Is Windows 8 a Trojan horse for the NSA? The German Government thinks so

The German Government is now deeply suspicious that the Trusted Platform Module (TPM) technology built into a growing number of Windows 8 PCs and tablets is creating a gigantic back door for NSA surveillance, leaked documents have suggested.

Documents from the German Ministry of Economic Affairs obtained by German title Zeit Online uncover the alleged unease of officials at the direction of version 2.0 of the standard being developed under the auspices of the multi-vendor Trusted Computing Group (TCG).

TPM has been marketed as a security and Digital Rights Management (DRM) technology since its appearance in 2006, but version 2.0 would embed a chip on every PC that has complete control over which programs can and can’t run, a setting that can’t be over-ridden under Windows 8. The chip is also where the cryptographic data is stored for Windows BitLocker and it enables remote administration.

Windows 8 security going forward will be founded on TPM 2.0 and the ability to access or break it would be of huge value to any intelligence service.

During TCG meetings, German officials appear to have expressed concern about the potential for abuse but were “rebuffed,” Zeit claims. The documents also refer to the NSA having representation at the meetings and the statement “the NSA agrees” in the context of leaving the technology in its current (presumably unreformed) state.

The full context of this reference is not clear from the Zeit article but the implication is disturbing; the NSA thinks that TPM 2.0 does not offer a barrier to its operations.

German officials, including members of the Federal Office for Information Security (Bundesamt für Sicherheit or BSI) concluded that "the use of trusted Computing technique in this form ... is unacceptable for the federal administration and the operators of critical infrastructure," and would represent a “loss of full sovereignty over information technology."

A second document expresses the belief that TPM 2.0 under Windows 8 is no longer usable while Windows 7 “be operated safely until 2020,” after which alternatives will need to be sourced.
Is the story overblown Teutonic paranoia or a valid concern about the growing power of state surveillance? Until recently, the presumption might have been to the former but the Snowden affair changed the dimensions of the debate.

The NSA has if not the capability then certainly the ambition to eavesdrop on every communication event on the Internet, and the willingness of large US firm to go along with that, or not, has generated huge controversy. Meanwhile, allegations that Microsoft has co-operated with the NSA to bypass the encryption used in some of its services are a matter of public record.

For cost reasons, TPM is rarely built into consumer PCs although the advent of Windows 8 is supposed to extend version 2.0 to all PCs over time. Newer devices such as Windows 8 tablets and some phones are likely to have a TPM although getting precise data on this is not easy. Linux supports Intel’s TPM 1.0, although unlike 2.0 this can be loaded and unloaded from the endpoint.
Ironically, an expert quoted in the Zeit article goes on to worry that the Chinese Government as well as the NSA might be able to access data through TPM 2.0; many TPM chips are manufactured in the country.

After years of low-level discussion among security experts, worries over surveillance backdoors have suddenly become a mainstream topic. Last month an Australian report claimed that intelligence services in the ‘five eyes’ alliance (the US, UK, Canada, Australia and New Zealand) had refused to use PCs made by Chinese-founded Lenovo over concerns about “backdoor hardware and firmware vulnerabilities.”

Source http://news.techworld.com/security/3465259/is-windows-8-a-trojan-horse-for-the-nsa-the-german-government-thinks-so/

Is Windows 8 a Trojan horse for the NSA? The German Government thinks so

The German Government is now deeply suspicious that the Trusted Platform Module (TPM) technology built into a growing number of Windows 8 PCs and tablets is creating a gigantic back door for NSA surveillance, leaked documents have suggested.

Documents from the German Ministry of Economic Affairs obtained by German title Zeit Online uncover the alleged unease of officials at the direction of version 2.0 of the standard being developed under the auspices of the multi-vendor Trusted Computing Group (TCG).

TPM has been marketed as a security and Digital Rights Management (DRM) technology since its appearance in 2006, but version 2.0 would embed a chip on every PC that has complete control over which programs can and can’t run, a setting that can’t be over-ridden under Windows 8. The chip is also where the cryptographic data is stored for Windows BitLocker and it enables remote administration.

