Sciencemadness Discussion Board
Not logged in [Login ]
Go To Bottom

Printable Version  
 Pages:  1  2    4
Author: Subject: more frightening privacy stuff
franklyn
International Hazard
*****




Posts: 3026
Registered: 30-5-2006
Location: Da Big Apple
Member Is Offline

Mood: No Mood

[*] posted on 25-6-2014 at 13:16


www.hackingteam.it/index.php/remote-control-system
View user's profile View All Posts By User
franklyn
International Hazard
*****




Posts: 3026
Registered: 30-5-2006
Location: Da Big Apple
Member Is Offline

Mood: No Mood

[*] posted on 13-8-2014 at 01:32
Bow down to your masters


Consider for a moment exactly what Google can do. It is able to scan through the billions of emails that flow across its network every day, and , based on hashes — mathematical formulas used in database searches and information encryption — it can pluck out an offending email that matches a database of flagged content and then alerts law enforcement.

Google claims as part of a class-action lawsuit against the company regarding email scanning that " a person has no legitimate expectation of privacy in information he voluntarily turns over to third parties." Got that , in an era of electronic communications , emails between you and your friends or business partner , or between you and your brokerage firm , bank , accountant , lawyers , or even your doctor , spouse and child , are never to be considered private.

What happens if an increasingly paranoid government grows suspicious about references to patriotism and deems patriotic speech and imagery worthy of scrutiny ? What happens if government decides those who invest offshore are traitors who must be identified and persecuted ?

When Edward Snowden's revelations broke last year , it sent shock waves through CERN , a particle physics laboratory in Switzerland. A young MIT PhD student working there expressed concern , and soon 40 of the smartest physicists and computer programmers on the planet were pooling their knowledge to found ProtonMail , a Gmail-like email system which uses end-to-end encryption , making it impossible for outside parties to monitor messages sent back and forth. ProtonMail's two-week " crowd funding " campaign had set a target of $100,000 , but collected more than $300,000 in just a few hours. => https://protonmail.ch

In June, PayPal — the same U.S. money-transfer company that blocked contributions to Julian Assange's WikiLeaks at the U.S. government's behest — froze ProtonMail's funds and blocked all further contributions , without notice or explanation. Why would PayPal do such a thing ? Andy Chen, the MIT PhD student who dreamed up ProtonMail , explained that , " When we pressed the PayPal representative on the phone for further details , he questioned whether ProtonMail is legal and if we have government approval to encrypt emails." PayPal's officiousness verifies the fact that American tech companies are increasingly an extension of the U.S. government , and so regrettably cannot ever be trusted with anyone's business.

Excerpts of articles from http://thesovereigninvestor.com

_______________________

Duh I'm with stupid up there
www.sovereignman.com/trends/heres-the-dumbest-thing-youll-he...

.
View user's profile View All Posts By User
franklyn
International Hazard
*****




Posts: 3026
Registered: 30-5-2006
Location: Da Big Apple
Member Is Offline

Mood: No Mood

[*] posted on 30-8-2014 at 00:18


http://www.csoonline.com/article/2360945/security/malicious-...

http://www.csoonline.com/article/2599437/data-protection/cry...

.
View user's profile View All Posts By User
aga
Forum Drunkard
*****




Posts: 7030
Registered: 25-3-2014
Member Is Offline


[*] posted on 30-8-2014 at 13:53


Everything you do on the internet is scanned, analysed, recorded.

It's easy to do, and is done all of the time.

The telephone/mobile networks went digital decades ago.

Likely that a 'Market' exists between Governments (including Mafias) to trade data on who said/did what.

The sheer Quality of Surveillance satellite optics means that what you Say can be derived from the vibrations of something near you.

In these mildly paranoid times, literally Everything you say or do is analysed.

What will be made of the data in Wartime will be interesting.




View user's profile View All Posts By User
Texium
Administrator
********




Posts: 4583
Registered: 11-1-2014
Location: Salt Lake City
Member Is Offline

Mood: PhD candidate!

[*] posted on 30-8-2014 at 15:18


Quote: Originally posted by aga  
Everything you do on the internet is scanned, analysed, recorded.
I think we need a new internet.



