Invite Scene - #1 to Buy, Sell, Trade or Find Free Torrent Invites!

#1 TorrentInvites Community. Buy, Sell, Trade Or Find Free Torrent Invites, For Every Private Torrent Trackers. HDBITS, PTP, BTN, MTV, EMP, EXIGO, RED, OPS, TT, BIB, TTG, MTEAM, CHDBITS, CG, TIK, KG, FSC, BB, IPT, TL, GGN, AB, U2 etc.

Search the Community

Showing results for tags 'privacy'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Invite Scene Official Information
    • Announcements
    • Suggestions and Ideas
    • Member Introductions
    • Competitions
  • Invite Scene Premium Membership
    • Make a Donation: Grab Your Premium Membership Now
  • Invite Scene VIP Giveaways & Requests
    • VIP Giveaways
    • VIP Requests
  • Invite Scene Official Store
    • Invite Scene Store: The Official Store for Private Torrent Invites
  • Invite Scene Marketplace
    • Premium Sellers Section
    • Buyer's Section
    • Trader's Section
    • Webmaster Marketplace
    • Service Offerings
    • Other Stuffs
  • Invite Scene Giveaways & Requests Section
    • Giveaways
    • Requests
  • Invite Scene Bittorrent World
    • Private Tracker News
    • BitTorrent World Discussion
    • Private Tracker Help
    • Tracker Reviews
    • Open Trackers
  • Invite Scene SeedBox Forum
    • Exclusive SeedBox Sellers Section
    • SeedBox Sellers Section
    • SeedBox Reviews
    • SeedBox Discussions
  • Making Money
    • Monetizing Techniques
    • Crypto Currency
    • Free Money Making Ebooks
  • Webmasters
    • Website Construction
  • Invite Scene General Topics
    • The Lounge
    • Movies, TV, and Videos
    • Melody, Harmony, Rhythm, and MP3
    • General PC Chat and Help
    • Security Hive
    • Guides and Tutorials
    • Gamers Hangout
    • The Graphic Design
  • Invite Scene Deal Disputes & Limitations
    • Deal Disputes
    • Archives

Categories

  • Bug Tracker
  • Suggestions Tracker

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Google+ Hangouts


Yahoo Messenger


Skype


Discord


AIM


ICQ


Interests

Found 13 results

  1. This is a collection of privacy related about:config tweaks. We'll show you how to enhance the privacy of your Firefox browser. Preparation: Enter "about:config" in the firefox address bar and press enter. Press the button "I'll be careful, I promise!" Follow the instructions below... Getting started: privacy.trackingprotection.enabled = true This is Mozilla’s new built in tracking protection. geo.enabled = false Disables geolocation. browser.safebrowsing.enabled = false Disable Google Safe Browsing and phishing protection. Security risk, but privacy improvement. browser.safebrowsing.malware.enabled = false Disable Google Safe Browsing malware checks. Security risk, but privacy improvement. dom.event.clipboardevents.enabled = false Disable that websites can get notifications if you copy, paste, or cut something from a web page, and it lets them know which part of the page had been selected. network.cookie.cookieBehavior = 1 Disable cookies 0 = Accept all cookies by default 1 = Only accept from the originating site (block third party cookies) 2 = Block all cookies by default network.cookie.lifetimePolicy = 2 cookies are deleted at the end of the session 0 = Accept cookies normally 1 = Prompt for each cookie 2 = Accept for current session only 3 = Accept for N days browser.cache.offline.enable = false Disables offline cache. browser.send_pings = false The attribute would be useful for letting websites track visitors’ clicks. webgl.disabled = true WebGL is a potential security risk. Source dom.battery.enabled = false Website owners can track the battery status of your device. Source browser.sessionstore.max_tabs_undo = 0 Even with Firefox set to not remember history, your closed tabs are stored temporarily at Menu -> History -> Recently Closed Tabs WebRTC IP Leak: WebRTC is a new communication protocol that relies on JavaScript that can leak your actual IP address from behind your VPN. How to disable WebRTC in Firefox? In short: Set "media.peerconnection.enabled" to "false" in "about:config". Explained: Enter "about:config" in the firefox address bar and press enter. Press the button "I'll be careful, I promise!" Search for "media.peerconnection.enabled" Double click the entry, the column "Value" should now be "false" Done. Do the WebRTC leak test again. If you want to make sure every single WebRTC related setting is really disabled change these settings: media.peerconnection.turn.disable = true media.peerconnection.use_document_iceservers = false media.peerconnection.video.enabled = false media.peerconnection.identity.timeout = 1 Now you can be 100% sure WebRTC is disabled. Now remember, these are just but a few of the setting that can be applied to your Firefox settings to help keep you safer while exploring the vast internet. To truly stay safe you must continue to stay vigilante in your privacy concerns by always reading the latest news on web vulnerabilities and apply them! Stay Safe...
