[PRIVACY] About your privacy (and Motorola and AT&T and TapaTalk and ...) Beware!!

You could introduce yourself or share something interesting here, but any advertising post is not welcome.
Moderator: Forum Moderator

Microsoft and the NSA - the story continues

Postby NYLimited » Fri Jul 12, 2013 5:50 pm


Do you use Outlook? No, not the Microsoft Office component but rather the email service also named Outlook. Well, if you do, you might be interested in learning that Microsoft gave the National Security Agency access to its email, chat and cloud storage products as part of the infamous PRISM program. Yes, that includes SkyDrive and Skype, as well. This looks not so good.

The Guardian has published its update to the NSA-is-watching-you stories and cites top secret documents provided by Edward Snowden as proof that Microsoft has been in bed with spy agencies for years, despite directly denying involvement. Not talking a few stray emails here and there! Microsoft reportedly provided unencrypted access to Outlook.com and Hotmail email and chat accounts, SkyDrive cloud storage accounts and Skype video and audio calls. In other words, pretty much any communication that you might have made through a Microsoft product was being monitored by the NSA who then handed off the data to the FBI and CIA. Briefly, the article claims:

  • Microsoft helped the NSA to circumvent its encryption to address concerns that the agency would be unable to intercept web chats on the new Outlook.com portal;
  • The agency already had pre-encryption stage access to email on Outlook.com, including Hotmail;
  • The company worked with the FBI this year to allow the NSA easier access via Prism to its cloud storage service SkyDrive, which now has more than 250 million users worldwide;
  • Microsoft also worked with the FBI's Data Intercept Unit to "understand" potential issues with a feature in Outlook.com that allows users to create email aliases;
  • In July last year, nine months after Microsoft bought Skype, the NSA boasted that a new capability had tripled the amount of Skype video calls being collected through Prism;
  • Material collected through Prism is routinely shared with the FBI and CIA, with one NSA document describing the program as a "team sport".

You can read the original Guardian article here in entirety.

Cheers!
Image


MY DEVICES: show
  • LG-H901 (V10) - Stock, rooted, TWRP
  • Google Nexus 4 - Stock 5.1.1, Franco kernel, TWRP - Retired
  • Google Nexus 7 - 2012 3G model, Stock 5.1.1, Franco kernel, TWRP - Retired
  • HTC HD2 - Retired
  • HTC P4350 (TMO Wing) - Retired


User avatar
NYLimited
Forum Moderator
 
Posts: 395
Joined: Mon Jun 24, 2013 5:01 pm
Location: 40.75659° N 73.98626° W
Country: United States (us)
Has thanked: 128 times
Been thanked: 255 times

Advertisement
 

Re: Microsoft and the NSA - the story continues

Postby coohdeh » Fri Jul 12, 2013 6:22 pm

i close hotmail account long time now.
gmail i think is not good too :(

NYLimited wrote:Do you use Outlook? No, not the Microsoft Office component but rather the email service also named Outlook. Well, if you do, you might be interested in learning that Microsoft gave the National Security Agency access to its email, chat and cloud storage products as part of the infamous PRISM program. Yes, that includes SkyDrive and Skype, as well. This looks not so good.

The Guardian has published its update to the NSA-is-watching-you stories and cites top secret documents provided by Edward Snowden as proof that Microsoft has been in bed with spy agencies for years, despite directly denying involvement. Not talking a few stray emails here and there! Microsoft reportedly provided unencrypted access to Outlook.com and Hotmail email and chat accounts, SkyDrive cloud storage accounts and Skype video and audio calls. In other words, pretty much any communication that you might have made through a Microsoft product was being monitored by the NSA who then handed off the data to the FBI and CIA. Briefly, the article claims:

  • Microsoft helped the NSA to circumvent its encryption to address concerns that the agency would be unable to intercept web chats on the new Outlook.com portal;
  • The agency already had pre-encryption stage access to email on Outlook.com, including Hotmail;
  • The company worked with the FBI this year to allow the NSA easier access via Prism to its cloud storage service SkyDrive, which now has more than 250 million users worldwide;
  • Microsoft also worked with the FBI's Data Intercept Unit to "understand" potential issues with a feature in Outlook.com that allows users to create email aliases;
  • In July last year, nine months after Microsoft bought Skype, the NSA boasted that a new capability had tripled the amount of Skype video calls being collected through Prism;
  • Material collected through Prism is routinely shared with the FBI and CIA, with one NSA document describing the program as a "team sport".

You can read the original Guardian article here in entirety.
coohdeh
Junior Member
 
Posts: 13
Joined: Sun Jun 30, 2013 12:32 am
Has thanked: 41 times
Been thanked: 2 times

FAIRVIEW, the NSA's Plan to “Own the Internet”

Postby NYLimited » Sun Jul 14, 2013 8:24 am

At this point in time, everyone is properly upset about the National Security Agency's PRISM program and the seemingly endless surveillance it enabled. But guess what? It's not the only one.

