Jump to content

Search the Community

Showing results for tags 'snooping'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Found 8 results

  1. A flurry of lawsuits has drawn attention to a growing part of the cyber-security industry ON OCTOBER 2ND 2018 Jamal Khashoggi, a Saudi journalist and critic of the kingdom’s government, visited its consulate in Istanbul in order to secure documents needed for his upcoming marriage. He did not come out alive. After initially denying responsibility, the Saudi government admitted that Mr Khashoggi was killed in a “rogue operation”. Two months later Omar Abdulaziz, another Saudi dissident, filed a lawsuit in Israel against NSO Group, an Israeli software company. Mr Abdulaziz alleges that the NSO Group had licensed Pegasus, a piece of spyware that snoops on smartphones, to the Saudi government, which used it to spy on him—and, through him, Khashoggi. NSO Group denies that its software was used against Khashoggi. In October WhatsApp, an encrypted-messaging firm owned by Facebook, also sued the firm, saying its software had been used to hack roughly 1,400 of its users. WhatsApp says it has urged America’s Department of Justice to open an investigation. NSO Group disputes WhatsApp’s allegations “in the strongest possible terms”. On November 26th a number of NSO Group’s workers filed a lawsuit against Facebook, claiming that the social-media giant has unfairly blocked their private accounts. The flurry of lawsuits has drawn attention to a little-known corner of the cyber-security industry. Most cyber-security firms focus on defending clients from hackers and malware. But some, including NSO Group, as well as Gamma Group (an Anglo-German firm) and Hacking Team (an Italian one which in April merged with another company to create Memento Labs), sell software to help governments access online data on persons of interest. Business appears to be brisk. The opaque nature of the market for “intrusion software” means the job of trying to compile figures falls mostly to academics and NGOs. NSO Group, which is unusually candid, says its revenue in 2018 was $250m. In February Novalpina Capital, a British private-equity firm, bought a majority stake in the firm. The valuation implied by the transaction reportedly placed the firm in the “unicorn” club of startups worth over $1bn. Most of NSO Group’s competitors are much smaller, says John Scott-Railton, a researcher at the University of Toronto’s Munk School of Government. Danna Ingleton of Amnesty International, a human-rights group, reckons that the market is worth at least several billion dollars. The firms are understandably coy about revealing their clients’ identities. But in 2015 a widely reported data breach appeared to reveal a list of Hacking Team’s clients. The list included a Saudi spy agency and the Sudanese government of Omar al-Bashir, as well as the FBI, Malaysia’s Anti-Corruption Commission and the state government of Bayelsa, a province of Nigeria. Memento Labs did not respond to requests for comment. The industry has been around for a while, but Mr Scott-Railton says that documents leaked in 2013 by Edward Snowden, an American spy—which lifted the lid on America’s electronic-surveillance capabilities—gave it a big boost. “Other states said ‘how do we get hold of something like that?’” The leaks also pushed Western technology firms to encrypt more web traffic and instant messages, making existing forms of eavesdropping harder (see chart). Some private firms now offer governments that do not have the expertise to breach such defences themselves the tools to do so. Many are staffed by former Western spooks. According to a leaked personnel roster obtained by the New York Times, DarkMatter, based in the United Arab Emirates, has hired several people who used to work for the National Security Agency, America’s main signals-intelligence organisation. DarkMatter did not reply to requests for comment. Trench coats and grey hats Most of the companies say they assist law enforcement in fighting terrorism, drug smuggling or other misdeeds. At a conference in November Shiri Dolev, NSO Group’s president, complained about the coverage of her firm. She argued that services such as WhatsApp are used by some “as a vehicle for terrorism and crime”, and that software such as Pegasus is vital. The firm insists its products are “not a tool to be weaponised against human-rights activists or dissidents”. In September it announced a new human-rights policy, based on UN guidelines; it reckons it is the first firm in the industry to do so. Even before that, says a spokeswoman, the firm had turned down around $100m of business on ethical grounds in the past three years. In theory the export of hacking software is controlled by the same laws that regulate the sale of weapons. In practice most observers think such restrictions have little bite. David Kaye, the UN’s special rapporteur on freedom of opinion and expression, has described the market for spyware as “out of control” and “unaccountable”. State use of the industry’s products to target political opponents, journalists and others seems common, says Ms Ingleton. Previous lawsuits have foundered, she adds, in part owing to their high-tech, international nature. Courts first need to be convinced that plaintiffs have suffered an injury, that the injury