Nov 20
2023

Levels of ID

Posted on November 20, 2023 by Cloak Meister

We all know that freedom fighters and sovereign citizens are well against a national ID. So what are the alternatives?

No ID pretty much only works in an anarchistic environment. The reason we have IDs is because they are a necessary component of so many things:

  • tax
  • government benefits
  • licenses (driving and professional)
  • passports
  • proof of age (buy cigarettes or alcohol)
  • law enforcement (who is meant to be in prison, who is a deadbeat dad)

While it is easy to have a “no ID” mantra, it is hard to make the above processes work without one.

Here’s a minor example, duck shooting license. The license exists to stop the duck population being decimated = no more hunting. Hunters understand the need for a license.

If the duck hunting zone was some theme park then you could buy a day ticket, no problem. But it is not an enclosed space, and therefore any mere ticket could be shared by many. So to stop that you need to be able to prove it is yours. No matter which way you wish to do that, it needs some variety of ID.

We don’t want people swapping passes to buy alcohol. We don’t want someone to get out of paying tax by saying that they are the other Joe Bloggs. Other lands won’t accept passports from a state with no IDs. You want no ID, then come up with another way. IDs were born from necessity.

National ID

This is something we can fix. A one-ID for all things might not be necessary.

Keep in mind that private business can make whatever rules or ways they wish, and if the vast majority of people don’t mind showing their driver’s license to rent a video, good luck finding a store without that requirement.

Maybe we can create ID silos?

  • Legal – birth certificate, death certificate, courts, crimes, deadbeat dads, marriage, land ownership
  • Society – driver’s license, recreational licenses, air travel
  • Tax – employment, federal, state and local taxes, and tax benefits like housing, food stamps, pension
  • Obligation – military draft, jury duty, voting
  • Law – punishment and imprisonment, paying fines, deadbeat dads, bankruptcy
  • Being a Customer – video store, gym, car hire, insurance, phone service

Each of these can use their own form of ID, and be mutually exclusive.

  • Legal – birth certificate or citizen certificate
  • Society – driver’s license or equivalent
  • Tax – social security number
  • Obligation – a new number just for this
  • Law – birth certificate or citizen certificate
  • Being a Customer – a new number just for this

Every number can be assigned at birth. Yes, you get your driver’s license at birth, and it becomes operational when you pass the test.

There has to be a way of verifying, and a backup plan, and so a central database that knows everything is inevitable. But it can be enshrined as only for verification (in extreme cases), courts and backup purposes. Never for cross-referencing for any reason.

So, a new born baby gets their birth certificate, their driver number, social security number, obligation number, and customer number. They provide DNA, retina scan and fingerprint to be stored alongside all of those in an uber-secure, offline, non-digital database, that can only be accessed from a public record court order.

Posted in Citizenship, Identification and Personal Data | Leave a comment
Dec 23
2022

Flipper Zero Alert

Posted on December 23, 2022 by Cloak Meister
Flipper Zero

Thanks to some testing done at Wired, we have some expert proof that some things are possible with the trending $200 gadget called Flipper Zero.

Garage remotes and RFID keyless entries and hotel room keys can be cloned and used to get inside. That alone is disturbing and worthy of paying particular attention to such things. Don’t have a garage that has easy access to the rest of the house, or contains valuables. And don’t leave anything worth stealing in your hotel room.

Of course someone needs to be in range to clone it. For a garage, that mostly means someone parked very close by. For a hotel room, unless they are there when you use it, they would also need to know your room number.

Except for older cars, your vehicle is safe because the code keeps changing, they are currently one step ahead of criminals. Likewise, while the Flipper Zero can capture someone’s card number, it won’t get the security code or PIN number.

What is cool is all of the things the device can discover, like that some pet microchips transmit the pet’s body temperature, and WIRED’s office bathroom has a soap dispenser that broadcasts whether it needs a refill.

Posted in Spy Equipment | Leave a comment
Sep 05
2022

Suspect All Apps

Posted on September 5, 2022 by Cloak Meister

Two stories this week:

  • Police have used “Fog Reveal” to search hundreds of billions of records, taken from apps on 250M mobile devices, and it is cheap, just a few thousand per year. The data can create location analyses known among law enforcement as “patterns of life,” and they believe it is legal for them to do so
  • Meanwhile Kochava has been sued for the very same thing, except they provide specifics instead of patterns

Don’t use apps, is the message

Posted in Corporate Surveillance, Government Surveillance | Leave a comment
Aug 09
2022

Invisv Offers Phone Privacy

Posted on August 9, 2022 by Cloak Meister

Android only, and data only – no voice!

