mindtangle

privacy

Yellow Dots of Mystery

A few years ago, the EFF discovered the serial tracking system that printer makers had been secretly adding to printers at the behest of the government. They’ve just produced this great instructable, with a funny video to boot:


More cool how to projects

No Comments »

My Submission to StopTheSpying.org

I hesitated before putting this on the public Internets, but now that I’ve allowed it to be posted up on Flickr and on the False Profit site, there’s no longer any reason for the pretense of chastity:

Wanting privacy doesn’t mean we have something to hide

It’s my submission to the EFF’s project, stopthespying.org. They are hoping to pressure Congress into throwing out legislation that will give telcos immunity for having colluded with the Bush administration in warrantless wiretapping of American citizens.

Is putting half-naked pictures of yourself on the Internet a good idea, even if it’s for a good cause? You tell me.

3 Comments »

Facebook Business Solutions

Here’s a satirical site by Parsons MFA student Dan Provost, a faux listing of Facebook’s upcoming privaliciously-helpful features. For example:

Facebook Image Scan

Facebook Image Scan uses a sophisticated computer algorithm to filter through every image in the user’s Photo Album, identifying brand markings and products and tagging them with links back to your homepage.

Screenshot of Prank Site FacebookBusinessSolutions, showing founder Mark Zuckerberg with all of his clothing choices listed.

The awesome thing about this is that I wouldn’t put it past Facebook to consider such a feature, were the technology feasible. Rather, I should say that I don’t put it past Facebook to consider such a feature when the technology becomes feasible. Maybe sites like FBS will help inoculate us against business practices that insinuate themselves this far into our lives, by highlighting their absurdity before-the-fact. Talk to me again in five years.

To round out the awesome creepiness of the site, you can actually log in from this page. I inspected the source, and the login goes to Facebook (at least as of this morning.) But it could easily phish for your username and password, too.

Nice work, Dan. This is a killer media hack.

via The Art of the Prank

No Comments »

No ID

I’m currently in the airport, having breezed through the security checkpoint with no issues. Not remarkable, except that I am travelling with no ID whatsoever. I’ve been running a gauntlet of paperwork, back home, and forgot my driver’s license with a friend who was helping me with various filings.

Read the rest of this entry »

No Comments »

Flying Killer Robots To Patrol US

Predator DroneFeeling a little too secure in your freedoms? Miss that post-9/11 sense of dread that the country would turn into a police state, devoid of dissent or even abnormal behavior? No longer wondering who may be listening to your phone calls? Afraid you may soon live in an open society where the sanctity of individual privacy is not only tolerated but upheld as a fundamental principle?

Me neither, but let’s suppose you were, because your fear would no longer be justified. Cuz pretty soon flying fucking robots will be silently following you everywhere you go.

Yup, these are the same ‘Predator’ drones that have been hunting and killing people who might be terrorists, the American citizens they travel with, and other assorted brown people. No word on whether the domestic model will carry the same massive deathstrike capabilities.

Now if these were normal times and a normal administration we could probably assume that this slightly-scary-but-somewhat-inevitable technology would be confined to the heavy duty work like border patrol and searching for clandestine pot farms. But lucky us — we live in interesting times indeed:

one North Carolina county is using a UAV equipped with low-light and infrared cameras to keep watch on its citizens. The aircraft has been dispatched to monitor gatherings of motorcycle riders at the Gaston County fairgrounds from just a few hundred feet in the air–close enough to identify faces

Biker gangs? Are you fucking serious? The last time I heard of violent biker gang causing any trouble was in Cannibal Apocalypse. And even there they weren’t more than a set piece.

Coming soon, to a neighborhood near you!Since these are federally funded by the Department of Homeland Security, and we know how well-spent their money is, we can expect to see these deployed in all sorts of mission-critical capacities – real soon now.

“Phoooom,” he says, his hands blooming like a flower.

No Comments »

increase in value begets increase in sophistication of strategies to capture that value

This recent article provides a somewhat sensationalized description of the ‘e-hijacking‘ of 3.9 million consumer credit records. What is interesting about this theft (and it was an actual physical theft, not simply a copy like most supposed data ‘thefts’) is the extraordinary sophistication of the attackers:

“Spoonamore, a veteran of the intelligence community, said in his analysis of this e-hijacking, upwards of 15 to 20 people needed to be involved to hack five different computer systems simultaneously to breach the electronic safeguards on the electronic manifest. The manifest was reset from “secure” to “standard” while in transit, so it could be delivered without the required three signatures, he said. Afterward the manifest was put back to “secure” and three signatures were uploaded into the system to appear as if proper procedures had been followed.”

This case has several interesting aspects. For one, this was apparently a very well-planned and well-funded attack. Clearly, the culprits had a reasonably precise estimate of the value of the data they were appropriating, which puts them one up on the people who are ostensibly in charge of protecting the data (UPS?? UPS?!?!?!). Second, the attack was performed on backend infrastructure, completely out of the hands of the individuals whose information was lost and whose personal financial lives are at risk. The victims have no idea what was obtained, what they could have done to prevent it, or even if they are a victim. Do you shred your credit statements? Avoid buying things over the internet? Doesn’t matter. Unless you work for Citigroup, Experian, or UPS corporate security, nothing you could have done would have prevented this event.