Sprinkled in the NSA files leaked by Edward Snowden are some details about FAIRVIEW, a sort of international version of PRISM. Along with a program called BLARNEY and a couple other unnamed "upstream" data collection programs, FAIRVIEW is how the NSA gains access to the very optical cables that carry internet data from the United States to the rest of the world and vice versa. In effect, it's how the NSA can go directly to the source when trying to gather intelligence on what's flowing across American borders and through the 550,000 odd miles of cable twisted around the world.

Thomas Drake is a former NSA senior executive who pulled an Edward Snowden back in 2006 and revealed some of the agency's secrets. He was consequentially prosecuted under the Espionage Act, but that hasn't scared him away from talking to the press about the recent NSA revelations. FAIRVIEW, he says, is an umbrella program for upstream data collection that's not covered by PRISM. "Upstream means you get inside the system before it’s in the Internet—in its pure form," Drake told the Daily Dot recently. And about the name, "It's just a name," he said, "that at the highest level means to own the internet."

Read the complete article by Adam Clark Estes in Gizmodo.

Cheers!
Image


MY DEVICES: show
  • LG-H901 (V10) - Stock, rooted, TWRP
  • Google Nexus 4 - Stock 5.1.1, Franco kernel, TWRP - Retired
  • Google Nexus 7 - 2012 3G model, Stock 5.1.1, Franco kernel, TWRP - Retired
  • HTC HD2 - Retired
  • HTC P4350 (TMO Wing) - Retired


User avatar
NYLimited
Forum Moderator
 
Posts: 395
Joined: Mon Jun 24, 2013 5:01 pm
Location: 40.75659° N 73.98626° W
Country: United States (us)
Has thanked: 128 times
Been thanked: 255 times

Researchers hack Verizon device, turn it into mobile spy station

Postby NYLimited » Tue Jul 16, 2013 6:31 am

NEW YORK, July 15 (Reuters) - Two security experts said they have figured out how to spy on Verizon Wireless mobile phone customers by hacking into devices the U.S. carrier sells to boost wireless signals indoors.

The finding, which the experts demonstrated to Reuters and will further detail at two hacking conferences this summer, comes at a time of intense global debate about electronic privacy, after top-secret U.S. surveillance programs were leaked by a former National Security Agency contractor, Edward Snowden, last month.

"This is not about how the NSA would attack ordinary people. This is about how ordinary people would attack ordinary people," said Tom Ritter, a senior consultant with the security firm iSEC Partners.

Verizon said it has updated the software on its signal-boosting devices, known as femtocells or network extenders, to prevent hackers from copying the technique of the two experts.

But Ritter said motivated hackers can still find other ways to hack the femtocells of Verizon, as well as those offered by some 30 carriers worldwide to their customers.

Femtocells, which act as tiny cellphone towers, can be purchased directly from Verizon for $250. Used models can be obtained online for about $150.

Ritter and his colleague, Doug DePerry, demonstrated for Reuters how they can eavesdrop on text messages, photos and phone calls made with an Android phone and an iPhone by using a Verizon femtocell that they had previously hacked.

They declined to disclose how they had modified the software on the device, saying they do not want to make it any easier for criminals to figure out similar ways to hack femtocells.

The two said they plan to give more elaborate demonstrations two weeks from now at the Black Hat and Def Con hacking conferences in Las Vegas. More than 15,000 security professionals and hackers are expected to attend those conferences, which feature talks on newly found bugs in communications systems, smart TVs, mobile devices and computers that run facilities from factories to oil rigs.

Verizon Wireless released a Linux software update in March that prevents its network extenders from being compromised in the manner reported by Ritter and DePerry, according to company spokesman David Samberg.

"The Verizon Wireless Network Extender remains a very secure and effective solution for our customers," Samberg said in a statement. He said there have been no reports of customers being impacted by the bug that the researchers had identified. The company is a joint venture between Verizon Communications Inc and Vodafone Group Plc.

Samberg said his company uses an internal security team as well as outside firms to look for vulnerabilities in the devices it sells, before and after they are released.

Still, the two researchers said they are able to use the hacked femtocell to spy on Verizon phones even after Verizon released that update because they had modified the device before the company pushed out the software fix.

The researchers built their "proof of concept" system that they will demonstrate in Las Vegas with femtocells manufactured by Samsung Electronics Co and a $50 antenna from Wilson Electronics Inc.

They said that with a little more work, they could have weaponized it for stealth attacks by packaging all equipment needed for a surveillance operation into a backpack that could be dropped near a target they wanted to monitor.

