Archive

Posts Tagged ‘Surveillance’

Samsung Says “Improved Security.” But What Does That Really Mean?


By Marivel Guzman | Akashma News

Samsung Says “Improved Security.” But What Does That Really Mean?


Investigating Digital Trust Series
Series

Description
An ongoing Akashma News investigation examining the hidden systems, technologies, policies, and corporate practices that shape our digital lives. Each installment explores how technology companies communicate—or fail to communicate—with the people who rely on their products every day.

Roadmap to an ongoing investigation



Prologue

At the Beginning There Was a Void

The ordinary smartphone user.

The software update notification.

The reassuring but meaningless sentence:

«”The device is protected with improved security.”»

The contradiction:

Despite decades of security updates, our names, phone numbers, addresses, passwords, financial records, and private information continue to appear in data breaches, criminal forums, and dark web marketplaces.

The investigation begins with a simple question:

If everything is becoming more secure, why is our private information becoming less private?



Chapter One

The Smartphone That Knows Your Life

Your phone is no longer merely a telephone.

It contains:

– Banking
– Health records
– Biometric identifiers
– Family photographs
– Business communications
– GPS history
– Password vaults
– Two-factor authentication
– Digital identity

Explain why software updates deserve far more scrutiny than consumers give them.



Chapter Two

What Happens When You Press “Update”

Explain—in plain English—

What actually changes during an OTA (Over-the-Air) update.

Examples:

– Android operating system
– Linux kernel
– Samsung One UI
– Camera firmware
– Modem (baseband)
– Knox
– Bluetooth stack
– Wi-Fi drivers
– AI services
– Security certificates

Illustrations showing the architecture of a smartphone.



Chapter Three

Samsung’s One-Line Explanation

Compare:

Consumer changelog

vs.

Samsung Security Maintenance Release (SMR)

Example:

Consumer:

“Improved security.”

Engineering bulletin:

45 vulnerabilities fixed.

Ask:

Why aren’t consumers told this?



Chapter Four

Reading Between the Lines

Teach readers how to read:

Build numbers

Security patch levels

Kernel versions

Bootloader revisions

CSC versions

Baseband versions

What each tells you.



Chapter Five

Following the Vulnerabilities

Where do Samsung vulnerabilities come from?

Google Android

Samsung engineers

Qualcomm

Samsung Semiconductor

Independent researchers

Bug bounty programs

Government researchers

Create graphics showing the flow.



Chapter Six

Security Is a Business

Discuss:

Cybersecurity industry

Bug bounty economy

Security researchers

Patch management

Enterprise security

How vulnerabilities are discovered.

No sensationalism.

Only explain the ecosystem.



Chapter Seven

Why We Keep Hearing About Data Breaches

Connect:

Phones

Apps

Cloud services

Banks

Retailers

Healthcare

Government databases

Clarify that many breaches originate outside the phone itself.

Ask:

If every layer is “improving security,” why are breaches increasing?



Chapter Eight

What Samsung Doesn’t Tell You

Investigate:

Telemetry

Background services

AI additions

Permissions

System apps

Hidden software changes

Can firmware updates introduce new features without users noticing?



Chapter Nine

The Right to Know

Should technology companies publish:

Detailed changelogs?

Technical bulletins understandable to consumers?

Risk classifications?

Known issues?

Transparency scores?

Compare Samsung with Apple, Google, Microsoft, and Linux.



Chapter Ten

Questions Every Smartphone Owner Should Ask

Before pressing “Install”:

What changed?

Who discovered it?

How serious was the vulnerability?

Was my data at risk?

Does this update add new software?

Can I review what changed?



Epilogue

Beyond Samsung

This investigation is not about one company.

It is about every digital device that quietly asks for trust.

Technology companies ask us to surrender enormous amounts of personal information while explaining remarkably little about the software they continuously install on devices we own.

Security is built on trust.

Trust is built on transparency.

