Tools which protect our privacy. Post your tools / ways you are using and opinions.

Discussion in 'Serious Discussion' started by Yen, Jul 23, 2013.

  1. Yen

    Yen Admin
    Staff Member

    May 6, 2007
    12,157
    12,685
    340
    I understand what you mean. You rather encrypt your messages yourself using the recipient's public key. So you can be totally sure that they really are encrypted.
    But therefore you need communication partners who take part in your concept.
    It's better to have things done on one's own. I agree......but...what about practicability?

    How many of your friends / communication partners have created key pairs and have shared their own public key with you so you can really communicate the way you have posted?

    How many percent of emails you have to send are really encrypted that way...I think about 'common' recipients / senders (no friends) who simply do not use key pairs on their own...


    I don't know what you mean.

    People can never know about all the details (too complex). At the moment you use them anyway you have a sort of trust in it. (Also when you purchase a product / consult a service)

    So you never use things with a certain assumption that they work conform to your idea?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. Joe C

    Joe C MDL Guru

    Jan 12, 2012
    3,536
    2,095
    120
    It's no different than a license agreement on some software's. You must accept that agreement or it won't install... which is rather silly if you consider (that includes Microsoft and many other apps)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. Yen

    Yen Admin
    Staff Member

    May 6, 2007
    12,157
    12,685
    340
    Yeah silly because it has no legal meaning....
    ...from the pure perspective of programming it's a simple if-then-else logic....
    Legally their real meaning come from local laws...

    That means (here)....EULA (software) has to be presented at the moment of purchase to become legal component of the sales contract.
    (Notice at contract conclusion is mandatory.)
    Anything AFTER the purchase is not a part of it.
    Even when presented at purchase the contents must not overrule local laws.

    Means..here you can click what you want. It has no legal meaning at all....the EULA is usually presented at installation procedure and that's after a legal purchase....
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. Xiaojoyg

    Xiaojoyg MDL Novice

    Apr 16, 2019
    1
    0
    0
    I use Debian, Riot, hardened Firefox with JS/J/Flash disabled by default (NoScript) | ublock with all filters | privacy badger | https everywhere | decentraleyes and dark reader.
    Startpage as default search engine, common sense and lots of precautions.
     
  5. Joe C

    Joe C MDL Guru

    Jan 12, 2012
    3,536
    2,095
    120
    Except there are many who think they purchase a Windows o.s. actually think they own the o.s. they paid for. The reality is that you only pay to use the o.s.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. Yen

    Yen Admin
    Staff Member

    May 6, 2007
    12,157
    12,685
    340
    #346 Yen, Apr 17, 2019
    Last edited: Apr 17, 2019
    (OP)
    Yes. It's actually an ideological matter....
    Ownership and appropriation in relation to purchasing.

    We have products, physical objects which are crafted / manufactured.
    Common sense of an ownership is seemingly obvious since you can own a physical object. AND you cannot make a copy of it that easily. (without to spend a certain amount of money).
    And we have services just like a technician comes and installs a new device at home. He sells his knowledge and skills and installation work, but no physical object one could own.

    And then with the IT world there is data and code. Virtual goods which can be duplicated without altering the original and without spending much money.
    The question is if somebody could own those at all....
    Actually it ever was more like paying for a service rather than owning an object....

    Especially by the omission of physical data medium -the last what could remind us of an physical object- and the growing internet infrastructure......

    For me the more important question is: After I have paid for the service can I do with 'it' what I want?
    Yes I can. And I don't care what EULA says. By purchasing it I have bought the right to use it the way I think it's good..


    P.S: A more general question.... What's actually the difference of to use an object (e.g. a chair) and to own it?
    Isn't ownership just a virtual idea? What else should I do with a chair than to 'use' it? :)

    Ownership only plays a role if somebody else is claiming for ownership.. or better said claims for own usage...lol...

    But that applies to a certain chair / physical object only...not to code that can be duplicated without changing ownership of the original...so we have the copyrights to respect the author and its 'service-efforts-work'...and hence there is a real price (money / return service) for good IT products....
    Bad products take your privacy in return, though.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. gorski

    gorski MDL Guru

    Oct 21, 2009
    3,851
    1,015
    120
    Read and weep...

    The Israeli firm that framed Kaspersky is at it again:

    https://www.wired.com/story/whatsap...fer-overflow/?mbid=social_twitter_onsiteshare

    HOW HACKERS BROKE WHATSAPP WITH JUST A PHONE CALL

    YOU'VE HEARD THE advice a million times. Don't click links in suspicious emails or texts. Don't download shady apps. But a new Financial Times report alleges that the notorious Israeli spy firm NSO Group developed a WhatsApp exploit that could inject malware onto targeted phones—and steal data from them—simply by calling them. The targets didn't need to pick up to be infected, and the calls often left no trace on the phone's log.

