Email Encryption Service Provider ‘ProtonMail’ Now on Tor

ProtonMail-Tor-ServiceIf you look in the VooDoo Tech section, you’ll see we endorse both ProtonMail and Tor.  Both are excellent services if you value your online privacy and now they work together!  ProtonMail, launched in 2014 by a group of MIT and CERN experts, is the largest email encryption service provider in the world having more than two million users. It is the preferred emailing platform of activists and journalists who need to keep information confidential.  In its latest announcement, ProtonMail’s co-founder Dr. Andy Yen stated that they would allow the users to directly access their email accounts via Tor network so that they could counter steps taken by authoritative governments across the globe to minimize user privacy.

Dr. Yen said that it is inevitable to avoid censorship in some countries and they have been “proactively working to prevent this.” Dr. Yen further acknowledged that the reason why they have chosen Tor is that “Tor provides a way to circumvent certain Internet blocks so improving our compatibility with Tor is a natural first step.”

This perhaps looks like a step taken after the recent actions from the governments to curb the public’s access to encrypted platforms and secure internet usage. Such as Egyptian government blocked encrypted chat application Signal and the UK government’s approval of the Investigatory Powers Bill aimed at tracking the activities of web browsers.  Friends, do yourself a favor… Use Tor and get yourself a ProtonMail account.


5 lies that have shaped the Obama presidency…

you-lieIf past presidents are remembered for their signature achievements, Obama will be remembered for his signature lie: “If you like your health care plan, blah, blah, blah.” You know the rest. Although the most consequential of Obama’s lies — it got him re-elected — it’s far from his only prevarication.  Here are five that illustrate just how much Obama’s presidency is built on falsehoods.

5. “My father left my family when I was 2 years old.”

Obama made this claim in September 2009, when addressing the nation’s schoolkids. By then, the blogosphere knew that baby Obama had never spent a night under the same roof as his father, let alone two years.  For years, Obama and his advisers invested enormous political capital in what biographer David Remnick called Obama’s “signature appeal: the use of the details of his own life as a reflection of a kind of multicultural ideal.”  Remnick called Obama’s autobiography “a mixture of verifiable fact, recollection, recreation, invention and artful shaping.” In other words, the truth is never good enough.

4. “The Fast and Furious program was a field-initiated program begun under the previous administration.”

Obama spun this fiction at a September 2012 Univision forum knowing it was false. In fact, the bizarre, deadly idea to let American guns “walk” into Mexico, where they were used by drug cartels to kill dozens, began in October 2009.  Three months earlier, White House press secretary Jay Carney had made the same bogus claim virtually word for word at a press conference and got shot down on national TV. “It began in fall 2009,” corrected White House correspondent Jake Tapper, then with ABC.  Carney refused to acknowledge he lied, and the president continued to lie weeks later. It’s all part of Obama’s ducking of responsibility — it’s always someone else’s fault.

3. “Not even a smidgen of corruption.”

Obama said this in response to Bill O’Reilly’s question about the IRS scandal: “You’re saying no corruption?”  If there were not even a “smidgen of corruption,” as Obama insisted, it is hard to understand what outraged him, or at least seemed to, when news of the IRS scandal first broke. “It’s inexcusable, and Americans are right to be angry about it, and I am angry about it,” Obama said in May 2013. Obama routinely expressed anger when some new scandal erupted on his watch — IRS, the failed ObamaCare website, the VA scandal, Fast and Furious — but never before had he shoved a scandal down the memory hole so quickly.  And how could Obama know there wasn’t a smidgen of corruption before the investigation was even over? Perhaps because the administration knew that any proof of that was gone with deleted emails and destroyed hard drives?

2. “We revealed to the American people exactly what we understood at the time.”

During that same Super Bowl Sunday interview, Obama made this claim in response to O’Reilly’s inquiry about the attack on the American consulate in Benghazi. Obama continued to dissemble: “The notion that we would hide the ball for political purposes when a week later we all said, in fact, there was a terrorist attack taking place and the day after I said it was an act of terror, that wouldn’t be a very good coverup.”  In fact, it was exactly a week after the attack, on Sept. 18, that Obama took his first questions about Benghazi. Bizarrely, he did so to David Letterman. “Here’s what happened,” Obama said.  “You had a video that was released by somebody who lives here, sort of a shadowy character who — who made an extremely offensive video directed at — at Mohammed and Islam.”  We know now that the administration knew this wasn’t true. Not a week later; not even the very night of the attacks.  On many levels, this was Obama’s most telling lie. He only deals with the world as he sees it, not as it is.

