Defend Our Freedoms From the Absense of Privacy

What are Cookies?

Defend Our Freedoms — Sat, 18 May 2013 10:04:53 GMT

I came across a new type of cookie this week that I've not seen before. I was looking at a very specific item online from my desktop computer. Then, the next day I was browsing a website from a wireless device. I had an ad fed to me on that website with the same exact item I was looking at from my desktop. The item was the same brand and fed up from the same website where I was considering buying it from.

Note:

- The desktop computer and wireless device have two different service providers
- The internet browsers from the desktop to the wireless device are not the same software
- I did not sign into the webpage where the item ad was fed to me from
- My computer and wireless device are not synced.

http://www.onguardonline.gov/articles/0042-cookies-leaving-trail-web

Understanding Cookies

What is a cookie?

A cookie is information that a site saves to your computer using your web browser. A cookie allows sites to record your browsing activities – like what pages and content you’ve looked at, when you visited, what you searched for, and whether you clicked on an ad. Data collected by cookies can be combined to create a profile of your online activities.

Who places cookies on the web?

First-party cookies are placed by a site when you visit it. They can make your experience on the web more efficient. For example, they help sites remember:

items in your shopping cart
your log-in name
your preferences, like always showing the weather in your home town
your high game scores.

Third-party cookies are placed by someone other than the site you are on. These may include an advertising network or a company that helps deliver the ads you see. They may be used to deliver ads tailored to your interests. For example, if you read an article online about running, a cookie may be used to note your interest in running, and add that to a profile. And you may see coupons to save money on running shoes.

Controlling Cookies

How can I control cookies?

Various browsers have different ways to let you delete cookies or limit the kinds of cookies that can be placed on your computer. When you choose your browser, you may want to consider which suits your privacy preferences best.

To check out the settings in a browser, use the ‘Help’ tab or look under ‘Tools’ for settings like ‘Options’ or ‘Privacy.’ From there, you may be able to delete cookies, or control when they can be placed. Some browsers allow add-on software tools to block, delete, or control cookies. And security software often includes options to make cookie control easier.

If you disable cookies entirely, you may limit your browsing experience. For example, you may need to enter information repeatedly, or you might not get personalized content or ads that are meaningful to you. However, most browsers’ settings will allow you to block third-party cookies without also disabling first-party cookies.

Keep your browser up-to-date

No matter which browser you use, it’s important to keep it updated. An out-of-date browser can leave your computer vulnerable to attack by malware, which could intercept sensitive data like your log-ins, passwords, or financial information. Most browsers update automatically, or prompt you to update to the latest version.

What are “opt-out” cookies?

Some websites and advertising networks have cookies that tell them not to use information about what sites you visit to target ads to you.

There are a couple of ways to opt out of certain types of data collection or certain kinds of targeted advertising:

You can download software – an “add-on” to your browser – that controls whether and how cookies – including opt-out cookies – are stored or deleted. You can find add-ons on sites sponsored by the browser. Look through the settings or “Help” function. Browser companies review most add-ons for security and functionality before making them available for download, but as with any software, don’t download an add-on unless you have checked it out and trust the source.
Programs from the online advertising industry, including The Network Advertising Initiative and the Digital Advertising Alliance, offer tools for opting out of targeted advertising – often by placing opt-out cookies – offered by their members. You also can opt out by visiting advertising networks and advertiser websites one by one.

Deleting all your cookies will erase any opt-out cookies you’ve downloaded. To restore opt-out cookies, you will have to go through the opt-out procedure again.

Cookies are used for many purposes – for example, to limit the number of times you’re shown a particular ad. So even if you opt out of targeted advertising, a company may still use cookies for other purposes.

“Private Browsing”

What’s “private browsing”?

Many browsers offer private browsing settings that are meant to let you keep your web activities hidden from other people who use the same computer. With private browsing turned on, your browser won't retain cookies, your browsing history, search records, or the files you downloaded. Privacy modes aren’t uniform, though; it’s a good idea to check your browser to see what types of data it stores. Although it won’t keep cookies after the private browsing session ends, cookies used during the private browsing session can communicate information about your browsing behavior to third parties.

Flash Cookies

What are Flash cookies?

A Flash cookie is a small file stored on your computer by a website that uses Adobe’s Flash player technology. Flash cookies use Adobe’s Flash player to store information about your online browsing activities. Flash cookies can be used to replace cookies used for tracking and advertising, because they also can store your settings and preferences. When you delete or clear cookies from your browser, you won't necessarily delete the Flash cookies stored on your computer.

Can I control Flash cookies?

The latest versions of Google Chrome, Mozilla Firefox, and Microsoft Internet Explorer let you control or delete Flash cookies through the browser’s settings. If you use an older version of one of these browsers, upgrade to the most recent version, and set it to update automatically.

