I work in location / mapping / geo. Some of us have been waiting for this to blow (which it hasn't yet). The public has zero idea how much personal location data is available.
It's not just your cell carrier. Your cell phone chip manufacturer, GPS chip manufacturer, phone manufacturer and then pretty much anyone on the installed OS (android crapware) is getting a copy of your location data. Usually not in software but by contract, one gives gps data to all the others as part of the bill of materials.
This is then usually (but not always) "anonymized" by cutting it in to ~5 second chunks. It's easy to put it back together again. We can figure out everything about your day from when you wake up to where you go to when you sleep.
This data is sold to whoever wants it. Hedge funds or services who analyze it for hedge funds is the big one. It's normal to track hundreds of millions of people a day and trade stocks based on where they go. This isn't fantasy, it's what happens every day.
Almost every web/smartphone mapping company is doing it, so is almost everyone that tracks you for some service - "turn the lights on when I get home". The web mapping companies and those that provide SDKs for "free". It's a monetization model for apps which don't need location. That's why Apple is trying hard to restrict it without scaring off consumers.
If this also happens in the EU and is as blatant as you say it is and with GDPR and all, surely this is just waiting to blow up?
You pull the phone location records of everyone near a protest without a warrant (and no intention of using the location data in court) then you dig into them to find something unrelated to the protest you can nail them on.
That way you take out key players without it looking like a political crackdown.
“The most gifted of [the Proletariate], who might possibly become a nuclei of discontent, are simply marked down by the Thought Police and eliminated.”
It's horrible but beyond supporting ORG, EFF and writing to my MP (I'm in the UK) not sure what else I can do, even if I protect myself from it my family and friends are still potentially fucked.
encourage everyone to boycott american companies.
I'm pretty sure that in Germany, some of the described activities could be punished with prison time (and they certainly should).
Many aren't, but everyone has reason to.
Governments change. Telling your government your religion in 1920s Germany was harmless, in 1940 many would have preferred if the government didn't have their religion on file.
Circumstances change to. In 1920 being a Japanese in the US wasn't special. After Perl Harbor came the internment camps.
And then there's the mundane stuff. You protest a government policy, someone in the government takes issue and tries to put some of these annoying people in jail.
Given that you don't know when you might become an enemy of the state it's always a good idea to keep the power of the state over its citizens in check.
The game being played is not '1984', it is 'Foundation'.
It is for steering entire societies, and this works far better on the boring people who think they have nothing to hide as they are the easiest to model
With a single powerful player, you get a consistent, but slightly false narrative. If you have lots of players though, you get multiple competing narratives and the news stops making sense.
Is partly why I still think Gibson is one of the people who got it closest to the mark.
It's about being able to track anybody.
Users get no benefit from the information resale directly, but they also aren't generally harmed by it. And the benefit they get from having a ubiquitously-connected device in their pocket outweighs the (apparently calculated to be low) per-person cost to their information being resold. The fact that you or I may do the calculus differently for ourselves (because we have different risk sensitivity) doesn't impact those who don't reach the same conclusions.
There may come a time in your life when you wish to have a say in the political system or are wronged by a powerful corporation. You'd care in that case. When your political rights disappear, they aren't easy to get back.
Which circles back to the original question: should a person feel guilt over creating tools that help the average user and harm the political dissident? Seems an open question. Perhaps one heavily dependent upon whether the actor agrees with the political dissident's position.
We should not be creating a mass surveillance state. The actual abuses domestically generally of minority populations, abroad, generally of non-NATO civilian populations, and potential domestic abuses (with many well noted assassinations and infiltrations in the past) are alarming and have already stronger, more precise abilities for social control of the population by the state than existed in dictatorships. The Stasi would have killed for the NSA's database and planting live tracking beacons on most citizens.
I'm on the left, but the non-financial political freedoms of the right are a bellwether for my own (though the literally genocidal far right is a more complex discussion). In general this makes a lot of logical sense because conservatives and right wing ideologues wish to maintain the status quo (literally to conserve it) or to return society to a past state (e.g. the relation of men and women, the role of religion, etc.), and range from libertarian to authoritarian, neither of which really threaten established authorities (and often reinforce them) and so are treated with kid gloves (watch how police treat right wingers at protests on average). Blue lives matter is a right wing cri de cœur that's an example of a "protest" that celebrates existing civil authorities.
Liberals and more-so leftists wish to change society into a new state which threatens the established order. Therefore, the civil authorities do not treat them with deference. Typically political freedoms lost by the right are applied with vengeance against the left.
Encourage dissent. We make fun of countries that don't. :)
EDIT: added info on why losses of political freedoms for the right are an especially bad bellwether
I'd like to ask anyone within RF earshot to carry my packets. I'd even consider paying for faster bandwidth if others were offering below some threshold. Some common low bandwidth communication should always work, say some fraction (split between freeloading users) of 20% of the link speed. I'll carry your packets if you're in earshot, rebroadcasting as needed, following the same rules. We could rotate our source addresses every so often.
You'd be persona non-grata (illegal) if you're recording and sharing who you hear. At the heart of it, saving and recording in perpetuity who you're communicating with and where ought to be illegal. Certainly selling that data should be too, or you end up with what we have today.
