CHINA charges Microsoft windows 8 for backdoor-spying

Microsoft and China are at odds over the issue of cyberspying, with Windows 8 caught in the crossfire.

State-run broadcaster China Central Television lashed out Wednesday at the latest version of Windows and charged that it's capable of collecting a huge amount of data on Chinese society. In a transcript of the CCTV interview published by the Wall Street Journal, an academic shared his opinion on the type of data that Microsoft can allegedly collect through its OS.

"It's very easy for providers of operating systems to obtain various types of sensitive user information," Ni Guangnan, an academician at the Chinese Academy of Engineering, told the interviewer. "They can find out your identity, your account information, your contact list, your mobile phone number. With all that data together, using big data analysis, a party can understand the conditions and activities of our national economy and society."

Adding fuel to the fire, Guangnan pointed to the classified documents leaked by former National Security Agency contractor Edward Snowden as proof that Microsoft has worked with the US government to obtain encrypted data over the Internet.

In response, Microsoft used its own Weibo account to refute the charges and deny all allegations of backdoor spying in collaboration with the US government. As translated in a story by Neowin, Microsoft's denials break down into five points. According to Neowin, Microsoft said it has:

• Never "assisted any government in an attack of another government or clients."
• Never "provided any government the authority to directly visit...products or services."
• Never provided a "backdoor" to products or services.
• Never provided client data or information to the US government or the NSA.
• Never "concealed any requests from any government for information about its clients."

Microsoft's war of words with China is part of a larger skirmish between the US and Chinese governments. Charges of cyberspying between the two countries is nothing new. But since the revelations of NSA spying activities were leaked last year, China has used the opportunity to accuse such companies as Microsoft, Google, and Apple of cooperating with the NSA to gather data and steal state secrets. Tech companies have acknowledged that they are required to share certain customer data at the request of the government but have denied that they collaborate with the government or build backdoors into their products and services to allow data to be siphoned.

Such charges can damage a company's reputation and bottom line. In the case of Microsoft, China last month announced a ban on Windows 8 for government computers. At the time, China's state-run Xinhua news agency said simply that the ban was designed to improve security. However, China likely has another motive for wanting to put the kibosh on Windows 8 beyond security fears.

Microsoft has long accused China of widespread piracy of Windows. In 2011, former CEO Steve Ballmer told employees that Microsoft's revenue in China represented only 5 percent of sales in the US although the two markets were about the same size, according to the Journal. As such, a significant number of the PCs in China still running the now-unsupported Windows XP may be using illegal copies.

Microsoft wants to implement a server-based licensing system in China as one way to fight software piracy, the Journal added. And since the software giant no longer sells or supports Windows XP, Chinese consumers would be forced to upgrade to a more modern operating system, such as Windows 8.

Read More

Wickr 2.0 makes self-destructing SMS -- Care about Privacy

Wickr 2.0 makes self-destructing SMS -- Care about Privacy

Wickr 2.0's debut on Friday makes it much easier to invite friends to use the app, thanks to a new address-book scanning feature that prevents Wickr from learning who you're inviting. That's a big difference from just about every other service out there, which accesses your address book -- usually with your permission -- and then holds on to that data like the digital gold that it is.

Nico Sell, co-founder of Wickr, said that it was important to the company to avoid holding any sensitive information about its customers on its servers
 "Unlike other apps, Wickr does not upload your contact book to our servers; your contacts never leave your device," she said. "We create a cryptographic representation of your contacts that we store on our servers to match with your friends."

Available now on iOS and on Android in the next few days, the Wickr update still uses some of the toughest standards for major encryption protocol available. It uses ECDH-512 encryption to protect your data; ECDH-512 for the security key exchange; RSA-4096 both as a backup and in legacy versions of the app; and SHA-256 for Transport Later Security and hashing. Once it encrypts a message, the keys are used only once then destroyed by the sender's phone. Since Wickr's servers don't have the decryption keys, there's no way for Wickr to access your messages.

