Forgot your password?
typodupeerror
Electronic Frontier Foundation Privacy Cellphones Your Rights Online

EFF Offers an Introduction To Traitorware 263

Posted by timothy
from the stop-being-so-paranoid-number-39 dept.
theodp writes "The EFF's Eva Galperin offers a brief primer on Traitorware, devices that act behind your back to betray your privacy. 'Your digital camera may embed metadata into photographs with the camera's serial number or your location,' writes Galperin. 'Your printer may be incorporating a secret code on every page it prints which could be used to identify the printer and potentially the person who used it. If Apple puts a particularly creepy patent it has recently applied for into use, you can look forward to a day when your iPhone may record your voice, take a picture of your location, record your heartbeat, and send that information back to the mothership.' She concludes: 'EFF will be there to fight it [Traitorware]. We believe that your software and devices should not be a tool for gathering your personal data without your explicit consent.'"
This discussion has been archived. No new comments can be posted.

EFF Offers an Introduction To Traitorware

Comments Filter:
  • Traitorware (TM), Pat. Pending. Pay up sucker! FTW!
  • by theodp (442580) on Sunday December 26, 2010 @01:50PM (#34670718)

    Even well-intentioned software can backfire: Greek designer who issued “Anonymous” press release caught by metadata [newswhip.ie]

    • Re: (Score:3, Interesting)

      by Frosty Piss (770223) *
      Yes but this guys FAILED because he didn't even TRY to remove the "meta data". As with MS Work files, Open Office saves who and when for a file. This is "common" knowledge, "my grandmother knows this".
      • I didn't know that Open Office did this. It's not common knowledge.
        • Re: (Score:2, Informative)

          by Anonymous Coward

          I didn't know that Open Office did this. It's not common knowledge.

          Perhaps you live in a CAVE? Virtually *all* "office" type applications save meta data about who/what/when. If you didn't know this, you where not paying much (any) attention. It *IS* common knowledge.

        • by antdude (79039)

          Neither did I. I thought only MS Office had it.

        • It is. I learned it by exploring the interface of MS Word. So it is kind of obvious that Ood files would behave the same.

          I mean, of course it is not common knowledge by the average user but it is know by the average geeky user who sets things up for their boss/family.

  • Xerox et al. (Score:3, Informative)

    by Anonymous Coward on Sunday December 26, 2010 @01:54PM (#34670730)

    Your printer may be incorporating a secret code on every page it prints which could be used to identify the printer and potentially the person who used it

    This is typically done by commercial colour laser printers,such as those made by Xerox, Konika Minolta, Ricoh, and so on. The code's printed in yellow toner - which isn't normally noticeable but becomes infuriatingly visible if you use these machines to print light coloured backgrounds - for example, a business card with a silver/light grey background tone. I don't know about Konika and Ricoh, but with the Xerox machines the code can lead right back to you pretty easily.

    That said, the Xerox machines do some other interesting things as well - for example, they'll refuse to copy UK banknotes from the glass (presumably they identify the UV markers in the notes? amongst others. I assume this is either to reduce their liability if their machines were used that way, or due to a legal statute in one of their markets? Either way, interesting behaviour.

    • Re:Xerox et al. (Score:5, Informative)

      by arth1 (260657) on Sunday December 26, 2010 @02:01PM (#34670764) Homepage Journal

      That said, the Xerox machines do some other interesting things as well - for example, they'll refuse to copy UK banknotes from the glass (presumably they identify the UV markers in the notes?

      More likely, they look for EURion constellations [wikipedia.org].

    • I assume this is either to reduce their liability if their machines were used that way, or due to a legal statute in one of their markets?

      The way I heard it, they had been threatened with regulations and statutes if they didn't voluntarily do these things.

    • Re:Xerox et al. (Score:4, Informative)

      by GrBear (63712) on Monday December 27, 2010 @03:05AM (#34674356)

      That said, the Xerox machines do some other interesting things as well - for example, they'll refuse to copy UK banknotes from the glass

      Just a step up from that, Konica-Minolta copiers will sense if you try to scan, copy or print a banknote. When it detects this, it will put the copier into a service lockdown that only a Konica-Minolta tech can unlock. The displayed error code will rat you out, AND the tech is legally obligated to inform law enforcement of the infraction.

      That and yes, it definitely marks each page with a serial number linking it back to the copier.

      Both were related to me by a Minolta tech.

  • by DWMorse (1816016) on Sunday December 26, 2010 @01:54PM (#34670734) Homepage

    without your explicit consent

    Yup, there's the real issue. They can bury a one-sentence fragment within 52 pages of EULA that gives them "explicit consent." Someone will notice, it'll get a story posted on Slashdot, but still, only maybe one or two out of every several thousand will resist purchasing the next iPhone 5GSXT Pro-Air.

    The root of the issue is the backtalk and walls of text used to placate users into 'agreeing' without understanding what rights they're sundering.

    • by sorak (246725)

      The root of the issue is the backtalk and walls of text used to placate users into 'agreeing' without understanding what rights they're sundering.

      That and the one-sidedness of the deal. If two people were sitting at a table negotiating a business deal and one of them said:

      You can use my product, but I get to dictate how, and I get to rewrite this contract whenever I want, and, if you want to know the new terms, you need to check my website every day, and also, my product may not work. It may damage your equipment. It may yell racial slurs at your co-workers. Who knows? We can't find every bug, and we don't promise to fix it if you find one that we didn't.

      Well, 9 out of 10 times. the other guy would walk out before the second sentence. But the "we dictate our terms to you" age has desensitized us to unreasonable terms.

  • The real issue is (Score:5, Insightful)

    by Registered Coward v2 (447531) on Sunday December 26, 2010 @02:08PM (#34670794)

    not that our devices embed information; but how that information is used. For example, having a geo location and serial number on every picture can aid in searching for images as well automating workflow (based on specific sensor characteristics). For me, that is good. Sending that info to the "mothership"" (sic), without my knowledge or permission, is bad because they have no reason to need that data; other than to sell it or use it for marketing.

    I'd like to see companies that collect date require a more informed consent than burying it in a 50 page TOS agreement; and perhaps notification the first time teh data is sent.

    • Re: (Score:2, Informative)

      by Bigjeff5 (1143585)

      Sending that info to the "mothership"" (sic), without my knowledge or permission, is bad because they have no reason to need that data; other than to sell it or use it for marketing.

      What are you talking about? When you installed the software you clearly indicated that you had read and understood the terms and conditions, which clearly stated that your camera software would be sending information stored in each image the camera records back to the camera company.

      That little check box is legally binding. Some specific parts of some ridiculous EULAs are not legally binding, but on the whole they are legitimate. You gave them permission to do this, I don't see why you are upset about it

      • by Spatial (1235392) on Sunday December 26, 2010 @03:53PM (#34671370)

        That would be true in an idealised fantasy world where everyone had infinite time, were lawyers, and were aware of the potential problems with EULAs. Back here on Earth...

        EULAs aren't upfront. Nobody reads them and nobody expects them to be read. People couldn't understand them if they tried. They're created with that fact in mind:

        EULAs aren't specific. They are to a lawyer, but for the people reading them the text is incomprehensible obfuscated gibberish. Clearly they don't give a shit about agreement since it's physically impossible for most people to agree:

        Consent requires comprehension. Perhaps you've heard of statuatory rape, a law that employs this principle. Contracts are also supposed to require mutual understanding because the entire concept is logically incoherant otherwise.

        But of course that wouldn't be convenient in consumer electronics. So it's ignored, leaving us with a nonsensical system that bears no relevance to reality whatsoever. We pretend to agree and they pretend we agreed. And everyone knows it's bullshit.

        Except for the law of course. "Legally binding" loses meaning as a defence when the law itself loses relevance. A law which completely fails to take into account how society operates is a law that should not exist.

        Therefore, EULAs are hokum, people are dumbasses, companies are shitheads and the law is morally wrong. Merry Christmas!

