Windows 8 - Deeper Impressions

[MagicAndre1981]

It Fanboy/Troll central. What did you expect?

[JorgeA]

It gets worse with every new round of revelations:

N.S.A. Able to Foil Basic Safeguards of Privacy on Web

[emphasis added below]

The National Security Agency is winning its long-running secret war on encryption, using supercomputers, technical trickery, court orders and behind-the-scenes persuasion to undermine the major tools protecting the privacy of everyday communications in the Internet age, according to newly disclosed documents.

The agency has circumvented or cracked much of the encryption, or digital scrambling, that guards global commerce and banking systems, protects sensitive data like trade secrets and medical records, and automatically secures the e-mails, Web searches, Internet chats and phone calls of Americans and others around the world, the documents

show.

Many users assume — or have been assured by Internet companies — that their data is safe from prying eyes, including those of the government, and the N.S.A. wants to keep it that way....

Beginning in 2000, as encryption tools were gradually blanketing the Web, the N.S.A. invested billions of dollars in a clandestine campaign to preserve its ability to eavesdrop. Having lost a public battle in the 1990s to insert its own “back door” in all encryption, it set out to accomplish the same goal by stealth.

[...]

Some of the agency’s most intensive efforts have focused on the encryption in universal use in the United States, including Secure Sockets Layer, or SSL; virtual private networks, or VPNs; and the protection used on fourth-generation, or 4G, smartphones. Many Americans, often without realizing it, rely on such protection every time they send an e-mail, buy something online, consult with colleagues via their company’s computer network, or use a phone or a tablet on a 4G network.

[...]

According to an intelligence budget document leaked by Mr. Snowden, the N.S.A. spends more than $250 million a year on its Sigint Enabling Project, which “actively engages the U.S. and foreign IT industries to covertly influence and/or overtly leverage their commercial products’ designs” to make them “exploitable.” Sigint is the acronym for signals intelligence, the technical term for electronic eavesdropping.

By this year, the Sigint Enabling Project had found ways inside some of the encryption chips that scramble information for businesses and governments, either by working with chipmakers to insert back doors or by exploiting security flaws, according to the documents....

[...]

At Microsoft, as The Guardian has reported, the N.S.A. worked with company officials to get pre-encryption access to Microsoft’s most popular services, including Outlook e-mail, Skype Internet phone calls and chats, and SkyDrive, the company’s cloud storage service.

Microsoft asserted that it had merely complied with “lawful demands” of the government, and in some cases, the collaboration was clearly coerced. Some companies have been asked to hand the government the encryption keys to all customer communications, according to people familiar with the government’s requests.

N.S.A. documents show that the agency maintains an internal database of encryption keys for specific commercial products, called a Key Provisioning Service, which can automatically decode many messages. If the necessary key is not in the collection, a request goes to the separate Key Recovery Service, which tries to obtain it.

How keys are acquired is shrouded in secrecy, but independent cryptographers say many are probably collected by hacking into companies’ computer servers, where they are stored...

Simultaneously, the N.S.A. has been deliberately weakening the international encryption standards adopted by developers. One goal in the agency’s 2013 budget request was to “influence policies, standards and specifications for commercial public key technologies,” the most common encryption method.

Cryptographers have long suspected that the agency planted vulnerabilities in a standard adopted in 2006 by the National Institute of Standards and Technology and later by the International Organization for Standardization, which has 163 countries as members.

Classified N.S.A. memos appear to confirm that the fatal weakness, discovered by two Microsoft cryptographers in 2007, was engineered by the agency...

[...]

Even agency programs ostensibly intended to guard American communications are sometimes used to weaken protections. The N.S.A.’s Commercial Solutions Center, for instance, invites the makers of encryption technologies to present their products to the agency with the goal of improving American cybersecurity. But a top-secret N.S.A. document suggests that the agency’s hacking division uses that same program to develop and “leverage sensitive, cooperative relationships with specific industry partners” to insert vulnerabilities into Internet security products.

By introducing such back doors, the N.S.A. has surreptitiously accomplished what it had failed to do in the open...

This is close to a textbook definition of a rogue agency.

One small but provocative aspect of some of these programs is the names given to them, such as "Manassas" and "Bullrun" In the U.S., and "Edgehill" in the UK. These are names from the countries' respective civil wars. A civil war is a conflict within a country, either between competing would-be governments... or by the existing government against the people.

--JorgeA

[JorgeA]

Google argues for right to continue scanning Gmail

...Google argued that the case should be dismissed, and that "all users of email must necessarily expect that their emails will be subject to automated processing."

Umm -- no. I do not "expect" that my e-mail will be read by anyone or anything other than the intended recipient, and I certainly don't "necessarily" expect this. In fact, I expect my e-mails not to be read by anyone other than the person I'm sending it to.

This is so absurd. Imagine if businesses or the government were to routinely open our postal mail, in the name of "security" or of "providing better targeted advertising." The public wouldn't stand for that!! So, why put up with it when we send our mail via the Internet??

--JorgeA

[jaclaz]

Hey JorgeA, you missed this one :

The spy device that really is 'undercover': Vest scans nearby mobiles to track them and steal an owner's personal details

http://www.dailymail.co.uk/sciencetech/article-2408751/The-spy-device-really-undercover-Vest-scans-nearby-mobiles-track-steal-owners-personal-details.html

Courtesy of Trewmte on Forensic Focus:

http://www.forensicfocus.com/Forums/viewtopic/t=10966/

jaclaz

[Aero7x64]

I haven't yet commented about the cloud that has been discussed earlier in this topic. I don't think that the cloud is so good idea. In the cloud you lose control of data. I rather have control of my data.

Edited September 6, 2013 by Aero7x64

[JorgeA]

Hey JorgeA, you missed this one :

The spy device that really is 'undercover': Vest scans nearby mobiles to track them and steal an owner's personal details

http://www.dailymail.co.uk/sciencetech/article-2408751/The-spy-device-really-undercover-Vest-scans-nearby-mobiles-track-steal-owners-personal-details.html

Courtesy of Trewmte on Forensic Focus:

http://www.forensicfocus.com/Forums/viewtopic/t=10966/

jaclaz

I did see that one during my Web surfing, but it got lost in an avalanche of other privacy-related articles that seemed more ominous, and more directly related to our thread here.

Also, the whole idea of this vest strikes me as vaguely ridiculous.

--JorgeA

[JorgeA]

I haven't yet commented about the cloud that has been discussed earlier in this topic. I don't think that the cloud is so good idea. In the cloud you lose control of data. I rather have control of my data.

+100

[JorgeA]

Here's a great take on why Microsoft got rid of the Start Menu:

The Start menu -- cause or effect?

The piece is chock-full of good insights, ascribing the removal of the Start Menu to the internal dynamics of the Microsoft management culture, and it's best read from start to finish (it's not long). The core of the argument:

Ballmer is, by trade, a business manager (and a darned good one) but he did not bring Gates' programming and software development skills to the party. Combine this with Microsoft’s historic and continuing berating and confrontational management style and you find an environment where everyone (even the boss) is forever trying to prove themselves by leading change -- regardless of whether that change is needed/necessary, or not. Such an environment does not reward brilliantly managing what you already have; it only values something new that kicks away the old. That is an accident waiting to happen; change for its own sake and almost regardless of external demand.

In short, the answer was that Microsoft stopped listening to its customers and started dictating to them. The mantra of a common interface that ran through the new Microsoft culture has been allowed to overcome the more important and influential voice of the consumer (the one with the money). Microsoft left a version of the command prompt (cmd.exe – from the 1980s!) in place, for goodness sake, so keeping legacy code obviously was not a problem. The Start menu decision was management dogma, pure and simple.

Stepping back for one second, the basic marketing question that comes to mind is; "what harm would it do to give your customer the choice of Modern UI or Start menu?" Why not follow the successful adoption process from Windows 95? After all, if Modern UI is as good as Microsoft claims, then people will naturally migrate to it as they see the benefits outweighing their archaic old Start menu. Again, the answer is wholly within Microsoft; managers need to bring change in order to prove self-worth to the company. If Modern UI and the Start menu were allowed to coexist, then there was always the risk that the Start menu would win the popularity contest and the change would fail; along with the sponsor’s career. On the back of that risk, the Start menu had to go.

