Sunday, 5 October 2008

Skype Messages Monitored In China

Once more, Slashdot reports:
"Human-rights activists have discovered a huge surveillance system in China that monitors and archives Internet text conversations sent by customers of Tom-Skype, a joint venture between a Chinese wireless operator and eBay. Researchers say the system monitors a list of politically charged words that includes words related to the religious group Falun Gong, Taiwan independence, the Chinese Communist Party and also words like democracy, earthquake and milk powder. The encrypted list of words inside the Tom-Skype software blocks the transmission of these words and records personal information about the customers who send the messages. Researchers say their discovery contradicts a public statement made by Skype executives in 2006 that 'full end-to-end security is preserved and there is no compromise of people's privacy.' The Chinese government is not alone in its Internet surveillance efforts. In 2005, The New York Times reported that the National Security Agency was monitoring large volumes of telephone and Internet communications flowing into and out of the United States as part of an eavesdropping program that President Bush approved after the Sept. 11 attacks. 'This is the worst nightmares of the conspiracy theorists around surveillance coming true,' says Ronald J. Deibert, an associate professor of political science at the University of Toronto. 'It's "X-Files" without the aliens.'"

And Skype features a encrypted messaging system? And shows you a little lock at the bottom of each chat window!

Tuesday, 9 September 2008

Your mobile phone: the spy who you loved

I found this link on Slashdot. The article on CNet is quite scary.
Quote:
[...] private companies now sell off-the-shelf data-mining solutions to government spies interested in analyzing mobile-phone calling records and real-time location information. These companies include ThorpeGlen, VASTech, Kommlabs, and Aqsacom--all of which sell "passive probing" data-mining services to governments around the world.
According to the screenshot on the web page, you can with this software obtain the following information about any user:
  • physical location, tracking a person's move
  • email addresses he uses
  • call fingerprinting: you can follow the user even if he uses multiple SIMs and handsets
Read more if you want to have a look at the potential abuses that these technologies raises.

Friday, 5 September 2008

UK ISPs To Hand Over Thousands of File Sharers' Data

Slashdot reports:
"US game developer Topware Interactive, the people behind the now infamous Dream Pinball affair, are about to turn up the heat. Operating through London lawyers Davenport Lyons, they have managed to convince the High Court to send out an order demanding that ISPs in the UK start to hand over the details of several thousand alleged pirates... BT, one of the UK's largest ISPs..., confirmed it had been ordered to hand over details of alleged copyright infringing file-sharers... Virgin Media was a little more slippery in its response but reading between the lines it seems obvious they are involved too."

Wednesday, 27 August 2008

The Internet's Biggest Security Hole Revealed

Slashdot runs the following story:
At DEFCON, Tony Kapela and Alex Pilosov demonstrated a drastic weakness in the Internet's infrastructure that had long been rumored, but wasn't believed practical. They showed how to hijack BGP (the border gateway protocol) in order to eavesdrop on Net traffic in a way that wouldn't be simple to detect. Quoting: "'It's at least as big an issue as the DNS issue, if not bigger,' said Peiter 'Mudge' Zatko, noted computer security expert and former member of the L0pht hacking group, who testified to Congress in 1998 that he could bring down the internet in 30 minutes using a similar BGP attack, and disclosed privately to government agents how BGP could also be exploited to eavesdrop. 'I went around screaming my head about this about ten or twelve years ago... We described this to intelligence agencies and to the National Security Council, in detail.' The man-in-the-middle attack exploits BGP to fool routers into re-directing data to an eavesdropper's network."
Note that the US Government knows since 1998 how to eavesdrop without being noticed.

Thursday, 14 August 2008

UK Gov't Proposes Massive Internet Snooping, Data Storage

Slashdoted story on PC Pro UK:
The Government will store "a billion incidents of data exchange a day" as details of every text, email and browsing session in the UK are recorded under new proposals published yesterday.

The information will be made available to police forces in order to crack down on serious crime, but will also be accessible by local councils, health authorities and even Ofsted and the Post Office.

Tuesday, 5 August 2008

Information is "imported" can now be intercepted without a warrant

Shameless copy paste from http://www.cs.columbia.edu/~smb/blog/2008-07/2008-07-10.html

FISA and Border Searches of Laptops
10 July 2008

There's been a lot of attention paid recently to the issue of laptop searches at borders, including a congressional hearing and a New York Times editorial. I've seen articles with advice on how to protect your data under such circumstances; generally speaking, the advice boils down to "delete what you can, encrypt the rest, hope that Customs officials don't compel production of your key, and securely clean up the deleted files". If you need sensitive information while you're traveling, the usual suggestion is to download it over a secure connection, per the EFF:

Another option is to bring a clean laptop and get the information you need over the internet once you arrive at your destination, send your work product back, and then delete the data before returning to the United States. Historically, the Foreign Intelligence Surveillance Act (FISA) generally prohibited warrantless interception of this information exchange. However, the Protect America Act amended FISA so that surveillance of people reasonably believed to be located outside the United States no longer requires a warrant. Your email or telnet session can now be intercepted without a warrant. If all you are concerned about is keeping border agents from rummaging through your revealing vacation photos, you may not care. If you are dealing with trade secrets or confidential client data, an encrypted VPN is a better solution.

But is it?

When a laptop is searched, the customs agents are not looking for drugs embedded in the batteries or for whether or not the connectors have too much gold on the contacts. Rather, they're looking for information.

