This is the explanation that the goverment gave to a petition to stop any police forces hacking and search any computer remotely without a court warrant:


The Government is committed to ensuring that when public authorities need, in the course of an investigation, to breach someone’s right to privacy they do so only when it is necessary and proportionate, and in line with respect for human rights. The Regulation of Investigatory Powers Act 2000 and the Police Act 1997 respectively enable the police to conduct intrusive surveillance (covert surveillance in private houses and vehicles) and to interfere with private property (such as computers) subject to strict conditions and limitations that meet these requirements. Under these Acts authority to proceed is given not by a court warrant but either by senior officer internal authorisation subject to oversight exercised by the independent Office of Surveillance Commissioners (OSC) or directly by a Surveillance Commissioner. In the case of the police, the senior authorising officer is the Chief Constable. The Commissioners have all held high judicial office. The Chief Surveillance Commissioner, who reports to the Prime Minister, publishes an annual report on the OSC’s inspection and findings.

The Acts require that intrusive surveillance is limited to national security, serious crime or the economic well-being of the UK and property interference to serious crime investigations. They state that these techniques may only be used when what they seek to achieve cannot reasonably be achieved by other means. An independent complaints mechanism, the Investigatory Powers Tribunal, investigates any claims of unlawful use of these techniques and may order the destruction of material and make whatever award they see fit.

The Government believes that the current regime of authorisation and independent oversight - combined with the other limitations and safeguards that apply - strike the right balance between interfering with individual privacy and protecting the wider public from serious crime. It recognises that clear guidance is necessary to enable the police and others to use the techniques in the way intended by Parliament. This is why it has published a draft revised code of practice on covert surveillance and property interference as part of its recent RIPA Consultation. A copy of the proposed revised guidance is available on the Home Office website: http://www.homeoffice.gov.uk/documents/cons-2009-ripa?view=Binary.

Subject to Parliamentary approval it is hoped that the code will have statutory effect later this year.


e-petition: http://www.number10.gov.uk/Page20327

The irony is that Gary McKinnion is facing all kinds of trouble for hacking into U.S government computer intelligence, but its ok for the government to hack into your computer. Its pathetic double standards yet again.

The irony is that Gary McKinnion is facing all kinds of trouble for hacking into U.S government computer intelligence, but its ok for the government to hack into your computer. Its pathetic double standards yet again.

+1

They can do what they want to by computer, aslong as the bent bastards dont upload shit to it :)

I'm wondering how are they going to do it: are they going to employ hackers for it, get software companies (like Microsoft) to leave an open door for them, break into your house while you are out and upload a programme?

I don't think it would be that easy to hack the computer of someone who knows about internet security without "playing dirty".

police and M$ Can just open your back door and walk in to your pc, m$ makes a backdoor for police and cia and fbi , to use this is on most OS .


let me find the info http://news.cnet.com/2100-1001-239273.html

hacking is very easy with programs like metasploit and back track 4 as these find holes in your routers and firewall and these can write there own programs to do it.and if you program in perl or python and have some networking knowledge you to can hack people it is very easy .


here is a other url http://www.remote-exploit.org/backtrack_download.html

The government have had this power for along time .


just do your home work and google it @:)

police and M$ Can just open your back door and walk in to your pc, m$ makes a backdoor for police and cia and fbi , to use this is on most OS .


let me find the info http://news.cnet.com/2100-1001-239273.html

hacking is very easy with programs like metasploit and back track 4 as these find holes in your routers and firewall and these can write there own programs to do it.and if you program in perl or python and have some networking knowledge you to can hack people it is very easy .


here is a other url http://www.remote-exploit.org/backtrack_download.html

The government have had this power for along time .


just do your home work and google it @:)

Thanks for the info!

Do you know if it is the same in Linux; I heard it it far more secure then Windows?