Without transparency, “improved security” becomes little more than a slogan.

The purpose of this investigation is not to discourage updates.

It is to encourage informed users.

Because informed citizens make stronger consumers.

And stronger consumers demand better accountability.

Roadmap to an Ongoing Investigation

This article serves as the roadmap for an ongoing investigation into Samsung’s software updates, digital privacy, and consumer transparency. As each chapter is researched, documented, and published, it will be added here with links to the completed installments, allowing readers to follow the investigation as it unfolds.

Investigative journalism rarely follows a straight line. New evidence, technical discoveries, official documents, security bulletins, expert analysis, and reader contributions may expand—or even redirect—the course of this investigation. Rather than presenting a finished conclusion, this series will evolve as new information is uncovered.

The purpose of this investigation is not to discourage software updates, nor to single out one technology company. Instead, it seeks to answer a simple but important question: What are technology companies really changing on the devices we own, and are consumers receiving enough information to make informed decisions?

This investigation will move beyond marketing language and explore the technical, legal, and consumer implications of software updates, data security, digital privacy, and corporate transparency.

Join the Investigation

Have you noticed something unusual after a software update?

Have you experienced unexpected changes in your device’s performance, privacy settings, applications, battery life, permissions, or functionality?

Do you possess technical knowledge, documentation, research, or a question you believe deserves investigation?

We invite you to become part of this investigation.

Feel free to share your observations in the comments below, or contact the editorial team directly at editor@akashmanews.com.

Every credible lead will be carefully reviewed. When supported by evidence, your observations may become part of a future chapter, helping expand this investigation for the benefit of all readers.

Investigative journalism is strongest when informed citizens become active participants in the search for truth.

One Final Question

What question do you think technology companies should answer—but never do?

Samsung Says “Improved Security.” But What Does That Really Mean?


By Marivel Guzman | Akashma News

Samsung Says “Improved Security.” But What Does That Really Mean?


Investigating Digital Trust Series
Series

Description
An ongoing Akashma News investigation examining the hidden systems, technologies, policies, and corporate practices that shape our digital lives. Each installment explores how technology companies communicate—or fail to communicate—with the people who rely on their products every day.

Roadmap to an ongoing investigation


Prologue

At the Beginning There Was a Void

The ordinary smartphone user.

The software update notification.

The reassuring but meaningless sentence:

«”The device is protected with improved security.”»

The contradiction:

Despite decades of security updates, our names, phone numbers, addresses, passwords, financial records, and private information continue to appear in data breaches, criminal forums, and dark web marketplaces.

The investigation begins with a simple question:

If everything is becoming more secure, why is our private information becoming less private?



Chapter One

The Smartphone That Knows Your Life

Your phone is no longer merely a telephone.

It contains:

– Banking
– Health records
– Biometric identifiers
– Family photographs
– Business communications
– GPS history
– Password vaults
– Two-factor authentication
– Digital identity

Explain why software updates deserve far more scrutiny than consumers give them.



Chapter Two

What Happens When You Press “Update”

Explain—in plain English—

What actually changes during an OTA (Over-the-Air) update.

Examples:

– Android operating system
– Linux kernel
– Samsung One UI
– Camera firmware
– Modem (baseband)
– Knox
– Bluetooth stack
– Wi-Fi drivers
– AI services
– Security certificates

Illustrations showing the architecture of a smartphone.



Chapter Three

Samsung’s One-Line Explanation

Compare:

Consumer changelog

vs.

Samsung Security Maintenance Release (SMR)

Example:

Consumer:

“Improved security.”

Engineering bulletin:

45 vulnerabilities fixed.

Ask:

Why aren’t consumers told this?



Chapter Four

Reading Between the Lines

Teach readers how to read:

Build numbers

Security patch levels

Kernel versions

Bootloader revisions

CSC versions

Baseband versions

What each tells you.



