The Inevitable Weaponization of App Data Is Here (vice.com) 77
After years of warning from researchers, journalists, and even governments, someone used highly sensitive location data from a smartphone app to track and publicly harass a specific person. From a report: In this case, Catholic Substack publication The Pillar said it used location data ultimately tied to Grindr to trace the movements of a priest, and then outed him publicly as potentially gay without his consent. The Washington Post reported on Tuesday that the outing led to his resignation.
The news starkly demonstrates not only the inherent power of location data, but how the chance to wield that power has trickled down from corporations and intelligence agencies to essentially any sort of disgruntled, unscrupulous, or dangerous individual. A growing market of data brokers that collect and sell data from countless apps has made it so that anyone with a bit of cash and effort can figure out which phone in a so-called anonymized dataset belongs to a target, and abuse that information. "Experts have warned for years that data collected by advertising companies from Americans' phones could be used to track them and reveal the most personal details of their lives. Unfortunately, they were right," Senator Ron Wyden told Motherboard in a statement, responding to the incident
The news starkly demonstrates not only the inherent power of location data, but how the chance to wield that power has trickled down from corporations and intelligence agencies to essentially any sort of disgruntled, unscrupulous, or dangerous individual. A growing market of data brokers that collect and sell data from countless apps has made it so that anyone with a bit of cash and effort can figure out which phone in a so-called anonymized dataset belongs to a target, and abuse that information. "Experts have warned for years that data collected by advertising companies from Americans' phones could be used to track them and reveal the most personal details of their lives. Unfortunately, they were right," Senator Ron Wyden told Motherboard in a statement, responding to the incident
Re:Thanks google and apple (Score:4, Insightful)
It just astounds me that people don't turn off Location almost all the time. If some app insists on Location access I'll turn it on until it finishes installing, and then turn it off again. I've only run into one app that wouldn't work with it off (although a number of them complain about it), and I uninstalled it immediately.
Re:Thanks google and apple (Score:4, Informative)
I'm guessing you don't use an iPhone. We have the option of never, always or ask each time the app is opened. Thank you Apple.
Re: (Score:2)
Nope. My wife has one after her niece convinced her "It just works!" I bought it with the clear understanding that I was not going to support the damn thing, and I've not changed my mind since. Stuff that's clear and easy to configure in my Android phone requires two somersaults and a backflip on the iToy after spending a half hour googling for her specific model. (I really miss my Windows phone.)
Re: Thanks google and apple (Score:2)
Re: Thanks google and apple (Score:2)
Re:Thanks google and apple (Score:4, Interesting)
On Android, you can fake your location, both in the developer settings, as well as with third party GPS spoofing apps that can do things like have one move around a small area, create a fake trip, and so on.
Wish something like XPrivacy was still around and updated. It was an extremely useful tool for granting apps permission to stuff that they demanded, but ensuring that what they obtained was worthless, such as a basic fleshlight app that wants full access to phone logs, GPS, contacts, photos, music, as well as the mic and camera. It would be able to get all that... but the mic would just get static, camera a black image, music was random jumbles of characters, and photos was just some stock stuff. If apps wants so many permissions, they can have them, with things like this.
Re: (Score:2)
Fleshlight? Camera? Eww . . .
Re: (Score:3)
I really tried not to think about what an app for a fleshlight would even be for, but couldn't stop myself. I don't like any of the answers I came up with . . .
Re: (Score:2)
Besides of ads for shitty browser games I get ads for conspiracy theory Nazi book publishers, investment stuff, mobile printers that suspiciously look like Stahlhelms, and now and then I got an ad for "Virtual Mate".
Checking out the site, I noticed that they look for developers e
Re: (Score:2)
Well this link sure as hell won't help
https://apkpure.com/fleshlight... [apkpure.com]
Re: (Score:3)
accessing features of the wireless radio (ie if you want to use an app that scans for free channels or checks signal strenghts) can now only work with location service enabled and access to device location, similar with bluetooth. there are other things tied to it, google seems to be tying permissions to location so that 3rd party apps are pressuring users to enable location access so google can also get access to your location data.
Very different things (Score:1)
Making Location the *only* way to run full background tasks on iOS in 2021 is willfully contributing to a culture of insensitivity toward location security.
Grindr is pointless if you turn off location (Score:2)
The point of Grindr is to alert you to nearby people who are open to casual sexual encounters. Turning off location access would make it completely useless.
