[talk] Fine I put tape over my webcam but now what
george at ceetonetechnology.com
Fri Nov 4 13:12:04 EDT 2016
On 11/04/16 00:31, Edward Capriolo wrote:
> On Fri, Nov 4, 2016 at 12:17 AM, Chris Snyder <chsnyder at gmail.com> wrote:
>> On Thu, Nov 3, 2016 at 6:48 PM, Pete Wright <pete at nomadlogic.org> wrote:
>>> On 11/3/16 3:26 PM, Mark Saad wrote:
>>>> So here is a good read from the land of tinfoil hats and hacking air
>>>> gapped openbsd laptops via sound.
>>>> So the tldr parts , ad tracking via ultrasound beacons . Imagine you
>>>> install the wallmart app to get the 25% off coupon but it's tracking you
>>>> via ultrasound beacons.
>>>> Interesting non the less .
>>> yea pretty terrifying that adtech has succeded in normalizing the idea
>>> that to use the internet is to consent to living a surveillance state. the
>>> worst part - imho - is the fact that most of people who i've worked with in
>>> this industry a) don't realize they are creating a surveillance state or b)
>>> think it's a good thing.
>> Just had the interesting-to-me thought that audio tracking works over
>> voice and videoconferencing links, no "internet" necessary.
>> If stray dogs start taking an uncommon interest in you, turn off your
>> talk mailing list
>> talk at lists.nycbug.org
> I am less worried about adtech companies that make marginal profits on look
> alike targeting and more worried about the large player that has its own
> protocols and browser, because they make there own rules.
All your mics are on and Ed stopped top-posting! Certainly a sign of
the coming apocalypse!
In all seriousness, I tend to take the minimalist approach to mitigating
these threats: treat your phone as a compromised platform that isn't
secureable. I think there's an old ACM Queue article from PHK that
essentially makes that argument from a few years ago. Your contacts,
private PGP and SSH keys, etc., are public information when residing on
PHK also happened to do a review of Silent Circle's BlackPhone2 in three
parts. This is the first:
It's noteworthy since it's supposed to be a secure phone, but the
weaknesses are standard problem on all phones. Ultimately, assurances
and policies from the manufacturer, software providers and of course the
cell network provider aren't a basis for 'privacy by design.' And most
don't even provide favorable policies.
In regards to this actual vulnerability, I wonder what the 'cost'
(computationally on the provider-side, not just monetarily) is on such
surveillance, er, I mean data-mining, really is. You have firms which
rely on third-party cookies still, and the step up to audio captures is
a significant leap in terms of required resources for storage, parsing, etc.
I'm sure there are people on this list who may know the answers, but
aren't in a position to speak about it publicly...
More information about the talk