Welcome to the Net Muslims Forums.
Page 1 of 3 123 LastLast
Results 1 to 20 of 49
  1. #1
    Member Array
    Join Date
    Jan 2007
    Location
    USA
    Posts
    10,604

    Default Spying Awareness



    Video:
    http://www.youtube.com/watch?v=-bJwf...layer_embedded



    The video mentions having a password on to protect your cam. Even better is to unplug it when not using and if possible, buy one of those cams with a lid to close the lens.

    Like this one...

    http://img146.imageshack.us/img146/7686/webcam2.jpg




    Last edited by islamirama; Oct-22-2011 at 08:34 AM.

  2. #2
    Administrator Array
    Join Date
    Dec 1999
    Location
    21° 30' N, 39° 10' E
    Posts
    4,554

    Default

    going to Google and typing:

    inurl:/view/index.shtml

    will give you access to 143,000 AXIS IP video surveillance cameras

  3. #3
    Member Array
    Join Date
    Jan 2007
    Location
    USA
    Posts
    10,604

    Default Keyloggers

    Hardware Keyloggers

    These are small inline devices placed between the keyboard and the computer. Because of their size they can often go undetected for long periods of time — however, they of course require physical access to the machine. These hardware devices have the power to capture hundreds of keystrokes including banking and email username and passwords.




    Hardware Keylogger : Keyshark



  4. #4
    Member Array
    Join Date
    Jan 2007
    Location
    USA
    Posts
    10,604

    Default




    USB/PS/2 Hardware Keylogger





    PS/2 hardware keylogger released! The most advanced PS/2 hardware keylogger available on the market. This keystroke recorder comes in a standard version - 4MB memory capacity, 2,000,000 keystrokes (over 1,000 pages of text), and a Venom version 2 billion keystrokes (over 1 million pages of text), organized into an advanced flash FAT file system.

    This hardware keylogger features a text menu with loads of options for analyzing recorded data. Additionally, the USB Download Accelerator is included for super-fast retrieving of logged data. The keystroke logger is completely transparent to computer operation, no software or drivers are required. Supports national keyboard layouts.

    Features
    * Huge memory capacity, organized as an advanced flash FAT file system
    * Advanced text menu for viewing recorded data
    * Invisible to computer operation, undetectable for security scanners
    * No software or drivers required, Windows & Linux compatible

    Applications

    * Observe WWW, E-mail & chat usage
    * Save a copy of typed text





  5. #5
    Member Array
    Join Date
    Jan 2007
    Location
    USA
    Posts
    10,604

    Default

    KeyKatcher



    As soon as the KEYKatcher keylogger is properly plugged in, it is ready to start recording. When you are ready to view the keystrokes your KEYKatcher keylogger has recorded, simply open up any word processor or text editor that you already have on your computer, and type in your KEYKatcher password (the default password is 'keykatch'). When the KEYKatcher keylogger receives the password it will automatically display a menu from which you can choose to perform various actions, such as, view memory (to see what's been typed) or change password (so you can personalize your password).




  6. #6
    Member Array
    Join Date
    Jan 2007
    Location
    USA
    Posts
    10,604

    Default

    How to avoid Keyloggers by scramble Keystrokes on Public computers ?

    First things first! Always try to avoid accessing your online accounts from public computers (cyber cafes…etc). With all the keyloggers that may be stuffed in public computers, they pose a serious security risk to users. Keyloggers mean not just trojans, but commercial keyloggers as well.

    What are keyloggers ?


    Key Loggers are software or hardware tools to that captures the user’s keystrokes from keyboard. It can be useful to determine sources of error in computer systems and is sometimes used to measure employee productivity on certain clerical tasks. However, keyloggers are widely available on the Internet and can be used by private parties to spy on the computer usage of others hence stealing users private data.

    Aim of this post on keyloggers

    Our aim here is to confuse the keylogger by making it log some gibberish instead of our valid password. Off course, this is not completely foolproof though. Nothing is foolproof on the net. We only have to make it harder for the hacker.(Note: These are tips I personally follow. If you have better ones, let everyone know by commenting here.)

    Types of Key Loggers

    We’ll be dealing with two types of keyloggers; software and hardware keyloggers.

    1.Software keyloggers on the other hand are much more complex and hence difficult to deal with. Most of them record keystrokes, mouse events, clipboard activity..etc. So our best bet is to scramble the keystokes smartly.

    2.Hardware keyloggers are much easier to detect. They are mostly attached between the keyboard and the CPU. A manual inspection should be enough in most cases.

    How to confuse and avoid the software keyloggers ?

    Let’s say we have to enter a password ‘jazz’.

    1.Click the password box, type any random key. Select the entered random key with the mouse and type j. So we entered the first letter of the password.

    2.Click the password box, type a random key. Again click and type a random key. Select the last two letters with your mouse and type the next valid key of your password.

    In this case we managed to enter 2 unwanted characters as against one in the first step.

    Continue in a similar way to finish typing the password. You can choose any number of random characters between your password.

    So the keylogger will log something like:
    [click]b[click]j[click]g[click]m[click]a[click]v[click] z[click]t[click]c[click]z
    Note how we used unwanted mouse clicks so that a mouse click is recorded before the random letters also. You can also experiment entering the password in the reverse order, infact any order.

    This method can be used for entering the username too, since most banks have account numbers as username. If you are suffering from some keylogger phobia, use this technique while typing the url too.
    Another way is utilizing the browser’s search bar or address bar to camouflage the password.

    For eg. Click the password box and type a letter of the password. Now click the browser’s address bar or search bar and type some unwanted letters. Alternate between the password box and address/search bar till you finish. The result will be the same as the former method.

    How to find the hardware keyloggers ?

    Hardware key loggers are easy to find. They are devices which is attached in between keyboard and cpu junction. If you are really suspicious about them just check the back side of cpu and find if something is fishy. The images will give you a better idea.



    Feeling secure? Well, this sort of stuff may not work against the really smart keyloggers. Yeah, the one’s that also take a screenshot when a keystroke or mouse event is detected.

    There’s is a solution for that too, but it is cumbersome. Take a Live CD of any of the Linux distributions. Insert and use ( and hope Linux will detect the hardware so you can start surfing; I have read Ubuntu Linux is good.). Even if you can successfully access from the Live CD, don’t forget to use the above tips to workaround the hardware keylogger.

    Again as I mentioned in the beginning, always try to avoid dealing with confidential data from Public Computers.


  7. #7
    Member Array
    Join Date
    Jan 2007
    Location
    USA
    Posts
    10,604

    Default

    Yahoo 'Web Beacons' Spy On And Track Yahoo Users!

    If you belong to ANY Yahoo Groups - be aware that Yahoo is now using "Web Beacons" to track every Yahoo Group user. It's similar to cookies, but allows Yahoo to record every website and every group you visit, even when you are not connected to Yahoo.

    Sign in to your yahoo and take a look at their updated privacy statement at: http://privacy.yahoo.com/privacy/us/...s/details.html

    or this link: http://info.yahoo.com/privacy/us/yah...g/details.html

    About half-way down the page, on the left-side, is a box entitled "Opt-Out".

