Dumbo – How the NSA can destroy digital evidence

Today, August 3rd 2017 WikiLeaks publishes documents from the Dumbo project of the CIA. Dumbo is a capability to suspend processes utilizing webcams and corrupt any video recordings that could compromise a PAG deployment. The PAG (Physical Access Group) is a special branch within the CCI (Center for Cyber Intelligence); its task is to gain and exploit physical access to target computers in CIA field operations.

Dumbo can identify, control and manipulate monitoring and detection systems on a target computer running the Microsoft Windows operating sytem. It identifies installed devices like webcams and microphones, either locally or connected by wireless (Bluetooth, WiFi) or wired networks. All processes related to the detected devices (usually recording, monitoring or detection of video/audio/network streams) are also identified and can be stopped by the operator. By deleting or manipulating recordings the operator is aided in creating fake or destroying actual evidence of the intrusion operation.

Wikileaks: Dumbo »

0

EU to allow freezes of bank deposit withdrawals?

As Europe moves towards a cash free society there are worrying signals from the EU…

European Union states are considering measures which would allow them to temporarily stop people withdrawing money from their accounts to prevent bank runs, an EU document reviewed by Reuters revealed.

This is a practice used e.g. in Greece and Cyprus in times of financial turbulence. (In Cyprus the government also confiscated parts of the peoples’ bank deposits, a so called »haircut«.)

The official reason – to prevent bank runs – might be logical. But so far the reasons have rather been national financial difficulties, stemming from local economies being linked to the single European currency, the Euro.

And the Euro-crisis is far from over. The idea of fixing totally disparate economies to one exchange rate and one interest rate is still very problematic. And the European Central Bank, the ECB, is still trying to save the Euro by various stimulus packages and by indirectly printing more money. Without a doubt, more problems lie ahead.

This leaves the average citizen powerless. Your money is no longer yours – but the governments to be used as a financial tool. (Or to be confiscated.)

Thus reducing the independent citizen to a serf.

/ HAX

Reuters: EU explores account freezes to prevent runs at failing banks »

1

“Without privacy, a society cannot advance”

A society without rulebreakers doesn’t challenge the rules, the status quo, the established consensus. Yet again, as our society pretends to celebrate its entrepreneurs, its freethinkers, and its trailblazers. But in action, in decree, and in enforcement, today’s societies passionately hate its square pegs in the round holes, its challengers, and its troublemakers — yes, those very same people as it pretends to cherish. It does everything it can to preserve the beautiful present. The one component required for the troublemakers to break out of their cages is privacy.

Falkvinge: Without privacy, a society cannot advance »

0

Does your robot vacuum cleaner spy on you?

Over the past couple of years, Roombas haven’t just been picking up dust and chauffeuring cats around, they’ve also been mapping the layout of your home. Now, Colin Angle, the chief executive of Roomba maker iRobot, has said he wants to share the data from these maps in order to improve the future of smart home technology.

The Verge: Roombas have been busy mapping our homes, and now that data could be shared »

0

Electronic voting is a bad idea

We already knew U.S. voting systems had security flaws ― the federal government put that nail in the coffin when it repeatedly confirmed that Russian hackers breached systems in at least 21 states during the election last year.

But on Friday, hackers stateside showed us just how easily some of the electronic voting machines can be cracked.

Those who attended DEF CON, a 25-year-old hacking convention held in Las Vegas, were given physical and remote access to voting machines procured from eBay and government auctions.

Yahoo News: Hackers Crack Voting Machines Within Minutes At DEF CON In Vegas »

0

Apple, China and human rights

The Chinese government’s crackdown on the internet continues with the news that Apple has removed all major VPN apps, which help internet users overcome the country’s censorship system, from the App Store in China.

Techcrunch: Apple removes VPN apps from the App Store in China »

Tense nervous headache? Perhaps your name is Tim Cook. For poor Tim has woken up this Sunday morning with a giant headache, and its name is China.

Techcrunch: Apple’s capitulation to China’s VPN crack-down will return to haunt it at home »

0

Meanwhile, in Russia…

It’s going to be much harder to view the full web in Russia before the year is out. President Putin has signed a law that, as of November 1st, bans technology which lets you access banned websites, including virtual private networks and proxies. Internet providers will have to block websites hosting these tools. The measure is ostensibly meant to curb extremist content, but that’s just pretext — this is really about preventing Russians from seeing content that might be critical of Putin, not to mention communicating in secret.

• Engadget: Russian censorship law bans proxies and VPNs »
• TorrentFreak: Russia Bans ‘Uncensored’ VPNs, Proxies and TOR »

0

Public sector IT-security

The Swedish leak where classified data and networks were outsourced outside the European Union was not an isolated incident, but a pervasive pattern where things are kept safe mostly by good luck and the occasional person who knows their stuff fixing things properly out of pure subordination.

Falkvinge: This is how absolutely headdeskingly clueless politicians are at anything IT security related «

0

Is your domain censorship safe?

Since 2003, hundreds of new top-level domains have come onto the market, and there has never been more choice for domain name registrants. But apart from choosing a name that sounds right and is easy to remember, a domain name registrant should also consider the policies of the registry that operates the domain, and those of the registrar that sells it to them.

EFF: How Threats Against Domain Names Are Used to Censor Content »

0