Category Archives: Tor Browser

Tor is an "onion-routing" network that protects your privacy online.

If you're new to internet privacy and security, you've still probably already read references to something called Tor -- a widely hailed piece of internet-connected software with its own internet browser. Tor is embraced by privacy aficionados for its reliable encryption and its history of covering users' internet tracks.

At first glance, the terminology around Tor can seem intimidating and alien. Don't worry, though. It's simpler than it seems.

Here's everything you need to know about Tor.

Read more: The best VPN service for 2020

Back in the mid-'90s, when the US Navy was looking into ways to securely communicate sensitive intelligence information, a mathematician and two computer scientists emerged from the Naval Research Lab with something called "onion routing." It was a new kind of technology that would protect your internet traffic with layers of privacy. By 2003, The Onion Routing project, acronymed Tor, was in the hands of the public, where its vast network of users -- the engine enabling Tor -- has since continued to grow.

Today, thousands of volunteers all over the world are connecting their computers to the internet to create the Tor network by becoming "nodes" or "relays" for your internet traffic.

At a basic level, Tor is a type of internet-connected network with its own internet browser. Once you connect to the internet with the Tor browser, your internet traffic is stripped of its first layer of identifying information as it enters the Tor network, and is then sent bouncing through those relay nodes, which serve to encrypt and privatize your data, layer by layer -- like an onion. Finally, your traffic hits an exit node and leaves the Tor network for the open web.

Once you're in the Tor network, it's nearly impossible for others to track your traffic's manic pinballing path across the globe. And once you leave the Tor network via an exit node, the website you view (assuming it has HTTPS in front of its address) isn't sure which part of the world you're hailing from, offering you more privacy and protection.

Read more: The best antivirus protection of 2020 for Windows 10

Normal web browsing is easy with Tor. Head to the official site and download the Tor browser. Follow the installation instructions as you would with any other program. When you open Tor for the first time, the program will ask you to either configure your connection (if you're in a country where Tor has been banned, like China or Saudi Arabia) or simply connect. Once you click connect, Tor may take a few minutes to find a set of relays to connect you through.

But once you're in, you can use Tor just as you would any other browser. You'll also be prompted to review your Tor browser security settings. If you're aiming for maximum privacy, I'd advise leaving the settings on their default selections.

If you start experiencing slower-than-normal speeds, you can nudge Tor into action by checking for a quicker connection path to the website you're trying to view. In the top right corner of the Tor browser, click the three-line menu icon and select New Tor Circuit for this Site.

The privacy-focused Brave browser also has an option to route traffic through Tor when inside a private window.

Read more:Best iPhone VPNs of 2020

Now playing: Watch this: Brave browser gets more private with Tor

1:32

Because Tor is a volunteer-run network, speed can often be an issue. As your traffic moves from node to node, you're likely to notice more speed loss than you would, for instance, with most commercial virtual private networks. This becomes particularly noticeable if you try to watch streaming Netflix content over Tor or make voice-over-IP phone calls or video calls with an app like Zoom. Tor technology isn't necessarily built to provide seamless audio-video experiences.

Speaking of videos, there are also limits to the amount of privacy Tor can offer you if you enable certain browser media plugins like Flash. Likewise, your browser's JavaScript plug-in -- which enables you to view a lot of websites' embedded media -- can still leak your IP address information. Torrenting files with Tor also exposes you to privacy risks. Because of these risks, Tor's privacy settings have these kinds of plug-ins disabled by default.

If you're just looking to do general, daily internet perusal using a browser that will better hide your traffic from spying eyes, Tor probably isn't the best choice due to its slow speeds and incompatibility with most embedded media. But if you're concerned enough about privacy around a particular topic of internet research (and you don't have a VPN), Tor is probably the best choice for you.

In some cases, yes. Most of the time, however, it takes some know-how to be able to configure your VPN's connection to work in harmony with Tor. If you don't get it right, you can risk making both Tor and your VPN ineffective when it comes to protecting your privacy. We recommend getting familiar with both types of software before marrying the two.

On the plus side, however, a successful combination of the two can be useful. While Tor protects your internet traffic, your VPN can be set to encrypt the internet traffic of any other applications running on your device in the background.

To investigate VPNs further, check out our beginner-friendly guide to all the VPN terms you need to know and our directory of the best VPNs of 2020.

Now playing: Watch this: Top 5 reasons to use a VPN

2:42

See the original post here:
What is Tor? Your guide to using the private browser - CNET

Dear Lifehacker,I've been hearing a lot about Tor these days (with a shoutout on House of Cards!), but I'm not entirely sure what it does or why I'd ever use it. What exactly does Tor do?

Sincerely,Frank Overwood

Dear FO,We've talked a lot about Tor over the years because it's the easiest way to browse the web anonymously, but it's not always clear why that matters or why you'd need to use it. Let's take a look at what Tor does, who uses it, and perhaps most importantly, what Tor doesn't do.