    In that section, click on the "opt-out of interest-matched advertising" link that will let you "opt-out" of their new method of snooping. Click the link and then click the "opt-out" button on the next page. Once you have clicked that link, you are exempted. Be careful because once you have clicked "opt-out", there will appear an "opt-in" button that, if clicked, will undo the opt-out. So don't reflexively click that button, or you will undo the opt-out!

    Note that Yahoo's invasion of your privacy - and your ability to opt-out of it - is not user-specific. It is MACHINE specific. That means you will have to opt-out on every computer (and browser) you use.


  8. #8
    Member Array
    Join Date
    Jan 2007
    Location
    USA
    Posts
    10,604

    Default

    Google Buzz invading your privacy


    Google Buzz is a social networking and messaging tool from Google that is integrated into the company's web-scriiptd email program, Gmail. Users can share links, photos, videos, status messages and comments organized in "conversations" and visible in the user's inbox.

    Buzz enables users to choose to share publicly with the world or privately to a group of friends each time they post. Picasa, Flickr, Google Reader, YouTube, Blogger, FriendFeed, identi.ca and Twitter are currently integrated. The creation of Buzz was seen by industry analysts as an attempt by Google to compete with social networking websites like Facebook and microblogging services like Twitter.

    Some of Google Buzz's features have been noted to have privacy concerns similar to those of Facebook. One feature in particular has been widely criticized as a severe privacy flaw: by default Google Buzz publicly discloses (on the user's Google profile) a list of the names of Gmail contacts that the user has most frequently emailed or chatted with. Users who fail to disable this feature (or do not realize that they have to) may have sensitive infoormation about themselves and their contacts revealed.

    Google Profiles existed before Buzz and could be set by the user to be indexed or not. After Buzz was released, the last name field was required to be nonempty, and profiles set not to be indexed became indexed for a profile search. These changes to the way that Google Buzz operates have, however, been criticized as inadequate and the company has been criticized for failing to take its users' privacy concerns seriously. Among other problems, users who have never created a Google profile have no way to make their list of contacts or other infoormation private, which resulted in a high-profile case involving infoormation about a woman's current workplace and partner being shared with her abusive ex-husband.

    Concerns have also been raised that because the mobile version of Google Buzz by default publishes the user's exact location when they post a message to the service, users may unintentionally reveal sensitive locations.

    On February 16, a student at Harvard Law School filed a class action lawsuit against Google, alleging that Buzz violated several federal laws meant to protect privacy. On the same day, the Electronic Privacy Infoormation Center filed a complaaint with the Federal Trade Commission alleging that Google Buzz "violated user expectations, diminished user privacy, contradicted Google's privacy policy, and may have violated federal wiretap laws."

    Also on February 16 the Electronic Frontier Foundation wrote "These problems arose because Google attempted to overcome its market disadvantage in competing with Twitter and Facebook by making a secondary use of your infoormation. Google leveraged infoormation gathered in a popular service (Gmail) with a new service (Buzz), and set a default to sharing your email contacts to maximize uptake of the service. In the process, the privacy of Google users was overlooked and ultimately compromised.

    Summary of the settlement, and more detailed infoormation and instructions approved by the court, including instructions about how to opt out, object, or comment, are available at http://www.BuzzClassAction.com.


    Getting Rid of Google Buzz


    If you, too, are ready to swat Buzz away, here's how: Surf over to Gmail and sign into your account. Scroll down to the bottom of the main inbox screen and look for the link that says "Turn Off Buzz" -- it's at the very bottom of the page, just above the copyright notice.

    Disabling Google BuzzThanks to Google's most recent set of changes, that link now leads you to an expanded menu of Buzz-specific settings (here's exactly what it looks like). You'll find options to control whether your Buzz "following lists" are displayed on your Google Profile page, to remove Buzz-related content from your Gmail page, and -- if you're ready to fully pull the plug -- to disable Buzz altogether.

    The Buzz-busting option deletes anything and everything Buzz-related from your Google account: your public profile, your connections, and any posts you may have shared. You'll retain the option to re-enable it in the future -- a small "Turn On Buzz" link will appear at the bottom of your Gmail inbox screen -- but all other signs of Buzz will be banished, one might say, to infinity and beyond.


  9. #9
    Member Array
    Join Date
    Jan 2007
    Location
    USA
    Posts
    10,604

    Default GPS in Cameras and Phones Spies on You

    Police use Apple iOS tracking data for investigations

    By: Andrew Couts - April 22, 2011


    It remains unknown why Apple is recording and storing iPhone and iPad user location data — but the police seem to be using it to solve crimes.

    This week, security researchers revealed that Apple’s iOS 4 mobile operating system, which runs on the highly popular iPhone and iPad devices, constantly tracks and stores users’ approximate location information without their knowledge or consent. It has now been learned that law enforcement agencies have known about the secret iOS tracking for at least the last year, and have used the data to aid criminal investigations, according to CNet.

    The information recorded by Apple is not actually users’ exact location; instead, the company tracks which cell tower each iOS device uses to connect to a wireless network.

    Apple has never publicized any information about the tracking function. And the closest it’s ever come to acknowledging the geolocation monitoring function was during questioning from Congress last July about its privacy policy and location-based services. In a letter (PDF) to Congressman Edward Markey (D-MA) and Rep. Joe Barton (R-TX), Apple said that it “intermittently” collected “cell tower and Wi-Fi access point information,” which is “transmitted to Apple” every 12 hours.

    According to a company called Katana Forensics, however, the unencrypted data is also used by law enforcement for their own purposes.

    “The information on the phone is useful in a forensics context,” said Alex Levinson of Katana, who spoke with CNet. The company’s iOS data extracting software, Lantern 2, is often used by “small-town local police all the way up to state and federal police, different agencies in the government that have forensics units.”

    While the collection of cell phone data by law enforcement remains a controversial topic, the practice has so far been upheld as constitutional by the courts.

    Apple’s iOS isn’t the only mobile OS that collects user location information. Devices running Google’s market-leading Android OS also “keep a record of the locations and unique IDs of the last 50 mobile masts that it has communicated with, and the last 200 Wi-Fi networks that it has ‘seen,’” according to the Guardian.

    Location-based services have become a burgeoning industry that is currently worth $2.9 billion, and everyone seems to be getting in on the action. So, apparently, if you want to keep Apple, Google or the fuzz off your back, it might be best to go with a landline.

    There may be a glimmer of hope for the little man in this, however. Once again, Rep. Edward Markey has come to the rescue, asking Apple CEO Steve Jobs in a letter sent this week to explain his company’s privacy-encroaching ways.

    “I am concerned about this report and the consequences of this feature for individuals’ privacy,” Rep. Markey wrote in the letter, followed by a series of questions about the location data file and why, exactly, it exists.