Invisv is a clever way of making sure that nobody can associate your phone with its activities. It does this my letting all the users share IMSIs, rotating through them. This is not too different to how VPNs are private, or how people can, for example, share a service using the same subscription (like a library card).

Read all about it at Wired

The thing is, it is not needed. When you use a HotSpot on your main phone, the IMSI data is not used. Couple that with a VPN and a phone with no SIM card, and you can more easily have untraceable online activities – just with the need to carry two phones.

Posted in Avoiding Detection, Identification and Personal Data, Internet | Leave a comment
Jul 22
2022

Untraceable Photos

Posted on July 22, 2022 by Cloak Meister

In case you were unaware, photos can contain metadata that could be used to discover that it was you who took them. In which case, posting them online, no matter how cautiously, could lead back to you – if, of course the pics could cause legal problems.

On your phone:

  • Remove location permissions from the camera app

Otherwise, you can remove the EXIF (Exchangeable Image File Format) data from an existing photo. The combination of the data could be used to prove that it was your phone that took the photo:

  • Camera manufacturer and model.
  • Data and time the photo was taken.
  • Compression type used for the photo.
  • Aperture, shutter speed, and ISO settings.
  • Metering mode.
  • Flash mode.
  • Pixel resolution.

To remove that data, there are apps that can do it, or free online services, or even Windows Explorer can remove EXIF data. Simply search online.

Posted in Identification and Personal Data | Leave a comment
Feb 09
2022

iCloud Private Relay by Apple

Posted on February 9, 2022 by Cloak Meister

iCloud Privacy Relay settings

This is not a replacement for other dedicated services like a VPN, but rather it fills the gaps in regular security – like if you visit an insecure site.

You can switch it on for iPads or iPhones in Settings > Your Name > iCloud.

It is a two-step process via Apple servers:

  1. Changes your IP address as seen by websites (like a VPN)
  2. Looks up DNS servers to fetch the website

That means nobody gets to see who you are and where you are visiting as a combo. Without both together, you have privacy.

You get to choose if the replacement IP address is local or your country. This may affect ads you see, but not much else. Not a problem on secure sites that serve ads, and all respectable sites are secure.

Turn it on, there’s no bad side to this.

NOTE: Still being rolled out and not available in all countries

Posted in Avoiding Detection, Internet | Leave a comment
Dec 25
2021

Community CCTV Networks

Posted on December 25, 2021 by Cloak Meister

Something that citizens can control, and use, as opposed to being surveilled by the government, is their own CCTV cameras.

As we know from Movies/TV, the first thing a cop does at an outdoor crime scene is look for any CCTV cameras nearby, and then ask if they can look at the footage.

Instead of installing Ring and allowing the authorities automatic access, why not self-organise?

At the other extreme, in Western Australia, police ask for people to just let them know if they have a camera, so they can quickly access a database. This is a good way for the authorities to connect, and appears to be popular in the US in individual towns. Even so, the government is in control of the data.

Benefits of a community-operated camera network:

  • The users control everything
  • It can be used for things beyond what the police will investigate
  • Combine it with Neighbourhood Watch, and rapid communication
  • Automated systems can be utilised, like face or license plate tracking (currently illegal in many places, but presumably OK in many lands)
  • Hybrid / manual systems could be created that comply with laws
  • Potential for other uses. Combine it with sensors for weather, and sell the data to a weather app. Count traffic rates for when asking the council for something

Necessary components:

  • It has to work out-of-the-box, which means getting a quality manufacturer on board
  • The rules and ethics need to be perfect
  • The software and network needs to be 100% secure without doubt
  • Checks and balances

Possible scenarios where it could be useful:

  • Tracking the movements of your stolen car
  • Vandalism
  • Mail / parcel theft
  • Deterrent – signs mentioning the networked nature of the cameras
  • Monitoring what the authorities do in your neighbourhood
  • Spotting vehicles (people?) who are new
  • Hoons / street racing
  • And in an extreme case, riots

 

Posted in Citizen Controlled | Leave a comment
Sep 28
2021

ShadowDragon – Social Surveillance

Posted on September 28, 2021 by Cloak Meister

In case you didn’t already know, anything you put online can come back and bite you.

ShadowDragon allows police to suck in data from social media and other internet sources, including Amazon, dating apps, and the dark web, so they can identify persons of interest and map out their networks during investigations. By providing powerful searches of more than 120 different online platforms and a decade’s worth of archives, the company claims to speed up profiling work from months to minutes.
https://theintercept.com/2021/09/21/surveillance-social-media-police-microsoft-shadowdragon-kaseware/

A sample of the sites they trawl:

AOL Lifestream | Amazon | Ameba | Aodle | BabyCenter | BitChute | BlackPlanet | Blogger | Busted! Mugshots | Buzznet | Cocolog | Companies House | Crunchbase | Dailymotion | DeviantArt | Ebay | Etsy | Facebook | Flickr | Foursquare | Gab | GitHub | Goo | Google | Google+ | Gravatar | Hatena | Huffington Post | ICQ | IMVU | ImageShack | Imgur | Instagram | Instructables | Jugem | Kik |LinkedIn | LiveJournal | Livedoor | Mail.ru | Menuism | MeWe | MySpace | Naijapals | Netlog | OK Cupid | Okru | Olipro Company | Pandora | Pastebin | PayPal | PGP | Photobucket | Pinterest | Plurk | POF | PornHub | QQ | Reddit | ReverbNation | Seesaa | Skype | SoundCloud | SourceForge | Spotify | Sprashivai | Steam | Sudani | Telegram | Tinder | TripAdvisor | Tumblr | Uplike | Vimeo | Vine | Virus Total | VK | Voat | Weibo | Xing | Yahoo | Yelp | YouTube | Zillow

The full details are irrelevant – the takeaway is that authorities (or, well, anyone) doesn’t need to put manual effort into this. They can just hit F12 and get everything on you.

Posted in Corporate Surveillance | Leave a comment
Sep 26
2021

Carry Two Phones?

Posted on September 26, 2021 by Cloak Meister

There is a growing trend, where the authorities are allowed to look at your phone, and force you to unlock it. It began at some international borders, but now is creeping into everyday life as well.

If you are doing anything technically illegal or in a grey area, then I recommend carrying two phones. At the very least, have one that you hand over and a second that you don’t. The one you hand over can be a cheap model, on the cheapest phone service, and with incredibly boring social media accounts and photos. Some people don’t use their phones much, it is a thing.

At the other end of the scale, have your good, regular phone for all your normal, uninteresting life, and be extra careful that nothing borderline is on it. Then your second phone, always on you, is for:

  • documenting things like police acting badly
  • has no SIM card and GPS off = no tracking
  • use mega.io for images, auto uploaded to the cloud
  • internet access via your main phone
  • and whichever measures you deem worthwhile, including a privacy-based OS

So, when you film a cop doing bad things, and you are approached, pocket your phone, and pull out the other one, from the same pocket. They need to look similar enough, but you can feel the difference. Tell them you deleted it. Meanwhile your other phone is auto-uploading the footage to the cloud.

This will work for now, until it becomes prevalent enough for the authorities to start searching for extra phones. Then, have three??

Posted in Avoiding Detection, Government Surveillance | Leave a comment
Sep 04
2021

SpyFone Banned, and a Lesson Learned

Posted on September 4, 2021 by Cloak Meister

spyfone

Any app that you give access to, whether it is your camera, your contacts or your location, is a risk. You won’t know what exactly the app will do with that access. And even if they tell you, they can lie, or they could be hacked.

So unless you have absolute faith in the company, don’t do it. If their business model isn’t clear, don’t do it. Always ask, how will they make money?

SpyFone said they are an app that only lets you track your family members, with their permission. Yet they gave details on how to hide the app from people.

Turns out that SpyFone gave access to stalkers and others, way beyond what the installer would expect. It is reasonable to expect that all such apps, already borderline illegal and immoral, don’t care too much about their own security.

Today, the Federal Trade Commission banned SpyFone and its CEO Scott Zuckerman from the surveillance business over allegations that the stalkerware app company secretly harvested and shared data on people’s physical movements, phone use, and online activities through a hidden device hack. The company’s apps sold real-time access to their secret surveillance, allowing stalkers and domestic abusers to stealthily track the potential targets of their violence. SpyFone’s lack of basic security also exposed device owners to hackers, identity thieves, and other cyber threats.
Source: FTC

Posted in Spy Equipment | Leave a comment