Terms and Conditions
Please note that when accessing The F-Secure World Wide Web pages you agree to the following terms:
The contents of F-Secure World Wide Web pages are provided “as is” and “as available”. No warranty of any kind, either express or implied, is made in relation to the availability, accuracy, reliability or content of these pages. To the extent permitted by law, F-Secure shall not be liable for any direct, indirect, incidental or consequential damages arising out of the use of or inability to use these pages, even if F-Secure has been advised of the possibility of such damages.
Third Party Sites
This policy only addresses our activities from our servers. This web site contains links to web sites that are not under our control. We are not responsible for the content, commentary or applications of these web sites. We are providing these links only as a convenience and the inclusion of these links does not imply endorsement by us of the linked web site.
The contents of F-Secure World Wide Web pages are protected by international copyright laws © F-Secure 1994 – 2006. All rights reserved. Reproduction, transfer, distribution or storage of part, or all of the contents, including but not limited to pictures, design format, logo, audio clips, video clips and HTML coding, in any form without the prior written permission of F-Secure is prohibited. Any and all reproduction, total or partial, of the texts, illustrations, design format or logo by any means whatsoever, is illegal. Such reproduction requires the prior written consent of F-Secure. We protect our intellectual property rights to the full extent of the law. F-Secure” and the triangle symbol are registered trademarks of F-Secure Corporation and F-Secure product names and symbols/logos are either trademarks or registered trademarks of F-Secure Corporation.
All other trademarks mentioned in the F-Secure World Wide Web pages are the property of their respective holders. Nokia is a registered trademark and the Nokia OK logo is a trademark of Nokia Corporation. Nokia id-codes are a00014, a00015 and a00018. Symbian and all Symbian-based marks and logos are trade marks of Symbian Limited.
F-Secure is committed to ensuring the security of your information. To prevent unauthorized access or disclosure, maintain data accuracy, and ensure the appropriate use of information, we have put in place appropriate physical, electronic, and managerial procedures to s afeguard and secure the information we collect online.
Any bulletin messages, suggestions, ideas, bulletin board postings or concepts that are submitted to F-Secure via this web site shall become, and remain the property of F-Secure. Furthermore, F-Secure is not responsible for the confidentiality of any information communicated to our web site. By communicating material to the F-Secure web site, you agree that F-Secure has the right to publish the material in products or publications for any purpose, including, but not limited to, advertising and promotional purposes. You agree not to take action against us in relation to material that you submit.
F-Secure reserves the right to modify the pages or deny access to them at any time. Amendments to this policy will be posted at this URL and will be effective when posted. Please visit us again for updates.
The following legal terms (“terms”) govern your right to use and access to F-Secure blog “Safe and Savvy” (“blog”) provided by F-Secure Corporation (“F-Secure”, “we”, “our”). By using or visiting the blog you have read these terms, understand them and agree to be legally bound by them. You also agree not to use the blog against these terms and specific instructions elsewhere in the blog. If you do not agree to all of these terms, or if you are below the age of twelve (12), you are not allowed to access, visit or participate in the community
Description and Purpose
F-Secure provides this blog as a service to its users and customers, to help them exchange ideas, tips, information, and techniques related to overall security related issues and to our services. This blog is here for the enjoyment and benefit of all members and accessible to all. The community of the blog, like any community, is most valuable when everyone obeys certain basic guidelines and rules for online behavior:
Posting and Prohibited Content
Use of the blog is at your own risk. Do not post any information, especially personal information such as addresses and phone numbers, that you do not wish to make public. Any information that you post to public sections of the blog can be obtained and used by others. You are responsible for any personal information you disclose to the blog. F-Secure or WordPress.com provided by Automattic Inc. (“Platform Provider”) is not responsible for third parties’ use of information posted on the blog and to the blog community. Users of the blog agree not to upload, post, or otherwise transmit any content that includes any of the following inappropriate content:
- Content that is: unlawful, libelous, harmful, vulgar, obscene, derogatory, pornographic, abusive, harassing, threatening, hateful, objectionable with respect to race, religion, creed, national origin or gender;
- Any private or personal information or content that is not your own or that you do not have rights to transmit, such as: address, phone number, personal email address, social security number and copyrighted content, trade secrets or securities
- Off-topic content not relevant to blog community purpose;
- Spam, such as advertising, promotion or solicitation, including chain letters, class action lawsuits, charitable appeals;
- Content or links to content that contains contaminating or destructive features that may damage someone else’s computer;
- Duplicate or excessively repeated submissions in one or more areas;
- Content designed to evade profanity or other filters;
- Hyperlinks to sites that violate the terms;
- Content used to impersonate another person;
- Content or behavior that violates any applicable laws;
- Content or behavior that interferes with the operation of the site or with another member’s ability to use the site;
- Evading site controls such as bans, or otherwise disregarding the directions of the site moderators or administrators
- Content that infringes copyrights or other intellectual property rights of third parties.
F-Secure may remove any information, in its sole discretion, including but not limited to personal data or data, material or content provided by any of the users, considered to violate the Terms or be inappropriate for the blog for any reason. F-Secure shall under this agreement have no obligation to monitor any of the material provided by you to F-Secure and/or to the blog community, but may do so at its discretion. F-Secure also retains the right to immediately revoke any and all of Your access rights in case Your breach of any of these Terms or suspected misuse of the blog.
To report violations, please contact the F-Secure blog team and include the blog-post/comment and the author-name in question: email@example.com
Your privacy is our pride, part 3 of 3 – how we act as a company
This is the final blog post in a series of three where we cover our privacy principles. I have earlier covered the fundaments and why security is a requirement for privacy. But privacy is not only about guarding your data and keeping it protected. It’s also about how we act as a company. If you select us as your provider, you want to know that we are acting in a responsible way and support your privacy in a broader sense. WE KEEP OUR MESSAGING RELEVANT Messaging and marketing towards customers is always a tricky issue that divides opinions. Some are allergic to all kinds of marketing messaging. Others don’t mind and may even find part of it useful. We may have several reasons to contact our customers. Part of it is no doubt promoting our product and service portfolio (yes, marketing), part is necessary info related to the products you use. We also produce generic security and privacy information that we think is of interest, even if it doesn’t relate directly to our products. Our aim is to give you a messaging stream with an optimal signal to noise ratio. And you can fine-tune the stream by opting in or out to some content. WE ARE THE GOOD GUYS There are strong global forces that want to scarify privacy for economic and diplomatic gains. This means that privacy isn’t just a technical issue anymore, it’s a highly ethical and political issue as well. The time has come when we need to choose sides. F-Secure’s choice is clearly to speak out against the privacy-hostile development. It would not be right to just sell you tools guarding your privacy and at the same time be quiet about the threats. We do demand change, for example in the Digital Freedom Manifesto. Also check out @Mikko at TED, nobody says it better than him. TRANSPARENCY All this sounds fine, but do you believe us and will you trust us? It is so easy to write beautiful phrases, but you as a customer have very little tools to verify our claims. That’s why we need transparency. We want to be a forerunner and openly declare what data we collect, how we handle it and what principles we adhere to. That’s the best way to differentiate from those who just use privacy as a marketing message. These principles will help us provide solutions that protect your privacy. As you can see, that’s not a simple task and it requires commitment at all levels of the organization. Publishing these principles is just the tip of the iceberg, what really matters is how we do our ordinary daily work. We need to keep the principles in mind at all time when designing systems and processes, to ensure they never are violated. Maybe I’m a dreamer, but I would very much love to be a digital citizen in a society that fully implement principles like this. It seems like a futile wish at the moment, but we are at least doing what we can to strive for it. The society may be hostile towards your privacy, but we at F-Secure work hard to make the principles real at least in a small part of the digital world. Our own products. That’s a good start, now you have a choice. If you like these principles, you can improve your privacy by selecting F-Secure. Safe surfing, Micke
Snowden Says Drop Dropbox; Here’s What You Said
In his recent video interview with The New Yorker, Edward Snowden advised viewers to get rid of Dropbox, Facebook and Google, saying such services are dangerous and should be avoided. But what do consumers think? Are you and I ready to follow his advice and switch to more secure services? To find out what people really think, we consulted our recent global consumer survey* where we had asked people just those types of questions. Here's what we found: 53% of survey respondents said they’d be willing to switch from services like Google to other more private services to avoid search-based profiling. 56% of people said they have become more wary of US-based Internet services in the past year. 46% of people said they would be willing to pay to be sure that none of their personal data transits via the US. 70% said they are concerned about the potential of mass surveillance by intelligence agencies in countries through which their data may be passing. 68% of respondents said they try to protect their privacy at least some of the time through the use of private browsing or incognito mode or by encrypting their communications. 57% of people said they are not okay with companies using their profile data in exchange for getting a free service. Germany, Brazil and the Philippines showed some of the highest levels of concern about data privacy. For example, when asked whether they’ve changed some of their Internet habits in recent months due to increased concerns about data privacy, an average of 56% of people said they had: 45% in the UK, 47% in the US, and 49% in France, and going even higher to 60% in Germany and 67% in both Brazil and the Philippines. Are you ready to start using more private, secure services too? If so, F-Secure has some great options. Our online storage and sync service, younited, is fully encrypted for security and privacy from the ground up. F-Secure Freedome encrypts your connection wherever you are, even on public WiFi, and protects you from hackers and Internet trackers. And free F-Secure App Permissions lets you know which mobile apps you've installed are a threat to your privacy. *The F-Secure Consumer Values Study 2014 consisted of online interviews of 4,800 age, gender and income-representative respondents from six countries, 800 respondents per country: US, UK, France, Germany, Brazil and the Philippines. The study was designed together with Informed Intuitions. Data was collected by Toluna Analytics in July 2014. Image courtesy of greensefa, flickr.com
How to blow the whistle and survive