Windows 8 security going forward will be founded on TPM 2.0 and the ability to access or break it would be of huge value to any intelligence service.

During TCG meetings, German officials appear to have expressed concern about the potential for abuse but were “rebuffed,” Zeit claims. The documents also refer to the NSA having representation at the meetings and the statement “the NSA agrees” in the context of leaving the technology in its current (presumably unreformed) state.

The full context of this reference is not clear from the Zeit article but the implication is disturbing; the NSA thinks that TPM 2.0 does not offer a barrier to its operations.

German officials, including members of the Federal Office for Information Security (Bundesamt für Sicherheit or BSI) concluded that "the use of trusted Computing technique in this form ... is unacceptable for the federal administration and the operators of critical infrastructure," and would represent a “loss of full sovereignty over information technology."

A second document expresses the belief that TPM 2.0 under Windows 8 is no longer usable while Windows 7 “be operated safely until 2020,” after which alternatives will need to be sourced.
Is the story overblown Teutonic paranoia or a valid concern about the growing power of state surveillance? Until recently, the presumption might have been to the former but the Snowden affair changed the dimensions of the debate.

The NSA has if not the capability then certainly the ambition to eavesdrop on every communication event on the Internet, and the willingness of large US firm to go along with that, or not, has generated huge controversy. Meanwhile, allegations that Microsoft has co-operated with the NSA to bypass the encryption used in some of its services are a matter of public record.

For cost reasons, TPM is rarely built into consumer PCs although the advent of Windows 8 is supposed to extend version 2.0 to all PCs over time. Newer devices such as Windows 8 tablets and some phones are likely to have a TPM although getting precise data on this is not easy. Linux supports Intel’s TPM 1.0, although unlike 2.0 this can be loaded and unloaded from the endpoint.
Ironically, an expert quoted in the Zeit article goes on to worry that the Chinese Government as well as the NSA might be able to access data through TPM 2.0; many TPM chips are manufactured in the country.

After years of low-level discussion among security experts, worries over surveillance backdoors have suddenly become a mainstream topic. Last month an Australian report claimed that intelligence services in the ‘five eyes’ alliance (the US, UK, Canada, Australia and New Zealand) had refused to use PCs made by Chinese-founded Lenovo over concerns about “backdoor hardware and firmware vulnerabilities.”

Source http://news.techworld.com/security/3465259/is-windows-8-a-trojan-horse-for-the-nsa-the-german-government-thinks-so/

How to Speed Up Your PC - Tricks Manufacturers Hate

One of the most frustrating things in life is a slow computer.

Every few years, we buy an expensive new PC and love how fast it starts up, runs programs, and loads websites. Inevitably though, it starts to slow down until eventually we are pulling our hair out waiting for it to do routine tasks.

Why is this?  It turns out the answer is actually quite simple and you don't even need to be "technical" to understand the causes and solutions.

The good news: It's not the computer hardware that's the problem. In most cases, the hardware you have is perfectly capable of being restored to its original glory and kept in fast running condition with minimal effort.
Rather, the problem lies with changes that occur to the PC's software. The two most common causes of slowdown (along with easy solutions) are:

1. The most common problem: registry errors

Every time you (or your kids) load a program, game, or file, your PC's software registry is updated with new instructions needed to operate that item. However, when the item is removed, these instructions usually remain on your PC. Every time you run your computer it tries to execute these instructions but, because the related program can't be found, it causes a registry error. Your PC is doing a lot more work than it should be, and the result is a significantly slower computer.

One of the best ways to manage this is with a neat little tool from Support.com, a Silicon Valley based company. It's called ARO 2013 and it scans, identifies, and fixes registry errors —resulting in a computer that's a lot more like it was when you first bought it. On top of the amazing results it offers, it's so easy to install and use that it was recently awarded a coveted 4.5 star rating (out of 5) by CNET's editorial staff, and has been downloaded more than 30 million times.

You can now get a free working version of the software, which will quickly scan your entire PC and identify all of the registry errors that may be bogging it down. The free version also scans for junk and checks your PC's baseline security status. It will eliminate the first 50 errors for free, and if you have more errors that you want to clean up or want to set the program to run on a regular basis (which is recommended), you can easily upgrade to the full version for just $29.95.  After that, registry errors will no longer be a problem.

