Smartphone Users Are Paying For Their Own Surveillance (truth-out.org) 85
Nicola Hahn writes: While top secret NSA documents continue to trickle into the public sphere, tech industry leaders have endeavored to reassure anxious users by extolling the benefits of strong encryption. Rising demand among users for better privacy protection signifies a growth market for the titans of Silicon Valley -- this results in a tendency to frame the issue of cybersecurity in terms of the latest mobile device. Yet whistleblowers from our intelligence services offer dire warnings that contrast sharply with feel good corporate talking points. Edward Snowden, for example, noted that under mass surveillance we're essentially "tagged animals" who pay for our own tags. There's an argument to be made that the vast majority of network-connected gadgets enable monitoring far more than they protect individual liberty. In some instances, the most secure option is to opt out.
Comment removed (Score:5, Interesting)
Re: (Score:3)
A pager routinely hits a cell tower and emits user-identifiable data that will always be relayed through a carrier network that is part of the state apparatus for spycraft.
Uhhh, no. My pager "hits" nothing. It is a receive-only device. It has nothing to do with cell towers.
The only "spycraft" is that the pager company can record the phone number of the caller. The message itself can be completely meaningless to anyone who intercepts it.
Pagers havent been safe since the DEA realized they could intercept them during drug investigations.
Depends. If the caller is using a burner or a phone unattached to him, then the DEA can intercept all they want. They aren't going to know that "34592" as a message means "the kilo of coke is ready for pickup at the regular location" unless t
Re: (Score:1)
Uh... no. These signals are almost always uni-directional (sometimes can be bi-directional) and are usually run by private companies that almost certainly have nothing to do with cell phone towers. POCSAG and Flex are the two main protocols. Look it up.
Re: (Score:2)
Most pagers operate on a "spray and pray" principle of operation. They blast out a high-powered broadcast signal from numerous towers, and your pager either hears it or it doesn't. Your message will get blasted out from every tower in the network in your coverage area, regardless of where you are, because it doesn't know where you are.
The exception is that some pagers have the ability to send a response. Obviously, you can see where those are when a response is sent.
Re: (Score:2)
Not only that, but the frequencies used a
Re: (Score:2)
Not only that, but the frequencies used are far lower - I believe between the upper end of the aviation band to the lower end of the 2m ham band.
The pager I have operates at above 900MHz.
Re: (Score:2)
I am aware of scanner signals on the 150MHz, 450MHz and 900MHz bands. I don't know how users are distributed across these bands, though.
Re: (Score:2)
I meant to say pager signals, not scanner signals. It is from being a scanner listener that I'm aware of them.
Re: (Score:2)
This isn't AM radio we're talking about - it's 'communication' ; which is different than broadcast.
One-way pagers, which in the context of the discussion is what are being referred to, are no different than broadcast. The transmitters do not know where the pager is located because the pager emits nothing more than the miniscule signals leaked from the local oscillator. Those can be picked up no further than a yard, possibly two in the worst case, from the pager. Nobody is tracking the pager user.
And that means that no, it isn't true "communication", because it truly is one-way and there is no ACK to go
Re: (Score:2)
This isn't AM radio we're talking about - it's 'communication'
It isn't AM, that's true. It's FSK. Modulation type is not relevant though. What is relevant is that you are sending a broadcast signal from all towers in the paid-for coverage area. I don't see why it is difficult to grok that these devices, which date back to the 80s, which send very small messages, which have an ever-shrinking user base and therefore plenty of spare capacity, couldn't get by with a "dumb" methodology for getting the message out.
Pagers do not check in. They do not ACK. They do not t
Re: (Score:2)
It looks like a more-or-less isochronous, symmetrical stream of packets that takes a medium amount of bandwidth (less than video, but more than online gaming). If you wanted to make it look less like a phone call you would want to do something like add jitter or latency, or send lots of junk data along with the signal... but those things would either reduce call quality or waste your data allotment.
Re: (Score:2)
No, it does not. First, there is suppression of the noise-floor, i.e. no traffic when you do not speak. And second, there is the voice-codec compressing different speech differently. Apparently, this even leaks some amount of what is being said. A better (future) standard would add cover-traffic, with isochronous data-rates and then that leak gets plugged. You could still identify voice-traffic, as almost no other stream-type is isochronous at this data-rate.
Re: (Score:2)
implying you know what a phonecall looks like encrypted. TLS from services like signal on android look indistinguishable from any other VPN traffic you might see on the wire. Couple the phone with openvpn's client, and you have a phone that well, doesnt emit phonelike traffic at all.
Which can all be undermined by malicious or compromised hardware, you need to have open hardware and a way of verifying it.
Re: (Score:2)
There is good research for identifying phone traffic from encrypted data packets. It is rather simple, it seems as you can see typical voice-patterns and what the voice-codecs make of them in the data-rate profile.
Never trust anything that can communicate remotely (Score:2, Informative)
Your car, your phone, your tablet: all spying on you.
Re: (Score:3)
My car can't spy on me; it was built before digital cell networks existed!
Re: (Score:3)
Re: (Score:2)
Good point. Still, that's not exactly the car's fault in the same way that it is with modern "infotainment"-infected ones (and especially things like Leafs, Teslas, and anything with a Progressive Insurance "snapshot" module plugged into it).
What we need is a license plate cover that allows the plate to be read by humans but masks it against being read by cameras (and to repeal the laws prohibiting its use). You could say we could prohibit the use of the tracking cameras instead, but we all know that wouldn
Re: (Score:2)
That's not physically possible, since the human eye has a limited range of sensitivity and we have long had sensors that overlap that range of sensitivity. Anything that the human eye can read, those sensors can read ; anything image that can be read is an image that can be OCR'd and it's content extracted.
That is why ANPR is a commodity product, and barely regulated.
Re: (Score:2)
Still, that's not exactly the car's fault in the same way that it is with modern "infotainment"-infected ones (and especially things like Leafs, Teslas, and anything with a Progressive Insurance "snapshot" module plugged into it).
True, but even if you eliminate that it doesn't really matter whos fault the "spying" is, the end result is that it happens and is becoming more widespread as the cost of surviellance plummets.
What we need is a license plate cover that allows the plate to be read by humans but masks it against being read by cameras (and to repeal the laws prohibiting its use). You could say we could prohibit the use of the tracking cameras instead, but we all know that wouldn't actually get rid of them.
I'm not sure the human eye has a spectrum that we can't visualize with a camera, in fact it's actually the other way around. Like you say, prohibiting the use of cameras is unlikely to make it go away, this is also my argument against going to any effort for legislating for network privacy. Even if they say they aren'
Re: (Score:2)
I was thinking more along the lines of a polarized filter or array of CCD-blinding infrared LEDs.
Re: (Score:2)
I was thinking more along the lines of a polarized filter
These have been debunked. It kind of worked for very specific angles against certain kinds of older cameras but in pretty much all practical circumstances is not going to work.
or array of CCD-blinding infrared LEDs.
That's easily overcome with an IR filter.
I see where you're going with this but surveillance is only one part of it, even if you can outlaw surveillance cameras you still need to get redlight/speed cameras removed because governments aren't going to allow devices that circumvent existing legal law enforcement mechanisms. While I'm ske
Re: (Score:2)
"Maybe the time is here to step up and create our own solutions for better security" There is nothing stopping anyone from doing this right now. There are 3 main areas that will need to be addressed to create better security. The first area would be the hardware This includes the data communication infrastructure and making sure any devices connected to a network can support the new security paradigm. If implementing better security model requires the replacement of routers, firewall appliances, and basica
i'm also paying for my evidence collection device (Score:4, Interesting)
Re: (Score:1)
...and my phone keeps a record of where i go, just in case the cops arrest me for something i didn't do like happened to a lot of people back in the good old days
1) leave my phone at home on the kitchen counter ...
2) commit some act of larceny
3)
4) use my phone's location as an alibi
5) profit
Oh wait, maybe I need to rethink this.
Re:i'm also paying for my evidence collection devi (Score:5, Insightful)
"Something to hide" (Score:2)
Opting out (Score:2)
the most secure option is to opt out.
I'd think that doing this would put a bigger target on you.
With facial recognition the way that it is now, the data gathered from these sources will carry a little more weight to compensate. Meta data collected from these sources would be analyzed a more thoroughly. Links to other data monitored more closely, bank accounts, utility usage, stores frequented, etc. This is likely already being done automatically.
You are going to be profiled whether you like it or not. We are long passed the time of being able
Re: (Score:2)
Not really lost. We just have to "opt in" the entire ministry. We have cameras too. Let's make good use of the system. Since we can't stop the spying, let's just do what we can to remove the state's advantage.
Re: (Score:2)
I believe letting the surveillance folks know where my cellphone is at all time is better for my privacy. It makes them lazy.
Why?
Because when I have it on me most of the time, then I leave it somewhere, that's where they think I am. So I can be anywhere else and no one will suspect.
My cell phone sits quietly at home when I visit my dealer.
Re: (Score:2)
What's so bad about this? I mean, seriously? You'll be drawing a couple of mW and CPU cycles of NSA/GCHQ's computers more than they would have wasted otherwise, and occupied a couple of additional bytes in their storage system. That's all there is to it. No more, no less. As long as your behavior doesn't trigger an alert that forces a human operator to briefly look at your data, no harm has been done. And if a human op has to look, the only harm d
Re: (Score:1)
As long as your behavior doesn't trigger an alert that forces a human operator to briefly look at your data, no harm has been done. And if a human op has to look, the only harm done is his or her wasted time, time that would be better put to use to investigate real targets instead of false positives. They don't care about your petty life, that's not what their mission is about.
I don't think you have ever been a system administrator or worked closely with them. It seems to be human nature to pry into the personal aspects of other peoples lives. If you give someone the option and enough time... they will do it. Even when it is outside their job title or even if it could result in their dismissal. If they know they won't get caught they will eventually do it. I seen this in many other people. It's a sickness. A human condition. I seen it in myself and I was disappointed in myself.
If
Re: (Score:2)
Those guys working at 3/4 letter agencies are in the same position: I'll bet what you want that most of them are bored senseless when they are alerted by the algorithms that they have to look into some real-life data, just to find out
We pay taxes. duh (Score:2)
Re: (Score:1)
True, no *one* is snooping, because there's too much data for humans to sift through. However, it isn't true that no *thing* is snooping as something automated is doing that sifting, and only involves a human should some undisclosed trigger occur. I would bet a lot of those are then categorised as false positives by humans reviewing with that being fed back into the system.
In the beginning dick pics would have triggered all the time. Now they are ignored (unless subject or recipient are listed as under age
I was ridiculed... (Score:1)
... for making the comment that "smartphone users aren't smart," a few weeks ago. My arguments were the same.
Re: (Score:2)
Duh (Score:2)
Re: (Score:2)
Re: (Score:2)
They're supposed to facilitate communication between parties agreeing to communicate.
Over a public network using other peoples' equipment, just like landline telephones or chatting in a public space. Sure there are ways to mitigate the other users of the area (or network) from listening like speaking in code (encryption) but you can't just expect to be in a public space, speak loud and clear and then complain that other people shouldn't be listening to you. If you want to communicate over a public network using other peoples' equipment in such a way to prevent others from listening then you
Re: (Score:2)
They are supposed to facilitate communication, not hide it.
The two are not mutually exclusive. You can facilitate communication and hide it, that is the exact purpose of cryptography.
Re: (Score:3)
You can hide the content but not the communication.
Fact is, you communicated with someone. Both endpoints are known, and their approximate locations, too. We also know how long you talked (or remained connected), if your position moved, who called whom, etc.
See, the call has both the data (the content), and the metadata (information about the call). The metadata cannot be encrypted as
Its not about what I have to to hide TODAY. (Score:5, Insightful)
Its about what I may want to keep to myself TOMORROW.
Nobody want your dick-pics....... until they make taking them a felony.... and then when you speak out against XYZ, you can be quietly dealt with, publicly shamed, and discredited.... all within the bounds of the law.
There was a time in my country when the people decided to make booze illegal. Maybe tomorrow some politic will make something *ELSE* I do every day illegal. See where I'm going with this? Nothing good will come of the vast stores of data we keep surrendering in exchange for pretty maps, trendy devices, and free email.
Ditch the smart-phone. Its not your ally. You don't really need it, and its making you less able. Its a crutch. Hell I know a guy who can't even drive home from work without a GPS system. I bet you know somebody like that too.
Buy yourself a dumb prepaid candybar (under your favorite cartoon characters name) if you REALLY feel you must have comms in your pocket, or your employment demands it you can make THEM buy it for you.
Your data has real VALUE. You are being ripped off every second of every day, so that advertisers can help rip you off even more tomorrow, and maximize yesterdays ripoff today.
ZOMG GOVERNMENT is watching me! = sounds like crazy ravings on purpose.
Well gee (Score:1)
Turn the tables (Score:2)
Dr Fun.. from 2006 (Score:2)
Dr Fun [ibiblio.org] was one of the first webcomics.
He posted this in 2006 [ibiblio.org]
Back in year 2000 some people i knew defaced AT&T billboards including tags about the NSA listening. This isn't all that new. Sadly, not a lot of pushback. When was the last time (or more likely, any time) you've talked about a stingray and your phone?
Surveillance can prove your innocence too (Score:2)