could be traced back to the defendant, and that the court can redress it. Even if this “standing” can be established, it is hard to procure evidence. “And even then it can be hard for some judges to understand what is being presented,” she says. In a recent case in America “Mr Kidane”, a pseudonymous American with links to Ethiopia, alleged that the Ethiopian government had been spying on him and his family using FinSpy, one of the Gamma Group’s products. A judge threw out the case on the grounds that the alleged spying did not occur entirely within America’s borders. The Gamma Group did not respond to requests for comment. All the recent publicity has nonetheless increased pressure on the companies. In November Ron Wyden, an American senator, called for an investigation into whether NSO Group’s products had been used against American citizens. Mr Kaye wants a moratorium on exports until stricter laws can be drawn up. And the WhatsApp lawsuits marks an escalation by the big technology companies, which want to safeguard their users’ data. A serious crackdown remains unlikely, thinks Edin Omanovic at Privacy International, another NGO, owing partly to the official background of many employees at such firms. “Enforcement has always been a problem within the arms industry,” he says. Until that changes, purveyors of snooping software can expect to thrive. Source
  2. The Ministry of Home Affairs has issued a notification giving sweeping powers to 10 government agencies to snoop on any computer in the country. In the order dated Thursday, December 20, the ministry has enabled Intelligence Bureau, Narcotics Control Bureau, Enforcement Directorate, Central Board of Direct Taxes, Directorate of Revenue Intelligence, Central Bureau of Investigation, National Investigation Agency, Cabinet Secretariat, Directorate of Signal Intelligence, and Delhi Commissioner of Police to monitor, decrypt, and intercept “any information generated, transmitted, received or stored in any computer.” After outrage on social media and elsewhere on Friday, the government moved to clarify that the order is not new and it merely reiterates the powers that were already available to these agencies since 2009. “No new powers have been conferred to any of the security or law enforcement agencies,” the government noted in a statement. It also stated that all requests to monitor, intercept, and decrypt any computer's data have to be approved by the competent authority. The Union Home Secretary is such an authority for the central government and the Chief Secretary for the state government. Signed by Home Secretary Rajiv Gauba, the order not just allows these agencies to track your digital life but also mandates full cooperation from the citizens to help the agencies access your data. According to the notification, the subscriber or service provider or any person in charge of the computer resource is bound to extend all facilities and technical assistance to the agencies. Failing this, they can face seven years in jail and a fine. The new order greatly expands the powers of these agencies, which were earlier only allowed to intercept calls or data. Essentially, the government agencies can now tap your calls, read your online communication, access data stored on your computer whether or not it is connected to the Internet as well as intercept any digital information that you share with others and vice versa. "For the first time, powers of scanning data at rest have been given to various agencies. Earlier, only data in motion could be intercepted. But now data revived, stored and generated can also be intercepted as powers of seizure have been given," a senior bureaucrat explained to NDTV. According to a home ministry official, the order extends the powers of the law enforcement agencies to match the needs of the present day. The government order has drawn sharp condemnation from politicians and citizens online. “Why is every Indian being treated like a criminal? This order by a government wanting to snoop on every citizen is unconstitutional and in breach of the telephone tapping guidelines, the Privacy Judgement and the Aadhaar judgement," CPM leader Sitaram Yechury tweeted. Organisations like the Internet Freedom Foundation have also criticised the order. source
  3. Stay-at-home Bond types set off the loudest irony klaxon Maybe don't snoop on a charity that makes privacy its priority... UK SPOOKS HAVE FESSED-UP to unlawfully snooping on and sifting through the private data of Privacy International, all thanks to bulk data collection. As part of the MI5's Bulk Communications Data and Bulk Personal Data programmes, supposedly used to detect criminal and terrorist activity, Britain's domestic intelligence agency ended up gathering and perusing Privacy International's private data. And it wasn't the only one, as other UK spook conclaves, GCHQ and MI6, were also found to have collected the charity's data. But all three were forced to admit they'd be carrying out such unlawful data collection as documents were published that revealed Privacy International has been caught up in MI5's investigations due to the charity's data being in the vast databases British intelligence has. Privacy International noted, in a somewhat own trumpet blowing fashion, that this all came to light as part of its legal challenge against bulk