NSA and GCHQ Target "Leaky" Phone Apps To Scoop User Data

schwit1 writes "New leaked NSA documents shed a new light on the agency's assault on the data controls of smartphone apps. Using app data permissions as a jumping off point, the documents show agency staffers building huge quantities of data, including 'intercepting Google Maps queries made on smartphones, and using them to collect large volumes of location information.' One slide lists capabilities for 'hot mic' recording, high precision geotracking, and file retrieval which would reach any content stored locally on the phone, including text messages, emails and calendar entries. As the slide notes in a parenthetical aside, 'if it's on the phone, we can get it.'"

Now we finally know...

[Anonymous Coward]

what those birds are so angry about

Can you hear me now?

[RotateLeftByte]

Why are you listening?
Do you understand me now?
Why are you still listening?
Do you think I have something to hide?
Remember, I'm on your side
So bugger off like a good man
and snoop on the Taleban

Re:

[Anonymous Coward]

To be clear, it's the Obama Administration that is doing this. After all, he is responsible for the actions of this and other Federal Agencies.

Re:

[Anonymous Coward]

If you know wrong is being done and do nothing to stop it, you are complicit. Yes, Obama inherited the problem, but could have (and should have) stopped this months ago.

Re:Can you hear me now?

[morgauxo]

And that's an excuse to make the moves that actually ARE wrong?

Re:

[fritsd]

If he did, the Republicans would then claim that Obama is deliberately sabotaging the NSA and jeopardizing national security. To the Republicans, every move Obama makes is wrong, no matter what move that may be.

The Republicans? Oh yeah, that was some kind of political party in the 20th century; like the Whigs. or was that the 19th.

Re:Can you hear me now?

[SirGarlon]

Remember, I'm on your side

Correction: I'm on the side you *claim to be on*.

Smurftastic!

[GPLDAN]

The NSA has all the actual slides from the internal presentation:
http://www.theguardian.com/wor... [theguardian.com]

From what I gather, TRACKER SMURF module of the WARRIOR PRIDE rootkit for both IOS and Android sort of grabs pin positions of places you search for in Google Maps as well as where you actually ARE. What's interesting is the seeming fascination with sexual orientation and clubs. I guess if there is dirt to be had on an operative or a politician, it might be if they are secretly a wild and crazy guy, or perhaps visiting a mistress in South America instead of being lost on the Appalachian trail.

I know it's fashionable to be angry and all that, but the more of these slides they release, the more you understand how good these guys are at spycraft. It's a solid rootkit base with modules for various device driver interaction, it's pulling back info to be sorted in databases specifically at dossier building on targets, etc etc. It's a well organized program of information gathering, actually.

Re:Smurftastic!

[MightyMartian]

And a police officer has the technical capacity to walk into my house and shoot me dead. That I can appreciate his likely skill with a service revolver doesn't mean he gets to shoot me dead at a whim.

The same applies to the NSA. That it has some bright brains who have some impressive technical capabilities does not mean that they should be permitted to wantonly do it without proper civilian oversight, including the requirement that no US citizen's data be collected without an explicit and accurate warrant.

In other words; capacity is only part of the equation.

NSA caught by targets that NSA wants to mention

[raymorris]

The NSA has 15 such cases that they feel like telling congress about. These are a few of the cases where the target caught on or the employee was otherwise busted. Given Snowden, it's reasonable to think NSA employees can do a lot without being caught.

As a rough guesttimate, maybe 1 / 20 who snoop on the woman they fantasize about get caught. How many of those are reported to Clapper? One in four? How many does Clapper want to tell Congress about? Maybe 1/4 of the ones he knows about?

So as a rough gue

Re:

[russotto]

As a rough guesttimate, maybe 1 / 20 who snoop on the woman they fantasize about get caught.

The really clever ones fantasize about women who might actually be terrorists and spies. They never get caught.

I'd watch the woman with the dragon tattoo

[raymorris]

That lady with the dragon tattoo seems like a spy.
I'll keep an eye on her.

Re:

[sycodon]

The police do that more often than you think.

