Tag Archive for Edward Snowden

| July 7, 2018
Comments Off on RIP Yahoo Messenger

RIP Yahoo Messenger

Do yRIP Yahoo Messengerou remember Yahoo Messenger? It was popular in the late ’90s and early 2000s when there were only two messengers to communicate with your friends and family. Well … the remnants of Yahoo nee Verizon recently announced the end of Yahoo Messenger. Verizon (VZ)/Yahoo announced that they will disable the Yahoo Messenger service after July 17th, 2018. (rb- yes Yahoo Messenger was still a thing – in the face of Apple‘s (AAPL) FaceTime, Telegram, Snapchat, and Facebook‘s (FB) WhatsApp).

According to the Oath website, YIM had 122.6 million users at its peak. In the FAQ announcing the shutdown, Yahoo said, “We know we have many loyal fans who have used Yahoo Messenger since its beginning  … As the communications landscape continues to change over, we’re focusing on building and introducing new, exciting communications tools that better fit consumer needs.” If you’re looking for a Messenger replacement from Yahoo, they recommend Squirrel, which is in closed beta and by invite only. But why?

YIM leaves a dubious security legacy, as all “free” web products do. In 2007 there were reports that up to 75%  of the users in Yahoo Messenger were SPAMBots. In 2010 all Yahoo systems and customer email accounts were hacked by the Chinese military in “Operation Aurora.” In Operation Aurora the Chinese also attacked Adobe (ADBE)Dow Chemical, Google (GOOG) Juniper Networks (JNPR)Morgan Stanley, Northrop Grumman (NOC)Rackspace (RAX), and Symantec (SYMC).

In 2014 The Guardian reported that The British intelligence agency Government Communications Headquarters (GCHQ)’s secret mass surveillance program Optic Nerve and National Security Agency (NSA) were indiscriminately collecting still images from Yahoo webcam streams from millions of mostly innocent Yahoo webcam users, among other things creating a database for facial recognition for future use. Optic Nerve takes a still image from the webcam stream every 5 minutes. Also in 2014 Yahoo was also hit by a hack that affected around 500 million people.

mass surveillanceIn September 2016, The New York Times reported that Yahoo’s security team, had pressed for Yahoo to adopt end-to-end encryption sometime between 2014 and 2015, but senior leadership resisted, “…because it would have hurt Yahoo’s ability to index and search message data.”

In 2017 Yahoo announced that all of its customer’s accounts were compromised. Allegedly Yahoo did not detect the full extent of the 2013 hack until  4 years later. In 2017, Yahoo announced that all 3 billion accounts were compromised.

YouYahoo can download your chat history for the next 6 months at this download request site. Yahoo will email your chats to you. If you have anything you want to save from Yahoo Messenger, it’s a good idea to get a copy, because users will be unable to sign in to the service after July 17th.

rb-

YIM is not the first long-standing chat app to shut down – AOL Instant Messenger shut down December 15, 2017. But Yahoo Messenger was one of the few old-school messaging services left.

Related article

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , , ,
| July 28, 2015
Comments Off on Snoops Offer Security Tips

Snoops Offer Security Tips

Snoops Offer Security TipsIn one of the more ironic, notice I did not say tragic, turns in the post-Snowden era, the National Security Agency (NSA) has published a report with advice for companies on how to deal with malware attacks. FierceITSecurity says the report (PDF) boils down to “prevent, detect and contain.” To be more specific, the report recommends that IT security pros:

  • Segregate networksSegregate networks so that an attacker who breaches one section is blocked from accessing more sensitive areas of the network;
  • Protect and restrict administrative privileges, in particular high-level administrator accounts, so that the attacker cannot get control over the entire network;
  • Deploy, configure, and monitor application whitelisting to prevent malware from executing;
  • Restrict workstation-to-workstation communication to reduce the attack surface for attackers;
  • Deploy strong network boundary defenses such as perimeter and application firewalls, forward proxies, sandboxing and dynamic analysis filters (PDF) to catch the malware before it breaches the network;
  • Network monitringMaintain and monitor centralized host and network logging product after ensuring that all devices are logging enabled and their logs are collected to detect malicious activity and contain it as soon as possible;
  • Implement pass-the-hash mitigation to cut credential theft and reuse;
  • Deploy Microsoft (MSFT) Enhanced Mitigation Experience Toolkit (EMET) or other anti-exploitation capability for devices running non-Windows operating systems;
  • Employ anti-virus file reputation services (PDF) to catch known malware sooner than normal anti-virus software;
  • Implement host intrusion prevent systems to detect and prevent attack behaviors; and
  • Update and patch software in a timely manner so known vulnerabilities cannot be exploited.