To get the free version, simply click here.

2. Spyware and viruses

Spyware and viruses are software programs that are loaded on your computer without your knowledge or permission. They have various purposes, including:

• Changing the default search engine in your browser
• Tracking your Web surfing habits and showing you targeted advertising
• Using your email program to send out spam to other email addresses
• Stealing your personal information

Most spyware and viruses get onto our computers through files that we download from the Internet or as attachments to emails. They tend to take up a lot of computing power and, as a result, will significantly slow down your computer.

The simple rule of thumb to follow is to never download any free software programs from companies you do not know and trust, especially screensavers, emoticons, and the like. In addition, you should never open any attachment to an email unless you are 100 percent certain you know and trust the sender. Having a good anti-virus/spyware removal software running at all times will also help.
Follow the above advice, and your PC should stay fast and safe.

How to Speed Up Your PC - Tricks Manufacturers Hate

One of the most frustrating things in life is a slow computer.

Every few years, we buy an expensive new PC and love how fast it starts up, runs programs, and loads websites. Inevitably though, it starts to slow down until eventually we are pulling our hair out waiting for it to do routine tasks.

Why is this?  It turns out the answer is actually quite simple and you don't even need to be "technical" to understand the causes and solutions.

The good news: It's not the computer hardware that's the problem. In most cases, the hardware you have is perfectly capable of being restored to its original glory and kept in fast running condition with minimal effort.
Rather, the problem lies with changes that occur to the PC's software. The two most common causes of slowdown (along with easy solutions) are:

1. The most common problem: registry errors

Every time you (or your kids) load a program, game, or file, your PC's software registry is updated with new instructions needed to operate that item. However, when the item is removed, these instructions usually remain on your PC. Every time you run your computer it tries to execute these instructions but, because the related program can't be found, it causes a registry error. Your PC is doing a lot more work than it should be, and the result is a significantly slower computer.

One of the best ways to manage this is with a neat little tool from Support.com, a Silicon Valley based company. It's called ARO 2013 and it scans, identifies, and fixes registry errors —resulting in a computer that's a lot more like it was when you first bought it. On top of the amazing results it offers, it's so easy to install and use that it was recently awarded a coveted 4.5 star rating (out of 5) by CNET's editorial staff, and has been downloaded more than 30 million times.

You can now get a free working version of the software, which will quickly scan your entire PC and identify all of the registry errors that may be bogging it down. The free version also scans for junk and checks your PC's baseline security status. It will eliminate the first 50 errors for free, and if you have more errors that you want to clean up or want to set the program to run on a regular basis (which is recommended), you can easily upgrade to the full version for just $29.95.  After that, registry errors will no longer be a problem.

To get the free version, simply click here.

2. Spyware and viruses

Spyware and viruses are software programs that are loaded on your computer without your knowledge or permission. They have various purposes, including:

• Changing the default search engine in your browser
• Tracking your Web surfing habits and showing you targeted advertising
• Using your email program to send out spam to other email addresses
• Stealing your personal information

Most spyware and viruses get onto our computers through files that we download from the Internet or as attachments to emails. They tend to take up a lot of computing power and, as a result, will significantly slow down your computer.

The simple rule of thumb to follow is to never download any free software programs from companies you do not know and trust, especially screensavers, emoticons, and the like. In addition, you should never open any attachment to an email unless you are 100 percent certain you know and trust the sender. Having a good anti-virus/spyware removal software running at all times will also help.
Follow the above advice, and your PC should stay fast and safe.

Computer virus tricks man into turning himself in for child pornography

Detailed by ABC affiliate WJLA, police were likely surprised when 21-year-old Jay Matthew Riley of Woodbridge, Virginia strolled into a Prince William police station in order to inquire about any warrants issued for him on child pornography charges. Prior to his visit to the police station, Riley was apparently using his laptop when a “ransomware” window appeared on his screen likely from some form of computer virus on his computer.