Re:

[Zordak]

That I can appreciate his likely skill with a service revolver

Cops don't carry those anymore. They carry Glocks. 9mm, 17+1 capacity. Yes, it's a technical nit to pick, but it means that the cop has 3x more bullets than you think he has if you think he's carrying a service revolver*. Also, he's probably carrying one or two spare magazines. In other words, Rain Man [xkcd.com] is screwed. Not only can he shoot you dead. He can shoot you very dead.

*I'm not saying this is always a bad thing. Cops deal with some seriously bad people sometimes, and I'm all for them being able to defen

Re:

[Zordak]

No, not every single cop everywhere carries specifically a Glock 17. But a numerical majority of them do carry Glocks, which was the point I made first ("They carry Glocks" is a fair generalization when it applies to well over 50% of police). Then I gave an example of a specific Glock that many of them carry, and used that to illustrate the fact that your typical cop is packing a lot more than just six rounds. When was the last time you saw a cop carrying a six-round service revolver (even if some of them t

Re:

[Impy the Impiuos Imp]

The United States government was designed, by The People, cognizant of past abuses inevitably and always leading to the downfall of freedom, with the guiding principle that this "technical capability" will be abused, and thus should only be used with warrant from a judge.

Even forgetting the sophistry that warrants are not needed, that the technical ability exists where a warrant is just a checkbox on a sheet which can be skipped at will, or at abuse, is the problem. There should be uncorruptible access log

Re:

[UnknownSoldier]

Very eloquent post ! Government has failed the first lesson about technology:

"Just because you can, doesn't mean you should."

And if you can't that does NOT imply to wantonly ignore the rules, nor does it mean simply change them to suit your fancy.

Re:

[Hal_Porter]

And a police officer has the technical capacity to walk into my house and shoot me dead. That I can appreciate his likely skill with a service revolver doesn't mean he gets to shoot me dead at a whim.

Right but you accept the fact that the police need to have the capability to shoot people, right? Because if you were an armed robber or something they'd need to be able to do that to stop you.

Similarly the NSA needs to have the capability to spy on people - terrorists, Russian or Chinese spies, or - if WWIII starts - Russian or Chinese soldiers are all people the NSA needs to be able to spy on. In fact it's highly irritating when people who tweet their every thought and bowel movement whine about this. The

Re:

[Zaelath]

That's a worthless comment.

Re:

[0123456]

The "exigent circumstances" exemption to the 4th amendment effectively nullifies it.

Weird. I don't see that one in my copy of the Constitution. Are you using Constitution 2.0?

Re:

[bob_super]

Jawohl mein herr, ein fery efficient program.
Vi hafe ways of knowing vat you fink! Trust us, vi only hafe the best interest of the nation in mind...

Re:

[GPLDAN]

Mister President, we must not allow a mine shaft gap!

Re:

[msauve]

A chicken in every pot, an orifice for every edifice!

Re:

[Cryacin]

The NSA seems to be only a few short steps away from the gas chambers and crematoriums.

Re:Smurftastic!

[bob_super]

While that's a bit of an exaggeration since NSA is only collecting (once the data comes up/who cares where the hammer falls down/it's not my department/says NSA von braun), it fits in a more worrisome pattern.

There was never a doubt in the European's mind that waterboarding is torture, because that's what was used by the Reich on the resistance. When you add a KGB/Stasi-on-steroids NSA, that makes for a nasty vibe.

Re:

[whoever57]

There was never a doubt in the European's mind that waterboarding is torture, because that's what was used by the Reich on the resistance.

And by the Spanish Inquisition, who documented it amongst their methods of torture.

Re:

[fritsd]

There is precedent in the Amsterdam city archive keeping track of what religion everyone had. That was also only data collection, with only beneficial purpose. Then the government ahem "changed", and they sent a group of SSers over to write down where all the Jews lived.

Go Virtual

[bigwheel]

It seems like time to revisit virtualization within smartphones. Set up a VM with a bogus profile, and use that as a walled sandbox to run any questionable games or apps. If necessary, direct that VM's network traffic through an Internet proxy.