Yes, the UK absolutely needs additional dissent.
That seems like a terrible idea.
Because I'm not specifically aware there's a cross-town bus with my name on it, I'm somehow not about to get pancaked?
If people were deeply individually concerned about the risks vs. rewards of these technologies, they'd stop using them. That's the rubber-meets-the-road calculus I see.
Why do you think that? It clearly doesn't apply to stuff like oil, for instance.
I could give up my phone, but I would be in deep shit if I did it tomorrow. It would take a lot of arrangement to do so and it would piss off my family and lose me work.
People say they're concerned. But the actual number of people attempting to zero the amount of oil they use? Much lower than claimed concern.
Words are easy. Actions have costs that people would prefer not to take on.
How do you know how many there are? Anyone doing that couldn't travel except by foot, buy any commercial products or use any available communication services.
edit - alternatively, there are loads of people attempting to zero the amount of oil they use. They are just using oil to get there.
See also: "Ayn Rand collected Social Security benefits." (And I abhor her oeuvre and "movement".)
I'm saying people make the claim on the average person's behalf that they want privacy and information such as their location (as triangulated by cellphone towers) kept generally secret from governments and corporations who can offer them benefits, and that claim is not actually supported by much evidence. I think the digital intelligentsia cares deeply; the average cell user, not so much.
That is, if Verizon was unambiguous with Joe Customer, "We may sell your real-time location information to companies known to re-sell that kind of information to the government, and you can't do anything about it" how many of them would be pissed? Isn't the state being restrained from un-warranted — literally — snooping into people's lives a core American value?
Your position is that most people would "meh". I think you're wrong. You're probably right that there's scant evidence either way, though.
Every single one of the revelations you've mentioned was met with public backlash, followed by either a misinformation campaign or intense dog-wagging. This is called manufactured consent. For example, let's look at Cambridge Analytica. When it was revealed that a military contractor was hired to subvert the 2016 Presidential election, the dominant story in the alphabet-soup media was a twitter tantrum from Trump. As it became clear over the next few days that the story wasn't going to be buried easily, the narrative was quickly shifted away from the subversion of democracy to blaming Facebook for leaking user data, culminating in parading The Zuck before Congress. He played his part perfectly: no bread, but enough circus to keep the masses from thinking too hard about what it means for an election to be free.
People do the calculus to decide if risk is greater than reward all the time. It appears ubiquitous connectivity, for most people, is far more rewarding than risky.
Technically you're right but what you seem to be missing is that people (in general) suck at risk assessment. Although they are doing "the calculus", most of their calculations are based on heuristics that just don't reflect a rational analysis.
That is why so many people fear plane travel more than car travel, immigrants more than cigarettes, and pharmaceuticals more than "raw water".
This breaks the site guidelines. Could you please read and follow them when commenting here? https://news.ycombinator.com/newsguidelines.html
Insinuations of astroturfing or shilling without evidence (an opposing view does not count as evidence) are an internet toxin that turns out to be worse than the things it insinuates, because it's so widespread. I've written a ton about why we don't allow that here, if anyone wants to read more: https://hn.algolia.com/?sort=byDate&dateRange=all&type=comme...
I'm not sure why you would jump to concluding that it's a sustained campaign or some kind of reaction to guilt.
I had a hard time understanding why people wouldn’t be more conscientious of their privacy, until I had discussions about the issue with people close to me.
My folks had a very similar sentiment to the typical “if you have nothing to hide, then why do you worry about it”. My girlfriend had the same thought, but took it a step further and asked why I cared so much about people uninvolved in my life knowing personal details about it, then said I was “the most paranoid person [she’d] ever met”
Once the Cambridge Analytica scandal broke, they all understood my point. I think the majority of people who don’t work in tech don’t understand the massive implications that our lack of privacy has. They don’t know how cookies or backends or tracking pixels work, and may not even know they exist. They imagine an NSA agent sitting in a room looking for keywords, not companies that they entrust their digital lives to selling off every little piece of info about them. It’s so much more than your Facebook or Twitter posts being public, it’s data that we might not even know about ourselves being kept in the hands of unknown entities.
To sum up this rant, some people have to see it to believe it because this is outside their scope of knowledge
Edit: you've repeatedly posted unsubstantive comments and we've asked you to stop before. We ban accounts that do this, so would you please not do it anymore?
The advice I always give when this topic comes up us to be very careful with what you install on your phone. The least expensive mobile location data tends to come from random apps collecting the data to sell it, and ad networks. Permission to use your GPS is permission to track you until you uninstall the app.
If you're not comfortable with your name being publicly attached, at least give news orgs the information and request confidentiality.
Part of the reason congress people can punt is that the cost of inaction < cost of action before it penetrates media.
A big part of shifting that equation is starting to publicize "You had all the information available now on X date and did nothing" as loudly as possible. Naming and shaming has been healthy for vulnerability disclosure.
I'm in the space as well. I've tried telling my
congressmen but they ignore me.
Maybe you can find a journalist you respect for their reporting on Cambridge Analytica, the Paradise Papers, Edward Snowden and so on?
