Kategori surveillance

Amazon, Apple Servers Completely Compromised by Chinese Hardware Backdoors

For years, security researchers have warned that unscrupulous hardware manufacturers or foreign governments could hijack the manufacturing process, installing backdoors into equipment that would be difficult to detect or stop. Now, we’ve caught the Chinese red-handed, and the fallout could be ugly.

An extensive report from Bloomberg details how Amazon’s investigation into deploying servers manufactured by Elemental Technologies led to the discovery of hardware backdoors smaller than a grain of rice. The chips had been hidden on Supermicro motherboards.

After discovering the chips in 2015, the government spent three years investigating the situation. They’ve determined that the hardware creates “a stealth doorway into any network that included the altered machines. Multiple people familiar with the matter say investigators found that the chips had been inserted at factories run by manufacturing subcontractors in China.”

Amazon, Apple Servers Completely Compromised by Chinese Hardware Backdoors

Amazons reply:
https://aws.amazon.com/blogs/security/setting-the-record-straight-on-bloomberg-businessweeks-erroneous-article/

What if the Bloomberg story is true?

Hard(ware) questions about government hacking: what if the Bloomberg story is true?

Google Secretly Tracks What You Buy Offline Using Mastercard Data

Over a week after Google admitted the company tracks users’ location even after they disable location history, it has now been revealed that the tech giant has signed a secret deal with Mastercard that allows it to track what users buy offline.

Google has paid Mastercard millions of dollars in exchange to access this information.

Neither Google nor Mastercard has publicly announced the business partnership over allowing Google to measure retail spending, though the deal has now been disclosed by Bloomberg.

https://thehackernews.com/2018/09/google-mastercard-advertising.html

What Attorneys and Their Clients Need to Know About Windows 10 and Microsoft’s New Privacy Policies

August 1, 2015

In short, according to Zach Epstein of BGR.com, “Windows 10 is … spying on nearly everything you do.” According to Microsoft, its “consumer products, websites and services” collect information such as

  • your full name, email address, mailing address, and phone number
  • passwords and password hints
  • your age, gender, and occupation
  • the stocks you track
  • credit card numbers and security codes
  • “data about how you interact with [Microsoft’s] services,” such as “the features you use, the items you purchase, the web pages you visit, and the search terms you enter”
  • “data about your contacts and relationships” – but only if you use a Microsoft service “to manage contacts, or to communicate or interact with other people or organizations.” (I’m not sure there’s anyone using a Microsoft system who doesn’t use it to “communicate or interact.”)

It gets worse. Microsoft “collect[s] content of your files and communications” including “the content of your documents, photos, music or video…. It also includes the content of your communications sent or received using Microsoft services, such as the subject line and body of an email, text or other content of an instant message, audio and video recording of a video message, and audio recording and transcript of a voice message you receive or a text message you dictate.” Microsoft “systematically scan[s]” this content “in an automated manner…”

What Attorneys and Their Clients Need to Know About Windows 10 and Microsoft’s New Privacy Policies

Surveillance: Silicon Valley siphons our data like oil. But the deepest drilling has just begun

Silicon Valley is an extractive industry. Its resource isn’t oil or copper, but data. And to increase profits, Silicon Valley must extract more – and deeper – than we ever imagined

Amazon is going to show the industry how to monitor more moments: by making corporate surveillance as deeply embedded in our physical environment as it is in our virtual one. Silicon Valley already earns vast sums of money from watching what we do online. Soon it’ll earn even more money from watching what we do offline.

It’s easy to picture how this will work, because the technology already exists. Late last year, Amazon built a “smart” grocery store in Seattle. You don’t have to wait in a checkout line to buy something – you just grab it and walk out of the store. Sensors detect what items you pick up, and you’re charged when you leave.

https://www.theguardian.com/world/2017/aug/23/silicon-valley-big-data-extraction-amazon-whole-foods-facebook

Kaspersky software ’used by Russian state hackers to trawl for US secrets’

Popular anti-virus software used by hundreds of thousands of people and businesses in Britain was reportedly hijacked by Russian government hackers to trawl for American secrets. <…>

Computer users must give their anti-virus software widespread access to files so they can be scoured for viruses. But such access potentially makes the software a perfect “backdoor” for hackers, according to computer experts. Läs mer