Later On

A blog written for those whose interests more or less match mine.

Posts Tagged ‘privacy

Uh-oh: Kill Your Airbnb’s Hidden WiFi Cameras With This Script

leave a comment »

Go back to “Airbnb’s hidden Wi-Fi camera.”

Joshua Kopstein reports in Motherboard:

The Internet of Things is here, and in many ways it’s already catapulting us into thenightmarish future that dystopian science fiction writers predicted.

But while always-connected home devices may be en vogue, most sane people still believe that visiting someone’s house or staying at an AirBnB shouldn’t mean tacitly consenting to, say, having your every move recorded and broadcast over the internet by a WiFi camera.

Enter dropkick.sh, a script by countersurveillance artist Julian Oliver that finds any Dropcam or similar WiFi-connected camera on a local network and disconnects it.

“I was pretty horrified to read of so many (women in particular) having their privacy strategically abused, enabled by this new family of devices,” Oliver told Motherboard in a Twitter DM, referring to several stories that have come out in the past year about people discovering Dropcams and other internet-connected devices secretly spying on them. “I thought now’s the time to sit down for an hour and push out a script.”

Dropkick.sh is a slight tweak of glasshole.sh, another of Oliver’s scripts which gives the boot to Google Glass users by blacklisting a range of hardware MAC addresses unique to those devices. Neither require you to know the WiFi network’s password. As long as you know or can guess the wireless access point’s name, the script will be able to de-authenticate the devices using aircrack-ng, an open-source network monitoring suite.

Oliver was prompted to write the script after mine and artist Adam Harvey’s insistence on Twitter, but the need for something like it has been more pressing lately.

Earlier this week, a German woman sued her AirBnb host, as well as AirBnb itself, after she and her partner discovered they had been secretly recorded by a security Dropcam during their month-long stay in California two years prior. . .

Continue reading. And do keep reading: he lays it out as it is, if you look around.

Written by Leisureguy

18 December 2015 at 12:23 pm

Posted in Business, Law, Technology

Tagged with

Verizon and AT&T ID’s being used to track users

leave a comment »

Really, Congress should take action—yeah, I know.  In ProPublica Julia Angwin and Jeff Larsen describe what’s happening:

Twitter’s mobile advertising arm enables its clients to use a hidden, undeletable tracking number created by Verizon to track user behavior on smartphones and tablets.

Wired and Forbes reported earlier this week that the two largest cellphone carriers in the United States, Verizon and AT&T, are adding the tracking number to their subscribers’ Internet activity, even when users opt out.

The data can be used by any site – even those with no relationship to the telecoms — to build a dossier about a person’s behavior on mobile devices – including which apps they use, what sites they visit and for how long.

MoPub, acquired by Twitter in 2013, bills itself as the “world’s largest mobile ad exchange.” It uses Verizon’s tag to track and target cellphone users for ads, according toinstructions for software developers posted on its website.

Twitter declined to comment.

AT&T said that its actions are part of a test. Verizon says it doesn’t sell information about the demographics of people who have opted out.

This controversial type of tracking, known in industry jargon as header enrichment, is the latest step in the mobile industry’s quest to track users on their devices. Google has proposed a new standard for Internet services that, among other things, would prevent header enrichment.

People using apps on tablets and smartphones present a challenge for companies that want to track behavior so they can target ads. Unlike on desktop computers, where users tend to connect to sites using a single Web browser that can be easily tracked by “cookies,” users on smartphones and tablets use many different apps that do not share information with each other.

For a while, ad trackers solved this problem by using a number that was build into each smartphone by Apple and Google. But under pressure from privacy critics, both companies took steps to secure these Device IDs, and began allowing their users to delete them, in the same way they could delete cookies in their desktop Web browser.

So the search for a better way to track mobile users continued. In 2010, two European telecom engineers proposed an Internet standard for telecom companies to track their users with a new kind of unique identifier. The proposal was eventually adopted as astandard by an industry group called the Open Mobile Alliance.

Telecoms began racing to find ways to use the new identifier. . .