data collection powers. Having a look through the case notes ourselves - and bearing in mind we're journalists, not lawyers - it looks like the data held on Privacy International seemed to be more a quirk of bulk data collection as opposed to active spying against Privacy International. Not that such an activity excuses the intelligence services; it arguably demonstrates that bulk data collection isn't a great intelligence gathering technique. Unsurprisingly, Caroline Wilson Palow, general counsel at Privacy International was hardly impressed by the snooping. "Today's revelations are troubling for a whole host of reasons. The UK intelligence agencies' bulk collection of communications data and personal data has been shown to be as vast we have always imagined - it sweeps in almost everyone, including human rights organisations like Privacy International," Palow said. "Not only was Privacy International caught up in the surveillance dragnet, its data was actually examined by agents from the UK's domestic-facing intelligence agency - MI5. We do not know why MI5 reviewed Privacy International's data, but the fact that it happened at all should raise serious questions for all of us. "Should a domestic intelligence agency charged with protecting national security be spying on a human rights organisation based in London? Shouldn't such spying, if permitted at all, be subject to the strictest of safeguards? In an era when human rights and democracy are under threat all over the world, the UK should demonstrate leadership by protecting human rights defenders." Privacy Intentional is now asking for MI5 to clarify why it snooped on the charity, as well as writing an open letter to Home Secretary, Sajid Javid MP, expressing concern at the snooping and asking him to confirm ht changes he'll make to the Investigatory Powers Act as a result of the European Court of Human Right's judgment against it last week. We approached the Home Office for comment - MI5 doesn't sully itself with the unwashed public directly - but we've yet to get a response. Breaching the privacy of a charity that makes privacy its raison du etre is one of the dumbest things we've heard. And it's dryly amusing that it comes from MI5, which has apparently got a good track record of being pretty decent at intelligence work. As such, we wouldn't be surprised if this isn't the straw that breaks the camel's back when it comes to bulk data collection, as the UK intelligence agencies and government has basically given Privacy International an almighty big stick to brandish at them. Source
  4. Microsoft’s Obscure ‘Self Service for Mobile’ Office Activation Microsoft requires a product activation after installing. Users of Microsoft Office currently are facing trouble during telephone activation. After dealing with this issue, I came across another obscure behavior, Microsoft’s ‘Self Service for Mobile’ solution to activate Microsoft Office via mobile devices. Microsoft describes how to activate Microsoft Office 2013, 2016 and Office 365 within this document. There are several possibilities to activate an installed product, via Internet or via Telephone for instance. Activation by phone is required, if the maximum Internet activation threshold is reached. But Office activation by phone fails Within my blog post Office Telephone activation is no longer supported error I’ve addressed the basis issue. If a user re-installs Office, the phone activation fails. The activation dialog box shows the message “Telephone activation is no longer supported for your product“. Microsoft has confirmed this issue for Office 2016 users having a non subscriber installation. But also users of Microsoft Office 2010 or Microsoft Office 2013 are affected. A blog reader posted a tip: Use Mobile devices activation… I’ve posted an article Office 2010: Telefonaktivierung eingestellt? – Merkwürdigkeit II about the Office 2010 telephone activation issue within my German blog, back in January 2017. Then a reader pointed me within a comment to a Self Service for Mobile website. The link http: // bit.ly/2cQPMCb, shortened by bit.ly, points to a website https: // microsoft.gointeract.io/mobileweb/… that provides an ability to activate Microsoft Office (see screenshot below). After selecting a 6 or 7 Digits entry, an activation window with numerical buttons to enter the installation id will be shown (see screenshots shown below). The user has to enter the installation id and receives the activation id – plain and simple. Some users commented within my German blog, that this feature works like a charm. Obscurity, conspiracy, oh my God, what have they done? I didn’t inspect the posted link until writing last Fridays blog post Office Telephone activation is no longer supported error. My idea was, to mention the “Self Service for Mobile” page within the new article. I managed to alter the link to direct it to the English Self Service for Mobile language service site. Suddenly I noticed, that both, the German and also the English “Self Service for Mobile” sites uses https, but are flagged as “unsecure” in Google Chrome (see the screenshot below, showing the German edition of this web page. The popup shown for the web site „Self Service for Mobile“ says, that there is mixed content (images) on the page, so it’s not secure. That catches my attention, and I started