1 Year after the Twitter censorship in Turkey

Wow! It’s already been a year since the Gezi‬ protest in ‪#Turkey‬ against online censorship and the Twitter block!
In these protests, a 15yr old boy, ‪‎BerkinElvan‬, was deadly injured.

Back then, we did our best to help people in Turkey. Ten of thousands of people in Turkey were able after that to sent images to the world and boicot the censorship.
It’s sad to see that even after a year, the police detains protesters, as we read in The Hurriyet Daily News.

berkin-elvan-heykeline-cirkin-saldiri_2170_dhaphoto4

[photo credit: The Hurriyet Daily News]

We’ll keep fighting for the ‪#‎FreeInternet‬!

Spread our message and support freedom of speech and the Free internet.

WebRTC Leak: Are you affected?

A lot of fuss for little trouble: Browser video chat renders VPN worthless, it says. Or: Firefox and Chrome reveal original IP address. Or: Deanonymisation via WebRTC. However: Turns out, very few are affected, because the vast majority operates behind a router and it is shielded by default – and even those, who actually are affected, can resolve the issue with little effort.

So, what’s this all about?

It’s about WebRTC, a video chat technique for real time communication directly inside modern browsers like Firefox and Chrome, which, as a side effect, can help to unveil a user’s original IP address, even though she or he is camouflaged by a VPN. Theoretically. In the real world the possible leak just affects users who are directly connected to the Internet with a modem. The WebRTC makes it possible to read all registered IP addresses inside the network card. All others should be safe, even though they use one of the mentioned browsers. From behind a router, all WebRTC is going to see will be in most cases a bunch of local IP addresses, such as 192.168.178.xxx and alike, which are common in all local networks and therefore worthless in terms of tracking.

U test

If your browser is affected, can be tested very fast on the CyberGhost WebRTC IP detection page. Just open your browser and visit this page: WebRTC Real IP Detection.

webrtc_detection_01

 

If your real IP is exposed, start CyberGhost, clean your browser’s cache (by hitting ‘F5′) and visit the page again. If you’re unlucky and your IP is still exposed, install either the WebRTC Block plug-in for Chrome or the Disable WebRTC plug-in for Firefox.

webrtc_detection_02

Full proof – ‘Regin’ Trojan is an NSA Tool

If the world really needed more proof to realise the scale on which the NSA machinery operates, a new and irrefutable proof was released today.

On January 17 2015, Spiegel.de published an article based on documents obtained from Edward Snowden and provided a copy of a malicious program named “QWERTY” ), supposedly used by several governments in their Computer Network Exploitation (CNE)operations.

Today, the same news publication released an article, demonstating the same code provenience and indentical  functionality of  “QWERTY” malware to the Regin 50251 plugin.

Regin/Querty Vergleich Kaspersky

 

Given the fact that the QWERTY keylogger doesn’t function as a stand-alone module, only in tandem with kernel hooking functions provided by the Regin module 50225, it was concluded that the QWERTY malware developers and the Regin developers are the same or working together.

You can read here all the mind-binding conclusions of this ground breaking analysis that states once again that mass-surveillance is more than a fact, it’s a threat.

Fake Leak: No, CyberGhost has NOT been hacked

Contrary to the claims of an unknown hacker group, initially issuing themselves as Anonymous hacker, no credit card information has been stolen from CyberGhost’s servers and published. The reason is obvious: CyberGhost itself handles no payments and therefore has no access to credentials or has any infrastructure to save it. Accordingly, the published list only contains a rather lame collection of expired serial numbers from past promotions …

At Christmas, a group of anonymous hackers filled the headlines, presenting a Sony hack and, later on, asserted via Twitter, to have hacked various companies and stolen their customer data, including UbiSoft, VCC, Brazzers, UFC TV, XBL Gamers, Twitch TV, Amazon, Hulu Plus, Dell, Walmart , EA Games, and, ultimately, CyberGhostVPN. Initially known as ‘Anonymous’, then as ‘Lizard Squad’, the group seemed to have access to different companies and collected a list of over 13,000 accounts on Amazon, Playstation, Xbox Live, Hulu Plus, Walmart and other retailers as well as entertainment and adult platforms. The list includes credit card numbers, security codes and expiration dates. As a little extra, the hacker also published a copy of the controversial Kim de Jong lampoon movie ’The Interview’.