  2. Citizens within the European Union (EU) have been advised to close their Facebook accounts if they wish to keep their private information away from the prying eyes of the US security services. In a hearing that could have significant bearing on the future of the EU-US Safe Harbor agreement, European Commission attorney Bernhard Schima as good as admitted that the current agreement was not fit for purpose, telling attorney-general Yves Bot: Schima's remark came during a case brought by Austrian law student Max Schrems following complaints filed against Facebook and four other US companies - Apple, Microsoft, Skype, and Yahoo - with the relevant data protection authorities in Ireland, Luxembourg and Germany. After Irish Data Protection Commissioner Billy Hawkes refused to investigate Schrems' claims surrounding the mass transfer of Facebook users' data to the US's National Security Agency (NSA), citing Safe Harbor rules, the case was elevated firstly to the Irish High Court and now to the European Court of Justice (ECJ). Schrems, and his crowd-funded 'Europe v Facebook' group, began campaigning after Edward Snowden revealed how the Prism data-gathering program gave US intelligence services access to data held by nine US firms, including the five named above. That, the case argues, breaches the EU's Data Protection Directive, which outlaws the transfer of citizens' personal data to countries outside of the EU unless they meet an "adequacy" standard for privacy protection. On that point Schrems, who was live tweeting the proceedings from Luxembourg, seized on the fact that the European Commission said: The International Association of Privacy Professionals reports, however, that the Commission maintained that Safe Harbor remains a necessity, arguing that: The negotiations over Safe Harbor - which allows US tech firms such as Facebook and Google to deliver targeted adverts to EU citizens - have been underway since November 2013 with no end to the discussions in sight. In the meantime, the ECJ was asked to consider whether individual national data protection authorities (DPAs) have the authority to block data transfers where deemed necessary. The Commission's stance is that it is simply not possible because the DPAs "are in principle not empowered" to suspend data transfers to the United States. Schrems, however, found backing not only from advocacy group Digital Rights Ireland, which argued that the existing Safe Harbor agreement couldn't protect citizens' data, but also from national representatives from countries including Austria and Poland. Representatives from Ireland said they would welcome further guidance on the matter. If the outcome of the case is the nullification of the Safe Harbor agreement, US companies would still be able to apply to transfer data out of the EU but, Schrems explains via Europe-v-Facebook, doing so may prove more challenging than at present: The Advocate General of the ECJ will give his opinion on the Safe Harbor framework on 24 June 2015.
  3. Privacy Badger is a browser add-on that stops advertisers and other third-party trackers from secretly tracking where you go and what pages you look at on the web. If an advertiser seems to be tracking you across multiple websites without your permission, Privacy Badger automatically blocks that advertiser from loading any more content in your browser. To the advertiser, it's like you suddenly disappeared. When you view a webpage, that page will often be made up of content from many different sources. (For example, a news webpage might load the actual article from the news company, ads from an ad company, and the comments section from a different company that's been contracted out to provide that service.) Privacy Badger keeps track of all of this. If as you browse the web, the same source seems to be tracking your browser across different websites, then Privacy Badger springs into action, telling your browser not to load any more content from that source. And when your browser stops loading content from a source, that source can no longer track you. Voila! At a more technical level, Privacy Badger keeps note of the "third party" domains that embed images, scripts and advertising in the pages you visit. If a third party server appears to be tracking you without permission, by using uniquely identifying cookies (and, as of version 1.0, local storage super cookies and canvas fingerprinting as well) to collect a record of the pages you visit across multiple sites, Privacy Badger will automatically disallow content from that third party tracker. In some cases a third-party domain provides some important aspect of a page's functionality, such as embedded maps, images, or stylesheets. In those cases Privacy Badger will allow connections to the third party but will screen out its tracking cookies and referrers. https://www.eff.org/privacybadger
