Latest Stupid Erdogan Move – Turkey Blocks Twitter

Somewhere within the Turkish Government surely there must be someone who is able to tell PM Recep Tayyip Erdogan,  that his latest tactic of blocking social networking sites is incredibly stupid.  Unfortunately it would seem not,  as  that is exactly what has happened within the last twelve hours.

Here’s an example of what happens if you now try to visit the social networking site Twitter using a Turkcell mobile phone.   The same thing happens if you try and access from any other device, a fact which I have confirmed with several friends who live on the Turkish coast and in Istanbul.

Twitter Blocked by ErdoganIt has been made legally possible by a dodgy piece of legislation passed last month by the Government which allows websites to be blocked on a variety of spurious reasons and without the need of a court order which was previously required.

The main reason (as always) why the Turkish leader hates social networking sites so much is because they are used to distribute the numerous allegations of corruption within his government.

Twitter was used to distribute the phone call recordings which allegedly take place between Erdogan and his family discussing where to hide various large sums of money from the corruption investigations.  The PM denies this allegations and insists these recordings have been faked, but they are making him very mad indeed.   There are apparently some more recordings to come, which happily this block  will have virtually no effect on whatsoever.

It is of course utterly pointless to block access to these sites for a variety of reasons – which many corrupt leaders have found out to their costs.   Here’s some of the more obvious ones -

  • Thousands of alternatives available to distribute information
  • Looks like an admission of guilt
  • Lots of ways to bypass the blocks quickly and easily (Identity Cloaker for one)
  • International condemnation – not a way to run a democratic republic!

It will be interesting to watch over the next few weeks, if Erdogan keeps on this track and blocks access to even more social sharing sites.  In reality it will probably have little effect other than to galvanise the opposition and attract even more international criticism.   He may however take notice that his technical efforts have been of limited effect domestically,  the number of tweets sent within the country has not even fallen!  Blocking access to these sites just makes you look like you have something to hide, expect to see increased protests and opposition if he chooses this route. Turkey are of course unfortunately already noted for their level of censorship, these blocks only bring the eyes of the world down on his undemocratic censorship.   In any event, the only really effective method to restricting access to sites like Twitter is to block the entire internet, a bit  like North Korea or move up to the sort of solution China has employed to block access, needless to say this would not be a popular move!

The Complete Lack of Facebook Privacy

Some of us older people, well certainly me tend to take some care when typing in messages and emails to other people.  Similarly on Facebook and forums I tend to take a little time to think what my posts will look like.  It may be just me being over cautious but I often type, delete and retype several times.

Facebook Lack of Privacy

 

So this is fine but how would you feel to know that Facebook actually logs and records every keystroke you make, irrespective of whether you decide to post it.  That ill thought out message to your ex-girlfriend which you managed to stop yourself sending, that ‘piece of your mind’ that you nearly sent to your boss after two bottles of red wine,   that’s it everything.  Pressing the delete key or not pressing the send/publish key is irrelevant as soon as you hit those keys then Facebook has logged it.

Personally I find this horrific, I mean if you don’t post something why the hell should Facebook be recording it.  I’m fine with  this technology that handily converts that URL into a little thumbnail as you type but not that it records every piece of drivel that I stop myself posting at 1AM after a night out.

It’s hugely intrusive and just another example of how there’s going to be nowhere to even say anything online soon without it being logged and recorded on a series of ‘Big brother’ type databases designed to either sell us crap or passed on to the thought police in case we’re not thinking the right things.

I’m slowly getting more and more worked up about this, so for the sake of my blood pressure I’ll just leave you with a link.  If you want to stop Facebook recording your every unpublished thought, message or status update and storing it for presumably commercial means then I urge you to sign it.

Click Here to Sign the Petition – STOP FACEBOOK SPYING ON US !!!!

What is SSL? Is it Secure and Safe?

Most of us I hope, appreciate that very little of what we do online is private. The astonishing rise of the web over the last two decades has come at a price and that price is our privacy. The majority of our communication takes place over HTTP (Hyper Text Transport Protocol) a wonderful invention that has allowed a myriad of platforms to come together and talk to each other using the worldwide shared infrastructure that is the internet.

You see HTTP operates completely in clear text, meaning that requests, web visit and communications are instantly readable by anyone with a mind to intercept it. My next door neighbor sits next door browsing the web using his unprotected Wireless connection, completely oblivious to the fact that I can see every site he visits, and yes he does spend a lot of time on porn sites for a seventy year old !! Obviously he could put up layers of protection by using encryption on his wireless network but the fact remains that all his browsing is logged on his ISP and transmitted in clear text across lots of shared routers, switches and cables.