If you use a browser that doesn’t support deleting Flash cookies, look at Adobe’s Website Storage Settings panel. There, you can view and delete Flash cookies, and control whether you’ll allow them on your computer.

Like regular cookies, deleting Flash cookies gets rid of the ones on your computer at that moment. Flash cookies can be placed on your computer the next time you visit a website or view an ad unless you block Flash cookies altogether.

New Technologies

Are there other tracking technologies I should know about?

New technologies are constantly emerging, and some can be used to track your online activities even if you control regular cookies. These are generally referred to as “supercookies.” If companies offer you an opt out, they need to respect your preference, whether they use supercookies or regular cookies.

What is “Do Not Track”?

Do Not Track is a tool that allows you to express your preference not to be tracked across the web. Turning on Do Not Track through your web browser sends a signal to every website you visit that you don’t want to be tracked. Companies then know your preference. If they have committed to respect your preference, they are legally required to do so. Some browsers already support Do Not Track. If you want to use Do Not Track, check to see if the browser you use offers it – or use a browser that does.

Go Excel Global 2012

Facebook Hacking, technique to Spoof the content of any Facebook App

Defend Our Freedoms — Fri, 17 May 2013 10:44:55 GMT

From TheHackerNews.com:

http://thehackernews.com/2013/05/facebook-hacking-technique-to-spoof.html
Facebook Hacking, technique to Spoof the content of any Facebook App

There are many unpatched loopholes or flaws in Facebook website, that allow hackers to inject external links or images to a wall, hijacking any facebook account or bypassing your social privacy. Today we are going to report about another unfixed facebook app vulnerability that allow a hacker to spoof the content of any Facebook app easily.

Nir Goldshlager from Break Security today exposed another major flaw that allows hacker to wall post spoofed messages from trusted applications like Saavn, Candy Crush, Spotify, Pinterest, or really any other application on Facebook.

Lulzsec hackers to be sentenced for cyber attacks on the CIA and Pentagon

Defend Our Freedoms — Thu, 16 May 2013 12:40:19 GMT

From TheHackerNews.com

http://thehackernews.com/2013/05/lulzsec-hackers-to-be-sentenced-for.html
Lulzsec hackers to be sentenced for cyber attacks on the CIA and Pentagon

Except:

Four men accused of launching online attacks under the banner of LulzSec appeared in a London courtroom Wednesday for sentencing. Ryan Ackroyd, Jake Davis, Mustafa al-Bassam and Ryan Cleary have all pleaded guilty to hacking offences.

The name Lulzsec is a combination of 'lulz' or 'lols', "LAUGHING AT YOUR SECURITY" meaning 'laugh out loud' and security, and was a direct descent of notorious hacking group Anonymous. Working from their bedrooms in 2011, caused millions of pounds of damage with attacks on NHS, CIA and US military websites, they stole huge amounts of sensitive personal data including emails, online passwords and credit card details belonging to hundreds of thousands of people, Southwark Crown Court in London heard.

(snip)

Read More at TheHackerNews.com

Go Excel Global 2012

Wig-wearing 'CIA spy' in Russia 'was investigating Boston bombings'

Defend Our Freedoms — Wed, 15 May 2013 09:36:17 GMT

http://www.telegraph.co.uk/news/worldnews/europe/russia/10058286/Wig-wearing-CIA-spy-in-Russia-was-investigating-Boston-bombings.html
Wig-wearing 'CIA spy' in Russia 'was investigating Boston bombings'

Excerpt:

The alleged CIA spy caught red-handed by Russia was likely interested in obtaining information about the Boston bombing suspects, whose origins were in the Russian Caucasus, it has been reported.

10:02AM BST 15 May 2013

The Kommersant daily said it was probable that the suspected agent Ryan Fogle - officially a diplomat - was looking for information on the Tsarnaev brothers, who are alleged to have carried out the Marathon bombings.

(snip)

Read More

Go Excel Global 2012

IC3 2012 Internet Crime Report Released

Defend Our Freedoms — Tue, 14 May 2013 17:20:21 GMT

Download the report in pdf format:

http://www.ic3.gov/media/annualreport/2012_IC3Report.pdf

http://www.ic3.gov/media/2013/130514.aspx

Contact: Jenny Shearer
FBI National Press Office
(202) 324-3691

Contact: John Everett
National White Collar Crime Center
(804) 273-6932, ext 3355
www.nw3c.org

For Immediate Release
May 14, 2013

IC3 2012 Internet Crime Report Released

More Than 280,000 Complaints of Online Criminal Activity Reported in 2012

Fairmont, WV — Today the Internet Crime Complaint Center (IC3) released the 2012 Internet Crime Report—a summary of reported fraudulent activity, including data and statistics. In 2012, the IC3 received and processed 289,874 complaints, averaging more than 24,000 complaints per month. Unverified losses reported to IC3 rose 8.3 percent over the previous year.