Too simplistic

[SpaceLifeForm]

Even if you could setup a VM-like environment, you are wasting your time. First, you can't hack the 2nd cpu in the phone, which is the one that does the cell-tower comms, and how the backdoors can be loaded into the phone, and secondly, they don't really need to do the backdoor route because your data traffic is what reveals most of the info they are looking for. The only way to secure a cell phone is to place it in a faraday cage, embedded in concrete, and deep-sixed in the ocean.

Re:

[Hal_Porter]

I guess this means the Angry Birds tie in with The Smurfs and James Bond are not going to happen.

Re:

[coofercat]

> the more you understand how good these guys are at spycraft

Actually, I disagree - they're not targeting very well at all. If they were going after specific individuals, whom had been selected by some proper surveillance and intelligence gathering then I'd say they were really good. As it is, they're just a very large version of 'grep'.

I'll bet I can find a terrorist if you give me every email and text message ever written and the details of every Angry Birds game ever played. The only difference betwee

So what.

[RightSaidFred99]

People seem to be freaking out that all these capabilities exist when anyone with half a wit or more knew that this was all possible.

The question is regarding the set of controls over how and when this is done.

I mean, by golly, did you know that 5 years ago they could listen in on your phone conversations and even determine where you were located when you were making the phone call?!

Carrying on about these capabilities (as opposed to the way they are used) is going to look as quaint to people in 20 years as the above concern about land-line phone calls looks now.

Re:So what.

[bob_super]

Yes, but it's only in the last couple decades that they've been able to regroup all the data from all the forms of communication attached to every single user.
The scale of the task used to keep people focused on potential targets. Now it's about having everything on everyone, because nobody ever got fired for having too much data when shit happens.

mod up. They used to target key suspects.

[raymorris]

Indeed, that's the difference. When they had to show up with a warrant for a specific individual and have agents sit and listen, they did that for high value suspects. Now it's all of us, all the time, who are the targets.

Re:

[fritsd]

Just the data is not very useful in itself, but the last couple of decades have also seen great progress in Machine Learning, Bayesian statistics, Neural Networks etc. etc.

Re:

[bob_super]

But but... Hollywood keeps telling me I have 59 seconds before they can complete the trace?

Re:So what.

[fuzzyfuzzyfungus]

"The question is regarding the set of controls over how and when this is done."

Yes, about those... The secret ones, that you'd need access to secret information to verify compliance with, based on a classified interpretation of a massive hodgepodge of assorted laws, executive orders, and precedents, as interpreted by a secret court that doesn't release opinions and hears only testimony from the state agents requesting authorization? Those ones... Forgive me if I'm... less than 100% reassured.

Internal regulation and discipline can't even keep the officers of Hickville PD from periodic abuses that end up drawing big civil suits, and those guys are both nearly powerless and highly vulnerable to 3rd party scrutiny. Why would anyone expect 'controls' on an agency that can just stamp 'Double Top Secret' on anything embarassing and bury it forever to be more than a joke for the break room?

Re:

[Eskarel]

They can't stop the officers of Hickville PD mostly because the community doesn't really have a problem with the abuses of Hickville PD.

You see, the citizens of Hickville don't much like African Americans or other minorities very much, they wouldn't say that to your face, but it the cops are hassling people, well they're probably criminals. Because they're in Hickville, the residents of Hickville are the only people who regularly see what they're doing and since those same residents actually approve of what

Re: So what.

[Eskarel]

That wasn't even close to my point. The police in Hicksville are doing what the residents if Hicksville want them to do which is crack down on undesirables. They wouldn't for one second get away with treating the town majority like that. It's not lck of oversight or the fact that control measures don't work. Not for the NSA, and not for the Hicksville PD, it's that we don't really want criminals to have civil rights because civil rights get in the way of arresting them.

Ever wonder why US unscrambled GPS Signals.

[gurps_npc]

I, May of 2000, President Clinton unscrambled GPS for civilian usage.

I always wondered why he did this. To create the GPS industry? I don't think so. Instead I think it was with the full knowledge that in a short time, the NSA could track people using it.

Re:

[Kardos]

What? GPS receivers don't transmit. How do you track a GPS receiver?

Re:Ever wonder why US unscrambled GPS Signals.

