@KickMyAss: No, you’re not right!

Originally stated by HideMyAss just as a ‚Lulzsec  fiasco‘, the arrest of two anonymous members by the US-American FBI is becoming more and more a serious affair about their little helper, a so called anonymizer, who knows his users way too much. Much more than any provider should, be it in or outside a data retention country, and certainly much more than it could be good for its image.

What happened? After the arrest of two assumed hacktivist, one of them named the provider of a Virtual Private Network (VPN) as the service he used to hide his activities, e.g. for hacking into company websites like Sony Network, the FBI assumes. The name of the company mentioned is HideMyAss (HMA), a well known commercial, British based VPN provider, whose task it is to hide users identities while they are surfing the Internet. Very fast it became pretty clear, that the arrest could have only taken place after HMA handed over personal data to the FBI. Read More

Silk browser and your privacy

Amazon just announced their new product: Kindle fire – a tablet that runs Android with a little touch from Amazon. What is interesting about this new tablet is the browser it comes with, called Silk. Amazon crafted this browser having in mind both speed of mobile browsing and battery life and how it does that, is by using their Amazon Elastic Compute Cloud also known as EC2 that would behave as an intelligent proxy. Silk will use the power of EC2 to retrieve the pages and pre-render the objects in a way that won’t require too much power from the tablet.

That means, all your traffic will go via Amazon rather than directly to the pages you want to access, which of course raises some privacy alarms: all your habits, history, basically all you data will transit Amazon. Google is watching you, Facebook keeps all the data you give them, but Amazon just went to a new level and will see EVERYTHING you do online.

Also the Silk’s Terms and Conditions states that your IP and MAC address will be logged and retained for 30 days. To make matters worse, as an US company Amazon meaning that the company could be asked by an US court to intercept and record you secure communications.

Ok, the good news is, that Amazon will support an “off-cloud” mode for Silk, letting users to opt-out EC2. So… is that 1-2 milliseconds faster web worth trading your privacy in?

Canadians asked to take a stand against online spying

Privacy in Canada is also at risk. The Government is trying to create a new set of laws that would permit the authorities to access private information of any Canadian, whenever, no warrant needed.
Which means? Spying on email, messaging, IP and so on.

This is more intrusive even more than the laws in the USA and that’s why a new campaign started on the web in Canada informing every citizen thru funny, but explicit videos, what those laws mean and how they could affect their lives.

Also the videos encourage people to sign a petition that can be found at http://stopspying.ca/
The videos are listed below for you to watch them.

Newsflash: Facebook doesn’t like privacy

Maybe you don’t know, but when you visit a website, that has Facebook widgets, even the Like button, Facebook already harvest information about you. No, you don’t have to click or to interact with the widget … it’s enough to visit a page with such an implementation and Facebook “see’s” you.

So what did heise.de do to prevent Facebook from collecting information about their users? They implemented a script, called Facebook 2-Klick-Button, which requires a user, who wishes to interact with Facebook, to click twice: once for activating the Facebook script and once for interacting with Facebook. All seemed good until Tina Kulow of Facebook Germany accused haise.de that their script violates Facebook’s Platform Policies, which states:

8th You must not use or make derivative use of Facebook icons, or use terms for Facebook features and functionality, if such use could confuse users into thinking that the reference is to Facebook features or functionality.

But how exactly the heise.de solution violates this Policies is not clear yet. What is clear, is that Facebook doesn’t like it and is asking websites, that made such an implementation, to remove it.
Later on Tina Kulow revealed Facebook’s reservations. In a tweet, she wrote: “To clarify: a 2-click button is not ideal – but not a problem. Only a Like button that merely visually pretends to be one is not OK. That’s all.” Since heise changed the design of the button for the first click that activates the Like function, there should now be no obstacles on Facebook’s part to further use of the 2-click button by heise online and other websites.

So what we at CyberGhost want to inform you guys about, is that we are planning to implement the heise.de solution as well.
PS: the title is ironic.

Bad days for privacy

This month started with an article from ‘theatlantic.com’ pointing out, that a bill, ‚The Protecting Children from Internet Pornographers Act of 2011’, might kill internet privacy in the USA for good… for everyone.

Journalists in US say, that the bill could have a chain effect, because, as written, ‚The Protecting Children from Internet Pornographers Act of 2011’ doesn’t require, that someone be under investigation on child pornography charges in order for police to access their Internet history — being suspected of any crime is enough.

„That name is what brought the anecdote back to me. A better name for the child pornography bill would be The Encouragement of Blackmail by Law Enforcement Act. At issue is how to catch child pornographers. It’s too hard now, say the bill’s backers, and I can sympathize. It’s their solution that appalls me: under language approved 19 to 10 by a House committee, the firm that sells youInternet access would be required to track all of your Internet activity and save it for 18 months, along with your name, the address where you live, your bank account numbers, your credit card numbers, and IP addresses you’ve been assigned.”

