Remember when we were told that our Internet searches might
be watched over surveilled ‘reviewed’ by the Intelligence ‘Community’ (“Jesus, you guys are kind to yourselves!” ‘Joe Turner (Condor)’, in Three Days of the Condor)
Now, my friend Borepatch brings us this:
Amazon Echo and Google’s Alexa are Internet Of Things devices that listen for your voice commands and then do not particularly interesting things for you. The minor convenience and gee whiz factor are way outweighed by how you are painting a big bulls eye on your house:
As a rule, IoT devices lack security and these are no different. Unlike other IoT devices, these personal assistants compromise your security in even more ways they you may think. In general, most users don’t read the Terms of Service (ToS) associated with IoT devices or software being installed. Users have a basic understanding that Amazon and Google will maintain your profile information, such as what music you listen to, when you turn off your lights, or even the coffee you order, in an effort to provide a better over-all experience. Over time these devices learn your preferences; the more intuitive and responsive the device, the more we tend to use it.
What is more alarming is what you don’t think about when using these voice activated devices including those from Apple and Microsoft. There has been a lot of discussion around the security and privacy of these devices over the past few months. One of the biggest concerns is the question of whether the devices are always listening. Both Amazon and Google say the devices listen for hot words that activate them, such has Hello Google or Echo/Alexa, but because these devices are controlled by and interact with by Amazon and Google, the hot words and or the device itself can be easily manipulated to allow for an always on “listening mode” by the vendor at any time by the way of a crafty term of service
How’s the security of these devices? You can’t know. What will the Terms Of Service provide to protect your privacy? You can’t know:
Amazon:In order to keep the Amazon Software up-to-date, we may offer automatic or manual updates at any time and without notice to you.
Google:When a Service requires or includes downloadable software, this software may update automatically on your device once a new version or feature is available…
So the services can update the software without your knowledge, whenever they want, for any reason they want. The terms of service state that they may sell or share your data to other organizations. And this is creepy but entirely to be expected:
In addition to the vendor maintaining access to the device, it isn’t unfathomable that cyber-criminals could gain access as well. These are, after all, IoT devices and are just as vulnerable to being pwnd (geek speak meaning owned/or controlled) as any other IoT device. Both devices have indicators when they are in listening mode, however this can be easily disabled by a hacker. A hacker could be listening to your every word and you would not be aware.
And so would NSA listen in? The Snowden revelations suggest that they might already be listening in. How much data do they have? Who knows?
It will be a cold day in Hell when one of these things shows up at Castle Borepatch.
It’s probably good we at Guffaw de alquiler
cannot afford such things. My roomie is not particularly tech savvy (less than I) , but loves toys! Between the two of us, we have a PC, a laptop, two tablets, two smartphones, and she has a smart watch!
If indeed, United States intelligence (or Israeli? They reportedly have a listening post not far from Fort Huachuca) is actually paying attention to what we email, and to whom, and records our cellular calls, and computer searches, adding a voice-actuated room-wide link to the Internet just seems like overkill.
Inviting what is essentially an open wiretap into one’s home, with which to do Internet searches, order products and services, pay bills, etc. seems a little self-defeating. If privacy is your goal.
If we ever get out of this financial hole we are digging (with her working little, and surgery pending – putting her off for six to twelve weeks), I can see her wanting one, though.
(from Brock Townsend)
According to ABC, all applications to the FISA Court were signed off on by the Attorney General and therefore if any applications were processed in the past year, they were signed off on by Loretta Lynch. This means that Lynch signed off on any requests for wire tapping President Donald Trump during the Presidential race. This is disheartening knowing that she released a video over the weekend calling for the need for more marching, blood and death on the streets. This also means that she chose not to investigate the Clinton Foundation for illegal activities but rather signed an application to wire tap President Trump.