  4. Several organizations including domain name registrar Namecheap are asking the public to protest a new ICANN proposal that will ban private domain name registrations. The proposal was heavily lobbied for by various copyright holder groups, who want to make it easier to expose pirate site operators. In recent months copyright holders have been increasingly pushing for changes in the domain name industry. Groups such as the MPAA and RIAA, for example, want registrars to suspend domain names of clearly infringing websites. While this is unlikely to happen on a broad scale in the near future, a new ICANN proposal may put an end to private domain name registrations for some websites. A new proposal (pdf) will no longer allow ‘commercial’ sites, which could include all domain names that run advertisements, to hide their personal details through so-called WHOIS protections services. This change is backed by copyright holder groups including the MPAA, who previously argued that it will help them to hold the operators of illegal sites responsible. “Without accurate WHOIS data, there can be no accountability, and without accountability it can be difficult to investigate and remedy issues when individuals or organizations use the Internet in illegal or inappropriate ways,†MPAA’s Alex Deacon said recently. “Ensuring this data is accurate is important not only to the MPAA and our members, but also to everyone who uses the Internet every day.†On the other side of the spectrum, the proposal has ignited protests from privacy advocates and key players in the domain name industry. Digital rights group EFF points out that copyright holders can already expose the operators of alleged infringers quite easily by obtaining a DMCA subpoena. This is something the RIAA has done already on a few occasions. EFF further warns that the new rules will expose the personal details of many people who have done nothing wrong, but may have good reasons not to have their address listed publicly. “The limited value of this change is manifestly outweighed by the risks to website owners who will suffer a higher risk of harassment, intimidation and identity theft,†EFF’s Mitch Stoltz writes. Namecheap, one of the largest domain registrars, also jumped in and sent a mass-mailing to all their customers urging them to tell ICANN not to adopt the new proposal. “No WHOIS privacy provider wants their service to be used to conceal illegal activity, and the vast majority of domain owners are not criminals. Using a WHOIS privacy service is no more suspicious than having an unlisted phone number,†Namecheap CEO Richard Kirkendall notes “These new proposed rules would wreak havoc on our right to privacy online. ICANN is moving quickly, so we should too – contact them today and tell them to respect our privacy,†he adds. ICANN is currently accepting comments from the public and Namecheap is encouraging its customers to use the Respect Our Privacy campaign site to protest the proposed changes. Of course, Namecheap has more to worry about than the privacy of its users alone. The company itself operates the Whoisguard service and earns a lot of revenue through these private registrations. Thus far most of the responses received by ICANN have come in through the special campaign site, arguing against the proposal. The commenting period closes in two weeks followed by an official report. After that, the ICANN board will still have to vote on whether or not the changes will be implemented. https://torrentfreak.com/piracy-concerns-may-soon-kill-domain-name-privacy-150625/
  5. There are persistent rumors going around that some file-sharers are doing everything they can to fly under the radar but when ruining privacy is so much easier, why bother? For those who couldn't care less about online security and have a burning desire to turn their online lives into a public free for all, here's our essential guide. Every single day one can hear do-gooders banging on endlessly about staying private on the Internet. It’s all encryption this and Edward Snowden that. Ignore them. They’re lunatics involved in a joint Illuminati / Scientologist conspiracy. No, what Internet users need is a more care-free approach to online surveillance, one that allows them to relax into a zen-like state of blissful ignorance, free from the “Five Eyes†rantings of Kim Dotcom. And there are plenty of real people already following this advice. Real events reported here on TF (and investigated by us over the past few months) have shown us that while operating in the world of file-sharing (especially if that involves releasing content or running a tracker) it is absolutely vital to lay down an easily followed trail of information. Here are some golden rules for doing just that. Naming convention If at all possible, file-sharers should incorporate their real-life names into their online nickname. Dave Mark Robinson should become DaveR at a minimum, but for greater effect DaveMR should be used. As adding in a date of birth allows significant narrowing down of identities, DaveMR1982 would be a near perfect choice. This secret codename can then be used on any torrent site, but for best effect it should be used across multiple trackers at once so the user is more easily identified. But let’s not think too narrowly here. As an added bonus, Dave should also ensure that the same nickname is used on sites that have absolutely nothing to do with his file-sharing. EBay profiles and YouTube accounts are perfect candidates, with the latter carrying some personally identifying videos, if at all possible. That said, Dave would be selling himself short if he didn’t also use the same names on….. Social media If Dave doesn’t have an active Facebook account which is easily linked to his file-sharing accounts, he is really missing out. Twitter is particularly useful when choosing the naming convention highlighted above since nicknames can often be cross-referenced with real names on Facebook, especially given the effort made in the previous section. In addition to all the regular personal and family information readily input by people like Dave, file-sharing Facebook users really need to make sure they put up clear pictures of themselves and then ‘like’ content most closely related to the stuff they’re uploading. ‘Liking’ file-sharing related tools such as uTorrent is always recommended. File-sharing sites When DaveMR1982 signs up to (or even starts to run) a torrent site it’s really important that he uses an easy to remember password, ideally one used on