Twitter & Yahoo Tightening Their Security to Prevent Eavesdropping of NSA

Twitter & Yahoo Tightening Their Security to Prevent Eavesdropping of NSA & Other Govt Agencies 

Last month a untold and sensational story came to light, when the whistle blowers Edward Snowden unveiled one of the top secret program of NSA called called “Muscular” Former NSA contractor Snowden himself disclosed that the National Security Agency has secretly broken into the main communications links that connect Yahoo and Google data centers around the world in order to collect and snoop the private data of millions of internet users. NSA’s acquisitions directorate sends millions of records every day from internal Yahoo and Google networks to data warehouses at the agency’s headquarters at Fort Meade, Md. In the preceding 30 days, the report said, field collectors had processed and sent back 181,280,466 new records including “metadata,” which would indicate who sent or received e-mails and when, as well as content such as text, audio and video. Both Yahoo & Google said that they had never gave access to nay Govt agency to their data centers. Yahoo spokeswoman said, “We have strict controls in place to protect the security of our data centers, and we have not given access to our data centers to the NSA or to any other government agency.” Google’s chief legal officer, David Drummond said “We are outraged at the lengths to which the government seems to have gone to intercept data from our private fiber networks, and it underscores the need for urgent reform,” 

But the matter of fact is that NSA has indeed sniffed the personal & private communication of million internet users of tech giants like Yahoo and Google. To get rid of this kind of privacy breach, now the tech giants who hold the personal record and credential of mass, are tightening and enhancing their existing security system. According to Marissa Mayer, CEO of Yahoo "We’ve worked hard over the years to earn our users’ trust and we fight hard to preserve it." Yahoo also says it will encrypt all information moving between its data centers by the end of the first quarter, and it will work on getting international partners to enable HTTPS encryption in Yahoo-branded Mail services.Yahoo says it will give users an option to encrypt all data flow to and from Yahoo. "Yahoo has never given access to our data centers to the NSA or to any other government agency ever. There is nothing more important to us than protecting our users’ privacy. To that end, we recently announced that we will make Yahoo Mail even more secure by introducing https (SSL - Secure Sockets Layer) encryption with a 2048-bit key across our network by January 8, 2014." added Marissa Mayer.

Not only Yahoo, but the social networking giant Twitter, who have registered users of almost 550 million with an active user of 250 million across the globe has also taken immediate steps after this breathtaking story of spying by NSA get the spot light. Twitter is implementing new security measures that should make it much more difficult for anyone to eavesdrop on communications between its servers and users. The entire security mechanism has been taken to tighten the data privacy of its users. According to a blog post of twitter the company has implemented "perfect forward secrecy" on its Web and mobile platforms, which made eavesdropping almost impossible. "As part of our continuing effort to keep our users’ information as secure as possible, we’re happy to announce that we recently enabled forward secrecy for traffic on twitter.com, api.twitter.com, and mobile.twitter.com. On top of the usual confidentiality and integrity properties of HTTPS, forward secrecy adds a new property. If an adversary is currently recording all Twitter users’ encrypted traffic, and they later crack or steal Twitter’s private keys, they should not be able to use those keys to decrypt the recorded traffic." -said the blog post.

While talking about Muscular program of NSA, we would also like to remind you that couple weeks ago we came to know about 'Royal Concierge' another secret program of GCHQ & NSA to spy foreign diplomats through hotel bookings uncovered by Edward Snowden.

-Source (CIO & PC World) 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Twitter & Yahoo Tightening Their Security to Prevent Eavesdropping of NSA"https://www.voiceofgreyhat.com/2013/11/twitter-yahoo-tightening-security-2stop-eavesdropping.html</a>

'Royal Concierge' Secret Program of GCHQ to Spy Foreign Diplomats Through Hotel Bookings Unveiled By Edward Snowden

'Royal Concierge' Secret Program of GCHQ to Spy Foreign Diplomats By Hotel Bookings Unveiled By Edward Snowden

Edward Snowden the American whistle blowers who is currently living in Russia under temporary asylum, after Snowden is considered a fugitive by American authorities who have charged him with espionage and theft of government property  yet again uncovered what it called sensational information. This time he unfold a top secret program of Britain's GCHQ intelligence agency & US National Security Agency (NSA). In which they infiltrated the reservation systems of around 350 luxury hotels popular among diplomats and government officials with the help of a sophisticated program code-named "Royal Concierge" Royal Concierge designed to keeps tabs on foreign diplomats by monitoring their hotel bookings. This can include monitoring a hotel room and its guest by wiretapping the telephone and fax machine, gaining access to computers hooked up to the hotel network, or eavesdropping on the diplomat in the hotel bar. This surveillance program, uses a logo with a penguin -- meant to stand for the black and white uniforms worn by staff at top hotels -- wearing a crown, a purple cape and holding a wand. The top secret program automatically checked whether the e-mail address of a visitor on the hotel booking system matched with the address of his government and with this information the GCHQ could take the necessary steps to bug the concerned hotel room, to tap its telephones or to eavesdrop into the electronic data transfer, the news weekly said. Snowden said GCHQ has been using the search and analyse program for more than three years to track diplomats and government officials among hotel guests. 