It goes like this: https://pbs.twimg.com/media/DczGQICUQAA9ljF.jpg
The domain "syndication.twitter.com" tracks everyone but the page says: "Sorry, that page doesn’t exist!". The point is I haven't been able to run the story so far
the article discusses when the ISP/telco sells the data that you have zero visibility on. there's no way to get around this.
btw, apple and google ad spyware process (google play service) will collect gps and wifi data without any user visible UI, not to mention download ads in the background.
Would be nice to see actual proof of this. I am very familiar with all network traffic an iOS device may emit and do not know what you are referring to here.
Or can you make a tip to one of the newspapers? Given the facebook privacy news saga this might get picked up.
Just because the less-technically adept parts of the infosec community & even more hapless government workers wanted to sound cool doesn't suddenly make it right.
But then I also just enjoy responding with "Cyber what?" whenever someone uses it as a noun. The correlation between people who are asked and can then provide a relevant noun has not been high.
so what's the flow here? is it something like this?: phone gps -> manufacturer installed crapware app -> crapware server -> (various third parties)
wouldn't this be mitigated if you use a custom ROM like lineageos?
There's some bits of interesting info here:
did a quick check, it's not on my phone (SD 820 SoC).
>other location-based trustzone applets remain running even on custom ROMs.
I have no doubt some proprietary blobs still remain on custom ROMs, but do those actually send back location data to the OEM?
It is running under QSEE (Qualcomm) and/or MobiCore (Trustonic) OS, which is separate from your Android OS. It is left untouched by custom ROMs.
Scroll down to "Cloud-Based Assistance" and "Built Right In."
Even if there was a separate OS running in parallel with Android, how could it access the wireless-networks-based and satellite-based location data? I thought that access to these things is controlled by Android.
In other words, when I turn off e.g. satellite location data in Android, can IZat (which, according to your post, runs outside of Android) or other similar spyware keep secretly using it anyway? That would be quite worrying.
I suppose that the location data can be collected by sniffing the low-level communication between the radio device and Android kernel, provided that it has been enabled in Android first. But even then, how could this location data be transferred out of the device? Are these "parallel-running" OSs also able to somehow "tap into" Android's network layer and send the collected data out?
"Even if there was a separate OS running in parallel with Android, how could it access the wireless-networks-based and satellite-based location data? I thought that access to these things is controlled by Android."
There is a separate OS running in parallel with Android and it is running on the very hardware that makes the network connections to the cellular network that you are speaking of.
In fact there are two - the OS and software stack that run on the baseband processor and the OS and software (java apps) that run on your SIM card, which is a full blown computer with its own memory and processor, etc. In fact, your carrier can upload new java programs to your SIM card without your knowledge at any time.
Your final question is a good one - many (most ?) implementations give the baseband processor DMA to the main, application processor. So you are hopelessly owned. Deeply, profoundly, hopelessly owned.
1. Linux Kernel / Android OS, running on main ARM CPU in "normal mode"
2. QSEE or Trustonic OS, running on main ARM CPU in "trusted execution environment" mode, in parallel with "normal mode"
3. OKL4 / REX Kernel + AMSS OS, running on the baseband CPU (modem)
4. SIM card processor, although it is very limited (typically 32k RAM) and acts only as a MITM for SMS's, not cellular data
5. The OS running on the Wi-Fi card
All the core silicon is wrapped up in huge quantities of NDAs and licensing agreements. You buy a baseband, and the mfg gives you a blob you can either use, or not use the baseband.
Since then, things went really bad, really fast, just no one noticed.
That's why I don't mind being "that guy" in social situations when these issues are brought up.
> how could it access the wireless-networks-based and satellite-based location data?
The OS is either running on the same hardware as Android or has the same direct hardware connections.
> I thought that access to these things is controlled by Android.
Only for things executing within Android. This is just a fancy UI - Android doesn't actually control the hardware.
> In other words, when I turn off e.g. satellite location data in Android, can IZat (which, according to your post, runs outside of Android) or other similar spyware keep secretly using it anyway?
> I suppose that the location data can be collected by sniffing the low-level communication between the radio device and Android kernel, provided that it has been enabled in Android first.
You shouldn't think of it as between the radio device and Android but rather between the radio device and the CPU. A CPU that another OS can and is running on. Android is not special here.
> But even then, how could this location data be transferred out of the device?
The same way Android sends data out of the device. The OS asks the CPU asks the radio to transmit some data. Bog standard.
> Are these "parallel-running" OSs also able to somehow "tap into" Android's network layer and send the collected data out?
Yeah but like I said its not Android's network layer. Android is a guest on top of the system just like any other OS running.
These OS images are untouched by your custom ROM because they're black box.
The baseband is a completely different RTOS as well. And then there's also TrustZone running in the SOC as well.
I'm not sure what part of the OS is sending it, but it's definitely happening (and is block-able!)
Also noticed that most posts had mentions of IZat in their location settings, which my phone did not have (in lineageos or stock)
TrustZone OS is started during SBL2 (secureboot level 2), running in hypervisor mode, while you're looking at the Android OS started during SBL3 (secureboot level 3). You cannot see hypervisor processes & apps from your vantage point (the android kernel).
