Obama that establishes a “clear framework” to coordinate the government’s response to cyber incidents.

“It will help answer a question heard too often from corporations and citizens alike – ‘In the wake of an attack, who do I call for help?'” she said.

(Reporting by Doina Chiacu; Editing by Jonathan Oatis)

EU eyes Israeli technologies for spotting militants online

By Dan Williams

TEL AVIV (Reuters) – European powers are trying to develop better means for pre-emptively spotting “lone-wolf” militants from their online activities and are looking to Israeli-developed technologies, a senior EU security official said on Tuesday.

Last week’s truck rampage in France and Monday’s axe attack aboard a train in Germany have raised European concern about self-radicalized assailants who have little or no communications with militant groups that could be intercepted by spy agencies.

“How do you capture some signs of someone who has no contact with any organization, is just inspired and started expressing some kind of allegiance? I don’t know. It’s a challenge,” EU Counter-Terrorism Coordinator Gilles de Kerchove told Reuters on the sidelines of a intelligence conference in Tel Aviv.

Internet companies asked to monitor their own platforms’ content for material that might flag militants had begged off, De Kerchove said.

He said they had argued that the information was too massive to sift through and contextualize, unlike pedophile pornography, for which there were automatic detectors.

“So maybe a human’s intervention is needed. So you cannot just let the machine do it,” De Kerchove said. But he said he hoped “we will soon find ways to be much more automated” in sifting through social networks.

“That is why I am here,” he said of his visit to Israel. “We know Israel has developed a lot of capability in cyber.”

ADVANCE WARNING

Beset by Palestinian street attacks, often by young individuals using rudimentary weapons and without links to armed factions, Israeli security agencies that once focused on “meta data”, or information regarding suspects’ communications patterns, have refocused on social media in hope of gaining advance warnings from private posts.

Israeli officials do not disclose how far the technology has come, but private experts say the methods are enough to provide often basic alerts regarding potential attackers, then require follow-up investigation.

“Nine out of 10 times, the terrorist has contacts with others who provide support or inspiration, so meta data still applies,” said Haim Tomer, a former Mossad intelligence division chief turned security consultant.

When it comes to true lone wolves, even a valedictory Facebook message can often be picked up by Israel, he said.

“But in such cases, it would be a low-level ‘green alert’, meaning the person should be looked at further, whereas a ‘red alert’ would warrant instant action. That leaves the security services to decide how to handle matters,” Tomer said.

As De Kerchove was at pains to make clear to the conference, European standards of civil rights, such as privacy, make the introduction of intrusive intelligence-gathering technologies in the public sphere and aggressive police follow-ups difficult.

While Israel’s emergency laws give security services more leeway, its intelligence minister, Yisrael Katz, called for cooperation with Internet providers rather than state crackdowns. He cited, for example, the encryption provided by messaging platform WhatsApp which, he said, could be a new way for militants to communicate and evade detection.

“We will not block these services,” Katz told the conference. “What is needed is an international organization, preferably headed by the United States, where shared (security) concerns need to be defined, characterized.”

(Editing by Jeffrey Heller/Mark Heinrich)

Likely hack of U.S. banking regulator by China covered up: probe

Mouse with Chinese flag projection

By Jason Lange and Dustin Volz

WASHINGTON (Reuters) – The Chinese government likely hacked computers at the Federal Deposit Insurance Corporation in 2010, 2011 and 2013 and employees at the U.S. banking regulator covered up the intrusions, according to a congressional report on Wednesday.

The report cited an internal FDIC investigation as identifying Beijing as the likely perpetrator of the attacks, which the probe said were covered up to protect the job of FDIC Chairman Martin Gruenberg, who was nominated for his post in 2011.

“The committee’s interim report sheds light on the FDIC’s lax cyber security efforts,” said Lamar Smith, a Republican representative from Texas who chairs the House of Representatives Committee on Science, Space and Technology.

“The FDIC’s intent to evade congressional oversight is a serious offense.”

The report was released amid growing concern about the vulnerability of the international banking system to hackers and the latest example of how deeply Washington believes Beijing has penetrated U.S. government computers.