A new section in this year’s report includes charts for each of the 50 states, detailing demographic, complaint and dollar loss data. The section allows for easy comparisons and convenient reference. Additional content includes frequently reported Internet crimes, case highlights, and graphs that explain the lifecycle of a complaint. The most common complaints received in 2012 included FBI impersonation e-mail scams, various intimidation crimes, and scams that used computer "scareware" to extort money from Internet users. The report gives detailed information about these and other commonly perpetrated scams in 2012. The IC3 works to educate the public and law enforcement about fraud trends.

“The 2012 Internet Crime Report reveals both the volume and the scope of Internet crime, as well as the efforts of IC3 and law enforcement to combat these crimes,” said NW3C Director Don Brackman. “As technology continues to advance, so will our efforts to stay one step ahead of cyber criminals.”

Richard A. McFeely, executive assistant director of the FBI's Criminal, Cyber, Response, and Services Branch, said: “Criminals are increasingly migrating their fraudulent activities from the physical world to the Internet. Computer users who suspect or become victims of online fraud schemes—including suspicious e-mails, fraudulent Web sites and Internet crimes—should report them to the IC3. The IC3 analyzes and makes connections among these reports and packages them for potential action by law enforcement.”

IC3 is a partnership between the Federal Bureau of Investigation (FBI), the National White Collar Crime Center (NW3C) and the Bureau of Justice Assistance (BJA). Since its start in 2000, IC3 has become a mainstay for victims reporting Internet crime and a way for law enforcement to be notified of such crimes. IC3's service to the law enforcement community includes federal, state, tribal, local, and international agencies that are combating Internet crime.

# # #

About IC3

IC3 receives, develops and refers criminal complaints of cybercrime. IC3 gives victims a convenient and easy-to-use reporting mechanism that alerts authorities of suspected criminal or civil violations. For law enforcement and regulatory agencies at the local, state, federal, and international levels, IC3 provides a central referral mechanism for complaints involving online crime.

2012 Internet Crime Report in PDF
http://www.ic3.gov/media/annualreport/2012_IC3Report.pdf

Go Excel Global 2012

Astronaut Chris Hadfield Performs Space Oddity

Defend Our Freedoms — Mon, 13 May 2013 13:49:08 GMT

from Space! GREAT VIDEO.

Go Excel Global 2012

The biggest bank robbery in history, Hackers stole $45 million

Defend Our Freedoms — Sun, 12 May 2013 09:47:14 GMT

http://thehackernews.com/2013/05/the-biggest-bank-robbery-in-history.html
The biggest bank robbery in history, Hackers stole $45 million

They didn't use guns, masks or even threatening notes passed to bank tellers. It may be the largest bank robbery in history. A gang of cyber-criminals operating in 26 countries stole $45 million by hacking their way into a database of prepaid debit cards.

Reportedly, the group of hackers targeted weaknesses in how banks and payment processors handle prepaid debit cards. Authorities said they arrested these seven U.S. citizens and residents of Yonkers, New York: Jael Mejia Collado, Joan Luis Minier Lara, Evan Jose Peña, Jose Familia Reyes, Elvis Rafael Rodriguez, Emir Yasser Yeje and Chung Yu-Holguin.

The eighth defendant charged in the indictment, Alberto Yusi Lajud-Peña, also known as 'Prime' and 'Albertico,' was murdered on April 27 in the Dominican Republic.

They're suspected of working with hackers who twice broke into credit card processing companies' computer systems, stole ATM card data and bypassed the withdrawal limits on the accounts.

(snip)

Download the Complaint Here

The technique is known as an "unlimited operation," as the thieves can grab a potentially unlimited amount of cash. Law enforcement agencies in Japan, Canada, Germany, Romania and 12 other countries have been involved in the investigation, US prosecutors said. Arrests began in March.

(snip)

From TheHackerNews.com

Go Excel Global 2012

Can You Crack a Code?

Defend Our Freedoms — Sat, 11 May 2013 11:00:05 GMT

http://www.fbi.gov/news/stories/2009/december/code_122409

Can You Crack a Code?
Try Your Hand at Cryptanalysis

12/24/09

We’ve challenged you before—in November 2007, December 2008, and May 2009—to unravel a code and reveal its secret message like the “cryptanalysts” in our FBI Laboratory.

In our latest quiz, we’ve switched gears a bit, using pictogram symbols based on Native American motifs. And with more than 50 words to decipher, it’s our longest one so far.

For the first time, we’re also posting the answer (see the bottom of this page) in case you are stumped. We ask, however, that you not post the solution on the web so that everyone can have a chance to give it a try.

Once again: If you want a primer on basic cipher systems and how to break them, see the article “Analysis of Criminal Codes and Ciphers.”

Good luck!

Note: Sorry, but cracking this code doesn’t guarantee you a job with the FBI! But do check out careers with us at FBIJobs.gov.

The answer

Go Excel Global 2012

Love It Or Hate It, Ripoff Report Is In Expansion Mode

Defend Our Freedoms — Fri, 10 May 2013 20:40:58 GMT

Wow! Adam Tanner was impressively polite in writing up this overview about Ed Magedson and his Ripoffreport.com site! I would not have been able to do it without using a string of four lettered slang type adjectives!

Neither Ed Magedson nor anyone else involved with RipOffReport verify any information about who gets written about there. My name made that site without any type of 'business review'. Just to trash and spin.

I am still using brillo to shower after calling Ed Magedson on the phone. That was a very creepy call.

And Ed, the Communications Decency Act does not protect you when you earn money off of ads.

http://www.forbes.com/sites/adamtanner/2013/05/09/love-it-or-hate-it-ripoffreport-is-in-expansion-mode/
Love It Or Hate It, Ripoff Report Is In Expansion Mode

Excerpt:

Ed Magedson lives at a secret location in Arizona, convinced that some people not only fantasize about killing him but would actually do so if they got the chance. His home – he has moved repeatedly in recent years — sits fortified behind fences with cameras watching for intruders. He makes special arrangements to dispose of trash lest enemies go through his detritus. He worries that a stray hair could leave behind DNA clues. He records his phone conversations, and if he meets a new person, sometimes hires bodyguards to sit nearby.

Why all the elaborate precautions? Magedson, 61, runs Ripoffreport.com. Depending on your point of view, Magedson either champions consumer rights or callously destroys reputations. His site allows anyone to complain anonymously about any firm or person, and no matter what, Magedson says he will not remove the posting. (There’s a way to get it removed from Google, though.) But he will accept thousands of dollars per case for his corporate advocacy program, in which companies can place content above the offending comments after agreeing to handle customer complaints promptly and making a “a written commitment to providing superior customer satisfaction regarding their products and services.”

Consumer champion empowering the little guy against scams and bad service, or eccentric exploiter? I wanted to meet him to see what he had to say for himself. But first I would have to locate him.

With roots dating back to 1997, Magedson’s site allows anyone to complain about anything: poor workmanship, a rude doctor or banker, a scam. Unlike Yelp which mixes good and bad reviews, Ripoff Report focuses on the negative. Their slogan is, “Don’t let them get away with it.” The company says it receives 125,000 to 250,000 visits a day, or more than a million a week. Quantcast, which measures Internet audiences, puts it among the top 1,000 U.S. websites.

(snip)

Read More:
http://www.forbes.com/sites/adamtanner/2013/05/09/love-it-or-hate-it-ripoffreport-is-in-expansion-mode/

Go Excel Global 2012

New privacy bill requires apps to disclose how they share personal data

Defend Our Freedoms — Fri, 10 May 2013 10:34:32 GMT

http://arstechnica.com/tech-policy/2013/05/new-privacy-bill-requires-apps-to-disclose-how-they-share-personal-data/
New privacy bill requires apps to disclose how they share personal data

Rep. Hank Johnson (D-GA) just introduced the "Apps Act," a bill that would require app developers to have privacy policies detailing how they share user data.

Under the bill, users must be shown privacy policies and sign off on them before using an app. That could lead to the kind of long click-wrap agreements users face when they log into a lot of software. To comply, policies have to make the user aware of any sharing with third-parties like advertising networks. Privacy advocates have criticized that kind of sharing, especially when consumers aren't made aware of what kind of data is being shared.

If a user stops using an app and asks for data collection to stop or be deleted, the app developer would have to comply. Enforcement of the privacy rules would be up to the Federal Trade Commission.

"Data has become the oil of the 21st century and like any other resource, there must be common-sense rules of the road for this emerging challenge," Johnson explained on the House floor today.

(snip)

Read More

Go Excel Global 2012

FTC Warns Data Broker Operations of Possible Privacy Violations

Defend Our Freedoms — Thu, 09 May 2013 16:59:44 GMT

http://www.ftc.gov/opa/2013/05/databroker.shtm
FTC Warns Data Broker Operations of Possible Privacy Violations

Letters Issued As Part of Global Privacy Protection Effort

The Federal Trade Commission sent letters to ten data broker companies warning that their practices could violate the Fair Credit Reporting Act (FCRA) after a test-shopping operation by the FTC indicated the companies were willing to sell consumer information without abiding by FCRA requirements.

The test-shopping operation was part of a worldwide privacy protection effort. FTC staff members posed as individuals or representatives of companies seeking information about consumers to make decisions related to their creditworthiness, eligibility for insurance or suitability for employment.