    Like any other profession, there are loads of easy-going sociopaths to choose from: https://www.nytimes.com/2019/03/21/us/politics/government-hackers-nso-darkmatter.html

    A New Age of Warfare: How Internet Mercenaries Do Battle for Authoritarian Governments
    Sophisticated surveillance, once the domain of world powers, is increasingly available on the private market. Smaller countries are seizing on the tools — sometimes for darker purposes.

    The man in charge of Saudi Arabia’s ruthless campaign to stifle dissent went searching for ways to spy on people he saw as threats to the kingdom. He knew where to go: a secretive Israeli company offering technology developed by former intelligence operatives.

    It was late 2017 and Saud al-Qahtani — then a top adviser to Saudi Arabia’s powerful crown prince — was tracking Saudi dissidents around the world, part of his extensive surveillance efforts that ultimately led to the killing of the journalist Jamal Khashoggi. In messages exchanged with employees from the company, NSO Group, Mr. al-Qahtani spoke of grand plans to use its surveillance tools throughout the Middle East and Europe, like Turkey and Qatar or France and Britain.

    The Saudi government’s reliance on a firm from Israel, an adversary for decades, offers a glimpse of a new age of digital warfare governed by few rules and of a growing economy, now valued at $12 billion, of spies for hire.

    Today even the smallest countries can buy digital espionage services, enabling them to conduct sophisticated operations like electronic eavesdropping or influence campaigns that were once the preserve of major powers like the United States and Russia. Corporations that want to scrutinize competitors’ secrets, or a wealthy individual with a beef against a rival, can also command intelligence operations for a price, akin to purchasing off-the-shelf elements of the National Security Agency or the Mossad.

    NSO and a competitor, the Emirati firm DarkMatter, exemplify the proliferation of privatized spying. A monthslong examination by The New York Times, based on interviews with current and former hackers for governments and private companies and others as well as a review of documents, uncovered secret skirmishes in this burgeoning world of digital combat.

    A former top adviser to the Saudi crown prince, Mohammed bin Salman, spoke of using NSO’s products abroad as part of extensive surveillance efforts. (photo)

    The firms have enabled governments not only to hack criminal elements like terrorist groups and drug cartels but also in some cases to act on darker impulses, targeting activists and journalists. Hackers trained by United States spy agencies caught American businesspeople and human rights workers in their net. Cybermercenaries working for DarkMatter turned a prosaic household item, a baby monitor, into a spy device.

    The F.B.I. is investigating current and former American employees of DarkMatter for possible cybercrimes, according to four people familiar with the investigation. The inquiry intensified after a former N.S.A. hacker working for the company grew concerned about its activities and contacted the F.B.I., Reuters reported.

    NSO and DarkMatter also compete fiercely with each other, paying handsomely to lure top hacking talent from Israel, the United States and other countries, and sometimes pilfering recruits from each other, The Times found.

    The Middle East is the epicenter of this new era of privatized spying. Besides DarkMatter and NSO, there is Black Cube, a private company run by former Mossad and Israeli military intelligence operatives that gained notoriety after Harvey Weinstein, the disgraced Hollywood mogul, hired it to dig up dirt on his accusers. Psy-Group, an Israeli company specializing in social media manipulation, worked for Russian oligarchs and in 2016 pitched the Trump campaign on a plan to build an online army of bots and avatars to swing Republican delegate votes.

    Last year, a wealthy American businessman, Elliott Broidy, sued the government of Qatar and a New York firm run by a former C.I.A. officer, Global Risk Advisors, for what he said was a sophisticated breach of his company that led to thousands of his emails spilling into public. Mr. Broidy said that the operation was motivated by hard-nosed geopolitics: At the beginning of the Trump administration, he had pushed the White House to adopt anti-Qatar policies at the same time his firm was poised to receive hundreds of millions of dollars in contracts from the United Arab Emirates, the archrival to Qatar.

    A Security Gap, Exploited
    Before NSO helped the Saudi government track its adversaries outside the kingdom, and helped the Mexican government hunt drug kingpins, and earned hundreds of millions of dollars working for dozens of countries on six continents, the company consisted of two high school friends in northern Israel with one relatively mundane idea.


    Using technology developed by graduates of Intelligence Unit 8200 — Israel’s equivalent of the N.S.A.— Shalev Hulio and Omri Lavie started a company in 2008 that allowed cellphone firms to gain remote access to their customers’ devices to perform maintenance.

