Tag - security

1
How Windows 10 is spying on you and what you can do about it
2
Get €25.000 funding for your privacy start-up idea from CyberGhost!
3
Stop Pointing Your Finger at Jennifer Lawrence and Accept You Might Be Next
4
The Future of Privacy Is Now and it’s Happening in Europe
5
3 Years of Free Of Compromise Security, Freedom and Privacy with CyberGhost VPN
6
Outrunning NSA’s Bullrun

How Windows 10 is spying on you and what you can do about it

Win 10

As you surely already know, Microsoft is currently distributing its new operating system Windows 10.

The OS, which was launched globally in 190 countries on July 29 is full of new features, fills in a lot of gaps and does away with the “Metro” style UI almost entirely.

Moreover, Windows 10 is super fluid and fast and its new browser Microsoft Edge might win back a lot of users because it’s also super-fast.

But all this comes at a pretty steep price for privacy, since Windows 10 listens in on what you do now more than ever and all that data gets transferred to Microsoft’s servers.

Basically, the OS will go through all your data (contacts, calendar, mail, messages…) and will learn information about you.

To make matters even worse, with Windows 10 you also have an advertising ID assigned to you so you can be easily targeted with specifically tailored ads; if you encrypt your hard-drive, the keys are stored by default on OneDrive.

Thankfully though, the native VPN option can be accessed and started directly from the notification quick-setting.

Of course, these are all settings and features aimed at increasing your productivity, as they make your apps and operating system much smarter.

But as mentioned before, this does come at a cost. Everything you do gets uploaded to Microsoft’s servers to improve your future experience. As stated in the Terms of Service, Microsoft has the right to share this data whenever it “has a good faith belief doing so is necessary to: 1.comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies; 2.protect our customers, for example to prevent spam or attempts to defraud users of the services, or to help prevent the loss of life or serious injury of anyone; 3.operate and maintain the security of our services, including to prevent or stop an attack on our computer systems or networks; or 4.protect the rights or property of Microsoft, including enforcing the terms governing the use of the services.

In addition, all these settings are ON by default and will remain enabled if you just click next when installing/upgrading to Windows 10.

Most of the information regarding Win 10 and privacy is available in this official Microsoft article:

To sum it up, everything that happens with your Microsoft account (@live.com, @outlook.com, @msn.com, ….. , which is necessary for most of the new features) is scanned by Microsoft’s services. Everything you talk with Cortana (searches, reminders, notes, actions,….) is also processed by them. So is your location. In Microsoft’s own words:

We also share data with Microsoft-controlled affiliates and subsidiaries; with vendors working on our behalf; when required by law or to respond to legal process; to protect our customers; to protect lives; to maintain the security of our services; and to protect the rights or property of Microsoft.

Nevertheless, there’s something you can do about that and protect your data and privacy from Windows 10’s prying eyes.

In case you just clicked NEXT, NEXT when installing/upgrading to Win 10 and went with the defaults, here are a couple of things you should be aware of and disable if you feel spied on too much.

The Privacy settings can be easily managed by searching privacy in the start menu and most of the modules that send your data to Microsoft can be disabled.

If you simply press start then settings and then search for “privacy,” you’ll find most of the options listed. You can go through each of them and disable what you feel you need to keep only to yourself.

Below are some important ones that you need to change if you want to considerably increase your privacy:

  • Disable advertiser ID: open the settings and search for “advertising;” open “Choose if apps can use your advertising ID” and disable the first option: “Let apps use my advertising ID for experiences across apps”
  • On the same page, disable “…info about how I write” so that the text you type and write with a stylus is not sent to Microsoft servers

Also in the settings, search for “privacy” and open “Privacy Settings.” Get more privacy by changing the following:

  • Send Microsoft info about how I write..” -> OFF
  • Let apps use my Advertising ID…” -> OFF
  • Location” -> OFF
  • Speech, Inking, & typing: This is a feature strongly tied with Cortana. You can opt to clear everything, but if you do, you’ll lose Cortana.  You will still be able to use the Windows search function.

The rest is pretty self-explanatory and mostly relates to managing apps’ access to certain personal data. You can check the list of programs or devices (camera, mic) allowed to access the data or device or you can disable them entirely.

Before you go ahead and change these settings though, you should know that:

  • Disabling these option will diminish the “smart” experience you’ll have with Windows 10, so if you’re more into new features than you are into privacy, keeping them ON would be best for you. Otherwise, Windows 10 works really well without all these options; search is still possible.
  • Remember that your information is made available to “Microsoft employees, contractors, vendors, and partners…,” so basically it’s still not as hard as it should be for someone to get your data and use it.