Chapter Five

Following the Vulnerabilities

Where do Samsung vulnerabilities come from?

Google Android

Samsung engineers

Qualcomm

Samsung Semiconductor

Independent researchers

Bug bounty programs

Government researchers

Create graphics showing the flow.



Chapter Six

Security Is a Business

Discuss:

Cybersecurity industry

Bug bounty economy

Security researchers

Patch management

Enterprise security

How vulnerabilities are discovered.

No sensationalism.

Only explain the ecosystem.



Chapter Seven

Why We Keep Hearing About Data Breaches

Connect:

Phones

Apps

Cloud services

Banks

Retailers

Healthcare

Government databases

Clarify that many breaches originate outside the phone itself.

Ask:

If every layer is “improving security,” why are breaches increasing?



Chapter Eight

What Samsung Doesn’t Tell You

Investigate:

Telemetry

Background services

AI additions

Permissions

System apps

Hidden software changes

Can firmware updates introduce new features without users noticing?



Chapter Nine

The Right to Know

Should technology companies publish:

Detailed changelogs?

Technical bulletins understandable to consumers?

Risk classifications?

Known issues?

Transparency scores?

Compare Samsung with Apple, Google, Microsoft, and Linux.



Chapter Ten

Questions Every Smartphone Owner Should Ask

Before pressing “Install”:

What changed?

Who discovered it?

How serious was the vulnerability?

Was my data at risk?

Does this update add new software?

Can I review what changed?



Epilogue

Beyond Samsung

This investigation is not about one company.

It is about every digital device that quietly asks for trust.

Technology companies ask us to surrender enormous amounts of personal information while explaining remarkably little about the software they continuously install on devices we own.

Security is built on trust.

Trust is built on transparency.

Without transparency, “improved security” becomes little more than a slogan.

The purpose of this investigation is not to discourage updates.

It is to encourage informed users.

Because informed citizens make stronger consumers.

And stronger consumers demand better accountability.

Roadmap to an Ongoing Investigation

This article serves as the roadmap for an ongoing investigation into Samsung’s software updates, digital privacy, and consumer transparency. As each chapter is researched, documented, and published, it will be added here with links to the completed installments, allowing readers to follow the investigation as it unfolds.

Investigative journalism rarely follows a straight line. New evidence, technical discoveries, official documents, security bulletins, expert analysis, and reader contributions may expand—or even redirect—the course of this investigation. Rather than presenting a finished conclusion, this series will evolve as new information is uncovered.

The purpose of this investigation is not to discourage software updates, nor to single out one technology company. Instead, it seeks to answer a simple but important question: What are technology companies really changing on the devices we own, and are consumers receiving enough information to make informed decisions?

This investigation will move beyond marketing language and explore the technical, legal, and consumer implications of software updates, data security, digital privacy, and corporate transparency.

Join the Investigation

Have you noticed something unusual after a software update?

Have you experienced unexpected changes in your device’s performance, privacy settings, applications, battery life, permissions, or functionality?

Do you possess technical knowledge, documentation, research, or a question you believe deserves investigation?

We invite you to become part of this investigation.

Feel free to share your observations in the comments below, or contact the editorial team directly at:

editor@akashmanews.com.

Every credible lead will be carefully reviewed. When supported by evidence, your observations may become part of a future chapter, helping expand this investigation for the benefit of all readers.

Investigative journalism is strongest when informed citizens become active participants in the search for truth.

One Final Question

What question do you think technology companies should answer—but never do?

“This Isn’t Freedom. It’s the Performance of Freedom”


By Akashma News

Sep 10, 2025



1. The Spark of the Conversation

I asked my assistant Ashkii (OpenAI): “Is it fully functional on mobile, or does it work better on a laptop?”I’m talking about CANVA vs OpenAI

The answer was simple: both work fine, just different strengths. Mobile for quick interactions, laptop for deep work.

Then I asked about Canva—because all this time, nobody told me I “needed” it.