Come check out the Official Sciencemadness Wiki
They're not really active right now, but here's my YouTube channel and my blog.
View user's profile Visit user's homepage View All Posts By User
roXefeller
Hazard to Others
***




Posts: 463
Registered: 9-9-2013
Location: 13 Colonies
Member Is Offline

Mood: 220 221 whatever it takes

[*] posted on 30-8-2014 at 15:33


Someone call Al Gore.
View user's profile View All Posts By User
franklyn
International Hazard
*****




Posts: 3026
Registered: 30-5-2006
Location: Da Big Apple
Member Is Offline

Mood: No Mood

[*] posted on 31-8-2014 at 12:24


Quote: Originally posted by aga  

The sheer Quality of Surveillance satellite optics means that what you Say
can be derived from the vibrations of something near you.


Not so. The laser bug is over 40 years old. The limitations inherent cannot be overcome without very stringent control of the environmental setting.
Adaptive optics to which you allude cannot possibly compensate.

www.youtube.com/watch?v=1MrudVza6mo

www.williamson-labs.com/laser-mic.htm

.
View user's profile View All Posts By User
aga
Forum Drunkard
*****




Posts: 7030
Registered: 25-3-2014
Member Is Offline


[*] posted on 1-9-2014 at 12:42


High speed camera, isolate the movement of a small part of the image, such as the edge of a crisp packet, add some DSP, DAC it, and you have sound.

The key ingredients are camera resolution and frame capture speed.
Essentially the frame rate is what determines the max frequency you can resolve.

http://newsoffice.mit.edu/2014/algorithm-recovers-speech-fro...

Quote: Originally posted by roXefeller  
Someone call Al Gore.

OK. Al is Gore.

[Edited on 1-9-2014 by aga]




View user's profile View All Posts By User
Fantasma4500
International Hazard
*****




Posts: 1681
Registered: 12-12-2012
Location: Dysrope (aka europe)
Member Is Offline

Mood: dangerously practical

[*] posted on 1-9-2014 at 13:28


my classmate keeps yapping about some damn app trying to install itself on his smartphone, he says he read through what it does, it does so the software can pretty much fully control his smarthphone in exchange of some lame game of some sort.. however killswitch technique has been used lately to shut off loads of iphones (smartphones all in all?) not to mention stingray phone tracker

the arguments for installing killswitch technique on iphones when theyre manufactured is so that the all devious thieves cannot steal your phone and use it..

http://en.wikipedia.org/wiki/Stingray_phone_tracker

http://www.examiner.com/article/in-the-wake-of-ferguson-crit...

we live in an age of technology where criminals are out in the open, and the criminals ofcourse wouldnt want to be on camera and later on the internet


i never wanted a smartphone, the more technologically advanced you get, the easier it will be to be limited by the same technology




~25 drops = 1mL @dH2O viscocity - STP
Truth is ever growing - but without context theres barely any such.

https://en.wikipedia.org/wiki/Solubility_table
http://www.trimen.pl/witek/calculators/stezenia.html
View user's profile View All Posts By User
franklyn
International Hazard
*****




Posts: 3026
Registered: 30-5-2006
Location: Da Big Apple
Member Is Offline

Mood: No Mood

[*] posted on 14-9-2014 at 17:12
The martians have landed ?


Great what's next.

http://money.msn.com/now/mysterious-fake-cellphone-towers-fo...

http://www.popsci.com/article/technology/mysterious-phony-ce...

My question is if someone takes one down and helps themself to the parts , will the police respond ? Who will be the complainant.

See this other related post above

http://www.sciencemadness.org/talk/viewthread.php?tid=7144&a...

Private sector hacking.

___________________________________________________________


Since when did I don't like what you're doing , stop that , become enforcible.

www.inquisitr.com/1474279/comcast-tells-customers-to-stop-us...

.
View user's profile View All Posts By User
careysub
International Hazard
*****




Posts: 1339
Registered: 4-8-2014
Location: Coastal Sage Scrub Biome
Member Is Offline

Mood: Lowest quantum state

[*] posted on 15-9-2014 at 03:45


Quote: Originally posted by aga  
High speed camera, isolate the movement of a small part of the image, such as the edge of a crisp packet, add some DSP, DAC it, and you have sound.

The key ingredients are camera resolution and frame capture speed.
Essentially the frame rate is what determines the max frequency you can resolve.

http://newsoffice.mit.edu/2014/algorithm-recovers-speech-fro...


That is an interesting article.

But it has nothing to do with satellite imaging - they cannot image the surface of a potato chip bag at 3000 frames a second.

Read the brand on the label, yes. Maybe some of the other larger text as well. That's about it.
View user's profile View All Posts By User
IrC
International Hazard
*****




Posts: 2710
Registered: 7-3-2005
Location: Eureka
Member Is Offline

Mood: Discovering

[*] posted on 15-9-2014 at 05:56


Does it matter when they will not stop until they have high tech cameras on every street light in the nation? Not only that, I have seen banks of cameras on a power pole on a two lane rural highway between two towns 50 miles apart. One population ~5,000, the other ~1,500. If they are there you can bet they are going up along every highway nationwide at a never ending pace. Your plates are on record and your travels are already cataloged. While those highway setups may not be listening you know the ones on city poles are. If they can be panned and controlled what are the odds that in addition to the microphones on the poles the technology aga describes will not be added. Pan the camera at whatever building or house they want to spy on and little privacy remains. Add to that thermal imaging which can provide internal images and precise analysis of power use, water use. Next toilet use. Orwell could not begin to understand the technical advances in 1984 that would exist by 2014 when governments are busy building the reality.




"Science is the belief in the ignorance of the experts" Richard Feynman
View user's profile View All Posts By User
chemrox
International Hazard
*****




Posts: 2961
Registered: 18-1-2007
Location: UTM
Member Is Offline

Mood: LaGrangian

[*] posted on 15-9-2014 at 18:10


Thanks franklyn. I reserved an invitation.



"When you let the dumbasses vote you end up with populism followed by autocracy and getting back is a bitch." Plato (sort of)
View user's profile View All Posts By User
franklyn
International Hazard
*****




Posts: 3026
Registered: 30-5-2006
Location: Da Big Apple
Member Is Offline

Mood: No Mood

[*] posted on 26-11-2014 at 02:25


http://techcrunch.com/video/lavabit-founder-talks-snowden-an...
See ' The legal premise ' below

With this stuff in the wild everyone has a need for security in communication.
http://www.bloomberg.com/video/malware-used-for-surveillance...
http://finance.yahoo.com/news/unidentified-country-likely-be...
http://fortune.com/2014/11/23/regin-malware-surveillance/?xi...
http://techcrunch.com/2014/11/24/regin-spying/?ncid=txtlnkus...


The legal premise for secret indictments , particularly as applied to accused terrorists or combatants is that Grand Jury proceedings are secret as enacted in constitutional law. In Gerstein v. Pugh, 420 U.S.103 (1975) , the Court held that a suspect can be detained for a significant length of time after arrest when the legality of the confinement is reviewed by a neutral decision maker. Normally that review is supplied by a magistrate in a post arrest hearing; but when a grand jury indictment precedes the arrest, the Court concluded that no further review is needed. Substituting a grand jury's review of the evidence for a magistrate's review is permissible,

.
View user's profile View All Posts By User
franklyn
International Hazard
*****




Posts: 3026
Registered: 30-5-2006
Location: Da Big Apple
Member Is Offline

Mood: No Mood

[*] posted on 20-1-2015 at 08:10
Homing Pigeons are still secure


No kidding, those are used in New York.

http://www.computerworld.com/article/2872292/nsa-secretly-us...

http://www.computerworld.com/article/2474275/cybercrime-hack...

.
View user's profile View All Posts By User
franklyn
International Hazard
*****




Posts: 3026
Registered: 30-5-2006
Location: Da Big Apple
Member Is Offline

Mood: No Mood

[*] posted on 21-5-2015 at 10:04


http://www.theverge.com/2015/5/21/8633815/snowden-nsa-google...
View user's profile View All Posts By User
Zombie
Forum Hillbilly
*****




Posts: 1700
Registered: 13-1-2015
Location: Florida PanHandle
Member Is Offline

Mood: I just don't know...

[*] posted on 21-5-2015 at 10:35


I've been saying it for years.

If you think you are free to do as you please... you're wrong. IF the government has an interest in you or a use for you, you are theirs.

All of this spyware/malware, ect, is only for one purpose. Analytic marketing.
What are people doing, and how can we steer them thru our cattle runs. Where are they, what are they doing, and how can we make money off of this information?

That's all it is. Money!




They tried to have me "put to sleep" so I came back to return the favor.
Zom.
View user's profile View All Posts By User
WGTR
National Hazard
****




Posts: 971
Registered: 29-9-2013
Location: Online
Member Is Offline

Mood: Outline

[*] posted on 21-5-2015 at 19:56


I have a question about general interest in a somewhat-related topic. I have been thinking of designing a hardware access control list for a network. Basically an ACL operates on layer 3 of the OSI model, and it allows one to limit access to or from a network based solely on IP address. Packets coming or going to IP addresses other than those which are allowed get dropped. Conceptually the design is simple, and can be done with stateless hardware.

Tor can be configured to go through certain entry nodes. These nodes can be programmed into an access control list, essentially blocking all network traffic except for that of the selected node. What this means, is that if malware or a browser extension attempts to access the internet outside of the selected Tor node (or a VPN, etc.), those packets never even make it out to the modem. Most expensive (and some inexpensive) routers have an ACL functionality built-in. However, what I am thinking of is a hardware solution that implements only the ACL. This would be an additional box that would be installed between the router and the modem.

Instead of a web interface, the ACL could be programmed directly at the box itself. This eliminates problems with web server exploits. The modular design, i.e., having the ACL physically separate from the hardware router, would greatly simplify both the design and the security auditing that would follow. Of course, the design would be open source.

The overall goal is to offer an internet safety net to those who feel the need to have one, a first line of defence of sorts. The device would be a brick upon arrival, unable to pass any network traffic until the ACL is programmed with selected IP addresses. The lack of a web interface, and the very simple software function implemented, allow hard coding of the design into FPGA fabric. Parties outside (or inside) the network could not hack into the ACL remotely and run code, because there would be no state machine to run it. The software should be simple enough for reasonably experienced parties to audit it. The fact that no single point failure (ACL in series with a router) would allow rogue traffic to pass the network would improve overall security. If someone wanted to access the 'net normally, all that would be needed would be to unplug the ACL box and bypass it manually.

So, am I explaining this well enough? Does it sound interesting, or perhaps like I'm smoking my socks?
View user's profile View All Posts By User
Zombie
Forum Hillbilly
*****




Posts: 1700
Registered: 13-1-2015
Location: Florida PanHandle
Member Is Offline

Mood: I just don't know...

[*] posted on 21-5-2015 at 20:15


This exists in software... PeerBlock. http://www.peerblock.com/

As you said the trick is in blocking all the known threat IP addresses. In reality, you don't know which ones to block until they are discovered so the bottom line is in blocking the entire "net", and only allowing known IPs to travel thru.

This creates new problems as many sites are "in bed" with the powers that be, and these sites will not function unless you allow the third party access at the same time.

It's a time consuming process to "fix" the issues. I've been avoiding the majority of eavesdroppers for decades but you can't beat them all. I give it up to "risk reduction" vs. risk proof.

Now if you came up with an automatic "Who Is" box oe software, that would help BUT again, these fellas aren't going under Super Sucker Inc. Washington D.C.
They go under Candy Corn, and Unicorn Logic Software Inc. Lakeside N.J.

It's a tough fight. Keep throwing the idea around... you never know what may develop




They tried to have me "put to sleep" so I came back to return the favor.
Zom.
View user's profile View All Posts By User
leau
Hazard to Others
***




Posts: 122
Registered: 3-12-2021
Member Is Offline


[*] posted on 16-1-2023 at 09:58


Not Your Average App: A Large-scale Privacy Analysis of Android Browsers

ABSTRACT The privacy-related behavior of mobile browsers has remained widely unexplored by the research community. In fact, as opposed to regular Android apps, mobile browsers may present contradicting privacy behaviors. On the one hand, they can have access to (and can expose) a unique combination of sensitive user data, from users’ browsing history to permission-protected personally identifiable information (PII) such as unique identifiers and geolocation. On the other hand, they are in a unique position to protect users’ privacy by limiting data sharing with other parties by implementing ad-blocking features. In this paper, we perform a comparative and empirical analysis on how hundreds of Android web browsers protect or expose user data during browsing sessions. To this end, we collect the largest dataset of Android browsers to date, from the Google Play Store and four Chinese app stores. Then, we develop a novel analysis pipeline that combines static and dynamic analysis methods to find a wide range of privacy-enhancing (e.g., ad-blocking) and privacy-harming behaviors (e.g., sending browsing histories to third parties, not validating TLS certificates, and exposing PII—including non-resettable identifiers—to third parties) across browsers. We find that various popular apps on both Google Play and Chinese stores have these privacy-harming behaviors, including apps that claim to be privacy-enhancing in their descriptions. Overall, our study not only provides new insights into important yet overlooked considerations for browsers’ adoption and transparency, but also that automatic app analysis systems (e.g., sandboxes) need context-specific analysis to reveal such privacy behaviors.

https://petsymposium.org/popets/2023/popets-2023-0003.pdf

:cool:

[Edited on 16-1-2023 by leau]

Attachment: popets-2023-0003.pdf (2.3MB)
This file has been downloaded 302 times

View user's profile View All Posts By User
leau
Hazard to Others
***




Posts: 122
Registered: 3-12-2021
Member Is Offline


[*] posted on 11-2-2023 at 10:53


No Privacy Among Spies: Assessing the Functionality and Insecurity of Consumer Android Spyware Apps

Consumer mobile spyware apps covertly monitor a user's activities (i.e., text messages, phone calls, e-mail, location, etc.) and transmit that information over the Internet to support remote surveillance. Unlike conceptually similar apps used for state espionage, so-called "stalkerware" apps are mass-marketed to consumers on a retail basis and expose a far broader range of victims to invasive monitoring. Today the market for such apps is large enough to support dozens of competitors, with individual vendors reportedly monitoring hundreds of thousands of phones. However, while the research community is well aware of the existence of such apps, our understanding of the mechanisms they use to operate remains ad hoc. In this work, we perform an in-depth technical analysis of 14 distinct leading mobile spyware apps targeting Android phones. We document the range of mechanisms used to monitor user activity of various kinds (e.g., photos, text messages, live microphone access) — primarily through the creative abuse of Android APIs. We also discover previously undocumented methods these apps use to hide from detection and to achieve persistence. Additionally, we document the measures taken by each app to protect the privacy of the sensitive data they collect, identifying a range of failings on the part of spyware vendors (including privacy-sensitive data sent in the clear or stored in the cloud with little or no protection).

https://petsymposium.org/popets/2023/popets-2023-0013.pdf

:cool:



Attachment: popets-2023-0013.pdf (1.4MB)
This file has been downloaded 321 times

View user's profile View All Posts By User
Fantasma4500
International Hazard
*****




Posts: 1681
Registered: 12-12-2012
Location: Dysrope (aka europe)
Member Is Offline

Mood: dangerously practical

[*] posted on 17-2-2023 at 08:49


vague number from hm- 10 years ago, 1% of the population in my country is actively under surveillance
the rest just get all their data dumped into a hard drive, naturally- sorted through some word scanner, surely social media profile connections are scanned

i always pay with money in stores, for years i ate just pasta and meatsauce 3 times a day, never looked up anything about pasta sauce- never.
never paid with card
never spoke about it.
one day i got adds about pasta sauce. how?

i have heard from people who got in trouble that within very short amount of time police was through all security parameters on their phones, asking them questions about people on encrypted apps. 10 years ago it took them 10 minutes to get access to facebook account by contacting UK surveillance demons
but now- they were interrogating these people on the spot, not like they striked them down- he was caught with something, supposedly stopped for routine check and immediatedly they had access
dont be naïve, online you write with pen not pencil.




~25 drops = 1mL @dH2O viscocity - STP
Truth is ever growing - but without context theres barely any such.

https://en.wikipedia.org/wiki/Solubility_table
http://www.trimen.pl/witek/calculators/stezenia.html
View user's profile View All Posts By User
 Pages:  1  2    4

  Go To Top