[fuzzyfuzzyfungus]

What? GPS receivers don't transmit. How do you track a GPS receiver?

You don't(well, somebody with an indistinguishable-from-magic antenna array and a truck full of DSPs might be able to pick up some effect of your antenna and RF circuitry against background; but it'd be dubiously practical at best); but a great many GPS receivers are connected to cellphones that are delightfully cooperative about providing those data for you. Now, even without GPS, cell tower triangulation would provide rough data; but GPS neatens it up nicely.

Re:Ever wonder why US unscrambled GPS Signals.

[Jody Bruchon]

This is why the FIRMWARE of phone radio CPUs needs to be fully open-sourced. Until they are, there is no way to audit them for privacy concerns nor modify them to close such loopholes.

Re:

[swillden]

This is why the FIRMWARE of phone radio CPUs needs to be fully open-sourced. Until they are, there is no way to audit them for privacy concerns nor modify them to close such loopholes.

Either the firmware didn't have spyware built in or the NSA's slides are misinformation, describing rootkits they didn't actually need to create in order to keep us from worrying about bugged firmware. Oh, and they must have planted this misinformation expecting that Snowden (or someone like him) would leak it.

I'm not discounting your concern, firmware is a nice vector for such spyware. But this particular data release is fairly strong evidence against it being a real problem, at least in the recent past.

Re:

[fuzzyfuzzyfungus]

I suspect that (particularly when dealing with foreign subjects; but in general because they don't have many field agents) the NSA prefers full-featured rootkits; but agencies with more boots and fewer nerds are known to have taken advantage of the weaknesses of cellular firmware.

In this case [wired.com], for instance, (atypically well documented, because of the court spat; but probably also occurs more quietly elsewhere), the FBI set up a stingray, then had verizon do a silent PRL push that reconfigured the target'

Re:

[swillden]

Very interesting. Having open source firmware is irrelevant if the authorities can simply and silently replace it at will.

Re:

[fuzzyfuzzyfungus]

The PRL isn't the firmware itself, it's a configuration file that instructs the firmware what towers to use (and a suitably paranoid OSS firmware would presumably at least tell you about the PRL push, and ideally apply heuristics to warn you about salient details, like "Hey, you just got a PRL push, and the PRL includes a tower that didn't exist at all last week. Isn't that interesting?", in sort of the same way that various SSL bandaid techniques try to warn you about SSL certs changing when they shouldn't

Re:

[gnasher719]

This is why the FIRMWARE of phone radio CPUs needs to be fully open-sourced. Until they are, there is no way to audit them for privacy concerns nor modify them to close such loopholes.

"Fully open sourced" means at best you get the source code for what is claimed to be the firmware. The question is whether an open source or close source implementation makes it harder for an attacker to insert malicious code. Obviously assuming that the attack code would be in the source code that you get is more than naÃve.

Re:

[Reziac]

And unless you yourself compile and put that firmware on your phone's CPU, how do you know the source that's released is the same program as comes with your phone??

Re:

[Jody Bruchon]

You don't, but then again this applies to every piece of equipment that has any kind of computer code running on it, from NIC firmware to entire operating systems and software suites (TrueCrypt came under fire for precisely this line of reasoning, and comments on /. TrueCrypt posts go into great depth about it.) What this does allow you to do is to check the compiled code already in firmware against the source code and see if there are discrepancies between them that should set off red flags. If you find an

Re:

[csumpi]

uhhmmm. yeah. the gps receiver doesn't transmit. but your phone, hooked to a gps receiver, does. now go back and read the article again.

Re:

[Anonymous Coward]

What? GPS receivers don't transmit. How do you track a GPS receiver?

People keep saying this, but even putting aside cellphones (which obviously transmit this information frequently), unless you're very careful with the (often repetitive) privacy questions, your car GPS (which is what most people think of as a "gps") will transmit history every time you plug it in to update it.

Re:

[jddeluxe]

While they don't transmit, per se, if GPS is enabled (and sometimes even if disabled) the most recent GPS fix is typically stored in memory.

Re:

[thelexx]

While I don't agree with the op's premise, if you encourage civilian devices to use it while knowing you can tap or otherwise access all the logs of the receiving devices (vehicles/OnStar, phones), then...?