AnonymousGlobo_Twitter

Of course we can’t say anything about the truth of the allegations regarding the other affected companies, this is still to be reviewed, but as far as CyberGhost is concerned, we can give the all clear. CyberGhost itself does not accept payments and therefore has no data collection of credentials or else. In fact CyberGhost relies for payment processing on the e-commerce company cleverbridge – whose name is not on the list.

So what exactly has being published then, if not credit card data? Well, a series of expired serial numbers for CyberGhost subscriptions, grabbed at earlier campaigns and other promotions, plus some occasional license keys from recent actions (which were disabled during the last few days). So the purpose of the publication is rather unknown; it neither proves the existence of a vulnerability nor does it benefit someone.

AnonymousGlobo_List

5 Tips For Preserving Your Online Privacy While Traveling for Holidays

It’s the season to be jolly! And travel. A lot.

Right now, most of you are probably making plans to escape the concrete jungle and head on to a city break somewhere quieter or to go see your family and friends.

However, there are a few important measures you should take in order to fully enjoy your holidays without getting your bank details stolen, accounts hacked, or house ravaged.

xmas

  1. Don’t Show And Tell

No matter how tempting it is to brag about your perfectly planned vacation in an exotic destination, it’s never a good idea.

There are a lot of people out there, who can’t wait to break into an empty house and won’t leave empty handed either, while they’re at it.

So keep that in mind next time you’re traveling! Those awesome Instagram photos can wait a few days.

Speaking of which…

  1. Check Your Privacy Settings Before Uploading Photos

Don’t even think to share that photo with you holding three shots in one hand, before checking who can actually see it.

Sure, your friends will think it’s funny, your exes will turn grey with envy and your mom might get slightly worried.

Your current and future employers, work colleagues or people who don’t know you so well yet, will never see you with the same eyes again.

  1. Secure Payment Methods Are Your Friend

No matter how much you’re trying to escape your daily duties, it’s inevitable that at some point you might need to pay those bills that keep piling up.

In that case, make sure you always use a secure payment method, like bitcoin (if it’s accepted), or Secure Pay.

But even that is not helpful if you don’t…

  1. Use Strong Passwords For Everything

You might be tempted to use 1234 or your dog’s name as a password, but that is a huge mistake pretty much everyone comes to regret at some point. The only way you can make it worse is by having one password for all your accounts.

Regardless of the time and energy you think you’re saving, all you do is preparing yourself for sharing with the world a tad more than you’re willing and ready to.

Strong passwords should have at least 8 characters, contain big and small letters, special characters and numbers.

And if you think you won’t remember them all, you’re probably right. That’s why a password manager like KeePass always comes in handy.

Tip 005 - Choose Complex Passwords - Not a Vocabulary Word

  1. Beware of WiFi Networks And Encrypt Your Connection

Last, but not least, it’s important you remember to encrypt your internet connection whenever you use public HotSpots, which you will be doing a lot.

The simplest and most efficient way to do this, is by using a VPN.

CyberGhost VPN encrypts your traffic and changes your IP so you can surf anonymously and safe.

And you’re in luck! We have a great offer, too!

Encryption – A Guide for Everyone

Did you know that even the great Caesar used a cipher to hide his military
correspondence between 100 – 44 B.C?  The key in this case was simply
to shift to the right by three.

Encryption is not a new concept but it keeps getting more and more complex and useful. We thought that a guide to encryption accessible to everyone would be more than welcomed, either to understand it better or to share it with people who would need it.

Just a short intro: encryption is the process through which information or data is transformed (encoded) in such a way that is unreadable to anyone who does not have the knowledge of the way it was transformed.
The information thus becomes available only to the authorized parties. This authorization works based on keys. Encoding the information is made by using an encryption key while decoding the information is made by using a decryption key.

Encryption

You can read the entire guide here.

Feel free to share it with people interested.