         

      • "Either find some other way to use the device, or simply return the device."

        There's a big, big hole in your theory. "Either find some other way to use the device" now often violates either the DMCA, patents or the companies last resort, the EULA. As far as returning the device, most of this applies to software which is pretty universally non-refundable. So the company gets your money whether you use the product or not. They're even successfully attacking the first sale doctrine so you can't even eBay it if you decide that you don't want to use it due to the EULA. As far as ot

      • Sending that info to the "mothership"" (sic), without my knowledge or permission, is bad because they have no reason to need that data; other than to sell it or use it for marketing.

        What are you talking about? When you installed the software you clearly indicated that you had read and understood the terms and conditions, which clearly stated that your camera software would be sending information stored in each image the camera records back to the camera company.

        That little check box is legally binding. Some specific parts of some ridiculous EULAs are not legally binding, but on the whole they are legitimate. You gave them permission to do this, I don't see why you are upset about it.

        If you actually care about your privacy, you should actually read the Terms and Conditions, in which they actually tell you what they are actually going to do with your private data. If there is something in there you don't agree with, don't check the box, and don't install the software. Either find some other way to use the device, or simply return the device.

        Well, if you had read all may post you might understand what I am talking about. I never said anything about the validity of an EULA, or that I am upset about what is in them. I do think they could be more clear, and think that you should have a legal right to opt out regardless of what is in a EULA. BTW, I do read them and have not bought some products as a result. I also think that if you cannot read the EULA before purchase (and having it on a website would not be sufficient) companies should be requ

      • by he-sk (103163)

        IANAL, but clauses in a contract that which create a duty and/or burden on the customer which is generally unknown and/or has nothing to do with the normal performance of the contract are null and void.* It doesn't matter if they are hard to find, they could be printed in 48pt bold text right on the frontpage and it wouldn't matter.

        I assume that sending your private info over to the man every time you shot a picture falls under that broad category.

        *In the jurisdiction I live in. The Free Market Utopia a.k

  • by Bromskloss (750445) <auxiliary,address,for,privacy&gmail,com> on Sunday December 26, 2010 @02:10PM (#34670806)

    Is there a list of this kind of products? When I buy a camera or a printer I'd like to know which ones hide serial numbers or the like in the images they produce. EFF should maintain such a list, I think.

    • by ColdWetDog (752185) on Sunday December 26, 2010 @02:47PM (#34670994) Homepage
      For cameras, it's virtually every single modern one that supports EXIF [wikipedia.org]. Printers, I don't know much about. I imagine that Google does, however.

      I like the fact that the EXIF data has the camera serial number. Over the years, I've used a number of different cameras. Even multiple versions of the same model. It's nice to have that information in the database. Giving it to anyone else is another issue entirely. But here again, the onus is on the individual to know how to deal with one's complex modern objects. For EXIF data, it's easy to strip entirely or individually.

      What EFF needs to do is to bring this issue up to a level where 'normal' people at least understand the problems. It would be nice if manufacturers would give us the tools to control the flow of data better, but until the drum starts to beat louder, they have little incentive to do so.
      • What EFF needs to do is to bring this issue up to a level where 'normal' people at least understand the problems.

        For the EFF to do that, there first needs to be a problem in the first place. As you point out, this data is actually quite useful (for EXIF). In the case of printers, it's also a non problem as far as I can see. (Though I'm certain that Slashdot's resident tinfoil hat brigade will be along in a moment with their far fetched scenarios 'proving' me wrong.)

        What I see here is the EFF crea

      • by couchslug (175151)

        You can edit EXIF data too, which opens up some interesting possibilities...

    • by RotateLeftByte (797477) on Sunday December 26, 2010 @02:48PM (#34671000)

      Digital Cameras put this stuff in the exif data structures.

      Add a GPS device to your DSLR and it goes in too.

      Many Serious (both Pro & Amatuer) Snappers find this information really useful. Match the GPS up with Google Maps and locating where you took a particular shot is simple.
      You can easily get rid of the data in the images you publish.
      In fact this is useful to help you prove your copyright of the image.