Says theatlantic.com

Then on BlackBerry announced, that they will collaborate with the police and give private information of their users, that were supposed to be involved into London Riots.

Source: Guardian.co.uk

Also, David Cameron, Prime Minister of the United Kingdom, announced new measures, that would restrict Twitter or other social networks.
“Social media services such as Twitter and mobile messaging systems could face restrictions after a review of their role by the police and intelligence services.”

Says The Telegraph

CyberGhost VPN, now with OpenVPN

You’re using Mac OS X, Linux or smartphone with an internet access and the fact that CyberGhost would not run on those always annoyed you? Well we have just the thing: From now on you can connect to CyberGhost VPN using the native OpenVPN client, and surf anonymously with Linux & Co.

Login to you account, head to account management and click on the “OpenVPN configuration” button, this section contains a download of your personalized login-files which include the configuration file for OpenVPN0 and the certificates. Please be aware that the OpenVPN login is in a test phase at the moment.

Supported operating systems and devices

We are currently offering configuration files for Windows, Linux, Mac OS X and Android. They are being created as soon as you choose an option and can be used immediately on the selected device or operating system.

Windows, Linux & Mac OS X

Windows enthusiasts, who would like to use CyberGhost with OpenVPN directly, can do so be going to the OpenVPN project website and downloading the setup file for Windows installation.

Linux fans have to stick to their respective repositories corresponding to their distribution or manually installing the setup by following the aforementioned URL.

Mac OS X installation can be a bit tricky if you would like to compile OpenVPN using the source code, if you are not so sure about that, we suggest you simply go with already implemented solutions like Tunnelblick. You will only have to copy the configuration files to the program folder before you initiate a connection with the CyberGhost servers.

Android

Installing OpenVPN on Android without any background knowledge can get quite difficult, although Android does support VPN; OpenVPN itself is unfortunately not among them. To install you will first need a modified version of Android (also known as Mod) as well as administrative privileges (root access).

To summarize it: yes, it is possible to get CyberGhost running with OpenVPN using Android, but we cannot provide you with a manual on how to modify your device. Still, a substantial number of forums dedicate itself to rooting and modifying Android devices, one of the largest being xda-developers, which can give you all the info you require.

As soon as you have root access on your phone, you can use the application called “OpenVPN Installer” to (as the name already says) install OpenVPN on your device. After that simply copy the configuration files you’ve downloaded from the account management to you device and you can connect to CyberGhost from “OpenVPN Settings”.

You can help out!

The installation on particular devices is not always as easy as it seems. But we do not want every user to reinvent the wheel for himself, this is why we urge our community to create tutorials for installing OpenVPN on their devices or operating systems (or operating systems variations). As a little thank you we will post the tutorial under you name, and you will get a three month Premium-Plus access with a traffic flat rate, 20 GB of encrypted storage on CyberGhost’s DataSafe and access to all our servers.

But there are some conditions: the device must successfully connect to CyberGhost using OpenVPN and all the steps must be described in detail with pictures. If we receive more than one tutorial for the same device or operating system, we will decide on whichever one is the best, or in a case of similar quality we will simply draw the winner.

If you would like to participate, send us your tutorials to openvpn-tut@cyberghostvpn.com. You should include the tutorial (PDF, Word, HTML) and all the pictures (BMP, PNG, JPEG).

The winners will be announced here and also included in our Online-Help.

The names, logos, and images are registered trademarks of their respective holders. All rights reserved.

CyberGhost VPN 4.7 released

Today we have released the latest version of CyberGhost 4.7. This major updates includes at first the adaption to our new design so the client fits our new CI. Also there are some new features included in this release so you can use the flat rate option now according to our new rates.

The changelog in detail:

  • Completely redesigned UI
  • Adaption to our new tariff structure
  • The Basic server are called Free server now
  • Servermap with option to show your own location
  • Filters in the server list can be stored
  • There are also filters for automatic connect available now
  • Revised server list with enhanced server choosing
  • Server list is visible for Free users now
  • Browser recognition and notification to close all browsers at connect
  • DNS cache will be flushed before connect and after disconnect
  • Cookie- & history cleaner for Internet Explorer
  • Cookie- & history cleaner can performed automatically
  • Support for login with ComputerBild LoginCard (OWOK Light Card) on client and web site
  • Support for login with OWOK Card (RSA-Version) on client and web site
  • Using the option „Reconnect to VPN without message“ shows a notification on reconnect
  • Using the option „Reconnect to VPN without message“ is blocking internet connection if reconnect fails
  • Using the option „Reconnect to VPN without message“ connects to the same server category as before if using the “Connect” tab
  • CyberGhost repair script identifies more problems now
  • Lots of minor changes and bug fixes

What do you think about the new design and client?

 

© 2017 CyberGhost