Mar 17
2021

Black Box – How Big?

I have written previously about how to avoid government surveillance – easy if the public own the streets. Many gated communities have private roads, and government cannot add cameras there.

I also came up with the concept of the Black Box Building – a large building with no tracking inside, guaranteed. A safe place to conduct business or affairs with zero proof you did.

It has crossed my mind that there is no theoretical limit to how big those could be. If you can have a surveillance-free gated community, why not a city? If you can have a super-private building, why not a massive shopping centre?

Private property has massive advantages. Private property can be big.

A music festival can have 100,000 patrons, and no government surveillance. Or a sports stadium. Or a jumbo jet. Or the office building of a major corporation. Imagine merging them all into a massive, private space?

The world already has some vertical cities which combine residences, shopping, entertainment and offices.  And even a train station.  What if such a place was purpose-built with privacy in mind?

Posted in Avoiding Detection | Leave a comment
Dec 04
2020

Your Phone Can Be Tracked With This Trick

Thankfully only the nearest cell tower location. Apps and malware that use your phone’s GPS are much more dangerous…

The technique used by the Circles snooping tech is known as Signaling System 7 (SS7) exploitation, a powerful yet difficult-to-detect tool in government spy arsenals. It’s named after the portion of the telecoms network that deals with cross-border functionality and billing. When, for instance, you travel to another country, the SS7 network is used to move your phone over to a partner telecoms provider and adjust billing accordingly. But should a surveillance vendor have access to SS7 networks, either via hacking or acquiring it, they can send commands to a subscriber’s “home network” falsely indicating the subscriber is roaming. That will, in turn, reveal their location, though only the coordinates of the cell tower closest to the phone. It may also be possible to intercept calls and texts through SS7 exploitation…
https://www.forbes.com/sites/thomasbrewster/2020/12/01/this-spy-tool-can-find-you-with-just-a-telephone-number-and-25-countries-own-it-warn-researchers/

Posted in Government Surveillance, Spy Equipment | Leave a comment
Nov 25
2020

Neighborhood Watch – License-Plate Readers

This site is pretty much devoted to avoiding detection from governments. But as technology becomes more affordable it can be used by corporations and even community groups.

Automated license plate readers (ALPRs) are all the rage:

At least seven homeowner associations (HOAs) in San Diego County, 100 neighborhoods in Georgia, 10 in the Denver area, and dozens throughout North Carolina, South Carolina, Alabama, Tennessee, Texas, and elsewhere have installed A.I.-infused ALPRs manufactured by Flock and a handful of other companies such as Vigilant Solutions and Obsidian Integration. Flock provides a calculator that recommends the number of cameras that neighborhoods should install: For 50 homes with two entrances, it recommends between two to four cameras; for 100 homes with five entrances, it recommends between five and 10. Each camera costs $2,000 per year.
https://onezero.medium.com/neighborhood-watch-has-a-new-tool-privately-owned-license-plate-readers-302f296abb27

 

Posted in Uncategorized | Leave a comment
Sep 17
2020

Singapore and “free” smart watches

The Register reports:

Singapore and Apple have cooked up a scheme that will see the city-state’s citizens rewarded with gift vouchers if they wear the Apple Watch as part of a national health promotion programme.

To score any rewards Singaporeans will need to download and use an Apple Watch app called LumiHealth that delivers “weekly activity goals, wellness challenges and nudges that cover nutrition, sleep, mental wellbeing, and more, tailored to your health goals and Apple Watch activity.”

Ticking all the boxes over a two-year period can see users eligible for up to S$380 (US$280) in “HPB eVouchers”, gift vouchers issued by Singapore’s Ministry of Health and redeemable at some shopping malls and merchants.

The newest and cheapest Apple Watch SE sells for $419, so compliance with the program covers more than 90 per cent of the device’s cost.

While China is forcing mass surveillance on its citizen, Singapore is bribing it into existence.

Google and Facebook are already doing this – giving us a free service in exchange for our data. So far is it is (despite what alarmists say) fairly innocuous, they show ads for things it seems like you are interested in. They haven’t yet modified our behaviour…

It horrifies me that citizens could be judged by how many steps per day they take. Or even penalised. That we all must abide by some homogenised ideal.

Slippery slope people – don’t accept the free watch.

Posted in Biometrics, Government Surveillance | Leave a comment
Aug 13
2020

The Govt Knows Your Travels

This might not surprise, but it is interesting to have it confirmed. The FBI can track your travelling through the Sabre booking system, in real time. Given that this one example has been outed, it would be reasonable to expect that the other two major systems, Amadeus and Travelport, also do as they are told.

The rule of thumb is this – unless you explicitly are certain you cannot be tracked, you might be. That means your car, your hire car, public transport with a registered card, all forms of bookable travel, anything you use a credit card for, any surveillance camera…

Use cash, wear a face covering, and walk/cycle/scooter/steal a car – if you don’t want your movements traced.

Posted in Government Surveillance | Leave a comment
Aug 09
2020

The Atlas of Surveillance

This is brilliant, a zoomable map of the USA that shows which surveillance technologies are being used in each city.

https://atlasofsurveillance.org/

It shows:

  • body-worn cameras
  • police drones
  • automated license plate readers
  • partnership with Amazon’s Ring
  • face recognition
  • surveillance cameras
  • predictive policing
  • gunshot detection
  • cell-site simulators (like Stingray, for intercepting calls illegally)

The data is from less than a third of police departments, from the research of many students. It is not comprehensive, but an indicator of just how many ways you are being watched.

More info at Wired

Posted in Eye In The Sky, Facial Recognition, Government Surveillance | Leave a comment
Aug 02
2020

China’s Surveillance Spreading Globally

The following excerpt is from an excellent article by The Atlantic, that also goes into great detail about how bad things are within China.

In Malaysia, the government is working with Yitu, a Chinese AI start-up, to bring facial-recognition technology to Kuala Lumpur’s police as a complement to Alibaba’s City Brain platform. Chinese companies also bid to outfit every one of Singapore’s 110,000 lampposts with facial-recognition cameras.

In South Asia, the Chinese government has supplied surveillance equipment to Sri Lanka. On the old Silk Road, the Chinese company Dahua is lining the streets of Mongolia’s capital with AI-assisted surveillance cameras. Farther west, in Serbia, Huawei is helping set up a “safe-city system,” complete with facial-recognition cameras and joint patrols conducted by Serbian and Chinese police aimed at helping Chinese tourists to feel safe.

In the early aughts, the Chinese telecom titan ZTE sold Ethiopia a wireless network with built-in backdoor access for the government. In a later crackdown, dissidents were rounded up for brutal interrogations, during which they were played audio from recent phone calls they’d made. Today, Kenya, Uganda, and Mauritius are outfitting major cities with Chinese-made surveillance networks.

In Egypt, Chinese developers are looking to finance the construction of a new capital. It’s slated to run on a “smart city” platform similar to City Brain, although a vendor has not yet been named. In southern Africa, Zambia has agreed to buy more than $1 billion in telecom equipment from China, including internet-monitoring technology.

…China uses “predatory lending to sell telecommunications equipment at a significant discount to developing countries, which then puts China in a position to control those networks and their data,” Michael Kratsios, America’s CTO, told me. When countries need to refinance the terms of their loans, China can make network access part of the deal, in the same way that its military secures base rights at foreign ports it finances. “If you give [China] unfettered access to data networks around the world, that could be a serious problem,” Kratsios said.

In 2018, CloudWalk Technology, a Guangzhou-based start-up spun out of the Chinese Academy of Sciences, inked a deal with the Zimbabwean government to set up a surveillance network. Its terms require Harare to send images of its inhabitants—a rich data set, given that Zimbabwe has absorbed migration flows from all across sub-Saharan Africa—back to CloudWalk’s Chinese offices, allowing the company to fine-tune its software’s ability to recognize dark-skinned faces, which have previously proved tricky for its algorithms.

Having set up beachheads in Asia, Europe, and Africa, China’s AI companies are now pushing into Latin America, a region the Chinese government describes as a “core economic interest.” China financed Ecuador’s $240 million purchase of a surveillance-camera system. Bolivia, too, has bought surveillance equipment with help from a loan from Beijing. Venezuela recently debuted a new national ID-card system that logs citizens’ political affiliations in a database built by ZTE.

Posted in Facial Recognition, Government Surveillance | Leave a comment
Jul 18
2020

Digital Skeleton Car Key

The £20,000 (roughly $25,000) tool, that looks like a Nintendo Gameboy can imitate the remote keys of many car brands, like Kia, Hyundai, Nissan and Mitsubishi.

The Key Tool scans and records the signal that originates from the car and allows the user to enter the car with what it thinks is an authorized remote. The vehicle will open and start the same as if the actual key were inside.

Drive says the product was quickly removed from the creator’s online store, but presumably it is still something that criminals can acquire.

I fully expect that some makes of car in the future will offer car starting options that are fixed as needing a physical key, with no digital override. Keys really aren’t so burdensome compared to the security of your vehicle, not just theft, but also tampering.

Posted in Uncategorized | Leave a comment
May 10
2020

Apps That Use Location Data

spreadsheet-Artboard_3

When you give an app permission to access location data, it is usually for a sensible reason – for example an app that lets you find where you parker your car. So you allow it to do its thing.

What you don’t realise is that your location data is valuable, and there is a good chance the app developer will sell that data to whoever wants it.

And this could be the location of your children being tracked…

In the decade since Apple’s App Store was created, Americans have, app by app, consented to just such a system run by private companies. Now, as the decade ends, tens of millions of Americans, including many children, find themselves carrying spies in their pockets during the day and leaving them beside their beds at night — even though the corporations that control their data are far less accountable than the government would be.
https://www.nytimes.com/interactive/2019/12/19/opinion/location-tracking-cell-phone.html

Today, it’s perfectly legal to collect and sell all this information. In the United States, as in most of the world, no federal law limits what has become a vast and lucrative trade in human tracking. Only internal company policies and the decency of individual employees prevent those with access to the data from, say, stalking an estranged spouse or selling the evening commute of an intelligence officer to a hostile foreign power.

A key factor in all of this is that the data is anonymised. The location data is not attached to your name or your cell number. However there is a kink in the armour of that anonymity – nobody else visits your home and work every day. And the more well-known the person, the easier it is to join the dots.

Protestors can be tracked…

Companies say the data is shared only with vetted partners. As a society, we’re choosing simply to take their word for that, displaying a blithe faith in corporate beneficence that we don’t extend to far less intrusive yet more heavily regulated industries. Even if these companies are acting with the soundest moral code imaginable, there’s ultimately no foolproof way they can secure the data from falling into the hands of a foreign security service. Closer to home, on a smaller yet no less troubling scale, there are often few protections to stop an individual analyst with access to such data from tracking an ex-lover or a victim of abuse.

The solution is simple, if you can be bothered. Have a 2nd phone, that is never turned on within a mile of your home. Use it for all those location-based apps that you think your need. And turn it off at a set place on the way home, preferably some random home.

 

 

 

Posted in Avoiding Detection, Corporate Surveillance | Leave a comment
May 07
2020

Facial Recognition for Australian Govt Services

digital-identity-ecosystem

It is coming, it is Big Brother, and it is un-necessary.

https://www.dta.gov.au/our-projects/digital-identity/digital-identity-ecosystem

This is terrible news, and hopefully will cause Australians to draw a line in the sand.

As has long been the case, when you wish to access government services or receive payments from the state, you need to identify yourself.

These days they are using 2FA, and that works fine. Log in to your MyGov account, get a text message, enter the code. A recent update for the business tax portal lets me use Touch ID on my phone – not a problem, the government doesn’t get my fingerprint.

But for citizens to access more confidential services – under what the DTA calls identity proofing level three (IP3) – requires that facial verification and liveness detection – or a proof-of-life test – be embedded in the app.
https://www.itnews.com.au/news/mygovid-facial-recognition-trials-slated-for-mid-2020-539020

This can only work if the government stores your likeness in their servers.

The government says it will be optional, but that being realistic depends on how hard achieving the same result would be using other methods. For example, real world appointments with a many-week queue, or phone lines that are always busy.

The other concern is it “represents a whole-of-economy solution” – the same system used to verify your ID to banking and utilities, with those businesses never seeing your biometrics.

The concern: once we are used to using our face for these things, the government will expand the usage. For example, scan your face to take out a library book. Scan your face to enter a sports stadium. Scan your face to clock on and off at work.

The existing systems work fine. We don’t need any extra efficiency if the trade off is privacy.

Note: all Australian government agencies can access each other’s data if they have a genuine need to. They can already access your image via your driver’s license photo or passport photo on file, which is a major issue, but hasn’t been highlighted to the general public.

Posted in Biometrics, Government Surveillance, Identification and Personal Data | Leave a comment