That in itself is worrying enough, and the reason that Governments can pretty much capture all the personal data they need with a well positioned switch or cable tap. But there’s one area that is even more worrying particularly to those using free proxy and VPN sites distributed across the internet.

That area is SSL, the little layer of security bolted onto to HTTP(S) to encrypt our most important transactions. We are told to look for the little padlock in the corner of our browser when we connect to a payment site, or need to input usernames and passwords. SSL will keep us safe so we are told, unfortunately as I’m going to show you that’s simply not the case.

But first an interlude, have you ever wondered about how your request gets to a web site? What route does it take, how many points physically does it touch before it reaches the intended server. Well it’s east to find out – just look at this. Start a command prompt, type ‘command’ in the search box in most windows versions then type the command ‘tracert’ and a web address.

Tracert CommandYou should see something like this, a series of steps that your web request takes.  The first ‘hop’ will be my router, then through my ISP and then out onto the internet via a host of switches and gateways owned by a wide variety of individuals, companies and organisations.  Any of which have complete access to my data if they wished to intercept it for whatever reason.  The example is to Paypal so my username and account details are also being trusted to the owners of those devices.

This is of course, very concerning and why SSL (Secure Socket Layer) was developed to at least provide some protection to the most sensitive data transmissions.  We use SSL a lot now, and that little key we are told to look for is becoming increasingly important to maintaining some privacy and security especially if we’re conducting any sort of financial transaction online.  Buying Christmas presents from Amazon, checking out bargains in EBay or paying our bills through online banking – all use SSL to encrypt the data we send.  You can see the security being implemented on any site now that needs to process payments or usernames, here’s me logging into Paypal.

HTTPS Protected SSL

In the top left you can see, the familiar padlock and the fact the web site begins HTTPS, the S denoting the secure layer protecting your login.  So we’re all safe and protected?

Well no not quite – let me introduce a neat little program from a company called Komodia who provide a series of security applications and development platforms.   Available on their site is a free SSL sniffer which can sit and sniff all the traffic that travels through your connection and decrypt it on the fly – including all  that super secure traffic protected by your HTTPS connection.

Here’s me running it whilst logging into check my Paypal account -

SSL Sniffer

Using Komodia’s sniffer program I can look at all  the data flowing through  my connection, what’s more it decrypts the SSL connection too.  All the encrypted data is unencrypted and is visible in clear text, in the example above my paypal password and login details were perfectly visible.  Anyone with those details could have logged on to my account and made payments linked to my debit and credit cards!

Obviously I have blanked this out to protect my account details but it’s very easy to check for yourself.   You can download the sniffer for free from Komodia here.  It requires little technical knowledge and is very easy to use – using it you can harvest any usernames and passwords that are supposedly  protected by a HTTPS connection.  All you need is access to the data.

This is one reason that you should never, ever use those free proxies, dodgy wireless connections in Coffee shops and anywhere else you feel your data may be at risk.    Only use proper well run and secure ones even to just access things like the BBC like this, and don’t access any accounts from untrusted devices and networks.

IN truth there is little security available by default online, but common sense can go a long way to stopping the misery of becoming a victim of identity theft and online crime.

How to Use a BBC Iplayer Proxy Abroad

You may have noticed that many of the big web sites have decided that they are not too keen on this big, free, sharing model of the internet.  Not so long ago you could log in to a machine anywhere in the world and surf around with impunity – but not any longer.

The businesses involved have decided they prefer a sort of restrictive model that also makes them lots of cash. So now people get filtered based on their location  - for example forget watching BBC Iplayer abroad in the US or Japan for free, it’s not going to happen (well not without some sneakiness of course). Yep and the loveable BBC have decided against the public spirited World Service model of sending out their content for free, instead they restrict it just to people in the UK. This is especially annoying for the people like me who already pay the license fee but can’t watch the BBC when they’re out of the country.

But don’t worry here’s a way which will allow you to access anything you like including the BBC, Hulu irrespective of your location.  It doesn’t matter where you’re based, you can choose.  The solution works in most scenarios so for an example – here’s how to use a proxy to access BBC Iplayer outside the UK.

BBC Iplayer Proxy Workaround.

Firing up BBC Iplayer outside the UK you’ll pretty soon try and watch something and be greeted with the following message.

