The new Windows 10 Preview contains an elaborate keylogging system that "you agree to use" when you install it, says Microsoft.
Buried deep in the terms and conditions and privacy statements you agree to have Microsoft monitor your behavior to "improve the Windows experience". Microsoft is doing extensive logging of behavior in the Windows 10 preview and it frequently "phones home" to report your behavior. It records data such as SMS and MMS texts, keystrokes, contact lists, application usage, how long the OS takes to respond to commands, installed programs, file and media access and usage, and more.
With Windows 10 logging your keystrokes and sending off the data to who-knows-where, I would not do any signing in to critical services or any banking on your Windows 10 preview device.
If you want to use the Windows 10 preview and are concerned about privacy, unplug your modem whenever you are using it, and manually disable any Wii/cellular connections.> read more
Der Spiegel has revealed new information on yet another attack on German networks.
They reported last year on the infiltration of Cetel, Stellar, and IABG, three German satellite telecoms that were attacked and successfully placed under surveillance.
The new revelation comes from documentation about the GCHQ program "Treasure Map", which refers to a large scale system to map and monitor the networks of the entire internet in "near real time". In the documents, some targets are listed as already under surveillance, indicating that the NSA has already attacked and compromised those networks. The two new companies are Deutsche Telekom and Netcologne. Netcologne is a small regional ISP and transit network provider. Deutsche Telekom is a large worldwide data services provider and partially (~30%) owned by the German government.
New information has surfaced about how Yahoo was roped into complying with mass surveillance programs. In the past Yahoo has characterized themselves as champions of privacy, saying that they tried to legally fight Prism and other surveillance programs in secret court.
The new evidence presented by the Guardian supports the claim that Yahoo actually fought mass-surveillance and felt that the court orders that it has received were overly broad, and not legal due to a failure to go through the correct channels to get the orders authorized to be executed.
They challenged the US government in a secret court known as FISC (the Foreign Intelligence Surveillance Court). Since the Snowden revelations, Yahoo has been fighting legally to get the details of the FISC decision made public record, so the public will be able to see the arguments made and how the final decision shook out. Yahoo lost the court fight, and a subsequent appeal.> read more
A large-scale internet protest is going on today to raise awareness about the FCC's proposal to cut net neutrality regulations and allow internet service providers in the US to discriminate on traffic.
If you are unfamiliar with the Net Neutrality debate, John Oliver did an excellent piece on it here.
The protest is designed to show loading bars and banners designed to remind people that their content would still be loading if the ISPs are allowed to make traffic slower for all websites except for the ones that can pay a huge premium to be allowed faster service.
You can read a Reddit AMA (ask me anything) about the protest and what it stands for here.
The central site for the protest is Battleforthenet.com
Sites joining the protest include AVG (antivirus), Reddit, Imgur, Grooveshark, Wordpress, Vevo, and hundres more!
A court case about the sovereignty of data for American companies operating abroad will have a large impact on the tech industry worldwide. Microsoft is currently fighting a court battle over whether American companies operating abroad can have their data seized by the US government.
The problem is that Microsoft has had data demanded from the US government that resides on servers in Ireland. Microsoft is bound by EU data protection and privacy laws to not release this information. The US government argues that because the data resides on servers owned by an American company it doesn't matter where the data resides, it has a right to seize any data the legal system demands.
We have heard previous reports of the CIA spying on the Senate Committee that was tasked with overseeing it before, but more information has come to light in the scandal. Senator Dianne Feinstein revealed weeks ago that the CIA had tampered with evidence related to the CIA's torture programs.
New evidence has come to light about the scandal. It has been revealed that not only did they attempt to destroy evidence, but they also continued their efforts to destroy evidence after they were caught initially, and agents lied under oath about their activities.
You can read more about it at: https://www.techdirt.com/articles/20140731/18065928080/cia-spying-senate-went-much-further-than-originally-reported.shtml
> read more
The Washington Post has released a new article discussing the woes of the FBI due to the rise in use of end-to-end encryption and anonymous zero knowledge network services.
In the article, the FBI complains that their lack of surveillance capability is interfering with their ability to arbitrarily wiretap targets on new services that are not required by law to have wiretap capabilities built into them. They complain that "hundreds" of investigations have been "interfered with" because wiretap orders were not followed through with.
This is a poor argument to come to the table with. They want to violate the security and privacy of everyone on earth in order to secure extra evidence in "hundreds" of investigations. They even play the child pornography card to try to trump up an emotional response, as if allowing them to surveil the entire planet would end child pornography, or if someone is opposed to total surveillance, they are in favor of the exploitation of children. It is a weak ploy for a group that has no real argument in favor of their position.> read more
Author Srikrishna Sekhar on medium.com has posted an excellent page that discusses why privacy is so important in the simplest terms possible.
Whenever you hear the argument "i have nothing to hide, so I don't care if i'm being watched" refer that person to this page to give them a good idea on why mass surveillance is bad.> read more
Google is hiring a full-time team of security researchers to find flaws in the most widely used software on the internet. The team is going to comb through all kinds of widely used software to look for flaws and then disclose the flaws to the people responsible for publishing the software.
The project is hopefully designed to thwart organized crime and advanced persistent threats (like the NSA, GCHQ and other clandestine agencies) in their tracks by making the worlds software stronger and more resistant to easy attack. This project would have two major benefits. Firstly, it will make the software of the world safer, and secondly, it will restore confidence in the software that Project Zero has looked at.