Also, do you know if older versions of Windows also have those back doors?

yes linux is a lot safer , but it still has its holes in it but it is safer , i know that windows 98 had one , and me and 2000 ,

windows are not a very good at all in fact they are very poor . you might want to try ubuntu and you can get a 64 bit os for free and a 32 bit there is a few linux OS

apple mac with linux is the best you can get but these are still open to attacks and vunerlbiltes .

When you are behind a router (and 95% of all internet users are today) they cannot just 'hack' into your computer.. it's technically impossible. Unless they break into your house and install a trojan on your PC.
Because, the router takes the WAN IP of your internet connection. This is the IP visible from outside. There can be more than one PC connected to that router. That makes it technically impossible, to hack into a single PC.
When you are not behind a router, your PC can only be hacked if you do not have the latest security patches.
I'm not affraid of it :)

yeah you are more secure if you do these steps , but there are whys round routers and spi firewalls and nat address

When you are behind a router (and 95% of all internet users are today) they cannot just 'hack' into your computer.. it's technically impossible. Unless they break into your house and install a trojan on your PC.
Because, the router takes the WAN IP of your internet connection. This is the IP visible from outside. There can be more than one PC connected to that router. That makes it technically impossible, to hack into a single PC.
When you are not behind a router, your PC can only be hacked if you do not have the latest security patches.
I'm not affraid of it :)

That's what I thought, but if they are going to approve the law latter this years, it's because they can hack in.

that is mostly true yes, the only way people can get in is through ports, there are only 65535 ports on a computer most of them are totally closed all the time, ones that open for certain things include:

port 80 - web browsing (also 8080 is a backup)
port 21 - FTP uploading/downloading

p2p (utorrent specifically) uses random ports.


the port is like a door, but the door also has a doorman of sorts. the doorman is the filter or the application running, that only handles requests for certain things. so a web browser on port 80 cant offer any services for an FTP (port 21)

trojans work by selecting a port and leaving it open, the filter then accepts any requests on this port that match certain criteria. this is usually a packet of data with an activation code in

if you go to www.grc.com and then shields up!, you can use the scanner there to scan your ports, to see if they are open.. if you get a true strealth (everything green) then you are good. if one is red/open, see what it is, if its not under 1026 then check it in google by typing 'port xyz' where xyz is the port that is open. there will be lots of info around about trojans and nasty things that may use that port.

the only other way in, is through hardware/software backdoors that microsoft might put in, but havent yet as far as im aware, in this case too, it will usually be working with a certain port.


and if it really matters in the end, you can disable the internet until when you need it

The genral rule with software is that anything which is produced by a company wanting to make money is, by default, swiss cheese.

GPL stuff is the best way since ordinary joes write the stuff for the betterment of the community rather than having $ signs in their eyes.

-

I am of two mindsets. I have nothing on my computer which is illegal. Heck, I don't even have porn let alone a picture of a scantly clad bikini model (im a guy).

If someone asked if they could search my computer I'd say fuckoff since the principal of invading my privacy is what pisses me off, not what they could possibly find.

The irony is that Gary McKinnion is facing all kinds of trouble for hacking into U.S government computer intelligence, but its ok for the government to hack into your computer. Its pathetic double standards yet again.

+1

I used metasploit to find holes in my home network and was very surprised with the results ,
my router had a open port 5 , in turn this is exploitable now windows or my linux box did not see this port open neither did the router software ,

now there are other methods to attack a pc behind a nat router , youll be safe from a script kiddies if your OS and anti virus and firewallls are up to date , but a real hacker can do what they want if they target you .


Dont be fooled by microsoft and others , they will say anything to keep the bucks running in .

exploits are found every day , and there are thousands of people trying and finding more every day .

here is some more stuff to read http://www.codeproject.com/KB/system/kernelspying.aspx

more about nat router hacking

http://www.velocityreviews.com/forums/t201835-nat-router-being-hacked-.html

also there are more ports open on windows url is here http://www.mobydisk.com/techres/windowsports.html

and some more http://www.metasploit.com/research/vulnerabilities/

I'm wondering how are they going to do it: are they going to employ hackers for it, get software companies (like Microsoft) to leave an open door for them, break into your house while you are out and upload a programme?