G/O Media may get a commission

Tor is short for The Onion Router (thus the logo) and was initially a worldwide network of servers developed with the U.S. Navy that enabled people to browse the internet anonymously. Now, it's a non-profit organization whose main purpose is the research and development of online privacy tools.

The Tor network disguises your identity by moving your traffic across different Tor servers, and encrypting that traffic so it isn't traced back to you. Anyone who tries would see traffic coming from random nodes on the Tor network, rather than your computer. (For a more in-depth explanation, check out this post from our sister blog, Gizmodo).

To access this network, you just need to download the Tor browser. Everything you do in the browser goes through the Tor network and doesn't need any setup or configuration from you. That said, since your data goes through a lot of relays, it's slow, so you'll experience a much more sluggish internet than usual when you're using Tor.

If you want to be anonymoussay, if you live under a dictatorship, you're a journalist in an oppressive country, or a hacker looking to stay hidden from the governmentTor is one of the easiest ways to anonymize your traffic, and it's free. It's far from perfect, though (we'll get to that in a moment).

On a more general level, Tor is useful for anyone who wants to keep their internet activities out of the hands of advertisers, ISPs, and web sites. That includes people getting around censorship restrictions in their country, police officers looking to hide their IP address, or anyone else who doesn't want their browsing habits linked to them.

Tor's technology isn't just about browsing anonymously. It can also host web sites through its hidden services that are only accessible by other Tor users. It's on one of these hidden service sites that something like The Silk Road exists to traffic drugs. Tor's hosting capabilities tend to pop up in police reports for things like child pornography and arms trading, too.

So is it something that everyday users need? Probably not, at least not yet. But it's become popular because of its usefulness in many of these more specific situations.

Tor is handy, but it's far from perfect. Don't think just because you're using Tor that you're perfectly anonymous. Someone like the NSA can tell if you're a Tor user and that makes them more likely to target you. With a enough work, the government can figure out who you are. Motherboard points to a recent FBI bust that shows how this might work:

The FBI's big child porn bust this summer also raised some suspicion from privacy advocates over how easy it is for the Feds to infiltrate Tor. The FBI managed to crack the anonymous network by injecting malware into the browser, in order to identify what it called "the "largest child porn facilitator on the planet." In the process, the malware revealed the IP addresses of hundreds of users.

Furthermore, anonymity is not the same as security. It's hard to hack into the Tor network, but the browser is a different story. As we found at least year, the NSA can get into your browser a lot easier than it can the network and once it does, it gets access to everything else. So, "man in the middle" style attacks on Tor are still possible with help of internet service providers. Tor responded to these possible attacks with these comments:

The good news is that they went for a browser exploit, meaning there's no indication they can break the Tor protocol or do traffic analysis on the Tor network. Infecting the laptop, phone, or desktop is still the easiest way to learn about the human behind the keyboard.

Tor still helps here: you can target individuals with browser exploits, but if you attack too many users, somebody's going to notice. So even if the NSA aims to surveil everyone, everywhere, they have to be a lot more selective about which Tor users they spy on.

Just using Tor isn't enough to keep you safe in all cases. Browser exploits, large-scale surveillance, and general user security are all challenging topics for the average internet user. These attacks make it clear that we, the broader internet community, need to keep working on better security for browsers and other internet-facing applications.

As the How-To Geek points out, you still need to use HTTPS whenever possible to protect yourself from man-in-the-middle style attacks. Likewise, Tor's only as strong as its browser, which has had security flaws before, so it's worth making sure you always have the newest version.

As we mentioned above, if you're an average user looking at cat GIFs and browsing Facebook, you probably don't need to worry about the government spying on your activity, and Tor is just going to slow down your connection. It's more likely that you need to secure your internet rather than anonymize it, say, when you're using public Wi-Fi. In that case, you'd want to make sure you're using HTTPS on all sites that support it, and possibly even use a VPN to encrypt all your traffic when you're away from home.

If you want to stay anonymous because you're downloading large files and don't want people to see what you're downloadingsay, on BitTorrentTor is not a good solution. It won't keep you anonymous, and you'll slow down everyone else's traffic for no reason. In this case, you'd want a proxy or a VPN instead.

In other cases where you want to stay anonymous, Tor will do the trick, and it'll do it freely and easily. But we recommend considering a VPN tooas long as you use a VPN dedicated to anonymity that doesn't keep logs of your traffic, it can provide quite a few advantages over Tor (though you'll usually have to pay some money).

Most importantly, remember: nothing is 100% anonymous or secure, whether you're using Tor, a VPN, or anything else. If you think you need something along these lines, think about what exactly you're doing and what you need to protecthalf the battle is picking the right tool for the job.