Within the window, a message warned Riley that child pornography had been located on his hard drive and he needed to pay a fine or face prosecution from the FBI. This a common scam that attempts to extort money from anyone using the computer, specifically amounts between $200 and $500. Basically, the user is tricked into believing that their computer is unusable unless they enter payment information.

Riley was nice enough to bring his laptop into the police station with him while inquiring about law enforcement’s interest in his online activities. After voluntarily handing over the laptop to authorities, police officers searched the computer and located photos of underage girls in addition to inappropriate conversations with underage girls.

After determining that one of the girls was in fact thirteen and located within the United States, the police executed a search of Riley’s home in order to take possession of all computers and electronic devices.

At this point, police arrested Riley and charged him with “three counts of possession of child pornography, one count of using a communication device to solicit certain offenses involving children, and one count of indecent liberties with a minor.” Riley is being held without bond at this time. When asked about the unusual incident, Prince William County Police spokesman Officer Jonathan Perok said

 “We’ve never had a case like this, I’m safe to say that, But the nature of what we have here is quite significant and severe.”

Source: Digital Trends

Computer virus tricks man into turning himself in for child pornography

Detailed by ABC affiliate WJLA, police were likely surprised when 21-year-old Jay Matthew Riley of Woodbridge, Virginia strolled into a Prince William police station in order to inquire about any warrants issued for him on child pornography charges. Prior to his visit to the police station, Riley was apparently using his laptop when a “ransomware” window appeared on his screen likely from some form of computer virus on his computer.

Within the window, a message warned Riley that child pornography had been located on his hard drive and he needed to pay a fine or face prosecution from the FBI. This a common scam that attempts to extort money from anyone using the computer, specifically amounts between $200 and $500. Basically, the user is tricked into believing that their computer is unusable unless they enter payment information.

Riley was nice enough to bring his laptop into the police station with him while inquiring about law enforcement’s interest in his online activities. After voluntarily handing over the laptop to authorities, police officers searched the computer and located photos of underage girls in addition to inappropriate conversations with underage girls.

After determining that one of the girls was in fact thirteen and located within the United States, the police executed a search of Riley’s home in order to take possession of all computers and electronic devices.

At this point, police arrested Riley and charged him with “three counts of possession of child pornography, one count of using a communication device to solicit certain offenses involving children, and one count of indecent liberties with a minor.” Riley is being held without bond at this time. When asked about the unusual incident, Prince William County Police spokesman Officer Jonathan Perok said

 “We’ve never had a case like this, I’m safe to say that, But the nature of what we have here is quite significant and severe.”

Source: Digital Trends

The Best Free Antivirus Programms 2013

Fortunately there are many free antivirus softwares, many of which are equally well with commercial. So, if you do not want to pay every year for your protection we have chosen and we present 8 of the best free security tools on the Internet. 

Avast Free Antivirus
The program is simple to install. It has a simple interface that makes it easy to use. It is a good idea if you install it on your computer, often swept it in order  to detect any potential threats to your computer, plus,scanning has minimal impact on the performance of your system. Avast is always on the list of the proposed protection programmes from AV-Test (independent organisation). Is one of the widely used software on the computers of the world's most wanted. The only weakness that we have seen to have is in the removal of viruses.

 Panda Cloud Antivirus Free 
Small and simple, Panda Cloud Antivirus is a lightweight tool that provides free real-time protection against viruses, and can be used alongside with many other security tools, without problems.It is the free version of a commercial product, and so has some missing features. The Pro Edition protect you in public Wi-Fi networks.

Emsisoft Emergency Kit
None  antivirus detection rate is guaranteed 100%, and the malware may occasionally slip through your defense. You should always have a second software available. In this case the Emsisoft Emergency Kit is a very good choice. The program runs without installation required, reducing the likelihood of clashing with your permanent antivirus.

ZoneAlarm Free Antivirus + Firewall
ZoneAlarm Free Antivirus + Firewall is daily updated just for the commercial version, which leaves you more exposed to the latest threats, the program provides very good functionality. The only problem that we had in the workshops when we put it on computers, it had to do with the increase of burdens (relatively heavy).