The report did not provide specific evidence that China was behind the hack.

Shane Shook, a cyber security expert who has helped investigate some of the breaches uncovered to date, said he did not see convincing evidence in the report that the Chinese government was behind the FDIC hack.

“As with all government agencies, there are management issues stemming from leadership ignorance of technology oversight,” Shook said.

Speaking in Beijing, Chinese Foreign Ministry spokesman Lu Kang repeated that China opposed hacking and acted against it.

People should provide evidence for their accusations and not wave around speculative words like “maybe” and “perhaps”, he told reporters.

“This is extremely irresponsible.”

The FDIC, a major U.S. banking regulator which keeps confidential data on America’s biggest banks, declined to comment. Gruenberg is scheduled to testify on Thursday before the committee on the regulator’s cyber security practices.

Washington has accused China of hacking computers at a range of federal agencies in recent years, including the theft of more than 21 million background check records from the federal Office of Personnel Management beginning in 2014.

WATCHDOG MEMO

The compromise of the FDIC computers by a foreign government had been previously reported in May and some lawmakers had mentioned China as a possible suspect, but the report on Wednesday for the first time cited a 2013 memo by the FDIC’s inspector general, an internal watchdog, as pointing toward China.

“Even the former Chairwoman’s computer had been hacked by a foreign government, likely the Chinese,” the congressional report said, referring to Gruenberg’s predecessor, Sheila Bair, who headed the FDIC from 2006 until 2011 when Gruenberg took over as acting chairman.

Bair could not be immediately reached for comment.

A redacted copy of the 2013 FDIC inspector general’s memo seen by Reuters said investigators were unable to determine exactly which files had been extracted from agency computers.

But a source familiar with the FDIC’s internal investigation said the areas of the regulator’s network that were hacked suggested the intruders were seeking “economic intelligence.”

In all, hackers compromised 12 FDIC workstations, including those of other executives such as the regulator’s former chief of staff and former general counsel, and 10 servers, the congressional report said.

It accused the FDIC of trying to cover up the hacks so as not to endanger the congressional approval of Gruenberg, who was nominated by President Barack Obama and confirmed by the U.S. Senate in November 2012.

A witness interviewed by congressional staff said the FDIC’s current head of its technology division, Russ Pittman, instructed employees not to disclose information about the foreign government’s hack, the report said.

The witness said the hush order was to “avoid effecting the outcome of Chairman Gruenberg’s confirmation,” according to the report. Pittman could not immediately be contacted for comment.

The report also provided details of data breaches in which FDIC employees leaving the regulator took sensitive documents with them. It said current FDIC officials have purposely concealed information about breaches that had been requested by Congress.

U.S. intelligence officials believe Beijing has decreased its hacking activity since signing a pledge with Washington last September to refrain from breaking into computer systems for the purposes of commercial espionage.

At the same time, Obama has acknowledged difficulties in keeping government information secure. In addition, Republican opponents have said that Democratic presidential candidate Hillary Clinton’s use of a private email server when she was secretary of state could have exposed classified information to foreign governments.

(Reporting by Jason Lange and Dustin Volz; Additional reporting by Jim Finkle in Boston, and Ben Blanchard in BEIJING; Editing by Grant McCool)

NASA’s Juno spacecraft loops into orbit around Jupiter

Jupiter

By Irene Klotz

CAPE CANAVERAL, Fla. (Reuters) – NASA’s Juno spacecraft capped a five-year journey to Jupiter late Monday with a do-or-die engine burn to sling itself into orbit, setting the stage for a 20-month dance around the biggest planet in the solar system to learn how and where it formed.

“We’re there. We’re in orbit. We conquered Jupiter,” lead mission scientist Scott Bolton, with the Southwest Research Institute in San Antonio, told reporters on Tuesday. “Now the fun begins.”

Juno will spend the next three months getting into position to begin studying what lies beneath Jupiter’s thick clouds and mapping the planet’s gargantuan magnetic fields.

Flying in egg-shaped orbits, each one lasting 14 days, Juno also will look for evidence that Jupiter has a dense inner core and measure how much water is in the atmosphere, a key yardstick for figuring out how far away from the sun the gas giant formed.