Good Luck,Lifehacker

Go here to see the original:
What Is Tor and Should I Use It? - Lifehacker

Recently, Authentic8s National Security Engagement Lead and former CISO at the White House Matt Ashburn sat down with Forresters Brian Kime to discuss cyber investigations, where they lead and their importance to private and public sector organizations. Kime is a Forrester senior analyst covering cyber threat intelligence, vulnerability risk management and industrial control system security. In this role, he helps organizations identify, assess, and prioritize cyber and physical threats; prepare for emerging attack vectors; and reduce cyber risk in enterprise IT and operational technology (OT) environments.

Ashburn: We see social media sites and applications as rich resources for gathering information related to our investigations but are concerned well put ourselves and/or the company at risk. How should we get started? Do you have any dos and donts when it comes to social media?

Kime: Your organization and your high-profile employees are more vulnerable than ever, which is why you need to integrate social media monitoring into your security strategy immediately. Here a few recommendations for firms to manage social media risks.

Identify your most valuable social points of presence, actors and assets, and consider the consequences for your organization if those high-value accounts were compromised or impersonated. To determine value, consider the business influence and brand influence of those accounts as well as the data and people they are associated with.

How people use and interact on social media continues to evolve rapidly, as do the tactics cybercriminals wield to exploit it. Cyber threat intelligence services can help track the methods the adversarial groups are using against organizations like yours. As the threat landscape evolves and new threats and use cases emerge, be sure to review your social media security posture with regular audits and vulnerability assessments.

Encourage your employees to verify that new social media connections are who they say they are by connecting over email, instant messaging or phone. Create training modules on how to identify email phishing and suspicious social media activity. Identify your most at-risk and valuable employees, such as IT system and domain administrators, high-profile executives, employees in finance or R&D, etc., and set stricter policies and technical oversight controls for them.

You may want to limit messaging features to only those who use it to speak on the companys behalf. And review your marketing teams security practices to ensure they dont share access credentials for your brands social accounts; require that they access accounts through a social media management solution and reduce reliance on static passwords by requiring two-factor authentication (2FA). You should also actively monitor and protect your high-profile accounts for suspicious behavior and establish a process to monitor and submit takedown requests for fraudulent social accounts misusing your brand names and logos.

Ashburn: Is tracking activities on the dark web really a need for corporations? Seems more applicable to government- and law enforcement-type investigations.

Kime: Absolutely yes. While the dark web is primarily used by hackers for hire (either independent or state sponsored) who are trying to make a profit by selling stolen data, tracking the dark web can still be very valuable. For one, tracking the dark web helps corporations identify if their own data is for sale which might be indicative of a data breach or malicious insider activity. While you should still block access to the Tor browser and block Tor traffic at the firewall for all employees, enabling a small group of users with dark web access will provide additional insight about potential data breaches against other malicious activities targeted against your firm.

Ashburn: How do I convince upper management that we need to allocate resources to do more proactive threat intelligence gathering vs. just reacting after the fact all the time?

Intelligence helps decision makers reduce risk and uncertainty. Boards of directors are concerned with managing reputational and regulatory risks to preserve stockholder value. Therefore, intelligence should always lean towards being proactive by assessing the organizations threats intent and capability to breach or attack the organization. More tactical and operational benefits to threat intelligence include:

Matt Ashburn: How useful/important is actively managing attribution versus, say, being very cautious and making sure to use incognito mode in my browser?

Brian Kime: Users tend to think incognito mode or private browsing conceals their activity from all snooping, when the reality is those privacy modes do not prevent websites, ISPs, your employer or school from logging your activities, tracking your presence and attributing your browsing to your organization. For any user who conducts sensitive research or intelligence collection outside the corporate network, it is vital that we covertly access those hostile resources so that we do not give away our presence or intelligence requirements to our adversaries. By actively managing our own attribution (vice attributing cyberthreat activities to criminals or state organizations) we preserve our operational security and reduce the likelihood and consequences of a threat detecting our research or our intelligence collection.

Related Resources

Authentic8 and Forrester recently conducted a joint webinar on the importance of threat intelligence in the SOC and how to better enable intelligence-gathering investigations. The webinar also gives expert advice on the types of tools and frameworks that can give your SOC an advantage over adversaries.

Watch On Demand

Recent Articles By Author

*** This is a Security Bloggers Network syndicated blog from Authentic8 Blog authored by A8 Team. Read the original post at: https://blog.authentic8.com/social-media-monitoring-dark-web-investigations/

Read more from the original source:
From the Experts: Social Media Monitoring and Dark Web Investigations - Security Boulevard

Accused ricin mailer appears in court

WASHINGTON -- A Canadian woman accused of mailing a package containing ricin to the White House included a threatening letter in which she told President Donald Trump to "give up and remove your application for this election," according to court papers filed Tuesday.

[CORONAVIRUS: Click here for our complete coverage arkansasonline.com/coronavirus]

Pascale Ferrier of Quebec was arrested Sunday at the U.S.-Canada border and made her first court appearance Tuesday afternoon in federal court in Buffalo, N.Y. She faces a charge of threatening the president.