I don't think it would be that easy to hack the computer of someone who knows about internet security without "playing dirty".

Well the first thing they need to know is your i.p. address.
I.p. is a unique number for every computer,and you can connect to any other computer if you know its i.p.
Normally when someone is trying to connect to your computer a message will pop up on your screen asking your permission.
But with very simple programming knowledge you can bypass it.
Even "hacker" monthly magazines give you lots of clues of how to do that.
If someone actually connect to your computer,he can use it the way you use it.
At his screen miles away he will see your exact desktop screen from where he can then click to any of your folders and do whatever you can do.

Well the first thing they need to know is your i.p. address.
I.p. is a unique number for every computer,

Yup


and you can connect to any other computer if you know its i.p.
Normally when someone is trying to connect to your computer a message will pop up on your screen asking your permission.

Now it starts to get a little vague.. what exactly do you mean with 'connecting to your computer'? Remote Desktop? That is turned off by default.


But with very simple programming knowledge you can bypass it.
Even "hacker" monthly magazines give you lots of clues of how to do that.

No you can't. That mechanism is on the server side.


If someone actually connect to your computer,he can use it the way you use it.
At his screen miles away he will see your exact desktop screen from where he can then click to any of your folders and do whatever you can do.
When using remote desktop, yes. But what would you do when you would see the mouse pointer going across the screen without your input?
It's much easier and more covert to access the file system without the user noticing anything. But this is NOT POSSIBLE, unless some trojan is installed on your PC. The trojan will then open a port that the 'hacker' can connect to.

And now we can talk about WHY 'they' would release such a story.
I think it is fear mongering, similar to saying: if you don't do as we say you'll end up in hell.
They're trying to scare you, so you won't do anything because you BELIEVE they can watch your every move. But they can't. If they could, they wouldn't let us know.

When you are behind a router (and 95% of all internet users are today) they cannot just 'hack' into your computer.. it's technically impossible. Unless they break into your house and install a trojan on your PC.
Because, the router takes the WAN IP of your internet connection. This is the IP visible from outside. There can be more than one PC connected to that router. That makes it technically impossible, to hack into a single PC.
When you are not behind a router, your PC can only be hacked if you do not have the latest security patches.
I'm not affraid of it :)

This is so incorrect that it's almost scary, and even worse is that most people who are not employed in the IT field believe it.

Yes, a router running NAT makes it slightly more difficult to directly attack a machine - port scans, for instance, will generally run against the router rather than the NAT'ed addresses behind it.

However, there are several very common vectors of attack that a router provides literally no protection against. Trojans are the most obvious; a simple trojan can easily use uPnP (supported and enabled on virtually all consumer-grade routers) to open up nice, neat holes for attacks to pass through, in addition to carrying their own separate payloads.

Routers themselves provide another - often simpler - attack vector, as very few consumers actually update their firmware. Once an exploit is out for a consumer-grade router, those routers actually make things worse for you - they provide a central point that's easy to take control of which contains mac address-tables and NAT lists that detail all of the hosts inside your current network, as well as automatically (or manually) generated firewall rules that provide information about what protocols you commonly use, which makes explotation even easier.

Even setting aside those major problems, a simple man-in-the-middle (MITM) attack can easily exploit local security vulnerabilities, regardless of your router. An MITM attack that intercepts and supplements your TCP traffic to include modified web sites that include embedded elements such as infected PDFs, flash, or any other element that can exploit the countless security vulnerabilities that exist for all software platforms can ensure that you're compromised without you having lifted a finger. These attacks can easily be coordinated from an ISP's offices, so law enforcement who want to hack a PC would just need to force your ISP to cooperate a little, and it's done.