Re: (Score:2)
Ah. I thought it was a dating app.
Re: (Score:2)
In the case of this priest, location data is very much a part of the app he was using. How else are you going to find your local anonymous gay people for anonymous HIV spreading sex unless the Grindr app has access to your location?
Learn your lesson, priests (Score:3)
Aim for younger fuck buddies, that way the church will not only not out you but they also help you keep it hushed up.
Re: (Score:1)
That's what catholic church already does, isn't it?
Re: (Score:1)
That's what catholic church already does, isn't it?
Indeed, though less evidence in America recently. Priests into such things may have to move to Poland [euronews.com] (article from just last month) or similar.
Re: (Score:2)
Well, actually, this was the guy in charge of keeping it hushed up. Kind of a bad choice for the job, in many ways.
Re: (Score:2)
It isn't the church that outed the priest.
Re: (Score:2)
"“If surveillance companies like NSO are working with our adversaries to spy on American government employees working overseas, they need to be held accountable,” Sen. Ron Wyden (D-OR) said in a statement."
Self-weaponization. (Score:3)
The Pillar said it used location data ultimately tied to Grindr to trace the movements of a priest...
Replace "Grindr" with "Starbucks" and this isn't even a reportable story, and the data is hardly weaponized.
If you're a priest using the Grindr app, you have much larger privacy concerns to be worried about, or you're practically trying to get caught.
The priest, weaponized himself.
Re: (Score:1)
Just wait until your employer/wife gets this info (Score:5, Insightful)
The Pillar said it used location data ultimately tied to Grindr to trace the movements of a priest...
Replace "Grindr" with "Starbucks" and this isn't even a reportable story, and the data is hardly weaponized.
If you're a priest using the Grindr app, you have much larger privacy concerns to be worried about, or you're practically trying to get caught.
The priest, weaponized himself.
OK, you have no sympathy for the priest, but what if this was your employer...oh, you stopped by at a rival office for a job interview?...now you suddenly find yourself taken off all major projects, if not laid off. Oh, you said you had a "doctor's appointment," but we see you were actually at your house...or at a movie theater. What if that was used as a cause of dismissal? What if an AI flagged you incorrectly as not being at work when you were supposed to be?
I think it would be a huge story if my employer knew I was at Starbucks. I don't want my boss knowing where I am, even if she doesn't care...hell, my boss would be miffed if I went to starbucks and didn't invite her.
It doesn't take much imagination to think how this would be scary. I don't even do anything wrong that I am ashamed of, but I don't want it taken out of context. I tell my wife I am going for a walk, but really go get a donut...I don't want to have that conversation as to why I am cheating on my diet.
What if the lack of data is used against you? You forget to charge your phone and there was a murder of someone you knew....what if the police make you as a suspect because you don't have an electronic alibi?
What if an insurance company uses this location data to deny or restrict coverage? Should they be able to restrict coverage of someone's diabetes medication because they saw they stopped at Dunkin Donuts? Do you want to have to submit receipts to prove you were just getting coffee and not eating junk food.
I am especially afraid of this data incorrectly interpreted. What if there was a glitch that did put me in the wrong place at the wrong time?...a crime scene, being home when I was actually in the office...make a quick trip to drop something off for a friend, say an attractive coworker, but due to error data, it looks like I am there for 2 hours? My wife knows I am not banging her, but what if she's got a psycho husband who has questions for me?
Even if you live a perfect life, you should be concerned about this data being used against you. It's not legal nor regulated nor would any future service provider have any obligation to correct their mistakes. No matter what the truth is, any accusation leveled at you is damaging. It's just basic human psychology. If you were given 2 identical candidates...one has an accusation of rape and the other doesn't, which would you hire? Even if you knew the algorithm that made the accusation was error-prone, you have one candidate with a serious accusation and another with none...both are equally appealing. Could you mentally disregard the accusation?...and not wonder if it's true or if there are other things the person is hiding? Accusations ruin lives. They don't even have to be true.
Re:Just wait until your employer/wife gets this in (Score:4, Interesting)
I read a few months ago that someone was almost convicted of a murder based on the location data of his phone, except that witnesses and security cameras were able to verify that he was two floors below the event when it happened and never went higher in the building.
Re: (Score:2)
Persecution, defense, and the court ought to know that civilian grade GPS' accuracy is unreliable at those distances. It can be off two floors easily.