The envelope containing the toxic substance and the threatening letter was addressed to the White House but was intercepted at a mail sorting facility Friday. The package, postmarked from Canada, included a letter in which she referred to Trump as "The Ugly Tyrant Clown," according to an FBI affidavit filed in the case.

"So I made a 'special gift' for you to make a decision. This gift is in this letter," she wrote, according to the affidavit. "If it doesn't work, I'll find better recipe for another poison, or I might use my gun when I'll be able to come. Enjoy! FREE REBEL SPIRIT."

Ferrier appeared in court briefly Tuesday, and U.S. Magistrate Judge H. Kenneth Schroeder Jr. entered an innocent plea on her behalf.

Darknet drug case leads to 179 arrests

WASHINGTON -- Law enforcement officials arrested 179 people and seized more than $6.5 million in a worldwide crackdown on opioid trafficking on the darknet, the U.S. Justice Department said Tuesday.

The operation, which mainly occurred in the U.S. and in Europe, comes more than a year after officials took down the "Wall Street Market," which was believed to be one of the largest illegal online marketplaces on the darknet.

The darknet is a part of the internet hosted within an encrypted network and accessible only through specialized anonymity-providing tools, most notably the Tor Browser.

As part of the initiative, law enforcement officials seized more than $6.5 million in cash and virtual currency, in addition to 500 kilograms of drugs, the Justice Department said. About 275 kilograms of drugs, including fentanyl, heroin, cocaine, Ecstasy and other opioids, had been seized in the U.S.

The arrests include 121 made in the U.S., two in Canada, 42 in Germany, eight in the Netherlands, four in the United Kingdom, three in Australia and one in Sweden. The Justice Department said its investigation was ongoing, and investigators were still working to identify other individuals behind darknet accounts.

Deputy Attorney General Jeffrey Rosen said the takedown showed "there will be no safe haven for drug dealing in cyberspace."

CDC issues guidance on holiday visits

New guidance from the U.S. Centers for Disease Control and Prevention for the coming holiday season warns that hosts and attendees at holiday celebrations will need to take steps to limit the risk of contracting and spreading the novel coronavirus.

Virtual gatherings or those that involve one's immediate household are low-risk, the agency said in a posting Monday. If people do gather in person for Christmas and other holidays, the CDC recommends doing so outdoors, keeping groups small, using measures like mask-wearing and social distancing, and considering local virus conditions as well as where attendees are coming from.

Traditional celebrations like Halloween trick-or-treating, large indoor Dia de los Muertos gatherings, crowded Thanksgiving parades and Black Friday shopping sprees could spread the virus and should be avoided, according to the guidance. The CDC recommends alternatives such as virtual Halloween costume contests, holding a small dinner for household members and shopping online.

City readies for Taylor findings unrest

LOUISVILLE, Ky. -- Officials in Kentucky's largest city were preparing Tuesday for more protests and possible unrest as the public nervously awaits the state attorney general's announcement about whether he will charge officers in Breonna Taylor's shooting death.

Photo bySouth Florida Sun-SentinelKyle Welp plays tuesday with his dog Ryder at the freshwater dog swim area of Snyder park in Fort Lauderdale, Fla. (AP/south Florida sun-sentinel/Joe Cavaretta)

With timing of the announcement still uncertain, Louisville Mayor Greg Fischer declared a state of emergency because of the potential for civil unrest, hours after police said they would restrict access in the city's downtown. The mayor and police said they were planning ahead of time to protect demonstrators, and the people who live and work there.

But some involved in protests seeking justice for Taylor questioned why the police were going to such "overkill" lengths when the city has been the site of peaceful protests for months.

Attorney General Daniel Cameron has declined to set a deadline for his decision. Earlier this month, he remarked that "an investigation, if done properly, cannot follow a certain timeline."

Interim Police Chief Robert Schroeder said officials from Cameron's office have promised to give authorities a heads-up.

-- Compiled by Democrat-Gazette staff from wire reports

Continue reading here:
The Nation in Brief - Arkansas Online

Facial recognition is a technology that can recognize and verify an individual from a digital image or a video frame. Facial Recognition system identifies your face based on skin tone, facial hair, and other biometric information. It then compares the data to a database of stored faces and finds a match.

Law Enforcement agencies all around the world have been using the latest technologies that help track down criminals. The latest in this long list of technologies is the Facial Recognition System.

Of course, there are other methods to distinguish individuals from each other and identify them, such as:

But facial recognition continues to be the perfect biometric benchmark. And the reason for this is that it is easy to deploy, and there is no need for physical interaction by the end-user. Tracking down criminals using facial recognition is faster and more efficient.

Japanese Police Force has also joined the long list of law enforcement agencies around the globe that use facial recognition. A system can compare photographs of people previously arrested with images obtained from surveillance cameras and social media.

Police have used facial recognition technology across the nation since March. Its a more efficient and reliable way to locate criminal suspects. Critics warn that the system could transform the country into a surveillance society unless it runs under strict regulations.