  10. #10
    Member Array
    Join Date
    Jan 2007
    Location
    USA
    Posts
    10,604

    Default

    GPS in Cameras and Phones Spies on You

    Geotagging
    - gives exact location of where the picture was taken. Any camera or phone with gps option records data (metadata) of where the picture was taken and anyone who views the picture can know the exact location.

    Video - http://abclocal.go.com/wabc/video?id=7621105


    http://icanstalku.com - a website that tells you which pictures on twitter has geotagging.

    http://icanstalku.com/how.php - Shows you how you can disable geotagging.


  11. #11
    Administrator Array
    Join Date
    Dec 1999
    Location
    21° 30' N, 39° 10' E
    Posts
    4,554

    Default

    I was shocked when I was checking out my photos and it shows EXACTLY where I took each photo, even for photos that I took in countries where I didn't have cellular service.

  12. #12
    Member Array
    Join Date
    Jan 2007
    Location
    USA
    Posts
    10,604

    Default

    Well now you know it's there and you can delete it

  13. #13
    Member Array
    Join Date
    Jan 2007
    Location
    USA
    Posts
    10,604

    Default

    Adobe to Fix Flash Flaw That Allows Webcam Spying

    By Lucian Constantin - Oct 20, 2011


    Adobe is working on a fix for a Flash Player vulnerability that can be exploited via clickjacking techniques to turn on people's webcams or microphones without their knowledge.

    The issue was discovered by a Stanford University computer science student named Feross Aboukhadijeh who based his proof-of-concept exploit on a similar one disclosed back in 2008 by an anonymous researcher.

    Technically known as user interface (UI) redressing, clickjacking is a type of attack that combines legitimate Web programming features, like CSS opacity and positioning, with social engineering to trick users into initiating unwanted actions.

    For example, clickjacking techniques have been used to trick Facebook users into liking rogue pages or posting spam on their walls by making Like and Share buttons transparent and superimposing them over legitimate-looking ones.

    The 2008 webcam spying attack involved loading the Adobe Flash Player Settings Manager, which is actually a page hosted on Adobe's website, in an invisible iframe and tricking users into enabling webcam and microphone access through it.

    The lure used by the exploit was a JavaScript game that required users to click various innocent-looking buttons on the screen. Some of the clicks were part of the game, while others were redirected to the invisible iframe.

    Adobe responded at the time by inserting code into the Flash Player Settings Manager page that prevents it from being iframed. However, Aboukhadijeh realized that the settings manager is actually an SWF (Shockwave Flash) file and that loading it directly into an iframe, instead of the entire page, would bypass Adobe's frame-busting code.

    In essence this is the same 2008 vulnerability exploited through a slightly different attack vector. "I was really surprised to find out that this actually works," Aboukhadijeh said.

    He said that he emailed Adobe about the problem a few weeks ago, but got no response. However, the company contacted him after the public disclosure to inform him that they are working on a fix which will be deployed on their end and won't require users to update their Flash Player installations.

    Using an SWF file hosted on Adobe's servers to modify Flash Player settings instead of a local interface is something that has generated problems before. For example, privacy advocates have complained in the past that this makes clearing Local Shared Objects (LSOs), commonly known as Flash cookies, difficult and confusing.



    comment:


    There are many ways to turn on someone's webcam and microphone without you knowing. The government agencies can do it easily, anytime they want. This is why it is so important to unplug your microphone and webcam when not using them. If the webcam is built into the monitor or the laptop then keep it covered and only uncover when using it.

  14. #14
    Member Array
    Join Date
    Jan 2007
    Location
    USA
    Posts
    10,604

    Default

    BUSTED! Secret app on millions of phones logs key taps

    Researcher says seeing is believing

    By Dan Goodin - 30th November 2011



    An Android app developer has published what he says is conclusive proof that millions of smartphones are secretly monitoring the key presses, geographic locations, and received messages of its users.

    In a YouTube video posted on Monday, Trevor Eckhart showed how software from a Silicon Valley company known as Carrier IQ recorded in real time the keys he pressed into a stock EVO handset, which he had reset to factory settings just prior to the demonstration. Using a packet sniffer Android debug options while his device was in airplane mode, he demonstrated how each numeric tap and every received text message is logged by the software.

    Ironically, he says, the Carrier IQ software recorded the “hello world” dispatch even before it was displayed on his handset.

    Eckhart then connected the device to a Wi-Fi network and pointed his browser at Google. Even though he denied the search giant's request that he share his physical location, the Carrier IQ software recorded it. The secret app then recorded the precise input of his search query – again, “hello world” – even though he typed it into a page that uses the SSL, or secure sockets layer, protocol to encrypt data sent between the device and the servers.

    “We can see that Carrier IQ is querying these strings over my wireless network [with] no 3G connectivity and it is reading HTTPS,” the 25-year-old Eckhart says.

    The video was posted four days after Carrier IQ withdrew legal threats against Eckhart for calling its software a “rootkit.” The Connecticut-based programmer said the characterization is accurate because the software is designed to obscure its presence by bypassing typical operating-system functions.

    In an interview last week, Carrier IQ VP of Marketing Andrew Coward rejected claims the software posed a privacy threat because it never captured key presses.

    “Our technology is not real time,” he said at the time. "It's not constantly reporting back. It's gathering information up and is usually transmitted in small doses.”

    Coward went on to say that Carrier IQ was a diagnostic tool designed to give network carriers and device manufacturers detailed information about the causes of dropped calls and other performance issues.

    Eckhart said he chose the HTC phone purely for demonstration purposes. Blackberrys, other Android-powered handsets, and smartphones from Nokia contain the same snooping software, he claims.

    The 17-minute video concluded with questions, including: “Why does SMSNotify get called and show to be dispatching text messages to [Carrier IQ]?” and “Why is my browser data being read, especially HTTPS on my Wi-Fi?”

    The Register has put the same questions to Carrier IQ, and will update this post if the company responds. ®

    Update

    More than 19 hours after this post was first published, Carrier IQ representatives have yet to respond to a request for comment. Meanwhile, computer scientists have uncovered an unrelated Android glitch that could also invade smartphone users' privacy, and iOS Devices may be running Carrier IQ also.




    ------------------------------------------------

    Apple iTunes flaw allowed government spying for 3 years


    By Christopher Williams - December 2, 2011

    An unpatched security flaw in Apple’s iTunes software allowed intelligence agencies and police to hack into users’ computers for more than three years, it’s claimed.

    A British company called Gamma International marketed hacking software to governments that exploited the vulnerability via a bogus update to iTunes, Apple’s media player, which is installed on more than 250 million machines worldwide.

    The hacking software, FinFisher, is used to spy on intelligence targets’ computers. It is known to be used by British agencies and earlier this year records were discovered in abandoned offices of that showed it had been offered to Egypt’s feared secret police.

    Apple was informed about the relevant flaw in iTunes in 2008, according to Brian Krebs, a security writer, but did not patch the software until earlier this month, a delay of more than three years.

    “A prominent security researcher warned Apple about this dangerous vulnerability in mid-2008, yet the company waited more than 1,200 days to fix the flaw,” he said in a blog post.

