Your Car, TV, Phone, Computer and Other Devices Spy On You

Years ago this would be called a “conspiracy theory” but now that the CIA’s “Vault 7” hacking tools have been released this is an established truth.  What’s more scary is the revelation applies to pretty much all computing devices and all OS’s.   The CIA has found exploits and used backdoors into the various devices.  I suspect the backdoors and some vulnerabilities were forcefully injected by the US government.  To make it more scary we have the NSA’s PRISM and this combined with the CIA dump is alarming because those entities combined with other governments surely have a lot more than what has been revealed.  It is not a stretch but rather insane to believe you are not likely being watched and listened to.  We haven’t even covered well funded, private hacking groups.

There are two issues here.  The first one is companies who willingly create vulnerabilities and backdoors at the request of governments and private groups.  The second issue is compounded by the first one where on top of that many products and companies also spy on their customers and also share that data with third party companies and governments at will without any disclosure or regulation.

It’s more than just following where you’ve gone and listening and watching you, the new smart vehicles can be hacked and likely have government mandated malware or backdoors.  Imagine if a government doesn’t like someone and they suddenly have a tragic accident.  There is absolutely no reason why this shouldn’t be the case and perhaps one day we may learn of cases of bizarre traffic accidents that were not really accidents at all.

On an interesting note the “Marble Framework” was released which is essentially an anti-forensic tool to make it difficult for malware and virus experts to attribute the code to the CIA or the US government.  The framework would essentially make it look like enemies of the US such as China, Russia, Iran, or North Korea were responsible for cyberattacks and malware that the US itself had created.

With all this it sounds hopeless but it is not, Edward Snowden famously stated “do not give up on encryption” as clearly not everything is hackable and compromised, there are steps we can take to prevent ourselves from being hacked by the government.  Edward Snowden’s comments and actions are of particular use, the fact that he still says to use encryption means there are ways to be secure.  We should also remember that he used the Tails distribution for communication and used OpenPGP, so it appears at least in the recent past, this was a secure and unbreakable way of communicating.

“What last year’s revelations showed us was irrefutable evidence that unencrypted communications on the internet are no longer safe. Any communications should be encrypted by default,” he said. — Edward Snowden

How can you protect yourself?  There are steps we can take but avoiding the usage of free, insecure services to communicate such as gmail,facebook,whatsapp and also avoiding products that spy on us.  Try to get an older TV or if you get a newer one rip it open and disable the microphone, wifi etc.  If you drive a vehicle consider again seeing if it is possible to disable some of the spying features on it or drive an older vehicle without technology that logs and calls home.  It’s time to get armed and follow certain procedures, avoid certain products and make it as a difficult as possible to be spied on.  Although the programs and hacking methods, groups like the CIA possess are incredible, not all are guaranteed to be successful especially on those who do not run default or standard settings.

Wikileaks Shutdown by Coinbase

Apparently Julian Assange’s Wikileaks merchant account on Coinbase was shutdown.  This is not at all surprising since PayPal, VISA, Mastercard and the banks did the same thing to him/them in the past.  In all fairness I don’t think Coinbase is to blame, aside from the fact they are a US based company and under the jurisdiction of the US of course.

PayPal came out and admitted they were forced to close down Wikileaks account, and I am certain the same thing has happened with Coinbase.

They have no say in the matter when the US government comes knocking.  Coinbase even recently had to give out information to the US tax department (IRS).

Of course users can still directly pay and donate to any wallets that Wikileaks controls.  As of now he lists addresses for Bitcoin, Litecoin, Ethereum, ZCash and Monero.  This is where things will heat up if he were to have a centralized currency like Ripple or Stellar Lumens.  The US government could possibly have those accounts in XRP/XLM frozen since they are a US based company.

This comes down to the wider issue of privacy, rights and freedom online and how cryptocurrency can prevent persecution for political reasons.  It also stands to reason that entities based in the US have very little say when the government comes knocking.  Coinbase and PayPal couldn’t have said no to the US government or by doing so they would be in seriously hot water.