to investigate the details. Below are the details for the German version of the web site shown in Google Chrome (but the English web site has the same issues). First of all, I noticed, that the „Self Service for Mobile“ site doesn’t belongs to a microsoft.com domain – in my view a must for a Microsoft activation page. Inspecting the details, I found out, the site contains mixed content (an image contained within the site was delivered via http). The content of the site was also delivered by Cloudflare (I’ve never noticed that case for MS websites before). The image flagged in the mixed content issue was the Microsoft logo, shown within the sites header, transferred via http. The certificate was issued by Go Daddy (an US company) and ends on March 2017. I’ve never noticed, that Go Daddy belongs to Microsoft. I came across Go Daddy during analyzing a phishing campaign months ago. A compromised server, used as a relay by a phishing campaign, has been hosted (according to Whois records) by Go Daddy. But my take down notice send to Go Daddy has never been answered. That causes all alarm bells ringing in my head, because it’s a typical behavior used in phishing sites. Also my further findings didn’t calm the alarm bells in my head. The subdomain microsoft used above doesn’t belongs to a Microsoft domain, it points to a domain gointeract.io. Tying to obtain details about the owner of gointeract.io via WhoIs ended with the following record. Domain : gointeract.io Status : Live Expiry : 2021-03-14 NS 1 : ns-887.awsdns-46.net NS 2 : ns-1211.awsdns-23.org NS 3 : ns-127.awsdns-15.com NS 4 : ns-1980.awsdns-55.co.uk Owner OrgName : Jacada Check for 'gointeract.sh' --- http://www.nic.sh/go/whois/gointeract.sh Check for 'gointeract.ac' --- http://www.nic.ac/go/whois/gointeract.ac Pretty short, isn’t it? No Admin c, no contact person, and Microsoft isn’t mentioned at all, but the domain has been registered till 2021. The Owner OrgName Jacada was unknown to me. Searching the web didn’t gave me more insights at first. Overall, the whole site looks obscure to me. The tiny text, shown within the browser’s lower left corner, was a hyperlink. The German edition of the „Self Service for Mobile“ site opens a French Microsoft site – the English site opens an English Microsoft site. My first conclusion was: Hell, I was tricked by a phishing comment – somebody set up this site to grab installation ids of Office users. So I deactivated the link within the comment and I posted a warning within my German blog post, not to use this „Self Service for Mobile“ site. I also tried to contact the user, who has posted the comment, via e-mail. … but “Microsoft” provides these links … User JaDz responded immediately in an additional comment, and wrote, that the link shortened via bit.ly has been send from Microsoft via SMS – after he tried the telephone activation and selected the option to activate via a mobile device. I didn’t noticed that before – so my conclusion was: Hell, this obscure „Self Service for Mobile“ site is indeed related to Microsoft. Then I started again a web search, but this time with the keywords Jacada and Microsoft. Google showed several hits, pointing to the site jacada.com (see screenshot below). It seems that Jacada is a kind of service provider for several customers. I wasn’t able to find Microsoft within the customer reference. But I know, that Microsoft used external services for some activities. Now I suppose, that somebody from Jacada set up the „Self Service for Mobile“ activation site. The Ajax code used is obviously able to communicate with Microsoft’s activation servers and obtain an activation id. And Microsoft’s activation mechanism provides an option to send the bit.ly link via SMS. Closing words: Security by obscurity? At this point I was left really puzzled. We are not talking about a startup located within a garage. We are having dealing with Microsoft, a multi billion company, that claims to run highly secured and trustable cloud infrastructures world wide. But what’s left, after we wipe of the marketing stuff? The Office activation via telephone is broken (Microsoft confirmed that, after it was reported by customers!). As a customer in need to activate a legal owned, but re-installed, Microsoft Office is facing a nasty situation. Telephone activation is refused, the customers will be (wrongly) notified, that this option is no longer supported. Internet activation is refused due “to many online activations” – well done. But we are not finish yet. They set up a „Self Service for Mobile“ activation site in a way, that is frequently used by phishers. They are sending links via SMS to this site requesting to enter sensitive data like install ids. A site that is using mixed content via https, and is displaying an activation id. In my eyes a security night mare. But maybe I’ve overlooked or misinterpreted something. If you have more insights or an idea, or if my assumptions a wrong, feel free, to drop a comment. I will try to reach out and ask Microsoft for a comment about this issue. Article in German Source Alternate Source reading - AskWoody: Born: Office activation site controlled by a non-Microsoft company