    “The disclosure raises questions about whether and when Apple knew about the Trojan offering, and its timing in choosing to sew up the security hole in this ubiquitous software title.”

    On average Apple takes just 91 days to fix security flaws after they are disclosed, Mr Krebs wrote.

    Francisco Amato, the Argentinian security researcher who warned Apple about the problem suggested that “maybe they forgot about it, or it was just on the bottom of their to-do list”.

    In response to reports that FinFisher targeted iTunes, Apple has said that it works “to find and fix any issues that could compromise systems”.

    “The security and privacy of our users is extremely important,” a spokeswoman said.

    This month’s iTunes update 10.5.1 explained that “a man-in-the-middle attacker may offer software that appears to originate from Apple”, adding that the “issue has been mitigated”.

    Gamma International has not commented on the matter. Registered in Winchester, the firm is one of several companies that sell computer hacking services to governments. They offer “zero day” security flaws, which have not been publicly disclosed, so attempts to exploit them are unlikely to be detected by anti-virus programs.


  15. #15
    Member Array
    Join Date
    Jan 2007
    Location
    USA
    Posts
    10,604

    Default

    Anti-virus software shows Facebook app stole Android users’ phone numbers without their consent

    Madison Ruppert - July 2, 2013

    The mobile anti-virus and anti-malware software produced by Norton discovered that the Facebook application for Android was secretly identifying users’ phone numbers and sending them to Facebook’s servers.

    This news is especially interesting given Facebook’s role in the recently revealed National Security Agency (NSA) programs. Indeed, Martin Dempsey, chairman of the Joint Chiefs of Staff, reportedly met with Facebook executives to discuss the program.

    Facebook also enjoys a cozy relationship with the intelligence community. The former chief security officer for Facebook left the internet giant for the NSA and the company quite clearly works with government as the latest leaks have shown.

    A student group in Europe has also filed a complaint against Facebook over the handling of private data and last year a report revealed that Facebook was spying on smartphone users’ text messages.

    In this latest instance of the violation of user privacy, Facebook’s Android application leaked the user’s phone number even before logging in.

    This happened the first time the user launched the Facebook application and the number “will be sent over the Internet to Facebook servers.”

    You do not need to provide your phone number, log in, initiate a specific action, or even need a Facebook account for this to happen,” Norton said in an official post.

    A “significant portion” of the hundreds of millions of people who have installed the Facebook application were affected, according to Norton, the makers of Symantec.

    It’s worth noting that in the past, Symantec has published information on an intelligence gathering virus based on the U.S./Israeli-made Stuxnet worm and one Symantec researcher revealed that the U.S. targeted an Iranian nuclear research facility before it was built. However, last year Symantec also backed CISPA, a highly controversial piece of legislation.

    Facebook told Norton that they “investigated the issue and will provide a fix in their next Facebook for Android release.”

    “They stated they did not use or process the phone numbers and have deleted them from their servers,” Norton stated in the post.

    Far more worrisome, however, is the fact that Norton says it is not the only application guilty of leaking private data.

    “Unfortunately, the Facebook application is not the only application leaking private data or even the worst,” the company said. “We will continue to post information about risky applications to this blog in the upcoming weeks.”

    Google Play has a quite abysmal privacy history. Earlier this year it was reported that Google was sending highly personal information to application developers without users consent or knowledge.

    Just nine days ago, it was also reported that Facebook leaked the contact information of some six million users.

  16. #16
    Member Array
    Join Date
    Jan 2007
    Location
    USA
    Posts
    10,604

    Default

    New Big Brother Cyber Weapon Can Turn on Your Computer’s Microphone, Take Screen Shots, Copy Data, Record Communications

    May 30, 2012


    To the disbelief of many of our readers, in a 2011 report titled Everything You Do Is Monitored, we noted that microphones and cameras on cell phones and computers allow interested parties (translated to mean your respective government) to hear and see everything going on in the direct vicinity of the device without the knowledge of its owner.

    That these monitoring features are available on cell phones was a known fact, as FBI surveillance networks already have the ability to turn on any cell phone microphone or camera remotely without tipping off the user. It’s believed that this surveillance technique can work even when the cell phone user has shut down their phone, with the only surefire way to prevent such surveillance being removal of the unit’s battery.

    Computers, however, were believed to be secure from these kinds of backdoors, and the majority of computer users believe their PC’s are protected from such intrusive technologies once they install virus and malware protection software.

    However, a new virus identified by leading digital security firm Kaspersky Lab, is reportedly capable of not only embedding itself onto computer systems without being identified by traditional anti-virus applications, but able to execute total surveillance and monitoring that includes turning on your camera and microphone, copying your data, and recording emails and chat conversations.

    Evidence suggest that the virus, dubbed Flame, may have been built on behalf of the same nation or nations that commissioned the Stuxnet worm that attacked Iran’s nuclear program in 2010, according to Kaspersky Lab, the Russian cyber security software maker that took credit for discovering the infections.

    Kaspersky researchers said they have yet to determine whether Flame had a specific mission like Stuxnet, and declined to say who they think built it.

    Cyber security experts said the discovery publicly demonstrates what experts privy to classified information have long known: that nations have been using pieces of malicious computer code as weapons to promote their security interests for several years.


    Symantec Security Response manager Vikram Thakur said that his company’s experts believed there was a “high” probability that Flame was among the most complex pieces of malicious software ever discovered.


    Kaspersky’s research shows the largest number of infected machines are in Iran, followed by Israel and the Palestinian territories, then Sudan and Syria.

    The virus contains about 20 times as much code as Stuxnet, which caused centrifuges to fail at the Iranian enrichment facility it attacked. It has about 100 times as much code as a typical virus designed to steal financial information, said Kaspersky Lab senior researcher Roel Schouwenberg.

    Flame can gather data files, remotely change settings on computers, turn on PC microphones to record conversations, take screen shots and log instant messaging chats.

    Kaspersky Lab said Flame and Stuxnet appear to infect machines by exploiting the same flaw in the Windows operating system and that both viruses employ a similar way of spreading.

    “The scary thing for me is: if this is what they were capable of five years ago, I can only think what they are developing now,” Mohan Koo, managing director of British-based Dtex Systems cyber security company.


    Source: http://www.reuters.com/article/2012/...84R0E420120528

    Comments:

    With a new National Security Agency data center coming online and capable of capturing, aggregating and analyzing every digital communication in the United States, cellphones and computers having in excess of 99% penetration across the country, and some 30,000 drones being prepared for domestic operations, we can safely say that a total police state surveillance infrastructure is now in place and fully capable of monitoring everything - and we mean EVERYTHING – that you do. The Matrix has you…

  17. #17
    Member Array
    Join Date
    Jan 2007
    Location
    USA
    Posts
    10,604

    Default

    It isn't just the NSA: Digital surveillance programs trigger controversy abroad

    By Loek Essers, John Ribeiro and Grant Gross - Jun 14, 2013

    Last week’s disclosure of massive data collection efforts at the U.S. National Security Agency has generated heated debate in the U.S. and across the world about privacy. The NSA is collecting metadata on U.S. residents’ phone calls made on Verizon’s network and Internet records from nine Web companies, including Facebook, Google and Microsoft, according to reports in the Guardian and The Washington Post newspapers.

