Tag Archives | Security

Secret Manuals Show the Spyware Sold to Despots and Cops Worldwide

elhombredenegro (CC By 2.0)

elhombredenegro (CC By 2.0)

via First Look:

When Apple and Google unveiled new encryption schemes last month, law enforcement officials complained that they wouldn’t be able to unlock evidence on criminals’ digital devices. What they didn’t say is that there are already methods to bypass encryption, thanks to off-the-shelf digital implants readily available to the smallest national agencies and the largest city police forces — easy-to-use software that takes over and monitors digital devices in real time, according to documents obtained by The Intercept.

We’re publishing in full, for the first time, manuals explaining the prominent commercial implant software “Remote Control System,” manufactured by the Italian company Hacking Team. Despite FBI director James Comey’s dire warnings about the impact of widespread data scrambling — “criminals and terrorists would like nothing more,” he declared — Hacking Team explicitly promises on its website that its software can “defeat encryption.”

Read More: https://firstlook.org/theintercept/2014/10/30/hacking-team/

Sign up for the disinformation newsletter to get weekly updates with our most popular stories and news.… Read the rest

Continue Reading

WikiLeaks Spy Files

article-surveillance-wikileaks-spyfiles-tete-clef

via wikileaks.org/the-spyfiles

via Wikileaks Spy Files:

In early September 2014 WikiLeaks released its last batch of leaked Spy Files –  which it had started releasing in 2011. To mark this anniversary, data journalist Alice Corona cleaned and structured the data to build an interactive database combining the three Spy Files releases.

Currently, there are 559 leaked company documents, and 15 location tracking reports from WikiLeaks Counter Intelligence Unit (WLCIU). The 559 files disclose to the public internal documents from more than 100 companies specialized in intelligence and (mass) surveillance technologies.

These technologies are sold both to Western governments and to dictators, and have been used by the Syrian government. The 15 documents from WLCIU reveal the timestamps and locations of 20 members of these companies, whose whereabouts WikiLeaks has decided to track in order to show where the main surveillance contractors are sending its people.

Read the rest
Continue Reading

5 Million Gmail Account Passwords Were Leaked

gmail-logo

You can check to see if yours was leaked here: https://isleaked.com/en.php (or you could just change your password for good measure!) Note that you will probably get a Bad Gateway error, but I think that’s because so many people are checking. If you keep trying, you will eventually get through.

I checked mine and it was leaked, but the password is an old one that I haven’t used in awhile (which seems to be the case for a lot of people).

via The Mary Sue:

Almost 5 million Gmail addresses and their passwords have been compromised and leaked on a Russian Bitcoin forum. Admins on the forum have removed the passwords from the text file, but the Internet is forever, so if your username is among those that have been hacked, you should change your password immediately.

Luckily, there’s a quick tool you can use to figure out if your account information was leaked.

Read the rest
Continue Reading

How The NSA hacks your devices

NSA-octopusFrom The Register:

“It’s not as bad as you thought – it’s much worse.”

A leaked NSA cyber-arms catalog has shed light on the technologies US and UK spies use to infiltrate and remotely control PCs, routers, firewalls, phones and software from some of the biggest names in IT.

The exploits, often delivered via the web, provide clandestine backdoor access across networks, allowing the intelligence services to carry out man-in-the-middle attacks that conventional security software has no chance of stopping.

And if that fails, agents can simply intercept your hardware deliveries from Amazon to install hidden gadgets that rat you out via radio communications.

Continue reading.

Read the rest

Continue Reading

From North America to Europe, the ‘National Security’ Apparatus Is Being Bought off by Big Oil t

Pic: Quevaal (CC)

Pic: Quevaal (CC)

And here I thought I was a centrist.  Nafeez Ahmed writes at the Guardian:

Over the last year, a mass of shocking evidence has emerged on the close ties between Western government spy agencies and giant energy companies, and their mutual interests in criminalising anti-fracking activists.

Activists tarred with the same brush

In late 2013, official documents obtained under freedom of information showed that Canada’s domestic spy agency, the Canadian Security Intelligence Service (CSIS), had ramped up its surveillance of activists opposed to the Northern Gateway pipeline project on ‘national security’ grounds. The CSIS also routinely passed information about such groups to the project’s corporate architect, Calgary-based energy company, Enbridge.

The Northern Gateway is an $8 billion project to transport oil from the Alberta tar sands to the British Columbia coast, where it can be shipped to global markets. According to the documents a Canadian federal agency, the National Energy Board, worked with CSIS and the Royal Canadian Mounted Police to coordinate with Enbridge, TransCanada, and other energy corporations in gathering intelligence on anti-fracking activists – despite senior police privately admitting they “could not detect a direct or specific criminal threat.”