The trustzone OS is usually located in TZ partition, and it uses some additional partitions for custom TZ apps and data persistence.
The hypervisor has independent access to the internet, the wifi card (for indoor location), and more.
Qualcom boot process, showing SBL1, SBL2 and SBL3 stages:
It goes without saying that without TrustZone OS, the phone won't boot to Android OS (won't proceed to SBL3).
There's a world of proprietary complexity you have zero visibility into, and much of it is running with direct access to hardware the application OS you interact with can only partially make use of.
Heck, it has a hompage. https://www.trustonic.com/solutions/trustonic-secured-platfo...
They were about two blocks off, and located me by cell tower. Apparently they don't have (or at least don't admit to having) A-GPS level data for me.
I have a strong suspicion that it intentionally places you some distance from where it knows you actually are. Unless there is some underlying reason why it would never be 100% accurate -- I've seen dozens of people post their results and every time it's 1-300 meters off.
And it's not just "no one tests while under the cell tower" because the location it gave me was 150 meters in the opposite direction of the cell tower that I can see out my window. And the location it gave was smack in the middle of a neighborhood I know well and know to be free of cell towers. Or I'm just paranoid.
That is what I was sent.
"FirstName LastName wants to obtain your location..."
Also betting that you can put 160 characters into those fields, so effectively a blank SMS is received
Betting further still that you can just spoof the SMS reply
More effective would be to track a few key politicians, such as those on the committees that would deal with regulating these things, and also a few reporters who have agreed beforehand to participate.
Then the tracking on the politicians is turned over to the politicians, but NOT made public. The reporters write stories about this, illustrating the tracking detail by publishing what it showed about them.
This approach gets the news out to the public, personally shows the key politicians the scope of the issue (and that they are vulnerable too), and lets the public know that the politicians have seen proof of how serious the issue is so that the politicians know that they need to get to work on this because their opponents come the next election will certainly be gearing up to use it as an issue if they do not.
My idea is based on the fact that in my experience people rarely really care about privacy until it personally affects them.
When Snowden revealed the extent of NSA activities, it caused a momentary uproar but the people moved on pretty quickly after that. As far as I know (and let me know if I am wrong!!), there was no fallout for the government, and business continues as before.
So I am not sure if people will care this time either.
It provided security people with ammunition to push things like encryption of data over "private" network connections, which prevented their misuse by governments (or at least made it harder)
It also pushed tech. companies to publicly take positions on government spying, in general by insisting they wouldn't co-operate.
1) Be an investigative Journalist
2) Purchase access to these location vendors data
3) Correlate data with known mobile numbers of politicians
4) Find things in data that might be of interest to readers (e.g. "politician x was noted to be in the same place as Lobbyist y on 5 different occasions")
5) Publish Story :)
still need an outlet for the story though
Few have the stomach for that sort of thing...
> Hedge funds or services who analyze it for hedge funds is the big one. It's normal to track hundreds of millions of people a day and trade stocks based on where they go.
Any articles/webpages about this one? Or a company name who is doing it?
But there are too many to name. In 2018, you should assume that any free service (Unroll.me), web/mobile SDK (Slice), email client (Airmail), personal finance tracker (Mint), integration API (Plaid), geolocator (Foursquare), etc is monetized by selling your data en masse for market research.
It's not just location data. Dig into the TOS of free services you use. It's your receipts, your transactions, your subscriptions...all are "anonymized" to varying degrees of success. Even Meraki, the network router/switch company, sells location data.
> Ever wonder what your consumer thinks minute-by-minute? Pinsight’s ID Suite gets behind the lock screen to understand the mindset of your best customer. Leveraging 24/7 insights from the mobile device, we uncover new audiences and discover new market opportunities so you can engage with consumers in ways that matter.
“Gets behind the lock screen”
Jeez that is some brazen marketing.
It's blatant and normalized.
> Airmail does not share your information with any third parties. We are not in the business of selling your data. However, we may disclose information if we determine that such disclosure is reasonably necessary to comply with the law.
They also state that they do not send information to their servers unless you enable push notifications, store data only for this purpose, and delete the data when you disable this setting.
1. https://trends.edison.tech and https://mail.edison.tech
This is mostly a distinction without a difference, because for firms that do this, one of those "business services" is providing a thin layer of analysis over the underlying data.
Honestly, since my line of work is similar (tangential) to what they do, my opinions are probably quite different from the moral majority who might read about this kind of issue without understanding the range of applications. I'm not sure what the solution is but I think there is a regulatory solution that preserves both consumer privacy and the extraction of economy-benefiting value. And I do think something needs to be done to protect privacy, even if it means negative impacts to the commercial space I am in.
It is an open standard:
You don't actually have to bid.
(HN is rate-limiting me)
edit: Data is pushed to you as fast as you can process it. It's a firehose.
Also, most of the data on it is pretty shitty with lots of fraud since the publishers want to get more money. The geo data is often fraudulent (https://en.wikipedia.org/wiki/Geographic_center_of_the_conti...), and that's why companies that bid hire data scientists to sift through the fraud.
There's also rarely, in my experience, year-of-birth or any personally identifiable data.