Whit Diffie, co-inventor of the ECDH standard, is a Wickr adviser. The company boasts a veritable who's who roster of privacy bona fides on its advisory board, including Cory Doctorow, Paul Kocher, and Brian Behlendorf.

On top of all that, the service deletes attachment metadata to ensure that the company knows even less about you.

Sell thinks that her free app is at the forefront of a new movement to protect people from government intrusion, no small effort in the wake of the NSA leaks by Edward Snowden.
 "I believe this is the first bacterial growth app ever invented," she said, explaining "bacterial" as being "beneficial to society."

"We plan to license this piece of tech to all the messaging apps in trouble with regulators for abusing users' contact books," Sell said of Wickr's business model.

Wickr 2.0 ditches the mostly-red interface for a streamlined white one with red accents. While the interface makes the app easier to use, the company has invested in other usability features to compete more directly with its competition.

You can now finally reset your password without it being as big a hassle as before; customize your avatar, contact names, and group names; invite multiple friends at once; and send insecure e-mail or SMS from Wickr. For the last one, it warns you when you're about to send a message to a non-Wickr recipient.

Wickr still may not be for everyone, but for people who value sending private messages privately that are authentically difficult -- if not impossible -- to be read by anyone but the intended recipient -- then Wickr is one of the best messaging apps around. 

Team-Hack4friends

Read More

Snowden's Christmas message about Privacy of ordinary person

 Snowden's Christmas message about Privacy of ordinary person

Edward Snowden, the National Security Agency whistleblower, delivered a video message on Christmas Day via UK's Channel 4 with a simple theme: "privacy matters."

"A child born today will grow up with no conception of privacy at all. They'll never know what it means to have a private moment to themselves -- an unrecorded, unanalyzed thought," Snowden said in the 1-minute, 43-second message. "And that's a problem because privacy matters. Privacy is what allows us to determine who we are and who we want to be."

          Must watch this video if you care about your privacy

Snowden referenced George Orwell's "1984" and noted the book's dystopian visions of microphones, video cameras, and televisions that watch people "are nothing compared to what we have available today. We have sensors in our pockets that track us everywhere we go." 

 He also used the message as an appeal to people everywhere to rally against widespread surveillance.

"The conversation occurring today will determine the amount of trust we can place both in the technology that surrounds us and the government that regulates it. Together, we can find a better balance," he said. "End mass surveillance. And remind the government that if it really wants to know how we feel, asking is always cheaper than spying."

UK's Channel 4 chose Snowden for its annual alternative message and response to Queen Elizabeth's annual Christmas address.

Snowden has temporary asylum in Russia following his leaks earlier this year about the National Security Agency's extensive electronic surveillance programs. The US Justice Department's charges against him include violations of the Espionage Act. 

Team- Hack4friends

Read More

MacBook Webcams can be used to covertly spy on people -- With proof

MacBook Webcams can be used to covertly spy on people -- With proof

Imagine going about your daily life and then one day receiving photos of yourself from inside your home. Sound spooky? Well, this really happened to a woman named Cassidy Wolf, according to the Washington Post. And, to make matters worse, she was nude in the photos.

How did this happen?
Apparently, there's a way for hackers to spy on people via their iSight Webcams in older Apple MacBooks. Typically, when the camera is on a little light is also set off. But, in a newly discovered workaround, this light can be deactivated -- meaning unsuspecting victims have no clue they're being watched.
The Washington Post revealed this new research by Johns Hopkins computer scientist Stephen Checkoway, which shows how people can be spied on with MacBooks and iMacs released before 2008. Using proof-of-concept software, called Remote Administration Tool or RAT, Checkoway was able to reprogram the iSight camera's micro-controller chip so that the light doesn't turn on.

While it could be feasible to do this trick on newer Apple computers or laptops by other brands, it hasn't yet been proven possible.
In the case of Wolf, who was Miss Teen USA, the person spying on her was her high school classmate Jared Abrahams. The FBI was able to nab Abrahams, who pleaded guilty to extortion in October.
In another report by the Washington Post, the former assistant director of the FBI's Operational Technology Division Marcus Thomas said the FBI has been activating computer cameras without turning on the warning lights for years.