The way to *actually* protect yourself is to be aware of the basics of IT security. Some vulnerability scanners have already been mentioned, as have alternative operating systems. A realistically achievable level of security for an even mildly skilled operator would be the following:

VPN connection to a known-secure site (provides encrypted traffic, preventing your local ISP from engaging in an MITM attack), disabling of all non-necessary web elements (completely disabling flash and javascript is a good way to do this, but to keep using most sites, you'd want to use something like Adblock Plus to block out the most obvious embedded junk), regular use of port scanners (nmap is the obvious choice) and vulnerability scanners (Nessus and metasploit are great examples), storage of all personal data on encrypted volumes on your hard disk (or on removeable media like flash drives), and some Intrusion Prevention Software - this varies from OS to OS, but is easy to find for your operating system of choice with a simple web search.

Encrypting sensitive email conversations is also a good idea, as well as instant messaging protocols. Setting browser security settings to force you to explicitly allow cookies can help cut down on any tracking being done that route. An open-source browser like Firefox (or Iceweasel, if you want truly free and open source) works best, and plugins like noscript can cut down on malicious scripting attempts.

Keep third-party software on your system to a minimum, and keep up your security patches on anything you do install.

If you use Windows, keep it up to date and patched, but understand that Microsoft does have well-known backdoors that it's opened for government agencies that it's not likely to close anytime soon. Although nothing is public along those lines for Mac OS, you'd be foolish to not assume they do the same. A completely transparent OS is your only way to go to have any chance of these sort of intentional vulnerabilities spotted and addressed, so various Linux/Unix distros are a good idea. Someone upthread suggested Mac hardware with Linux, but given that Mac hardware is literally the same hardware used in any PC with a higher price tag due to the corporate logo on it, this isn't really a useful suggestion. Any PC hardware should do the trick, but do some research before building a system to ensure good quality components - this can both save you money and ensure that your system lasts far longer than any off-the-shelf PC/Mac builds.

The final advice I can offer is this: regardless of what other precautions you have put in place, if you wouldn't be comfortable saying something in public, you shouldn't say it online. Even encrypted traffic can be sniffed, saved, and decrypted at leisure, so if someone really is out to get you, anything you transmit or receive can be tracked and stored.

If someone actually connect to your computer,he can use it the way you use it.
At his screen miles away he will see your exact desktop screen from where he can then click to any of your folders and do whatever you can do.

This is partially correct, but not quite as you describe. It's true that if someone has actually managed to get administrative-level access to your computer, they can generally see what you're doing - between device, program, and system logs, it's usually pretty clear what a person does. However, as another poster noted, to actually see their desktop, folders, files, etc, they'd need to be using some sort of remote desktop solution (either Windows-type RDP, or VNC, or a similar protocol), which is not normally enabled by default.

However, what someone can do completely transparently to you is see exactly what you're doing on the internet. It requires being able to sniff traffic on the network, and hijack your DNS sessions, but can be done fairly easily; on a wireless network, this is extremely easy to do (even one protected by WPA/TKIP can be broken into in under a minute, although WPA2/AES is slightly more difficult); even on a wired network, it's not impossible. Generally, from an ISP's perspective, this would be effortless. From someone not able to influence your ISP, doing this to your wired network would require placing a rogue device in your home somewhere, which is considerably harder. Either way, the gist of this type of attack is that they intercept your DNS requests, feed you the information back (which may be accurate or altered to their whims), and sniff your HTTP requests to reconstruct the flow of traffic and input it into their own web browser. This can give you a real-time view of exactly what someone is doing on their computer, even on 'secure' sites.

Edit: that last sentence should actually read 'on their web browser', not 'on their computer'. :)

The irony is that Gary McKinnion is facing all kinds of trouble for hacking into U.S government computer intelligence, but its ok for the government to hack into your computer. Its pathetic double standards yet again.

Absolutley + 1000000000

They can do what they want to by computer, aslong as the bent bastards dont upload shit to it :)

This is the concearn, with this kinda BS they can plant whatever they like on peoples systems and then crash their doors down and 'find' the evidence.

This is a great concearn to everyone. If you become a target whose to stop them planting shit on peoples computers? They'll be watching each others backs so as to shove such indescrepensies under the carpet.

