TweakTown NewsRefine News by Category:
According to security researcher Jason Appelbaum, and German news magazine Der Spiegel, the NSA has the ability to spy on virtually every iPhone, and users' digital communication sent from said iPhone.
The NSA reportedly has a program called DROPOUTJEEP, which allows the US spy agency to intercept most things - including SMS messages, contact lists, the physical location of the iPhone (and its user) through cell phone data, and even the ability to access the iPhone's microphone, and camera. Leaked documents have helped put the picture together, with the NSA claiming a 100% success rate when it comes to getting spyware into iOS-based devices.
Then comes the scary part: that the NSA requires physical access to the device, which the US spy agency reportedly reroutes shipments of iPhone's purchased online, but it is also working on a remote version, which is even worse. Appelbaum says: "Either [the NSA] have a huge collection of exploits that work against Apple products, meaning they are hoarding information about critical systems that American companies produce, and sabotaging them, or Apple sabotaged it themselves."
He finishes with something quite scary: "Do you think Apple helped them with that? I hope Apple will clarify that."
Despite fallout from former IT specialist Edward Snowden, it appears more U.S. voters are interested in security over privacy-related issues. Seventy-five percent of users are worried about personal information theft over 54 percent of those users worried about browsing history being tracked.
"By wide margins this survey clearly shows that ID theft has touched the majority of consumers in some way, and that hacking is more worrisome to consumers than tracking, and that voters want the government to more aggressively go after cyber criminals," said Ed Black, CCIA President and CEO, in a statement. "Safeguarding users online must become a higher priority for companies and also for the regulators and policymakers charged with protecting consumers."
Even though security is more thought about by U.S. citizens, privacy concerns have caused a major backlash against the National Security Agency (NSA), other US federal branches, and a handful of major corporations.
Spain takes its privacy laws pretty serious, and Google has just found out just how serious they consider violations. Today Reuters is reporting that Google has been issued a fine of $1.23 million after it was found guilt of breaking Spain's data protection laws.
The fine of $1.23 million is the maximum possible under Spanish law, and this is not the first time that Google has had to pay for a breach of privacy this year. Last month Dutch lawmakers accused Google of breaking the same law in their country.
"Inspections have shown that Google compiles personal information through close to one hundred services and products it offers in Spain, without providing in many cases the adequate information about the data that is being gathered, why it is gathered and without obtaining the consent of the owners," said the Spanish Agency for Data Protection.
New documents have surfaced from Edward Snowden that shows just how far the NSA is willing to go to spy on everyone. The US spy agency along with Brittans GCHQ had agents inside both the World of Warcraft and Secondlife to keep an eye on "targets" who may be using the MMOs to communicate.
The documents state that the NSA thought that the "Unregulated" online gaming worlds would "almost certainly be used as a venue for terrorist laundering and will, with certainty, be used for terrorist propaganda and recruitment." The documents did not state if any arrest were made, or if any terror plots were unveiled as a result of the infiltration.
One takedown did result from the spying, but instead of a terrorist organization, a ring of credit card thieves were arrested and their website was shutdown. The spying grew to so many agents that the NSA had to create a "deconflict group" to make sure they were not spying on each other.
This shouldn't come as a surprise to you, especially if you read TweakTown, as we try to cover the Edward Snowden leaks as they break. Well, the latest news is being reported by The Washington Post, and its a doozy.
The NSA is reportedly taking in users' cellphone data, on a global level, not just within the United States. This equates to around 5 billion records everyday, but don't worry, the NSA says it doesn't have the proper tools to check every single record. Because, you know - we should believe them, right? Well, one of the programs is named Co-Traveler, which allows the US spy agency to determine "behaviorally relevant relationships" based on data from signals intelligence activity designators located around the world. One of which, is named "Stormbrew".
Co-Traveler can locate targets purely from cellphone users moving in a group, even if they're unknown threats. Multiple meetups, with the geolocational data, is enough for the NSA's "Co-Traveler" system to notice a pattern.