  5. Microsoft published master lists of endpoint connections that recent versions of the company's Windows 10 operating system make recently. Microsoft released the first version of Windows 10 three years ago and privacy has been a hot topic ever since. We published Windows 10 and Privacy back in 2015 to highlight privacy issues such as the inability to turn off Telemetry collection and transfers in the user interface. Microsoft was criticized by government agencies in various countries such as France or the Netherlands for privacy issues, and a rising arsenal of privacy tools for Windows 10 promised users protection against the data hunger of Microsoft. One option that Windows users and administrators have is to block endpoints so that connections can't be established. The method requires extensive testing as critical functionality may become unavailable when connections are blocked. If you block Windows Update endpoints, you should not be surprised that you cannot use the automatic updating system anymore to keep the operating system up to date. Default Windows 10 systems, those installed using default settings and left untouched, make a large number of connections automatically for a variety of purposes. Windows 10 checks for updates regularly, checks new files against Windows Defender databases, or submits telemetry data to Microsoft. While some connections are required for the operating system to work properly, others may be disabled without noticeable impact in functionality; the latter is true especially if features are not used on the system. Microsoft released a master list of Windows Endpoints for non-Enterprise and for Enterprise editions of Windows recently. The non-Enterprise listing is available for Windows 10 version 1709 and 1803, the Enterprise-specific listing for Windows 10 version 1709. Tip: Check out my side-project Privacy Amp for detailed lists and other privacy related topics. Without further ado, here are the connection endpoints of Windows 10 version 1803 (non-Enterprise). Windows 10 Family Destination Protocol Description *.e-msedge.net HTTPS Used by OfficeHub to get the metadata of Office apps. *.g.akamaiedge.net HTTPS Used to check for updates to maps that have been downloaded for offline use. *.s-msedge.net HTTPS Used by OfficeHub to get the metadata of Office apps. *.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/ HTTP Enables connections to Windows Update. arc.msn.com.nsatc.net HTTPS Used to retrieve Windows Spotlight metadata. arc.msn.com/v3/Delivery/Placement HTTPS Used to retrieve Windows Spotlight metadata. client-office365-tas.msedge.net* HTTPS Used to connect to the Office 365 portal’s shared infrastructure, including Office Online. config.edge.skype.com/config/* HTTPS Used to retrieve Skype configuration values. ctldl.windowsupdate.com/msdownload/update* HTTP Used to download certificates that are publicly known to be fraudulent. cy2.displaycatalog.md.mp.microsoft.com.akadns.net HTTPS Used to communicate with Microsoft Store. cy2.licensing.md.mp.microsoft.com.akadns.net HTTPS Used to communicate with Microsoft Store. cy2.settings.data.microsoft.com.akadns.net HTTPS Used to communicate with Microsoft Store. displaycatalog.mp.microsoft.com* HTTPS Used to communicate with Microsoft Store. dm3p.wns.notify.windows.com.akadns.net HTTPS Used for the Windows Push Notification Services (WNS). fe2.update.microsoft.com* HTTPS Enables connections to Windows Update, Microsoft Update, and the online services of Microsoft Store. fe3.delivery.dsp.mp.microsoft.com.nsatc.net HTTPS Enables connections to Windows Update, Microsoft Update, and the online services of Microsoft Store. fe3.delivery.mp.microsoft.com HTTPS Enables connections to Windows Update, Microsoft Update, and the online services of Microsoft Store. g.live.com/odclientsettings/Prod HTTPS Used by OneDrive for Business to download and verify app updates. g.msn.com.nsatc.net HTTPS Used to retrieve Windows Spotlight metadata. geo-prod.dodsp.mp.microsoft.com.nsatc.net HTTPS Enables connections to Windows Update. ipv4.login.msa.akadns6.net HTTPS Used for Microsoft accounts to sign in. licensing.mp.microsoft.com/v7.0/licenses/content HTTPS Used for online activation and some app licensing. location-inference-westus.cloudapp.net HTTPS Used for location data. maps.windows.com/windows-app-web-link HTTPS Link to Maps application. modern.watson.data.microsoft.com.akadns.net HTTPS Used by Windows Error Reporting. ocos-office365-s2s.msedge.net* HTTPS Used to connect to the Office 365 portal's shared infrastructure. ocsp.digicert.com* HTTP CRL and OCSP checks to the issuing certificate authorities. oneclient.sfx.ms* HTTPS Used by OneDrive for Business to download and verify app updates. query.prod.cms.rt.microsoft.com* HTTPS Used to retrieve Windows Spotlight metadata. ris.api.iris.microsoft.com* HTTPS Used to retrieve Windows Spotlight metadata. settings.data.microsoft.com/settings/v2.0/* HTTPS Used for Windows apps to dynamically update their configuration. settings-win.data.microsoft.com/settings/* HTTPS Used as a way for apps to dynamically update their configuration. sls.update.microsoft.com* HTTPS Enables connections to Windows Update. storecatalogrevocation.storequality.microsoft.com* HTTPS Used to revoke licenses for malicious apps on the Microsoft Store. storeedgefd.dsx.mp.microsoft.com* HTTPS Used to communicate with Microsoft Store. tile-service.weather.microsoft.com* HTTP Used to download updates to the Weather app Live