Snooper Charter Powers are Increasingly Worrying

Security is one thing, from a virus on your phone or PC to a coordinated breach and remote access that compromises your computer. While we may not want to believe them, they are the things that happen more than anyone would want and as such, people are employed to look out for any risks and report and maybe even fix them. Security researchers are essential in the world where our digital security is as important to many as locking your door. So what does the new law that the UK government want enforced mean for you? For one it’s more than often known as the Snooper Charter, and its powers could be a problem for security researchers and even you.

The typical process for security researchers upon finding a backdoor, something that can give anyone access to your system, is to check your findings with colleagues and make sure that it is, in fact, a security risk, then to alert your client, normally the creator of the software or the owner of it at least. They then report it, get a fix out and then you can reveal to the world that they need to update in order to receive this fix.
Under the snooper charter, though, even so much as revealing a backdoor could be punishable with up to 12 months in jail or a fine. For someone who spends their life finding these flaws, the risk of you exposing one created by the government, could put you not only out of a job but also out of work for good.

If that wasn’t enough, intercepting information, equipment interference (hacking) and retaining communications data would also be protected under gag orders, including those for bulk communications data collection, such as all the emails sent from your home IP.

Granting access to all your information, without having to provide anything for scrutiny. This is made all the worse by that fact that even in talking to your MP, to prove someone innocent of a crime they were falsely accused for or even in the court when you’re being charged using this information, it would become illegal to even disclose that these tactics were used to obtain the information.

With these powers and the charter as it is, not only would the government and agencies have abilities to access and obtain information with little oversight, but you would be unable to discuss or reveal that these activities even took place.

Windows 10 Data Policy is Optionally Coming to Older Operating Systems

The recently revised “Microsoft Services Agreement” has caused a great deal of controversy and could theoretically disable pirated games and unauthorized software. Additionally there are concerns about Microsoft’s data policy in regards to monitoring user activity. It’s still unclear what the true extent of these updated terms are, but some users have reverted back to older operating systems due to privacy concerns. However, Microsoft is now implementing updates in Windows 7, 8 and 8.1 which report information back to Microsoft’s servers.  The updates in question are KB3075249 and KB3080149 and designed to:

KB3075249 “Update that adds telemetry points to consent.exe in Windows 8.1 and Windows 7 ”

KB3080149 “This update aligns down-level devices on the same UTC binary that’s released in Windows 10. This update would enable all the down-level devices to receive the software updates, design updates, and additional power and performance tuning.”

Once updated, your PC will share data in a similar vein to Windows 10. Whether you’re happy with this or not is all down to user-preference. You could argue, that there is no privacy online, and Microsoft requires this information to customizable apps such as Cortana to your needs. On the other hand, other users will feel aggrieved by this intrusive data sharing and decided to dismiss Windows 10 for this very reason. Most importantly, the updates are optional and Windows cannot under any circumstances, apply the updates automatically. Although, this could change in the future.

If Microsoft do make this an integral system update, you can always disable Windows Update.

Are you concerned with the new Microsoft Services Agreement or feel people are being overly paranoid?

Thank you TechWorm for providing us with this information. 

Windows 7 Update for Windows 10 Upgrade Could Be Spying on You

A Windows 7 update, meant to prepare the operating system for a Windows 10 upgrade, could be secretly triggering daily telemetry and sending that information back to Microsoft. The update, KB 2952664, is advertised as a “compatibility update for upgrading Windows 7” that helps Microsoft make improvements to the current operating system in order to ease the upgrade experience to the latest version of Windows,” the update could be spiking a red-line of one CPU core each time Windows 7 is initialised, InfoWorld has revealed.

After a tipoff from a reader, staff at InfoWorld began investigating KB 2952664. The update was installed on a fresh Windows 7 SP1 x64 computer, after which a new program was found in the Windows Task Scheduler named DoScheduledTelemetryRun. You can look for it yourself in Task Scheduler Library>Microsoft>Windows>Application Experience, listed to run at 3:00am every day. The task it runs is %windir%\system32\rundll32.exe appraiser.dll,DoScheduledTelemetryRun, which is described as “Collects program telemetry information if opted-in to the Microsoft Customer Experience Improvement Program.” The program runs independent of whether opts in or out of Microsoft’s Customer Experience Improvement Program (CEIP).