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[Timothy Hartman]

It was because it was largely useless to use selective availability at the time as the only people who were punished were those using low grade GPS receivers. Military wasn't subject to it and golf courses, surveyors, and our enemies could get around it via base stations.I'm sure this is intentionally paranoid but a GPS is essentially nothing more than a clock, with more expensive GPS being better clocks.

Re:

[Baloroth]

I, May of 2000, President Clinton unscrambled GPS for civilian usage.

I always wondered why he did this. To create the GPS industry? I don't think so. Instead I think it was with the full knowledge that in a short time, the NSA could track people using it.

Not exactly. GPS was always available for public usage, they just turn off "selective availability", which increased the accuracy of civilian GPS (from the ~50 meter accuracy down to meter or sub-meter accuracy).

Re:

[fuzzyfuzzyfungus]

Hopefully the open source phones catch up, because right now carrying around a general purpose computing device you have no control over thanks to the carriers strikes me as an astoundingly bad idea.

Having a phone whose OS is either compromised or deliberately acting against you is obviously unhelpful; but unless you control the baseband you are pretty much fucked regardless of the OS. Cell networks are fundamentally pretty hostile in terms of how much control is held by the network or at very low levels in the baseband, rather than where you can actually see it.

Re:

[Trax3001BBS]

Hopefully the open source phones catch up, because right now carrying around a general purpose computing device you have no control over thanks to the carriers strikes me as an astoundingly bad idea.

Having a phone whose OS is either compromised or deliberately acting against you is obviously unhelpful; but unless you control the baseband you are pretty much fucked regardless of the OS. Cell networks are fundamentally pretty hostile in terms of how much control is held by the network or at very low levels in the baseband, rather than where you can actually see it.

Sometimes you just have to hope for the best.

I like having a smart phone (and Android tablet), I was able to root the tablet before it became illegal. The phone calls out from the tablet (cyanogenmod ROM) that has Droid Firewall and permissions denied; the tablet through a router firewall. So no cell towers (if that helps much).

Hiding from NSA is or was never a goal, but from advertisers, while having everything at my disposal all the time, calendar, games, videos, and mostly the camera. I go to a parts sto

Don't buy from US companies

[Anonymous Coward]

Don't use their products. The move away from US technology has only just begun.

China doesn't know it's shipping phones to the US?

[raymorris]

> Chinese phones have BigBrother software intended for tracking Chinese citizens. This spyware probably won't work well from US providers.

I suspect the Chinese have noticed that they're shipping millions of phones to their #1 rival, the US.
Notice are set up in English. It's beyond trivial for the Chinese to set export phones to English language and US region backdoor.

Angry Birds

[Jason Levine]

One article I read phrased this as the NSA spying on Angry Birds use. Come to think of it, it makes sense! You are launching projectiles (birds) at "buildings" (the pigs' structures) to cause casualties (pigs). The black bird's even a bomb that blows himself up. The Angry Birds are terrorists!!!

Re:

[bob_super]

I approve the part about the pigs being the target.

Re:

[fritsd]

Because they're "capitalist pigs", or because they're haram?
Never mind either case, you're on the watchlist now, Bob.--Meat packaging lobbyist group of America

Cyanogenmod Privacy Guard

[emil]

Does this feature [androidcentral.com] have any ability to secure a phone?

I take no small pleasure in doing this to Facebook.

Re:

[Charliemopps]

You need to think of the NSA as the "Eye of Sauron" Sauron had immense power, but without focus it was spread weakly across the world. But when the Eye was pointed your way, whoa unto you. You can't secure your phone against the NSA. If you get their attention they will have everything. This is the way it will be until the evil is destroyed.

Lipstick on a pig

[SpaceLifeForm]

Security theatre. It will help with privacy from the perspective of not giving away lots of info to a particular app maker, but it will do nothing to stop what NSA/GCHQ is doing.

Re:

[Jody Bruchon]

I would specifically like to see this gain the ability to spoof or randomly generate phone ID data for that "read phone identity and number" permission. That'd be pretty fun.

So...