According to a senior National Police Agency official, that shouldnt be a problem: We are using the system only for criminal investigations and within the scope of the law. We discard facial images that are found to be unrelated to cases.

The Japanese National Police Agency also follows strict rules laid down by the National Public Safety Commission to handle and use facial images, the same way they do fingerprints and DNA evidence.

The agencys database currently holds 10 million facial images of criminal suspects. Some of those have not yet been arrested.

The implications of facial recognition are far-reaching. It can help law enforcement agencies track down criminal suspects. But governments can use the same technology to monitor and control their citizens, like Chinas government does to Uighur Muslims. More than a million of them are in detention camps, and the Chinese government uses surveillance technologies like facial recognition to control and discipline them.

In 2013 American coder Edward Snowden made key revelations about how the National Security Agency was breaching the general publics privacy in the name of security and surveillance. Snowdens revelations raised huge concerns about public privacy, and a huge overload of privacy advocacy was seen. It was now clear that governments can go to anylengths to control and discipline their citizens.

Concerns about the possible breaches of privacy, facial recognition being one of them, are present among the Japanese masses. The only way governments can use facial recognition to track down criminals is by monitoring everyone. That is the biggest issue that privacy advocates have against facial recognition.

Many government agencies could even access the webcams of internet users in the name of public safety and surveillance. And most of the time, users are not even aware of such an intense breach in their privacy. Thats why many start covering their webcams, muting their microphones, and using various privacy tools, such as a VPN or Tor browser.

Privacy in the age of the web is one of the most common issues that we face today. Almost everyone can track you or keep tabs on your personal information.

Internet users may fall victim to a data breach and lose their sensitive data. Or worse their data might end up in malicious hands. If you are anonymous online, then your chances of falling victim to a data breach are almost zero. But its virtually impossible to stay truly anonymous.

Location-based services are on the rise as almost everyone uses a smartphone these days. These services access your location and provide you information about nearby places such as the nearest restaurant, information about indoor positioning, speed, altitude, etc. But the privacy concern about this location-sharing is that these services may be collecting more data on the users than they need to.

Going online may feel like the equivalent of having zero privacy. Almost 40% of internet users worldwide feel that they dont have control over their data. Advertisement agencies and social media sites collaborate to bring you better ads but only at the cost of your privacy. Your personal data is handed over to these third-party sites all the time.

The Japanese government and marketplaces gather data about people to use it according to their needs. Nobuo Komiya, a criminology professor at Rissho University, said, It is natural for the police to adopt advanced technology.

Nowadays, many governments are more concerned about their control over citizens and less about their privacy. They often overlook data breaches in the name of security. So everyone should take their privacy into their own hands.

Read more here:
The use of facial recognition to fight crime: Japan case - Geospatial World

A young Russian citizen and his co-conspirators came within an inch of carrying out a major ransomware attack against Tesla unaware that their target had already turned them in.

Last week, the United States Federal Bureau Investigation (FBI) unsealed a criminal complaint against a conspirator in a thwarted ransomware plot against the electric car maker Tesla.

On Aug. 22, the Bureau arrested 27 year-old Russian citizen Pavel Kriuchkov in Los Angeles, who had allegedly spent much of his month in the U.S. attempting to recruit a Tesla staffer at the firms Gigafactory Nevada site to collude on a nefarious special project.

That special project came with a lucrative incentive a bribe of $500,000, later upped to $1 million. A small advance payment was to have been paid into the staffers Bitcoin (BTC) wallet, installed using a Tor browser to evade detection.

In return for the bribe, the staffer was asked to assist in the installation of a targeted malware attack against Tesla a two-stage plot involving a distributed denial of service attack, followed by an exfiltration of sensitive company data.

The plan was to hold Tesla to ransom under threat of dumping the information publicly. Kriuchkovs conspirators had their eye on a $4 million ransom.

The hitch was that, soon after Kriuchkovs first meeting with the staffer, who remains anonymous, the staffer had already alerted Tesla, which, in turn, tipped off the FBI.

A series of August meetings between Kriuchov and the staffer were physically surveilled and wire-tapped by FBI agents. They collected intelligence about the operation and other prior exploits while preparations for the cyberattack were being hatched.

One of the conspirators was, according to Kriuchkovs communications with the staffer, a hacker specializing in encryption, who allegedly works as a high level employee of a government bank in Russia.

Kriuchkov himself was self-avowedly hazy on the technical aspects of the planned attack, and was ostensibly being paid $250,000 for his recruitment efforts.

In one early meeting, Kriuchkov, the staffer and two of the latters friends made an excursion to Lake Tahoe in California. Kriuchkov insisted on footing the bill for the groups expenses, but shied away from posing in group photos, insisting he could remember the beauty of the sunset without a memento.