Tile. tsfe.trafficshaping.dsp.mp.microsoft.com HTTPS Used for content regulation. ip5.afdorigin-prod-am02.afdogw.com HTTPS Used to serve office 365 experimentation traffic. watson.telemetry.microsoft.com/Telemetry.Request HTTPS Used by Windows Error Reporting. Windows 10 Pro Destination Protocol Description *.e-msedge.net HTTPS Used by OfficeHub to get the metadata of Office apps. *.g.akamaiedge.net HTTPS Used to check for updates to maps that have been downloaded for offline use. *.s-msedge.net HTTPS Used by OfficeHub to get the metadata of Office apps. .tlu.dl.delivery.mp.microsoft.com/ HTTP Enables connections to Windows Update. *geo-prod.dodsp.mp.microsoft.com.nsatc.net HTTPS Enables connections to Windows Update. arc.msn.com.nsatc.net HTTPS Used to retrieve Windows Spotlight metadata. au.download.windowsupdate.com/* HTTP Enables connections to Windows Update. ctldl.windowsupdate.com/msdownload/update/* HTTP Used to download certificates that are publicly known to be fraudulent. cy2.licensing.md.mp.microsoft.com.akadns.net HTTPS Used to communicate with Microsoft Store. cy2.settings.data.microsoft.com.akadns.net HTTPS Used to communicate with Microsoft Store. dm3p.wns.notify.windows.com.akadns.net HTTPS Used for the Windows Push Notification Services (WNS) fe3.delivery.dsp.mp.microsoft.com.nsatc.net HTTPS Enables connections to Windows Update, Microsoft Update, and the online services of Microsoft Store. g.msn.com.nsatc.net HTTPS Used to retrieve Windows Spotlight metadata. ipv4.login.msa.akadns6.net HTTPS Used for Microsoft accounts to sign in. location-inference-westus.cloudapp.net HTTPS Used for location data. modern.watson.data.microsoft.com.akadns.net HTTPS Used by Windows Error Reporting. ocsp.digicert.com* HTTP CRL and OCSP checks to the issuing certificate authorities. ris.api.iris.microsoft.com.akadns.net HTTPS Used to retrieve Windows Spotlight metadata. tile-service.weather.microsoft.com/* HTTP Used to download updates to the Weather app Live Tile. tsfe.trafficshaping.dsp.mp.microsoft.com HTTPS Used for content regulation. vip5.afdorigin-prod-am02.afdogw.com HTTPS Used to serve office 365 experimentation traffic Windows 10 Education Destination Protocol Description *.b.akamaiedge.net HTTPS Used to check for updates to maps that have been downloaded for offline use. *.e-msedge.net HTTPS Used by OfficeHub to get the metadata of Office apps. *.g.akamaiedge.net HTTPS Used to check for updates to maps that have been downloaded for offline use. *.s-msedge.net HTTPS Used by OfficeHub to get the metadata of Office apps. *.telecommand.telemetry.microsoft.com.akadns.net HTTPS Used by Windows Error Reporting. .tlu.dl.delivery.mp.microsoft.com HTTP Enables connections to Windows Update. .windowsupdate.com HTTP Enables connections to Windows Update. *geo-prod.do.dsp.mp.microsoft.com HTTPS Enables connections to Windows Update. au.download.windowsupdate.com* HTTP Enables connections to Windows Update. cdn.onenote.net/livetile/* HTTPS Used for OneNote Live Tile. client-office365-tas.msedge.net/* HTTPS Used to connect to the Office 365 portal’s shared infrastructure, including Office Online. config.edge.skype.com/* HTTPS Used to retrieve Skype configuration values. ctldl.windowsupdate.com/* HTTP Used to download certificates that are publicly known to be fraudulent. cy2.displaycatalog.md.mp.microsoft.com.akadns.net HTTPS Used to communicate with Microsoft Store. cy2.licensing.md.mp.microsoft.com.akadns.net HTTPS Used to communicate with Microsoft Store. cy2.settings.data.microsoft.com.akadns.net HTTPS Used to communicate with Microsoft Store. displaycatalog.mp.microsoft.com/* HTTPS Used to communicate with Microsoft Store. download.windowsupdate.com/* HTTPS Enables connections to Windows Update. emdl.ws.microsoft.com/* HTTP Used to download apps from the Microsoft Store. fe2.update.microsoft.com/* HTTPS Enables connections to Windows Update, Microsoft Update, and the online services of Microsoft Store. fe3.delivery.dsp.mp.microsoft.com.nsatc.net HTTPS Enables connections to Windows Update, Microsoft Update, and the online services of Microsoft Store. fe3.delivery.mp.microsoft.com/* HTTPS Enables connections to Windows Update, Microsoft Update, and the online services of Microsoft Store. g.live.com/odclientsettings/* HTTPS Used by OneDrive for Business to download and verify app updates. g.msn.com.nsatc.net HTTPS Used to retrieve Windows Spotlight metadata. ipv4.login.msa.akadns6.net HTTPS Used for Microsoft accounts to sign in. licensing.mp.microsoft.com/* HTTPS Used for online activation and some app licensing. maps.windows.com/windows-app-web-link HTTPS Link to Maps application modern.watson.data.microsoft.com.akadns.net HTTPS Used by Windows Error Reporting. ocos-office365-s2s.msedge.net/* HTTPS Used to connect to the Office 365 portal's shared infrastructure. ocsp.digicert.com* HTTP CRL and OCSP checks to the issuing certificate authorities. oneclient.sfx.ms/* HTTPS Used by OneDrive for Business to download and verify app updates. settings-win.data.microsoft.com/settings/* HTTPS Used as a way for apps to dynamically update their configuration. sls.update.microsoft.com/* HTTPS Enables connections to Windows Update. storecatalogrevocation.storequality.microsoft.com/* HTTPS Used to revoke licenses for malicious apps on the Microsoft Store. tile-service.weather.microsoft.com/* HTTP Used to download updates to the Weather app Live Tile. tsfe.trafficshaping.dsp.mp.microsoft.com HTTPS Used for content regulation. vip5.afdorigin-prod-ch02.afdogw.com HTTPS Used to serve office 365 experimentation traffic. watson.telemetry.microsoft.com/Telemetry.Request HTTPS Used by Windows Error Reporting. bing.com/* HTTPS Used for updates for Cortana, apps, and Live Tiles. Source PS: I'm sure there would be much more connections not revealed due to privacy issues with MS. Hope will be revealed by any whistle-blower or someone like Woody/abbodi/.... soon to demolish Win 10 & MS - the day I'm feel much more joyful.