In that sense, it would seem to make little difference if the information is "imported" into the US via a physical laptop or via a VPN, or for that matter by a web connection. The right to search a laptop for information, then, is equivalent to the right to tap any and all international connections, without a warrant or probable cause. (More precisely, one always has a constitutional protection against "unreasonable" search and seizure; the issue is what the definition of "unreasonable" is.)

Sunday, 20 July 2008

Secret Bilderberg Agenda to Microchip Americans Leaked

The Strategy reports:
microchip you in name of fighting terrorism

By Paul Joseph Watson

Sources from inside the 2008 Bilderberg meeting have leaked the details of what elitists were discussing in Chantilly Virginia last week and the talking points were ominous - a plan to microchip Americans under the pretext of fighting terrorist groups which will be identified as blonde haired, blue eyed westerners.

Veteran Bilderberg sleuth Jim Tucker relies on sources who regularly attend Bilderberg as aides and assistants but who are not Bilderberg members themselves. The information they provided this year is bone-chilling for those who have tracked the development of the plan to make the general public consider implanted microchips as a convenience as routine as credit cards.

"Under the heading of resisting terrorism there were points made about how the terrorist organizations are recruiting people who do not look like terrorists - blonde, blue eyed boys - they're searching hard for those types to become the new mad bombers," said Tucker.


Friday, 4 July 2008

Lost or stolen laptops and your privacy

I just saw this story on Slashdot:
Apparently companies are even worse about losing our data than we suspected. From the article:'According to a study of 106 major U.S. airports and 800 business travelers published by the Ponemon Institute and Dell Computer, about 12,000 laptops are lost in airports each week. Only 30 percent of travelers ever recover the lost devices. Nearly half of the travelers say their laptops contain customer data or confidential business information.'

Thursday, 3 July 2008

Judge Orders YouTube to Give All User Histories to Viacom

Wired is reporting that:

Google will have to turn over every record of every video watched by YouTube users, including users' names and IP addresses, to Viacom, which is suing Google for allowing clips of its copyright videos to appear on YouTube, a judge ruled Wednesday.
[...]

Although Google argued that turning over the data would invade its users' privacy, the judge's ruling (.pdf) described that argument as "speculative" and ordered Google to turn over the logs on a set of four tera-byte hard drives.

The judge also turned Google's own defense of its data retention policies -- that IP addresses of computers aren't personally revealing in and of themselves, against it to justify the log dump.

The Electronic Frontier Foundation has already reacted, calling the order a violation of the Video Privacy Protection act that "threatens to expose deeply private information."

The order also requires Google to turn over copies of all videos that it has taken down for any reason.

Sunday, 29 June 2008

FBI's all-seeing database project

“By refusing to answer even the most basic questions about this program, the Department of Justice has given us little choice. In fact, we’re only doing what they told us to do,” said Congressman Brad Miller in a statement. “The Department of Justice... said that if Congress didn’t like what they were doing, we could pull their funding. Well, that’s what we’ve done... Until an agency can provide reasonable explanations, and assurances that our citizens’ privacy won’t be violated, it would be irresponsible to give the Department of Justice this large increase in funds. ”

An FBI project, known as the National Security Analysis Center (NSAC), is supposed to bring together "hundreds of millions of electronic records created or collected by the FBI and other government agencies," ABC News notes. The idea is to use that "vast ocean of data to 'predict' who might be a potential terrorist, in the absence of intelligence linking the man or woman to any radical or extremist group."

sources:
the inquirer
wired

Sunday, 22 June 2008

Sweden approved highly controversial wiretapping law

Many web sites report the wiretapping law passed in Sweden.

DSLreport:
The Parliament in Sweden has passed an extensive wiretapping law allowing the government to monitor all telephone and email contact that occurs within the country’s borders without requiring any sort of warrant. The controversial law raised protests from journalists, lawyers and liberal political parties. Sweden insists that the law, which will become active in January, is designed for the sole purpose of protecting national security and reducing the threat of terrorism. This has caused major companies like Google to say that the eavesdropping plan makes Sweden the European country most comparable to the U.S. in its allowance of the government to infringe upon citizen's privacy.


BBC News:
Sweden's parliament has approved controversial new laws allowing authorities to spy on cross-border e-mail and telephone traffic.
The country's intelligence bureau will be able to scan international calls, faxes and e-mails.
The measure was passed by a narrow majority after a heated debate in the Stockholm parliament.
Critics say it threatens civil liberties and represents Europe's most far-reaching eavesdropping plan.

Saturday, 21 June 2008

Christopher Dodd’s 630-page Senate housing legislation hidden gem

I am simply copy-pasting Mr Mortgage's post here, as the news must get out there and what is happening in this non-democracy that is the US is just outrageous:

This just in, found by a TickerForum memeber… www.FreedomWorks.org says that “Senate Housing Bill Requires eBay, Amazon, Google, and all Credit Card companies to Report Transactions to the Government”.

“Washington, DC - Hidden deep in Senator Christopher Dodd’s 630-page Senate housing legislation is a sweeping provision that affects the privacy and operation of nearly all of America’s small businesses. The provision, which was added by the bill’s managers without debate this week, would require the nation’s payment systems to track, aggregate, and report information on nearly every electronic transaction to the federal government.

FreedomWorks Chairman Dick Armey commented: “This is a provision with astonishing reach, and it was slipped into the bill just this week. Not only does it affect nearly every credit card transaction in America, such as Visa, MasterCard, Discover, and American Express, but the bill specifically targets payment systems like eBay’s PayPal, Amazon, and Google Checkout that are used by many small online businesses. The privacy implications for America’s small businesses are breathtaking.”