On Aug. 21, Kriuchov informed the staffer that the attack was being delayed until a later date, and that he would be leaving Nevada the following day. Following his arrest in Los Angeles on Aug. 22, he is now in detention pending trial.

While Tesla is not explicitly named in the FBIs criminal complaint, Tesla news site Teslarati has confirmed the company was the target. CEO Elon Musk acknowledged the scheme in a tweet:

Read more:
FBI and Tesla thwart $4 million Bitcoin ransomware plot - Cointelegraph

The Russian national in question is Egor Igorevich Kriuchkov, age 27. He offered the Bitcoin payment to the employee of a Nevada-based company.

The U.S. Department of Justice charged Egor Igorevich Kriuchkov with conspiracy to intentionally cause damage to a protected computer. Kriuchkov traveled all the way from Russia to the United States to meet with the employee, who is known in the court documents as CHS1.

The attempt to get CHS1 to install malware on his employers computer system ran awry when the employee notified the FBI about the situation. The malware was designed to allow Kriuchkovs criminal allies access to the data in the companys network.

The data was then to be sold on the dark web unless the company agreed to pay a hefty ransom (probably in some form of cryptocurrency). Kriuchkov also told CHS1 that he was part of a larger criminal gang.

Unfortunately for Kriuchkov, he was tracked by the FBI over a three-week time period while he was in the United States. During the surveillance, evidence was collected, including conversations that were recorded. Kriuchkov was then arrested in Los Angeles.

The court document lays out the timeline for the entire affair. Kriuchkov was made aware of the employee (CHS1) through a mutual contact, and he contacted CHS1 through Whatsapp to set up a meeting in Nevada.

Kriuchkov then flew to the United States twelve days after arranging the meeting. He then met with CHS1 a number of times and worked to get in his good graces by paying for entertainment, such as a visit to Lake Tahoe, and dinners.

Once the employee deployed the malware on his companys computer, Kriuchkovs criminal allies would launch a DDoS attack to keep the company busy while the data was being stolen.

Kriuchkov initially made an offer of US$500,000 [AUS$695,000] to the employee to install the malware. This offer was later increased to a cool million. To help facilitate the transfer of Bitcoin, Kriuchkov helped the employee set up a Bitcoin wallet through the Tor browser and said, a payment of 1 BTC would be made upfront.

Things came to a head on August 21 when Kriuchkov told CHS1 that plans for the malware planting had been delayed due to his gang finishing up another big project. He told CHS1 he was heading back to Russia. He was then arrested the following day in Los Angeles.

If convicted, Egor Igorevich Kriuchkov faces a fine of US$250,000 [AUS$347,580] and up to five years in prison.

Images courtesy of Richard Patterson/Flickr, Caspar Camille Rubin/Unsplash

More here:
Man offered $1M in Bitcoin to plant malware - Micky News

Law enforcement agencies working online benefit from machine learning (ML) and artificial intelligence (AI) , which lead to leading solutions. ML and AI work together, and automated methods can search the dark web, detect illegal activity and bring malicious actors to justice.

The interface between AI and GIS has created enormous possibilities that were not possible before. The field of artificial intelligence (AI) is so advanced that it exceeds or exceeds human accuracy in many areas, such as speech recognition, reading and writing, and image recognition. Together, ML and AI are rapidly making their way into the world of law enforcement.

AI, machine learning, and deep learning help make the world a better place, for example, by helping to increase crop yields through precision farming, fighting crime through predictive policing, or predicting when the next big storm will arrive, whether in the US or elsewhere.

As fraud detection programs are driven by artificial intelligence (AI), many of these chains turn to AI to ensure that they use various techniques to stop bad actors in advance. Broadly speaking, AI is the ability to perform tasks that typically require a certain level of human intelligence.

Reward programs are particularly popular because they can store large amounts of valuable data, including payment information. Reward points are also valuable because bad actors can spend them or sell them on dark web marketplaces.

Coffee giant Dunkin 'Donuts was the victim of a hacker attack in October 2018, and the fraudsters who initiated the program were able to sell users' loyalty credits on dark web marketplaces for a fraction of their value. Sixgill is a cyber threat intelligence service that analyses dark web activity to detect and prevent cyber attacks and sensitive data leaks before they occur. Using advanced algorithms, its cyber intelligence platform provides organisations with real-time alerts and actionable intelligence that priorities major threats such as cyber attacks, data breaches and cyber attacks.

New York City-based Insight has developed a threat detection platform that uses artificial intelligence and machine learning to scan deep and dark networks for specific keywords to alert potential targets. Sixgill investigates the Dark Web, the Internet of Things, and other areas of human activity to identify and predict cybercrime and terrorist activity. While the darker web requires someone to use the Tor browser, it can also be accessed by someone who knows where to look.

That's why AI and ML are used to bring light into the dark web, and they can sweep it away faster than a person could. The IntSights report primarily scans deep and dark nets for the latter, but it can also scan the darker net, though not as fast or as far as a person could do, the report said.