The author quotes from the report;

I Luv your PCOnce a malicious actor achieves privileged control of an organization’s network, the actor has the ability to steal or destroy all the data that is on the network … While there may be some tools that can, in limited circumstances, prevent the wholesale destruction of data at that point, the better defense for both industry and government networks is to proactively prevent the actor from gaining that much control over the organization’s network.

rb-

For those who have not been following along, the TLA’s have been attacking and manipulating anti-virus software from Kasperskey.

SpyingWe also now know suspect that the TLA’s have compromised at least one and probably two hardware vendors. The Business Insider recalls, way back in 2013, as part of the Edward Snowden NSA spying revelations.German publication Spiegel wrote an article alleging that the NSA had done a similar thing — put code on Juniper Networks (JNPR) security products to enable the NSA to spy on users of the equipment. 

Over at Fortinet (FTNT) they had their own backdoor management console access issue that appeared in its FortiOS firewalls, FortiSwitch, FortiAnalyzer and FortiCache devices. These devices shipped with a secret hardcoded SSH logins with a secret passphrase.

The article seems like advertising for the TLA’s hacking program.

Related articles

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers and anything else that catches his attention since 2005. You can follow him at LinkedInFacebook and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , ,
| July 14, 2015
Comments Off on TLA Does Good?

TLA Does Good?

TLA Does Good?ZDNet reports that in the last batch of Snowden documents, there may finally be some evidence that some TLA’s were doing some good. They spied on criminals too. Apparently one Snowden document boasts of how “criminals” can be found through a TLA program.

some TLA's spied on criminals and not citizensUsing this program TLAs can identify cyber attackers. ZDNet says that malicious users causing a “distributed denial-of-service” or DDoS attack, where a group of people overload a server or network with a flood of network traffic can be traced and identified. The TLA also used its program to troll online criminal forums.

rb-

Unfortunately, for law-abiding U.S. citizens, none of the Snowden documents to date have shown that the info collected on criminals was used to stop cyber attacks or was passed on to law enforcement to take action.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers and anything else that catches his attention since 2005. You can follow him at LinkedInFacebook and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , ,
| July 7, 2015
Comments Off on T-Mobile Ordered to Turn Over Most Customer Info

T-Mobile Ordered to Turn Over Most Customer Info

T-MT-Mobile Ordered to Turn Over Most Customer Infoobile received the most government requests for subscriber data in 2014 according to a report from CNET. U.S. governments made nearly 351,940 requests for data from T-Mobile (TMUS) in 2014. The author, Roger Cheng states that the 351,940 government requests for data are the most out of any of the four national wireless carriers.

The number 4 U.S. carrier by subscriber base recently released its first transparency report. The article breaks down the government requests for T-Mobile information:

  • 177,549 criminal and civil subpoenas
  • 17,316 warrants
  • 3,000+ wiretap orders
  • Between 2,000 and 2,250 national security requests,
  • 8 requests from foreign governments.

These numbers represent an 11% increase in government demands for subscriber information over last 2013.

The article claims that Verizon and AT&T each have twice as many customers, but T-Mobile fielded more requests than its rivals.

  • Verizon (VZ) with 132 million subscribers in Q4 of 2014, saw 287,559 government requests.
  • AT&T (T), with nearly 121 million subscribers in Q4 of 2014, saw 263,755 government requests,
  • Sprint (S) with 55.5 million subscribers in Q4 of 2014, saw 308,937 government requests.
  • T-Mobile with just over 55 million subscribers in Q4 of 2014, saw 351,940 government requests.

Here is how the four wireless carriers’ government information requests compare.