    But intelligence agencies in other countries have similar goals, according to reports, and in some cases there are few details about what data these governments are collecting.

    U.K.

    Leaks about the NSA program by former contractor Edward Snowden have led to questions in the U.K. about the data that intelligence agency Government Communications Headquarters (GCHQ) is collecting. Facing questions about GCHQ’s access to Internet data collected through the NSA’s PRISM program, Prime Minister David Cameron defended U.K. intelligence services and said they comply with the law.

    “Let us be clear,” Cameron said in a Guardian article. “We cannot give a running commentary on the intelligence services. I am satisfied that the intelligence services, who do a fantastically important job to keep us safe, operate within the law and within a legal framework and they also operate within a proper framework of scrutiny by the intelligence and security committee.”

    Cameron provided few details but mentioned the role intelligence gathering plays in security efforts. “We do live in a dangerous world and live in a world of terror and terrorism,” he said. “I do think it is right we have well-funded and well-organized intelligence services to keep us safe.”

    Germany

    The Germans, too, have a secret program called Strategic Communications Intelligence (Strategische Fernmeldeaufklärung), supervised by the Federal Intelligence Service (BND), according to a government response to an inquiry about the program published in 2012.

    The program is used to sift trough digital communication using search terms. However, details of the technical capabilities of the BND were not published because they are secret, the document said.

    The aim of the program, similar to Prism, is to examine global telecommunications, and German domestic situations aren’t covered, reported Germany’s Computerwoche.

    The BND does not possess the means and knowledge of its U.S. counterparts, reported German national newspaper Die Zeit on Thursday. German intelligence authorities are envious of the U.S. capabilities, interior minister Hans-Peter Friedrich said, according to Die Zeit.

    The Netherlands

    The Dutch General Intelligence and Security Service (Algemene Inlichtingen- en Veiligheidsdienst or AIVD), has access to PRISM data, Dutch national newspaper De Telegraaf reported on Tuesday, citing an anonymous AIVD agent.

    There are more PRISM-like programs active in the Netherlands, the source told the newspaper.

    If the AIVD classifies one U.S. email address as suspicious, the service is able to learn everything about the related person, the source told the paper. The AIVD gets full cooperation from the U.S. through liaisons, the source said. All big commercial Internet services are forced to provide an application allowing secret services unlimited browsing, the source told the paper.

    “The Dutch government never provides information about how intelligence services work,” said Ivo Opstelten, the minister of security and justice, in a debate in the Dutch Lower House on Tuesday about how the U.S. government can access Dutch citizens’ data using PRISM. “And we never provide information about cooperation with foreign services.”

    Opstelten avoided answering a question from Member of Parliament Gerard Schouw, who asked the minister if the U.S. has unlimited access to Dutch citizen data via PRISM.

    On Tuesday, Dutch digital rights organization Bits of Freedom (BoF) called on Dutch intelligence services and the government “to put an end to this eavesdropping scandal as soon as possible.” The group called Opstelten’s appearance in the Lower House a “disappointing farce.”

    India

    In India, residents are grappling with privacy issues as the country plans to roll out its Central Monitoring System (CMS) to track communications on its networks.

    The Indian government has said it needs a surveillance system to monitor suspected terrorists. Asking telephone carriers to intercept calls presented its own security risks, officials have said.

    Milind Deora, India’s minister of state for communications and IT, confirmed earlier this month that CMS was being rolled out. Politicians and bureaucrats and even the officer in charge of the CMS, who will take orders from law enforcement agencies to intercept conversations, will not have access to the surveillance information, Deora said during a live session on Google+ Hangouts.

    Critics have said that CMS—which aims to collect metadata and other information in real time—will compromise privacy.” It is not covered under any law, nor is it evidently prohibited under any specific law in the country,” said Pranesh Prakash, policy director at The Center for Internet and Society, a research organization in Bangalore focused on privacy and digital rights.

    The country has rules under various laws including the Indian Telegraph Act and the Information Technology Act that govern the interception and monitoring of certain communications. The rules require law enforcement to specify the objective of its surveillance, and does not allow broad surveillance of large numbers of users.

    “They can make it a little broader than interception of the communications of a particular person, but they can’t specify something as broad as, say, all telephone calls between two cities over a particular period,” Prakash said.

    The Indian government announced it was rolling out CMS in November 2009. Officials described it to the upper house of Parliament as “a centralized system to monitor communications on mobile phones, landlines and the Internet in the country.”


    http://www.pcworld.com/article/20421...ntroversy.html


    Prism
    http://forum.netmuslims.com/showthre...ll=1#post65245

  18. #18
    Member Array
    Join Date
    Jan 2007
    Location
    USA
    Posts
    10,604

    Default

    Google Concedes That Drive-By Prying Violated Privacy

    By DAVID STREITFELD - March 12, 2013



    Google on Tuesday acknowledged to state officials that it had violated people’s privacy during its Street View mapping project when it casually scooped up passwords, e-mail and other personal information from unsuspecting computer users.

    In agreeing to settle a case brought by 38 states involving the project, the search company for the first time is required to aggressively police its own employees on privacy issues and to explicitly tell the public how to fend off privacy violations like this one.

    While the settlement also included a tiny — for Google — fine of $7 million, privacy advocates and Google critics characterized the overall agreement as a breakthrough for a company they say has become a serial violator of privacy.

    Complaints have led to multiple enforcement actions in recent years and a spate of worldwide investigations into the way the mapping project also collected the personal data of private computer users.

    “Google puts innovation ahead of everything and resists asking permission,” said Scott Cleland, a consultant for Google’s competitors and a consumer watchdog whose blog maintains a close watch on Google’s privacy issues. “But the states are throwing down a marker that they are watching and there is a line the company shouldn’t cross.”

    The agreement paves the way for a major privacy battle over Google Glass, the heavily promoted wearable computer in the form of glasses, Mr. Cleland said. “If you use Google Glass to record a couple whispering to each other in Starbucks, have you violated their privacy?” he asked. “Well, 38 states just said they have a problem with the unauthorized collection of people’s data.”

    George Jepsen, the Connecticut attorney general who led the states’ investigation, said that he was hopeful the settlement would produce a new Google.

    “This is the industry giant,” he said. “It is committing to change its corporate culture to encourage sensitivity to issues of personal data privacy.”

    The applause was not universal, however. Consumer Watchdog, another privacy monitor and frequent Google critic, said that “asking Google to educate consumers about privacy is like asking the fox to teach the chickens how to ensure the security of their coop.”

    Niki Fenwick, a Google spokeswoman, said on Tuesday that “we work hard to get privacy right at Google, but in this case we didn’t, which is why we quickly tightened up our systems to address the issue.”