Jupiter’s origins, in turn, affected the development and position of the rest of the planets, including Earth and its fortuitous location conducive to the evolution of life.

“The question I’ve had my whole life that I’m hoping we get an answer to is ‘How’d we get here?’ That’s really pretty fundamental to me,” Bolton said.

Jupiter orbits five times farther from the sun than Earth, but it may have started out elsewhere and migrated, jostling its smaller sibling planets as it moved.

Jupiter’s immense gravity also diverts many asteroids and comets from potentially catastrophic collisions with Earth and the rest of the inner solar system.

Launched from Florida nearly five years ago, Juno needed to be precisely positioned, ignite its main engine at exactly the right time and keep it firing for 35 minutes to become only the second spacecraft to orbit Jupiter.

If anything had gone even slightly awry, Juno would have sailed helplessly past Jupiter, unable to complete a $1 billion mission.

The risky maneuver began as planned at 11:18 p.m. EDT as Juno soared through the vacuum of space at more than 160,000 mph (257,500 kph).

NASA expects Juno to be in position for its first close-up images of Jupiter on Aug. 27, the same day its science instruments are turned on for a test run.

Only one other spacecraft, Galileo, has ever circled Jupiter, which is itself orbited by 67 known moons. Bolton said Juno is likely to discover even more.

Seven other U.S. space probes have sailed past the gas giant on brief reconnaissance missions before heading elsewhere in the solar system.

The risks to the spacecraft are not over. Juno will fly in highly elliptical orbits that will pass within 3,000 miles (4,800 km) of the tops of Jupiter’s clouds and inside the planet’s powerful radiation belts.

Juno’s computers and sensitive science instruments are housed in a 400-pound (180-kg) titanium vault for protection. But during its 37 orbits around Jupiter, Juno will be exposed to the equivalent of 100 million dental X-rays, said Bill McAlpine, radiation control manager for the mission.

The spacecraft, built by Lockheed Martin, is expected to last for 20 months. On its final orbit, Juno will dive into Jupiter’s atmosphere, where it will be crushed and vaporized.

Like Galileo, which circled Jupiter for eight years before crashing into the planet in 2003, Juno’s demise is designed to prevent any hitchhiking microbes from Earth from inadvertently contaminating Jupiter’s ocean-bearing moon Europa, a target of future study for extraterrestrial life.

(Editing by Kim Coghill and Andrew Heavens)

Human flights to Mars still at least 15 years off: ESA head

Monitors in the ESOC

By Maria Sheahan and Ashutosh Pandey

DARMSTADT, Germany (Reuters) – Dreaming of a trip to Mars? You’ll have to wait at least 15 years for the technology to be developed, the head of the European Space Agency (ESA) said, putting doubt on claims that the journey could happen sooner.

“If there was enough money then we could possibly do it earlier but there is not as much now as the Apollo program had,” ESA Director-General Jan Woerner said, referring to the U.S. project which landed the first people on the moon.

Woerner says a permanent human settlement on the moon, where 3D printers could be used to turn moon rock into essential items needed for the two-year trip to Mars, would be a major step toward the red planet.

U.S. space agency NASA hopes to send astronauts to Mars in the mid-2030s and businessman Elon Musk, head of electric car maker Tesla Motors, says he plans to put unmanned spacecraft on Mars from as early as 2018 and have humans there by 2030.

The ESA’s Woerner said it would take longer.

A spacecraft sent to Mars would need rockets and fuel powerful enough to lift back off for the return trip and the humans would need protection from unprecedented physical and mental challenges as well as deep-space radiation.

Woerner would like to see a cluster of research laboratories on the moon, at what he calls a “moon village”, to replace the International Space Station when its lifetime ends and to test technologies needed to make the trip to Mars.

That could be funded and operated by a collection of private and public bodies from around the world, he said in an interview at the ESA’s Operations Centre.

“There are various companies and public agencies asking to join the club now, so they want to do different things, resource mining, in situ research, tourism and that kind of stuff. There is a big community interested,” he told Reuters.

“The moon village is a pit stop on the way to Mars,” Woerner said, adding that new 3D printing technology could be used to build material and structures out of rocks and dust, doing away with the cost of transporting everything needed for a mission.