several other sites. This could be a pet’s name, for example, but only if that pet gets a prominent mention on Facebook. Remember: make it easy for people, it saves so much time! Dave’s participation in site forums is a must too. Ideally he will speak a lot about where he lives and his close family, as with the right care these can be easily cross-referenced with the information he previously input into Facebook. Interests and hobbies are always great topics for public discussion as these can be matched against items for sale on eBay, complete with item locations for added ease. Also, Dave should never use a VPN if he wants his privacy shattered, with the no-log type a particular no-go. In the event he decides to use a seedbox he should pay for it himself using his own PayPal account, but only if that’s linked to his home address and personal bank account. Remember, bonus points for using the same nickname as earlier when signing up at the seedbox company! Make friends and then turn them into enemies Great friendships can be built on file-sharing sites but in order to maximize the risks of a major privacy invasion, personal information must be given freely to these almost complete strangers whenever possible. In an ideal world, trusting relationships should be fostered with online ‘friends’ and then allowed to deteriorate into chaos amid a petty squabble, something often referred to in the torrent scene as a “tracker dramaâ€. With any luck these people will discard friendships in an instant and spill the beans on a whim. Domain registration Under no circumstances should Dave register his domains with a protected WHOIS as although they can be circumvented, they do offer some level of protection. Instead (and to comply with necessary regulations) Dave should include his real home address and telephone number so he is easily identified. If for some crazy reason that isn’t possible and Dave is forced to WHOIS-protect his domain, having other non-filesharing sites on the same server as his file-sharing site is always good for laying down breadcrumbs for the anti-privacy police. If the domains of those other sites don’t have a protected WHOIS, so much the better. Remember, make sure the address matches the home location mentioned on Facebook and the items for sale on eBay! Conclusion As the above shows, with practice it’s easy to completely compromise one’s privacy, whether participating in the file-sharing space or elsewhere. In the above guide we’ve simply cited some genuine real-life techniques used by people reported in previous TF articles published during the last year, but if you have better ideas at ruining privacy online, please feel free to add them in the comments. Torrentfreak
  6. After being forced to shut down his service in order to not hand over user data, Lavabit founder Ladar Levison teamed up with Mike Janke and Jon Callas, the CEO and CTO of Silent Circle. They also shut down their email service out of fear of being forced to hand over user data to authorities. They together have formed ‘The Darkmail Technical Alliance’ along with Phil Zimmerman, the man who brought PGP encryption to the masses. The mission aim is to create a Darkmail Protocol. A new email protocol that’s end-to-end encrypted and all that an outside observer can see is the size of the email. The Darkmail Whitepaper can be found here (WhitePaper) the project is known collectively as Dark Internet Mail Environment (DIME). The Source code for DIME-Integrated Lavabit: Lavabit SourceCode The way DIME works is that it applies multiple layers of encryption to an e-mail to make sure each actor in each stage of the email’s journey to sender to receiver can only see the information about the email as they need to see. When an author sends an email they can see where it’s bound, the email server can’t the email server only can only decrypt the part of the message that contains the recipients email server. The Recipient e-mail server knows the destination server and the recipient but doesn’t know the sender so each actor can see only one hop before it and after it. This relies on a federated key management system to handle the encryption layers as every actor in the DIME chain has to have its own Key pairs (a set of public and private keys) to encrypt and decrypt the required email portions it needs. Ladar Levison sees this to work in a DNS-like system with each organization that uses DIME being the authoritative source of the encryption keys for its servers and email addresses. Though specifically Levison settled for DNSSEC as the preferred method for holding a domain’s email trust anchor. This though runs into the problem of poor adoption which means that a Certificate authority signed TLS certificate would be required to validate the keys. There’s an optional mode available wherein email servers transparently do the client’s email encryption for them in what’s called “trustful mode†and can either be a bridge for users to use until they have a client program that fully supports DIME. This gives email-hosting companies the potential to deploy DIME for hosted accounts without having to have mail client issues. Levison plans on releasing Lavabit’s source code under an open source license after incorporating in the dark mail protocol into the Lavabit source code. Issue with Darkmail would be backwards compatibility since it’s a completely new email protocol it will be incompatible with current email system. This will have to be bridged by darkmail gateways. Some darkmail providers would offer an email gateway to facilitate for a darkmail email to be sent out into the normal e-mail system using SMTP etc. Darkmail offers flexible user-security with a basic level of encryption and security built into the protocol. Administrators setting up DIME can specify additional ciphers and encryption methods to deploy in order to secure the email and the DIME protocol would wrap it all in the baseline encryption that’s known to be secure. http://www.deepdotweb.com/2015/02/25/the-darkmail-alliance/
