[talk] Fine I put tape over my webcam but now what

George Rosamond george at ceetonetechnology.com
Fri Nov 4 13:12:04 EDT 2016

On 11/04/16 00:31, Edward Capriolo wrote:
> On Fri, Nov 4, 2016 at 12:17 AM, Chris Snyder <chsnyder at gmail.com> wrote:
>> On Thu, Nov 3, 2016 at 6:48 PM, Pete Wright <pete at nomadlogic.org> wrote:
>>> On 11/3/16 3:26 PM, Mark Saad wrote:
>>>> Ok
>>>>   So here is a good read from the land of tinfoil hats and hacking  air
>>>> gapped openbsd laptops via sound.
>>>> http://arstechnica.com/security/2016/11/how-to-block-the-ult
>>>> rasonic-signals-you-didnt-know-were-tracking-you/
>>>> So the tldr parts , ad tracking via ultrasound beacons . Imagine you
>>>> install the wallmart app to get the 25% off coupon but it's tracking you
>>>> via ultrasound beacons.
>>>> Interesting non the less .
>>> yea pretty terrifying that adtech has succeded in normalizing the idea
>>> that to use the internet is to consent to living a surveillance state. the
>>> worst part - imho - is the fact that most of people who i've worked with in
>>> this industry a) don't realize they are creating a surveillance state or b)
>>> think it's a good thing.
>> Just had the interesting-to-me thought that audio tracking works over
>> voice and videoconferencing links, no "internet" necessary.
>> If stray dogs start taking an uncommon interest in you, turn off your
>> phone.
>> _______________________________________________
>> talk mailing list
>> talk at lists.nycbug.org
>> http://lists.nycbug.org/mailman/listinfo/talk
> I am less worried about adtech companies that make marginal profits on look
> alike targeting and more worried about the large player that has its own
> protocols and browser, because they make there own rules.
> https://www.privateinternetaccess.com/blog/2015/10/so-google-records-all-the-microphone-audio-all-the-time-after-all/

Ha.  Yes.

All your mics are on and Ed stopped top-posting!  Certainly a sign of
the coming apocalypse!

In all seriousness, I tend to take the minimalist approach to mitigating
these threats: treat your phone as a compromised platform that isn't
secureable.  I think there's an old ACM Queue article from PHK that
essentially makes that argument from a few years ago.  Your contacts,
private PGP and SSH keys, etc., are public information when residing on
your phone.

PHK also happened to do a review of Silent Circle's BlackPhone2 in three
parts.  This is the first:


It's noteworthy since it's supposed to be a secure phone, but the
weaknesses are standard problem on all phones. Ultimately, assurances
and policies from the manufacturer, software providers and of course the
cell network provider aren't a basis for 'privacy by design.' And most
don't even provide favorable policies.

In regards to this actual vulnerability, I wonder what the 'cost'
(computationally on the provider-side, not just monetarily) is on such
surveillance, er, I mean data-mining, really is. You have firms which
rely on third-party cookies still, and the step up to audio captures is
a significant leap in terms of required resources for storage, parsing, etc.

I'm sure there are people on this list who may know the answers, but
aren't in a position to speak about it publicly...


More information about the talk mailing list