“To test how to use lunar material to build some structures, not only houses, but also for a telescope or whatever, will teach us also how to do it on Mars,” he said.

The ESA, working with Russia, in March sent a spacecraft on a seven-month journey as part of the agency’s ExoMars mission, which will use an atmospheric probe to sniff out signs of life on Mars and deploy a lander to test technologies needed for a rover scheduled to follow in 2020.

Woerner said Europe was looking at ways to lower the cost of launches but did not plan to copy Elon Musk’s SpaceX, which is trying to develop relatively cheap, reusable launch vehicles.

“We should not copy. To follow and copy does not bring you into the lead. We are looking for totally different approaches,” Woerner said, adding the ESA was examining all manner of new technologies, including air-breathing engines that do not need to tap into oxygen from a spacecraft’s tank.

(Additional reporting by Reuters TV; Editing by Robin Pomeroy)

Keyboard warriors: South Korea trains new frontline in decades-old war with North

Student training to be hacker

By Ju-min Park

SEOUL (Reuters) – In one college major at Seoul’s elite Korea University, the courses are known only by number, and students keep their identities a secret from outsiders.

The Cyber Defense curriculum, funded by the defense ministry, trains young keyboard warriors who get a free education in exchange for a seven-year commitment as officers in the army’s cyber warfare unit – and its ongoing conflict with North Korea.

North and South Korea remain in a technical state of war since the 1950-53 Korean War ended in an armed truce. Besides Pyongyang’s nuclear and rocket program, South Korea says the North has a strong cyber army which it has blamed for a series of attacks in the past three years.

The cyber defense program at the university in Seoul was founded in 2011, with the first students enrolled the following year.

One 21-year-old student, who allowed himself to be identified only by his surname Noh, said he had long been interested in computing and cyber security and was urged by his father to join the program. All South Korean males are required to serve in the military, usually for up to two years.

“It’s not a time burden but part of a process to build my career,” Noh said.

“Becoming a cyber warrior means devoting myself to serve my country,” he said in a war room packed with computers and wall-mounted flat screens at the school’s science library.

South Korea, a key U.S. ally, is one of the world’s most technologically advanced countries.

That makes its networks that control everything from electrical power grids to the banking system vulnerable against an enemy that has relatively primitive infrastructure and thus few targets against which the South can retaliate.

“In relative terms, it looks unfavorable because our country has more places to defend, while North Korea barely uses or provides internet,” said Noh.

Last year, South Korea estimated that the North’s “cyber army” had doubled in size over two years to 6,000 troops, and the South has been scrambling to ramp up its capability to meet what it considers to be a rising threat.

The United States and South Korea announced efforts to strengthen cooperation on cyber security, including “deepening military-to-military cyber cooperation,” the White House said during President Park Geun-hye’s visit to Washington in October.

In addition to the course at Korea University, the national police has been expanding its cyber defense capabilities, while the Ministry of Science, ICT and Future Planning started a one-year program in 2012 to train so-called “white hat” – or ethical – computer hackers.

NORTH’S CYBER OFFENSIVES

Still, the North appears to have notched up successes in the cyber war against both the South and the United States.

Last week, South Korean police said the North hacked into more than 140,000 computers at 160 South Korean companies and government agencies, planting malicious code under a long-term plan laying groundwork for a massive cyber attack against its rival.

In 2013, Seoul blamed the North for a cyber attack on banks and broadcasters that froze computer systems for over a week.

North Korea denied responsibility.

The U.S. Federal Bureau of Investigation has blamed Pyongyang for a 2014 cyber attack on Sony Pictures’ network as the company prepared to release “The Interview,” a comedy about a fictional plot to assassinate North Korean leader Kim Jong Un. The attack was followed by online leaks of unreleased movies and emails that caused embarrassment to executives and Hollywood personalities.

North Korea described the accusation as “groundless slander.”

South Korea’s university cyber defense program selects a maximum of 30 students each year, almost all of them men. On top of free tuition, the school provides 500,000 won ($427) per month support for each student for living expenses, according to Korea University Professor Jeong Ik-rae.

