You may have heard that the NSA can decrypt SSH at least some of the time. If you have not, then read the latest batch of Snowden documents now. All of it. This post will still be here when you finish. My goal with this post here is to make NSA analysts sad.

TL;DR: Scan this post for fixed width fonts, these will be the config file snippets and commands you have to use.

Mer kameraövervakning och telefonavlyssning. Tillåt brottsprovokation. Separata och ”spartanska” fängelser för utländska medborgare. Det är några saker som Sverigedemokraterna har motionerat om de senaste veckorna. Men enligt experter strider förslagen mot grundläggande rättsprinciper.

– De står för en extremt repressiv rättspolitik, säger Anne Ramberg, generalsekreterare vid Advokatsamfundet.

This type of STARTTLS stripping attack has mostly gone unnoticed because it tends to be applied to residential networks, where it is uncommon to run an email server2. STARTTLS was also relatively uncommon until late 2013, when EFF started rating companies on whether they used it. Since then, many of the biggest email providers implemented STARTTLS to protect their customers. We continue to strongly encourage all providers to implement STARTTLS for both outbound and inbound email. Google's Safer email transparency report and are good resources for checking whether a particular provider does.

The ruling means that users in Europe and further afield of Microsoft's services — and others, including Apple, Google, Yahoo, Facebook, and Twitter, with a headquarters in the US — are not immune from having their data handed over to the US government for law enforcement or intelligence purposes.

When Edward Snowden exposed the scale and depth of the National Security Agency's surveillance programs, his findings led to another disheartening revelation: that our Internet has become too centralized. Webmail services like Yahoo and Google and social networks like Facebook and Twitter are convenient and efficient platforms, as well as easy to use, but they collect massive amounts of user data that can facilitate intelligence spying and other types of snooping. Meanwhile, securer methods of communication are often cumbersome and overly technical for the average user who would like to send an email without having to download and set up various software. Yet after Snowden’s leaks, an increasing demand for securer alternatives has led to the development of anti-surveillance products with an eye towards being user friendly.

That is certainly true for Miguel Freitas, a research engineer based in Rio de Janeiro, Brazil, who decided to create a decentralized alternative to Twitter to counter NSA spying and protect against shutdowns of social media sites; but it would also be “something that my grandmother could use,” Freitas tells techPresident.

Did you ever wish to have all relevant information about a visitor right when he hits your site? Think of (full) name, gender and maybe hobbies and interests? Thanks to social networks we could at least get some of that data. All you need is the URL to that visitors (public) Facebook or Google+ profile – but if he doesn’t actively give it to you, you’re probably out of luck.

What if we could get that profile URL without the user even noticing it?

Avast, which makes security software for Windows, Mac, and Android, recently bought 20 used Android handsets on eBay. Then company employees used digital analysis software that's readily available and fairly easy to use to see if there was anything left on the 20 devices from the original owners. It turns out there was. Avast researchers found more than 40,000 photos, 750 emails or text messages, and 250 contacts. The group was also able to deduce the identities of the previous owners of four of the phones.


It's important to note that Avast makes its own reset software, which the company claims does a much better job of completely wiping Android devices. So part of the motivation for this study is presumably to promote Avast's alternative service. Still, the results are pretty startling. Whether they make you want to buy Avast's software or someone else's, this test at least raises awareness of how hard it is to scrub personal data before reselling or donating old devices.

ProxFree is a simple and completely free web proxy service. Perfect for those looking to bypass censorship restrictions and/or looking to browse the internet privately, anonymously and securely.

Of particular concern are newer Android gadgets, specifically those running Android 3.1 "Honeycomb" or later. That version of the Google OS introduced a feature called Preferred Network Offload (PNO), which has a habit of broadcasting the names of the last 15 Wi-Fi networks a device has joined, even when the screen is off.

The idea is to conserve battery by allowing a phone to connect to known Wi-Fi networks even while in sleep mode, since Wi-Fi uses less power than the mobile data radio. The problem, the EFF says, is that your wireless network history can give a worryingly accurate and thorough picture of your movements.

Since the very first Snowden leak a year ago, one of the more common refrains from defenders of the program is "but it's just metadata, not actual content, so what's the big deal?" Beyond the fact that other programs do collect content, we've pointed out time and time again that the "just metadata, don't worry" argument only makes sense if you don't know what metadata reveals. Anyone with any knowledge of the subject knows that metadata reveals a ton of private info. Furthermore, we've even pointed out that the NSA regularly uses "just metadata" to pick targets for drone assassinations. As one person called it: "death by unreliable metadata."

|< First   < Previous   11–20 (144)   Next >   Last >|