Posts tagged microsoft
Richard Stallman: “Facebook is a Monstrous Surveillance Engine”
If you want to have the possibility of some privacy someday, you’d better join the fight now, because now a bunch of other people are joining the fight. Now is the moment when you can make a difference. If you wait until the day you wish you had some privacy and only then try to do something…well, that day you will be one of a few people doing it and that won’t be enough. You’ve got to help make a critical mass when other people are doing it – and that’s now.
We call Windows 8.1 ‘Windows PRISM Edition’ because it’s designed to require people to send data to Microsoft servers, and of course, Microsoft will hand over any of that data to the US government on request. It puts the users in PRISM.
- Richard Stallman in the interview embedded below
If you don’t know who Richard Stallman, aka RMS is, it’s time to to get up to speed. I can’t think of a better way to do that than by watching the video interview below. He starts off explaining why he doesn’t own a mobile phone (it can continue to listen to you even when it’s turned off), and then goes on to answer almost every technology question imaginable to a layperson. Definitely worth the time.
MSNBC ‘Dear Snowden’ Distraction
Published by breakingtheset
Abby Martin calls out MSNBC’s Melissa Harris-Perry for choosing to focus on Edward Snowden’s international escapades rather than focusing on the more relevant issue of NSA spying.
Hillary’s Lucrative Lecture Circuit
Published by NextNewsNetwork
CHICAGO — Since stepping down as Secretary of State, Hillary Clinton has pulled down huge honoraria to give speeches before industry groups. Last month, she returned to her native Chicago to address 15,000 human resource professionals on the subject of immigration reform and Obamacare and how policy changes regarding those issues would affect their industry.
This report also includes…
NEW YORK — Pop Phenom Justin Bieber called Bill Clinton to apologize for a bizarre incident in which the singer was videotaped spraying cleaning fluid on a photo of Clinton and hurling an epithet commonly called the “F-word” at the absent former President. That gesture came after Bieber urinated in a restaurant mop bucket.
LORETTO, Pennsylvania — John Kiriakou, the former CIA counter-terrorism operative who was imprisoned in retaliation for exposing the Bush administration’s illegal torture program, has some advice for fellow whistleblower Edward Snowden: Do not trust the FBI.
CAIRO — A huge and growing divide can be seen in Egypt’s increasingly bloody political upheaval, but both sides agree on one thing: They despise Barack Obama and his administration.
SILICON VALLEY — The Guardian of London reports that Microsoft gave the NSA the ability to circumvent its own encryption protocols. Documents provided to the paper by Edward Snowden reveal that Microsoft also worked with the FBI earlier this year to provide the NSA with easy access to its cloud storage service SkyDrive, which now has more than 250 million users worldwide.
WHICH INTERNET COMPANY HASN’T GIVEN THE U.S. GOVERNMENT ITS RECORDS?
NEW YORK: Outraged Internet users searching for an alternative to the privacy-busting companies they’d trusted are turning to a company that provides what it calls, “the world’s most private search engines.”
StartPage and its sister search engine Ixquick were launched in 2006 to staunchly defend their users’ privacy and civil liberties. StartPage provides a private portal to Google results, while Ixquick provides private results from other search engines.
The services have not participated in PRISM, nor have they ever provided user data to the U.S. government or to any other government or agency in the U.S. or anywhere in the world.
That is more than nine of the biggest Internet companies — Apple, Google, Microsoft, Yahoo, Facebook, YouTube, PalTalk, AOL and Skype — can say.
“The Privacy of our users rests on three important foundations,” explains StartPage and Ixquick CEO Robert Beens. “We are based in the Netherlands, we use encrypted connections, and — most importantly — we don’t store or share any of our users’ personal search data.”
- No User Data Stored: StartPage and Ixquick never store user data, including IP addresses and search queries, so government agencies have no incentive to ask for these. This privacy is so complete; the company doesn’t even know who its customers are, so it can’t share anything with Big Brother.
- Encrypted (HTTPS) Connections: StartPage and Ixquick were the first search engines to use automatic encryption on all connections to prevent snooping. When searches are encrypted, third parties like ISP’s and the NSA can’t avesdrop on Internet connections to see what people are searching for.
- Not Under U.S. Jurisdiction: StartPage and Ixquick are based in the Netherlands, so they are not directly subject to U.S. regulations, warrants, or court orders. They can’t be forced to participate in spying programs like PRISM. The company has never turned over a single bit of user data to any government entity in the 14 years it has been in business, which is not surprising since there is no data in the first place.
StartPage and Ixquick are also the only search engines whose privacy practices have been independently verified and third-party certified through the European Union’s Privacy Seal program.
“Unfortunately, it takes a scandal like PRISM to wake people up to the erosion of privacy”, says Harvard-trained privacy expert Dr. Katherine Albrecht, who helped develop StartPage. “As people get fed up with being spied on, they look for alternatives. We already serve nearly 3 million private searches each day, and we expect that number to grow as people seek shelter from search engines that store and share their private information.”
The company will expand its privacy services this summer with the addition of a new private email product called StartMail. StartMail will offer a paid, private email platform with strong encryption. Anyone interested in beta testing the program on its release can sign up at www.StartMail.com
My choice since mid 2009, thanks to Katherine Albrecht.
Second NSA PRISM Spy Leak Shows Govt, Tech Companies Are Lying to You
A second leaked slide from the NSA’s top secret PRISM operation details how the NSA actually goes straight to the servers of top tech companies like Skype and Google in order to compile your personal chats and information — exactly what the U.S. Director of National Intelligence and major corporations said wasn’t happening in statements made yesterday.