Avira Free Antivirus
A powerful antivirus (high marks from independent laboratories for the detection rates of files) constantly monitors your computer, searching and eliminating any threats. If you choose to install Avira toolbar then you can also have some web tools (antiphishing tool, ad blocker, social networking protection). The problems is that the program has a greater impact on the performance of your computer considering some other tool.

Bitdefender Antivirus Free Edition
Bitdefender is one of the best tools and the favorite of independent testing labs. So if someone is getting a free new version sounds pretty good. But there is a problem. Bitdefender Antivirus Free Edition has no real-time protection, do not check the files that you access or download. The program scans only files, folders or drives when you  request to do so. Bitdefender Antivirus Free Edition can not be the basic antivirus tool,  just occasionally if you scan and it does  not finding anything you can sure that everything ia allright.

AVG Free Antivirus
AVG Free Antivirus is a package with good features: antivirus engine, e-mail scanner, identity theft protection, and Surf-Shield for LinkScanner which keeps you safe online. It has an intuitive design interface which means that you can perform the most common operations in one or two clicks. AVG Free Antivirus gets mixed reviews about its effectiveness. Our own view is that it is a very good tool, and one of the most powerful free antivirus packages.


Source: http://www.freeware-files.com/technology-news/security/472-the-best-free-antivirus-programms-20013

The Best Free Antivirus Programms 2013

Fortunately there are many free antivirus softwares, many of which are equally well with commercial. So, if you do not want to pay every year for your protection we have chosen and we present 8 of the best free security tools on the Internet. 

Avast Free Antivirus
The program is simple to install. It has a simple interface that makes it easy to use. It is a good idea if you install it on your computer, often swept it in order  to detect any potential threats to your computer, plus,scanning has minimal impact on the performance of your system. Avast is always on the list of the proposed protection programmes from AV-Test (independent organisation). Is one of the widely used software on the computers of the world's most wanted. The only weakness that we have seen to have is in the removal of viruses.

 Panda Cloud Antivirus Free 
Small and simple, Panda Cloud Antivirus is a lightweight tool that provides free real-time protection against viruses, and can be used alongside with many other security tools, without problems.It is the free version of a commercial product, and so has some missing features. The Pro Edition protect you in public Wi-Fi networks.

Emsisoft Emergency Kit
None  antivirus detection rate is guaranteed 100%, and the malware may occasionally slip through your defense. You should always have a second software available. In this case the Emsisoft Emergency Kit is a very good choice. The program runs without installation required, reducing the likelihood of clashing with your permanent antivirus.

ZoneAlarm Free Antivirus + Firewall
ZoneAlarm Free Antivirus + Firewall is daily updated just for the commercial version, which leaves you more exposed to the latest threats, the program provides very good functionality. The only problem that we had in the workshops when we put it on computers, it had to do with the increase of burdens (relatively heavy).

Avira Free Antivirus
A powerful antivirus (high marks from independent laboratories for the detection rates of files) constantly monitors your computer, searching and eliminating any threats. If you choose to install Avira toolbar then you can also have some web tools (antiphishing tool, ad blocker, social networking protection). The problems is that the program has a greater impact on the performance of your computer considering some other tool.

Bitdefender Antivirus Free Edition
Bitdefender is one of the best tools and the favorite of independent testing labs. So if someone is getting a free new version sounds pretty good. But there is a problem. Bitdefender Antivirus Free Edition has no real-time protection, do not check the files that you access or download. The program scans only files, folders or drives when you  request to do so. Bitdefender Antivirus Free Edition can not be the basic antivirus tool,  just occasionally if you scan and it does  not finding anything you can sure that everything ia allright.

AVG Free Antivirus
AVG Free Antivirus is a package with good features: antivirus engine, e-mail scanner, identity theft protection, and Surf-Shield for LinkScanner which keeps you safe online. It has an intuitive design interface which means that you can perform the most common operations in one or two clicks. AVG Free Antivirus gets mixed reviews about its effectiveness. Our own view is that it is a very good tool, and one of the most powerful free antivirus packages.


Source: http://www.freeware-files.com/technology-news/security/472-the-best-free-antivirus-programms-20013

Is the Government Spying On You Through Your Webcam?