[DigitAl56K]

now can we encrypt all traffic by default?

Re:

[Burz]

There is one way... http://geti2p.net/ [geti2p.net]

They have an android version in alpha, too, but its mainly a PC/server networking layer.

The thing to remember about plain encryption is that it still shows a lot of metadata: the Who, When, and Where of all your communications. It should be paired with an anonymizing network layer like I2P if you want to minimize leakage of that info.

Re:

[Anonymous Coward]

If you're rooted, encrypting does nothing but give a false sense of security.

And the collusion continues....

[Anachragnome]

From the following linked article:
"During a recent interview session I had with Mikko Hypponen, the chief research officer for digital security company F-Secure Corp, he shared that he was friends with the men behind Rovio, the creators behind another massive success story--Angry Birds."

http://www.thestar.com.my/stor... [thestar.com.my]

A couple of years ago I tried, in earnest, to inform Mikko Hypponen of evidence I had acquired (first-hand) that proved that Sony Entertainment was gathering data from computers that had Sony software installed, after being referred to him by Mark Russinovich (of Microsoft/Sysinternals fame). I was stone-walled completely, even after providing crash-dumps that held all the evidence he needed to go public-- now, I know why.

Re:

[Anti-Social Network]

Wow. As much as I liked the TED talks the guy gave that put him firmly in the anti-NSA camp, I wonder what his scruples say about this potential conflict of interest (considering how much info Angry Birds sends back to the mothership...). If you weren't already at +5 I would mod you up.

Re:

[Anachragnome]

The folks behind the tracking...

According to Rovio's own site, they use Flurry for data acquisition:

"In addition to the information covered above, we use Flurry Analytics in most games to collect gameplay-related information and technical data. This is a common analytics component, used widely in mobile gaming - for more information see www.flurry.com."

From the Flurry site, one will find the following code used by "Angry Birds" to track users:

http://support.flurry.com/sdkd... [flurry.com]

Above code is part of larger cac

Re:

[Anachragnome]

I think someone at Rovio is pissed...

At the bottom of this page at the Rovio website...

http://www.rovio.com/en/news/b... [rovio.com] ...are four links to further information regarding privacy policies and FAQs, including a link to The New York Times privacy policy page...WTF?

http://www.nytimes.com/content... [nytimes.com]

If you'll scroll down the section titled "Analytics Technologies", you'll see that The New York Times uses Flurry to track their users, just like Rovio does.

"We use Localytics and Flurry to track and report on the

Re:

[Anachragnome]

Apparently, The Guardian uses Flurry as well.

http://www.theguardian.com/hel... [theguardian.com]

"Please visit audiencescience.com/privacy.asp, quantcast.com/privacy and flurry.com/privacy-policy.html for the privacy policy of our online behavioural targeting technology providers."(again, my emphasis)

A quick look at the Propublica privacy policy shows that they use Google, for what that's worth.

I Would Favor This

[Bob9113]

The shame of it is, if I felt that the NSA was obeying the law, not watching people but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized, I would favor this capability.

Though let me be clear here; by "probable cause", I mean that a substantial percentage of the people who pass the probable cause bar wind up being found guilty. The notion that anyone crossing the border is subject to search, for example, doesn'

Re:

[Eskarel]

Of course people crossing a border pass that test. US Customs was created and empowered to search people crossing the borders by the people who actually created the constitution. Searching people and objects entering your country is something that law enforcement is empowered to do in every single country on earth and has always been empowered to do in every single country on earth.

Re:

[Bob9113]

>> Though let me be clear here; by "probable cause", I mean that a substantial percentage of the people who pass the probable cause bar wind up being found guilty. The notion that anyone crossing the border is subject to search, for example, doesn't pass the test.

> Searching people and objects entering your country is something that law enforcement is empowered to do in every single country on earth and has always been empowered to do in every single country on earth.

I wasn't very clear. I was sayi

Classified markings

[JeanCroix]

If those Powerpoint slides are legit, then someone inside the NSA is seriously negligent in proper portion marking of classified documents. That's a security violation right there.

