I have no idea if that’s even the technical term for the security problem facing the users of the new Windows version of Microsoft’s Skype app (which is a GamerGate staple). Linux users seems to be unaffected. Basically, what happens is, the default setting is left on auto-file download. So, when someone in a group, or one of your friends send you a file, it automatically downloads whatever it is they sent you. A thinking person is going to see the problems with this right off top. What if your friends are hacked? What if you have some unsavory people on your list, for whatever reason? What if they become enemies with you without you knowing lol? There are all sorts of bad things that could be sent your way. Dumbass Microsoft just say send it right on through by default. Luckily, it’s fixable.
If you visit this link, you can see how to disable this “feature.” Also, another good idea would be to setup 2-factor authentication on your accounts. Follow this link to look at some stuff about that. My friend Troy Rubert has helped me on this, so thank you to him. He’s a futurist. I’m going to do a livestream with him soon, on future tech trends, etc.
As for why Microsoft might do something like this, another friend of mine has some ideas:
“Boy, how fucking convenient. I mean the new update defaults Skype settings on Window users to allow downloads without telling the user. I wonder why. Oh, wait…”
“The nature of the Skype data collection was spelled out in an NSA document dated August 2012 entitled “User’s Guide for PRISM Skype Collection.” The document details how to “task” the capture of voice communications from Skype by NSA’s NUCLEON system, which allows for text searches against captured voice communications. It also discusses how to find text chat and other data sent between clients in NSA’s PINWALE “digital network intelligence” database.
The full capture of voice traffic began in February of 2011 for “Skype in” and “Skype out” calls—calls between a Skype user and a land line or cellphone through a gateway to the public switched telephone network (PSTN), captured through warranted taps into Microsoft’s gateways. But in July of 2011, the NSA added the capability of capturing peer-to-peer Skype communications—meaning that the NSA gained the ability to capture peer-to-peer traffic and decrypt it using keys provided by Microsoft through the PRISM warrant request.”
13 comments
At least you can turn the option off. So we don’t have to keep using Skype, just gotta be careful.
I’m not quitting, but I almost use it just because I HAVE to lol. I hear Kim Dotcom is working on a little something, though: http://www.slashgear.com/megachat-encrypted-skype-rival-imminent-says-kim-dotcom-29360963/
Here’s another service someone told me about on Twitter: https://tox.im/
A quick reminder that this PRISM is the same one uncovered by Edward Snowden that is used by the NSA to spy on the people. And then there was the bill that was passed recently that allows the government to keep these records for three years (HR 4681).
It’s so good that the Dems and Republicans can put aside their differences when it comes to Big Brother.
I miss gridlock.
It’s funny how the gridlock is always the fault of one party or another – as if they don’t know that gridlock is a built-in-feature to prevent harmful legislation.
I can agree that with a Dem senate and a Rep house, not a lot of terrible stuff got passed (some exceptions) – I just get tired of hearing the incessant blaming of the other party the whole time.
Indeed. They’ve lost what little credibility they had when they pointed fingers at the “shutdown” (a whopping 1/3 of the government! *GASP*)
Still, there isn’t a veto-proof majority, so I hope there is utter and complete gridlock. So the progressives can froth at the mouth and the United States can get a much needed rest from its butt-surfing.
At this point it is safe to assume that any chat service is compromised, unless it has end-to-end encryption with both users somehow securely exchanging keys.
As for the general security issues, MS Windows is one giant heap of decades of bugs and band-aids. If the software packages you use can be run on Linux, the time to switch is now. Keep Windows only for specific lousy software or games. Web, email, etc.—Linux is the way to go. I recommend Ubuntu.
If you are a security minded individual, I agree with your above statements, however, skip Ubuntu as it includes too much proprietary software. Better of with straight debian.
And if you’re really serious about security, you should write your own compiler, and verify every bit open source code you use, then build your own binaries.
Technically, even though the source is available, .deb files could easily be tampered with. You pretty much have to go FullStallman on your computer habits, or not use them at all to keep the NSA out.
And if you’re a paranoid survivalist TAILS is a must:
https://tails.boum.org/
Get a VPN (I use AirVPN myself):
https://www.bestvpn.com/
https://airvpn.org/
Use an anonymous search engine (like Ixquick/Startpage):
https://en.wikipedia.org/wiki/Ixquick
And a secure email address:
https://www.startmail.com/
https://anonymous-proxy-servers.net/en/help/email-provider.html
+1 for FullStallman! However, the recommendation still stands. Stallman>OpenBSD>Debian==FreeBSD>Ubuntu>MacOSX>Windows. A Windows user will find it difficult to install Debian. Ubuntu is relatively more resilient to non-NSA level attacks than Windows, while being just as easy/easier to install and use, provided all software one works with are available.
your above list is excellent, although I would add ArchLinux somewhere between debian and FreeBSD – If you want the latest versions of most open source software compiled from source, it is great.
I wish more people used xmpp.