1. “Transparency and the rule of law will be the touchstones of this presidency.”

Obama told this whopper to his assembled staff on his first day in office. He promised it to the press. Instead, his administration refuses to hand over documents and Obama refuses to answer questions. As liberal constitutional scholar Jonathan Turley assessed the presidency, “Barack Obama is really the president Richard Nixon always wanted to be.”  What do these lies, just a sample of many, tell us? Obama never stopped “artfully shaping” his life.  The scary thing is he might actually believe these lies. He believes that posting a shot from his personal photographer online is “transparent.” That targeting conservative groups for audits isn’t corrupt. That everything that has gone wrong with his presidency is Bush’s fault.

Knowing that, how can we believe anything that he says?

SOURCE – New York Post

Tor Project working to fix weakness that can unmask anonymous users

tor_nsaDevelopers of Tor software believe they’ve identified a weakness that was scheduled to be revealed at the Black Hat security conference next month that could be used to de-anonymize Tor users.

The Black Hat organizers recently announced that a talk entitled “You Don’t Have to be the NSA to Break Tor: Deanonymizing Users on a Budget” by researchers Alexander Volynkin and Michael McCord from Carnegie Mellon University’s Computer Emergency Response Team (CERT) was canceled at the request of the legal counsel of the university’s Software Engineering Institute because it had not been approved for public release.

“In our analysis, we’ve discovered that a persistent adversary with a handful of powerful servers and a couple gigabit links can de-anonymize hundreds of thousands Tor clients and thousands of hidden services within a couple of months,” the CERT researchers had written in the abstract of their presentation. “The total investment cost? Just under $3,000.”

In a message sent Monday to the Tor public mailing list, Tor project leader Roger Dingledine said that his organization did not ask Black Hat or CERT to cancel the talk. Tor’s developers had been shown some materials about the research in an informal manner, but they never received details about the actual content of the planned presentation, he said. The presentation was supposed to include “real-world de-anonymization case studies.”

Despite the lack of details, Dingledine believes that he has figured out the issue found by CERT and how to fix it. “We’ve been trying to find delicate ways to explain that we think we know what they did, but also it sure would have been smoother if they’d opted to tell us everything,” he said in a subsequent message on the mailing list.

Dingledine suggested that the issue affects Tor relays, the Tor network nodes that route user connections in a way that’s meant to hide the traffic’s origin and destination from potential network eavesdroppers.

“Based on our current plans, we’ll be putting out a fix that relays can apply that should close the particular bug they found,” he said. “The bug is a nice bug, but it isn’t the end of the world. And of course these things are never as simple as ‘close that one bug and you’re 100% safe’.”

Tor — originally called The Onion Router — started out as a project of the U.S. Naval Research Laboratory, but is now developed and maintained by a nonprofit organization called The Tor Project. The software allows users to access resources on the Internet without revealing their real IP (Internet Protocol) addresses, a feature appreciated by privacy-conscious users as well as criminals.

According to media reports last year based on documents leaked by former U.S. National Security Agency contractor Edward Snowden, both the NSA and the U.K.’s Government Communications Headquarters targeted Tor and had some success in de-anonymizing limited numbers of users.


EFF sues NSA…

EFF_NSA-680x400The Electronic Frontier Foundation, has filed a lawsuit against the U.S. National Security Agency to get it to specify the extent to which it might exploit software security flaws.

The EFF said it had filed a Freedom of Information Act lawsuit against the NSA and the Office of the Director of National Intelligence to gain access to documents showing how intelligence agencies choose whether to disclose software security flaws known as “zero days.” These early stage flaws are typically discovered by researchers but are not yet patched by developers or the company. A market has even sprung up around the flaws, in which governments will purchase the vulnerabilities to gain access to people’s computers, EFF said.  Not disclosing zero-day flaws jeopardizes people’s data and communications, the EFF has argued.