There is one more Windows 10 novelty that you need to know about and that’s called “Wi-Fi Sense.

“Wi-Fi Sense” is a new feature that will sync all your Wi-Fi passwords to the cloud and share them with your contacts (Yep, you read that right). Through this functionality, your PC will also be able to “borrow” passwords and automatically connect, which means that you could end up automatically connected to a rogue router where your data could be easily phished.

In order to disable “Wi-Fi Sense,” go to Settings, search for “Wi-Fi” and open “Change Wi-Fi Settings.”

At the end of the list of found Wi-Fi networks, you will see “Manage Wi-Fi settings” and that’s where you can disable both options mentioned before.

Photo credits: www.orangejuiceblog.com

Get €25.000 funding for your privacy start-up idea from CyberGhost!

Privacy Accelerator

As you surely know by now, we really, strongly support and fight for online privacy, security, and freedom.

We say it on our website, our CEO Robert Knapp never misses a chance to say it during interviews, and everything we do is based on our belief that online privacy is a basic human right not to be ignored or infringed on.

So this year we decided to put our money where our mouth is. Literally.

On July 15, we kicked off our Privacy Accelerator Program, which aims to invest in, mentor, and support early-stage tech start-ups focused on privacy, security, or freedom.

We will invest a total amount of €100.000 in 4 up-and-coming teams/companies that are fighting the good fight and want to protect netizens’ rights to privacy, security, and anonymity.

We’ll also provide them with office space and, if they’re not from the EU, we’ll accommodate them in our guesthouse, which is located smack-dab in the always vibrant center of Bucharest.

And to top it all off, we’ll give them access to our API and make sure they’re mentored by our internal experts in development, sales, marketing, and customer support and administration.

Sounds awesome, right?

Then wait no longer and get your privacy start-up idea funded by sending in your application to press.office@cyberghost.ro.

The deadline is September 1st, so hurry up!

For more info about the Privacy Accelerator Program, click here.

Stop Pointing Your Finger at Jennifer Lawrence and Accept You Might Be Next

superbwallpapers.com

superbwallpapers.com

This week’s incident is on everybody’s lips. You most probably know what we’re talking about, but in case you’ve been stranded on a desert island for the past couple of days, let me sum it up for you: the internet was overwhelmed by the nude photos of celebrities like Jenifer Lawrence, Rihanna, Kate Uptown and at least a dozen of other female stars. Their iCloud accounts have supposedly been hacked, and while there are heated discussions and countless speculations on how it was done, the only conclusion you need to draw from this is that it can happen to you, too.

How did this happen?

It is very possible that we will never know, but here are a few possibilities:

  1. Password reset (secret questions / answers)

While sincerity is usually encouraged and makes for a valuable quality in a friend or business partner, providing the true answers to your security questions, while setting up your account, might not be the most intelligent move, especially if they’re the only thing you rely on for recovering your passwords.

ID-10054806

Hopefully not you

2.  Phishing emails

Phishing email messages are used by hackers for stealing money or your personal information. The good news is it’s really easy to spot one if you always remember to check for bad grammar, links in text (those shalt not be clicked), and threats (ex.: your account will be deleted if you don’t reply).

3. Social engineering / RAT install / authentication

Remote Access Tools are pieces of software used to remotely access or control a computer. While it can be of great use for system administrators or that guy who always fixes your computer, it can also be used to perform key logging, screen and camera capture, file access, code execution, registry management etc.

You should verify every program before installing it on your computer by using authorized program signatures.

A few easy things you can do to make sure you won’t be next

  • Don t use  the same password for all your accounts

For all you might know, your password “qwerty”, “12345” or the ever popular “password” is working just fine for your Faceboook, Pinterest, Mail, Amazon & co.

Maybe you know better than that and use a complicated password with symbols and numbers. Congratulations! The thing is, even if that’s the case you shouldn’t use it for all your accounts because that is like giving somebody the skeleton key to your life.

It would be ideal to go through the trouble of setting up different complicated passwords for all your accounts, which in fact, it’s not hard to manage if you…

  • Use a password manager

Keepass, Lastpass 1.72  and Kaspersky Password Manager 4, are all great options, are easy to use and fast to install. 5 minutes is a small price to pay for your peace of mind.

  • Use two step verification

Most of the major sites offer this so just remember to check.

