Posts tagged Yahoo
Webcam Spying: All the Gov Surveillance Agencies are Doing It
Apparently the GCHQ, the British equivalent to the National Security Agency (NSA) has been watching millions of Yahoo users with their webcams.
Documents given to the press by Edward Snowden state that this scheme called operation Optic Nerve (ON) was a collaboration of the GCHQ and the NSA in order to gather 1.8 million users’ images from webcams between 2008 and 2010.
According to the report, “it would appear that a surprising number of people use webcam conversations to show intimate parts of their body to the other person. Also, the fact that the Yahoo software allows more than one person to view a webcam stream without necessarily sending a reciprocal stream means that it appears sometimes to be used for broadcasting pornography.”
The document continues: “Face detection has the potential to aid selection of useful images for ‘mugshots’ or even for face recognition by assessing the angle of the face. The best images are ones where the person is facing the camera with their face upright.”
The tech corporation stated: “We were not aware of nor would we condone this reported activity. This report, if true, represents a whole new level of violation of our users’ privacy that is completely unacceptable and we strongly call on the world’s governments to reform surveillance law consistent with the principles we outlined in December. We are committed to preserving our users’ trust and security and continue our efforts to expand encryption across all of our services.”
In 2013, Marcus Thomas, former assistant director of the Federal Bureau of Investigations (FBI) Operational Technology Division commented : “The FBI has been able to covertly activate a computer’s camera—without triggering the light that lets users know it is recording—for several years, and has used that technique mainly in terrorism cases or the most serious criminal investigations.”
Spying via webcam is apparently quite easy.
Last December, researchers at Johns Hopkins University (JHU) discovered security vulnerabilities within the Apple iSight system in the MacBook laptop and iMac desktop units that allow an third party to disable the webcam indicator LED.
Matthew Brocker and Stephen Checkoway authored a paper entitled, “iSeeYou: Disabling the MacBook Webcam Indicator LED” which outlines the process of reprogramming the iSight camera via the microcontroller to disable the LED activation light.
The paper reads: “In the past few years, the ever-expanding set of sensors present in commodity laptops and smartphones has prompted the security and privacy community to begin searching ways to detect and limit the undesired use of sensors,” the “iSeeYou. At the same time, researchers have demonstrated attacks exploiting the presence of sensors.”
This allowed Brocker and Checkoway to take photos and video of the subject from the webcam.
Shockingly, their technique also worked on 1Mac G5 and Intel-based iMacs; as well as 2008 MacBook Pros.
According to the paper: “Our results in this paper demonstrate that, at least in some cases, people have been correct to worry about malware covertly capturing images and video. We show a vulnerability in the iSight webcam that affects a particular range of Apple computers … that can be exploited to turn on the camera and capture images and video without the indicator illuminating.”
Ben Swann – NSA’s Criminal Activity
Published on Jun 20, 2013
Ben Swann Full Disclosure is asking the questions the rest of the media is ignoring. Even by the overreaching standards of the Patriot Act, Ben Swann demonstrates how the NSA’s Prism program is clearly illegal.
WHICH INTERNET COMPANY HASN’T GIVEN THE U.S. GOVERNMENT ITS RECORDS?
NEW YORK: Outraged Internet users searching for an alternative to the privacy-busting companies they’d trusted are turning to a company that provides what it calls, “the world’s most private search engines.”
StartPage and its sister search engine Ixquick were launched in 2006 to staunchly defend their users’ privacy and civil liberties. StartPage provides a private portal to Google results, while Ixquick provides private results from other search engines.
The services have not participated in PRISM, nor have they ever provided user data to the U.S. government or to any other government or agency in the U.S. or anywhere in the world.
That is more than nine of the biggest Internet companies — Apple, Google, Microsoft, Yahoo, Facebook, YouTube, PalTalk, AOL and Skype — can say.
“The Privacy of our users rests on three important foundations,” explains StartPage and Ixquick CEO Robert Beens. “We are based in the Netherlands, we use encrypted connections, and — most importantly — we don’t store or share any of our users’ personal search data.”
- No User Data Stored: StartPage and Ixquick never store user data, including IP addresses and search queries, so government agencies have no incentive to ask for these. This privacy is so complete; the company doesn’t even know who its customers are, so it can’t share anything with Big Brother.
- Encrypted (HTTPS) Connections: StartPage and Ixquick were the first search engines to use automatic encryption on all connections to prevent snooping. When searches are encrypted, third parties like ISP’s and the NSA can’t avesdrop on Internet connections to see what people are searching for.
- Not Under U.S. Jurisdiction: StartPage and Ixquick are based in the Netherlands, so they are not directly subject to U.S. regulations, warrants, or court orders. They can’t be forced to participate in spying programs like PRISM. The company has never turned over a single bit of user data to any government entity in the 14 years it has been in business, which is not surprising since there is no data in the first place.
StartPage and Ixquick are also the only search engines whose privacy practices have been independently verified and third-party certified through the European Union’s Privacy Seal program.
“Unfortunately, it takes a scandal like PRISM to wake people up to the erosion of privacy”, says Harvard-trained privacy expert Dr. Katherine Albrecht, who helped develop StartPage. “As people get fed up with being spied on, they look for alternatives. We already serve nearly 3 million private searches each day, and we expect that number to grow as people seek shelter from search engines that store and share their private information.”
The company will expand its privacy services this summer with the addition of a new private email product called StartMail. StartMail will offer a paid, private email platform with strong encryption. Anyone interested in beta testing the program on its release can sign up at www.StartMail.com
My choice since mid 2009, thanks to Katherine Albrecht.