  7. Tails, The Amnesic Incognito Live System, version 1.3, is out. Tails is a live system that aims to preserve your privacy and anonymity. It helps you to use the Internet anonymously and circumvent censorship almost anywhere you go and on any computer but leaving no trace unless you ask it to explicitly. It is a complete operating system designed to be used from a DVD, USB stick, or SD card independently of the computer's original operating system. It is Free Software and based on Debian GNU/Linux. Tails comes with several built-in applications pre-configured with security in mind: web browser, instant messaging client, email client, office suite, image and sound editor, etc. This release fixes numerous security issues and all users must upgrade as soon as possible. New features Electrum is an easy to use bitcoin wallet. You can use the Bitcoin Client persistence feature to store your Electrum configuration and wallet. The Tor Browser has additional operating system and data security. This security restricts reads and writes to a limited number of folders. Learn how to manipulate files with the new Tor Browser. The obfs4 pluggable transport is now available to connect to Tor bridges. Pluggable transports transform the Tor traffic between the client and the bridge to help disguise Tor traffic from censors. Keyringer lets you manage and share secrets using OpenPGP and Git from the command line. Upgrades and changes The Mac and Linux manual installation processes no longer require the isohybrid command. Removing the isohybrid command simplifies the installation. The tap-to-click and two-finger scrolling trackpad settings are now enabled by default. This should be more intuitive for Mac users. The Ibus Vietnamese input method is now supported. Improved support for OpenPGP smartcards through the installation of GnuPG 2. There are numerous other changes that may not be apparent in the daily operation of a typical user. Technical details of all the changes are listed in the Changelog. Known issues See the current list of known issues. Download or upgrade Go to the download page. What's coming up? The next Tails release is scheduled for April 7. Have a look to our roadmap to see where we are heading to. Do you want to help? There are many ways you can contribute to Tails. If you want to help, come talk to us! Support and feedback For support and feedback, visit the Support section on the Tails website.
  8. Last week Canada enacted an amendment to its copyright law which requires Internet services to retain access logs of customers in order to process piracy notices. This mandatory data retention puts the privacy of VPN users at risk, and as a result Canadian providers are considering pulling out of the country. A few days ago it became a legal requirement for Canadian ISPs to forward copyright infringement notices to their subscribers. As a result of the new copyright law amendments, which also apply to VPN services, providers now have to keep logs of their subscribers’ IP-addresses or face high penalties. Specifically, the law requires a broad range of Internet services to “retain records that will allow the identity of the person to whom the electronic location belongs to be determined, and do so for six months….†Failing to log traffic and forward these notices may result in “statutory damages in an amount that the court considers just, but not less than $5,000 and not more than 10,000…†The new rules also apply to BTGuard, a well-known Canadian VPN and proxy service that claims to keep no logs. Concerned that the new data retention requirements would force a change in this policy, several customers asked the provider for clarification. Responding to these requests BTGuard assured its customers that its logging policy remains unchanged. However, BTGuard may discontinue its Canadian servers in the near future. “Rest assured that we are committed to our customers’ privacy. As stated in our privacy policy, we do not log our customers’ usage or IPs and never will,†one customer was told by BTGuard. “It’s possible that this legislation will require us to discontinue our servers in Canada, but we will find a solution and our services will continue where it’s legal to be anonymous without causing you any inconvenience,†the company added. In a separate request we asked BTGuard for a comment on how the new law will affect its business. In a short comment we were informed that they are still exploring their options and that no final decision has been made yet. “We still guarantee privacy. Our servers in Canada might be closed, but we are still exploring our options,†BTGuard’s Jared told TF. Other providers are prepared to take similar measures. While the text of the law suggests that VPN providers are covered (something that’s also confirmed by one of Canada’s top copyright scholars), many are still uncertain about the exact impact it will have. TunnelBear informed us that they are still investigating if they are indeed covered by the new legislation. If they are, the company will take its business elsewhere. “Despite our investigation and legal consultations, it remains unclear whether or not VPN companies are included in the bill. We have brought on legal counsel to continue to investigate,†TunnelBear says. “If it is determined that TunnelBear is required to comply with C11 if we retain operations in Canada, we will swiftly move our operations to a more privacy friendly region. At no point, under any circumstances will TunnelBear log the activity of our users,†TunnelBear adds. For TunnelBear the issue is less urgent than for others though, as the company doesn’t allow torrent traffic on its servers. While the changes may reduce piracy somewhat, it also negatively affects people’s privacy. And with the new data retention requirements Canada has certainly become an unattractive location for VPNs and other privacy services. — TF is interested in hearing how other Canadian providers intend to respond to the new law. We sent out more inquiries and will add to this article when responses are received. http://torrentfreak.com/vpn-services-consider-leaving-canada-to-protect-customer-privacy-150107/