Data broker companies that collect, distribute or sell this information are considered consumer reporting agencies under the FCRA, meaning they must reasonably verify the identities of their customers and make sure that these customers have a legitimate purpose for receiving the information. This requirement ensures that the privacy of sensitive consumer report information is protected. Of the 45 companies contacted by FTC staff in the test-shopper operation, ten appear to violate the FCRA by offering to provide the information without complying with the law’s requirements.

The FTC issued the letters this week in conjunction with an international privacy practice transparency sweep conducted by the Global Privacy Enforcement Network (GPEN). The network connects privacy enforcement authorities to promote and support cooperation in cross-border enforcement of laws protecting privacy. Several GPEN members from countries around the world are taking steps this week to ensure that companies meet their obligations related to the privacy of consumers’ personal information.

The ten companies receiving the warning letters from the FTC include:

Two companies that appeared to offer “pre-screened” lists of consumers for use in making firm offers of credit: ConsumerBase and one additional company;
Two companies that appeared to offer consumer information for use in making insurance decisions: Brokers Data and US Data Corporation; and
Six companies that appeared to offer consumer information for employment purposes: Crimcheck.com, 4Nannies, U.S. Information Search, People Search Now, Case Breakers, and USA People Search.

The letters are not an official notice by the Commission that any of the named companies is subject to the requirements of the FCRA, nor do the letters lay out any formal complaints against the companies. Instead, they serve to remind the companies to evaluate their practices to determine whether they are consumer reporting agencies, and if so, how to comply with that law.

The Federal Trade Commission works for consumers to prevent fraudulent, deceptive, and unfair business practices and to provide information to help spot, stop, and avoid them. To file a complaint in English or Spanish, visit the FTC's online Complaint Assistant or call 1-877-FTC-HELP (1-877-382-4357). The FTC enters complaints into Consumer Sentinel, a secure, online database available to more than 2,000 civil and criminal law enforcement agencies in the U.S. and abroad. The FTC’s website provides free information on a variety of consumer topics. Like the FTC on Facebook, follow us on Twitter, and subscribe to press releases for the latest FTC news and resources.

MEDIA CONTACT:: Jay Mayfield
Office of Public Affairs
202-326-2181

STAFF CONTACT:: Kristen Anderson
Bureau of Consumer Protection
202-326-3209

Laura Berger
Bureau of Consumer Protection
202-326-2471

---------------------------------------------------------------------------------------------------------------

FTC Warns Data Broker Operations of Possible Privacy Violations

Warning Letter to 4Nannies
Warning Letter to Brokers Data
Warning Letter to Case Breakers
Warning Letter to ConsumerBase
Warning Letter to Crimcheck.com
Warning Letter to People Search Now
Warning Letter to U.S. Information Search
Warning Letter to US Data Corporation
Warning Letter to USA People Search

Go Excel Global 2012

President Obama appears with a bull’s-eye on his head in a new English-language jihad magazine published online

Defend Our Freedoms — Thu, 09 May 2013 10:47:35 GMT

http://www.nydailynews.com/news/world/jihad-magazine-targets-obama-urges-hacking-drones-article-1.1338702

Excerpt:

A radical Islamist magazine has published a full-page spread of President Obama with a bulls-eye over his head, encouraging Muslims the world over to target the president.

Go Excel Global 2012

OpUSA - Hacking Spree

Defend Our Freedoms — Wed, 08 May 2013 10:59:57 GMT

http://video.foxnews.com/v/2363338934001/hacking-spree-against-us-companies-to-begin/

Hacking spree against US companies to begin

Dave Aitel with the latest on 'OpUSA' and why some of these groups could pose a big threat to US consumers and companies

See Video Here

It says: # Urgent today the # OPusa process begins to attack # America and erased from the world # Internet, open participation and Calculate wage God Bless # # Jihad Arabia

Hat Tip to TheJester

http://thehackernews.com/2013/05/anonymous-hackers-launch-opusa-against.html
Anonymous Hackers Launch #OpUSA against US Banking and Government Agencies

#OpUSA campaign is officially started, the day has come, today May 7 as announced by Anonymous, a coordinated online attack will hit Banking and government websites. The announcement made by popular group of hacktivists is creating great concerns between US security experts in charge of defense the potential targets.

The message passed sent by Anonymous to US authorities is eloquent, “We Will Wipe You Off the Cyber Map”

(snip)

Read More at TheHackerNews.com

So, Anonymous is definitely working with Al Qaeda then?

Go Excel Global 2012

Never Attend a Party You Weren’t Invited To

Defend Our Freedoms — Tue, 07 May 2013 20:31:28 GMT

Warning before you click, some pics are graphic and disturbing.

http://jesterscourt.cc/2012/09/18/never-attend-a-party-you-werent-invited-to/

Excerpt:

It’s September 11 2012 – yes 9/11 and while everyone with even just an ounce of decency is trying hard to concentrate on the memory of what occurred that day 11 years prior, guess who is mingling with Al-Qaeda during the storming of the US Embassy in Cairo?