The suit comes amid concerns and accusations that government agencies, including but not limited to the NSA, may be exploiting these vulnerabilities for intelligence-gathering processes without the public’s awareness.  In April, Bloomberg News reported that the NSA had used the then-recently disclosed “Heartbleed” security bug to gather intelligence for at least two years before it was discovered by others. The NSA said the report was incorrect.  The EFF had filed a Freedom of Information Act request in May related to these processes, but still has not received any documents, despite Intelligence Director James Clapper’s office agreeing to expedite the request.

“This [suit] seeks transparency on one of the least understood elements of the U.S. intelligence community’s toolset: security vulnerabilities,” said Andrew Crocker, EFF legal fellow, in a statement. “These documents are important to the kind of informed debate that the public and the administration agree needs to happen in our country.”

A spokeswoman for the NSA declined to comment. The intelligence director’s office did not immediately respond to comment.

Following disclosures made last year by former NSA contractor Edward Snowden, intelligence agencies’ techniques have come under much scrutiny. In addition to their possible exploitation of software vulnerabilities, whether agencies can exploit weaknesses in encryption has also sparked concern.  As a result many large companies like Google and Microsoft have bolstered their use of encryption technology in recent months.

SOURCE – Infoworld

Warrantless cellphone tracking… Still think you’re living in a free country?

surveillance-640x538Police in Florida have offered a startling excuse for having used a controversial “stingray” cellphone tracking gadget 200 times without ever telling a judge: the device’s manufacturer made them sign a non-disclosure agreement that they say prevented them from telling the courts.  Let me get this straight, a contract prevented the Po-Po from getting a warrant?

The shocking revelation came during an appeal over a 2008 sexual battery case in Tallahassee in which the suspect also stole the victim’s cellphone. Using the stingray — which simulates a cellphone tower in order to trick nearby mobile devices into connecting to it and revealing their location — police were able to track him to an apartment.  During recent proceedings in the case, authorities revealed that they had used the equipment at least 200 additional times since 2010 without disclosing this to courts and obtaining a warrant.  Although the specific device and manufacturer are identified in neither the one court document available for the 2008 case, nor in a video of a court proceeding, the ACLU says in a recent blog post that the device is “likely a stingray made by the Florida-based Harris Corporation.”

Harris is the leading maker of stingrays in the U.S., and the ACLU has long suspected that the company has been loaning the devices to police departments throughout the state for product testing and promotional purposes. As the court document notes in the 2008 case, “the Tallahassee Police Department is not the owner of the equipment.”

The ACLU now suspects these police departments may have all signed non-disclosure agreements with the vendor and used the agreement to avoid disclosing their use of the equipment to courts.

“The police seem to have interpreted the agreement to bar them even from revealing their use of Stingrays to judges, who we usually rely on to provide oversight of police investigations,” the ACLU writes.

Harris refused to comment, instead redirecting questions to law enforcement.

The secretive technology is generically known as a stingray or IMSI catcher, but the Harris device is also specifically called the Stingray. When mobile phones — and other wireless communication devices like air cards — connect to the stingray, it can see and record their unique ID numbers and traffic data, as well as information that points to the device’s location. By moving the stingray around, authorities can triangulate the device’s location with much more precision than they can get through data obtained from a mobile network provider’s fixed tower location.  No Sir!, we’re not living in a surveillance state!

The government has long asserted that it doesn’t need to obtain a probable-cause warrant to use the devices because they don’t collect the content of phone calls and text messages but rather operate like pen-registers and trap-and-traces, collecting the equivalent of header information.  This is the first time, however, that a contract with the vendor has been cited as a reason for not obtaining a warrant. The discovery of this hidden detail was made by CNET reporter Declan McCullagh earlier this year.  The 2008 Florida case — State v. Thomas (.pdf) — is currently sealed, though the ACLU has filed a motion to unseal the records.

The case involves James L. Thomas who was convicted of sexual battery and petit theft.

According to the appellate court judges, after a young woman reported on September 13, 2008 that she had been raped and that her purse, containing a cellphone, had been stolen, police tracked the location of her phone about 24 hours later to the apartment of Thomas’ girlfriend.