Continue reading.

A sidebar in the article:

Does Your Phone Company Track You?

CHECK FOR TRACKING CODE Click from your smartphone or tablet (with Wi-Fi turned off) to see if your telecom provider is adding a tracking number. We don’t save any information.

Written by Leisureguy

31 October 2014 at 7:40 am

Posted in Business, Daily life, Technology

Tagged with

How to Block Online Tracking

leave a comment »

I use Disconnect, but this article discusses some other tools as well.

Written by Leisureguy

7 July 2014 at 3:38 pm

Posted in Software, Technology

Tagged with

Googling Scalia

leave a comment »

This is pretty good, from Bruce Schneier’s blog:

Nice hack:

Last year, when law professor Joel Reidenberg wanted to show his Fordham University class how readily private information is available on the Internet, he assigned a group project. It was collecting personal information from the Web about himself.

This year, after U.S. Supreme Court Justice Antonin Scalia made public comments that seemingly may have questioned the need for more protection of private information, Reidenberg assigned the same project. Except this time Scalia was the subject, the prof explains to the ABA Journal in a telephone interview.

His class turned in a 15-page dossier that included not only Scalia’s home address, home phone number and home value, but his food and movie preferences, his wife’s personal e-mail address and photos of his grandchildren, reports Above the Law.

And, as Scalia himself made clear in a statement to Above the Law, he isn’t happy about the invasion of his privacy:

"Professor Reidenberg’s exercise is an example of perfectly legal, abominably poor judgment. Since he was not teaching a course in judgment, I presume he felt no responsibility to display any," the justice says, among other comments.

Somehow, I don’t think "poor judgment" is going to be much of a defense against those with agendas more malicious than Professor Reidenberg.

Written by Leisureguy

7 May 2009 at 11:11 am

Posted in Daily life, Technology

Tagged with

Can you help NSA? They want to eavesdrop on Skype conversations

leave a comment »

There’s no end to it. Read the story.

Written by Leisureguy

2 March 2009 at 8:35 am

Posted in Daily life, Government, Skype, Technology

Tagged with

Bruce Schneier on privacy in the age of persistence

leave a comment »

Good article, which begins:

Privacy in the Age of Persistence

Note: This isn’t the first time I have written about this topic, and it surely won’t be the last. I think I did a particularly good job summarizing the issues this time, which is why I am reprinting it.

Welcome to the future, where everything about you is saved. A future where your actions are recorded, your movements are tracked, and your conversations are no longer ephemeral. A future brought to you not by some 1984-like dystopia, but by the natural tendencies of computers to produce data.

Data is the pollution of the information age. It’s a natural byproduct of every computer-mediated interaction. It stays around forever, unless it’s disposed of. It is valuable when reused, but it must be done carefully. Otherwise, its after effects are toxic.

And just as 100 years ago people ignored pollution in our rush to build the Industrial Age, today we’re ignoring data in our rush to build the Information Age.

Increasingly, you leave a trail of digital footprints throughout your day. Once you walked into a bookstore and bought a book with cash. Now you visit Amazon, and all of your browsing and purchases are recorded. You used to buy a train ticket with coins; now your electronic fare card is tied to your bank account. Your store affinity cards give you discounts; merchants use the data on them to reveal detailed purchasing patterns.

Data about you is collected when you make a phone call, send an e-mail message, use a credit card, or visit a website. A national ID card card will only exacerbate this.

More computerized systems are watching you. Cameras are ubiquitous in some cities, and eventually face recognition technology will be able to identify individuals. Automatic license plate scanners track vehicles in parking lots and cities. Color printers, digital cameras, and some photocopy machines have embedded identification codes. Aerial surveillance is used by cities to find building permit violators and by marketers to learn about home and garden size.

As RFID chips become more common, they’ll be tracked, too. Already you can be followed by your cell phone, even if you never make a call. This is wholesale surveillance; not "follow that car," but "follow every car." …

Continue reading.