Whistleblowers have changed the world and there’s still a lot of hidden secrets that the public really should know about. High-profile leakers like Snowden, Manning and Assange are known globally, and are paying a high price for their courage. But only a few are dedicated enough to blow the whistle in public - most leakers want to carry on with their normal lives and remain anonymous. Snowden did no doubt show the way for others, and there are already several who have tried to leak and remain anonymous. That’s not easy and the stakes are high! Which is underlined by the recent news about the feds discovering one leaker. But is it even possible to leak anonymously in this word that in many ways is worse than Orwell’s fictive surveillance nightmare? Let’s list some advice for the case you would like to leak by phone to a journalist. I guess not many of you readers will ever be in a situation where you need this. But read on, this is highly interesting anyway and tells a lot about how our digital word works. Ok, let’s assume the worst case. The secrets you want to leak affects US national security, which means that your enemy is powerful and can use top surveillance against you. Let’s also assume it’s info you have authorized access to. And that you want to talk on the phone to a journalist. Here’s some basic rules and hints that may prevent you from ending up behind bars. First you need to assess how many persons have access to the data. They will all be on a list of suspects, together with you. The shorter the list, the bigger the risk for you. Your mobile phone is a tracking device. The cell phone network knows what base station you are connected to at any time. Other services can record and store even GPS-accurate position data. All this is accessible to the agents and you must make sure it doesn’t reveal you. Needless to say, your own phone does not participate in this project. You need to find out who you should leak to. Never do this research from your own computer because your search history can reveal you. It leaves traces both in your computer and in your user profile at Google (unless you know what you are doing and use privacy tools properly). Do this research from a public computer. Make sure you have never logged in to any personal account from this computer. You need a “burner phone” to do the leaking. This is a phone that can’t be connected to your identity in any way. Here’s some rules for how to use it: It is always switched off with the battery removed when not in use. Just using the power button does not cut power from all parts of the device. It is never switched on in or close to your home. The agents can easily find out what base station it was connected to and turning it on near home can make you more suspected than others. It is never switched on in or close to your vehicle. Base station records for the phone may correlate with traffic cameras storing your registration plate. This is especially important if you have a modern car with a built-in data connection for service monitoring etc. Never user the burner for any other contacts. Even a single call to your spouse creates a record that ties you to the phone. Needless to say, never store any other info in the phone than what you need for this project. You always leave your own phone at home when going out to use the burner phone. Otherwise the agents can see that your own phone “happen” to be in the same base station when the burner is used. Leave your own phone turned ON at home when you go out with the burner. Otherwise you create a recognizable pattern where your own phone turns off and the burner turns on, and vice versa, in a synchronized manner. Leave any other wireless devices at home. Tablets, wireless mobile payment devices, anything else with a radio transmitter. Using a voice changer is necessary especially if the list of suspects is short. Assume that your calls can be recorded and your own voice checked against the recording. Get the burner phone. Scout for a dealer with old-looking or insufficient security cameras located not too close to your home. Remember that the agents may locate the shop where the burner phone was sold, get the security camera recording and compare against the list of suspects. Even better, ask someone else to buy the phone for you. Choose a cheap non-smart prepaid phone with removable battery. Pay cash and make sure you don’t reveal your identity to the seller in any way. Safely destroy any receipts and other paperwork related to the purchase. Think about where to store physical items that can tie you to the leak. Such items are the burner phone and related documents or data media. This is especially important if the list of suspects is short. Storing such items at home, at your workplace or in your vehicle will reveal you if the agents perform a search. Try to find some other place that is safe and can’t be tied to you. Now you are ready to contact the journalist. Be very rigid with the rules for how to use the burner phone. There are also some additional rules for this situation: Dress discreetly to avoid sticking out in surveillance camera footage. Be far enough from home when making the call. Turn the burner on, make the call and turn it off again right away. Avoid public places with surveillance cameras when the burner is on. Do not use your credit card during this trip. Pay cash for everything. Any other personal payment instruments, like public transportation payment cards, is a big no-no as well. You have to assume that journalists dealing with leaks are being watched constantly. Assume that the hunt is on as soon as you have made the first contact. Try to wrap up the project as quickly as possible and minimize the number of times you turn on the burner phone. When you are done, dispose all items related to the leak in a secure way. The trash can of your own house is NOT secure. Dump the phone in the river or put it in a public trash sack far enough from home. The truly paranoid leaker will break the phone with gloves on. The outer shell can contain fingerprints or traces of your DNA and the electronics the traceable phone ID. It’s good to make sure they end up in different places. Huh! That’s a lot to remember. Imagine, all this just for maintaining privacy when making a phone call! But you really need to do it like this if the big boys are after you and you still want to continue as a free citizen. I hope you never need to go through all this, and also that you do it right if you have to. Disclaimer. This text is mainly intended as a demonstration of how intrusive the surveillance society is today. We provide no guarantee that this will be enough to keep you out of jail. If you really plan to become a whistle blower, research the topic thoroughly and get familiar with other sources as well (but remember what I wrote about researching from your own computer). Safe whistle blowing, Micke