The problem with using AI and ML for this job is that there is not enough clarity: 40% of the websites on the dark-net are completely legal. The remaining 60% are not, and this includes anonymous transactions that are legal, according to the IntSights report.

View original post here:
How AI Has Helped The Dark Web - AI Daily

New tool allows users to prevent themselves from being tracked online

With major web browsers now including privacy protections against cookie-based tracking, theres been a rise in the use of fingerprinting and researchers now say theyve developed a way to spot and prevent these stealthy tracking techniques.

FP-Inspector, created by a team from the University of Iowa, Mozilla, and the University of California, uses a syntactic-semantic approach to detect fingerprinting (FP) scripts, using machine learning models based on static and dynamic JavaScript analysis.

Unlike techniques such as API changes and network request blocking, which require manual analysis, the open source tool automates the process of detection by extracting features such as syntax and execution from scripts and training a classifier to detect fingerprinting.

It does this through a complementary combination of static and dynamic analysis. Static analysis, says the team, helps FP-Inspector overcome the coverage issues of dynamic analysis, while dynamic analysis gets around the inability of static analysis to handle obfuscation.

And, says the team, FP-Inspector can identify fingerprinting scripts with 99.9% accuracy and half the amount of website breakage, compared with blanket API restrictions such as those enforced by Brave and Tor Browser.

Many of the fingerprinting scripts the team detected were missed by existing filter lists maintained by tracking protection organizations.

Disconnect, for example used by Firefox and Microsoft Edge didnt list , while DuckDuckGo, used by Safari, omitted the domain.

RECOMMENDED Firebase messaging vulnerability allowed attackers to send push notifications to app users

EasyPrivacy, used by Brave and tracker blocking browser extensions such as AdblockPlus and uBlock origin, didnt have on its list.

We compared FP-Inspector to a prior approach on detecting fingerprinting scripts that uses manually crafted heuristics, and found that FP-Inspector, that uses machine learning, is 26% more accurate at detecting fingerprinting scripts, author Umar Iqbal of the University of Iowa tells The Daily Swig.

The team took a list of the top websites ranked by Alexa and ran them through FP-Inspectors detector. They found that browser fingerprinting was present on more than 10% of the top 100,000 websites, and on more than a quarter of those in the top 10,000.

These fingerprinting scripts, says Iqbal, are mostly served by ad tech companies that specialize in anti-ad fraud and cross-site tracking services.

The team found that nearly 14% of news websites used them, falling to just 1% of credit- and debt-related websites, probably because fingerprinting is more widespread on sites relying on advertising and paywalls for monetization.

Browser fingerprinting techniques allows sites to identify and track web users

Discussing the increase in fingerprinting activity, Iqbal said: All mainstream browsers Chrome, Safari, Firefox, Edge are building privacy protections against cookie-based tracking.

For example, Safari blocks third-party cookies and Chrome has announced plans to phase out third-party cookies in the next two years.

Considering these privacy protections around cookie-based tracking, fingerprinting provides an alternate approach to track users without relying on cookies; we suspect that it might be the reason for the rise of fingerprinting.

And, he says, with privacy protections against third-party cookie blocking on the rise, he expects the use of fingerprinting for cross-site tracking to grow.

Read more of the latest browser security news

The team has reported the domains they found serving fingerprinting scripts to Disconnect, DuckDuckGo, and Easylist/EasyPrivacy.

As a result of our reporting, EasyPrivacy has created a new category for fingerprinting in their filter list, says Iqbal.

We also reported previously unreported uses of web APIs by FP scripts to Firefox, and we expect that as a result of our reports, Firefox may decide to redesign these APIs to reduce their fingerprinting potential.

To encourage follow-up research, the team plans to release the fingerprinting countermeasures prototype extension, as well as their list of newly discovered fingerprinting vendors and the bug reports theyve submitted to tracking protection lists, browser vendors and standards bodies.

Iqbal and his colleagues offer a detailed analysis of their findings in a white paper, Fingerprinting the Fingerprinters (PDF).

More information on FP-Inspector can be found on GitHub.

YOU MIGHT ALSO LIKE Firefox 79 takes aim at website trackers

Go here to see the original:
Browser fingerprinting more prevalent on the web now than ever before research - The Daily Swig

As protests in support of the Black Lives Matter movement continue around the United States, Gmail is treating emails from advocacy and political groups referring to racial justice issues like marketing emails.

The Markup analyzed hundreds of emails sent to a test Gmail account from more than 200 candidates and organizations from across the political spectrum from whom wed signed up to receive communications. Of the emails referring to racial justice received since George Floyd was killed in May, Gmail sent seven in 10 to the less-visible promotions tab, which the company says is for deals, offers, and other marketing emails.