      So not all 'Traitorware' is bad to all people. There is a thriving marked for GPS Addons' to high end DSLR's.

      Things like the Laser Printer data is IMHO worse that useless. Just but yourself a $50 inkjet, print the offending pages and junk it. After all, the replacment inks will often cost more than a new printer....

      • by thegarbz (1787294)
        It's too late to say mod up. You're already insightful. I would flat out reject buying a camera that didn't include all the metadata. Furthermore when purchasing a second hand camera the metadata can in many models actually help the purchasing decision by inserting things like the number of shutter actuation the camera has experienced (for the non-photography gurus out there, it's like the odometer of a car, camera shutters have a limited lifespan).

        Add to that the fact that some cameras actively advertis
    • by click2005 (921437) *

      They have an incomplete list of printers. It is obviously hard to collect this information as I'm sure most companies aren't too eager to help. I would also imagine an updated firmware could add this 'feature' to a previously non-tracking printer.
      It surprises me that the US secret service didnt ask MS to add this as standard to the windows printer code on higher quality prints (or even if certain watermarks/EURion codes are found..

      • If you don't trust your own printer, you can try looking for them yourself. [instructables.com]
        • A late comment halfway down the page [page 1]:

          not true the fbi created the method... i fix copiers. no color copier is allowed to be sold in the usa without this dot pattern encoded in the image it is created in the print engine not from the image process even when the machine is internaly calibrating itself these dots are formed and visable on the transfer belt the only information encoded in the dots is model numbers and time and date that way if a faudulent document is found it can be traced back to the source ...one day the fbi showed up and took an entire machine as evidence when some funny money showed up...BTW most high end color copiers can detect money being prited on them and will actually code to the point where your local rep cant fix it and a rep from the manufacturer has to come in and reset it ...that how deep the rabbit hole goes my friend for the manufacture i represent there are only 4 people in the usa that can reset that code

    • List of printers: https://www.eff.org/pages/list-printers-which-do-or-do-not-display-tracking-dots [eff.org]

      I don't know about cameras, but somebody else who replied posted something that looks promising.
  • Et Tu, GPS? (Score:4, Interesting)

    by theodp (442580) on Sunday December 26, 2010 @02:19PM (#34670854)

    How Much Information Does Your GPS Store About Where You Have Been? [poi-factory.com] So, is Max Speed on your GPS a bug or a feature?

  • by Joe The Dragon (967727) on Sunday December 26, 2010 @02:19PM (#34670856)

    but with ATT low download cap / high data costs $10 a GIG will apple force that?

    what about over seas up to $100 or more in data fees per location?

  • Hanlon's (Score:5, Insightful)

    by gmuslera (3436) on Sunday December 26, 2010 @02:20PM (#34670862) Homepage Journal

    Dont attribute to malice what can be adequately explained by stupidity. Sometimes a software can be well intentioned, see a place where a lot of maybe useful information could be place and no look further on that, putting that in. Sometimes in some context that added information could be useful and intended, sometimes not, and you have not enough flexibility to decide by yourself when enable or disable that action.

    Could the smtp protocol (and so every software that implements it) be considered traitorware? If you want to send an anonymous message it adds from which IP was sent, how different would be that from cameras that automatically adds gps coordinates in photos?

    In the last term, a line between malice in this and what is not should be drawn, and will be very broad with a lot of things in the gray area, but would be good to have a list of what cleary is in the wrong side of it. And if well couldnt call traitorware all that is in the field of what sends somehow away information that could hurt your privacy, awareness of what they send and what exactly implies in that topic to use them, sometimes even in the manuals they warn which private information could be disclosed, well, that it be even the ones that don't disclose that.

    • Re:Hanlon's (Score:4, Insightful)

      by causality (777677) on Sunday December 26, 2010 @05:55PM (#34672066)

      Dont attribute to malice what can be adequately explained by stupidity.

      We put up with far too much of both. I see no reason not to treat both as malice.

    • by thegarbz (1787294)
      Given that GPS co-ordinates in photos is a value added feature in cameras which you often pay a premium for (my Geotagger cost $250 for my camera), how can that example be considered either malice or stupidity?

      It's like the facebook issue. It doesn't matter how private the data is. What matters is how you share the data. Every other image editor has the checkbox that will allow you to strip metadata when saving the image, just like you don't need to upload that photo of you and a hooker onto Facebook, no
      • by gmuslera (3436)

        When GPS is already included in your camera stops to be something that you must buy intentionally and install on it to be something that you could be aware or not. Take current smartphones, with both camera and gps functionality, that could show or not that they are using geotagging, and that even depend on the app your using are using for taking photos.

        And not just the camera, where you can eventually check the metatags of a photo and see if there is something that you could not like. What about apps tha

        • by thegarbz (1787294)
          The point I was trying to make is that this isn't treachery, it's a value added feature. It is actively advertised. Some people know nothing about the phones/cameras other than "When I take a picture it remembers where I took it. SWEET."

          My point isn't that endless hidden metadata is bad, it is if the user's unaware of it. But the EFF's war against features that actively benefit users in electronics which are actively advertised and not buried down in some obscure section of the EULA is ridiculous.

          I fu
  • by Anonymous Coward on Sunday December 26, 2010 @02:21PM (#34670864)
  • by Haedrian (1676506) on Sunday December 26, 2010 @02:33PM (#34670922)

    "EFF will be there to fight it [Traitorware]. We believe that your software and devices should not be a tool for gathering your personal data without your explicit consent.'"

    This sounds a lot like spyware. Why do we need a new word?

  • Oh Noes! (Score:2, Flamebait)

    Apple's iPhones know where you are when you use the maps and Apple can gather that data and use it to launch missiles at you! Adobe Photoshop can use the GPS data encoded into your photos and send that info to the CIA who will visit those places and scrawl lewd graffiti about your sexuality in all the nearby bathrooms, thus ruining your reputation in the locality and preventing you from being elected to political office!

    This would be a lot more of a story if they actually cited some real misuse of data ins

    • Re:Oh Noes! (Score:5, Insightful)

      by zn0k (1082797) on Sunday December 26, 2010 @02:58PM (#34671054)

      The whole point of the EFF is to think about such problems and issues before they become common; hence the 'frontier' in their title. They are trying to alert people to a potential situation so that people can be aware of it and start thinking about the implications, and formulate either consumer strategies or legal frameworks before there is wide spread abuse.

      Your point is still valid in that you yourself may not be interested until there has been abuse, but to ask the EFF not to write about it until that point does not make much sense.

    • At least the missiles they'll fire at you won't be made using itunes. Since its against the license agreement.

  • by Tolvor (579446) on Sunday December 26, 2010 @02:37PM (#34670944)

    I read the article, and see nothing in the so-called "traitorware" that is objectionable.

    I *like* cameras that incorporates metadata. This protects me from lawsuits and proves that the picture is mine and can be used however I want and as often I want. Because I can prove that the photo is mine through the metadata I have an easy way to defend myself in copyright and infringement lawsuits. For me the metadata is a selling feature and a benefit.

    Printers that include tags on the paper that can be traced back to the person doing the printing I can also understand. People misuse printers to print out pedophilia (you are scum, and hope you are caught), counterfeiting (I like being able to use money, and hope you are caught), and threatening letters (my sister got several, and I hope you are caught). I just can't get that excited about anyone being able to trace what I print back to me. I can't think of a situation where I would care.

    I don't own an IPhone (Droid), but I *like* the idea that it can send my location and heartbeat back to Apple. I'd have liked this on my laptop that had gotten stolen. I'd just call the police, and send Apple the police report. It would make tracking the device actually feasible, and maybe get some of these thieves to be arrested. Cars to some degree have this (called OnStar) and it's a big selling point. I refuse to get concerned about Apple wanting to listen to my heartbeat. Now if they would be so kind to implant the phone, monitor continuously, and notify medical help (and tell them where I am) if the heartbeat becomes arrhythmic and/or stops I would really appreciate that (heart problems is the leading cause of death).

    How is this so-called "traitorware" an issue?

    • by Wovel (964431)

      From reading the comments, you and I are the only ones to RTFA. I believe EFF has leaped off the deep end.

    • by Spatial (1235392)

      How is this so-called "traitorware" an issue?

      Remember in university when you learned that argument from lack of imagination was a fallacy?

      Remember in highschool when you learned that there was more than one side to an issue, and that issues generally aren't black and white even when you fully agree?

      Remember in primary school when you learned other people had different preferences and sensibilities, that they didn't like everything you liked?

      Combine them and *bam!*, understanding!

    • by sulfur (1008327) on Sunday December 26, 2010 @05:26PM (#34671856)

      I *like* cameras that incorporates metadata. This protects me from lawsuits and proves that the picture is mine and can be used however I want and as often I want.

      Sure, someone who wants to claim ownership of a picture would never be able to insert desired metadata in the file.

      People misuse printers to print out pedophilia ... counterfeiting ... threatening letters ...

      You forgot terrorists. They also use printers.

      Yes, there are legitimate uses for all these traitorware features in software/hardware. The point is that these features should be opt in and disabled by default, so that people who truly want them can enable them.

      • by Tolvor (579446)

        Sure, someone who wants to claim ownership of a picture would never be able to insert desired metadata in the file.

        Sure, it has been done. Most notably demonstrated here [petapixel.com]. I only mentioned that the camera metadata protects me in case of a lawsuit.

        There is a stock photography provider called Getty Images that looks for people that have been using their images without approval or payment. To those that infringe they send a RIAA-like letter offering a settlement if a fine is paid. I use a lot of stock photography (mostly through a different but well known and very legitimate site). When possible I use my own puny 6 megapixe

    • by selven (1556643)

      Because I can prove that the photo is mine through the metadata I have

      Or you're proving that you can edit metadata.

      counterfeiting (I like being able to use money, and hope you are caught)

      Last time I checked off-the-shelf printers can't print out shiny paper and holograms...

      I just can't get that excited about anyone being able to trace what I print back to me. I can't think of a situation where I would care.

      Printing subversive anti-government materials in oppressive regimes? Anonymously organizing a protest, strike, or other mass demonstration? Whistleblowing? (also, this last point applies to camera traitorware as well).

      I don't own an IPhone (Droid), but I *like* the idea that it can send my location and heartbeat back to Apple. I'd have liked this on my laptop that had gotten stolen. I'd just call the police, and send Apple the police report.

      Or, alternatively, how about an app that sends my location back to me? All the security, none of the privacy infringement.

  • by mlts (1038732) * on Sunday December 26, 2010 @02:52PM (#34671022)

    Bad thing #1: Locking down devices. Right now, people like the Dev Team jailbreak stuff within a month or two of release. However, eventually hardware chips will get added that are as hard if not harder than baseband modules to crack. Perhaps chips that "supervise" the OS, and if it runs something out of some strict parameters, the device gets shut down until taken to a $AUTHORIZED_STORE and fixed there.

    Neutral thing #2: Phones do a lot. They acquire a lot of knowledge about the carrier.

    Bad thing #3: Info by #2 is sent back home to carriers.

    Bad thing #4: A combined push by LEOs and our *IAAs to find more info about people to start criminal or civil proceedings with ease. Remember, it wasn't that long ago that suing users in the thousands for having a song available, or snarfing a video clip was not thought of.

    Bad thing #5: Ad providers being such a strong force. They don't just show disinterest in stopping malware payloads from being delivered through their networks, they want to add new vectors for infection using Phorm-like injectors. They will happily sell any information they get to all and sundry who have the cash.

    Bad thing #6: The "piracy" bugaboo. This is a major excuse used for device lockdown.

    Bad thing #7: No interest in anti-monopoly regulation.

    Bad thing #8: Blacklists are in common use in the industry. For example, if someone gets banned from one casino in Las Vegas, they get banned from all of them.

    Now, the day of convergence happens. All this stuff winds up merging. Joe User now buys a smartphone after all these converge:

    Day 1: Joe goes out on a date with a co-worker to discuss business. His device notices that it is near other devices, transmits the GPS info to an ad agency. Joe's wife has a search tool that uses info gleaned from ad agencies to monitor where Joe is 24/7 even though his stuff isn't connected. She gives him a tongue lashing when he gets home.

    Day 2: Joe visits a MMA place to see about casual sparring. The phone transmits the location, and insurance companies pick it up. They kick Joe off the health insurance because he is engaging in too risky pursuits.

    Day 3: Joe posts a private rant on his favorite social network of choice about his job from his home computer. The social network has a top notch privacy policy and has no advertisers at all. However, Joe's phone has an app that quietly slurps up his posts, even though they are posted by another device and sends them to an ad agency. His work subscribes to an employee monitoring system which sends relevant posts if they have the company mentioned. His boss gets handed the rant, and Joe gets fired.

    Day 4: Joe decides to go buy a dime bag because he has no job, an estranged wife, and no health insurance. He drives to a part of town that isn't too bad, but where the "upper" level distributers hang out. On the way back, Joe gets pulled over, his car searched and seized, and he ends up in jail. The local PD uses the ad agencies which keep track of all GPS settings of cars in the area, and has pattern matching. Any traffic pattern that is suspect gets an automatic traffic stop and the dog brought out.

    Day 5: Joe's wife decides to file a divorce because she wants to move to someone who is making money. She gets someone to check the phone ad agencies and give her the goods on Joe. She serves him divorce papers via E-mail, and because the ad providers know when someone received the message, the E-mail stands up in court as a proper service, just as a visit from the constable.

    Day 6: Joe is afraid of monitoring, so tries to flash a ROM without the 24/7/365 monitoring. The device auto-bricks, and he has to take it into an authorized store, pay $300 for them to flash a replacement ROM onto it. Essentially do a fancy version of RSD-Lite. Joe then uses a better utility that prevents the phone from bricking. However because it downloads a utility like su or Cydia, the cellular provider notices the communication between

  • by ethanms (319039) on Sunday December 26, 2010 @03:08PM (#34671104)

    Good for aesthetics... ...apparently also good for preventing you from quickly disabling the phone once stolen...

    It might take an unpracticed hand well over 5 mins of prying to get into the case before the battery can be pulled (assuming you did not want to destroy the device in the process)... you can upload a lot of data on a high speed network in that time... Apple will spin this as a feature which enables preservation of your important data prior to a remote wipe, of course it also has other uses...

  • 'Your printer may be incorporating a secret code on every page it prints which could be used to identify the printer and potentially the person who used it.'

    Which is precisely the audit trail your boss is looking for.

    The same guy who buys the high end color printer that can produce a plausible counterfeit bill.

  • I wanted a personal colour laser printer for myself, nothing flash, but better than 600x600, but I decided against as I had read in a few places that the colour lasers imprint shomehow on the page to identify the printer. I think we're fairly safe with monochrome personal laser printers - so far. Don't suggest inkjets, they are horrendously bad value for money.
  • Last month was my last check to the EFF. It appears they are firmly entrenched in the world of paranoid conspiracy theory now.

    LTR Patent FTW..

  • by Frater 219 (1455) on Sunday December 26, 2010 @05:27PM (#34671864) Journal

    Your digital camera may embed metadata into photographs with the camera's serial number or your location.

    Record your location? Sure, if it's a smartphone with GPS. For standalone cameras, GPS is not exactly a common feature. There are about two models of pocket digital camera on the market that have GPS, and not very many SLRs with it either ... go look. Those that have it make no secret of it; it's actually a big marketing point for people who want to record where they've been taking pictures.

    As for smartphone models, I don't know about the Apple or Windows offerings, but Android's camera app exposes it as an option right on the main screen, next to the flash and focus settings ... and I'm pretty sure it defaults to off. People turn this on because they actively want it.