Second NSA PRISM Spy Leak Shows Govt, Tech Companies Are Lying to You
A second leaked slide from the NSA’s top secret PRISM operation details how the NSA actually goes straight to the servers of top tech companies like Skype and Google in order to compile your personal chats and information — exactly what the U.S. Director of National Intelligence and major corporations said wasn’t happening in statements made yesterday.
Quite frankly, it looks like The Guardian has absolutely side swiped the Director of National Intelligence James R. Clapper, Facebook, Skype, Google, and a host of others who denied that the NSA PRISM program was directly tied into the tech company servers. More specifically, there was heavy denial in regards to how the NSA spy program actually worked, which is actually now detailed on the second slide. A slide that, at the time of writing this, has not even hit the front of Drudge or other sources. Here is the slide from the top secret PRISM project, which utilizes the top tech companies in order to watch and hold every letter you type through their services:
Image added to original post.
By Charles Arthur, The Guardian
Usernames and unencrypted passwords posted online after hack attack on Yahoo Voice network
More than 450,000 usernames and unencrypted passwords appear to have been stolen from Yahoo Voice, a user-contribution services on Yahoo’s network, and posted online.
Similar attacks have been reported separately against other online services, including Android Forums and Formspring, where users are being encouraged to change their passwords immediately, and to check whether they used the same password on other services.
By Lois Beckett
Microsoft and Yahoo are selling political campaigns the ability to target voters online with tailored ads using names, Zip codes and other registration information that users provide when they sign up for free email and other services.
The Web giants provide users no notification that their information is being used for political targeting.
In one sense, campaigns are doing a more sophisticated version of what they’ve always done through the post office — sending political fliers to selected households. But the Internet allows for more subtle targeting. It relies not on email but on advertisements that surfers may not realize have been customized for them.
Campaigns use voters records to assemble lists of people they’re trying to reach — for instance, “registered Republicans that have made a donation,” Yahoo’s director of sales Andy Cotten told ProPublica. Microsoft and Yahoo help campaigns find these people online and then send them tailored ads.
These messages don’t just pop up in Yahoo Mail or Hotmail. Because Microsoft and Yahoo operate huge networks that provide advertising on some of the most popular web destinations, targeted ads can appear when a voter visits a swath of different sites.
Microsoft and Yahoo said they safeguard the privacy of their users and do not share their users’ personal information directly with the campaigns. Both companies also said they do not see the campaigns’ political data, because the match of voter names and registration data is done by a third company. They say the matching is done to target groups of similar voters, and not named individuals.
According to Microsoft, President Obama’s re-election campaign has recently done this kind of targeting, and both national political parties have done so previously.
The marketing site ClickZ, the Wall Street Journal, Slate and others have previously noted the ability of campaigns to target online ads to specific groups of voters. But what has not been detailed is which companies are now making the targeting possible by providing users’ personal information — and which have decided it’s off-limits.
By Maira Sutton
Iran: Authorities Seeking Information on Censorship Tools
The Islamic Republic of Iran has recently become notorious for its efforts to create a “halal” Internet. This week, a security researcher found that Iranian authorities published a “Request for Information” (RFI) seeking details on new types of censorship tools that are available in the market. Ars Technica reported that the Persian language RFI calls for “proper conditions for domestic experts in order to build a healthy Web and organize the current filtering situation.” The deadline for response was yesterday, April 19.
The existence of the RFI suggests that Iran is seeking to nationally expand its scope of online content blocking and filtering. The RFI states:
The creation of a comprehensive Internet purifying system that works based on analysis of Web content is considered among the most important activities in this area and efforts must be made to cultivate domestic technologies…In addition to creating a domestic industry, among other goals of the institute are the purchase and acquisition of foreign technical knowledge and leveraging of the latest technology alongside domestic ones.
What’s clear is that the Iranian government is seeking a more sophisticated system to block content, beyond its current mandate of blacklisting entire sites and banning words. EFF will continue to monitor this initiative and the Iranian government’s efforts to facilitate online censorship.
India: Professor arrested over a political cartoon; CIS urges Parliament to overturn 2011 censorship legislation
A chemistry professor in the state of West Bengal was arrested on Friday for posting political cartoons about the state’s Chief Minister, Mamata Banerjee. Ambikesh Mahapatra’s arrest follows increasing public discontent with Minister Banerjee and her style of governance. The local police charged Mahapatra with cyber crime offenses, claiming he had spread “derogatory messages against respectable persons.”
Following the arrest last week, there has been a massive backlash and an online campaign to condemn the charges. The highest trending Twitter hashtag in India is currently #arrestmenow, which has been adopted by users to tweet critical, often humorous, opposition to the police action. It echoed a similar situation in December, when the Indian blogosphere and Twitterverse was aflame with criticism against Minister of Communications and IT, Kapil Sibal after he demanded that websites such as Google and Facebook filter content deemed offensive. Indian netizens’ increasing use of social media to fight back against state-mandated efforts to censor online speech is a welcome sight.
Reports Yahoo News:
“In yet another sign that perhaps the news media ought to think about treating his presidential campaign more seriously, Ron Paul was viewed about as favorably as Rick Perry and Mitt Romney by Americans in a new poll.
In an Associated Press-GfK telephone survey of the general population, 37 percent of the respondents said they have a positive view of the libertarian-leaning representative from Texas, while 36 percent said they did not.
Perry, the Texas governor, and Romney, the former Massachusetts governor, invoked similar favorable/unfavorable ratings that also fell within the poll’s 4.1 percent margin of error. Romney was viewed favorably by 39 percent of Americans, and Perry was viewed favorably by 33 percent. Another 41 percent said they viewed Romney unfavorably, and 36 percent viewed Perry unfavorably.”