Quite frankly, it looks like The Guardian has absolutely side swiped the Director of National Intelligence James R. Clapper, Facebook, Skype, Google, and a host of others who denied that the NSA PRISM program was directly tied into the tech company servers. More specifically, there was heavy denial in regards to how the NSA spy program actually worked, which is actually now detailed on the second slide. A slide that, at the time of writing this, has not even hit the front of Drudge or other sources. Here is the slide from the top secret PRISM project, which utilizes the top tech companies in order to watch and hold every letter you type through their services:
Image added to original post.
To say that the FBI had its work cut out for it after 9/11 is an understatement. As part of its anti-terrorism efforts, the agency cozied up to telecom companies, like Verizon and AT&T. The relationship was so tight that some telecom employees actually had offices at the FBI.
By Lois Beckett
Microsoft and Yahoo are selling political campaigns the ability to target voters online with tailored ads using names, Zip codes and other registration information that users provide when they sign up for free email and other services.
The Web giants provide users no notification that their information is being used for political targeting.
In one sense, campaigns are doing a more sophisticated version of what they’ve always done through the post office — sending political fliers to selected households. But the Internet allows for more subtle targeting. It relies not on email but on advertisements that surfers may not realize have been customized for them.
Campaigns use voters records to assemble lists of people they’re trying to reach — for instance, “registered Republicans that have made a donation,” Yahoo’s director of sales Andy Cotten told ProPublica. Microsoft and Yahoo help campaigns find these people online and then send them tailored ads.
These messages don’t just pop up in Yahoo Mail or Hotmail. Because Microsoft and Yahoo operate huge networks that provide advertising on some of the most popular web destinations, targeted ads can appear when a voter visits a swath of different sites.
Microsoft and Yahoo said they safeguard the privacy of their users and do not share their users’ personal information directly with the campaigns. Both companies also said they do not see the campaigns’ political data, because the match of voter names and registration data is done by a third company. They say the matching is done to target groups of similar voters, and not named individuals.
According to Microsoft, President Obama’s re-election campaign has recently done this kind of targeting, and both national political parties have done so previously.
The marketing site ClickZ, the Wall Street Journal, Slate and others have previously noted the ability of campaigns to target online ads to specific groups of voters. But what has not been detailed is which companies are now making the targeting possible by providing users’ personal information — and which have decided it’s off-limits.
Gmail accounts targeted by ‘state-sponsored attackers’ using Internet Explorer zero-day vulnerability0
(NAKED SECURITY) Both Google and Microsoft have put out alerts about an un-patched, zero-day hole in Internet Explorer that didn’t get fixed on Patch Tuesday and is actively being exploited in the wild.
Neither Google nor Microsoft referred to those state attackers in their respective security warnings. ZDNet attributed that particular detail to a source it said was “close to these investigations”.
This source confirmed to ZDNet that the attacks motivated Google to warn Gmail users last week about the attackers.
As ZDNet pointed out, Gmail users have been reporting on Twitter that they’ve been hit by the Gmail warning.
Google security engineer Andrew Lyons wrote in the company’s security blog that Google reported the vulnerability to Microsoft on May 30 and that the two companies have been working on the problem since.
He wrote on Tuesday:
Today Microsoft issued a Security Advisory describing a vulnerability in the Microsoft XML component. We discovered this vulnerability - which is leveraged via an uninitialized variable - being actively exploited in the wild for targeted attacks.
Lyons said that the attacks are spreading both from malicious web pages set up to snare Internet Explorer users and through Office documents.
Users running any flavor of supported Windows are vulnerable, from XP onwards up to and including Windows 7. All supported editions of Microsoft Office 2003 and Microsoft Office 2007 are also vulnerable.
The hole hasn’t been stitched up yet, but Microsoft is suggesting a workaround that will help prevent it from being exploited.
Microsoft’s security advisory recommends that IE and Office users immediately install a Fix it solution, downloadable with instructions from Microsoft Knowledge Base Article 2719615, until the company gets the final fix out.
The vulnerability crops up when Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0 try to access an object in memory that hasn’t been initialized, which can corrupt memory such that an attacker could execute arbitrary code on a hijacked machine.
A victim would have to visit a maliciously crafted site using IE to suffer an attack. An attacker might lure users into visiting a booby-trapped site by enticing them to click on a link in an email or via messaging.
A successful attack grants the intruder the same user rights as the logged-on user. Therefore, a mitigating factor is to configure accounts with fewer rights, as opposed to operating with administrative user rights.
Microsoft noted that by default, IE on Windows Server 2003, Windows Server 2008, and Windows Server 2008 R2 runs in a restricted mode known as Enhanced Security Configuration. That also mitigates the vulnerability.
As far as bolting down Gmail goes, Sophos’s Graham Cluley has a collection of tips on how to stop your Gmail account from getting hacked.
It’s definitely worth a read. Here’s a quick cheat-sheet; Graham gives you more detail on these items in his article:
- Set up two step verification
- Check if your Gmail messages are being forwarded without your permission
- Look where your Gmail account is being accessed from
- Choose a unique, hard-to-crack password
- Secure your computer
- Why are you using Gmail anyway?
OK, that last one’s not a tip, per se, but it’s food for thought if you are, in fact, important enough that a state would want to attack your Gmail account.
If you are, think twice about using a free web email provider for sensitive information. If you’re working for the government or the military, like Graham said, put all that sensitive information on secure systems instead.