You couldn’t make this stuff up…

Egyptian protesters wearing Guy Fawkes masks pose for a photo graffiti on a wall of the U.S. embassy during a protest in Cairo, Egypt, Tuesday, Sept. 11, 2012. Egyptian protesters, largely ultra conservative Islamists, have climbed the walls of the U.S. embassy in Cairo, went into the courtyard and brought down the flag, replacing it with a black flag with Islamic inscription, in protest of a film deemed offensive of Islam. Photo: Nasser Nasser / AP / Read more

Now that caption from the source site calls it a flag with an ‘Islamic inscription’

let me help you out with that one….

This picture was taken as they were just getting warmed up. This is one photo and it contains 2x Anon Masks 3x Al-Qaeda flags and the Occupy Movement’s famous ACAB (All Cops Are Bastards) chant/slogan.

Are we beginning to notice something here?

NJ Governor Chris Christie has lap band surgery to reduce weight

Defend Our Freedoms — Tue, 07 May 2013 14:40:16 GMT

http://in.reuters.com/article/2013/05/07/usa-newjersey-christie-surgery-idINL2N0DO0VN20130507
NJ Governor Chris Christie has lap band surgery to reduce weight

Excerpt:

Christie underwent the surgery in February, top aide Mike Drewniak confirmed in an email to Reuters.

Lap band, or gastric banding, surgery is a procedure in which a silicone tube is wrapped around the upper part of the stomach, making it smaller, and limiting the amount of food the stomach can hold.

Christie, a plain-spoken and popular governor who rejected aggressive appeals from fellow Republicans to run for president prior to the 2012 election, said Monday night that the decision was made for his family, not for his political ambitions.

(snip)

Dr. Seuss - "A person's a person, no matter how [big or] small."

Prayers for a successful recovery. You will have my support no matter your size.

http://defendourfreedoms.net/2013/04/18/our-horton-of-stormville-makes-time.aspx
Our Horton of Stormville Makes Time

Go Excel Global 2012

5 tips to stop Facebook from stalking your real life

Defend Our Freedoms — Tue, 07 May 2013 12:51:59 GMT

Full Reported from Abine.com.

Try DNTPlus Today.

http://www.abine.com/blog/2013/5-tips-to-stop-facebook-from-tracking-your-real-life-shopping/
5 tips to stop Facebook from stalking your real life

May 6th, 2013by Sarah Downey

Facebook and its advertisers want to know everything about you, online and off. The latest push is around knowing where you grew up. If you’ve signed onto Facebook lately, you’ve probably seen it.

They’ve been asking for your hometown on your profile page for several weeks now, but they’ve gotten more aggressive lately: they’re putting it at the top of people’s news feeds and saying that your profile isn’t complete without it.

Why is Facebook pestering you to know where you grew up? It’s personal information that fills in another piece of the puzzle that makes you you. Knowing your hometown makes it easier to target you, not someone with a similar name. Knowing where you grew up–and where you live now–gives Facebook and its advertisers are better sense of the stores you like, where your family and friends are located, where you’re most likely to travel, and more. Your real life and history translates to more advertising money to Facebook, a revenue source that made up 83% of Facebook’s income in 2012.

Facebook’s recent push to get your hometown is showing up at the top of users’ news feeds.

Facebook recently extended its advertiser tracking capabilities into the real world through partnerships with big data brokers like Acxiom and Datalogix. This data sharing will let advertisers know if people who see their ads online–on Facebook–go buy whatever was advertised in real life. They piece together your offline and online activities through your personal information. Let’s say you buy a shirt at the mall and give the person at checkout your email (they’re always asking for it). If that’s the same email you use on your Facebook account, advertisers can link the two. They also link your online and offline lives through your phone number or zip code.

Here are 5 things you can do to thwart Facebook’s ability to link your real-world shopping with your online activities:

1. Don’t give Facebook your real email address or phone number

Facebook’s data use policy lets them share your information with hundreds, maybe even thousands, of advertisers, affiliates, and partners, which is why it’s smart to use a unique email and phone number that you don’t use anywhere else. Your email and phone number are the 2 pieces of info that Facebook and its big data partners use to figure out whether the same person who saw a Facebook ad online later bought the same item in a store.

Use an email address that you create solely for Facebook, or use a Masked Email or phone number. And when possible, don’t give Facebook anything.

2. Be stingy with you zip code, email, and phone number in stores

It seems like you can’t buy anything these days without the cashier asking for your personal info. Whether it’s to email you your receipt, sign you up for a rewards card, or send you coupons, it’s all a pretext to get your information, share it, and sell it. And now Facebook is one of the biggest recipients of that data. Stick to your guns and just say no when retail clerks ask you for your info. It’s not necessary to buy something, and for fellow Massachusetts residents like us, it’s now illegal. Same with California.

Your personal info on Facebook is the key to tracking your real-life activities.

3. Ignore Facebook’s attempts to collect more profile info (or give them fake info)

Facebook is always requiring more information to complete your profile, while at the same time eroding privacy controls and default settings to make more of your information public. Facebook can, and does, use your information for advertising. Here’s a good rule of thumb: if Facebook is asking for a piece of information that it doesn’t already have, don’t give it out. This applies to “security” measures too, like Facebook’s 2-step verification. Just because you give your mobile phone number for security purposes doesn’t mean Facebook won’t use it to track you.

We recommend using a fake name that looks realistic so it doesn’t look suspicious (technically, Facebook’s policies let it kick you off for not using your full, legal name). For example, use your first name and swap out your middle name for your last name. Or switch your birthday to the 1st of the real month and year in which you were born so you’ll be roughly the same age and you’ll remember it, but no one will get your real birthday if your account is ever compromised.

4. Use a privacy tool like DoNotTrackMe to block Facebook from snooping on your browsing

Those Facebook buttons you see everywhere online aren’t just for sharing: they’re trackers. They send your site activity back to Facebook even if you don’t click on them, and even if you’re not a member of Facebook. Our free browser add-on DoNotTrackMe (DNTMe) blocks these buttons from tracking you by default. Note that whatever you do on Facebook itself is still heavily tracked and not affected by DNTMe; it’s impossible to use Facebook without feeding its data collection.

5. Opt out of the 4 big data brokers that work with Facebook

Facebook recently partnered with 4 big data companies–Acxiom, Datalogix, Epsilon, and BlueKai–to get more information about your historical and offline activities. You can opt out of having these companies share your information for marketing, but (annoyingly) you have to do a separate process for each company. Just follow the Electronic Frontier Foundation’s easy-to-follow instructions and you’ll be all set.

Facebook’s data broker partners

Go Excel Global 2012

Internet Explorer zero-day exploit targets U.S. nuke researchers

Defend Our Freedoms — Mon, 06 May 2013 22:34:29 GMT

http://thehackernews.com/2013/05/internet-explorer-zero-day-exploit.html
Internet Explorer zero-day exploit targets U.S. nuke researchers

Security researchers revealed that series of "Watering Hole" has been conducted exploiting a IE8 zero-day vulnerability to target U.S. Government experts working on nuclear weapons research.

The news is not surprising but it is very concerning, the principal targets of the attacks are various groups of research such as the components of U.S. Department of Labor and the U.S. Department of Energy, the news has been confirmed by principal security firms and by Microsoft corporate.

The flaw has been used in a series of "watering hole" attacks, let’s remind that "Watering Hole" is a technique of attack realized compromising legitimate websites using a “drive-by” exploit. The attackers restrict their audience to a individuals interested to specific content proposed by targeted website, in this way when the victim visits the page a backdoor Trojan is installed on his computer.

Read More at TheHackerNews.com

Go Excel Global 2012

Nothing Peacefully about a Loaded, Armed March

Defend Our Freedoms — Mon, 06 May 2013 08:57:59 GMT

This is not peaceful. This is a threat.

In regards to the loaded, armed gun march, "Gun Protesters Plan March On Washington With Loaded Rifles To ‘Put The Government On Notice’"

Go Excel Global 2012

Humor of the Day from TheOnion

Defend Our Freedoms — Fri, 03 May 2013 12:28:05 GMT

Hat Tip to @briankrebs

http://www.theonion.com/articles/after-checking-your-bank-account-remember-to-log-o,32260/

After Checking Your Bank Account, Remember To Log Out, Close The Web Browser, And Throw Your Computer Into The Ocean

By Karen Seubert, Privacy And Security Expert, Chase Bank

At Chase Bank, we recognize the value of online banking—it’s quick, convenient, and available any time you need it. Unfortunately, though, the threats posed by malware and identity theft are very real and all too common nowadays. That’s why, when you’re finished with your online banking session, we recommend three simple steps to protect your personal information: log out of your account, close your web browser, and then charter a seafaring vessel to take you 30 miles out into the open ocean and throw your computer overboard.

Yes, online banking security is as easy as one-two-three!

(snip)

Remember, true comedy contains truth.

Go Excel Global 2012

Espionage as a Service - The Real APT

Defend Our Freedoms — Thu, 02 May 2013 09:57:09 GMT

http://infiltrated.net/index.php?option=com_content&view=article&id=56
Espionage as a Service - The Real APT

EaaS - Espionage as a Service. Nothing new to see here however, do not move along. There is this theory I have been working on for quite some time, and although I do have factual, relevant information to support my claims, because of the nature of the Internet, the underlying evidence (IP addressing) is not to be trusted [1] - ever. The theory revolves around the business of espionage on the corporate level and becomes intermingled, and often confused with, "State Sponsored" hacking. This blurred line is often visible by many in the security field on an investigative level, but is barely reported. It is a given that it is more profitable to yell "State Sponsored" in order to drum up attention for a product, blog, etc.