This is close to treachery

[Bruce66423]

Surely the existence of these abilities is a useful power in meaningful intelligence activity, so its revelation does make the NSA less effective in its legitimate work. The whole debate is always sailing close to this line; to me these revelations are over the line, unlike a lot of the earlier ones.

You read /. so you already knew this right?

[Trax3001BBS]

The file "Computer_Forensics_for_Prosecutors_(2013)_Part_1".pdf has this gem in it.

"Users of mobile devices and cloud storage sign off on their rights to data scanning, There is no opt-out option."

This file showed up when a question of True Crypt being back doored came up, as out of the blue it mentions it is; if not set up correctly I would tend to agree.

Page 16 http://www.techarp.com/article... [techarp.com]
article lies about Phil ZImermann but the only place I could find the file.

Re:

[Anachragnome]

"Page 16 http://www.techarp.com/article [techarp.com]..."

Mod up Informative, please.

Re:

[Trax3001BBS]

if not set up correctly I would tend to agree.

What does the set up have to do with it? If the backdoor is built-in already, it's built in. Right?

Page 15 of the PDF mentioned...

What is a backdoor?

A method to bypass data encryption or security.

Blah blah blah

"Currently available for major encryption software - Microsoft
BitLocker, FIleVault, BestCrypt, TrueCrypt, etc." - the paragraph is a direct quote.

------------- True Crypt shouldn't of been added/listed -----------------

First TrueCrypt hasn't been backdoored. The fact they even mentioned it I figure
if it's setup up wrong it can be accessed, or worry you.

I reinstall OS's a lot, I had a TrueCrypt volu

easy to circumvent

[UnanimousCoward]

I often type in and drive to strip clubs and card rooms just to throw the NSA off since those searches are in complete contradiction of my choir boy profile.

Re:

[Anonymous Coward]

you sly devil, I do the same exact same thing, except i actually enter the bars

All that trouble...

[Greyfox]

Just to get a picture of my dong. They could have just asked, I mean, if it was for national security and all that...

If it's on the phone... ?

[Dripdry]

"If it's on the phone..."
Oh yeah? Not if I don't have a smart phone with data, you can't.

Still not gonna give in.

If it bothers you that NSA may spying on you while

[Trax3001BBS]

playing Angry Birds, mayhaps enraging you (?); you have nobody to blame but yourself. Ok, NSA shouldn't be grabbing your www.Rivo.com (Angry Bird)
data, but the truth is they are just double dipping what Rivo.com has already collected. The reason Angry Birds is mentioned is it's ToS. Do yourself a favor and read it, You'll find it at www.rovio.com.

When I say ToS, I mean everything; Privacy Policy, EULA and any other practice of using your private info - to me the phrase "ToS" covers it all.

I read ToS's and i

Re:

[Trax3001BBS]

I use www.rovio.com as a poster child of what a bad ToS reads like, Rovio uses the www.nytimes.com's privacy policy :} - to show it's "in fine company, or they aren't the only ones doing it. http://www.rovio.com/en/news/b... [rovio.com] bottom of the list. www.rovio.com also taught me of Flurry.com - one thing about www.rovio.com they covered everybody in the chain, very helpful editing one's HOSTS file. Missing of course: "overseas".

After reading Rovio's ToS - to opt out is done by cookies, you can never remove anothe

Re:

[gmuslera]

The difference between Windows and android phones is that they must install a backdoor in the android ones.

Re:

[MildlyTangy]

You may refuse and dont want a GPS bracelet on your ankle or wrist but that is what you will have. A dog collar for all of your LIFE.

WEARABLES, it's the future... (not your future as you have non in your digital cage) :)

Dont want a GPS bracelet tracking your every move?
Dont wear one.

It is optional to wear one ( unless you commit heinous crimes ).

The question becomes, do you *need* to wear one?
Today: not really.
The future: would be a 'nice to have' and cheap as chips. But probably still optional.

Your phone has a GPS too and ou can be tracked via cellular triangulation, so if you are worried about tracking, you might as well not have a mobile phone at all.

TLDR: Dont worry, you are allowed to not buy one.

Re:

[EmagGeek]

Not if the government does it. The government doesn't have to follow the laws it passes for we the peasants.