    Last summer, the Federal Trade Commission fined Google $22.5 million for bypassing privacy settings in the Safari browser, the largest civil penalty ever levied by the F.T.C. In 2011, Google agreed to be audited for 20 years by the F.T.C. after it admitted to using deceptive tactics when starting its Buzz social network. That agreement included several rather vague privacy provisions.

    The new settlement, which requires Google to set up a privacy program within six months, is more specific. Among its requirements, Google must hold an annual privacy week event for employees. It also must make privacy certification programs available to select employees, provide refresher training for its lawyers overseeing new products and train its employees who deal with privacy matters.

    Several provisions involve outreach. Google must create a video for YouTube explaining how people can easily encrypt their data on their wireless networks and run a daily online ad promoting it for two years. It must run educational ads in the biggest newspapers in the 38 participating states, which besides Connecticut also include New York, New Jersey, Massachusetts, California, Ohio and Texas.

    “There are minimum benchmarks Google has to meet,” said Matthew Fitzsimmons, an assistant Connecticut attorney general who negotiated with the company. “This will impact how Google rolls out products and services in the future.”

    Marc Rotenberg of the Electronic Privacy Information Center said the agreement was “a significant privacy decision by the state attorneys general,” adding that “it shows the ongoing importance of the states’ A.G.’s in protecting the privacy rights of Internet users.”

    The Street View case arose out of Google’s deployment of special vehicles to photograph the houses and offices lining the world’s avenues and boulevards and lanes. For several years, the company also secretly collected personal information — e-mail, medical and financial records, passwords — as it cruised by. It was data-scooping from millions of unencrypted wireless networks.

    A worldwide uproar and investigations in at least a dozen countries ensued. An Australian regulator, Stephen Conroy, called it “probably the single greatest breach in the history of privacy.” Google initially denied any data had been collected from unknowing individuals, then sought to play down what data had been collected and fought with regulators who wanted to examine it. Google said the data had been destroyed, although it turned out some had not been. Some data was purged, but Google is holding the rest until several private lawsuits are resolved.

    The company blamed a rogue engineer for the operation. But the Federal Communications Commission said the engineer had worked with others and had tried to tell his superiors what he was doing. He was less a rogue than simply unsupervised, the agency said. The F.C.C. last spring fined Google $25,000 for obstructing its investigation.

    In the last several years, Google has repeatedly said it was strengthening its privacy monitoring, adding layers of oversight and controls. For the states, however, those assurances were not quite enough.

    “We obviously thought there was more they could do,” said Mr. Fitzsimmons, the assistant Connecticut attorney general. An executive committee of attorneys general will monitor Google for compliance. The $7 million fine is pocket change for Google, which has a net income of about $32 million a day.

    “It is the public opprobrium, not the money, that counts in these cases,” said David Vladeck, a professor of law at Georgetown University who formerly directed the F.T.C.’s Bureau of Consumer Protection. “And I think people were rightly unhappy with Google’s collecting the information in the first place and then Google’s lame explanation.”

    Regulators in Germany pursued Google aggressively in the case, but closed their investigation in November without bringing charges. That seemed to end the matter until this week. Few outside observers expected the states’ efforts to amount to much.

    The inquiry began in June 2010. Richard Blumenthal, then Connecticut’s attorney general, said his office would lead a multistate investigation into what he called “Google’s deeply disturbing invasion of personal privacy.” In December 2010, Mr. Blumenthal — about to become Connecticut’s junior senator — issued a civil investigative demand, equivalent to a subpoena, to get the data. Google never provided it. “That issue was resolved by their admission they had gathered the kinds of data we had alleged they were gathering,” said Mr. Jepsen, the attorney general.

    In any case, he said, “what mattered was Google admitted they weren’t just taking pictures.”


    http://www.nytimes.com/2013/03/13/te...ewanted=1&_r=4






    Google Glass: is it a threat to our privacy?

    The tech giant's 'wearable computing' project is now being tested by volunteers, meaning you might already have been surreptitiously filmed and uploaded on to Google's servers. How worried should you be?

    Charles Arthur - 7 March 2013



    If you haven't heard about the excitement around Google Glass – the head-mounted glasses that can shoot video, take pictures, and broadcast what you're seeing to the world – then here's an idea of the interest in them. Last week, someone claiming to be testing Glass for Google auctioned their $1,500 (£995) device on eBay. Bidding had reached $16,000 before eBay stopped it on the basis that the person couldn't prove they had the glasses. (They weren't due to get them until last Friday.)

    Google Glass is the most hotly anticipated new arrival in "wearable computing" – which experts predict will become pervasive. In the past 50 years we have moved from "mainframe" computers that needed their own rooms to ones that fit in a pocket; any smartphone nowadays has as much raw computing power as a top-of-the-line laptop from 10 years ago.

    The next stage is computers that fit on to your body, and Google's idea is that you need only speak to operate it. The videos that the company has put online – and the demonstrations by Sergey Brin, Google's co-founder, who has been driving these imaginative leaps – suggest you can whirl your child around by their arms, say: "OK, Glass, take video!" and capture the moment. (To activate Glass you need to tilt your head, or touch the side, and then say, "OK Glass, record a video" or "OK Glass take a picture".) The only other way to get that point of view is to strap a camera to your head. Brin has already appeared on stage at a TED conference wearing his Glass glasses (will we call them Glasses?) and looking vaguely like a space pirate. He has described ordinary smartphones as "emasculating" (invoking quite a lot of puzzlement and dictionary-checking: yup, it still means what you thought). And yet people are already beginning to fret about the social implications of Glass (as it's quickly becoming known). The first, and most obvious, is the question of privacy. The second is: how will we behave in groups when the distraction of the internet is only an eye movement away?

    David Yee, the chief technology officer at a company called Editorially, tweeted on this point the other day: "There's a young man wearing Google Glasses at this restaurant, which, until just now, used to be my favourite spot." Yee's worry was that the young person might be filming everything and uploading it to Google's servers (and a Google+ page). Which just feels creepy. It's not a trivial concern. Joshua Topolsky, an American technology journalist who is one of the few to have tried out Google Glass – at Google's invitation – discovered this directly. He wore them to Starbucks, accompanied by a film crew. The film crew were asked to stop filming. "But I kept the Glass's video recorder going, all the way through."

    Still, you might think, where's the harm? The thing is, though: this is Google, not Fred's Amazing Spectacles Company. This is the company that has repeatedly breached the boundaries of what we think is "private". From Google Buzz (where it created a "social network" from peoples' email lists, forgetting that sometimes deadly enemies have mutual friends; it was bound over for 20 years by the US's Federal Trade Commission) and the rows over Street View pictures, to the intentional snaffling of wi-fi data while collecting those pictures (a $25,000 fine from the US Federal Communications Commission for obstructing its investigation there).

    And that's before you get to criticism in Europe over its attitude to data protection (information commissioners grumbled last October that its unification of its separate privacy policies meant "uncontrolled" use of personal data without an individual's clear consent.