Re: (Score:2)
Probably, IIRC the article just said "location data from his phone". I've noticed that altitude data isn't terribly accurate via GPS. My brother-in-law's house in Peru shows anywhere from 9,955 to 10,090 feet above sea level depending on when you take the measurement.
Re: (Score:2)
The GPS that your average phone uses these days is just terrible in terms of precision if you want to track the movement of a person on the scale of regular buildings.
And I'm not saying that EU tech is better than US. Galileo is just a lot newer. If the US used a state of the art positioning system it should be at least as good as Galileo. And why should
Re: (Score:2)
...I don't even do anything wrong that I am ashamed of, but I don't want it taken out of context. I tell my wife I am going for a walk, but really go get a donut...I don't want to have that conversation as to why I am cheating on my diet.
While I agree with your concerns regarding employers (or apparently, spouses) having this kind of information, I do hope you realize you gave probably the shittiest example of "don't do anything wrong that I am ashamed of" here. How exactly is you sneaking out to get donuts while lying to your wife about your diet, something that could be "taken out of context"?
You really have a alternative explanation for that one? Guessing it's something you're not ashamed of too.
Re: (Score:2)
Yep. And worse yet, he was the Monsignor in charge of *reducing clerical sex abuse cases*. Really bad judgement, that.
Re: (Score:2)
Nah, that was his boss and "uncle", Cardinal Theodore McCarrick
How it started vs how it is going (Score:5, Insightful)
How it started:
Jason Koebler, Joseph Cox, Vice Media, "Archivists Are Mining Parler Metadata to Pinpoint Crimes at the Capitol", January 12
How it is going: ...It was inevitable, see.
Joseph Cox, Vice Media, "The Inevitable Weaponization of App Data Is Here", July 21
Umm... hold up. (Score:2)
The "Archivists Are Mining Parler Metadata to Pinpoint Crimes at the Capitol" was about EXIF data that was embedded (with the express intent of recording the time and location) in images and uploaded to Parler. That's not part of the application at all, it was a significant security oversight by Parler (and the users).
Call it a technicality but it's generally understood that giving out your specific time and location could be used against you by law enforcement or potentially predators.
Re: (Score:2)
Yep. Put the weapon on the table and expect everyone to use it.
We respect your privacy! (Score:2)
The phrase "We respect your privacy!" is now the biggest lie of the 21st century.
Harvey Milk would be so proud (Score:2)
Re: (Score:1, Troll)
See? He should have let the motherfucker die, the world in general and the US in particular would almost certainly be a lot better off today if he had. If I had saved Reagan I'd off myself too.
Wrong president (Score:2)
Harvey outed the man that saved Pres Reagan. That guy's family disowned him and he eventually killed himself.
You're talking about Gerald Ford [wikipedia.org], not Reagan.
Re: (Score:2)
Harvey Milk and Cardinal McCarrick likely recruited this priest when he was a seminarian. That's where they get them, in seminary. All puns intended.
Why bring up the government? (Score:2)
Re: (Score:2)
Re: (Score:3)
Re: (Score:2)
Oh fuck you vice (Score:4, Insightful)
This is why no one trusts the mainstream media.
Re: (Score:2)
Wow, after six months of harassment of private citizens who attended the January 6 rally - but DID NOT riot or enter the capital - by reddit neckbeards, with many innocent people being doxxed or personally threatened, Vice finally throws up one story because it backs their team.
This is why no one trusts the mainstream media.
Since when is Vice Mainstream media?
Besides, the Parler thing was more about people attending a public event and getting outed for using an app designed to give location data (whether they realized it or not). If you attend a big public gathering you should probably assume that info will be made public. Doxxing or threatening people, particularly those who didn't break the law, is clearly wrong, though quite the same as what happened here.
This is about a person using an app at least somewhat designed to be
Re:Oh fuck you vice (Score:4, Insightful)
Wow, after six months of harassment of private citizens who attended the January 6 rally - but DID NOT riot or enter the capital - by reddit neckbeards, with many innocent people being doxxed or personally threatened, Vice finally throws up one story because it backs their team. This is why no one trusts the mainstream media.
Could you please expand on this? I recall story that Vice reported [vice.com] about people who were possibly harrassing citizens through their uploading of EXIF data, however, that was Vice reporting on it. If they hadn't reported on it, would it not have happened? Now they're reporting another similar story with a different outcome.