  6. US Senator from Arizona Jeff Flake speaks during a press conference A Portland woman recently told a local news outlet that her Amazon Echo device had gone rogue, sending a recording of a private conversation to a random person in her contact list. On Thursday, two senators tasked with investigating consumer privacy sent a letter to Amazon CEO Jeff Bezos demanding answers. In the letter, Republican senator Jeff Flake and Democratic senator Chris Coons, who serve respectively as chairman and ranking member of the Judiciary Subcommittee on Privacy, Technology and the Law, ask Bezos to explain how exactly the Amazon Echo device listens to and stores users' voices. The senators also seek answers about what the company is doing to protect users from having that sensitive information misused. Amazon didn't respond to WIRED's request for comment. The letter, which was reviewed by WIRED, comes in the midst of what Flake calls a "post-Facebook" world, referring to the data privacy scandal in which Facebook says the data of as many as 87 million Americans may have been misappropriated by a political consulting firm called Cambridge Analytica. "Congress is feeling that we need to be ahead of the curve here," Flake told WIRED. "Companies are establishing procedures and protocols, and we need to know what they are to make sure that privacy is protected." The letter specifically cites the Portland story, in which an Echo mistook part of a background conversation for the word "Alexa." That caused the device to wake up. Once it started listening, the Echo misheard later parts of the conversation as a series of voice commands instructing it to send a message to one of the woman's contacts. The mishap in Portland wasn't caused by a glitch, the lawmakers write, but is instead an example of the Echo working "precisely how it was designed." The letter demands "prompt and meaningful action" to prevent it from happening again. "This incident makes it clear we don't fully understand the privacy risks we’re taking," Coons says. "Amazon owes it to the American people to be clearer about what’s happening with this technology." The letter asks Amazon to report the number of complaints the company has received from users about the Echo improperly interpreting a command. Among the nearly 30 questions contained in the letter are requests for details on when and how frequently the device sends voice data to Amazon's servers, how long that recording is stored, and how that data is anonymized. The senators also ask Amazon to share information on how long the Echo records a conversation after it hears the word "Alexa," and whether consumers have the ability to delete these recordings. The answers to some of these questions are a matter of public record. As WIRED has explained, the Echo microphone is always live, but it's only listening for its so-called "wake word." Once it hears the word, "Alexa," it begins recording and sends those clips to Amazon servers. That voice recording will stay there unless users take the time to manually delete it in the Alexa app. But other questions warrant further exploration. Flake and Coons want Bezos to explain, for example, "any and all purposes for which Amazon uses, stores, and retains consumer information, including voice data, collected and transmitted by an Echo device." That explanation may be buried in the company's terms of service somewhere, but the fine print that dictates what tech companies do with people's data is often viewed differently when magnified. Portland is hardly the first time users have reported their AI assistants misbehaving. Recently, users reported that their Echoes were laughing at them, a menacing quirk that Amazon attributed to the device mishearing the term "Alexa, laugh." Amazon calls these mistakes "false positives," where the algorithmic brain of Alexa believes it's hearing something it's not. But while these flukes make good headlines, the odds of an Amazon Echo mishearing its way through the multi-step process of sending a voice recording are slim. And yet, the senators' questions for Amazon are still valid. They extend far beyond the particulars of any single mistake and cut to the heart of a key issue facing tech leaders. For decades now, companies like Facebook, Google, and Amazon have collected unlimited amounts of data on their customers, given them minimal control over that data, and offered even less transparency into how they collect and store it. Now, after seeing how data can be manipulated for political purposes through the Facebook scandal, lawmakers are reevaluating the freedom they've given tech companies all these years. "The age of innocence is gone," says Flake. Source
