Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
Electronic Frontier Foundation Privacy Cellphones Your Rights Online

EFF Offers an Introduction To Traitorware 263

Posted by timothy
from the stop-being-so-paranoid-number-39 dept.
theodp writes "The EFF's Eva Galperin offers a brief primer on Traitorware, devices that act behind your back to betray your privacy. 'Your digital camera may embed metadata into photographs with the camera's serial number or your location,' writes Galperin. 'Your printer may be incorporating a secret code on every page it prints which could be used to identify the printer and potentially the person who used it. If Apple puts a particularly creepy patent it has recently applied for into use, you can look forward to a day when your iPhone may record your voice, take a picture of your location, record your heartbeat, and send that information back to the mothership.' She concludes: 'EFF will be there to fight it [Traitorware]. We believe that your software and devices should not be a tool for gathering your personal data without your explicit consent.'"
This discussion has been archived. No new comments can be posted.

EFF Offers an Introduction To Traitorware

Comments Filter:
  • by ZDRuX (1010435) on Sunday December 26, 2010 @12:46PM (#34670686)
    What happens when the government starts analyzing these signs to determine you might be up to no good? Regardless if a crime has taken place or not? If your heart rate is elevated or you're palms are sweating, and you're close to an airport/school/gov office building/whatever, you might be planning an attack, why not just be on the safe side and have you come down with the nice men in black down to the local station for questioning?
  • by Bromskloss (750445) <auxiliary DOT ad ... privacy AT gmail> on Sunday December 26, 2010 @01:10PM (#34670806)

    Is there a list of this kind of products? When I buy a camera or a printer I'd like to know which ones hide serial numbers or the like in the images they produce. EFF should maintain such a list, I think.

  • by Frosty Piss (770223) * on Sunday December 26, 2010 @01:13PM (#34670824)
    Yes but this guys FAILED because he didn't even TRY to remove the "meta data". As with MS Work files, Open Office saves who and when for a file. This is "common" knowledge, "my grandmother knows this".
  • Et Tu, GPS? (Score:4, Interesting)

    by theodp (442580) on Sunday December 26, 2010 @01:19PM (#34670854)

    How Much Information Does Your GPS Store About Where You Have Been? [poi-factory.com] So, is Max Speed on your GPS a bug or a feature?

  • by mlts (1038732) * on Sunday December 26, 2010 @01:52PM (#34671022)

    Bad thing #1: Locking down devices. Right now, people like the Dev Team jailbreak stuff within a month or two of release. However, eventually hardware chips will get added that are as hard if not harder than baseband modules to crack. Perhaps chips that "supervise" the OS, and if it runs something out of some strict parameters, the device gets shut down until taken to a $AUTHORIZED_STORE and fixed there.

    Neutral thing #2: Phones do a lot. They acquire a lot of knowledge about the carrier.

    Bad thing #3: Info by #2 is sent back home to carriers.

    Bad thing #4: A combined push by LEOs and our *IAAs to find more info about people to start criminal or civil proceedings with ease. Remember, it wasn't that long ago that suing users in the thousands for having a song available, or snarfing a video clip was not thought of.

    Bad thing #5: Ad providers being such a strong force. They don't just show disinterest in stopping malware payloads from being delivered through their networks, they want to add new vectors for infection using Phorm-like injectors. They will happily sell any information they get to all and sundry who have the cash.

    Bad thing #6: The "piracy" bugaboo. This is a major excuse used for device lockdown.

    Bad thing #7: No interest in anti-monopoly regulation.

    Bad thing #8: Blacklists are in common use in the industry. For example, if someone gets banned from one casino in Las Vegas, they get banned from all of them.

    Now, the day of convergence happens. All this stuff winds up merging. Joe User now buys a smartphone after all these converge:

    Day 1: Joe goes out on a date with a co-worker to discuss business. His device notices that it is near other devices, transmits the GPS info to an ad agency. Joe's wife has a search tool that uses info gleaned from ad agencies to monitor where Joe is 24/7 even though his stuff isn't connected. She gives him a tongue lashing when he gets home.

    Day 2: Joe visits a MMA place to see about casual sparring. The phone transmits the location, and insurance companies pick it up. They kick Joe off the health insurance because he is engaging in too risky pursuits.

    Day 3: Joe posts a private rant on his favorite social network of choice about his job from his home computer. The social network has a top notch privacy policy and has no advertisers at all. However, Joe's phone has an app that quietly slurps up his posts, even though they are posted by another device and sends them to an ad agency. His work subscribes to an employee monitoring system which sends relevant posts if they have the company mentioned. His boss gets handed the rant, and Joe gets fired.

    Day 4: Joe decides to go buy a dime bag because he has no job, an estranged wife, and no health insurance. He drives to a part of town that isn't too bad, but where the "upper" level distributers hang out. On the way back, Joe gets pulled over, his car searched and seized, and he ends up in jail. The local PD uses the ad agencies which keep track of all GPS settings of cars in the area, and has pattern matching. Any traffic pattern that is suspect gets an automatic traffic stop and the dog brought out.

    Day 5: Joe's wife decides to file a divorce because she wants to move to someone who is making money. She gets someone to check the phone ad agencies and give her the goods on Joe. She serves him divorce papers via E-mail, and because the ad providers know when someone received the message, the E-mail stands up in court as a proper service, just as a visit from the constable.

    Day 6: Joe is afraid of monitoring, so tries to flash a ROM without the 24/7/365 monitoring. The device auto-bricks, and he has to take it into an authorized store, pay $300 for them to flash a replacement ROM onto it. Essentially do a fancy version of RSD-Lite. Joe then uses a better utility that prevents the phone from bricking. However because it downloads a utility like su or Cydia, the cellular provider notices the communication between

  • by Meski (774546) * <meski.oz@NOSpAM.gmail.com> on Sunday December 26, 2010 @11:09PM (#34673748)
    He's not a patriot for the same reason he's not a traitor.

Mr. Cole's Axiom: The sum of the intelligence on the planet is a constant; the population is growing.

Working...