    Word spread to Western spy services, whose operatives spotted an opportunity. At the time, American and European officials were warning that Apple, Facebook, Google and other tech giants were developing technologies that allowed criminals and terrorists to communicate through encrypted channels indecipherable to intelligence and law enforcement agencies. They called the phenomenon “going dark.”

    Mr. Hulio and Mr. Lavie offered a way to circumvent this problem by hacking the end points of the communications — the phones themselves — after the data were decrypted.

    By 2011, NSO had developed its first prototype, a mobile surveillance tool the company called Pegasus. Like its namesake, the Greek mythological winged horse, NSO’s tool could do something seemingly impossible: collect vast amounts of previously inaccessible data from smartphones in the air without leaving a trace — including phone calls, texts, emails, contacts, location and any data transmitted over apps like Facebook, WhatsApp and Skype.

    “Once these companies invade your phone, they own it. You’re just carrying it around,” Avi Rosen of Kaymera Technologies, an Israeli cyberdefense company, said of NSO and its competitors.

    (...)

    Spying on Citizens

    NSO’s first client, the Mexican government, was also using the hacking tools for darker purposes — as part of a broader government and industry surveillance effort. The government used NSO products to track at least two dozen journalists, government critics, international investigators looking into the unsolved disappearance of 43 students, even backers of a soda tax, according to Times investigations and research by Citizen Lab, part of the University of Toronto.

    Those targets were subjected to a stream of harassing text messages that contained malware. Some messages warned that their spouses were having affairs, others that a relative had passed away. In one case, when government officials were not able to infiltrate the phone of a journalist, they targeted her 16-year-old son’s.

    (...)

    A lawsuit alleged last year that in the months before his death, Saudi Arabia used NSO products to spy on Mr. Khashoggi, the Washington Post columnist strangled and dismembered in October by Saudi operatives inside the kingdom’s consulate in Istanbul. NSO denies the accusation. Several of Mr. Khashoggi’s closest contacts were targets of NSO hacking tools, Citizen Lab reported. Without access to Mr. Khashoggi’s devices, researchers have not confirmed whether he was a direct target of NSO surveillance.

    Even in cases of blatant abuse, NSO continued to renew contracts with its government clients. In 2013, for instance, NSO inked its first deal with the United Arab Emirates. Within a year, the Emirati government was caught installing NSO spyware on the mobile phone of Ahmed Mansoor, a prominent human rights activist.

    After receiving an onslaught of text messages containing links, Mr. Mansoor — a frequent target of Emirati surveillance — grew suspicious and passed the texts to security researchers, who determined the links were NSO lures that exploited vulnerabilities in Apple software to take over Mr. Mansoor’s phone. It was, researchers said, the most sophisticated spyware they had ever uncovered on a mobile device.

    The discovery forced Apple to release an emergency patch. But by then, Mr. Mansoor had already been fired from his job, had his passport confiscated, his car stolen, his email hacked, his location tracked, his bank account emptied of $140,000, and was beaten by strangers twice in the same week.

    “You start to believe your every move is watched. Your family starts to panic,” he said in an interview before he was arrested in 2017. “I have to live with that.”

    Even after the U.A.E. was caught spying on Mr. Mansoor, leaked invoices showed that NSO continued to sell the Emiratis millions of dollars’ worth of spyware and services. As for Mr. Mansoor, he was sentenced to 10 years in prison for damaging national unity and is being held in solitary confinement, where his health is deteriorating.

    (Former employees said that DarkMatter targeted Mr. Mansoor, hacking his child’s baby monitor to eavesdrop on his family. In another operation, the company’s operatives pursued Rori Donaghy, a British activist critical of the Emirati government and its human rights record, who had also been a target of NSO spyware. DarkMatter also targeted Citizen Lab, the Canadian research organization, a former employee said.)

    A flurry of news reports followed about countries using NSO products to spy on their citizens, prompting the company to temporarily rebrand itself “Q,” after James Bond’s gadget guru.

    Despite the bad news coverage, NSO’s value continued to skyrocket.

    Francisco Partners, a private equity firm, purchased a 70 percent stake in NSO for $130 million in 2013. Last month, NSO’s co-founders raised enough money to buy back a majority stake in NSO at a valuation of just under $1 billion. The London private equity firm Novalpina Capital backed the deal — making its major investors, including the Oregon state employees’ pension fund and Alaska’s sovereign wealth fund, part owners of NSO, according to public records.

    Spying on Americans

    The proliferation of companies trying to replicate NSO’s success and compete in an estimated $12 billion market for so-called lawful intercept spyware has set off a fierce competition to hire American, Israeli and Russian veterans of the world’s most sophisticated intelligence agencies — and for the companies to poach talent from one another.