    For Google, "privacy" means "what you've agreed to", and that is slightly different from the privacy we've become used to over time. So how comfortable – or uneasy – should we feel about the possibility that what we're doing in a public or semi-public place (or even somewhere private) might get slurped up and assimilated by Google? You can guess what would happen the first time you put on Glass: there would be a huge scroll of legal boilerplate with "Agree" at the end. And, impatient and uncaring as ever, you would click on it with little regard for what you were getting yourself, and others, in to. Can a child properly consent to filming or being filmed? Is an adult, who happens to be visible in a camera's peripheral vision in a bar, consenting? And who owns – and what happens to – that data?

    Oliver Stokes, principal design innovator at PDD, which helps clients such as LG, Vodafone and Fujitsu design products, says Yee's restaurant scenario is "concerning". "The idea that you could inadvertently become part of somebody else's data collection – that could be quite alarming. And Google has become the company which knows where you are and what you're looking for. Now it's going to be able to compute what it is you're looking at."

    That, he points out, could be hugely useful. "Supermarkets and packaging companies spend lots of money trying to work out which packages you look at first on a shelf. Potentially, through Google Glass, they would be capturing that data as standard. That would be quite powerful – to be able to say why people buy things."

    Of course, the benefits wouldn't accrue to the wearer. Google would sell the data (suitably anonymised, of course). And your smartphone already provides a huge amount of detail about you. Song Chaoming, a researcher at Northeastern University in Boston, has been analysing mobile phone records (including which base stations the phone connects to) and has developed an algorithm that can predict – with, he says, 93% accuracy – where its owner is at any time of the day (by triangulating from the strengths of the base station signals; that's part of how your smartphone is able to show where you are on an onscreen map). He analysed the records of 50,000 people; the accuracy was never below 80%.

    When you consider that Chaoming was only doing this in his spare time, and that Google has teams of people whose only task is to develop better algorithms to work out where a phone's owner is, and what they're going to do based on their past activity and searches, you realise that if you're using an Android phone, Google probably knows what you're going to do before you do.

    The obvious objection to these concerns is that we're used to being filmed; CCTV is part of life. Yee's response: "Not 5,000 cameras a city – five million. Not 5,000 monitors – one." Where the five million are the wearers of Glass – and the one monitor is Google, aggregating, sifting, profiting.

    Yet we already live in a world where the boundaries of what's private and what's public are melting. The other day my Twitter timeline came alive with someone tweeting about watching a couple having a furious row in a cafe; the man had had multiple affairs, the woman had had a breakdown. Their unhappiness was being played out in public, though the cafe wasn't strictly a public space. If either used Twitter, they might have found themselves (or friends might have recognised them). And Twitter's content is retained and searchable through plenty of web services.

    Social media such as Twitter, and the ubiquity since 2003 of cameraphones (and now of smartphones that not only have still and video cameras, but can also upload their content immediately) means we're more used to the snatched photo or video that tells a story. Without it, we wouldn't know the true circumstances surrounding the death at the G20 protest of the newspaper seller Ian Tomlinson. What if everyone who had been there had been wearing Google Glass (or similar) and beaming it to the web? Would the police have behaved differently?

    Google doesn't want to discuss these issues. "We are not making any comment," says a company spokesperson. But other sources suggest that Google's chiefs know that this is a live issue, and they're watching it develop. That's part of the plan behind the "Glass Explorer" scheme, which aims to get the devices into the hands – or rather, on to the faces – of ordinary people (and which enabled one member of the trial to putatively auction their Glass).

    "It may be that new social norms develop with Glass, where people develop an informal way of showing that they're not using it – say, wearing it around their neck to signal they aren't using it or being distracted by it," said one person who has spoken to Google staff on this, but who has to stay anonymous. "One of the reasons they're doing Explorers is to get feedback on these things, as well as the devices."

    The other big question about Glass is: how will we behave with each other? My own experience with a Glass-like system, of wearable ski goggles, suggests that distraction will happen quite easily. That system, from Recon, has a lens in the top right that shows data such as your speed, altitude, and even ski-resort maps (useful in whiteouts). It was very easy, while standing and talking to someone, to glance up and read something off the screen. Being present and not-present became almost reflexive, and that was with only one week of use. Yet at the same time, the display wasn't overwhelming. Concentrating on what was in front of me wasn't hard, when required.

    Carolina Milanesi, smartphones and tablets analyst at the research company Gartner, says: "Interestingly this [distraction element] is the first thing I thought of – not that Glass was giving you something that phones cannot give you, in terms of sharing or accessing content, but that they do it without letting others realise you are doing anything. In other words, with the phone, if I am taking a picture, the person I am focusing on will likely notice me; with Glass they do not."

    Despite her line of work, Milanesi is concerned about whether we get too deeply involved with our technology, to the exclusion of the real people around us. She has a different restaurant concern from Yee's. In June 2011, she pointed out how smartphones change us: "Look around a restaurant or coffee bar at how many people, couples even, are sitting across from each other and they're both looking down at their mobiles."

    Glass might change that for the better – though would you appear to be looking at each other, while really intent on your email or a video? Topolsky, who used Glass for some days, said: "It brought something new into view (both literally and figuratively) that has tremendous value and potential … the more I used Glass the more it made sense to me; the more I wanted it."

    He loved how text messages or phone calls would just appear as alerts, and he could deal with them without taking his phone out of his pocket to see who was calling. Walking and need directions? They're in view. "In the city, Glass makes you feel more powerful, better equipped, and definitely less diverted," he said. But, he added, "It might not be that great at a dinner party, or on a date, or watching a movie."

    Mark Hurst, founder of Creative Good, a New York-based company that specialises in improving customer experiences, comments, "Your one-on-one conversation with someone wearing Google Glass is likely to be annoying, because you'll suspect that you don't have their undivided attention. And you can't comfortably ask them to take off the glasses (especially when, as it inevitably will be, the device is integrated into prescription lenses). Finally – and here's where the problems really start – you don't know if they're taking a video of you."

    Stokes points out that we're already seeing body language change as smartphones – with their glowing screens – become more pervasive: the hunched walk that 10 years ago marked out a financial whiz with a BlackBerry is now seen on every pavement.

    "I think there will be a pushback," Stokes says. "Maybe you'll have to have a lens cover to show you're not filming." He points out though that the present model seems to require voice control – "OK, Glass, shoot video" – and that this might discourage some users in public. "I've been watching for people using Siri [Apple's voice-driven iPhone control]. I just don't see people using it in public places. Maybe it's too gadgety."

    "People will have to work out what the new normal is," says Stokes. "I do wonder whether speaking and gesturing might be essentially banned in public."

    "At home my husband already jokes about me checking into [location service] Foursquare from the piece of carpet I am standing on," Milanesi says. "How much more will we have of this now that it is made so simple for us? And the other side of the coin: how much are we going to share with others, and at what point will we have a backlash? When will it all be too much?"


    http://www.guardian.co.uk/technology...to-our-privacy

    comments:


    This makes doing the proper Islamic hijab (which includes a niqab) even more important if a Muslimah (or her family) don't want others taking pictures or making videos of her to later use for what ever evil purposes, including posting to porn sites.