  9. Tails, The Amnesic Incognito Live System, version 1.2, is out. Tails is a live system that aims to preserve your privacy and anonymity. It helps you to use the Internet anonymously and circumvent censorship almost anywhere you go and on any computer but leaving no trace unless you ask it to explicitly. It is a complete operating system designed to be used from a DVD, USB stick, or SD card independently of the computer's original operating system. It is Free Software and based on Debian GNU/Linux. Tails comes with several built-in applications pre-configured with security in mind: web browser, instant messaging client, email client, office suite, image and sound editor, etc. This release fixes numerous security issues and all users must upgrade as soon as possible. Changes Notable user-visible changes include: Major new features Install (most of) the Tor Browser, replacing our previous Iceweasel-based browser. The version installed is from TBB 4.0 and is based on Firefox 31.2.0esr. This fixes the POODLE vulnerability. Upgrade Tor to 0.2.5.8-rc. Confine several important applications with AppArmor. Bugfixes Install Linux 3.16-3 (version 3.16.5-1). Minor improvements Upgrade I2P to 0.9.15, and isolate I2P traffic from the Tor Browser by adding a dedicated I2P Browser. Also, start I2P automatically upon network connection, when the i2p boot option is added. Make it clear that TrueCrypt will be removed in Tails 1.2.1 (ticket #7739), and document how to open TrueCrypt volumes with cryptsetup. Enable VirtualBox guest additions by default (ticket #5730). In particular this enables VirtualBox's display management service. Make the OTR status in Pidgin clearer thanks to the formatting toolbar (ticket #7356). Upgrade syslinux to 6.03-pre20, which should fix UEFI boot on some hardware. See the online Changelog for technical details. What's coming up? The next Tails release is scheduled for November 25. Have a look to our roadmap to see where we are heading to. https://tails.boum.org/news/version_1.2/index.en.html
  10. Tails is a live system that aims to preserve your privacy and anonymity. It helps you to use the Internet anonymously and circumvent censorship almost anywhere you go and on any computer but leaving no trace unless you ask it to explicitly. It is a complete operating system designed to be used from a DVD, USB stick, or SD card independently of the computer's original operating system. It is Free Software and based on Debian GNU/Linux. Tails comes with several built-in applications pre-configured with security in mind: web browser, instant messaging client, email client, office suite, image and sound editor, etc. Tails, The Amnesic Incognito Live System, version 1.1.2, is out. This release fixes numerous security issues and all users must upgrade as soon as possible. We prepared this release mainly to fix a serious flaw in the Network Security Services (NSS) library used by Firefox and other products allows attackers to create forged RSA certificates. Before this release, users on a compromised network could be directed to sites using a fraudulent certificate and mistake them for legitimate sites. This could deceive them into revealing personal information such as usernames and passwords. It may also deceive users into downloading malware if they believe it’s coming from a trusted site. Changes Notable user-visible changes include: Security fixes Upgrade the web browser to 24.8.0esr-0+tails3~bpo70+1 Install Linux 3.16-1 Numerous other software upgrades that fix security issues: GnuPG, APT, DBus, Bash, and packages built from the bind9 and libav source packages See the online Changelog for technical details. Known issues The version of tor shipped in Tails 1.1.2 really is 0.2.4.24, not 0.2.4.21 as reported in the logs and by tor --version. The reason is that the package was built with outdated files generated by autogen.sh, but this only affects the reported version, not the code. Longstanding known issues. I want to try it or to upgrade! Go to the download page. As no software is ever perfect, we maintain a list of problems that affects the last release of Tails. What's coming up? The next Tails release is scheduled for October 14. Have a look to our roadmap to see where we are heading to. https://tails.boum.org/news/version_1.1.2/index.en.html