Is this scheduled telemetry run secretly snooping on Windows 7 users, or is this suspicious-looking process more innocent than it seem? Until Microsoft clarifies the situation, we can’t be sure.

Thank you InfoWorld for providing us with this information.

Edward Snowden Can “Live” With Idea He Could Be Sent to Gitmo

Former NSA contractor Edward Snowden said he could live with himself if he returned to the United States and was sent to Guantanamo Bay.

Snowden said the comments during a recent interview with The Guardian, as the American security specialist becomes more vocal in media interviews and at conferences (via video).

The idea that Snowden believes in his action so much that he says it’d be worth Guantanamo Bay, supporters think he should be rewarded – and not punished – for his actions.

It seems unlikely Snowden could return back to the United States, which he wants to do one day, and receive a fair trial from the U.S. government.  Facing charges ranging from theft of government property to unauthorized communication of national defense information and willful communication of classified intelligence to unauthorized personnel, there is serious jail time waiting if found guilty.

Snowden was only granted asylum in Russia after his plans to head to Central or South America became difficult when the U.S. suspended his passport.

U.S. and British lawmakers largely have expressed anger towards Snowden and his actions, but trying to prosecute him might be difficult.  Russia is reportedly set to extend his visa so he can continue to live near Moscow, while the U.S. wants him to face charges.

However, there have been rumblings for security experts in the United States and UK to develop anti-surveillance technologies to prevent snooping.

Thank you to Vice News for providing us with this information

Image courtesy of NBC News

Edward Snowden Wants Hackers to Design Anti Surveillance Equipment

Edward Snowden, former NSA contractor now world known for whistleblowing about NSA snooping, has pleaded to hackers to start developing programs that can block out government access so they can’t spy or snoop without detection. In a video chat link Edward spoke about snooping and how it needs to be stopped or fought against with the help of hackers and people wanting to help others protect their identities online.

“You in this room, right now have both the means and the capability to improve the future by encoding our rights into programs and protocols by which we rely every day,” Snowden recently told the Hackers On Planet Earth (HOPE) attendees.
“That is what a lot of my future work is going to be involved in.”

A new service was also discussed at the event, SecureDrop. This will be a service that allows whistleblowers to leak information to the press to expose whatever secret spying illegal stuff is happening behind our backs. I’m all for this new service, what are your thoughts? Do we really want to know what else is happening out there?

Thanks to TweakTown for providing us with this information.

Image courtesy of TweakTown.

Investigation Started After EA Caught Spying Via Origin Client

EA representatives have begun an investigation after it was discovered that the Origin Client is file snooping. With privacy concerns being a hotter topic than ever before in light of scandals such as the NSA, this is a bad time for EA to be making such a mistake and it’s not like they’re winning over consumers with love and hugs recently, given that they’re loathed by many gamers for their business practices (although this much is true of a lot of games publishers).

A thread on Reddit discovered that the Origin software was snooping on users usage habits, when this was raised with EA they said that “they are trying to get to the bottom of this”, which is another way of saying “we are snooping, but we don’t know why”.

The screenshot below shows a record of what Origin is scanning, it’s a little garbled but Reddit loves a mystery and figured it’s using a ROT13 Cypher. A little decoding will reveal to you that Firefox, Chrome, iTunes, Foxit Reader, Torchlight, PCSX2 and a few other apps were logged by Origin. Why the hell are they watching our browsers and more importantly how much of these apps are they monitoring?

The seriousness of this allegation promoted an EA representative to leave the following statement:

“Thanks for bringing this to our attention. I’ve been working with our live operations team to fully investigate this issue. Origin is not spyware, and there should be no privacy snooping operations of any type. I hope we will be able to update you guys on the investigation soon, we’re gonna get to the bottom of this……Please message me any additional details or info that will help us investigate. We take claims like this very seriously.”

The terms of service for Origin do say:

EA collects non-personal information along with personal information when you actively provide it in the context of various online and mobile activities including online and mobile purchases, game registration and marketing surveys, for instance. In addition, we and other third parties use cookies and other technologies to passively collect non-personal demographic information, personalize your experience on our sites and monitor advertisements and other activities as described below.