  19. #19
    Member Array
    Join Date
    Jan 2007
    Location
    USA
    Posts
    10,604

    Default

    How to Hide Your Digital Communications from Big Brother

    J.P. Hicks

    Big Brother is hoping to eliminate anonymous digital communication, but a new messaging protocol may provide privacy advocates a way around their snooping government no matter where they live.

    It couldn't come at a better time as governments increasingly demand access to private communications.

    In fact, an FBI whistleblower recently revealed that all digital communications are being recorded and stored by the U.S. government.

    Since most emails, instant messaging, and all voice calls (land line, cell or internet) run through central service providers that database all user activity, the government has easy access to this information upon request, secret subpoenas or even backdoors to these services to view private communications in real time.

    The Associated Press was recently violated by the Department of Justice who, with a secret subpoena, forced service providers to hand over phone records of AP's reporters and central offices.

    The U.S. government claims the authority to track, trace, and database all electronic communications in order to keep us safe. Despite the obvious intrusion of privacy, it clearly has the intent to spy on all communications and is actively seeking expanded legal cover and technological advances for full spectrum digital surveillance.

    Large central service providers make this nefarious goal possible.

    But as the government cracks down on Web privacy, a new decentralized communication protocol called Bitmessage has emerged to offer an easy way for people to send and receive encrypted messages.

    What is Bitmessage?

    Bitmessage is a peer-to-peer encrypted messaging protocol that allows people to communicate anonymously.

    Bitmessage's official description is as follows:

    Bitmessage is a P2P communications protocol used to send encrypted messages to another person or to many subscribers. It is decentralized and trustless, meaning that you need-not inherently trust any entities like root certificate authorities. It uses strong authentication which means that the sender of a message cannot be spoofed, and it aims to hide "non-content" data, like the sender and receiver of messages, from passive eavesdroppers like those running warrantless wiretapping programs. (https://bitmessage.org/wiki/Main_Page)

    Based loosely on Bitcoin's open-source protocol, Bitmessage utilizes the computer power of decentralized users to process the messages making them essentially impossible to track. Addresses are made up of 36 random characters as opposed to a name and other personal information that email services require.

    Example Bitmessage address: BM‐2nTX1KchxgnmHvy9ntCN9r7sgKTraxczzyE

    In their white paper, the Bitmessage developers emphasize that privacy was their main motivation for creating it:

    Hiding one’s identity is difficult. Even if throw‐away email addresses are used, users must connect to an email server to send and retrieve messages, revealing their IP address.

    ...if just one of those organizations is run by a government agency, and if they have certain network hardware in place between users and destination servers, then they would be able to perform a targeted man‐in‐the‐middle attack of ostensibly secure communications at will...

    What is needed is a communications protocol and accompanying software that encrypts messages, masks the sender and receiver of messages from others, and guarantees that the sender a message cannot be spoofed, without relying on trust and without burdening the user with the details of key management.

    The addresses not only emphasize privacy but guarantee sender verification:

    While certainly more cumbersome than an email address, it is not too much to type manually or it can be made into a QR‐code. Users have already demonstrated this to be acceptable as Bitcoin addresses are similar in format and length. This address format is superior to email in that it guarantees that a message from a particular user or organization did, in fact, come from them. The sender of a message cannot be spoofed.

    Though it may sound complicated, Bitmessage makes it easy for anyone to communicate anonymously. Once the program is downloaded on your computer, you just need to set "Your Identities", "Passphrase", and "Addresses" in your Bitmessage folder which is much like a Bitcoin "wallet".

    Then it works similarly to email where you choose from one of your "From" addresses to compose a message to "Send" to another address. The message's encryption is then "processed" by the peer-to-peer network of servers and delivered to the recipient's "wallet" (Bitmessage folder) on their personal computer. The "stream" or "proof of work" takes roughly four minutes to process the message to the recipient.




    Bitmessage also offers a "broadcast" feature for mass announcements. So if you run an organization, website or blog with a newsletter, you can send anonymous "broadcasts" to subscribers. Meanwhile, subscribers can sign up without giving out their email address or anything that links them to the information.

    Just as Bitcoin has the potential to displace centralized currencies, Bitmessage may be the future of free and private communication. As the government increases its Big Brother spying on average citizens, Bitmessage proves that freedom will always find a way.

    Watch the video below for more information about Bitmessage: http://www.youtube.com/watch?v=t_dTotavJZ8

    Get started with Bitmessage here: https://bitmessage.org/wiki/Main_Page

    Another great resource for how to get started with Bitmessage:
    http://cryptojunky.com/blog/2013/03/...sed-on-bitcoin

    http://www.blogtips.com/2013/06/bitm...s-digital.html

  20. #20
    Member Array
    Join Date
    Jan 2007
    Location
    USA
    Posts
    10,604

    Default

    British, American Spies 'Stored Millions of Yahoo Webcam Images'


    AFP
    Feb 27, 2014

    London (AFP) - Britain’s communications spy agency GCHQ and the US National Security Agency (NSA) intercepted and stored images from webcams used by millions of Yahoo users, the Guardian newspaper reported on Thursday.

    GCHQ files leaked by former NSA contractor Edward Snowden reportedly revealed how the Optic Nerve program collected still images of webcam chats regardless of whether individual users were suspects or not.

    In one six-month period in 2008, the British spy agency collected webcam imagery from more than 1.8 million Yahoo user accounts around the world, the Guardian said.

    Yahoo, which was apparently chosen because its webcam system was known to be used by GCHQ targets, expressed outrage at the reported surveillance.

    "We were not aware of nor would we condone this reported activity," a spokeswoman for the US technology firm told AFP in an email statement.

    "This report, if true, represents a whole new level of violation of our users’ privacy that is completely unacceptable. We are committed to preserving our users’ trust and security and continue our efforts to expand encryption across all of our services."

    Leaked GCHQ documents from 2008 to 2010 explicitly refer to the surveillance program, although the Guardian said later information suggests it was still active in 2012.

    The data was used for experiments in automated facial recognition, as well as to monitor existing GCHQ targets and discover new ones, the British paper said.

    The program reportedly saved one image every five minutes from a webcam user’s feed, partly to comply with human rights legislation and partly to cut down the sheer amount of data being collected.

    GCHQ analysts were able to search the metadata, such as location and length of webcam chat, and they could view the actual images where the username was similar to a surveillance target.

    The data collected, which was available to NSA analysts through routine information sharing, contained a significant amount of sexual content, the newspaper added.

    It cited one document as saying: “It would appear that a surprising number of people use webcam conversations to show intimate parts of their body to the other person.”

    In a statement to the Guardian, GCHQ said all of its work was “carried out in accordance with a strict legal and policy framework which ensures that our activities are authorized, necessary and proportionate”.


    https://www.yahoo.com/tech/snowden-u...048478732.html


    Comments:

    Another reason why people should not be so webcam happy, especially with stranger and especially having sexual nature sessions.


 

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •