Articles about Surveillance

With privacy concerns and the threat of surveillance from the likes of the NSA, more and more people are turning to the dark web and Tor. The anonymous, encrypted network has become a haven for not just illegal activity, but also for those who simply don’t want what they do online to be tracked and traced.

But now the Tor Project has voiced concerns that CDN and DDoS protection service CloudFlare is monitoring Tor traffic by introducing CAPTCHAs and cookies. CloudFlare is not alone: similar accusations are levelled at Google and Yahoo which are described as 'larger surveillance companies'. Concerns about interference with Tor traffic have been raised by project administrators in a ticket entitled "Issues with corporate censorship and mass surveillance".

Continue reading →

German intelligence agencies are set to gain greater NSA-style surveillance powers after the German Interior Ministry announced plans to use Trojans to spy on the internet activities of suspects. Known as Bundestrojaner, the Trojan would give the government the ability to not only track which sites a target visits, but also record conversations, make use of webcams, access data and log keystrokes.

The Trojan has been in testing since late last year, and having received governmental approval could now be widely dispatched. Widely described as malware and spyware, the tool cannot be used without a court order, but this will do little to assuage the fears of privacy groups.

Continue reading →

You should be careful when running voice-over-IP (VoIP) phones, as weak passwords could turn your device into a covert spying tool.

Security consultant Paul Moore says he has discovered how default and weak passwords on enterprise-grade Snom VoIP phones could allow attackers to make their own calls using your service, or listen to your conversations.

Continue reading →

Privacy International has lost a court case that questioned the legality of GCHQ's hacking operations. The UK-based privacy and human rights charity launched a legal campaign after Edward Snowden revealed the spying and surveillance that was being carried out by the NSA and GCHQ.

In the course of the case, GCHQ admitted for the first time that it was involved in hacking devices and computers not only in the UK, but around the world. The Investigatory Powers Tribunal (IPT) ruled that activities such as the installation of keyloggers, the remote activation of microphones and cameras, and the use of malware by the intelligence agency is entirely legal.

Continue reading →

With its well-known habit of uncompromising surveillance, the NSA has earned itself something of a poor reputation among internet users. But while the spying side of the agency is what it is most famous for, it is actually made up of two different divisions: offensive and defensive.

Later this week the NSA is expected to announce an internal restructuring that will see the two divisions merging. This presents the agency with an interesting predicament: does it continue to work to fight the efforts of hackers, or does it adopt hacker-like techniques to help gather data? Experts says that the merger is a mistake, largely because the aim and modus operandi of the two departments are diametrically opposed.

Continue reading →

A group of MPs has criticized plans put forward in the Draft Investigatoy Powers Bill after consulting with several top technology firms, including the likes of Apple, Facebook and Google.

The Science and Technology committee has slammed the bill as being vague and confusing, issuing a 43-page report outlining its views on key issues such as encryption and data collection.

Continue reading →

Living in a technological age where there is a near-fanatical obsession with privacy, a move towards encryption seems to make perfect sense. While there have been calls from some governments to ban encryption and demands for decryption keys to be handed over, there is a drive by companies and online services to try to increase security and privacy with encryption.

But a new report (Don't Panic: Making progress on the encryption debate) from Harvard University's Berkman Center for Internet & Society suggests that encryption may be all but pointless when it comes to curtailing surveillance. While governments and surveillance agencies may balk at the idea of people using encryption to 'go dark' online, and many people embrace the idea as a means of increasing their privacy, the report suggests that the task of surveillance is not going to be made impossible, and could be helped by the Internet of Things (IoT).

Continue reading →

The US is not afraid to throw its weight around; it likes not only to be involved in things, but to be in control. For decades, ICANN (Internet Corporation for Assigned Names and Numbers) -- the non-profit organization that manages IP addresses and domain names -- has been overseen by the US Department of Commerce, much to the chagrin of people around the world. Most upset are those who point to the independent nature of the internet, and the need for any body with global power to be similarly indpendent. Later this year ICANN is set -- at long last -- to completely separate from the US government.

While this does hinge on US government approval, by the end of September, ICANN could instead be in the hands of businesses, individuals, and multiple global governments. While the changing of hands should not alter the way ICANN operates, it is hoped that it will go some way to restoring faith that may have been lost after revelations about online surveillance by the NSA and other US government agencies.

Continue reading →

The importance and awareness of online privacy issues have been brought into sharp focus in the 21st century. It's not entirely down to Edward Snowden, but the revelations from the former NSA contractor are a constant reference point for those concerned with privacy, security and freedom of speech.

One of the greatest problems facing anyone trying to tackle the problem of privacy on the web is dealing with the ideologies of different countries, and how this affects data sharing. A level of surveillance that is deemed acceptable in the US, for instance, may be considered completely objectionable in another. The latest suggestion to help overcome this seemingly insurmountable problem is to set up a privacy ombudsman that would be able to handle European complaints and queries about US surveillance.

Continue reading →

Back towards the end of 2014, Facebook unveiled a new .onion address that allowed Tor users to visit the social network securely. Following on from this, the company is now giving Android users the ability to browse the site using Tor and the Facebook app.

Security, privacy and anonymity may be words readily associated with Tor, but few people would use them in the same sentence as Facebook. The social network says that there is increased demand for secure connections to Facebook from Tor-enabled browsers, hence spreading to the largest mobile platform. The news will make some mobile users happy, but there are currently no plans to migrate the feature from Android to iOS.

Continue reading →

Moves by governments to monitor web-based communication with a view to thwarting terrorism is utterly, utterly futile. Just like the NSA's dragnet-style dredging for intelligence, mass communication surveillance does little to home in on target -- the ones that government should be concerned about are the very ones who know who to evade detection.

This is something that was perfectly demonstrated this week when it became apparent that ISIS has developed its own secure messaging system. No longer reliant on the likes of WhatsApp, ISIS is using a custom-built, Android-based encrypted messaging tool that is incredibly difficult -- if not impossible -- for the FBI and NSA to monitor.

Continue reading →

Juniper Networks has stated that it will no longer be using a segment of security code purported to have been developed by the National Security Agency (NSA) for the purpose of eavesdropping on clients’ VPN connections.

The code in question is based on Dual Elliptic Curve technology, and Juniper has stressed it will be replaced during the first quarter of 2016 for a version that is considerably more secure. The Silicon valley based company claims the new secure code will rely on greater numbers than those generated through the flawed Dual Elliptic Curve technology.

Continue reading →

UK web users are coming round to the idea of online surveillance by the government, but harbor concerns about how personal data will be stored. These are the findings of a survey by Broadband Genie that suggests terror attacks have led to a swing in public opinion of the Snooper's Charter.

But while people may be coming round to the idea of internet surveillance, they remain concerned about how private data -- such as browsing history -- will be stored. 27 percent of those surveyed said their opinion had been swayed by recent terrorist attacks by the likes of ISIS.

Continue reading →

The Investigatory Powers Bill may only be in draft form at the moment, but the UK government has already come in for criticism for its plans. Today, scores of pieces of written evidence, both for and against the proposals, have been published, including input from the Reform Government Surveillance (RGS) coalition.

Five key members of the coalition are Facebook, Google, Microsoft, Twitter and Yahoo. In their written evidence, the quintet of tech companies express their concerns about the draft bill, seek clarification from the UK government, and issue warnings about the implications of such a bill.

Continue reading →

Yesterday we reported that Microsoft will warn users of 'state-sponsored' attacks on their accounts. Sounds great, but does it actually mean anything? Is it a useful service by the tech giant, or just PR bluster?

Considering the covert nature of spying and digital attacks, coupled with legislation around the world, it seems likely that the announcement is little more than meaningless hot air. In the UK, for instance, the planned snooper's charter would make it illegal for companies to alert users to hacking and surveillance by British agencies.

Continue reading →