  11. The settlement involves an investigation into what the Federal Communications Commission says is an "unacceptable use" of customers' personal info for marketing. Verizon Communications has agreed to pay the Federal Communications Commission $7.4 million to settle an investigation into the company's use of consumers' personal information for marketing purposes. "In today's increasingly connected world, it is critical that every phone company honor its duty to inform customers of their privacy choices and then to respect those choices." --Travis LeBlanc, Acting Chief of the FCC's Enforcement BureauThis is the largest such payment the FCC has ever received in an investigation related solely to the privacy of telephone customers' personal information. The settlement comes as the FCC is trying to look like it's being tough on wireless phone companies. In late July, the commission sent Verizon a strongly worded letter in which Chairman Tom Wheeler said he was "deeply troubled" by Verizon's decision to expand its network-management policy that targets customers of its unlimited data plans. Chairman Wheeler has come under fire from fellow Democrats on Capitol Hill, as well as consumer groups and even comedians like John Oliver, for bowing too much to the will of big broadband companies, as his agency attempts to redraft new Net neutrality rules. The rules are designed to replace regulation that a federal court threw out earlier this year. Critics have been especially unhappy with the chairman for drafting a proposal to reinstate Open Internet rules that they claim would allow broadband companies to pay for priority access to networks, creating so-called Internet fast lanes. Net neutrality is the principle that Internet service providers, such as AT&T, Comcast, Time Warner Cable and Verizon, and governments around the world, should treat all Internet traffic the same. This means Internet service providers (ISPs) shouldn't block or slow down traffic on their local broadband networks based on individual users. And they shouldn't modify their services based on the type of traffic those users are accessing or on the type of service that's sending the content. Even though the FCC says the Verizon investigation has nothing to do with the rewrite of the Net neutrality rules, it's clear the commission wants to look as though it can take a tough stand against the phone companies. The investigation The Communications Act requires phone companies to protect the privacy of customers' information, such as sensitive personal information like billing and location data. But some of this data can be used by a phone company for marketing additional services to consumers. The main restriction is that customers must provide phone companies with their approval through either an "opt in" or "opt out" process. When that process isn't working properly, the company must report the problem to the FCC within five business days. Verizon typically uses an opt-out process. It sends notices to new customers in a welcome letter asking them if they don't want their information used by Verizon to send them marketing information about other Verizon services they might be interested in. The FCC's Enforcement Bureau said it discovered that, beginning in 2006 and continuing for several years, Verizon had failed to notify about 2 million new customers of their privacy rights, which would have let them opt out. In addition to the $7.4 million payment, Verizon has agreed to notify customers of their opt-out rights on every bill for the next three years. "In today's increasingly connected world, it is critical that every phone company honor its duty to inform customers of their privacy choices and then to respect those choices," Travis LeBlanc, Acting Chief of the FCC's Enforcement Bureau, said in a statement. "It is plainly unacceptable for any phone company to use its customers' personal information for thousands of marketing campaigns without even giving them the choice to opt out." Verizon didn't become aware of the issue until September 2012, the FCC said in its statement. And the company failed to notify the FCC of the problem until January 18, 2013 -- 126 days after becoming aware of it -- which is way beyond the 5 days the FCC requires. Verizon said in a statement that it takes seriously the obligation to comply with all FCC rules. It also noted that the issue didn't involve a security breach: "The issue here was that a notice required by FCC rules inadvertently was not provided to certain of Verizon's wireline customers before they received marketing materials from Verizon for other Verizon services that might be of interest to them," the company said in a statement. "It did not involve a data breach or an unauthorized disclosure of customer information to third parties." http://www.cnet.com/news/verizon-pays-7-4-million-to-settle-fcc-privacy-investigation/
  12. A New York privacy lawsuit has Google, Microsoft, Dropbox, Twitter, Yelp, Kickstarter, Meetup, and Tumblr supporting Facebook in court. Facebook Chief Deputy General Chris Sonderby informed Facebook users of the situation earlier this summer: “Since last summer, we’ve been fighting hard against a set of sweeping search warrants issued by a court in New York that demanded we turn over nearly all data from the accounts of 381 people who use our service, including photos, private messages, and other information…of the 381 people whose accounts were the subject of these warrants, 62 were later charged in a disability fraud case. This means that no charges will be brought against more than 300 people whose data was sought by the government without prior notice to the people affected. The government also obtained gag orders that prohibited us from discussing this case and notifying any of the affected people until now.