Microsoft, Google and Co still have not disclosed what data the NSA is requesting from them. That’s why we want to take a look at possible backdoors the NSA might abuse to quickly retrieve your user data and create user profiles
Microsoft, Google Not To Blame!
First of all, let me underline that Google, Microsoft and Co are not to blame here (even if I wish they would disclose more details of what the NSA is requesting!). We have no evidence that any parties freely collaborated with the NSA. However, we know that the NSA is capable of sniffing data and intercepting data quite easily, so no Google profile or Microsoft account is secure. In particular if you are frequently in contact with foreign individuals you are a “suspect”.
Unfortunately Windows makes it very easy for the NSA. For example, Windows tracks what programs you are using, but that is certainly not restricted to Windows, Mac OS X and other OS’s do the same. Also, a lot of useful data is stored in the Windows paging file. It may be possible for a NSA-trojan to quickly retrieve data from your PC with a few clicks.
Ubuntu, Linux Not A Secure Alternative
Admittedly, open-source software is usually more secure because the community can easily scan the source code for possible security vulnerabilities and backdoors. However, that doesn’t mean the NSA isn’t capable of easily hacking your Ubuntu machine. In fact, I’d say it’s even easier to hack an unprotected Linux machine than a Windows-machine with some decent firewalls and network tools.
Most Linux users are somewhat ignorant, believing they don’t have to secure their system, because it’s Linux. But that isn’t true – you need to install firewalls as you would on MS Windows. For example, a possible
UserAssist: Keeping Track Of Programs
In this post, I want to take a closer look at a registry entry that has been around since Windows Vista, possibly even longer.
It’s called UserAssist. What it does? It keeps track of what programs you have used recently. This might be quite handy for the NSA to create user profiles on a PC and then collect them for analyzing certain networks with suspicious behaviour. Let’s say you are frequently contacting foreign individuals (via Skype, Gmail or other tools, it doesn’t really matter), then you may be put on a watchlist. Next, the NSA may install backdoors on suspicious PC’s with certain activity or use backdoors that have not been disclosed yet. We know the NSA is buying backdoors/trojans and exploits from the black market, so it wouldn’t surprise me if they know a bunch of ways to break into your machine, be it a Linux or a Windows machine!
Analyzing Your Behaviour: They Need To Know What Programs You Use Frequently
Once they gained access, they will collect data and track your behaviour. The first thing the NSA will do is collect data about what programs you use so they can monitor you and your contacts. Let’s say you are frequently playing certain video games – it’s quite possible that the NSA is then monitoring your traffic on that specific port then. But how would it find out what games you play? Exactly, it needs to find a way to keep track of your most used applications. UserAssist and other logs make that possible.
Let’s Take A Closer Look
With a tool called UserAssistView from NirSoft we can figure out what the registry is “hiding” from us in cryptic code:
As you can see above, in plain text the registry is logging exactly what files you have recently accessed.
Not only does it track what files/programs you are accessing, it is also capable of tracking the count and a timestamp. So it knows exactly what programs you frequently access
All of the attributes combined makes this a PERFECT backdoor for the NSA
Part 2: Cleaning UserAssist Using Batch Files When You Log Off
In Part 2 we will take things into our own hands and figure out how to get rid off the UserAssist keys every time we log off. Personally, I have nothing to hide, let the NSA waste American tax dollars on analyzing my useless data. I’m pretty sure the European agencies don’t collect that much data and are much more efficient at creating useful profiles. Why on earth would the NSA collect so much (mostly) useless data on their own citizens and foreign individuals, including data from their own allies (Germany, France, etc)? Well, I don’t know the answer to that, but to me it certainly looks like the NSA is turning the USA into a country with a totalitarian government spying on all activies of their citizens. They certainly have too much power already.