  7. Microsoft is asking Windows 10 users whether the OS offers enough control over the personal data it collects. The firm is consulting Windows 10 users testing early builds of the OS under the Windows Insider program, who will be asked for feedback on a new privacy settings menu. The data collection toggles are designed to make it easier for users to choose which information they are comfortable being sent back to Microsoft. The new menu will be shown to all users before Windows 10 upgrades them to the Creators Update, which is expected to rolled out in April. Want more about Windows? The privacy settings page appears to be unchanged from when it was revealed in January, allowing users to choose broadly which data should sent to Microsoft, for example, location data when using maps, voice recordings when using the Cortana virtual assistant or diagnostic information related to what they type and write, and the apps they use. Insiders can give feedback on the new privacy settings page via the Feedback Hub application, where they will be able to see a prototype of the settings menu, shown above. By default the settings all appear to be toggled on to collect the maximum amount of data. The new privacy controls will be introduced alongside an option for Windows 10 Home and Pro users to dial back data collection further than is possible today, with Microsoft pledging that Windows 10's 'Basic' telemetry setting will ensure the OS "only collects data vital to the operation of Windows". Many of the privacy-focused changes to Windows 10 appear to address concerns raised by the French privacy watchdog, the chair of the National Data Protection Commission (CNIL), last year. At the time CNIL said the amount of data Windows 10 collected from users was "excessive" and that Microsoft needed to do more to seek users' permission before downloading advertising cookies to Windows 10 machines. It gave Microsoft until January 20 to set out how it would make Windows 10 compliant with the French data-protection act. In January, CNIL said it was evaluating whether Windows 10 would comply with French data-protection law following these changes. At the time this article was published, CNIL had not responded to a request for comment about whether a compliance decision has since been reached. While the changes caused Swiss data protection and privacy regulator FDPIC to drop its lawsuit, Microsoft still faces official questions about how Windows 10 handles data collection. Just last month, an EU watchdog, the Article 29 Working Party, said that, even with the changes to how Windows 10 handles personal data, it "remained concerned about the level of protection of users' personal data". Source
  8. Vodafone has revealed the extent of government snooping on its networks around the world, in a long report that appears to confirm the worst fears of privacy campaigners. The firm reveals that authorities in 29 countries have approached it for information on users, and while some are fairly open about their demands, others do not permit the company to reveal anything. However, more worryingly for those who value privacy, the report shows that in six countries Vodafone is obliged to allow governments to listen-in to communications at will, without obtaining a warrant first. Vodafone said it complies with these requests because it has to abide by the laws of the countries in which it operates. "In every country in which we operate, we have to abide by the laws of those countries which require us to disclose information about our customers to law enforcement agencies or other government authorities, or to block or restrict access to certain services," it said. "Refusal to comply with a country's laws is not an option. If we do not comply with a lawful demand for assistance, governments can remove our licence to operate, preventing us from providing services to our customers. Our employees who live and work in the country concerned may also be at risk of criminal sanctions, including imprisonment." The UK is fairly open about its demands, according to the report, but other countries, such as Turkey, will not let the firm reveal anything about its data requests. According to the report, the UK government made 2,760 interception requests, or warrants, and over half a million communications data requests. In the report, Vodafone calls on all governments to allow greater transparency and to consider the impact the actions of their intelligence agencies is having on business and consumers. "In our view, it is governments – not communications operators – who hold the primary duty to provide greater transparency on the number of agency and authority demands issued to operators," it said. "We believe that regulators, parliaments or governments will always have a far more accurate view of the activities of agencies and authorities than any one operator." In the meantime, Vodafone said it will continue to release all the information it can. "Whilst we have included factors relevant to national security powers in compiling this report, it is important to note that many countries prohibit the publication of any form of statistical information relating to national security demands," it said. "We think many governments could do more to ensure that the legal powers relied upon by agencies and authorities are fit for the internet age." Source
×
×
  • Create New...