Tuesday, December 31, 2013

Windows Not Only Sending Your Info To NSA/CIA/MS Every Second But Also Sending Easy Hacks) Happy New Year!



The Only Thing We Have to Fear...Is the CIA

America's Greediest: Koch Brothers, 'Libertarians' Who Hate the Free Market


It's no joke, folks.

And most of us in the programming world have known about this possibility/probability for evah. Of course, it wouldn't exist if everyone owning a Windows machine were a tech-school grad who could adjust the settings as needed (ha! just kidding!).

Because come on down, folks! Anyone can safely operate the new user-friendly, icon-accessible computer boxes! Without training!!!!

And you thought Vista was bad.

From our friends at Crooks & Liars we learn how vulnerable we (still) are online:

Windows-based PCs may be broadcasting sensitive security information to hackers, competitors and other potential sources of threats to the PC’s owner, according to (a) new report on the Windows Error Reporting crash-response software.
Windows Error Reporting (WER) is a crash-reporting and debugging system built into all versions of Windows since it was first introduced with Windows XP. It was designed to help debug applications and system software by recording error information into log files and preserving memory dumps containing information on the health of the system at the time an application or operating system crashed, to better help technicians decide afterward what had gone wrong.
One critical difference, according to a report published Dec. 29 by security software developer Websense, Inc., is that the old version left crash reports stored on the ailing PC’s hard drive unless the user designated a way to send it to Microsoft or another technical source for analysis.
WER, according to documentation from Microsoft, is now far more capable because it integrates a wide range of reporting, error-tracking and error-correction functions and is stable enough to gather critical data even when the system is in a condition that would have made it impossible for the older version to run.
It is also able to analyze crashes or specific errors and suggest ways to fix them automatically, or link the user to a support page at Microsoft that can provide advice or automated Fix-It repair apps users can download.
Though users can choose not to send any reports automatically, or limit the details in those that Windows sends, WER is set up by default to send error information automatically to both Microsoft and the developer of the application that generated the problem, according to Websense.
WER is also set up to report both errors and relatively routine incidents – the connection of a new USB device, for example – to Microsoft without encryption or any other mechanism to hide the information from prying eyes.
Just plugging in a new USB mouse automatically generates a report to Microsoft that includes the date, name of the manufacturer, number identifying the device and its version number, the default language, operating system, service pack and update version of the host computer, as well as the manufacturer, model, name, BIOS version and hardware ID number.
“While this information is no doubt critical for Microsoft to debug application crashes and hardware configurations, it can represent a significant information leak when it leaves an organization without being encrypted,” according to the report.
The threat of that information being intercepted may be relatively small to a large, IT-savvy organization, but WER doesn’t send information on just one machine from a large organization. Microsoft estimates 80 percent of Windows machines run WER, which makes 80 percent of the computers in an average company capable of reporting detailed information about changes made to it in clear text, several times per day.
Error reports on networked applications often include information about the network to which they’re connected, apps running on the machine, or server-based apps with which the PC is interacting and, sometimes, information about performance of the application on that network.
Using that data, “it is quite possible to quickly generate a representative model of a network,” giving potential attackers valuable clues about where and how both the corporate network and individual PCs might be vulnerable.

Read all about it here.

Like I've already said (many, many times before) . . . talk about blackmail material going mad (international!) . . .

The NSA Can 'Literally Watch Every Keystroke You Make'

Glenn Greenwald, Democracy Now! writes:

"I think everybody knows by now, or at least I hope they do after the last seven months reporting, that the goal of the NSA really is the elimination of privacy worldwide - not hyperbole, not metaphor, that's literally their goal, is to make sure that all human communications that take place electronically are collected and then stored by the NSA and susceptible to being monitored and analyzed."

Comments:

Carol R 2013-12-31 11:08

JACOB APPELBAUM: "Basically, their goal is to have total surveillance of everything that they are interested in...There is only sometimes a boundary of what they are funded to be able to do..."

How much of our tax dollars are being spent on this gargantuan monstrosity that keeps growing? Taxpayers don't have the answer to that. Funding magically and silently just keeps being passed.