    In late 2017, NSO executives grew concerned about a spate of resignations. Private detectives hired to investigate soon found themselves on the Mediterranean island of Cyprus, tailing a group of former NSO employees — all veterans of Israel’s Intelligence Unit 8200 — going back and forth to work at a research facility.

    The building was owned by a company affiliated with DarkMatter, an Emirati firm that had quietly hired the Israelis to develop technologies for the U.A.E. to conduct cyberoperations against perceived enemies at home and abroad.

    DarkMatter also has offices inside a gleaming tower on the highway connecting Abu Dhabi to Dubai, the same building that houses the U.A.E.’s Signals Intelligence Agency, the Emirates’ version of the N.S.A.

    This is not by accident. DarkMatter is effectively an arm of the state that has worked directly with Emirati intelligence operatives on numerous missions such as hacking government ministries in Turkey, Qatar and Iran and spying on dissidents inside the Emirates.

    DarkMatter has origins in another company, an American firm called CyberPoint that years ago won contracts from the U.A.E. to help protect the Emirates from computer attacks. CyberPoint obtained a license from the American government to work for the Emiratis, a necessary step intended to regulate the export of military and intelligence services. Many of the company’s employees had worked on highly classified projects for the N.S.A. and other American intelligence agencies.

    But the Emiratis had outsize ambitions and repeatedly pushed CyberPoint employees to exceed the boundaries of the company’s American license. CyberPoint rebuffed requests by Emirati intelligence operatives to try to crack encryption codes and to hack websites housed on American servers — operations that would have run afoul of American law.

    (...)

    ...there is the reality that American laws governing this new age of digital warfare are murky, outdated, and ill-equipped to address rapid technological advances. The rules governing what American intelligence and military personnel can and cannot provide to foreign governments were meant to keep a leash on 20th-century warfare — selling missiles or planes overseas or training foreign forces on Army tactics.

    But they do not address hacking skills that can be honed in front of a laptop, or at the world’s most advanced intelligence agencies, and sold to the highest bidder.

    “The worst part of it is the weapons are easier to get,” said Brian Bartholomew, the principal security researcher at Kaspersky Lab, a digital security company.

    “You’ve got a lot of people entering the arena that are new and don’t play by the same rules,” he said. “It’s like putting a military-grade weapon in the hands of someone off the street.”
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  8. gorski

    gorski MDL Guru

    Oct 21, 2009
    3,851
    1,015
    120
    double post...
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. MS_User

    MS_User MDL Guru

    Nov 30, 2014
    3,814
    828
    120
    theirs nothing new in that post it all comes down to two things money and humans ethics with the cyber skills we live a time now that many people will sell out their country even their families for the right amount of money....also NSA has a lot of blame in all of this when they screw up by hiding the hacker tools on net and later discover and posted on the black web for everyone to grab and finally Edward Snowden revelation your government is spying on u 24/7 Happy Web Surfing;)
     
  10. gorski

    gorski MDL Guru

    Oct 21, 2009
    3,851
    1,015
    120
    Yayks! "theirs" so much valuable information in that post of yours, it hurts... Blinding! :D
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  11. MS_User

    MS_User MDL Guru

    Nov 30, 2014
    3,814
    828
    120
    REALLY....MONEY MONEY MONEY GUY!!!!
     
  12. gorski

    gorski MDL Guru

    Oct 21, 2009
    3,851
    1,015
    120
    WTF?!? :rolleyes::p:D
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  13. gorski

    gorski MDL Guru

    Oct 21, 2009
    3,851
    1,015
    120
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  14. MS_User

    MS_User MDL Guru

    Nov 30, 2014
    3,814
    828
    120
    still dont get it....what are like 15 years old:D
     
  15. gorski

    gorski MDL Guru

    Oct 21, 2009
    3,851
    1,015
    120
    Right, you are probably a 12 year old fan-boy... :rolleyes: :D
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  16. MS_User

    MS_User MDL Guru

    Nov 30, 2014
    3,814
    828
    120
    i wish i was 12 are u kidding me :)
     
  17. Joe C

    Joe C MDL Guru

    Jan 12, 2012
    3,536
    2,095
    120
    A 12 yr old MS_User would be dangerous.
    All 13 yr old virgins would be in danger of extinction
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  18. gorski

    gorski MDL Guru

    Oct 21, 2009
    3,851
    1,015
    120
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  19. Joe C

    Joe C MDL Guru

    Jan 12, 2012
    3,536
    2,095
    120
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  20. gorski

    gorski MDL Guru

    Oct 21, 2009
    3,851
    1,015
    120
    Jesus Marx wept... This is just dumb!!!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...