The corporations responsible for the failure of this link in the chain are more or less completely without exposure. So now we have unaccountable third parties collecting material for their own reward that exposes millions of individuals to enormous personal risk. Yet they take no risk themselves. Your identity is being bought and sold (and stolen and abused), and you have no say in the transaction. This is an untenable situation.

More to come.

No Comments »

shortlinks

Blizzard Breaks and Enters Onto Customer Private Property

World’s largest known computer intrusion, successfully subverting more than 4.5 million private computers, performed by software company Blizzard Entertainment against their own customers:

I watched the warden sniff down the email addresses of people I was communicating with on MSN, the URL of several websites that I had open at the time, and the names of all my running programs, including those that were minimized or in the toolbar. These strings can easily contain social security numbers or credit card numbers, for example, if I have Microsoft Excel or Quickbooks open w/ my personal finances at the time.
This discovery has keyed off a very interesting debate as to what the acceptable range of operations is for software you choose to install on your computer. Now that you’ve given this executable code the capability to access your private information, do the programmers now have the right to do with that information whatever they please? Apparently, many people believe the answer is “Yes.”

No Comments »

IBM: Genes Off-Limits

From the New York Times: IBM has declared it’s workers’ genetic makeup to be off limits for all hiring and benefits eligibility. It’s a forward-looking move (and a good PR one, given IBM’s huge stake in bioinformatics.)

We’re fast approaching a world where a probabilistic profile for each person’s predispositions (disease, psychological traits, physical abilities etc.) can be determined at birth. Given this future, we’ll hopefully all be working at IBM. Sucks to be everyone else.

The article notes that Congress is considering such protections for every American. The insurance industry is understandably nervous about this legislation, given the real possibility that those with strong predispositions for hereditary diseases will profile themselves in secret, and then overinsure when they test positive.

The fact is, there is no solution to this problem given our current system. If Americans and those insuring them have opposing incentives, there will be drastic arbitrage opportunities for whomever has more information. With healthcare, this inevitably means either that a) broad swaths of the population will suddenly become uninsurable and thus unable to pay for care or b) there will be a drastic explosion in the cost of insurance premiums.

Interestingly, universal healthcare seems to be the only system where early knowledge of genetic predispositions benefits all involved. I’d be interested to know if anyone can propose an alternative. Without one, it looks like an America with fully socialized medicine is the only one I’d be willing to be a part of in about ten years’ time.

I remember writing a long paper about this in high school. It’s amazing sometimes, how long it takes the future to arrive.

(link found via Slashdot)

2 Comments »

eastasia is the new black

Microsoft’s wet dreams of global media domination take a step closer to coming true:

Microsoft hopes its Internet protocol television system (IPTV) will also be used in India, China and other developing countries, where it could provide education and government services

Hm. Call me a killjoy but I find it hard to get excited about two-way communications protocols that enable Chinese government “services,” even when these services are provided by our much-heralded collaborators bastions of free-market ideals, the multinational technology corporations.

And I’m certain I’m not the only one.

Shi Tao, currently serving 10 years for \'divulging state secrets\' on a supposedly anonymous Yahoo forum

Meet Shi Tao. He’s currently in prison in China for at least 10 years for ‘divulging state secrets’ on a supposedly anonymous Yahoo forum. China asked to remove the veil, and Yahoo delivered, no questions asked.

Pardon me if I’m not falling over myself to fawn at the idea of Microsoft making A LOT OF MONEY, but I think there are some questions that need to be answered first.

What responsibilities, if any, does business have in the spread and maintenance of human rights? How should they be held to those responsibilities? The traditional model of leading corporations to civil behavior with the carrot and stick of economic incentives (and disincentives) has left us in a constant cycle of boundaries-testing, with corporate interests expanding until they receive a slap on the wrist, then withdrawing begrudgingly. When they are caught red-handed they can only pass the buck, complaining that they are only doing what is required of them, that they are just as much the victim as the ones being tortured in prison as a result of their actions.

This is, to put it mildly, bullshit. As Xeni points out, Yahoo’s argument that corporations are bound by the laws of the localities in which they operate is disingenous at best, premeditated complicity at worst. Yahoo had every opportunity to deny the information that would save this man’s life. But they chose not to, because to take a stand would mean they either had to destroy the user profiling data that they resell to advertisers, or they would have to close up shop in China and potentially miss out on the opportunity to sell those two billion eyeballs. Why is that is the unthinkable option?

Certainly it is naive to put faith in the notion of business taking a lead in the global human rights project. Indeed many view the story of the past thousand years as a struggle against corporations (in their many forms) for individual freedoms. If there’s one lesson to be learned from this story, it is that there will be no new corporate model. The guilty party here was once one of the revolutionary new guard: self-professed democratizers of information access, promising a ‘global village’ where thought flowed freely and content knew no border or nationality. In the end, though, they are bound to their profit-hungry DNA, the implicit fine print in every business plan since the dawn of time.

This problem will not disappear of its own volition. A new approach must be found.

No Comments »