The only place where the writer goes astray is at the very beginning, where he talks about a fuss being raised when the Start Menu replaced Program Manager in Windows 95. I was active in cyberspace back then, and don't recall any controversy over that. In fact, personally ProgMan never made any sense to me, while I understood the Start Menu + Taskbar combo practically at once. But that small detour doesn't detract from the strength of the writer's analysis.

--JorgeA

[JorgeA]

Some possible (and hopeful) details on the type of encryption that the NSA has compromised. A commenter on that news in Ars Technica writes that:

That story is light on details, but it mostly appears to be about two things:
1) crappy, weak VPNs, which everyone has known to be vulnerable for a decade or more
2) getting access to master keys for SSL/cert authorities, which is completely expected (and a well-known argument against DNSSEC)

I see no indication that RSA-based or AES-based encryption is broken. Backdoors in code are one thing, but I'd be completely floored if SSH and PGP were actually broken. I'd be quite surprised if there were massive backdoors in OpenSSH or GnuPG or TrueCrypt.

--JorgeA

[Monroe]

Just read this article, didn't see any mention of it ... possible back doors in hardware and software.

http://www.ft.com/cms/s/0/0054adb2-1709-11e3-9ec2-00144feabdc0.html

September 6, 2013 7:45 pm

‘Back door’ spying claims set to hit tech groups

By Richard Waters in San Francisco

A range of US hardware and software companies are in danger of being dragged into the widening scandal over internet surveillance, following the latest leaks from Edward Snowden, the former National Security Agency contractor.

The leaked documents include NSA claims that it has collaborated with technology companies to plant “back doors” into their systems – or ways for the agency secretly to penetrate systems without the users’ knowledge.

“They’re crossing a line – if they’re putting back doors into the software itself, it’s a serious problem,” said Mark Anderson, a US technology commentator.

The Snowden leaks have already proved deeply embarrassing to US internet companies, after it was revealed that they had complied with secret US court orders to hand over information about their users and, in some cases, set up systems to facilitate the transfer of the data.

However, the latest disclosures threaten to draw a wider number of companies into the scandal, potentially undermining international confidence in their products.

... more at the link ... this is the very last part of the article:

Some computer security experts said that official attempts to plant back doors were likely to play only a small part in overall efforts to compromise IT systems.

“Computer security is still in such a [bad] state that you don’t need to insert a back door,” said Paul Kocher, a US cryptography expert. “If the front door is locked, you can just go in through a side window.”

The latest Snowden revelations did not refer to any technology companies by name as having collaborated with the intelligence services. Intel and Cisco Systems both repeated earlier denials that they had ever put back doors in any of their products.

Edited September 7, 2013 by duffy98

[CharlotteTheHarlot]

Some days you wake up and feel like you are on another planet. Yesterday was one of them for me. It just suddenly dawned on me all the contortions that the tech companies are going through in order to shoehorn the Idiocracy interface down our throats ...

HP Envy Recline All-in-One PC Invites You to Kick Back ( Maximum PC 2013-09-05 )

Lenovo Showcases New Yoga, Flex Multimode Devices ( Tom's Hardware 2013-09-05 )

Asus Zenbook UX301: Haswell, Gorilla Glass 3 lid, high-res display ( TechSpot 2013-09-05 )

Decent hardware for sure. But I dare you to watch their admittedly slick video and visit their website and find the mention of Windows 8.

Panasonic's 20 inch Toughpad 4K tablet with Windows 8.1 ships in November ( NeoWin 2013-09-05 )

Idiocracy, it's really here ...

EDIT: typo, fixed spacing thanks to this idi0tic god-forsaken pathetic piece-of-sh!t Invision IPB editor

Edited September 7, 2013 by CharlotteTheHarlot

[CharlotteTheHarlot]

Symantec Updates 4 Norton Products for Windows 8.1 ( Tom's Hardware 2013-09-05 )

Ha! Just in case you were wondering how this so-called "operating system" could get any worse, here ya go!

Just for fun you gotta check this out ...

Found: LG pulls post-apocalyptic prank on unsuspecting interviewees using 84-inch UHDTV ( TechSpot 2013-09-05 )

Elaborate advertising for sure. If this actually shows real people then this ruse is Orson Welles caliber hoaxing!

