Mircrosoft is spying on you.

       This may be a shock to you but, Microsoft is spying on you. They say they are not spying on you but they are under legal threat to lie to you. I believe it's healthy to understand why such a large and powerful company is lying to it's customers. It's astonishing to see such a powerful company bow to the NSA and other agencies. Once you understand the situation Microsoft is in, you soon realize that nearly every company would do the same. As we saw through the leaks Edward Snowden and others provided, Microsoft Windows OS is far from secure. Microsoft's slogan was “Your privacy is our priority” but as the leaks show, this is far from the truth.       

       “Some of the world's largest internet brands are claimed to be part of the information-sharing program since its introduction in 2007. Microsoft – which is currently running an advertising campaign with the slogan "Your privacy is our priority" – was the first, with collection beginning in December 2007.” - https://www.theguardian.com 

       Microsoft is stuck between a rock and a hard place. They can either disobey the secret courts and NSA or risk breaking the law. They're a international company and cannot afford a bad friendship with the United States. Another important realization is that Microsoft cannot publicly say they hand over data to the NSA and others, otherwise it would be a security risk. They even go as far to deny any involvement. This is again because of legality and other investment issues. I don't see these agencies attacking Windows OS as a stupid idea either. They were largest provider for such a service, only most recently beaten out by Androids. So watch out Android! You have a huge part of the intelligence communities attention.   

       “Companies are legally obliged to comply with requests for users' communications under US law, but the Prism program allows the intelligence services direct access to the companies' servers. The NSA document notes the operations have "assistance of communications providers in the US".” - https://www.theguardian.com

       “That's according to web analytics firm StatCounter, which on Monday released statistics marking the "milestone in technology history and end of an era" with Microsoft no longer owning the dominant OS when you look at internet usage across desktop and mobile devices combined.” - https://www.cnet.com

       Second half of the reality is that PRISIM doesn't need the permission of Microsoft to work. I would assume hardly anyone that worked at Microsoft even knew about the program. That would be an obvious security risk for such a “secret”(L0L) program. This makes PRISIM an interesting and very powerful tool for the NSA. Such power is unique but not rare now-a-days. We can speculate all day as to what else the NSA or other actors might have. And this is why they're known as “zero-days”. Yes, PRISIM is not a '.exe' on itself but if seen as a program in general it can be roughly described as a zero-day(Once upon a time).   

       “The Prism program allows the NSA, the world's largest surveillance organization, to obtain targeted communications without having to request them from the service providers and without having to obtain individual court orders. With this program, the NSA is able to reach directly into the servers of the participating companies and obtain both stored communications as well as perform real-time collection on targeted users.” - https://www.theguardian.com

       “"Software giant Microsoft, which acquired Skype in 2011, said in a statement: "We will not provide governments with direct or unfettered access to customer data or encryption keys." The NSA had been monitoring Skype even before that, but since February 2011, the service has been under order from the secret US Foreign Intelligence Surveillance Court (FISC), to not only supply information to the NSA but also to make itself accessible as a source of data for the agency.” - http://www.spiegel.de

       Some of the irony of this story is that Microsoft recently called out the NSA over the global malware rise because of their weapons being in the wild. We see here a case of their PR working very well. There are newer and newer generations joining the internet age and see news from several years ago as old. This is why these discussions need to be periodically brought up. The realization that Microsoft might say one thing and do another in terms of security and privacy. This is shown as FACT in the leaks provided by people like Edward Snowden. As a crypto community we have a responsibility to teach our families and the next generation these threats.   

       '“We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world,” Microsoft President and Chief Legal Officer Brad Smith wrote in a blog post this afternoon. “This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem.”' - http://www.zerohedge.com

       Microsoft has also had some blunders most recently with parts of their source code leaking online. It's pretty remarkable how such a thing could happen but when it comes to humans there are always mistakes somewhere. These are critical errors on Microsoft's part and we can only hope they clear up these problems moving forward. Microsoft has said they closed the holes that were vulnerable to the NSA weapons. Because of  what history has shown us, I don't know if I should trust Microsoft with this. They were one of the first companies to join the PRISIM program in 2007. I wouldn't trust them with my life, but I don't mind having a Windows OS for work or other “on-grid” things.   