  • Turn off automatic backups

Most of the cloud based services such as Google’s accounts or iCloud automatically sync every photo you take, contact you save, app you download or website you access.While you would rather have everything in one place in case you ever lose your phone or tablet, it’s better to turn it off.

It is , in the end, about comfort versus security and we live in an age when the most valuable things we own aren’t palpable. You know what they say: Better be safe than sorry!

Do you use any other methods? Sharing is caring so let us know in the comment section below!

 

The Future of Privacy Is Now and it’s Happening in Europe

“Privacy is back, not just as social norm, but as a business model.”-was the quote that got my attention in a Slate article from last week. The piece was centered on the implications of Mark Zuckerberg’s sudden change of attitude from: “Privacy is no longer a social norm”, just a few years ago to today’s attempts to win more users over, through adding extra features that guarantee more confidentiality and changing the default settings.

_MG_8871 small

Needless to say that working for CyberGhost and being a sucker for privacy, I instantly started to look into the subject. It didn’t take long to come up with a list of recent startups whose sole business was either anonymizing their users, or securing their data. Companies like Duck Duck Go, Abine, Signal, Secret, Whisper and Snapchat are surprisingly popular among teenagers.

If the last decade was all about transparency, doing things and letting the whole world know about them, creating a strong online presence, and shouting your feelings out loud until the point of complete vulnerability, the present is certainly focused on the idea of keeping most of the things to yourself and having full control over what you share with the rest of the world.

It seems that the overenthusiastic, somewhat naive and undiscerning public which populated the internet at the beginnings of social media has slowly matured and realized the implications and perils of inviting strangers into their lives by oversharing, or overlooking their security settings.

While European startups and companies seem to have figured out this a while ago, American ones are just catching up under a less than favorable legislation. There is not much they can do regarding the NSA surveillance and keeping their users anonymous will only lead to them drowning into a sea of DMCA requests.

And this is one of the reasons why we here at CyberGhost believe the future of privacy lies in Europe, where it can be fully guaranteed under a favorable, protecting legislation.

IMG_5534

While we are happy that privacy became “the thing”, it is quite worrying that a lot of these organizations that claim to offer users  anonymity don’t fully understand the concept and don’t have the means to do this, thus creating a false sense of security for the user, which can at times be more harmful than no protection at all.

As for Facebook and other companies which just woke up one day loving privacy more than anything else, it is often said that the best indicator for somebody’s future behavior is their past behavior.

3 Years of Free Of Compromise Security, Freedom and Privacy with CyberGhost VPN

CyberGhost VPN started as a project thought up by Robert Knapp, an ambitious, bright German maverick who dreamt a solution to the rise in internet surveillance and disappearance of online privacy and security.  A team of young, ingenious and motivated Romanian professionals joined in and started in the quest for a secure and private internet.

Three years  and 3.7 million satisfied users later, we can say we are proud of offering you free of compromise online security, privacy and freedom. We grew up together with CyberGhost, and learned how to face unplanned situation, communicate more efficiently and most important of all, listen to your needs and wishes and adjust accordingly.

Bildschirmfoto 2014-07-14 um 14.22.04

We are grateful for the opportunities we had along the way to offer access to a free internet and the means to speak out loud to those who due to censorship didn’t have a voice, to protect our users’ sensitive data, and to restore the privacy that the internet was meant to offer from the very first beginning.

servers

But most important of all, we want to thank you for trusting us to take care of your privacy and ensure you complete anonymity. We will keep improving and find new ways and resources to keep the battle for a free internet running, because we believe that internet is freedom.

Stay tuned for our upcoming campaigns. We might be getting old, but we have plenty of new tricks up our sleeve!

 

Outrunning NSA’s Bullrun

Following the latest rumors about NSA and its connected Intelligence Services, many of you Ghosties are concerned about the decryption program called ‘Bullrun’ which is said to be able to hack SSL and VPNs – along with the equal alarming news that a lot of US companies have been forced to implement backdoors to their services.

But, and it’s a big ‘BUT’ here, we need to differentiate between an eligible concern and unfounded fears. The encryption line of battle has not been broken yet. It’s under heavy attack, no doubt about that, but good encryption still works the way it should: Protecting your data!

It’s true, that an encryption program called ‘Bullrun’ exists, and it really seems it’s able to compromise security barriers like SSL (as you use with your online banking) – but it doesn’t work as good as the NSA hoped it would. That’s why they force companies to implement backdoors and influence the programming of encryption standards (so they can easily break it). In a way that bad news is a good news, because it shows that despite all the money and the man power that goes in there, less than expected came out.

wickinger Read More

© 2015 CyberGhost