I don't agree with your claim that "the geodata is often fraudulent".
Anyone can read the linked pdf specification (above), download sample data from the exchanges, and judge for themselves.
That’s really creative honestly.
( "Out of sight, out of mind" )
> Any articles/webpages about this one? Or a company name who is doing it?
Foursquare does it, there were some articles last year about how they pivoted to providing that data. They were able to accurately predict Chipotle customer declines after their food contamination scandals.
I'm not sure if they use this carrier location data, or just the data from the people who are still using their app.
Edit: here's one: https://www.washingtonpost.com/news/innovations/wp/2016/04/2...
I initially thought this was too far fetched but then I started duckduckgoing* and found this: https://www.fnlondon.com/articles/regulators-campaigners-sou...
* If 'googling' is a verb, why not this.
Hedge funds in general seem like a major consumer of retail data, which makes sense. Home Depot just announced earnings: imagine if you knew exactly how many people went into Home Depot, walked out empty handed, and then went to Lowe’s... how you could profit off that data in the market.
In the U.S., aren't dumb phones (or 'feature phones') locatable for E911 service?
It's not as accurate as GPS, but it gives a solid estimate of your location that neither you nor your phone can prevent unless you totally disconnect.
they absolutely had spies on the ground who were likely civilians, eg the doctor who got bin laden's family's dna under the cover of a vaccine program. the narrative that they were only using cell tower triangulation may have a seed of truth but it sounds a lot like counterintel meant to throw off the trail to me.
I'm sure they also had spies on the ground, but I believe the explanation that innocent bystanders being killed was something they'd prefer to avoid.
Not without messing up your ability to make and receive calls. Cell towers use precise timing and power-level measurements in order to do things like decide which cell-site is best, and to hand-over your call from one tower to the next without breaking your call or glitching.
Edit: Even if you were to play around with timing of responses of the radio signal, you have no control over how it radiates in free space. The time-delta between reception of the same signal by 3 towers at known locations is enough to triangulate your position. Maybe a unidirectional antenna pointing to just one tower might work, if there are no other towers within the beam behind it and no sideway leakages.
Expanding this, you could have N directional antennas pointed to N cell towers, and some individual delays on each of those antennas, it might be possible to fool the network triangulation. Such a setup would look highly suspicious if you were carrying it around, and it definitely wouldn't fit in your pocket.
And it'd be useless unless you had many of these custom transmitters faking your signal spread out over large physical distances.
TLDR: GSM+LTE open-source SDR/hacked dumbphone baseband exists, suitable hardware is COTS for sub $2k.
Simply put: don't want to be tracked? Put your phone in a lead sealed box or leave it at home. Tracking only tracks the phone , not your person.
1. Allow the location data to be utilized by the cellular carrier only for legitimate engineering purposes relevant to the delivery of the cellular services. (The network needs to know your location in real time in order to route calls to you.) Also, allow the use of real time location data for emergency services in response to an emergency call. Potentially also allow the use of emergency services initiated real time locations, with a non-suppressible UI required to be presented to the user if this is performed.
2. Require that the cellular service providers purge / NOT retain this location data for any longer than is literally required to provide proper service.
The data retention policy #2 item here is essential in preventing temptation to come up with end-runs for the first rule. It's important that historic data that has no legitimate use under rule #1 not be preserved so that there isn't a mound of accumulating data of theoretically increasing value if only we could change / get rid of rule #1. That sort of thing will create ever mounting incentive to repeal / replace rule #1.
At least for GSM, that isn't as true as you say it. It only needs to know in wich group of cells you are, as as re-registering with each cell change was deemed too heavy on the battery, and they rather page for your phone in the entire location area.
Likewise, triangulation requires the phone to send something, which means that you can notice that, and also that continuous triangulation will drain your battery.
(Which brings up the question of how often and how smartly google sends updates for the traffic density map.)
Don't like the rules of the road, don't drive.
Don't like that your data goes over a third-party's network to get to its destination, don't put your data on a third-party's network.
Bans "by law" only work until the people making the law become people interested in your location and they change the law.
I think this is probably correct.
The problem with the ban you suggest is that it will degrade service in many instances. Some level of location tracking is necessary for all cellular phones to make a smooth handoff between towers or for example to load balance connectivity between different towers.
In the end the more personalized the service you want to have, the more "invasive." Opt in is probably the best total solution, however it quickly becomes an education game if you want it to be effective, and most people don't have the time or technical understanding to put up with a dozen different opt ins.
They do not need to sell location data to other parties in any way, shape, or form.
That doesn't do anything to protect your data from being accessed by the State, which is actually the bigger problem.
Why thwart one great harm yet happily tolerate the other?
If Starbucks knows my location, they can send me a coupon if I enter a Dunkin' Donuts store. If the State knows my location they can falsely accuse me of a murder that I just happened to be near the location of and - if I'm unlucky or have a bad lawyer - execute me for it.
That's not, of course, to say that there aren't some cases where a private business having access to my location could have a deleterious effect. But here's the rub: if you rely on regulation to prevent those cases, you're right back to needing to trust the State, which is - IMO - a foolish proposition.
The division is so trivially violated it's pretty much irrelevant.
But those largely cosmetic boundaries certainly play a large role in public perception and acceptance of living in a surveillance state.
Wide availability of tracking data facilitates domestic violence and stalking, for starters.
Say that someone gets killed by their ex who found them through tracking data leaked by some irresponsible and/or profiteering company. How do we hold that company accountable? How can we prove that it was them who leaked the data, when it's everywhere?
We can't hold the credit authorities like Equifax accountable today for the identity theft they facilitate. This is the same problem. The aggregation of our individual data by companies causes massive negative externalities, borne by individuals.
Again, this cost is not borne by the data aggregator -- it's a negative externality borne by individual citizens. Good luck suing them.
The problem with the current setup is that we don't know who's gaining access, when they're gaining it, what they're doing with it, etc. Once the cell carriers have it, there's no easy way of knowing who they are selling the data to, and who that entity sells it to in turn, and so on.
Sadly, I don't see a good way to resolve this at the moment. If you use a cell-phone the carrier can always get your (at last approximate) location through triangulation. And regulation only makes sense if you trust the State, and I would like to think we've all learned better than to do that by now. So what do we do?
Who does your cell phone's location belong to?
Who does the tower's connection data belong to?
Who does the multitude of tower signal strengths belong to?
Who does the user's cell phone data belong to if allowing multiple apps to use it?
Answer: User's location data belongs: to the user, 3rd party apps they have allowed, and terrestrial cell companies that run towers with the appropriate frequencies for your phone.
The technology isn't the right area to change it. In the end, you're doing stupid stuff with encryption and still emitting point-source radiation that can and will be triangulated.
I'm not sure how possible it is to anonymize that kind of data in a way that prevents it from being deanonymized, or how useful the anonymized data would be to the buyers, but this seems like a better solution than a blanket ban to me.
Your next car will support telemetrics. Your insurer will know how fast and how often you drive. Your wife will know where you've been going after work. The cloud will gather and retain everything else of non-obvious value, up to the point where it all magically disappears when your self-piloting car drives itself through a schoolyard at recess and the company claims they don't have enough data to determine their responsibility, and insinuates that perhaps it was your fault.
All your future appliances will be factory-bugged so Amazon can listen to you arguing with your wife and sell you marital counseling books. Or they sell you imported counterfeit electronic shit, leaving bored interns with unchecked privilege (or strangers poking around on SHODAN) to activate those products' extraneous cameras to spy on your daughter undressing.
The ubiquity of cellphones in the hands of the masses mindlessly recording every droll moment of their lives in public for a chance at YouTube fame, combined with better and better facial|licenseplate|whatever-recognition algorithms means you're always on a camera somewhere, your movements being tracked and your identity easily annotated. Your wife's divorce lawyer will have a field day with this.
Don't want to be tracked? Hoard cash and modify the serial numbers. Throw away everything with a network interface or bidirectional antennas of any kind. Don't leave the house. Slap tinfoil on your windows. Make yourself a nifty pirate hat with the remainder. Your friends and neighbors will think it's endearing for a while, then they'll stop coming around for some reason.
Just don't take a selfie of yourself in your fortress of solitude without scrubbing the geolocation data from the EXIF tags!
There are still areas in which you can make choices. You can still buy appliances with no internet connections at all, or buy open hardware and run open source software. This is what I currently do.
Surely inexpensive and/or used cars will dispense with GPS and other high tech features; in addition, I wouldn't be surprised if (should this become a regular problem) a modding community develops around car ownership (ownership in the sense of right-to-modify).
This doesn't change the fact that it is incredibly concerning that always on tracking run for-profit is becoming the default, but I think it's too early to say we can't opt out. That's why I think cell phones are qualitatively more worrying. They're quickly becoming necessary devices for anyone in a salaried job, and they represent an always-on tracking device that's effectively glued to my hip. It is absolutely crucial that something be done abut these privacy violations, if not through legal means, then through hacking. If that turns out to be impossible I'm going to have to find a way to stop carrying a phone.
It would be nice to see Purism respond to this report given their work on the librem 5.
For a little bit. As you say, bad money pushes out good money. Most people will buy devices with tracking. Since more of them will be made, their prices will be lower than devices without tracking. Especially since the tracking will be profitable for the companies making the devices. Eventually you'll find all devices have tracking hardware and on some it will just be disabled. Either unplugged physically, or turned off via software.
If anything the parent's predictions are probably conservative.
> You can still buy appliances with no internet connections at all, or buy open hardware and run open source software.
Maybe, if you know what to look for. Most consumers don't. They'll buy a Dell and not realize Computrace exists. I work in the field and I don't even know a fraction of what I don't know. I'm just one asshole defending against legions of better-paid actors with an infinite capacity for insidiousness.
Just wait until some well-meaning, progressive state like California decides to legislate that all houses must be smart-conforming. All aspects of your house will have a network interface whether you like it or not. How many homeowners are capable of setting up VLANs for their lightbulbs? How many homeowners are going to deconstruct every (networked by default!) smart-item they purchase and check for motion sensors, cameras and microphones? The NSA backdoored smart TVs already. Huawei backdoored routers, and Blu sends god-knows-what to China in the background. It's happening.