We know that the NSA's PRISM system scoops up unimaginable amounts of data, so a couple of researchers created an Android app to see just how much metadata is collected from a smartphone, which was compared to basic information on Facebook.
The two Stanford researchers, Jonathan Mayer and Patrick Mutchler, created MetaPhone, using it to see how revealing the metadata was. Mayer told MIT Technology Review: "Some defenders of the NSA's bulk collection programs have taken the position that metadata is not revealing. We want to provide empirical evidence on the issue.... Our hypothesis is that phone metadata is packed with meaning."
You can grab MetaPhone yourself, a free app from the Google Play Store, with the app capable of collecting call and text logs, and asks for basic information from Facebook. Early research points to the fact that the metadata definitely includes some juicy data on you, with early results showing that phone metadata can predict whether someone is in a relationship with around 60% accuracy.
Google is a step ahead of Yahoo here, where it has upgraded all of its SSL certificates to 2048-bit, but now Yahoo is pushing ahead with some hopefully NSA-proof encryption to its information.
Yahoo CEO, Marissa Mayer, has reiterated the fact that Yahoo has never handed over information from its datacenters to the NSA, or any other government agency for that matter. The CEO said there is nothing more important than users' data and privacy, and that the company is extending the SSL encryption with a 2048-bit key for Yahoo Mail, and all Yahoo products.
The 2048-bit goodness should encrypt all Yahoo datacenter information by the end of Q1 2014, so around 4 months from now. From here, it will offer users an option to encrypt all of their data in and out of Yahoo by the end of March next year. The company will also work close with their international Mail partners to make sure that co-branded accounts are also 2048-bit protected.
Just how many documents did Edward Snowden take from the NSA? Well, earlier estimates had this pegged at around 50,000... but it looks like the whistleblower took close to 200,000 documents.
This is coming directly from NSA General, Keith Alexander, who wished "there was a way to prevent" further leaks, and that information was being out out "in a way that does maximum damage to the NSA and [the United States]." This should mean that Snowden has enough information on him to keep him alive, or at least an asset to Russia.
We've seen what has happened to previous whistleblowers, like Bradley Manning and Michael Hastings, but it looks like Snowden has his fair share of information to keep him safe, for now.
According to some documents supplied to the Washington Post by Edward Snowden, Google and Yahoo data centers across the world are intercepted directly by the NSA and GCHQ. The program is known as "Muscular" and can tap into the main communications link that connect Google and Yahoo data centers.
A documented dating back to January 9, 2013 says that the NSA captured millions of records from the search giants each and every day, sending them to NSA data warehouses. Within a 30-day period, over 180 million records were collected, all of which included metadata, text communications, audio and video, too.
The Washington Post did say that the NSA doesn't keep everything, which should help you sleep at night (so much sarcasm intended). Both search giants maintain multiple data centers around the world for redundancy reasons, with data shared between the data centers all the time. Google has said that it was not aware of the NSA activity, with a Yahoo spokesperson saying that it has strict controls in place to protect the security of their data centers, and that it has not given the NSA or anyone else access to their data centers.
A new report from The Washington Post is suggesting that the NSA has been harvesting hundreds of thousands of email addresses from contact list, online address books, and even instant messaging services. The report is based off of top-secret documents that were provided by senior intelligence officials as well as PRISM whistle blower Edward Snowden.
The report goes on to say that the NSA's Special Source Operations division acquired over 440,000 email address books from Yahoo, 105,068 from Hotmail, 82,857 from Facebook, and 33,697 from Gmail. Those numbers were derived from an internal NSA powerpoint presentation and are said to represent just a single days worth of email collecting activity.
The Washington Post speculates that the NSA now has a sizeable database of most of the email addresses that exist on the internet today. What the agency plans on doing with these address books is anyones guess. Personally I feel that this is not that big of a deal as many of us openly post our email address online for all to see anyway. On the other hand, I feel that by collecting, storing, and building a database, the NSA is violating some form of my privacy rights.