The course trains pupils in disciplines including hacking, mathematics, law and cryptography, with students staging mock hacking attacks or playing defense, using simulation programs donated by security firms, he said.

The admission to the selective program entails three days of interviews including physical examinations, attended by military officials along with the school’s professors, he said.

While North Korea’s cyber army outnumbers the South’s roughly 500-strong force, Jeong said a small group of talented and well-trained cadets can be groomed to beat the enemy.

Jeong, an information security expert who has taught in the cyber defense curriculum since 2012, said the school benchmarks itself on Israel’s elite Talpiot program, which trains gifted students in areas like technology and applied sciences as well as combat. After graduating, they focus on areas like cybersecurity and missile defense.

“It’s very important to have skills to respond when attacks happen – not only to defend,” Jeong said.

(Editing by Tony Munroe and Raju Gopalakrishnan)

Wall Street rises more than one percent as bank, tech stocks jump

Traders work on the floor of the New York Stock Exchange (NYSE) in New York City, U.S.

By Tanya Agrawal

(Reuters) – U.S. stocks rose to their highest in the last seven sessions on Tuesday, helped by gains in technology and financial stocks.

The S&amp;P financial sector got a big boost from a rise in banking stocks as investors speculated on the possibility of a June interest rate hike.

Bank of America, JPMorgan, and Citigroup,were all up more than 1.5 percent each.

Minutes of the Federal Reserve’s April meeting suggested a June rate hike had not been ruled out, surprising investors who had thought the Fed would stand pat until the end of the year.

“I think investors are becoming more comfortable with an early rate hike because even if the Fed does raise rates in June, it will remain extremely accommodative,” said Art Hogan, chief market strategist at Wunderlich Securities in New York.

“I think the Fed wants to recalibrate the market’s expectations regarding a hike.”

Several Fed officials struck hawkish tones in separate speeches on Monday, calling for two-three rate hikes in 2016 if supported by economic data.

Fed Chair Janet Yellen speaks on Friday.

Traders are now pricing in a 39 percent chance of a June hike, up from 4 percent last week, as inflation creeps toward the Fed’s 2 percent target rate and the labor market strengthens.

Data on Tuesday showed new U.S. single-family home sales surged to a more than eight-year high in April and prices hit a record high, offering further evidence of a pick-up in economic growth.

The Philadelphia Housing Index climbed to a one-month high after the data.

At 11:07 a.m. ET (1507 GMT) the Dow Jones industrial average was up 209.97 points, or 1.2 percent, at 17,702.9,  was up 26.04 points, or 1.27 percent, at 2,074.08 and the Nasdaq Composite was up 79.28 points, or 1.66 percent, at 4,845.06.

The S&amp;P rose above its 50-day moving average for the first time in four days. The index has not closed above the closely watched metric in almost two weeks.

The gains were broad-based, with all 10 S&amp;P sectors in the black. The technology index’s 1.65 percent rise led the advance.

Oil reversed early losses to turn positive, as investors awaited crude oil inventory data from the United States that was expected to show a shrinking supply overhang. [O/R]

Toll Brothers shares were up 5.4 percent at $28.55 as the company’s quarterly revenue beat expectations.

Twitter fell as much as 4.8 percent to a record low at $13.72 after brokerage MoffetNathanson downgraded the company’s stock to “sell” from “neutral”.

Advancing issues outnumbered decliners on the NYSE by 2,351 to 549. On the Nasdaq, 2,090 issues rose and 515 fell.

The S&amp;P 500 index showed 25 new 52-week highs and one new low, while the Nasdaq recorded 66 new highs and 18 new lows.

(Reporting by Tanya Agrawal; Editing by Anil D’Silva)

China tech workers sleep on the job – with the boss’s blessing

he Wider Image: Working, eating and sleeping at the office

BEIJING (Reuters) – Dai Xiang has slept his way to the top.

The 40-year-old Beijinger got his start as an engineer, pulling 72-hour shifts at a machinery company while catching naps on the floor.

After a switch to the tech industry and around 15 years of catching naps on desks and other flat surfaces, Dai co-founded his own cloud computing firm, BaishanCloud, last year.