Back everything up, as a full back up so you have hard evidence of what is on your system.

This is so incorrect that it's almost scary, and even worse is that most people who are not employed in the IT field believe it.

Yes, a router running NAT makes it slightly more difficult to directly attack a machine - port scans, for instance, will generally run against the router rather than the NAT'ed addresses behind it.

However, there are several very common vectors of attack that a router provides literally no protection against. Trojans are the most obvious; a simple trojan can easily use uPnP (supported and enabled on virtually all consumer-grade routers) to open up nice, neat holes for attacks to pass through, in addition to carrying their own separate payloads.

Routers themselves provide another - often simpler - attack vector, as very few consumers actually update their firmware. Once an exploit is out for a consumer-grade router, those routers actually make things worse for you - they provide a central point that's easy to take control of which contains mac address-tables and NAT lists that detail all of the hosts inside your current network, as well as automatically (or manually) generated firewall rules that provide information about what protocols you commonly use, which makes explotation even easier.

Even setting aside those major problems, a simple man-in-the-middle (MITM) attack can easily exploit local security vulnerabilities, regardless of your router. An MITM attack that intercepts and supplements your TCP traffic to include modified web sites that include embedded elements such as infected PDFs, flash, or any other element that can exploit the countless security vulnerabilities that exist for all software platforms can ensure that you're compromised without you having lifted a finger. These attacks can easily be coordinated from an ISP's offices, so law enforcement who want to hack a PC would just need to force your ISP to cooperate a little, and it's done.

The way to *actually* protect yourself is to be aware of the basics of IT security. Some vulnerability scanners have already been mentioned, as have alternative operating systems. A realistically achievable level of security for an even mildly skilled operator would be the following:

VPN connection to a known-secure site (provides encrypted traffic, preventing your local ISP from engaging in an MITM attack), disabling of all non-necessary web elements (completely disabling flash and javascript is a good way to do this, but to keep using most sites, you'd want to use something like Adblock Plus to block out the most obvious embedded junk), regular use of port scanners (nmap is the obvious choice) and vulnerability scanners (Nessus and metasploit are great examples), storage of all personal data on encrypted volumes on your hard disk (or on removeable media like flash drives), and some Intrusion Prevention Software - this varies from OS to OS, but is easy to find for your operating system of choice with a simple web search.

Encrypting sensitive email conversations is also a good idea, as well as instant messaging protocols. Setting browser security settings to force you to explicitly allow cookies can help cut down on any tracking being done that route. An open-source browser like Firefox (or Iceweasel, if you want truly free and open source) works best, and plugins like noscript can cut down on malicious scripting attempts.

Keep third-party software on your system to a minimum, and keep up your security patches on anything you do install.

If you use Windows, keep it up to date and patched, but understand that Microsoft does have well-known backdoors that it's opened for government agencies that it's not likely to close anytime soon. Although nothing is public along those lines for Mac OS, you'd be foolish to not assume they do the same. A completely transparent OS is your only way to go to have any chance of these sort of intentional vulnerabilities spotted and addressed, so various Linux/Unix distros are a good idea. Someone upthread suggested Mac hardware with Linux, but given that Mac hardware is literally the same hardware used in any PC with a higher price tag due to the corporate logo on it, this isn't really a useful suggestion. Any PC hardware should do the trick, but do some research before building a system to ensure good quality components - this can both save you money and ensure that your system lasts far longer than any off-the-shelf PC/Mac builds.

The final advice I can offer is this: regardless of what other precautions you have put in place, if you wouldn't be comfortable saying something in public, you shouldn't say it online. Even encrypted traffic can be sniffed, saved, and decrypted at leisure, so if someone really is out to get you, anything you transmit or receive can be tracked and stored.

Good info, thanks.
But still I feel skeptical about law enforcement being able to hack into my PC.
You describe how the cooperation of ISP's is essential for it to work.
Now ISP's are not well known for their cooperation with law enforcement.
It takes them a lot of effort even to get the details of the owner of a specific IP address.