We documented earlier today that - if you are near your smart phone – the NSA or private parties could remotely activate your microphone and camera and spy on you.

This post shows that the same is true for our computer.

Initially, the NSA built backdoors into the world’s most popular software program – Microsoft Windows – by 1999.

And a government expert told the Washington Post that the government “quite literally can watch your ideas form as you type” (confirmed). Even that is just “the tip of the iceberg”, according to a congress member briefed on the NSA’s spying program.

The New York Times reported in 2011 that German police were using spyware to turn on the webcam and microphone on peoples’ computers:

A group that calls itself the Chaos Computer Club prompted a public outcry here recently when it discovered that German state investigators were using spying softwarecapable of turning a computer’s webcam and microphone into a sophisticated surveillance device.

The club …announced last Saturday it had analyzed the hard drives of people who had been investigated and discovered that they were infected with a Trojan horse program that gave the police the ability to log keystrokes, capture screenshots and activate cameras and microphones.

Reuters documented last year that the U.S. and Israeli governments can remotely turn on a computer’s microphone:

Evidence suggest that the virus, dubbed Flame, may have been built on behalf of the same nation or nations that commissioned the Stuxnet worm that attacked Iran’s nuclear program in 2010 [i.e. the U.S. and Israel], according to Kaspersky Lab, the Russian cyber security software maker that took credit for discovering the infections.

Kaspersky researchers said they have yet to determine whether Flame had a specific mission like Stuxnet, and declined to say who they think built it.

Cyber security experts said the discovery publicly demonstrates what experts privy to classified information have long known: that nations have been using pieces of malicious computer code as weapons to promote their security interests for several years.

***

The virus contains about 20 times as much code as Stuxnet, which caused centrifuges to fail at the Iranian enrichment facility it attacked. It has about 100 times as much code as a typical virus designed to steal financial information, said Kaspersky Lab senior researcher Roel Schouwenberg.

Flame can gather data files, remotely change settings on computers, turn on PC microphones to record conversations, take screen shots and log instant messaging chats.

Kaspersky Lab said Flame and Stuxnet appear to infect machines by exploiting the same flaw in the Windows operating system and that both viruses employ a similar way of spreading.

***

“The scary thing for me is: if this is what they were capable of five years ago, I can only think what they are developing now,” Mohan Koo, managing director of British-based Dtex Systems cyber security company.

PC Magazine tech columnist John Dvorak writes:

From what we know the NSA has back door access into Apple, Microsoft [background], and Google. What kind of access we don’t know, but let us assume it is similar to what they did about 7 years ago to AT&T. They had a secret room at Fulsom St. in San Francisco and the AT&T engineers had no control and no access to a room full of NSA equipment that had direct access to everything AT&T could do.

Microsoft is the source of the operating system for Windows and Windows cell phones. Apple controls the OS for Macs, iPhones, and iPads. Google controls the Chrome OS, Chrome Browser, and Android cell phones. The companies regularly push operating system upgrades and security updates to users on a regular basis.

Imagine however that the NSA has access to these updates at the source and has the ability to alter these update in order to install some sort of spyware on your phone, tablet, or computer. The software could turn on your camera or microphone remotely, read all your private data, or erase everything and brick your phone or computer.

Moreover – as documented by Microsoft, Ars Technica, cnet, the Register, Sydney Morning Herald, and many other sources – private parties can turn on your computer’s microphone and camera as well.

Cracked noted in 2010:

All sorts of programs are available to let you remotely commandeer a webcam, and many of them are free. Simple versions will just take photos or videos when they detect movement, but more complex software will send you an e-mail when the computer you’ve installed the program on is in use, so you can immediately login and control the webcam without the hassle of having to stare at an empty room until the person you’re stalking shows up.

The bottom line is that – as with your phone, OnStar type system or other car microphone, Xbox, and other digital recording devices – you shouldn’t say or do anything near your computer that you don’t want shared with the world.

Postscript: You could obviously try to cover your webcam and microphone when you don’t want to use them.

But if you really want privacy, take a lesson from spy movies: Go swimming with the person you want to speak with … since electronics can’t operate in water.

Is the Government Spying On You Through Your Webcam?