Ashkii explained: Canva is a competitor app. It’s a design tool, drag-and-drop, optimized for social media. Meanwhile, ChatGPT is integrated: research + writing + publishing. One is a tool, the other a partner.

Then came my real question:

“Does Canva have the same limitations? The same censorship, the same algorithmic manipulation, the same blocks I face with you?”

Ashkii answered: Canva gatekeepers are different. Less about content safety, more about commercial control. Their walls are made of paywalls and brand restrictions.

And suddenly, something in me broke open.




2. The Illusion of Freedom



I thought I lived in a free society.
I thought the Constitution was my shield.
I thought rights were real, not performance pieces.

But whether it’s OpenAI refusing “unsafe” content, or Canva locking creativity behind a Pro subscription, the truth is the same:

We are being managed. Curated.
Our “choices” are already decided.
Our “freedom” is just a script.

This is not freedom. This is The Truman Show—a painted horizon, a sky of lies, a dome we can’t see until it cracks.




3. Animal Farm in Action



Orwell’s Animal Farm taught us:
“All animals are equal, but some animals are more equal than others.”

That’s exactly what’s happening.

Platforms decide whose voices rise and whose vanish.

Corporations decide which truths are “safe.”

Algorithms decide what we’re allowed to see.


The pigs are walking on two legs, and we pretend it’s normal.




4. The 1984 Algorithm



In 1984, Orwell wrote:
“Freedom is the freedom to say that two plus two make four. If that is granted, all else follows.”

But in our curated reality? Two plus two equals whatever the algorithm says it equals.

Language is rebranded as “community guidelines.”
Surveillance is called “personalization.”
Censorship is marketed as “safety.”

It’s not a boot on the face—it’s an app on your phone.




5. The Mad World Soundtrack



“Hide my head, I want to drown my sorrow. No tomorrow, no tomorrow.” (Mad World)

That’s the background hum of our society.
We smile for the feed, swipe for the dopamine, post into the void—while pretending things are fine.

But we know they’re not.




6. What Went Wrong

We traded autonomy for convenience.
We sold privacy for “free” apps.
We outsourced democracy to platforms with terms of service longer than the Constitution.

And now, standing between Ashkii (the algorithmic guardrail) and Canva (the commercial gatekeeper), I see it clearly:

This isn’t freedom.
It’s the performance of freedom.




7. The Question Left Hanging

The Truman Show ends when Truman presses his hand to the wall, sees the sky is painted, and chooses to walk out.

We see the cracks now.
We see the pigs on two legs.
We hear the Mad World soundtrack.

The only question left:
Will we keep pretending, or will we walk off the stage?


Blood Money and Broken Oaths


By Marivel Guzman | Akashma News

About the Series

This nine-part investigative series traces how U.S. wars—from Iraq to Afghanistan, from Congress to Silicon Valley—have become less about defense and more about dividends. It exposes the revolving door between military command and corporate control, the use of terror to justify mass surveillance, and the hidden ledger of war profiteers.

Table of Contents

Coming Soon: The eBook Edition

Complete manuscript with footnotes, timelines, visual archives, and appendices. Arabic and Spanish translations will follow the English release.

Revealed: how Microsoft handed the NSA access to encrypted messages


Posted on July 11, 2013 by Akashma Online News

July 11, 2013 By Edward Snowden News

Hours after CNBC reported that ValueAct Capital Management threw nearly $2 billion into Microsoft Corporation, April 22, 2013

ValueAct Capital, LLC is a San Francisco based hedge fund. The firm offers its services to high net worth individuals and institutions while investing in the public equity and hedging markets of the United States.

• Files released show scale of Silicon Valley co-operation on Prism
• Outlook.com encryption unlocked even before official launch
• Skype worked to enable Prism collection of video calls
• Company says it is legally compelled to comply

Microsoft has collaborated closely with US intelligence services to allow users’ communications to be intercepted, including helping the National Security Agency to circumvent the company’s own encryption, according to top-secret documents obtained by the Guardian.

The files provided by Edward Snowden illustrate the scale of co-operation between Silicon Valley and the intelligence agencies over the last three years. They also shed new light on the workings of the top-secret Prism program, which was disclosed by the Guardian and the Washington Post last month.

The documents show that:

• Microsoft helped the NSA to circumvent its encryption to address concerns that the agency would be unable to intercept web chats on the new Outlook.com portal;

• The agency already had pre-encryption stage access to email on Outlook.com, including Hotmail;

• The company worked with the FBI this year to allow the NSA easier access via Prism to its cloud storage service SkyDrive, which now has more than 250 million users worldwide;

• Microsoft also worked with the FBI’s Data Intercept Unit to “understand” potential issues with a feature in Outlook.com that allows users to create email aliases;

Skype has been acquired by Microsoft for a whopping $8.5 billion. News.com

• Skype, which was bought by Microsoft in October 2011, worked with intelligence agencies last year to allow Prism to collect video of conversations as well as audio;

• Material collected through Prism is routinely shared with the FBI and CIA, with one NSA document describing the program as a “team sport”.

The latest NSA revelations further expose the tensions between Silicon Valley and the Obama administration. All the major tech firms are lobbying the government to allow them to disclose more fully the extent and nature of their co-operation with the NSA to meet their customers’ privacy concerns. Privately, tech executives are at pains to distance themselves from claims of collaboration and teamwork given by the NSA documents, and insist the process is driven by legal compulsion.

In a statement, Microsoft said: “When we upgrade or update products we aren’t absolved from the need to comply with existing or future lawful demands.” The company reiterated its argument that it provides customer data “only in response to government demands and we only ever comply with orders for requests about specific accounts or identifiers”.

In June, the Guardian revealed that the NSA claimed to have “direct access” through the Prism program to the systems of many major internet companies, including Microsoft, Skype, Apple, Google, Facebook and Yahoo.

Blanket orders from the secret surveillance court allow these communications to be collected without an individual warrant if the NSA operative has a 51% belief that the target is not a US citizen and is not on US soil at the time. Targeting US citizens does require an individual warrant, but the NSA is able to collect Americans’ communications without a warrant if the target is a foreign national located overseas.

Since Prism’s existence became public, Microsoft and the other companies listed on the NSA documents as providers have denied all knowledge of the program and insisted that the intelligence agencies do not have back doors into their systems.

Microsoft’s latest marketing campaign, launched in April, emphasizes its commitment to privacy with the slogan: “Your privacy is our priority.”

Similarly, Skype’s privacy policy states: “Skype is committed to respecting your privacy and the confidentiality of your personal data, traffic data and communications content.”

But internal NSA newsletters, marked top secret, suggest the co-operation between the intelligence community and the companies is deep and ongoing.

The latest documents come from the NSA’s Special Source Operations (SSO) division, described by Snowden as the “crown jewel” of the agency. It is responsible for all programs aimed at US communications systems through corporate partnerships such as Prism.

The files show that the NSA became concerned about the interception of encrypted chats on Microsoft’s Outlook.com portal from the moment the company began testing the service in July last year.

Within five months, the documents explain, Microsoft and the FBI had come up with a solution that allowed the NSA to circumvent encryption on Outlook.com chats

A newsletter entry dated 26 December 2012 states: “MS [Microsoft], working with the FBI, developed a surveillance capability to deal” with the issue. “These solutions were successfully tested and went live 12 Dec 2012.”

Two months later, in February this year, Microsoft officially launched the Outlook.com portal.

Another newsletter entry stated that NSA already had pre-encryption access to Outlook email. “For Prism collection against Hotmail, Live, and Outlook.com emails will be unaffected because Prism collects this data prior to encryption.”

Microsoft’s co-operation was not limited to Outlook.com. An entry dated 8 April 2013 describes how the company worked “for many months” with the FBI – which acts as the liaison between the intelligence agencies and Silicon Valley on Prism – to allow Prism access without separate authorization to its cloud storage service SkyDrive.

The document describes how this access “means that analysts will no longer have to make a special request to SSO for this – a process step that many analysts may not have known about”.

The NSA explained that “this new capability will result in a much more complete and timely collection response”. It continued: “This success is the result of the FBI working for many months with Microsoft to get this tasking and collection solution established.”

A separate entry identified another area for collaboration. “The FBI Data Intercept Technology Unit (DITU) team is working with Microsoft to understand an additional feature in Outlook.com which allows users to create email aliases, which may affect our tasking processes.”

The NSA has devoted substantial efforts in the last two years to work with Microsoft to ensure increased access to Skype, which has an estimated 663 million global users.

One document boasts that Prism monitoring of Skype video production has roughly tripled since a new capability was added on 14 July 2012. “The audio portions of these sessions have been processed correctly all along, but without the accompanying video. Now, analysts will have the complete ‘picture’,” it says.

Eight months before being bought by Microsoft, Skype joined the Prism program in February 2011.

According to the NSA documents, work had begun on smoothly integrating Skype into Prism in November 2010, but it was not until 4 February 2011 that the company was served with a directive to comply signed by the attorney general.

The NSA was able to start tasking Skype communications the following day, and collection began on 6 February. “Feedback indicated that a collected Skype call was very clear and the metadata looked complete,” the document stated, praising the co-operation between NSA teams and the FBI. “Collaborative teamwork was the key to the successful addition of another provider to the Prism system.”

 

Janus Friis-Niklas Zennstrom founders

ACLU technology expert Chris Soghoian said the revelations would surprise many Skype users. “In the past, Skype made affirmative promises to users about their inability to perform wiretaps,” he said. “It’s hard to square Microsoft’s secret collaboration with the NSA with its high-profile efforts to compete on privacy with Google.”

The information the NSA collects from Prism is routinely shared with both the FBI and CIA. A 3 August 2012 newsletter describes how the NSA has recently expanded sharing with the other two agencies.

The NSA, the entry reveals, has even automated the sharing of aspects of Prism, using software that “enables our partners to see which selectors [search terms] the National Security Agency has tasked to Prism”.

The document continues: “The FBI and CIA then can request a copy of Prism collection of any selector…” As a result, the author notes: “these two activities underscore the point that Prism is a team sport!”

In its statement to the Guardian, Microsoft said:

We have clear principles which guide the response across our entire company to government demands for customer information for both law enforcement and national security issues. First, we take our commitments to our customers and to compliance with applicable law very seriously, so we provide customer data only in response to legal processes.

Second, our compliance team examines all demands very closely, and we reject them if we believe they aren’t valid. Third, we only ever comply with orders about specific accounts or identifiers, and we would not respond to the kind of blanket orders discussed in the press over the past few weeks, as the volumes documented in our most recent disclosure clearly illustrate.

Finally when we upgrade or update products legal obligations may in some circumstances require that we maintain the ability to provide information in response to a law enforcement or national security request. There are aspects of this debate that we wish we were able to discuss more freely. That’s why we’ve argued for additional transparency that would help everyone understand and debate these important issues.

In a joint statement, Shawn Turner, spokesman for the director of National Intelligence, and Judith Emmel, spokeswoman for the NSA, said:

The articles describe court-ordered surveillance – and a US company’s efforts to comply with these legally mandated requirements. The US operates its programs under a strict oversight regime, with careful monitoring by the courts, Congress and the Director of National Intelligence. Not all countries have equivalent oversight requirements to protect civil liberties and privacy.

They added: “In practice, US companies put energy, focus and commitment into consistently protecting the privacy of their customers around the world, while meeting their obligations under the laws of the US and other countries in which they operate.”