We have a government that says there is no money for food stamps, early childhood programs, infrastructure repairs or Meals on Wheels. There is continual talk of having to cut Social Security, Medicare and the defund ACA.

Just what are the ethics and morals of this country and how far downward can we spiral?

TomThumb 2013-12-31 12:03

Noam Chomsky continually amazes me. On a post online of a recent interview of his, he said, and I am paraphrasing him, that national security was not about the security of the population, that was low on the state's priorities, but about the security of the state apparatus itself. I actually think they need a terrorist attack every now and then to justify the intelligence apparatus.

So, what is the purpose of the intelligence apparatus? Well one thing that was exposed by Snowden was that a lot of the spying directly benefited US business. In other words, this apparatus benefits, in a large part, the corporate, intelligence, financial, military-industrial complex who will take care of these generals and politicians once they leave, so-called, public service.

One can see this in the disproportionate reaction to the 'Occupy Wall Street' protests. The Department of Homeland Security along with national police forces and intelligence agencies participated with local police forces who were directed by a regional 'fusion center', a new kind of entity, where the leaders of all these forces gathered to direct the operation. Also present were elements from the financial sector. Who made the financial sector part of the local police or even national police.

We, as a nation, have taken huge steps toward a fascist police state.

Tommy Rimes

And having suffered through a few of these . . . please allow me to direct your attention here:

The Invisible Threat from Brain Injuries

Blows to the head can be silent killers for which swift diagnosis is often the only recourse, say doctors.

Even if there is no damage to the outside of the head, the impact may inflict catastrophic damage to the brain inside, they say.

Because a shock that smashes the brain, a 1.3-kilo (2.8-pound) organ with the consistency of soft jelly, against the hard protective shell of the skull, can damage nerves, brain cells and blood vessels.

Blood clots and bruising then result, which in turn causes pressure to build up and squeeze the brain, worsening the damage and amplifying the risk of permanent handicap or death.

And we'll end the year with this:

Republicans Quietly Declare War On Themselves

Matt Taibbi

Karl Rove himself, speaking on behalf of his Crossroads SuperPAC, told Fox News Sunday that "our goal is to avoid having stupid candidates."


Allman Brothers Band Whip Up Another Beacon Theatre Run

"We're all still real into it," says Gregg Allman

Allman will also be honored with a tribute concert on January 10th at Atlanta's Fox Theatre. Guests include Jackson Browne, Eric Church, Sam Moore, Derek Trucks and Dr. John.


The Velvet Underground

White Light/White Heat: 45th Anniversary Super Deluxe Edition

What a testament to Lou Reed: his vision, his guitar, his sheer will to stomp on people's nerves. This superbly expanded White Light/White Heat was in the works long before the man's death, but you couldn't ask for a more fitting tribute. It's the Velvets' loudest, meanest, most ear-corroding moment — and for many fans, their best. The Velvets cut the album in the New York of 1967, but they sound a million miles away from the Summer of Love. You can hear Reed and his guitar try to out-sneer each other in "I Heard Her Call My Name," until his mind splits open and the guitar wins.


Neil Young

Live at the Cellar Door

This handsome solo acoustic set overlaps a few songs with earlier entries in Neil Young's official bootleg series. But there's no shortage of standouts, including a handful of aching After the Gold Rush tracks and rare, unplugged versions of his electric Crazy Horse signatures "Cinnamon Girl" (on piano here) and "Down by the River" (on acoustic guitar). Best of all may be the Buffalo Springfield songs "Expecting to Fly" and "Flying on the Ground Is Wrong," the latter with a lengthy intro that finds Young strumming piano strings, giggling and confiding, "This song is about dope."


Have a happy new year's celebration, friends.

And please drive safely (or call a cab!).

Much love to everyone.

Thanks for accompanying me on this journey.


And don't forget that 2013 was a particularly lethal year to too many of our music legends.

Be glad we're still here to attempt to enjoy (or change) what's coming up next.


2 comments:

TONY @oakroyd said...

Happy New Year, Cirze. Let's hope for a more peaceful 2014 with fewer prying eyes. x

Cirze said...

Or none, T.

None is a word I've grown absurdly fond of in that regard.

Love you and Happy New Year!

C