We also analyzed 22 emails we received from eight racial justice groups over 10 days starting on June 19 and found Gmail sent nine in 10 to the promotions tab. The groups were: The Bail Project, Black Lives Matter, Color of Change, Justice for George NYC, NAACP, NAACP Legal Defense and Education Fund, Reclaim the Block, and the Youth Justice Coalition.

Emails treated like marketing included:

In fact, Gmail categorized all 18 emails sent by Color of Change, a nonprofit that advocates for Black equality, as promotions.

People across the country are looking to racial justice groups like Color of Change to keep them informed and provide opportunities to create change, said Evan Feeney, the groups campaign director. That Google is treating these messages the same as a coupon from a store that you signed up for their mailing list that one time is absurd.

Gmails categorization of racial justice emails mirrors an investigation published by The Markup in February that found Gmail sent about half of all political emails to the promotions tab. Since May 25, Gmail sent both political emails and racial justice emails to promotions about 70percent of the time.

Gmail is the most popular free email program in the world, with an estimated 43percent of the market, according to the email marketing firm Litmus. Gmail claims to have 1.5billion active email addresses, so its choices have an outsized effect on which messages reach people.

In an email, Google spokesperson Brooks Hocog declined to comment but pointed to one of the statements the company sent to The Markup for the story published earlier this year.

In addition to user input, machine learning, to a lesser extent, is also used to classify emails, the statement said. Types of email that might make it into the Promotions tab include calls-to-action, marketing newsletters and offers or coupons. This approach applies to all emails that fit the promotion classification, regardless of industry, affiliation, etc.

By default, Gmail places email in three inbox tabs: primary, which is visible when a user signs in, social, for messages from social networks, and promotions. It also sends some messages to spam. Google, which owns Gmail, says many factors influence how emails are sorted, including how users interact with them individually and in the aggregate.

Some email marketers say they have reliable methods to influence inbox placement in the same way SEO experts say they can boost a websites ranking in Googles search engine. But while some may be able to avoid having email sent to spam, avoiding promotions is tougher, said Laura Atkins, co-founder of the email deliverability consulting firm Word to the Wise.

We at least know what makes the mail go into the spam folder, she said. We have no idea what makes mail go into promotions.

Users can influence the Gmail algorithm by moving individual emails into the primary tab, but its unclear how many times that move has to be repeated before Gmail consistently delivers emails from that sender to the primary inbox, Atkins said.

Gmail says users can set up filters to override the algorithm and direct messages from specific senders to their own primary inbox. They can also disable the tabs. Google declined to say how many users keep them enabled. A 2016 survey by an email deliverability firm showed about 34percent of respondents said they use the tabs.

In order to see how Gmail would categorize emails without any explicit user feedback, we created the test account last year with a new phone number using the anonymizing Tor browser. The email data is exported with Googles automated tools. We kept the test account segregated in a dedicated browser to avoid sending signals to the email sorting algorithm based on web browsing or by association with other accounts, and we did not open or click on any of the emails.

We found Gmails choices were not always consistent. A signup confirmation email from Justice for George NYC went to the primary inbox in our main test inbox, but in a second test inbox it went to the promotions tab. (We did not respond to the signup confirmation email, so did not receive additional emails.)

A representative from Justice for George said in an email that Gmail addresses account for 85 percent of its mailing list and said its incredibly inaccurate to categorize the groups emails, which provide opportunities for New Yorkers to engage in anti-racism advocacy, as marketing.

The percentage of emails from political causes and candidates sent to the primary inbox has remained consistently below 9percent, both in our earlier analysis and in our analysis of racial justice emails.

A coalition of advocacy groups, including Color of Change, approached Google in 2018 about the way their emails were being categorized after they noticed a drop in petition signatures and noticed the percentage of emails winding up in the promotions tab had increased. Google granted them a series of phone calls, but nothing changed, several members of the coalition said. Google would not discuss its interactions with those groups with The Markup.

Among the nonprofits whose emails we signed up to receive is the Youth Justice Coalition, which advocates against inequality in the criminal justice system. The Los Angelesbased nonprofit sent us an email asking recipients to testify at a government hearing to reform the 911 system. Gmail sent it to the promotions tab.

I definitely see this as concerning and problematic, said Emilio Zapien, the groups media and communications coordinator. The dissemination of information is vital to all the organizing work that we do.

He said the group has shifted its focus to social media since he noticed a couple of years ago that its emails were going to the promotions tab.

I opened up my email inbox this morning and saw that [an email] was in promotions and it didnt even pop up in my primary email section, he added, and it just makes me wonder, how many people is this affecting the flow of information for?

This article was originally published on The Markupby Adrianne Jeffries and Leon Yin and was republished under the Creative Commons Attribution-NonCommercial-NoDerivatives license.

Read next: Large doses of vitamin D may protect you from COVID-19 but it's also toxic

Do you want to get the sassiest daily tech newsletter every day, in your inbox, for FREE? Of course you do: sign up for Big Spam here.

See the original post here:
To Gmail, Black Lives Matter emails are 'promotions' - The Next Web