How to Watch BBC IPlayer by Proxy

Ha Ha No IPlayer for You

It looks like some technical wizardry of the highest order, but fortunately for us it’s not.  When we connect to BBC Iplayer, the site records your IP address and looks up which country it’s registered in – if it’s a UK address the show will start playing otherwise you get the above platitude.

Now for these illustrations I’m going to use my subscription to Identity Cloaker, you can theoretically use free UK proxies for this though. Unfortunately finding any free proxies capable of streaming video is a full time occupation but if you try it – good luck !!

Choosing a UK Proxy for IPlayer

Choose a UK Proxy for IPlayer

I just open Identity Cloaker and scroll down to select one of the UK proxies and that’s it.  From this point even though I’m connecting through the Wifi at an overpriced Spanish hotel in Barcelona – it doesn’t matter.  The BBC will think I’m in the UK as it looks at the IP address of the proxy server and not mine.

So using a BBC Iplayer proxy works incredibly well, here’s what I see now.

BBC Iplayer in Spain

Latest Dr Who from BBC Iplayer

Here’s a video of the process …that I hope explains it.

Instead of the warning when watching BBC Player using a proxy I get the play button and can watch whatever I want.  In fact the IP check is at start of the show so if I need to I can just disconnect from the proxy using Identity Cloaker software and stream it directly through my Spanish connection.

Is it enough to cheer me up after just having my wallet stolen in a Barcelona bar?   Well probably not but being a fanatical Dr Who fan it might just save me from an evening spent drowning my sorrows drinking overpriced San Miguel from the Minibar.

(Note to all visiting Barcelona  - if some nice couple seem overly concerned about marks you have on the back of your jacket and offer to help you.  Then punch them/call police – you are having your wallet stolen – yes I did fall for it!) 

Just for the record – you can use a free proxy for this, the reason a legendary skinflint like me doesn’t is simple.  It generally takes several hours of searching to find a fast enough UK proxy to stream from the BBC Iplayer site.  That actually wouldn’t be too bad if you only had to do it once but the  next day it will almost certainly have disappeared.  For a one off it might be worth it though.

Here’s the link for Identity Cloaker – I can recommend the 10 day trial if you’re just away on a trip or holiday, or just to see if it works.  There are loads of other services who offer something similar though, but this is simply the one I found to be fastest and best value.

If you want to watch using an Ipad – try this post about watching BBC Iplayer on the Ipad Abroad.

Updated -20/11/2013

Using a French Proxy for M6 Replay

France Ip

A couple of years ago I spent a small fortune on a French Language course issued by the BBC for my eldest son.  He was struggling with French at school so I bought this course which was based on the adventures of some cartoon character called Muzzy.  It was pretty boring in French and English and my son hardly watched it at all, much to my annoyance !  What I should have done though is introduced him to the wonderful media channel based in Paris called M6 Replay.

If  you live outside France you’ve probably never tried it as you need a French proxy to access it.  However it’s a wonderful site and has all the top US and European shows as well as some French stuff.  On it you can find the shows like the Simpsons that teenagers actually like but they are all dubbed into French.

It’s a great way to practice and learn your vocabulary and it’s way more interesting that the frankly rather boring BBC character Muzzy – pictured here.  The site is really slick and well designed and just really features all the shows and films that the channel broadcasts throughout France.

Getting Access to M6 Replay Through a French Proxy Server

So if you do try and access the media site from anywhere outside France you’re going to get blocked by default.  The site looks up your IP address when you connect and if it’s in France  you’re ok but if you are not then you’ll get the following warning.

Which in case you’re interested says something like  - “This video is unavailable.  Please try and access it later

But it’s not worth it as you’ll always get blocked as long as you are connecting from a Non-French IP address.  However as we have seen with lots of other media sites across the planet – this is relatively easy to bypass as long as you have access to a proxy or VPN server that is  based in France.

Now you can find these online if you search hard enough, but the problem with the free ones is that they’re not very safe and most of them are so overloaded that it’s impossible to stream video across them.  So if you want to access M6 replay or any French sites often then it would make sense to invest in a a private proxy service.  There’s a few with French servers but make sure you check first before subscribing to any of them.

To illustrate I’m going to show you how I use my copy of the security software Identity Cloaker to access m6 Replay.   It has a selection of different proxy servers included in the subscription there are UK, US, European and Australian proxies including some French proxies too.

 

You can see in this graphic the user screen of Identity Cloaker, all you need to do is to scroll down the list and select one the French servers and then press connect.  As soon as you do this you’ll be connected through a secure SSH tunnel to one of the companies Paris based servers.   Identity Cloaker is primarily security software which also encrypts your connection – if you’re just watching video then you should turn the encryption off at the bottom of the screen.

Now when you go to the M6 Replay site instead of seeing your IP address they will see the address of the Identity Cloaker proxy server.   As long as you have selected one of the French servers the site will think you are based in France and not block access to any of the content.

As I mentioned it is possible to find French proxy servers which you can connect manually too, unfortunately it’s fairly difficult to find suitable ones.  If you want to try have a look at this site which lists open proxies by country – http://proxy.org/proxies_sorted.shtml they change by  the hour though so keep checking back.

Just put a video up showing this process on YouTube – it’s entitled – French TV Online.  Here’s the video with a step by step guide to accessing the M6 Replay site.

For those who don’t have hours to spend searching there are lots of commercial alternative which offer fast, secure and safe proxies in a variety of countries.  Here’s the service I recommend - Identity Cloaker, it’s inexpensive and extremely easy to use – the program sits in your task bar and you can switch proxy servers at the click of the button.  Try the 10 day trial first to see if you like it – you’ll find it opens up so many possibilities with proxies all across the world including a French Proxy !

Updated – Just checking – August 2nd, 2013 – still working for M6 Replay

Watching Coronation Street on ITV Player Abroad

Well this post might seem a little trivial but for my better half, it’s the first interesting thing I’ve posted in 8 years of blogging. The title says it all – how can you watch Coronation Street using the ITV player application when you’re outside the UK. In this instance we’re in France for a romantic break (and yes that seems to include watching Coronation Street on my laptop!), and such are blocked from a whole host of UK only websites including the ITV player site.

Anyway here’s the video I made using the excellent Screencast-O-Matic, this application is well worth using if you ever need to make any videos or screen casts.

That’s all there is to it, quickly change your IP address to a UK one and then you can watch ITV Player (or BBC Iplayer) wherever you happen to be. What’s more at the same time you’re protecting your internet connection and personal details whilst accessing the web through some unknown Wi-fi connection. Remember though to fully protect your connection you need to ensure the encrypt connection button is highlighted in Identity Cloaker, you don’t need to encrypt Coronation Street though!

Change Encryption Level

Change Encryption Level

If you need it only for a short trip or want to test it first – you can try the 10 day trial out here.

Keep the World Free, Well at Least the Net…

Interested in the future of the internet? I suspect it’s being fought out in the land of the free. Not keen on being spied on?
Please, Please, Please – Watch the video and then support these guys – Demand Progress

Check out this post on using Smart DNS to obscure your location, although for privacy a VPN is better.

Vietnam’s Persecution of Bloggers

So ok, bloggers can be annoying. Very often we sound a bit full of ourselves, perhaps we’ve checked our stats and  found that 10 new people have subscribed and got a bit carried away.   In many countries, there’s a host of attention seeking, self important rubbish riters (sic) who couldn’t get published anywhere else….

But the important point is that people get a voice, anyone gets to state their opinion – a blog is somewhere to put your point across.  It’s somewhere to protest, to complain, in biblical terms it gives a voice to the meek – and we know what they’re supposed to inherit.

Well Just Cheese

Vietnam know how important the opinion of bloggers is, which is why they actively persecute anyone who speaks out against them.  The country is only second in the world in the league table of imprisoning blogger and dissidents – of course China is first.

Imprisoning bloggers sounds bizarre, especially by a country where you might be considering taking your next holiday.  So what is a blogger, why are they so dangerous? Well here’s some definitions, just grabbed at random from the web – ‘cos that’s what we do.

  • a blog is a personal journal

Do you know – I think I’ll leave it at that.  It’s not complicated it just involves speaking online about things you want to talk about.  But I need a list so instead, here’s one of  bloggers who have been jailed in Vietnam.

I’ve tried to post relevant links in each case, but there is always much more to the story.  I urge you to google any of the above names and be both inspired and saddened by their stories.   They’re all being imprisoned for very long terms simply because of what they said online – they’re also not alone!  In fact there are at least 35 bloggers/thinkers/scholars and writers who are imprisoned for no very good reason in Vietnam.

Simply put they should be free – here’s the petition…

vietnam-bloggers

 

What Information is Hidden on My PC?

The majority of people who just use the internet every day for browsing, shopping and entertainment probably imagine that they have quite a decent level of privacy by default.    They probably expect that there browsing is private, passwords are secure and emails confidential at least to a certain extent.  Unfortunately the reality is a completely different story.