       “A massive trove of Microsoft's internal Windows operating system builds and chunks of its core source code have leaked online. The data – some 32TB of official and non-public installation images and software blueprints that compress down to 8TB – were uploaded to betaarchive.com, the latest load of files provided just earlier this week. It is believed the confidential data in this dump was exfiltrated from Microsoft's in-house systems around March this year.” - https://www.theregister.co.uk

       “Microsoft says it has already patched the Windows exploits released by the Shadow Brokers group. The hacking tools, likely originating from the NSA, were released online yesterday, and Microsoft was able to test and confirm patches are already available for all currently supported versions of Windows. That does mean that older Windows XP or Windows Vista systems could still be vulnerable to three of the exploits released, but it’s unlikely that Microsoft will supply patches for these older versions of Windows as they’re already unsupported.” - https://www.theverge.com

       One of the several solutions to this problem is open-source programs. Open-source everything. This will allow transparency to grow all across the board. The open-source theme is slowly coming into focus on a “mainstream” level. I believe bad actors within crypto will help bring the open-source/transparency thought into focus because we are starting to see the opposite. It will be brought up more as crypto evolves. I hope we learn from the past and see that open-source transparency is the ONLY answer. These are TOOLS to use for our protection and liberty. Another simple solution is changing your Operating System(OS). Linux is a great substitution for all your OS needs. I highly recommend looking into it and PLEASE do your research before deciding to use Linux. One commonly used form of Linux for “beginners” is called Ubuntu which is open-source and is great for learning the ins-and-outs of Linux.    

       “Experts agree it is far more difficult for intelligence agencies to manipulate open source software programs than many of the closed systems developed by companies like Apple and Microsoft. Since anyone can view free and open source software, it becomes difficult to insert secret back doors without it being noticed.” - http://www.spiegel.de

       “The open source software platform that runs everywhere from the smartphone, the tablet and the PC to the server and the cloud.” - https://www.ubuntu.com/about
 

       “UK National security government agency (CESG) recently rated Ubuntu as the most secure operating system of the 11they tested” - https://www.ubuntu.com/desktop/government
 

       In conclusion, Microsoft has a very important and crucial thing to do. I understand why they lie. I understand why they joined PRISIM. I understand why they tell the public one thing and do otherwise. But is this the direction we should be moving in? In regards to the internet, we need things that are open source. We need to be able to have transparency. These principals are what the internet was raised on. These principals will never be stripped the internet. The internet is one in this. Open source is a important feature against the ever evolving threats at large. Including the many threats we may not know of today, i.e. the zero-days. We must also stay steadfast in understanding the NSA is not the only three-letter agency threatening the fabric of the internet. The infamous CIA is a great force in all this as well. This threat will always be alive as long as these agencies exist.    
 

Just a FEW weapons the CIA has used against Windows OS
 

“WikiLeaks has posted its latest release from the Vault 7 series of CIA-related leaks that exposes a tool dubbed “Athena”, which acts as a beacon on compromised Windows-based systems and gives the agency remote loader capabilities as well. Athena and its associated tools function on all versions of Windows from XP through Windows 10.” - https://hothardware.com

“WikiLeaks maintains that “Assassin” and “AfterMidnight” are two CIA “remote control and subversion malware systems” which target Windows. Both were created to spy on targets, send collected data back to the CIA and perform tasks specified by the CIA. Both are persistent and can be scheduled to autonomously uninstall on a specific date and time.” -  http://www.computerworld.com  

What OS do you use? 

Did you know Windows had so many vulnerabilities? 

What are your opinions about the topic? 

Would love to hear from you in the comments!

Be safe out there,   
 

- Citizen 

(Image Source)

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.