In this day and age, you may as well assume every product that comes out of Silicon Valley is a glorified exfiltration agent. If you give anything a network interface, by god it's going to use it to report something, and you don't know that it's happening or what's being communicated. You-have-no-control.
Given the recent interest in mesh networking I expect that to become a new vector-- install enough Huawei appliances in an area (give them away for free, or undercut competing vendors), each serving as a wireless mesh node, and you only need one internet-facing node (like a Huawei cellphone or router) in that mesh to be able to command and control any of the devices or peripherals around it. If anybody questions why a digital pictureframe is emitting wireless signals, it's for the discovery service, of course. It has to get updated weather information from somewhere, right? Consumers will accept that. And thus you invite a decentralized botnet into your home.
> Surely inexpensive and/or used cars will dispense with GPS and other high tech features; in addition, I wouldn't be surprised if (should this become a regular problem) a modding community develops around car ownership (ownership in the sense of right-to-modify).
Used cars will, until that pool dries up, yes. How many cars can you find that still use carburetors in favor of ECU-controlled fuel injectors?
We lost the right-to-modify battle the day ECUs became standard in all cars, inexpensive or not. Without proprietary knowledge, you can dink around with the oil and tires, but you can't fundamentally change how the car works. You can't even change the brake fluid on some cars without a proprietary command telling the pump to expel it. The war for right-to-modify will be lost when we're all driving Teslas (or John Deeres).
You can hack it, sure, about as competently as you can hack a PS4 or iPhone. The day will inevitably come where you want to use a particular app or service you paid a premium for (like warranty repairs, autopilot, PS Online or iTunes) and they'll tell you to pound sand unless you install their factory-certified firmware that opts-in to tracking. Or new games/features will simply refuse to work on your hacked firmware. You will be left in the dust.
That also assumes your insurer doesn't find out you tampered with an otherwise autonomous car, potentially impacting its safety features by refusing OTA updates and putting you in a higher risk pool. They may decline to insure you altogether.
There are consequences for not complying with progress; you yourself mention one of them. I'm disappointed you think it's hyperbole-- this attitude is why things have degraded to the current state of affairs.
What car brand does this? The only thing that came up on a Google search was a comment on Quora that said that mechanics can command the ABS to go into a self bleed cycle to purge air (no brand was mentioned). Is this what you're referencing?
For iOS, assume every app using your location is selling the data. That means every app using a map or location smoothing SDK (GPS jumps around, there are services to smooth it out), since the map SDK providers (and there's not many) are selling your data even if the app itself isn't.
Google, Apple, Microsoft etc are pretty careful for good reason. Anyone below that is probably selling it.
In fact I don’t think that is even a gated permission on iOS.
The parent comment seems to be saying that the OS and apps use the internal GPS data to get a much more accurate location, which is then freely transmitted somehow and shared and sold. My question is to clarify that this more accurate data, needed to enable the "walk into specific store" scenario, can only be obtained via data (eg 3G, LTE, or wifi)?
Therefore not buying a data plan or turning off cellular data manually should prevent the GPS-accuracy tracking, but the only way to prevent the less accurate cell-tower tracking is to use a faraday cage.
Turning off Google Now & location services will radically improve battery life on standby.
> It's not just your cell carrier
No reason to think this is only US right?
> cell phone chip manufacturer, GPS chip manufacturer
How & when is this transmitted and what other data apart from lat & long?
> pretty much anyone on the installed OS [...] is getting a copy of your location data
You mean the devs of whatever app is installed on the phone? The outgoing data should be visible in things like Charles proxy, right?
Is this analogous to FB data being available to any dev that gets permission to access your profile?
> It's normal to track hundreds of millions of people a day and trade stocks based on where they go
Whaaa ... ? Do explain, fascinating.
Can this all be mitigated by those smartphones-hardened-for-criminals type devices?
The stock trading I've heard of, and even seen news articles about before.
Location tracking lets stock traders know how well a store is doing well before public results are announced. If foot traffic is down at a store, time to sell off (or short) the stock before it becomes publicly known.
It then becomes a cost/benefit analysis weighing the likelihood of getting caught * cost of potential fine vs business value of ignoring the law. Ignoring the law is frequently the correct decision.
But do you think our government will ever stand up? Doubtful
edit: Reading into the context of 'too big to fail' and 'collateral consequences' reveals exactly that kind of behavior.
But having a law doesn't mean people or corporations won't break it out of the 'kindness of their heart'. Or because they're 'good people'.
For example, look at 'No gun zones'. You think a criminal is not going rob a bank at gun point because the bank is a no gun zone? If anything it incentivizes them because they know they'll have a monopoly of force upon entering ( if they have a gun, and can fairly assume no one else will because of 'no gun zone' policy )
Spoiler: I don’t think doing what you are describing is feasible.
Looks like there is info here:
This is the way we should have designed these networks from the beginning. It was inevitable that the stuff in TFA would happen, given the interests of the companies involved and no regulation to prevent it. Same with FaceBook and Cambridge Analytica.