The concern right now is just how much data and what those other technologies involve – how deep does the rabbit hole go, so to speak. Why are we not better informed and why is there no opt-out. In legal terms, EA will no doubt have covered their asses. After all, the ToS state that if you don’t want to use this technology, do not play. What will matter now is how EA handle the situation, as they could be on the brink of yet another PR disaster.

Thank you WCCFTech for providing us with this information.

Image courtesy of WCCFTech.

NSA Continues Targeting Tor, Snooping on Users Seeking Additional Anonymity

The NSA continues to target the Tor Web anonymizing service, leaving Internet users with a smaller number of ways to browse anonymously.  Recently, German broadcast company ARD said it believes the NSA is monitoring two Tor servers within German borders, tracking what users are tracking.

Recently released source code of the NSA’s XKeyscore, a high-level surveillance program, sends an alert when a user downloads Tor or the TAILS operating system – but only if they live overseas.  Tor bridge information transferred by email also is tracked, and the NSA can track offending IP address numbers later.

Here is what a spokesperson from the NSA told Ars Technica:

“XKeyscore is an analytic tool that is used as part of NSA’s lawful foreign signals intelligence collection system.  Such tools have stringent oversight and compliance mechanisms built in at several levels. All of NSA’s operations are conducted in strict accordance with the rule of law.”

The NSA – and other U.S. federal government branches – can more easily spy on international users legally, citing data that is bouncing around on foreign-based servers. However, German lawmakers are still upset that the government spied on German Chancellor Angela Merkel and other prominent politicians.

Prior to former NSA contractor Edward Snowden revealing NSA and GCHQ spying, many Web users relied on Tor for a more anonymous level of browsing.

Thank you to BBC for providing us with this information

Andy Coulson Found Guilty of Hacking Phones; Rebekah Brooks Acquitted

Former News of the World tabloid editor Andy Coulson was found guilty on one charge of conspiring to hack phones, accused of simply entering in passwords on mobile phones to listen to voice messages  The charge has a two-year maximum sentence.

Meanwhile, Rebekah Brooks, former Sun and News of the World newspaper editor, was acquitted alongside her husband and former staff members. Brooks was originally charged with conspiracy to hack phones, conspiracy to pervert the course of justice, and conspiracy to corrupt public officials.

Brooks’ husband, Charlie Brooks, avoided being found guilty for conspiracy to pervert the course of justice, accused of hiding a laptop from police authorities.

Once the best-selling newspapers in England, things unraveled after accusations that News of the World hacked voicemails of Milly Dowler, a 13-year-old girl murdered in 2002.

Meanwhile, here is what Boris Johnson, London Mayor, said regarding the case:

“Phone hacking was, and is, a disgraceful method of journalism, and it is right that the culprits should pay a heavy price for their behavior. The scandal gave way to one of the biggest police investigations in Scotland Yard’s history.”

The trial took eight months and reportedly cost upwards of £100 million, becoming one of the most expensive legal cases in British history.

Thank you to Telegraph for providing us with this information

Image courtesy of Huffington Post

Sobieski Vodka Banking on Edward Snowden’s Notoriety to Help Sell Vodka

Polish distiller Sobieski Vodka is using former NSA contractor Edward Snowden’s international notoriety in its latest marketing campaign.

Advertisements aimed at the United States has the following slogan: “Why Edward Snowden wishes he’d sought asylum in Poland.”

It’s a clever marketing effort by Sobieski, as Snowden is a recognizable name in the United States following outing organized NSA spying activities. The ads are showing up on billboards, bus stops, wallscapes, taxi ads, and other visible locations.

Imperial Brands imports Sobieski and is part of the company’s multi-million dollar marketing campaign that is ongoing.  Here is what Timo Sutinen, Imperial Brands Vice President of Marketing said in an interview with Food & Beverage Magazine:

“Sobieski proudly differentiates itself from the general lack of substance – whether in liquid or marketing campaigns – embraced by so many vodkas today. We offer a superior product at superior value and don’t need to generate appeal with contrived gimmicks. Because of that, we have a lot of fun sharing our point of view with the world, and this campaign is a great example.”

Snowden is currently living in Russia, after President Vladimir Putin granted him temporary asylum after fleeing the United States.

Thank you to Business Insider for providing us with this information

Image courtesy of imgur