For example, a group interested in potential mergers might place such a backpack in Manhattan restaurants frequented by investment bankers. Verizon's website said the device has a 40-foot range, but the researchers believe that could be expanded by adding specialized antennas.

The iSEC researchers are not the first to warn of vulnerabilities in femtocells, but claim to be the first to hack the femtocells of a U.S. carrier and also the first running on a wireless standard known as CDMA.

Other hacking experts have previously uncovered security bugs in femtocells used by carriers in Europe.

CTIA, a wireless industry group based in Washington, in February released a report that identified femtocells as a potential point of attack.

John Marinho, CTIA's vice president for cybersecurity and Technology, said that the group is more concerned about other potential cyber threats, such as malicious apps. He is not aware of any case where attacks were launched via femtocells.

Still, he said, the industry is monitoring the issue: "Threats change every day."


Article written by Jim Finkle, published by Reuters US Edition.

Cheers!
Image


MY DEVICES: show
  • LG-H901 (V10) - Stock, rooted, TWRP
  • Google Nexus 4 - Stock 5.1.1, Franco kernel, TWRP - Retired
  • Google Nexus 7 - 2012 3G model, Stock 5.1.1, Franco kernel, TWRP - Retired
  • HTC HD2 - Retired
  • HTC P4350 (TMO Wing) - Retired


User avatar
NYLimited
Forum Moderator
 
Posts: 395
Joined: Mon Jun 24, 2013 5:01 pm
Location: 40.75659° N 73.98626° W
Country: United States (us)
Has thanked: 128 times
Been thanked: 255 times

Re: [PRIVACY] About your privacy and Motorola and AT&T and ... Beware!

Postby Tom » Mon Jul 22, 2013 7:53 pm

Smartphones reveal shoppers’ movements.

http://www.economist.com/blogs/economis ... xplains-13

There are two absolutely effective ways to prevent such tracking: turn off Wi-Fi and Bluetooth on your devices, or turn them off altogether.

Cheers
Tom

My Note 2 to you
Tom
Junior Member
 
Posts: 22
Joined: Tue Jun 25, 2013 10:30 pm
Country: United Kingdom (uk)
Has thanked: 128 times
Been thanked: 24 times

Re: Et tu Tapatalk?

Postby NYLimited » Tue Jul 23, 2013 11:29 pm

@MarkAtHome

You were right! Whenever an external link is clicked in tapatalk your browser is sent to "link.tapatalk.com" first which will redirect to your destination!

Why?? Are they recording every link people visit? We pay for this intrusion into our privacy?

Anyone have a good explanation?



---
Which is worse: ignorance or apathy? Who knows? Who cares?

Cheers!
Image


MY DEVICES: show
  • LG-H901 (V10) - Stock, rooted, TWRP
  • Google Nexus 4 - Stock 5.1.1, Franco kernel, TWRP - Retired
  • Google Nexus 7 - 2012 3G model, Stock 5.1.1, Franco kernel, TWRP - Retired
  • HTC HD2 - Retired
  • HTC P4350 (TMO Wing) - Retired


User avatar
NYLimited
Forum Moderator
 
Posts: 395
Joined: Mon Jun 24, 2013 5:01 pm
Location: 40.75659° N 73.98626° W
Country: United States (us)
Has thanked: 128 times
Been thanked: 255 times

Re: Et tu Tapatalk?

Postby MarkAtHome » Wed Jul 24, 2013 4:31 am

NYLimited wrote:@MarkAtHome

You were right! Whenever an external link is clicked in tapatalk your browser is sent to "link.tapatalk.com" first which will redirect to your destination!

Why?? Are they recording every link people visit? We pay for this intrusion into our privacy?

Anyone have a good explanation?

Did you notice whether this happens with XDA Premium(/HD)? I only see it with Tapatalk. XDA has their ear, so maybe if you were to repost in the RC forum... ;)
Image
User avatar
MarkAtHome
Forum Moderator
 
Posts: 97
Joined: Mon Jun 24, 2013 10:17 pm
Has thanked: 60 times
Been thanked: 65 times

Re: [PRIVACY] About your privacy and Motorola and AT&T and ... Beware!

Postby NYLimited » Wed Jul 24, 2013 4:58 am

MarkAtHome wrote: Did you notice whether this happens with XDA Premium(/HD)? I only see it with Tapatalk. XDA has their ear, so maybe if you were to repost in the RC forum... ;)


Didn't check the xda app. I used tapatalk HD and you used the standard one.

I doubt xda has influence with quord. They just pay for a special version which ah nylons can do (with enough money).


---
Which is worse: ignorance or apathy? Who knows? Who cares?