[CharlotteTheHarlot]

Lenovo implies better Intel chips eliminate the need for Windows RT ( NeoWin 2013-09-06 )

Man this is one confused comment thread. It pains them greatly because Lenovo is the darling of the fanboy community due to their seemingly steadfast support of Microsoft Tiles. That's just an illusion though. They are merely the least vocal OEM despising it. But here they are, Lenovo, adding a voice to the chorus of critics of Windows 8 ReTard Edition. Poor MetroTards. So they start beating up Intel instead, and everyone else spoiling their party.

Power Cover keyboard accessory for Surface to include built-in battery ( TechSpot 2013-09-06 )

Surface Dock: The peripheral we have all been waiting for ( NeoWin 2013-09-06 )

Uh well duh! Plenty of kudos from fanboys waiting a year for such obvious necessities. Microsoft has really outdone itself by reinforcing the old adage that nothing from them labeled version 1.0 is anything except beta testing.

Press image of Lumia 1520, first 6-inch Windows Phone, leaked ( NeoWin 2013-09-06 )

Industrial strength hypocrisy from our MicroTard friends. Just scroll back a thousand posts ago in this thread to see their reaction to uber-large Samsung and other Android phones! They were apoplectic but are suddenly impressed by MicroNokia.

[CharlotteTheHarlot]

Security News ... read 'em and weep ...

Why the Latest NSA Leak Is the Scariest of All ( Tom's Hardware 2013-09-06 )

The spy agencies' activities have gone on for more than a decade. Like a silent but pervasive cancer, they have penetrated and weakened every corner of the Internet.

"Not only does the worst possible hypothetical ... appear to be true," wrote Johns Hopkins cryptographer Matthew Green on his blog last night, "but it's true on a scale I couldn't even imagine."

"The companies that build and manage our Internet infrastructure, the companies that create and sell us our hardware and software, or the companies that host our data: We can no longer trust them," wrote American encryption expert Bruce Schneier on the website of the British newspaper The Guardian.

[...]

"The (actually substantial) goodwill that NSA built up in the public crypto community over the last two decades was wiped out today," tweeted University of Pennsylvania cryptography expert Matt Blaze.

The implications are that, if they wanted to, the spy agencies could access nearly every Internet-based purchase, money transfer, email, Internet phone call, instant message or file transfer made by anyone, anywhere.

... MUCH MORE AT LINK

NSA Forced Tech Companies to Cooperate with Spying ( Tom's Hardware 2013-09-06 )

In most cases, coercion is not necessary. The NSA will first approach a company and ask for voluntary cooperation on the grounds of national security. Many companies agree, though few do so openly.

Only a few examples of voluntary cooperation have arisen. The best known involves "Room 641A" at an AT&T Internet hub in San Francisco.

[...]

To protect themselves from legal liability under the pre-2008 warrantless wiretapping program, many cooperating companies insisted on a legal paper trail showing that the government had ordered them to do so.

Such may have been the case with Verizon Business Services, the corporate-phone-exchange division of Verizon, which in 2006 began receiving FISA court orders every 90 days compelling the unit to turn over all its call logs to the NSA.

[...]

What if you don't want to turn anything over? Hire a team of lawyers.

In 2008, Yahoo challenged the FISA Amendments Act as unconstitutional, but the effort failed.

Google has been very vocal about its opposition to government surveillance it refused to unlock the Android smartphone used by a convicted pimp for the FBI but has managed to do so without having any executives locked up.

That wasn't the case with former Qwest Communications chairman and chief executive officer Joseph Nacchio, who claimed his 2007 conviction on insider-trading charges was based on his refusal to cooperate with a warrantless 2001 NSA request to hand over call logs.

Major Tech Companies Helped NSA Monitor the Internet ( Tom's Hardware 2013-09-06 )

The National Security Agency (NSA) has secured private data from huge tech companies like Google, Apple and Microsoft, as a leak from whistleblower Edward Snowden revealed. But while some of these companies resisted the NSA, others worked together wholeheartedly to share their users' information.

[...]

Although the NSA documents did not specify which companies lent their support willingly, The Guardian reported in July that Microsoft had been one of them. Microsoft attempted to explain its role but was not clear on the extent of its involvement, and succeeded only in confusing the issue further. While there's no definitive evidence from either the NSA or Microsoft, reports from both The Guardian and The New York Times suggest that the two entities worked together WITHOUT coercion.

[...]

If Microsoft is in cahoots with the NSA, the extent of what the government could access is staggering. In addition to providing personal email service through Outlook.com (formerly Hotmail), Microsoft also handles a huge amount of business email through the Outlook email application, file storage through SkyDrive and corporate data through Windows Server software.

British Intelligence Placed Undercover Operatives in Tech Companies ( Tom's Hardware 2013-09-06 )

According to a report in The Guardian, they have also placed a number of flesh-and-blood spies in tech companies who are funneling information back to the agencies. The newspaper reported yesterday (Sept. 5) that GCHQ established a Humint Operation Team (HOT "humint" stands for "human intelligence") to monitor the world's biggest telecom companies from the inside.

SSL vs. TLS: The Future of Data Encryption ( Tom's Hardware 2013-09-06 )

Secure Socket Layer (SSL) protocol is responsible for keeping a lot of your online data secure, and the United States' National Security Agency (NSA) has likely already cracked it. Knowing what SSL and its more-secure successor, Transport Layer Security (TLS), are may help you keep your data safe from prying eyes.

These are related to the stories that Jorge just mentioned. They come from the latest spy leaks and frankly it is getting very depressing indeed. One must wonder why they even bothered with the SOPA and other legislative 3-ring circuses since they are just doing whatever the he!! they want to anyway.

[CharlotteTheHarlot]

Here's a great take on why Microsoft got rid of the Start Menu:

The Start menu -- cause or effect?

The piece is chock-full of good insights, ascribing the removal of the Start Menu to the internal dynamics of the Microsoft management culture, and it's best read from start to finish (it's not long). The core of the argument:

Ballmer is, by trade, a business manager (and a darned good one) but he did not bring Gates' programming and software development skills to the party. Combine this with Microsofts historic and continuing berating and confrontational management style and you find an environment where everyone (even the boss) is forever trying to prove themselves by leading change -- regardless of whether that change is needed/necessary, or not. Such an environment does not reward brilliantly managing what you already have; it only values something new that kicks away the old. That is an accident waiting to happen; change for its own sake and almost regardless of external demand.

In short, the answer was that Microsoft stopped listening to its customers and started dictating to them. The mantra of a common interface that ran through the new Microsoft culture has been allowed to overcome the more important and influential voice of the consumer (the one with the money). Microsoft left a version of the command prompt (cmd.exe from the 1980s!) in place, for goodness sake, so keeping legacy code obviously was not a problem. The Start menu decision was management dogma, pure and simple.

Stepping back for one second, the basic marketing question that comes to mind is; "what harm would it do to give your customer the choice of Modern UI or Start menu?" Why not follow the successful adoption process from Windows 95? After all, if Modern UI is as good as Microsoft claims, then people will naturally migrate to it as they see the benefits outweighing their archaic old Start menu. Again, the answer is wholly within Microsoft; managers need to bring change in order to prove self-worth to the company. If Modern UI and the Start menu were allowed to coexist, then there was always the risk that the Start menu would win the popularity contest and the change would fail; along with the sponsors career. On the back of that risk, the Start menu had to go.

The only place where the writer goes astray is at the very beginning, where he talks about a fuss being raised when the Start Menu replaced Program Manager in Windows 95. I was active in cyberspace back then, and don't recall any controversy over that. In fact, personally ProgMan never made any sense to me, while I understood the Start Menu + Taskbar combo practically at once. But that small detour doesn't detract from the strength of the writer's analysis.

--JorgeA

Yeah he's just making that part up. It is now a big lie of Goebbels proportions.

If you read through the comments you will see one very special 'Tard going by the name "Will". I would bet some money that it is Dot MetroTard himself because no two fanboys could be that stoopid. "Don't listen to the customers". Seriously, there should be Twilight Zone music playing when MetroTards post comments.

EDIT: Twilight Zone I meant!

Edited September 8, 2013 by CharlotteTheHarlot