Here is a brief overview of what may be involved with a "State Sponsored" hacking campaign, or event. Suppose that your native country needed information on another country. Whatever that information is, they want it, quickly, quietly, as covertly as possible. There would be some form of project management amongst senior level individuals selecting HVTs (high value targets.) Once these targets are assessed, they are passed on to a "cyber group." Historically, these "cyber groups" have been the best of breed at their goals of getting in and out of systems. There is a lot of planning involved, and I will explain some of what I perceive is planned.

Prior to even laying a packet on a network, it helps to know what one is possibly targeting. This makes it easier to obtain and accumulate the correct exploits surrounding the target. One would not attempt to use say Unix based exploits against a Windows based machine. Post passive enumeration (not touching any systems, networks, etc.), there are matters of persistence. How can one maintain a foothold inside of the network. Followed by data exfiltration, and complete revision of those steps. This is a time consuming, highly focused, and highly revised task. On the "State Sponsored" level, this could compromise of dozens of people, and costs a heck of a lot of money. Alongside this, there is little room for error when it comes to being discovered which means, any "group" partaking in this activity is going to be extra cautious about identifiers. No country wants to be paraded at the podium of the United Nations for being caught with their hands in the cookie jar. This is not only common sense, but historically, when most "countries" have gone the "cyber" espionage route, evidence is a mere rumor. There are little identifiers to support such claims. This is contrary to what you may have read on a traditional news site.

Now let us look at the EaaS model of "corporate espionage" - a pay for play model. This is not similar to historical corporate espionage models, where one competitor is targeting another, but imagine a group of individuals targeting as much as they possibly could in the hopes of selling that data to as many competitors as possible. This makes more financial sense for a criminal. Unlike the traditional corporate espionage model (where one company would hire someone to focus on a competitor), this new EaaS, "pay for play" model targets all, and sells to any, and many.

This model involves similar tactics as a "state sponsored" model however, many actors in this arena are aware of the complexities involved in identification (attribution). These actors are not as "hell-bent" on keeping their identities "that" secretive. The planning involved with this differs. Although they will jump through hoops, and hurdles to remain unidentifiable, these actors often slip. They leave forensic remnants scatter abroad (code, networks used, etc.) so it makes it easier to separate state sponsored versus an organized crime gang. Aside from that, "State Sponsored" groups, will likely have "State Sponsored" forensics and counter-forensics teams to collaborate with.

With those little tidbits out of the way, I will shift back to an earlier group I had been following which I called the "Straggler Group." [2] The Straggler Group was born from a report released by Mandiant [3]. In that report, Mandiant released (in their appendices) quite a few domains. We chose a domain and performed our own analysis of the domains to try to determine the who the culprits were, where they came from, and so forth. My findings differed completely from the picture painted by Mandiant.

What I discovered was a group with a foothold in the travel and tourism industry as a whole. The mechanism used to identify this group was based on Chinese government related information. You see, in China - unlike the United States - when businesses place something "online" they are required to disclosed the equivalent of our US based drivers licenses. It is a form of registry, and is required by Chinese government. This data is visible to anyone who knows where to look. I cross checked domains, those who registered domains, telephone numbers used, addresses used, and email addresses used to register many of these domains. What I discovered was, there were hundreds (more around the 1,200 range) that were ALL (every last one of them) associated with the travel and tourism industry. I began matching up these "APT" (according to Mandiant's report) domains with a group of "businesses" more often, than that of state sponsorship.

Think about the following for a moment pretending to be a criminal content on making money via the pay-for-pay corporate espionage route:

"I need to get into many corporations in another country. I need to do this, because I can make a bucket-load of money. Because some business leaders in my country are a bit on the corrupt side, it becomes easy for me to sell them "clone-able" items. They can reproduce the next phones, the next routers, the next television sets, solar power windmills, and so forth. Not only can I sell it to business leaders in my country, but in other countries as well.

In order for me to get as much information as I can, I need to come up with a plan to disaffect every single person who may enter my country, do business with my country, etc.

What better mechanism to do this than to catch them on the way in? Since they will be visiting my country, if I controlled one of the entry/access points, I can control which hotels they visit, sniff out sessions there, embed malicious code into travel itineraries, I could figure out which leaders from what businesses will be in "town" for the taking. Take them on a tour, and have my guys go through their laptops."

(snip)

Read More: http://infiltrated.net/index.php?option=com_content&view=article&id=56

Go Excel Global 2012