This is not the first time someone has been remotely spied on with a Webcam, but it is the first known time that it's been done without the warning light being triggered.

Team Hack4friends

Read More

Optical fibres are under NSA snooping -- Privacy is going to smash down

Optical fibres are under NSA snooping -- Privacy is going to smash down

In October, a report surfaced that the US National Security Agency secretly accessed data from tech giants like Google and Yahoo, by way of intercepting the unencrypted traffic flowing between each company's data centers.

Specifically, it's believed the NSA tapped into the fiber-optic cables that connect those data centers. The New York Times reported Tuesday that these cables, which aren't owned by the Internet companies, are easy targets for interception. The largest such fiber-optic cable provider -- an under the radar Denver-based firm called Level 3 -- may have had something to do with the government's infiltration tactics. "Fingers have been pointed" at Level 3, reported the Times, citing three unnamed sources.

Level 3, which provides both Google and Yahoo with cables, was specifically mentioned in the Times report. Other companies that own fiber-optic cables include Verizon Communications, the BT Group, and the Vodafone Group.

To be sure, it's not yet known if Level 3 was a willing participant. When asked if the company gave US or foreign government agencies access to Google and Yahoo's data, Level 3 gave the Times an indirect response: "It is our policy and our practice to comply with laws in every country where we operate, and to provide government agencies access to customer data only when we are compelled to do so by the laws in the country where the data is located."

Tapping fiber-optic cables is just a modern spin on an old spy game. As early as the days of the telegraph, spies have set up shop near communications companies. Since then, the government has tapped other kinds of traffic, from long-distance phone to satellite.

News broke of the NSA and British counterpart GCHQ's efforts at intercepting data center traffic when The Washington Post reported details of a project called MUSCULAR. Both Google andYahoo have taken steps to encrypt the information that moves between its data farms. The Post's was only the latest in over half a year of surveillance revelations, since former NSA contractor Edward Snowden first leaked details of the government agency's activity.

In the wake of those revelations, tech companies have been quick to maintain their innocence in the situation. Last week, in a blog post announcing Yahoo's attempt to catch up on encryption,Yahoo CEO Marissa Mayer said, "I want to reiterate what we have said in the past: Yahoo has never given access to our data centers to the NSA or to any other government agency. Ever."

If you little like our posts then please share them with your friends to spread our voice throughout the people world.

Your One Share can make better the life of people

Read More

Major Tech. Companies planning to fend off NSA hakcing

The National Security Agency (NSA) might soon have a harder time accessing user data.
Google, Yahoo, Microsoft, Apple, and a other prominent technology companies are investing heavily in stronger, 2048-bit encryption that some say, won't be easily overcome for more than a decade, due to computing power constraints.

Google is one of the leaders in the effort, announcing in July that it would encrypt its user data with 2048-bit encryption. According to Bloomberg, which spoke with several other companies that are investing in new encryption, Yahoo confirmed to the publication that it will add 2048-bit encryption to its Mail by January. Facebook also plans to move to 2048-bit encryption. Facebook confirmed to Bloomberg that it also plans to roll out "perfect forward secrecy," a feature that would prevent snoopers from accessing user data even if they can access the company's security codes.

Microsoft and Apple are also reportedly ramping up their data-security efforts.
The technology companies' renewed interest in data security and encryption comes after several reports have suggested that the NSA has been accessing their data and using it for spying purposes. Those firms have gone on the record saying they comply with legal requests where appropriate, but are doing everything they can to keep user data safe. The investment in 2048-bit encryption follows that.
Still, encryption is just one small piece of a broader puzzle the technology companies have yet to solve. The NSA has the ability to overcome a wide array of security protocols. Last month, in fact, James Clapper, the director of national intelligence, said that the US employs "every intelligence tool available" to cull data from national security threats. Whether those efforts are applied to technology company servers has been debated, though leaks from Edward Snowden and others have suggested they are.
Even so, the improved encryption efforts could lengthen the time at which it takes the NSA and other spying agencies around the world to access user information. And that's at least something.

 Source : cnet news

Read More