CarrierSubscribersSupeanasWarrantsWireTap OrdersTotal Requests
Verizon132 million138,158`31,2141,433351,940
AT&T121 million201,75420,9852,420263,755
Sprint55.5 million308,93713,5403,772308,936
T-Mobile55 million177,43917,3163,087251,940
Totals358.5 million826,28883,05510,7121,176,571

surveillance programsTransparency reports have become increasingly popular over the past year as civil liberties groups, shareholder and consumer advocates have pressured companies to be more open about when they disclose customer information. The article claims T-Mobile was the last of the four national carriers to issue a transparency report, which comes amid continued scrutiny of surveillance programs run by U.S. three-letter agencies and friends— including the bulk collection of phone call data — that was revealed when former NSA contractor Edward Snowden leaked classified government documents.

The author notes that companies aren’t under a legal obligation to show the data in transparency reports, but have been willing to share with the hope that the reports will help repair their reputations, which have been damaged by the Snowden revelations of the past two years.

rb-

government demands for subscriber informationThis data only represents data requests where they bothered to follow U.S. laws to legally request data. How much more is there sitting in a data warehouse in the sky?  

Why is the T-Mobile number so high? Is it bad luck? Do they fight the requests the most? Are they playing ball with the TLA’s?  We may never know. VentureBeat speculates that the best way to measure how willing T-Mobile works with the government is by looking at the percentage of government requests to which T-Mobile delivered data. But T-Mobile refused to offer that information to VentureBeat.

“Regarding the additional question on breaking out the numbers further than what’s currently provided in the report, our systems were not designed to track the kind of detailed reporting that other companies engage in today,” a T-Mobile spokesperson wrote to VentureBeat.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , , , ,
| March 24, 2015
Comments Off on Few Americans Have Changed Behavior post-Snowden

Few Americans Have Changed Behavior post-Snowden

Few Americans Have Changed Behavior post-SnowdenEdward Snowden revealed the U.S. Government’s domestic spying program. The revelations changed the world. The data collection programs have impacted US businesses ‘ ability to sell abroad. Recent regulations introduced in China have knocked Apple (AAPL), Cisco (CSCO), McAfee, and Citrix (CTXS) out of growing markets.

U.S. Government's spying programsLisa Vaas, at Sophos’ Naked Security blog, points us to a recent  Pew Research Center survey that documents the impact of TLA spying and data collection on the home-front. Most Americans (87%) have heard about the National Security Agency’s (NSA) surveillance programs since Snowden began leaking documents nearly two years ago. The Pew research found that nearly one-third of American adults have taken steps to protect their information from government surveillance programs that monitor phone and digital communications.

Aware of the NSA’s surveillance programs

Out of those surveyed who are at least somewhat aware of the NSA’s surveillance programs (30% of adults),

  • 34% have taken at least one step to keep their information hidden or shielded from the government.
  • 25% are using more complex passwords
  • 17% changed their privacy settings on social media
  • 15% use social media less often
  • 15% have avoided certain apps
  • 14% say they speak more in person instead of communicating online or on the phone
  • 13% have uninstalled apps
  • 13% have avoided using certain terms in online communications

government surveillance programsWhen it comes to how well the courts are balancing the needs of law enforcement and intelligence agencies with citizens’ right to privacy:

  • 49% say courts and judges are not balancing those interests;
  • 48% say they are.

OK to spy on foreigners

The article says the public approves of monitoring plenty of people, including foreign citizens, foreign leaders, and American leaders:

  • 82% say it’s acceptable to monitor communications of suspected terrorists;
  • 60% believe it’s acceptable to monitor the communications of American leaders;
  • 60% think it’s OK to monitor the communications of foreign leaders;
  • 54% say it’s acceptable to monitor communications from foreign citizens;
  • 57% say that the monitoring of citizens’ communications is unacceptable;
  • 65% – think it’s OK to monitor people who pepper their communications with words such as “explosives” and “automatic weapons” in search engine queries;
  • 67% think it’s OK to monitor people who visit anti-American websites.

Social media privacyAmericans are split about just how much we should worry about surveillance – particularly when it comes to their own digital behavior.

  • 39% describe themselves as concerned about government monitoring of their activity on search engines.
  • 38% say they’re concerned about government monitoring of their activity on their email messages.
  • 37% express concern about government monitoring of their activity on their cell phone.
  • 31% are concerned about government monitoring of their activity on social media sites, such as Facebook or Twitter.
  • 29% say they’re concerned about government monitoring of their activity on their mobile apps.
Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , ,
« Older Entries