“The investigators settled on a specific apartment ‘shortly after midnight’ or ‘approximately 1:00 to 2:00 a.m.’ on September 14, 2008,” the court wrote. “For the next few hours, six or seven police officers milled around outside the apartment, but made no effort to obtain a search warrant.”

They did not want to obtain a search warrant to enter the apartment “because they did not want to reveal information [to a judge] about the technology they used to track the cellphone signal,” the appellate judges note.  Around 5 a.m., police knocked on the apartment door, but the suspect’s girlfriend refused to let them in without a warrant. They forced their way in, ordered her and Thomas to exit, then searched the apartment. After they found the victim’s purse and cellphone, they arrested Thomas.  Authorities opted not to get a warrant either for the use of the Stingray or the search of the apartment, simply because they didn’t want to tell the judge what they were using to locate the suspect, a matter the ACLU finds troubling.

“Potentially unconstitutional government surveillance on this scale should not remain hidden from the public just because a private corporation desires secrecy. And it certainly should not be concealed from judges,” the ACLU noted.  Authorities even refused to tell Thomas’s attorney how they had tracked his client to the apartment. A judge finally forced the government to disclose the surveillance technique they had used, but only after the government insisted the court be closed. The proceedings were also sealed to prevent the information from leaking to the public.  The truth came out only after Thomas appealed his conviction, asserting that the police violated his Fourth Amendment right in seizing evidence.

It was in the unsealed appellate opinion that the ACLU discovered the reason for the secrecy.  The judges revealed that the reason authorities didn’t obtain a search warrant and didn’t want to disclose their surveillance technique in an open court was because of the NDA. But that wasn’t all. A video of oral arguments before the appellate judges revealed more.  When the government attorney tried to argue in court that the police had planned to obtain a warrant to enter the apartment, one of the judges interrupted.

“No, no, no, no, no,” he said. “I think this record makes it very clear they were not going to get a search warrant because they had never gotten a search warrant for this technology.”

His fellow judge then interjected loudly, “Two-hundred times they have not.”

The ACLU was surprised by the admission.  “[Wh]en police use invasive surveillance equipment to surreptitiously sweep up information about the locations and communications of large numbers of people, court oversight and public debate are essential,” the group noted in its post.  But the possibility that an NDA may have been the excuse for not disclosing the technology was an even greater concern. [A video of the oral arguments is available on the court’s web site. Discussion of the technology begins at 9:15; mention of the 200 times they used the technology without a warrant occurs around 18:00.]

The ACLU has filed a Freedom of Information Act request with 30 police and sheriff departments in Florida to determine how widespread the use of the stingray is and how often its use has been concealed from courts.  Use of stingray technology goes back at least 20 years. In a 2009 Utah case, an FBI agent described using a cell site emulator more than 300 times over a decade and indicated that they were used on a daily basis by U.S. Marshals, the Secret Service, and other federal agencies.  The systems are not cheap. According to a 2008 price list obtained by Public Intelligence, the Harris Stingray was priced at $75,000 for the basic device, plus an additional $22,000 – $5,000 for various software packages for use with it. But the police in Florida appear to have obtained the devices for free or on lease from the maker.

While the government has argued in other cases that it does not need a warrant to use the devices, it conceded in one case in Arizona that it did need a warrant to use the device in that particular case because it involved locating a Verizon air card being used inside the suspect’s apartment.  In the Thomas case in Florida, however, the appellate judges noted that they were considering the suspect’s appeal only on grounds that police did not obtain a search warrant for his apartment, not on grounds that they did not obtain a search warrant for the use of the surveillance device.

“For purposes of decision, however, we assume the police acted lawfully up to the point that they forcibly entered the apartment,” they wrote in their November opinion. “It is not clear that there was ever a ruling on the legality of the cellphone tracking methods used below.”

The trial court initially ruled that the apartment search was legal, due to exigent circumstances, and therefore evidence obtained in the search was legal, but the appellate court reversed this and found that the girlfriend had only given her consent after she was forced to leave the apartment and stand outside in her night clothes, and after police had already begun to search the apartment.

Still think you are free?  Comment below…


  • Ads