Now it has emerged that former cabinet minister Chuck Strahl – the man appointed by Canadian prime minister Stephen Harper to head up the CSIS’ civilian oversight panel, the Security Intelligence Review Committee (SIRC) – has been lobbying for Enbridge since 2011.

Read the rest
Continue Reading

TSA: What Is it Good For?

The-Simpsons-vs-the-TSA(TSA) isn’t as effective at detecting suspicious characters as one might think. The Government Accounting Office (GAO) has reviewed the TSA’s Screening Passengers by Observation Techniques (SPOT) program was evaluated at being “the same or slightly better than chance.”

The SPOT program since 2007 cost $900 million. The TSA has failed to collect consistent data to prove the effectiveness of the behavioral detection program; worse yet, the SPOT program was initiated without any scientific validation. For reason, the GAO has recommended that Congress cut off funding to this program, something that the Department of Homeland Security disagrees with.

You think that’s bad? That’s only the tip of the damning iceberg.

Anti-TSA activist Johnathan Corbett, who filed a lawsuit against the agency on the faulty nature of their body scanners found a particularly revealing document that declares the probability of terrorists hijacking planes in the United States.

VIA TechDirt

Jonathan Corbett, a long-time vocal critic of TSA body scanners, has been engaged in a lawsuit against the government concerning the constitutionality of those scanners.

Read the rest
Continue Reading

How to Protect Ourselves on Social Networks and from Data Collection Systems of Governments and Corporations

via chycho
privacyaa042956_447980

I. What’s Going On

Online, we are both a product for corporations and a person of interest to governments (2, 3).

Corporations are taking advantage of these times by changing their privacy policies so that they can track us, use us, and sell us whatever their algorithms decide that we need or want based on data they have acquired about our movements, contacts, desires, fantasies, or kinks. Governments on the other hand are using our data to make sure that we will never acquire enough power to change any policies that we deem to be a threat to our happiness, livelihood, or survival. In essence, we are at war with these organizations and we should act as such:

“…this is truly unprecedented in history. And what we’re seeing is secrecy and surveillance are completely subverting security and liberty, not just in the United States, but for many, many citizens around the world.”

This corporate misconduct and government surveillance is threatening the internet (2, 3), the original purpose of which was to create an “open architecture networking” system where “a globally interconnected set of computers” would allow “everyone” to “quickly access data and programs from any site”.

Read the rest
Continue Reading

The Police And Fingerprint-Based Security

fingerprintThe Chaos Computer Club on why authorities are in love with biometrically unlockable devices:

“It is plain stupid to use something that you can’t change and that you leave everywhere every day as a security token”, said Frank Rieger, spokesperson of the CCC. “The public should no longer be fooled by the biometrics industry with false security claims. Biometrics is fundamentally a technology designed for oppression and control, not for securing everyday device access.” Fingerprint biometrics in passports has been introduced in many countries despite the fact that no security gain can be shown.

iPhone users should avoid protecting sensitive data with their precious biometric fingerprint not only because it can be easily faked, as demonstrated by the CCC team. You can easily be forced to unlock your phone against your will when being arrested. Forcing you to give up your passcode is much harder under most jurisdictions than just casually swiping your phone over your handcuffed hands.

Read the rest
Continue Reading

Bruce Schneier On The Solution To Surveillance

PRISMVia the MIT Technology Review, the security expert on staying free from the NSA:

My five tips suck. They are not things the average person can use. One of them is to use PGP [a data-encryption program]. But my mother can’t use PGP. Maybe some people who read your publication will use my tips, but most people won’t.

Basically, the average user is screwed. You can’t say “Don’t use Google”—that’s a useless piece of advice. Or “Don’t use Facebook,” because then you don’t talk to your friends, you don’t get invited to parties, you don’t get laid. It’s like libertarians saying “Don’t use credit cards”; it just doesn’t work in the real world.

The Internet has become essential to our lives, and it has been subverted into a gigantic surveillance platform. The solutions have to be political. The best advice for the average person is to agitate for political change.

Read the rest
Continue Reading

NYPD Hits The Streets Telling People They Need To Download iOS 7

In what smacks of surreal law-enforcement-corporate synergy, a number of media outlets and many on Twitter have reported being stopped on the streets of New York by cops urging them to update their Apple smartphones’ operating systems. Via Digital Trends:

Cops in the city have been distributing fliers outside subway stations and Apple stores urging owners of the iPhone and iPad to upgrade to the recently released iOS 7 operating system, which comes with a new security feature called Activation Lock designed to make life a little more difficult for thieves.

The release of iOS 7 coincides with the launch of two new phones from Apple – the 5S and 5C.

One of the fliers begins “Attention Apple Users!!!!!” – yes, the message was deemed serious enough to warrant five exclamation marks – “As of Wednesday the new iOS 7 feature brings added security to your Apple devices.”

nypd

Read the rest

Continue Reading