Forgot your password?
typodupeerror
Electronic Frontier Foundation Privacy Cellphones Your Rights Online

EFF Offers an Introduction To Traitorware 263

Posted by timothy
from the stop-being-so-paranoid-number-39 dept.
theodp writes "The EFF's Eva Galperin offers a brief primer on Traitorware, devices that act behind your back to betray your privacy. 'Your digital camera may embed metadata into photographs with the camera's serial number or your location,' writes Galperin. 'Your printer may be incorporating a secret code on every page it prints which could be used to identify the printer and potentially the person who used it. If Apple puts a particularly creepy patent it has recently applied for into use, you can look forward to a day when your iPhone may record your voice, take a picture of your location, record your heartbeat, and send that information back to the mothership.' She concludes: 'EFF will be there to fight it [Traitorware]. We believe that your software and devices should not be a tool for gathering your personal data without your explicit consent.'"
This discussion has been archived. No new comments can be posted.

EFF Offers an Introduction To Traitorware

Comments Filter:
  • by theodp (442580) on Sunday December 26, 2010 @01:50PM (#34670718)

    Even well-intentioned software can backfire: Greek designer who issued “Anonymous” press release caught by metadata [newswhip.ie]

  • Xerox et al. (Score:3, Informative)

    by Anonymous Coward on Sunday December 26, 2010 @01:54PM (#34670730)

    Your printer may be incorporating a secret code on every page it prints which could be used to identify the printer and potentially the person who used it

    This is typically done by commercial colour laser printers,such as those made by Xerox, Konika Minolta, Ricoh, and so on. The code's printed in yellow toner - which isn't normally noticeable but becomes infuriatingly visible if you use these machines to print light coloured backgrounds - for example, a business card with a silver/light grey background tone. I don't know about Konika and Ricoh, but with the Xerox machines the code can lead right back to you pretty easily.

    That said, the Xerox machines do some other interesting things as well - for example, they'll refuse to copy UK banknotes from the glass (presumably they identify the UV markers in the notes? amongst others. I assume this is either to reduce their liability if their machines were used that way, or due to a legal statute in one of their markets? Either way, interesting behaviour.

  • Re:Xerox et al. (Score:5, Informative)

    by arth1 (260657) on Sunday December 26, 2010 @02:01PM (#34670764) Homepage Journal

    That said, the Xerox machines do some other interesting things as well - for example, they'll refuse to copy UK banknotes from the glass (presumably they identify the UV markers in the notes?

    More likely, they look for EURion constellations [wikipedia.org].

  • by Anonymous Coward on Sunday December 26, 2010 @02:21PM (#34670864)
  • by Anonymous Coward on Sunday December 26, 2010 @02:22PM (#34670874)

    I didn't know that Open Office did this. It's not common knowledge.

    Perhaps you live in a CAVE? Virtually *all* "office" type applications save meta data about who/what/when. If you didn't know this, you where not paying much (any) attention. It *IS* common knowledge.

  • Re:The real issue is (Score:2, Informative)

    by Bigjeff5 (1143585) on Sunday December 26, 2010 @02:32PM (#34670918)

    Sending that info to the "mothership"" (sic), without my knowledge or permission, is bad because they have no reason to need that data; other than to sell it or use it for marketing.

    What are you talking about? When you installed the software you clearly indicated that you had read and understood the terms and conditions, which clearly stated that your camera software would be sending information stored in each image the camera records back to the camera company.

    That little check box is legally binding. Some specific parts of some ridiculous EULAs are not legally binding, but on the whole they are legitimate. You gave them permission to do this, I don't see why you are upset about it.

    If you actually care about your privacy, you should actually read the Terms and Conditions, in which they actually tell you what they are actually going to do with your private data. If there is something in there you don't agree with, don't check the box, and don't install the software. Either find some other way to use the device, or simply return the device.

    It annoys me to no end when people complain about the evil things companies are doing with their private information, yet are too lazy to read what a company is specifically telling you what they want to do with your private data, and is asking for your permission to do so.

    I personally don't like what companies do with my private information, but I don't care about it enough to not use the software. This is clearly also true of 99% (or more) of the people here. If you really care about this shit, when a company asks for your permission, simply tell them "no thank you".

    I can't see how you can call it traitorware when they told you up front exactly what they were going to do with your data. Traitors don't tell you before hand that they are going to betray you. It's frankly not the software company's fault* that you don't seem to care what they plan to do with your data.

    *Note that the Sony rootkit was illegal. That shit should never fly. Most anything short of that is fair game, though, if you are stupid enough to agree to it.

  • by sulfur (1008327) on Sunday December 26, 2010 @05:26PM (#34671856)

    I *like* cameras that incorporates metadata. This protects me from lawsuits and proves that the picture is mine and can be used however I want and as often I want.

    Sure, someone who wants to claim ownership of a picture would never be able to insert desired metadata in the file.

    People misuse printers to print out pedophilia ... counterfeiting ... threatening letters ...

    You forgot terrorists. They also use printers.

    Yes, there are legitimate uses for all these traitorware features in software/hardware. The point is that these features should be opt in and disabled by default, so that people who truly want them can enable them.

  • by Frater 219 (1455) on Sunday December 26, 2010 @05:27PM (#34671864) Journal

    Your digital camera may embed metadata into photographs with the camera's serial number or your location.

    Record your location? Sure, if it's a smartphone with GPS. For standalone cameras, GPS is not exactly a common feature. There are about two models of pocket digital camera on the market that have GPS, and not very many SLRs with it either ... go look. Those that have it make no secret of it; it's actually a big marketing point for people who want to record where they've been taking pictures.

    As for smartphone models, I don't know about the Apple or Windows offerings, but Android's camera app exposes it as an option right on the main screen, next to the flash and focus settings ... and I'm pretty sure it defaults to off. People turn this on because they actively want it.

    Rather than scaring people about what their devices might be recording, it would be a lot more useful to tell people how to find out what tags are on their photos. For instance, the Linux command line program "exiftags" will tell you this kind of stuff: (Picked from a random image file I had lying around on my laptop.)

    Camera-Specific Properties:

    Equipment Make: OLYMPUS OPTICAL CO.,LTD
    Camera Model: C2500L
    Camera Software: Adobe Photoshop CS Macintosh
    Maximum Lens Aperture: f/2.6

    Image-Specific Properties:

    Image Orientation: Top, Left-Hand
    Horizontal Resolution: 173 dpi
    Vertical Resolution: 173 dpi
    Image Created: 2004:02:27 18:52:21
    Exposure Time: 1/5 sec
    F-Number: f/6.9
    Exposure Program: Manual
    ISO Speed Rating: 100
    Exposure Bias: 0 EV
    Metering Mode: Center Weighted Average
    Flash: No Flash
    Focal Length: 20.70 mm
    Color Space Information: Uncalibrated
    Image Width: 736
    Image Height: 767

  • by bsDaemon (87307) on Sunday December 26, 2010 @07:07PM (#34672458)

    Well, the article is from a 'White Nationalist' (aka Neo-Nazi) magazine, National Vanguard, sponsored by the 'White Nationalist', National Socialist organization National Alliance. Most of the rest of the article after what the AC posted is a little more blatantly obvious as to what their message really is. Just sayin'.

  • Re:Paranoia (Score:4, Informative)

    by AHuxley (892839) on Sunday December 26, 2010 @08:18PM (#34672770) Homepage Journal
    East Germany gave one good example. A a sixteen year old girl printed protest leaflets in 1968 about the demolition of a church using a toy rail stamp like printer.
    The East German gov flooded the area with agents as the fingerprints where not on file and someone had a printer and was using it.
    Her husband "hung" himself in prison in 1980 ... The toy was also removed from shops.
    http://www.laurahird.com/newreview/stasiland.html [laurahird.com]
    The paranoia of a gov facing an unknown protester was very real :)
    If your wondering where the stasi people ended up, the US did offer a lot of cash for their best and brightest.
  • Re:Xerox et al. (Score:4, Informative)

    by GrBear (63712) on Monday December 27, 2010 @03:05AM (#34674356)

    That said, the Xerox machines do some other interesting things as well - for example, they'll refuse to copy UK banknotes from the glass

    Just a step up from that, Konica-Minolta copiers will sense if you try to scan, copy or print a banknote. When it detects this, it will put the copier into a service lockdown that only a Konica-Minolta tech can unlock. The displayed error code will rat you out, AND the tech is legally obligated to inform law enforcement of the infraction.

    That and yes, it definitely marks each page with a serial number linking it back to the copier.

    Both were related to me by a Minolta tech.

Anyone can do any amount of work provided it isn't the work he is supposed to be doing at the moment. -- Robert Benchley

Working...