One of his first orders of business – installing 12 bunk beds in a secluded corner of the office.

“For technology, it’s more of a brain activity. Workers need time to find inspiration,” Dai said. “Our rest area isn’t just for sleeping at night, the midday is also OK.”

Office workers sleeping on the job has long been a common sight in China, where inefficiency and a surplus of cheap labor can give workers plenty of downtime in many industries.

But China’s technology sector is different. Business is booming faster than many start-up firms can hire new staff, forcing workers to burn the midnight oil to meet deadlines.

“The pace of Chinese internet company growth is extremely fast. I’ve been to the U.S. and the competitive environment there isn’t as intense as in China,” said Cui Meng, general manager and co-founder of start-up data company Goopal.

The company’s programmers, in particular, work overtime every day, he said. To get them through, they are allowed to sleep around lunchtime and after 9 p.m., either facedown at their desk or by commandeering the sofa or a beanbag chair.

LIVING AT THE OFFICE

At its most extreme, some tech company employees even live at the office during the work week.

Liu Zhanyu at DouMiYouPin, a recruitment and human resources platform, bunks down in a converted conference room Monday-to-Friday to avoid the daily commute of more than an hour to his home in Beijing’s far eastern suburbs.

The head of the “large clients” department usually retires to the room shared with one or two others between midnight and 3 a.m.

“We have to get up at 8:30 a.m. because all our co-workers come to work at 9:30 and we wash in the same bathroom everyone uses,” said Liu.

While workers across companies said the potential pay-off of working at a start-up was worth the long hours, they aren’t without a social cost.

“My kid misses me, I get home and he lunges at me like a small wolf,” Liu said, speaking about his three-year-old son who he only sees on weekends. “That makes me feel a bit guilty.”

Programmer Xiang Shiyang, 28, works until 3 or 4 a.m. at least twice a week at Renren Credit Management, which uses big data to help firms manage financial risk, leaving little room to socialize outside of work.

“I don’t have that many opportunities or much time to find a girlfriend,” he said.

The company provides cots for workers like Xiang to sleep on during late nights.

“Actually working overtime is a very casual thing,” he said. “Because I’ve invested the whole of my being into this company.”

(Writing by Jake Spring; Editing by Alex Richardson)

FBI paid more than $1.3 million to break into San Bernardino iPhone

Apple Logo

By Julia Edwards

WASHINGTON (Reuters) – Federal Bureau of Investigation Director James Comey said on Thursday the agency paid more to get into the iPhone of one of the San Bernardino shooters than he will make in the remaining seven years and four months he has in his job.

According to figures from the FBI and the U.S. Office of Management and Budget, Comey’s annual salary as of January 2015 was $183,300. Without a raise or bonus, Comey will make $1.34 million over the remainder of his job.

That suggests the FBI paid the largest ever publicized fee for a hacking job, easily surpassing the $1 million paid by U.S. information security company Zerodium to break into phones.

Speaking at the Aspen Security Forum in London, Comey was asked by a moderator how much the FBI paid for the software that eventually broke into the iPhone.

“A lot. More than I will make in the remainder of this job, which is seven years and four months for sure,” Comey said. “But it was, in my view, worth it.”

The Justice Department said in March it had unlocked the San Bernardino shooter’s iPhone with the help of an unidentified third party and dropped its case against Apple Inc <AAPL.O>, ending a high-stakes legal clash but leaving the broader fight over encryption unresolved.

Comey said the FBI will be able to use software used on the San Bernardino phone on other 5C iPhones running IOS 9 software.

There are about 16 million 5C iPhones in use in the United States, according to estimates from research firm IHS Technology. Eighty-four percent of iOS devices overall are running iOS 9 software, according to Apple.

The FBI gained access to the iPhone used by Rizwan Farook, one of the shooters who killed 14 people in San Bernardino, California on Dec. 2.

The case raised the debate over whether technology companies’ encryption technologies protect privacy or endanger the public by blocking law enforcement access to information.

(Reporting by Julia Edwards in Washington; additional reporting by Julia Love in San Francisco; Editing by Simon Cameron-Moore)