I always advocate having some IT resources out of the reach of PRISM countries for reasons of privacy and freedom.  One of my current favorites are Singapore and Hong Kong in Asia.  Hong Kong I place particularly high value on because it has the British based system, yet it is under the protection of China.  Hong Kong is less likely to be influenced by a foreign entity than a smaller country like Singapore.  A good example of this is how Edward Snowden miraculously made it out of Hong Kong as a wanted fugitive.  Surely, Hong Kong was pressured and asked to hand him over, but somehow it never happened.

There are positives here, it looks like some brave entities in Europe have stood up for Wikileaks and at least for now, in France, Germany and Iceland there are some banks, foundations and even a University who are providing him access to the fiat system.

Cloud VPS Server Comparison by Techrich

Recently a friend asked me to compare ourselves to other large Cloud providers.  It didn’t take me long to think about it, considering essentially Techrich and Compevo architecture are identical. This wasn’t by accident, but by my own principles on how an IT company should function.  Since designing what is now known as the “Super High Performance Cloud Architecture” back in 2009. I knew I wanted Techrich to be smart on security, strict on reliability, and strong on IT protocols.

This infographic probably says it the best but I’ll do my best to explain it as well (explanation below the infographic).

Techrich Cloud VPS Server Hosting Comparison

In a nutshell most of the other Cloud architectures out there rely heavily on a shared storage pool for their VPS’s. We don’t do this.

Some companies have even gone down completely when one of their “main shared storage nodes” was hacked or had a hardware failure.

The problem with shared storage nodes/SANs (Storage Area Networks)

The problem with this architecture is that multiple physical hostnodes rely on a single point of failure for storage.  Not only that, but you can imagine the performance issues that shared network bandwidth cause when multiple hostnodes are competing for the same disk IO resources from a single shared node.

Now I know some companies have redundant shared storage but this is not good enough for both performance, security and reliability reasons.

The Techrich way of doing things is that we have tons of individual nodes that are active/failover.  This eliminates the possibility that a shared storage fault could take offline multiple hostnodes.

In our architecture we have Cloud in a 1-to-1 structure, that means data is live replicated to a standby server which does nothing but wait in case the main server fails or has an issue.

By doing this the performance is also higher, since storage is all local, you get the benefit of Cloud architecture but none of the high risks or performance issues that traditional “shared storage” Cloud brings you.

That’s the Techrich advantage and why we developed our own proprietary and hybrid system to accomplish this.  To date we’ve never been hacked or had any downtime and this is because of the architecture we’ve pursued while sparing no expense in delivering what we feel is the best product.  This is what I’d recommend all of my colleagues and friends to do if they went Cloud.  If they were going to use a shared storage cloud I’d recommend that they just make their own with a few dedicated servers or even a single dedicated server can sometimes be better, more affordable and reliable in the long-run.

When these large Cloud companies like Amazon and Alibaba started out, we did wonder would we lose out to customers who valued price over quality, security and reliability?  We were shocked when the opposite ended up happening- there was a sudden rush of sign ups, and not only that, we had to order a ton of extra servers to keep up with the demand.  I had my IT support staff double and working overtime to meet the crazy rush. It was a good problem to have, but it forced me to grow a lot faster than predicted.

In fact we’ve now noticed a trend that the bottom feeders (scammers, hackers, spammers) have gone to the cheap Cloud companies and a lot of larger players have moved to us.  This is in part, because companies who are more tech and privacy orientated who don’t want to be in a PRISM country or be at risk of the NSA being given access to their sensitive, private and proprietary business/ client information  (which is mandated for large-Cloud providers operating out of any PRISM country), so they moved to us and remain with us.

Now we get clients who even run small or middle scale businesses who have found us and switched to us simply because they do not want to be on something as risky as Amazon or Alibaba. I guess you could call Techrich and Compevo, the original IT business security company. And I plan to keep it that way.

Thanks to clunite.com for including us in their comparison