The above breathtaking information first came on a German magazine 'Der Spiegel' on Sunday. And this exciting leaks been provided by former US intelligence contractor Edward Snowden. After this lurid information came to light, press asked questions to GCHQ, in response an official of GCHQ said "We are not going to comment on this report". But the entire conversation with Der Spiegel reporter with GCHQ officials came to the conclusion of GCHQ "neither confirms nor denies the allegation". On th other hand Britain's top spy chiefs reacted angrily to leaks by Snowden, a fugitive former analyst for the US National Security Agency, in an appearance this month before a parliamentary committee. Denying Britons were under mass surveillance, the heads of the foreign spy agency MI6, the domestic intelligence service MI5 and GCHQ warned that al-Qaeda and other enemies were "lapping up" intelligence revelations by Snowden and using them to change the way they operate.

-Source (AFP, News 24)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">'Royal Concierge' Secret Program of GCHQ to Spy Foreign Diplomats Through Hotel Bookings Unveiled By Edward Snowden"https://www.voiceofgreyhat.com/2013/11/snowden-unveiled-royal-concierge-GCHQ.html</a>

Thousands of Sources in Written-Password (SNAFU) Exposed By WikiLeaks

The cone of silence over WikiLeaks' thousands of sources - many of whose lives are at risk if identified - has been shattered, all thanks to the most mundane, all-too-human security screwup imaginable.

To wit: WikiLeaks founder Julian Assange wrote down the password on a piece of paper, and then forgot to change it later. The security breach has thrown open the doors to WikiLeaks' entire archive of 251,000 secret U.S. diplomatic cables.

To the horror of the media partners it has worked with in the past to carefully redact the documents - The Guardian, The New York Times, El Pais, Der Spiegel and Le Monde - WikiLeaks has published its entire archive, unredacted, putting in danger several thousands of people whom the U.S. has tagged as being at risk if exposed. The documents also cite more than 150 whistle blowers.

"We deplore the decision of WikiLeaks to publish the unredacted state department cables, which may put sources at risk," the organizations said in a joint statement. 

"Our previous dealings with WikiLeaks were on the clear basis that we would only publish cables which had been subjected to a thorough joint editing and clearance process. We will continue to defend our previous collaborative publishing endeavour. We cannot defend the needless publication of the complete data – indeed, we are united in condemning it."

The media partners made it clear that this time, with this move, Assange got no help from them. "The decision to publish by Julian Assange was his, and his alone," they said in the statement. Der Spiegel has chronicled the archive’s publishing, tracing it back to a meeting between Assange and David Leigh of The Guardian.

According to the account, as the British journalist recounts in his book "Inside Julian Assange's War on Secrecy", Leigh and Assange at one point sat down to discuss how Assange would provide Leigh with a file including all of the diplomatic dispatches received by WikiLeaks.

According to Der Spiegel, Assange placed the file on a server and wrote part of the password on a slip of paper. To make it work, one had to complete the list of characters with a certain word.

Can you remember it? Assange asked. Of course, Leigh said.

"At the time, Daniel Domscheit-Berg, who later founded the site OpenLeaks, was the German spokesman for WikiLeaks. When he and others undertook repairs on the WikiLeaks server, he took a dataset off the server which contained all manner of files and information that had been provided to WikiLeaks. What he apparently didn't know at the time, however, was that the dataset included the complete collection of diplomatic dispatches hidden in a difficult-to-find sub-folder," according to Der Spiegel.

With the dataset in the hands of Domscheit-Berg, Leigh went on to describe his meeting with Assange in his book. In the book, however, he included not only the portion of the password on the slip of paper, but also the part he had been asked to commit to memory.

What followed included feuding between Domscheit-Berg and Assange, attempts to prove that Assange wasn’t trustworthy, and the eventual disclosure that not only was the entire dataset circulating, but that the password could be found in Leigh's book.

At this point, fingerpointing is rampant. WikiLeaks' Twitter feed blames The Guardian. The Guardian is protesting its innocence, putting out a statement claiming that it had been told the password was only temporary.

The U.S. Embassy in London and the U.S. State Department were notified of the possible publication on August 25 to enable officials to warn the named informants. Hopefully, this has given them enough time to remove themselves from harm.

Whether that is possible for all the sources who’ve been put in harm's way is an open question.

But one thing is certain: The platforms to which whistleblowers have hitherto brought their leaks are compromised. They are as riddled with security holes, as flailing with common human weaknesses, as the most ridiculed home user running an unsecured wireless network and the most inept office worker writing down his password on a Post-It note.

Let us hope that this carelessness, this breathtaking lapse in security hygiene, leads to no loss of life.

-News Source (Wikileaks & Naked Security)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Thousands of Sources in Written-Password (SNAFU) Exposed By WikiLeaks"https://www.voiceofgreyhat.com/2011/09/thousands-of-sources-in-written.html</a>