Finally, another very disturbing fact about the wire tapping request of President Trump is that the FISA Court turned down President Obama’s Administration’s first request to wire tap President Trump that was evidently signed off on by Attorney General Lynch. With only two applications denied out of 10,700 from 2009 through 2015, the fact that the Obama Administration’s application was denied by the FISA Court is very disturbing. The odds of this happening were 0.02%.
The Obama Presidency is now arguably the most corrupt in US history.
The HONORABLE Loretta Lynch? Seriously?
I know historically AGs have played fast and loose with the law. From XXX to John Mitchell, and beyond…
People speaking of political corruption often invoke Watergate and the Plumbers.
We are so far beyond that it pales by comparison!
And, the whole FISA thing makes it stink even more.
“The Obama Presidency is now arguably the most corrupt in US history.”
Perhaps, not so arguably.
(PS – shouldn’t it read candidate or president-elect?)
I was recently asked (by a liberal friend) my thoughts on the Sanctuary Cities controversy.
To be honest, I’d not given it much thought.
Initially, my gut response was (as I suspect it is with most conservatives in the Republic) they (the cities and States creating Sanctuary Zones) are in violation of federal law.
But then the libertarian part of my brain became engaged. Have these cities and States (or even those therein who are seeking Sanctuary) received due process for their actions? Or is it just the power of the federal government that is forcing these political entities to bow to their will? And, of course those individuals, too.
I remembered, the Republic antebellum, when the States held much more power. But Lincoln killed that concept.
And the federal government has continued to grow ever since! Have you ever seen a warrant, signed by a judge, used for the searches at the airport? Or DUI checkpoints? Or when ‘they’ spy on your computer?
If the illegal aliens avoiding the feds are in these places, they need due process to be extracted and deported. If they are more than illegal aliens (like criminals) they too need due process.
That pesky Constitution so says.
As a conservative, I say go get ’em. As a libertarian, I say wait for proper paperwork. Just withholding gov’t funds to cities and States may be a great tactic (as ‘they’ ubiquitously do with highway funds!) but blackmail is not proper paperwork.
I am a conservative libertarian.
I am all about legal aliens to be here legally, get their ‘green’ cards, and move toward proper citizenship, if they desire.
Illegal aliens? Should be deported. Except is the most special circumstances.
But the paperwork needs to be in order, first.
Not just federal force.
(Believe me, not nearly as exciting as it sounds!)
People not in ‘the business’ often get their ideas of private investigation from movies and television.
“I’m a P.I.”
“OH! Like MAGNUM!”
Oft times, it’s more like “Oh, like a bean counter-security guard!”
Case in point. I’m working out of a P.I. agency cum polygraph business. The owner is a retired Phoenix Police detective. My boss is Bob Hall (later of gun store fame). And Bob and I have done surveillance, security, security surveys, records checks, photography, interviews, taken statements, served legal papers, located missing persons, found hidden assets – all manner of private investigation related duties.
Then there was the tank farm.
Out on the South Central part of West Phoenix lies a tank farm. (51st Ave/Van Buren) Wherein pipelines of gasoline and related products arrive to the Valley for distribution to local gas stations.
Once a rural edge of town, it’s now more centrally located.
Fortunately for us, whose office is just by the State Police offices at 23rd Av. and Grand. (in 1986).
It seems a rural gasoline hauler has been filling up at the tank farm, and their numbers don’t match with the fuel taken. Hmmm.
SO, we as P.I.’s (keep thinking Magnum) get to monitor all fill-ups of these fuel trucks at the farm, compare the receipts with the pump readings, and note any discrepancies! Whenever these guy arrive to fill up. 4 PM, Midnight, 4 AM. Whenever. They call when they are about 45 minutes out…
And I think they had eight trucks.
Which kept three or four private investigators busy…
Over a period of like two months. Any day or night.
True, for the company, there was mileage + hourly for multiple investigators.
But, for the investigators, it was insanely boring, and tiresome. And much comp time was taken for driving from home to the tank farm, watching and monitoring some yahoo fill his tanker truck for 20 minutes, and driving home.