    Rather than scaring people about what their devices might be recording, it would be a lot more useful to tell people how to find out what tags are on their photos. For instance, the Linux command line program "exiftags" will tell you this kind of stuff: (Picked from a random image file I had lying around on my laptop.)

    Camera-Specific Properties:

    Equipment Make: OLYMPUS OPTICAL CO.,LTD
    Camera Model: C2500L
    Camera Software: Adobe Photoshop CS Macintosh
    Maximum Lens Aperture: f/2.6

    Image-Specific Properties:

    Image Orientation: Top, Left-Hand
    Horizontal Resolution: 173 dpi
    Vertical Resolution: 173 dpi
    Image Created: 2004:02:27 18:52:21
    Exposure Time: 1/5 sec
    F-Number: f/6.9
    Exposure Program: Manual
    ISO Speed Rating: 100
    Exposure Bias: 0 EV
    Metering Mode: Center Weighted Average
    Flash: No Flash
    Focal Length: 20.70 mm
    Color Space Information: Uncalibrated
    Image Width: 736
    Image Height: 767

  • Don't Forget Cars (Score:4, Insightful)

    by Nom du Keyboard (633989) on Sunday December 26, 2010 @06:39PM (#34672326)
    Don't forget the Black Box recording in modern cars that rat you out to police, insurance companies, and the car companies themselves on items that are none of their business such as how fast you drive, and how long before the collision it was that you braked. You certainly didn't knowingly agree to this in buying your last car, yet it's common for your opponents to be able to get this data after an accident, insurance claim, even a vehicle warranty issue. THIS SHOULD NOT BE ALLOWED WITHOUT YOUR EXPLICIT CONSENT.
    • by Barbarian (9467)

      Don't forget the Black Box recording in modern cars that rat you out to police, insurance companies, and the car companies themselves on items that are none of their business such as how fast you drive, and how long before the collision it was that you braked. You certainly didn't knowingly agree to this in buying your last car, yet it's common for your opponents to be able to get this data after an accident, insurance claim, even a vehicle warranty issue. THIS SHOULD NOT BE ALLOWED WITHOUT YOUR EXPLICIT CONSENT.

      You car doesn't call the cops and rat you out for speeding; the data only gets pulled after a serious collision with airbags deployed. At that point it's a legitimate criminal investigation and not simply a matter of privacy.

    • by xenobyte (446878)

      Well, if your bad driving was the cause of an accident, isn't it fair that you get punished for it?

      There's far too many bad drivers out there, or drivers doing everything but pay attention to the road while driving, and I'd love for them to be scared shitless over being the cause of an accident, which makes them wake up and pay attention to their driving. No more cellphones, fiddling with the radio, lighting a cigarette, looking the girlfriend deep into her eyes, arguing with the people in the back seat and

  • Sure you may have this pile of data about me but you don't know me. Until you respect me enough to ask for my information and give me something in return you can go pound sand. Google is a perfect example of giving something in return. They give you a bunch of free stuff (Gmail, Earth, docs etc) in return for "targeted advertising". I'm sure they are collecting a fair amount of data about me but I don't care because they are giving something back. If you're just gonna surreptitiously spy on me and steal my
  • by EnsilZah (575600) <EnsilZah AT Gmail DOT com> on Sunday December 26, 2010 @07:31PM (#34672542)

    ...you can look forward to a day when your iPhone may record your voice, take a picture of your location, record your heartbeat, and send that information back to the mothership...

    Look forward?
    I thought it was able to do these things already, and they were marketed as features.

  • by handy_vandal (606174) on Sunday December 26, 2010 @07:43PM (#34672604) Homepage Journal
    I propose Finkware . "Traitorware" has too damned many syllables.
  • by geekmux (1040042) on Sunday December 26, 2010 @10:46PM (#34673414)

    "We believe that your software and devices should not be a tool for gathering your personal data without your explicit consent.'"

    Uh, they already have your "explicit" consent. It's buried in line 4,724 of the EULA that you never read. Don't feel bad, nobody reads those damn things anyway...

"If truth is beauty, how come no one has their hair done in the library?" -- Lily Tomlin

Working...