†Of the 381 accounts demanded by the warrants, only 62 related to criminal activity. The others were user data accounts of grandchildren, teachers, officials, and other persons who aren’t even under suspicion for criminal activity. Facebook also goes on to say that the company went to court to fight these warrants but “were told by a lower court that as an online service provider we didn’t even have legal standing to protest the warrants,†Sonderby said. Facebook filed an appeal, but it was later rejected; Facebook only complied because the court promised to bring criminal charges against the social media company if it didn’t comply. This past Friday, the American Civil Liberties Union (ACLU) and the New York Civil Liberties Union (NYCLU) filed motions along with Google, Twitter, and Microsoft in support of Facebook’s fight to surrender the remaining 319 user accounts in court. The NYCLU said that the warrants were nothing more than “broad fishing expeditions†in its filing, considering that the warrants called for the user accounts of everyone “from high schoolers to grandparents, from all over New York and across the United States.†We here at Inferse want to bring these types of stories to public attention because we want to show that Facebook, as much as we think some of its permissions are a little weird and defy understanding, isn’t the only one at fault in the war between social media and privacy these days. At the same time, however, we think that if Facebook accessed fewer bits of user data, then judicial courts and world governments wouldn’t have as much overreach into user data as they do. In other words, if Facebook allowed users to customize permissions (select some they can agree with, reject others such as the right to record audio on Facebook Messenger), perhaps Facebook would make itself less of a target for government or court warrants such as these. If Facebook started limiting what data it collects on Facebook users, then it wouldn’t have to go to court and fight to protect its users. Just this week, Facebook purchased privacy protection company PrivateCore, a company that wrote in its acquisition announcement that “Over time, Facebook plans to deploy our technology into the Facebook stack to help protect the people who use Facebook.†In other words, Facebook is starting to care more and more about protecting the data of its users. While we applaud Facebook’s efforts to protect our user data, we also want to become more informed on what Facebook intends to do with it – and just saying “We’re taking all this user data to sell you better ads that are targeted to you†isn’t enough. We want to know what Facebook intends to do with every permission we grant the company whenever we download Instagram, or Facebook Messenger, or some other app the company may create in the future. We want a more detailed explanation than what we’ve been given in the past. Facebook, if you want your users to trust you more, don’t just acquire companies that aim to protect us – and don’t just make promises to Facebook developers at your annual F8 Conference. Rather, tell us what these specific permissions are for and what you intend to do with them. And then, allow us to come to trust you over time by allowing us to use Facebook Messenger with one or two permissions enabled – then, as you win our trust, we may open up to allow more permissions into our user data. While “we’ll protect your data over time†sounds nice, we want results now. Today. Soon.
  13. Facebook’s given its user base approximately one week to download the new messaging app in which texting abilities are being separated from the core Facebook app. Some users that have already downloaded the Facebook Messenger app are finding it to be offensive. One Facebook user in particular said that she is outraged at the privacy approvals users must give Facebook in order to download the Facebook Messenger app. “It makes me feel really angry. I think it’s a complete invasion of my privacy. We are growing up in a digital age but it’s hard knowing that everything you do is followed. It’s weird that Facebook and other apps are getting involved in your phone. It’s weird that I completely overlooked it,†she told CBS 6 News. Facebook’s new Messenger app is designed to let you text other Facebook friends, but you have to give away some privacy in order to gain texting capabilities. Here are the permissions you must give the new Facebook Messenger app: Identity Find accounts on the device Read your own contact card Contacts/Calendar Read your contacts Location Approximate location (network-based) Precise location (GPS and network-based) SMS Edit your text messages (SMS or MMS) Receive text messages (SMS) Read your text messages (SMS or MMS) Phone Directly call phone numbers Photos/Media/Files Read the contents of your USB storage Modify or delete the contents of your USB storage Camera/Microphone Take pictures and videos Record audio Wi-Fi connection information View Wi-Fi connections These permissions do not count others, such as the permission to give Facebook full network access to your phone and to even “change network connectivity.†For all of these permissions, you can view them by going to the Facebook Messenger app at Google Play, then scroll down to the section above “Google Play Content†that says “permissions.†While some are what normal apps require, we have to admit: the “edit and read your text messages,†as well as “record audio†permissions are a little weird for Facebook Messenger. If the company wants to learn more about its users, we’re not sure this is such a good idea. The best advice we can give users is this: read the permissions before agreeing to download the app. If these permissions make you feel uncomfortable, or if you think they give Facebook too much control, then do not download it. If you downloaded it in the past and you now feel uncomfortable, then the best thing to do is to use a carrier messaging app such as Verizon’s Message+, or some other carrier app that you think does a better job at maintaining privacy (FaceTime, or iMessage, for example). It’s likely the case that Instagram comes with many of the same permissions as Facebook Messenger.