Three hours? Starting @ 0200.
Well, we were young and foolish. And hungry for money.
I’m not young, anymore.
(from my friend Borepatch)
I strongly recommend that you do NOT buy the My Friend Cayla doll, the i-Que robot, or the Barbie Hello Dream House as gifts due to a grotesquely dangerous security flaw in the toy’s design.
I often rant about poor security in products and how “security wasn’t an afterthought, it wasn’t thought of at all.” Mostly it’s about something that is unlikely to effect most of all y’all. This time is different – here are some toys that can endanger children, and I STRONGLY recommend that you do NOT buy these as gifts this holiday season.
My Friend Cayla is a doll with embedded voice recognition technology similar to Apple’s Siri, that can interact with children. It not only listens to what the child says but can respond appropriately.
While it’s somewhat concerning that the doll “phones home” over the Internet for the voice recognition to work, the issue isn’t that it’s listening in on your kid. Mind you, I find this more than a little creepy, but I remember when there were only 3 TV channels.
The danger is that the doll is Bluetooth enabled, and the Bluetooth is completely unprotected. What this means is that anyone within Bluetooth range (which at 100 yards is actually further than many think) can connect to the doll and start talking to your child as she plays.
Let me say that again – Joe Shmoe in the park across from your house can connect to your little Princess’ doll and have a chat.There’s a video of this, although they’re wrong to call it a “hack”. It’s simply use of the functionality as it was designed.
Also using the exact same technology with exactly the same flaw is the i-Que robot: this isn’t just a threat to little girls.
Unconfirmed reports also include the Barbie Hello Dream House. I don’t know whether this is vulnerable to remote Bluetooth access, and it’s almost certain that nothing definitive will be published on this before the holidays. Given that I recommend that you don’t buy this, either.
This seems to me to be bordering on criminal negligence by the companies involved (certainly My Friend Cayla and i-Que; possibly Mattel). The idea that a child’s toy could be released that would allow someone to remotely talk with your child his his or her own bedroom is mind bogglingly stupid.
To reiterate, I strongly recommend that you do NOT buy the My Friend Cayla doll, the i-Que robot, or the Barbie Hello Dream House as gifts due to a grotesquely dangerous security flaw in the toy’s design.
Anyone remember “My name is Talky Tina” from Rod Serling’s Twilight Zone? These toys take that to a whole new level.
I suppose that all depends on how it’s imposed…
(from Brock Townsend)
This essay was first published in Southern Partisan in the Winter, 1985.
Southerners rarely while away their leisure hours by contemplating Yankees, for there is no point in thinking of unpleasant things if one is not obliged to do so. Yet the practice does have value; to some extent, at least, we are defined by those attributes which set us apart from others, and sometimes we can be made aware of such attributes only by observing people who do not share them. Another virtue of thinking about Yankees, in the long run perhaps a more important one, is that it serves to remind us that they have repeatedly tried to make us over in their own image. Indeed, though it may seem that they have been off our backs since the demise of the civil rights movement, their latest campaign to reform us is actually well under way.
What is there about us that has made us so offensive to them? Or, conversely, what is there about them that has compelled them to meddle in our affairs? The late great Richard M. Weaver, in The Southern Tradition at Bay, addressed himself to analyzing the qualities that distinguish the South from North, and for the nineteenth century he was perfectly on target. “The North had Tom Paine and his postulates assuming the virtuous inclinations of man,” Weaver wrote; “the South had Burke and his doctrine of human fallibility and of the organic nature of society.” The North embraced rationalism and egalitarianism; the South had a “deep suspicion of all theory, perhaps of intellect,” and clung to a hierarchical and deferential social order. The North bowed down before science and material progress; the South “persisted in regarding science as a false messiah,” and remained into “our own time” (the 1940s) “the last non-materialist civilization in the Western World.”
Growing up in public schools in the Southwest, we were taught it was The Civil War (in lieu of The War Between the States, or that recent unpleasantness). And that Lincoln was a hero by preserving the Union.
Simplistic, I know.
Now the Republic seems more divided than ever, and there have been rumblings (on the Internet) of secessionist movements in Idaho, Texas, Montana, California and Alaska.
Even if President-elect Trump had quoted Gerald Ford and said ‘our long national nightmare is over’, that wouldn’t necessarily make it so.
And it does appear as though Southerners DO think differently than Yankees. (A Southerner now not being necessarily geographically defined.)
And the Federal government by it’s very nature seems to want more power and control.
Between land take-overs, false imprisonments, warrantless searches, courts of Star Chamber, and not taking a firm hand to persons who break the law, and illegal alien and drug smuggling, there is potential for this not to end well.
Just look at the diverse mindsets of progressives, conservatives and libertarians on Facebook!
We are as divergent as the South and the North 151 years ag0 – coupled with Internet technology and communication. And statist millionaires fueling the fire with billions!
I fear for the Republic.
Privacy mavens have been going on for some time regarding the complete lack of privacy on the Internet. Coupled with private industry and public intelligence, license plate readers and facial recognition software, the NSA listening to our cellular telephone calls and reading our email, and cameras everywhere, from about 2002, lets face it…
Now, another factor has entered the arena.
According to Motherboard, it’s a real threat.
A global conference of senior military and intelligence officials taking place in London this week reveals how governments increasingly view social media as “a new front in warfare” and a tool for the Armed Forces.
The overriding theme of the event is the need to exploit social media as a source of intelligence on civilian populations and enemies; as well as a propaganda medium to influence public opinion.
. . .
The event, the Sixth Annual Conference on Social Media Within the Defence and Military Sector, is sponsored by the Thales Group, the tenth largest defense company in the world, which is partially owned by the French government.
Participants in the conference—chaired by Steven Mehringer, Head of Communication Services at NATO—will include military and intelligence leaders from around the world, especially “social media experts from across the armed forces and defense industry.”
. . .
“Social Media is increasingly important to the portrayal of armed forces, at home and abroad on operations; raising awareness of institutional issues; and gaining support through successful recruitment campaigns,” said conference Chairman, NATO’s Steven Mehringer, in an invitation brochure for the event.
The military’s goal of using social media to influence the beliefs of populations to win wars is alluded to in the description of other panels. A proposed panel titled ‘NATO’s Digital Outreach: Creating a Global Conversation’, describes NATO’s aim of “cultivating a global audience through social media to support The Alliance.”
Another panel discussion makes direct reference to the role of social media in covert US military ‘psychological warfare’ operations—i.e. propaganda—as well as the use of social media to support mass surveillance.
There’s more at the link.
At first I assumed that the conference was about nothing more or less than the usual propaganda exercises employed by all sides in any conflict. However, reading between the lines, it appears that they’re talking about more active – and more covert – interventions, such as ‘sock-puppeting‘ comments on or reactions to articles, blog posts, etc. that they don’t like. In other words, they wouldn’t act openly, or say that this is the view of a particular party; so one wouldn’t be able to exercise informed judgment on what they have to say.
I know some of the more totalitarian governments have been doing this for decades. (The so-called ‘Great Firewall of China‘ is a good example, and it’s now morphing into a ‘citizen score‘ for every person, upon which will depend their ability to get good jobs, get loans, or even eat well.) If Western nations are now starting to venture into the same territory, we’ll have to be on our guard.
To coin a phrase: Big Brother is not your friend.
For that nazi/narc in you!
From Alan Korwin:
ATF Launches Anonymous Tip App
The Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF) has launched a new mobile app that enables the anonymous reporting of information regarding crimes or that could be used to help prevent the commission of crimes. With the reportit app, available through the App Store or on Google play, citizens can submit a tip and attach a photo or video. The information is forwarded to ATF in real time, but should not be used to report a crime that is currently in process. Submitters will have the option to provide personal information, but it is not required. (emphasis added).
The Uninvited Ombudsman notes however that:
BWAHAHAHAHAHAHAHA. Is it possible this app doesn’t already know who you are if you use it? Especially considering who designed it?
Top-notch expert: Oh I’m sure it does.
Second top-notch expert: Recommend you route any tips through Hillary’s personal email server to be safe.
Third: Doesn’t everyone know the system has to identify both ends of the address to deliver the message?
Names withheld but it doesn’t matter anymore. (end)
I remember back-in-the-day, when our State police agency had a toll-free number one could use to report vehicles with out-of-State license plates (as legal residency requires in-State licensure) TRANSLATION: Revenue
And I thought THIS was beyond the pale!
If you see something, say something! – a current administration motto
For me, it’s a matter of degree. Narking on your neighbors because they are behaving suspiciously (whatever THAT means?), hmmm…
Narking on the guy driving the wrong direction, erratically (which I have done)? Of course!
Being the eyes and ears of the State? Degree, my friends.
The times, they are a changin’
I’ve not been a private investigator since 1986. I’ve not been a credit card fraud investigator since 2009. But I’ve been some-kind of investigator (private security, process server) most of my adult life.
It’s in my blood.
As such, I’ve tried to keep up with the latest regarding what records are available, what has been limited (due to privacy concerns) and the like.
And, of course, the overall erosion of privacy since Al Gore invented the Internet! And the government passed The Patriot Act, NDAA, et al.
My dear friend Biff (previously lauded in song and story in these pages – well story, anyway) recently met me for coffee, and, as he oft wants to do, presented me with a gift!
I like gifts! 🙂
As he peruses used bookstores (in search of first editions and signed editions) he sometimes finds books his friends might appreciate.
And he found THIS!
It was obviously used and in fair condition. He was curious what I thought of it and it’s value to today’s sleuth.
It took me a few days to read it. I had to keep reminding myself this was geared for the neophyte. Hence the clever title…
Overall it’s a pretty good book. The author claims to be a retired FBI agent who now has his own P.I. agency in Florida. (The Internet does confirm this.) It’s fairly well organized and has both current and historic information regarding how to find stuff and to keep out of jail in so doing. It even has material regarding sources on the Internet, and electronic surveillance.
My copy is the second edition. An Amazon search revealed there is now a third.
It now holds a place of honor on my bookshelf, adjacent to Where’s What (the CIA book regarding where to find records, circa 1974).
Yeah, I’m a snoop at heart…
(FTC – neither Amazon, nor this book’s author gave me anything! Biff did, but he’s my friend! BACK OFF!)
Much of the Internet Vanguard (Borepatch, The Silicon Graybeard et al) have chided us for years regarding not just the intrusion of government and business into lives, but our voluntarily providing too much information to them – like posting when you are leaving for vacation on Facebook.
Well, my friends, Internet intrusion has indeed jumped the shark! (or perhaps a more adult euphemism!)
(from Wirecutter, in part)
A woman is suing her (appliance name excised for taste) manufacturer for knowing too much about when and how she uses it.
A few weeks ago, two researchers told the Defcon hacking convention audience that We Vibe “smart” sex toys send a lot of data about their users back to the company that makes them. According to Courthouse News, one We Viber took this news hard. A woman known only as “N.P.” filed a class action civil suit in a federal court in Illinois against Standard Innovation, which makes the We Vibe line of sex toys and corresponding app.
The smartphone app lets users “customize” their We Vibe experience, unlock app-only “bonus” vibration modes such as the “cha-cha-cha” and the “crest,” and “create unlimited custom playlists,” according to the product’s website. In the suit, N.P. says she bought a We Vibe in May and used it “several times” until she realized that it was sending data about her usage practices back to Standard Innovation’s servers, including when she used it, which vibration settings she used, and her email address.
And here I was concerned about license plate readers, facial identity programs and grocery store purchase trackers!
She obviously thought she was the master of her domain*, anonymously…
*a Seinfeld reference