We documented earlier today that - if you are near your smart phone – the NSA or private parties could remotely activate your microphone and camera and spy on you.

This post shows that the same is true for our computer.

Initially, the NSA built backdoors into the world’s most popular software program – Microsoft Windows – by 1999.

And a government expert told the Washington Post that the government “quite literally can watch your ideas form as you type” (confirmed). Even that is just “the tip of the iceberg”, according to a congress member briefed on the NSA’s spying program.

The New York Times reported in 2011 that German police were using spyware to turn on the webcam and microphone on peoples’ computers:

A group that calls itself the Chaos Computer Club prompted a public outcry here recently when it discovered that German state investigators were using spying softwarecapable of turning a computer’s webcam and microphone into a sophisticated surveillance device.

The club …announced last Saturday it had analyzed the hard drives of people who had been investigated and discovered that they were infected with a Trojan horse program that gave the police the ability to log keystrokes, capture screenshots and activate cameras and microphones.

Reuters documented last year that the U.S. and Israeli governments can remotely turn on a computer’s microphone:

Evidence suggest that the virus, dubbed Flame, may have been built on behalf of the same nation or nations that commissioned the Stuxnet worm that attacked Iran’s nuclear program in 2010 [i.e. the U.S. and Israel], according to Kaspersky Lab, the Russian cyber security software maker that took credit for discovering the infections.

Kaspersky researchers said they have yet to determine whether Flame had a specific mission like Stuxnet, and declined to say who they think built it.

Cyber security experts said the discovery publicly demonstrates what experts privy to classified information have long known: that nations have been using pieces of malicious computer code as weapons to promote their security interests for several years.

***

The virus contains about 20 times as much code as Stuxnet, which caused centrifuges to fail at the Iranian enrichment facility it attacked. It has about 100 times as much code as a typical virus designed to steal financial information, said Kaspersky Lab senior researcher Roel Schouwenberg.

Flame can gather data files, remotely change settings on computers, turn on PC microphones to record conversations, take screen shots and log instant messaging chats.

Kaspersky Lab said Flame and Stuxnet appear to infect machines by exploiting the same flaw in the Windows operating system and that both viruses employ a similar way of spreading.

***

“The scary thing for me is: if this is what they were capable of five years ago, I can only think what they are developing now,” Mohan Koo, managing director of British-based Dtex Systems cyber security company.

PC Magazine tech columnist John Dvorak writes:

From what we know the NSA has back door access into Apple, Microsoft [background], and Google. What kind of access we don’t know, but let us assume it is similar to what they did about 7 years ago to AT&T. They had a secret room at Fulsom St. in San Francisco and the AT&T engineers had no control and no access to a room full of NSA equipment that had direct access to everything AT&T could do.

Microsoft is the source of the operating system for Windows and Windows cell phones. Apple controls the OS for Macs, iPhones, and iPads. Google controls the Chrome OS, Chrome Browser, and Android cell phones. The companies regularly push operating system upgrades and security updates to users on a regular basis.

Imagine however that the NSA has access to these updates at the source and has the ability to alter these update in order to install some sort of spyware on your phone, tablet, or computer. The software could turn on your camera or microphone remotely, read all your private data, or erase everything and brick your phone or computer.

Moreover – as documented by Microsoft, Ars Technica, cnet, the Register, Sydney Morning Herald, and many other sources – private parties can turn on your computer’s microphone and camera as well.

Cracked noted in 2010:

All sorts of programs are available to let you remotely commandeer a webcam, and many of them are free. Simple versions will just take photos or videos when they detect movement, but more complex software will send you an e-mail when the computer you’ve installed the program on is in use, so you can immediately login and control the webcam without the hassle of having to stare at an empty room until the person you’re stalking shows up.

The bottom line is that – as with your phone, OnStar type system or other car microphone, Xbox, and other digital recording devices – you shouldn’t say or do anything near your computer that you don’t want shared with the world.

Postscript: You could obviously try to cover your webcam and microphone when you don’t want to use them.

But if you really want privacy, take a lesson from spy movies: Go swimming with the person you want to speak with … since electronics can’t operate in water.