Written by Leisureguy

2 March 2009 at 8:22 am

Posted in Daily life, Government

Tagged with

Privacy going, going, …

leave a comment »

The Scientific American has an issue devoted to privacy and its diminution. Here’s the introduction:

A cold wind is blowing across the landscape of privacy. The twin imperatives of technological advancement and coun­terterrorism have led to dramatic and possibly irreversible changes in what people can expect to remain of private life. Nearly 10 years ago Scott McNealy of Sun Microsystems famously pronounced the death of privacy. “Get over it,” he said. Some people, primarily those younger than about 25, claim to have done just that, embracing its antithesis, total public disclosure. And of course in many cases—determining the whereabouts of a terrorist or the carrier of a disease—public interest has an overwhelming claim on information that is usually private.

Yet in many contexts—banking, commerce, diplomacy, medicine—private com­­munications are essential. The founding fa­­thers of the Republic put great stock in personal privacy; privacy is embodied (though, as we are often reminded, not stated) in the Bill of Rights. In her keynote essay Esther Dyson clarifies what “privacy” means by reminding us what it is not: several important issues commonly labeled dilemmas of privacy are better understood as issues of security, health policy, insurance or self-pre­sentation.

Terrorism and digital connectedness have both made privacy a hot-button issue, but there are plenty of other good reasons to look closely at the future of privacy. One is the upcoming U.S. election, which is being held at a time of tremendous upheaval in the legal and legislative framework of government wiretapping.

A second is the allure of substantial benefits from disclosing certain kinds of information: en­hanced medical care through electronic medical and genetic records, for instance, or better protection from identity theft via biometric authorization. A third is that the threats posed by technology to personal privacy and even personal security are unprecedented, both from the unintended effects of increased self-disclosure as well as from the rapidly evolving sophistication of surveillance gadgetry, radio-frequency ID chips and data fusion—not to mention the viruses and other pests that infest the Internet.

In spite of all the threats to privacy, an astonishing variety of technology for protecting privacy has been devised, yet it lies virtually untapped. Maybe part of the reason is that so many young adults find all the anxieties about privacy to be much ado: many in the new generation are only too happy to trade their parents’ version of “private information” for a rich life in the fishbowl of social networking.

For all those reasons and more, the editors of Scientific American present this issue devoted to the future of what Supreme Court Justice Louis D. Brandeis called “the right to be let alone.”

Also note this article (on breaking into a woman’s bank account using public information) and this article (on the ubiquity of CCTV in public places).

Written by Leisureguy

18 August 2008 at 10:57 am

Posted in Business, Daily life, Government, Technology

Tagged with

Fun with Sears

leave a comment »

From the Consumerist:

Want to see all the major appliances and repair services that your friends and neighbors… (and anyone else who you can look up in the phone book) have ever purchased at Sears?

Want to know what your mom might have purchased for your birthday? Want to know which houses in your neighborhood have really nice expensive TVs?

Sears provides a website, www.ManageMyHome.com where anyone can look up anyone elses’ entire purchase history at Sears—using only their name and address. This is especially convenient because these strange men keep dropping off huge lists of names and addresses on our door every year (we think they’re called “phone books”) and we never really knew what to do with them.

Apparently, all you need to do is create an account at www.managemyhome.com, click “Find Sears Products” and enter a name, address and phone number.

From the CA Security Advisor Research Blog:

With their consent we have tested this technique with other individuals and have received reliable results every time. If they’d had major dealings with Sears, that information is now available to the public, from a television bought in 1978 to a stove which was purchased elsewhere but had been repaired by a Sears technician.

Says Kurt, the reader who sent this tip in: “I was able to look up my entire family’s purchases. This is a scary one.”Is Sears evil or what?

www.managemyhome.com

UPDATE: Rumor has it that all you really need is someone’s name and phone number.

Maybe NSA will offer a similar service: enter a phone number and listen to all the recorded conversations made through that number…

Written by Leisureguy

4 January 2008 at 3:53 pm

Posted in Business, Daily life

Tagged with

%d bloggers like this: