Select Sidearea

Populate the sidearea with useful widgets. It’s simple to add images, categories, latest post, social media icon links, tag clouds, and more.

Follow Us:

Call Now! + (224) 829-0054

What Evil Lurks Within!

What Evil Lurks Within!



When you think about the fact that Microsoft, Google, ISPs, the NSA and gosh knows who else is spying on you, it’s almost creepy.  To know that something is going on inside your devices that allows such activity to take place. It’s like knowing someone is watching you but you don’t know which curtain or blind to close. This is probably the most disturbing part of the whole Snowden disclsoure and all the information that has come out since.

I feel violated.

As if some creepy neighbor were hanging out in my cherry tree with binoculars aimed at my bedroom window.  You know what I mean?

Well, as fate would have it, just prior to the disclosure of the NSA spying, I was trying to connect to my students VPN when I accidentally reset my ESET firewall settings. I mean reset it to the point where I was getting a pop-up message every time something wanted to connect to the Internet. And after I started noticing what was going on, I have never set it back to the automatic settings!

This is what I meant when I said in Monday’s post that I was going to ‘pull a Snowden’ and disclose to you what I’ve found lurking in the background of my computer. There are going to be several of these posts because there has been a lot of activity over the past month!

But first, let me recap a few talking points you may have heard in the news.

For a complete timeline of the Edward Snowden events, the Guardian has an excellent outline: http://www.theguardian.com/world/2013/jun/23/edward-snowden-nsa-files-timeline

The item I want you to remember for the purposes of this post, is the original story about the size of the PRISM program and the major players involved.  You’ll remember that one of the earliest articles said:

PRISM enabled “direct access from the servers of these US service providers: Microsoft, Yahoo, Google, Facebook, Paltalk, AOL, Skype, YouTube, Apple“.
Source: http://www.theguardian.com/world/2013/jun/07/prism-tech-giants-shock-nsa-data-mining

In that article, the tech giants mentioned flatly deny any knowledge of the program and vehemently deny giving the government access. Microsoft is one of them.

Then, Snowden reveals more information that is said to prove that Microsoft has given the NSA the encryption keys.

The Guardian then went on to report that according to documents provided by Snowden, Microsoft gave the NSA the encryption keys which aided them in their spying.  Again, Microsoft continues to deny such activity and has gone so far as to join in a lawsuit requesting that the NSA allow them to disclose the aggregate data on information they provide. (See eWeek article: Microsoft Responds to Growing NSA Spying Scandal)

Note that the lawsuit is asking for the permission to release “aggregate” data. That’s not comparing apples to apples folks. Aggregate data is just a summary of loosely defined categories and not the whole fruit salad that created this mess. If the tech giants win the lawsuit, we’re not going to be given any real data that tells us much about the extent of how our lives have been infiltrated in the name of national security.

That said, if you’ve followed me for any reasonable length of time, you will also remember that not only in my very early newsletters from back in the 90’s, under my previous company name – MICE Training & Technology – I repeatedly told you how Microsoft themselves were spying on us. (Side note: Those early html newsletters are being converted to PDF and will appear on our site soon.)  Microsoft has lied to us repeatedly so I have no reason to believe anything other than what Snowden has said is true.

Now, take all of that background information and add to it my newest discovery and you decide.

Remember I said that I reset my ESET firewall to notify me of anything requesting access while trying to troubleshoot my student VPN server? Well, you can imagine my surprise when I went to install a software program – totally unrelated to Microsoft – and I get this pop up notification:

Microsoft Windows Explorer asking for Internet Access


I looked up this IP address and it belongs to Comodo. Because it’s pointing to ocsp.usertrust.com I’m assuming it’s checking for a code signing certificate or something?  And if you think it is, think again, because if I deny the access, I still can install the program! So just what is Microsoft Windows Explorer wanting access for?  You would think that if it require certificate verification it wouldn’t allow the installation when I clicked “Deny.”

I was reinstalling Artisteer because I had to uninstall it to fix a problem on my computer. But since Microsoft Explorer has repeatedly shown up any time I try to install (and sometime just run) a program, I temporary allowed it and ran a packet capture to see what was being shared but as of yet, I’ve not gone through the entire set of packets.

I have other software requesting access that I will be showing you throughout the next set of posts and I will be going through the packet capture in my spare time this weekend. I will report back what I find.

But you’d be amazed at how much activity is going on in the background of your computer. I’m beginning to consider disconnecting the Internet connection and only using it when I have to have access for my work.

Now you decide for yourself whether or not Microsoft is believable when they say they protect your privacy.