But if the tower operators collude then they can still track you across towers by localizing the physical source of the end-device's signal.
So you'd want a mesh network, formed adhoc out of currently in range cellular device neighbors, with packets re-encapsulated and encrypted at each hop, eventually hitting the tower from a random device.
Authorization would be impossible (the intent of the scheme) without a side channel (as you can't simultaneously have individual authorization and individual anonymization). Which makes it a non-starter for commercial use.
I'm not sure simultaneous authorization and anonymization is impossible. Couldn't you use something like Chaum's e-cash to obtain tokens that guarantee the holder the right to use the network for some amount of data, but these tokens are tradeable and therefore the spender doesn't have to be the same as the buyer. Then you could spend this token in the network to get access and the network could authenticate the token without identifying the spender. I'm guessing something like zcash could be used as well...
And it wouldn't play well with billing accounts being deactivated / reactivated.
And... now that I think about it, given the tower:location mapping, you'd also have to include bouncing traffic back out to a non-tower-sharing peer and then back into their tower w/ randomized timing, else outer layers of encapsulation would still identify tower association.
Which means latency would be utter crap.
Do you have any links where this is done without a third party?
I am not well-versed enough in these cryptographic details to tell you how one could do this exactly, but I doubt it's impossible/infeasible to create a cellular protocol technically as powerful as LTE, but without tracking ability by the tower or the provider (byzantine fault tolerance, stochastic).
Presumably this is actually "unless you make a call or use data"?
Page messages are in-the clear, but that's fixable by (gasp) OTP.
There's not a legitimate engineering reason that the network needs to maintain constant fine-grained location data for each registered device at this point. The scope of the registration can be far more widely cast.
This would even have upsides for the devices and users. As check-ins to the network in which the device must transmit to the network would be far reduced, battery life improvements can be had.
Yes, this increases the amount of "broadcast" traffic, but honestly, even for some of the busiest telco switches in New York or LA, those data streams don't even approach the throughput requirements of a single HD Youtube stream...
What is the passive bitrate of a tower->cell connection? LTE/GSM whatever.
It may be possible of course through other means, like government regulation or only using carriers that have some guarantee of privacy.
I wonder if you could still use latency timing to get a rough fix on location through a secondary network like that. Not that anyone would be trying to.
Honestly, it just depends on how paranoid you want to get, and who your adversary is.
Nathan Fielder provides a good demonstration on how to properly do this:
However, if you have a burner phone for whatever reason, you are tracked and it is a relatively simple task for a three letter agency to see when that burner phone swaps cell towers and what other phones swap cell towers at the same time.
Consequently, for tracking purposes, letting anyone have a phone is what they want.
Even with the best efforts at 'operational security' a mere mortal is going to end up getting tracked.
Think of it a bit like 'shadow Facebook profiles'.
For instance, in the drug dealer scenario, the guy has one phone to speak to his mum and girlfriend and another set of interchangeable burner phones for his customers. It is all too easy. I am sure that the agencies can turn on the cameras too, fortunately the police still run Windows XP and have too much paperwork to fill in for this type of stuff.
After reading this article I am not so sure this will be the case for long.
Regarding the 'nothing to hide' rationale, if anyone has had a sick, crazy psychopath stalker pursue them for YEARS then being on the electoral roll or being on Facebook can be as good as fatal. There are good reasons to not want to be tracked, even if you have one stupid person focused 24/7 on stalking you rather than an agency/police force doing it.
Wrong. Phones can be triangulated by the carriers regardless.
it isn't acceptable that they are taking advantage of us in this way.
we can't expect any political solution to the problem, which leaves us to pursue other means if we want to protect ourselves.
is there a way to introduce fake data or noise? what about opting out?
is there a law being broken here that we can make into a lawsuit? i wonder if there is a precedent regarding restraining orders or unwanted surveillance by private entities...
Is there a huge delay in this data? Because why don't law agencies use it to find criminals? Like I have 2 crimes at these two locations. Who was around these 2 locations at these times etc.
But if hedge funds are trading on it, they need very low latencies?
Not quite. Hedge funds aren't trading real time on this data. They use this data to essentially figure out how a business is doing before they announce that information. Essentially, if x% of our data went to Chipotle in 2016 and y% went in 2017, and y >> x, then we expect Chipotle's earnings to be higher.
This is at once staggering and completely unsurprising that companies would violate user trust in such a way and sell data without proper vetting that exploits people and could potentially put them in danger. Yet another episode in the misadventures of techno-illiterate regulation and totally unread TOS agreements.
A completely open spec, open source set of components is what the community has desired for a long time. As standards get more complex and evolve faster, 4G and beyond, it becomes less possible to keep up in the open.
I guess that's no different than a faraday pouch though.
Honestly, this is the least bothersome part of the whole thing. The only problem is that there's no way I trust anyone involved to properly anonymize and secure the data in question.
Most of the descriptions of the service so far indicate a real time or near real time feed. I'm curious if it's possible to go take a phone number and ask "give me location data for this person around xx:xx at yyyy-mm-dd."
And then you'd still have a half dozen CCTV cameras on you.
Are you aware of any device vendors and/or providers that aren't doing this?
Do you have any details on this?