You seem to be saying that Vice actually organized that first story. I don't think that is true, but I'd love to see evidence otherwise. You then suggest that people distrust "mainstream media", because of your suggestion that they were responsible for "harassment of private citizens who attended the January 6 rally". However, that's extremely poor logic - if they weren't responsible for the harassment, but were merely reporting it, then why should you distrust them? Isn't it better to know that you were being tracked, than to remain ignorant of it?
From the linked story, it sounds like there were other people responsible, and perhaps you should be thankful that the story was reported in the first place, rather than shooting the messenger:
"I hope that it can be used to hold people accountable and to prevent more death," donk_enby, the hacker who led the archiving project, told Motherboard on Monday.
Your comments... (Score:2)
In other news, (Score:1)
Re: (Score:2)
The current definition of consent is a fraud. The sexual revolution is based on fraud.
Re: (Score:2)
The sexual revolution promoted the idea that women had a right to pre-marital sex and needed pleasurable sex. Look at Tv shows: Unmarried characters having sex didn't exist before the 1990s and the shows "The single guy", "Seinfeld" and "Friends".
Sexual consent is an agreement to participate in a sexual activity. Before being sexual with someone, you need to know if they want to be sexual with you too.
There's plenty of "No means 'no'" but not a lot of discussion on what qualifies as consent. The law depends on verbal response although behavioural responses may be allowed under the law. That's problematic because women rarely ad
Re: (Score:3)
You're off-topic but I'll bite.
The sexual revolution promoted the idea that women had a right to pre-marital sex and needed pleasurable sex. Look at Tv shows: Unmarried characters having sex didn't exist before the 1990s and the shows "The single guy", "Seinfeld" and "Friends".
Worse that, the procreative aspect of sex was totally demolished- regulated to an afterthought. The very act needed to maintain the species and birthrate, destroyed in the name of mere pleasure.
Though what you are referring to is more the late stage of the revolution. It really started back in the 1920s with birth control, and the moral abdication of the high Protestant Churches on that subject. Only took another 70 years to leak into mass media. I'm actually kind of surprised it took that long, since o
Re: (Score:2)
The sexual revolution is not everywhere yet, but in the countries where it is in ascendency (Europe, Japan, North America) birthrate has been below replacement rate for the last 20 years, and in 2020, the death rate also exceeded the birth rate.
Even in countries where it is a bit slower, like Uganda, the birth rate has fallen from 10 children per woman to 3.3 children per woman.
In addition to that, there's now enough food being raised by the United States alone to feed 15 billion. The world is seriously un
Re: (Score:2)
Your entire argument is based on the liberation of women being the principal cause. So ask yourself the question how reverting back would change the picture,
where you'd have women no longer being educated as they are now and now longer working jobs as they now are.
Do you think it would make schools more affordable?
Well, Catholic Schools in the 1950s cost about $25/year for tuition, today they're about $3500/year. That does seem to be a bit above inflation.
Do you think it would make living expenses more affordable?
Given that it can actually be cheaper per person to have a larger family (I grew up near a family of 16 which was fed on one breadwinner's $32k/year salary) yes, abandoning the nuclear family and living together in clans can be cheaper not just monetarily but in carbon footprint as well.
Do you think it would make medical care more affordable?
Not by itself, but with taxpayer funded county level healthcare, like what we
Re: (Score:2)
P.S.- all of your examples are at least 1000 years too recent to be considered civilized.
Re: (Score:1)
Raising children with the intention to give them the best basis they can get in their hyper competitive environments is very expensive.
To cover the costs it's often that both parents have to work multiple jobs, making raising children something that mostly the rich can afford for themselves. As well as the stupid that don't care for the future of their ch
Re: (Score:2)
Yep. And only the stupid know what is truly important.
Re: (Score:3)
Look at Tv shows: Unmarried characters having sex didn't exist before the 1990s and the shows "The single guy", "Seinfeld" and "Friends".
So the people on shows like Three's Company and The Love Boat weren't having sex? Nobody's fantasy was fulfilled on Fantasy Island? What about M*A*S*H, what was Hawkeye doing with all those nurses? Benny Hill (I know, British, but still)? How about soap operas, they have been having out of wedlock sex on those show for years. I agree sexual attitudes on television have changed over the years but that statement just isn't correct.