The problem is that people are blissfully unaware of simply how much of their online lives is completely open and unprotected.    Take for example your computer or laptop,  most people’s are stuffed with all sorts of web browsing history, passwords, login details and a host of other stuff often going back years.

So here’s something to try if you’ve got a spare few minutes – download this free computer forensics tool – here.

It’s called Systems Information for Windows and is a pretty advanced tool for scanning your computer and analysing detailed information about it.   It takes minutes to run and in fact doesn’t even need installing as it runs from a stand alone executable.

Passwords on Your PC

Here’s a screen shot that it picked up from my laptop.  Although obviously I needed to censor it – every single line in that picture contains a website I accessed and the password I used to access the site.  SIW picked up hundreds of these all stuffed with personal details, login accounts and even the passwords I used to access.

Try it on your laptop and PC – you’ll be amazed at what information can be picked up from your computer.

Here’s a selection of the sort of passwords and login details it can pick up -

  • Screen Saver Passwords
  • Windows Logons
  • RAS Passwords (Remote access and Dial UP for your ISP)
  • Outlook (Email accounts)
  • Firefox, Chrome and IE passwords
  • MSN and Messenger Passwords
  • Wireless Keys (WPA, WEP, WPSK, SSID)
  • FTP Login Details

That’s only a sample, all stored on your local machine – all easily accessible to anyone with access to the computer either physically or remotely.

I urge you to take a look and see how much of that information you are potentially leaking to the world.  Most people will see lots of details and passwords that they would consider private.

Also remember this is the free version of the software – there are plenty of professional tools floating around the internet used by hackers and forensic scientists that can pick up much much more.

What sort of problems could this cause you if the information fell into the wrong hands – perhaps an identity thief or hacker.  Perhaps run from a virus or when you accessed free Wifi from that cafe last week.  Email passwords, Paypal, Ebay or banking details can be used very easily to steal and defraud.

Even if a sensitive website doesn’t appear in the list – how many of us use the same password for our online banking or Paypal that appears in the list?

There are privacy modes in most modern browsers that stop this information leaking out, security programs like IDC keep your connection secure and free programs like CCleaner can be used to tidy up your computer to start with.   Ultimately knowledge and some awareness of the (lack of) privacy situation online is your best defence – a little paranoia is definitely called for when you surf the web!

 

Not So Secret UK Monitoring Station

Thanks again to Edward Snowden, we are getting at least some idea of how much privacy we have online. The answer is virtually nothing and the justification is of course one of the following -

  • in the national interests
  • to combat terrorism

Being Watched?

We know most major Governments are heavily involved in intercept web traffic, but it still is sometimes surprising at the actual scale of this. The reality is that most things we do online are relatively insecure, there is virtually no inherent security in most online activities. It’s relatively trivial for security agencies to intercept email for example – here’s a primer on email security.  Web traffic is the same, it travels in clear text over shared hubs, switches, routers and cables – at any point it can be siphoned off and copied.

We already know that the majority of internet traffic passing through the UK is logged, recorded and copied.  It’s not any real surprise to learn that the UK has a major surveillance station set up in the Middle East.  The station was apparently set up by GCHQ under warrant signed by the Foreign Secretary – David Milliband. The authorisation allowed GCHQ to monitor and store data passing through the cables linking up the internet in the Middle East.  Quite under what authority the UK Government has to authorise monitoring internet traffic in the middle east is fairly unclear.

As yet no specific details have been released to either the location or the extent of this monitoring station, however it is fairly safe to assume it would be dealing with a large proportion of Middle Eastern internet traffic.  In addition this station allegedly has access to the submarine cables which link the major land data centres across the various continents.  If this was true the station would have access to  the majority of internet traffic exchanged with the West and the Middle East.

Internet Cable Map

Are these stations right? I guess many of us have differing opinions on whether the end justifies the means.  There is no doubt though that our own personal privacy is being largely ignored in this electronic secret war.  It seems that security agencies will happily set up these stations to monitor us with little regards to any legislation or laws protecting our privacy.  Certainly GCHQ does not seem concerned with legislation and laws regarding privacy in other areas.

The reality is that unless you use some sort of external security programs methods like encryption or using a fake IP address then you should assume that everything you do online is going to be logged and recorded.  It’s probably going to far to say that your activities will be analysed or even monitored to any great extent purely because of the huge amount of data logged.  It is impossible for any security agency to currently analyse all the data that they siphon off from the net.  We all have some sort of security by obscurity unless we do something to trigger the interest of a security agency.