Cheers!
Image


MY DEVICES: show
  • LG-H901 (V10) - Stock, rooted, TWRP
  • Google Nexus 4 - Stock 5.1.1, Franco kernel, TWRP - Retired
  • Google Nexus 7 - 2012 3G model, Stock 5.1.1, Franco kernel, TWRP - Retired
  • HTC HD2 - Retired
  • HTC P4350 (TMO Wing) - Retired


User avatar
NYLimited
Forum Moderator
 
Posts: 395
Joined: Mon Jun 24, 2013 5:01 pm
Location: 40.75659° N 73.98626° W
Country: United States (us)
Has thanked: 128 times
Been thanked: 255 times

Re: Et tu Tapatalk?

Postby NYLimited » Wed Jul 24, 2013 9:10 pm

I posted this a little while ago on XDA also:


Are you one of the many Tapatalk users? Tapatalk for Android? Tapatalk HD? iPhone? If you are you need to read this!

According to their web site "Tapatalk is an award winning app for internet communities with lot of features. Whether it is the hassle-free photo sharing, instant push notification or advanced features such as discussion moderation, there are a lot to love Tapatalk"

Okay, so here you are reading your favorite forum and someone mentions an app in a post that sounds pretty interesting. Hey, they included a link so you can easily check it out - nice!

You click on the link and your browser opens taking you to the referenced page.


WAIT! PAY ATTENTION!

Image


Tapatalk is NOT sending you to the URL listed in the post! Unless my eyes are really off they are sending all my clicks to "link.tapatalk.com/..." which, in turn, will redirect me to the actual link I wanted.

===> If this post ends here you are using Tapatalk!
===> Use a browser to read the rest!

HINT: show
In case you are curious and want to go to that link on your own without the proper syntax (which you can get from clicking on a live url in Tapatalk) don't bother - you will only see:
Code: Select all
<Error>
<Code>AccessDenied</Code>
<Message>Access Denied</Message>
<RequestId>A423817C1BE3AB6F</RequestId>
<HostId>
DV2p8qnfHAILpKTZckNATcxH3hKkB0eX4KAUjWfGsEd/Qq+gs60frXbY1a/ZYIEH
</HostId>
</Error>

Since the app can obviously load the browser with a target address (their own) they could just as easily load it with the correct final destination address, right? So, why are they sending everyone to their own server first?

I asked this question on their own forum but the good folks from Quoord Systems Limited did not bother to answer the query. Are they collecting all the links we all use? I do not really know (nor do you, I bet!) Do they associate the link with a user profile? They surely could, especially if you have a Tapatalk account which saves your app settings. Of course, even if you never created this account they can easily associate your requests with the originating IP number (unless you are using something like Tor). Looks to me like they are saving a lot of info on everyone.

I would be very curious to find out what they do with this information and, regardless of that answer why they are doing it! More importantly, I would love to have a little switch that disables this wonderful spy feature!

What do you think, Tapatalk users?

Cheers!
Image


MY DEVICES: show
  • LG-H901 (V10) - Stock, rooted, TWRP
  • Google Nexus 4 - Stock 5.1.1, Franco kernel, TWRP - Retired
  • Google Nexus 7 - 2012 3G model, Stock 5.1.1, Franco kernel, TWRP - Retired
  • HTC HD2 - Retired
  • HTC P4350 (TMO Wing) - Retired


User avatar
NYLimited
Forum Moderator
 
Posts: 395
Joined: Mon Jun 24, 2013 5:01 pm
Location: 40.75659° N 73.98626° W
Country: United States (us)
Has thanked: 128 times
Been thanked: 255 times

Re: [PRIVACY] About your privacy (and Motorola and AT&T and TapaTalk and ...) Beware!!

Postby donblazello » Thu Jul 25, 2013 10:25 pm

Don't think it's connected with privacy violation. It's rather look as collecting statistics and/or making money via redirecting traffic (you now, traffic redirected from tapatalk to site may give tapatalk some revenue from site owner/advertiser).
If I helped please hit "Thanks" button.
[GUIDE] How to install Android on HTC HD2/LEO [aMagldr / Black LK]


HTC HD2 | HSPL4 3.03 | RADIO 2.15.50.14 | BOOTLOADER CLK 1.5.2.1 | RECOVERY TWRP Extended v2.6.1.2 | ROM NexusHD2-JellyBean-4.2.2-CM10/1/2 V2.6 NativeSD
Nokia Lumia 820
User avatar
donblazello
Junior Member
 
Posts: 17
Joined: Wed Jul 10, 2013 9:10 pm
Country: Poland (pl)
Has thanked: 14 times
Been thanked: 12 times

PreviousNext

Return to Off Topic Discussion

Who is online

Users browsing this forum: No registered users and 0 guests