404
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 21 Aug 2023
404 points (100.0% liked)
Europe
8332 readers
1 users here now
News/Interesting Stories/Beautiful Pictures from Europe 🇪🇺
(Current banner: Thunder mountain, Germany, 🇩🇪 ) Feel free to post submissions for banner pictures
Rules
(This list is obviously incomplete, but it will get expanded when necessary)
- Be nice to each other (e.g. No direct insults against each other);
- No racism, antisemitism, dehumanisation of minorities or glorification of National Socialism allowed;
- No posts linking to mis-information funded by foreign states or billionaires.
Also check out !yurop@lemm.ee
founded 2 years ago
MODERATORS
Great, for added big brother points, the government could literally listen to every conversation on every street corner...
Edit. Perhaps someone could enlighten me as to why the police having live recording microphones everywhere is a good idea, generally you'd need a warrant to record citizens.
But sure, this is just for loud exhausts and has no other possible uses. Lol!
I always ask myself with these sorts of things, what would the CCP do?
https://www.nytimes.com/2022/06/21/world/asia/china-surveillance-investigation.html
I don't think it's wise to install potential dual use surveillance tech that a future government/leader could use
I can turn my phone off or leave it at home...
But do you do that?
That's not the point. The point is we shouldn't have to.
Mics can collect voiceprints. It's like the police dusting for your fungerprints wherever you go. Which, if they had a warrant and cause, fair enough, but everyone 24/7? Seems like a privacy invasion to me.
Yeah and where are you more likely to talk about sensitive information, at home or outside next to a busy street?
Er, outside in a busy street. Isn't that tradecraft 101?
But, the police have other ways these days
https://www.policeprofessional.com/news/lip-reading-technology-to-combat-crime/
Hate to admit even the least paranoid among us to take this with caution.
Have you been sleeping under a rock for the last 15 years? If the government wants to listen to you, they'll just use the microphone in your pocket. Or better: they don't listen to your incoherent ramblings and go straight for your search history, which is much more interesting than what you are generally talking about.
I don't know if you know this, but it's pretty easy for someone to make private their phone, search history, etc. You just need to be a little dedicated and sacrifice some usability.
You cannot do the same with microphones listening everywhere that you do not own.
Have some sense.
That's what you think if you haven't worked in the Telecom sector before.
Unless there's something beyond switching DNS, using a VPN and your own router/modem. It's maybe 100$ up front and ~3-5 per month to be able to circumvent any telecom.
You mean the VPN advertising everywhere, who gives out the user data whenever a goverment agency knocks on the door? Or the other big name VPN, where the company owner has another business that makes money by selling users internet data?
Yeah, i'm sure they will bend over backwards and file lawsuits to "protect your privacy" for $5/month...
Switching DNS does jack squat for your privacy. Any telecom worth their salt can read all DNS requests no matter which DNS you talk to. They only don't filter content on alternative DNSes because they don't care about filtering/blocking in general unless forced to by law.
Using a VPN doesn't add privacy, it just swapps out who is monitoring your traffic. Many VPN services are actually owned/run by secret services or cooperate with them (like NordVPN). Others are directly run by criminals who use them to steal data or inject malware. Also, VPN providers also have ISPs that reside in countries. In the very best case it's not your ISP spying on you, but the VPN's ISP. In the worst case, you now have an ISP and a VPN provider spying on you.
Your own router/modem again does nothing at all for your privacy.
That's what I mean: people think they are doing privacy enhancing things, but actually what they are doing isn't helping at all.
As someone who knows a bit more about privacy in networking than watching the sponsored bits in YouTube videos, I agree with the examples you posed, but there are other technologies to fix your DNS leaking to your ISP. One of them being DNS over HTTPS. It's default in Firefox, and pretty hard to crack just like any other HTTPS query. All your ISP can know is that you're potentially making a DNS query. Another option is a local DNS server cache. Choose some domains you wanna be able to access, and diligently update your local cache using HTTPS from existing DNS servers every fortnight. Your DNS queries will never escape your LAN.
DoH is an actual improvement, that's true. But at the same time it's a meaningless one, since the ISP can just do a reverse DNS lookup of the IPs you are contacting, and there isn't really an option to hide the IP, unless you are using TOR or a VPN, but TOR sucks in real-world usage (and can also not really be trusted) and VPNs have been discussed before.
I worked on the "evil" side for ~7 years, in a company that made internet monitoring devices. Originally I was told it's only for debugging ISP network problems, but after a few years, when I was trusted enough in the company, they told me that a significant portion of our customers are actually secret services all around the world.
The foreign ones usually wouldn't just say that they are secret service, but they'd buy through other companies, which lead to some weird requests. For example, one time a small little British bakery asked for network monitoring equipment for their business. But they wanted the solution to be able to handle ~100 TBit/s, which was at that time roughly the total bandwidth of the whole UK plus some margin.
Some secret services, though, talked to us completely openly.
I've been at one ISP quite a few times at the department that handled secret service requests. I asked that guy what they do with our products, and he showed me the full suite that they are using. He entered a random phone number into the system, and an overview over the last year's activities of that guy showed up. It had a list with timestamps of every site he accessed. It had all emails (of his ISP account and also emails that were sent unencryped) and SMS that that guy sent and received. It had a full movement profile of that guy for the whole last year, including his visits to other countries. The system allowed the operator to easily find contacts of that guy, even through the movement profile. So you could e.g. list all users that were close to that user at a given time, or all users that are frequently close to that guy.
Tbh, it was a little shocking and eyeopening.
Well yeah, you cannot completely cut deduction off the table. Not even in the real world. The fact though that the internet makes it easier is of course true. Even Tor is vulnerable to deduction-based MITM attacks using nodes that log activity. Nowadays though I think it matters less and less what you access, since everything in the internet has been reduced to a handful of huge websites (fucking SEO). If you're in one of them, I doubt DNS info are going to be much of any use, apart from them having accessed Facebook, or YouTube. When I'm doing stuff I want hidden though, tor and DoH are a must.
Well, centralized services make it easier, not harder. Now secret services can just call up their contact at Facebook or any of the other services and they can not only monitor metadata but get content as well.
Your ISP knows all the websites you go to. They might not know the contents due to encryption, but they do know websites.
And for search, well, google knows everything. Unless you use something else than google. But few people do, and bing isn't much better.
That's even assuming the phones themselves don't have backdoors. Unless you run a custom android OS.. which definitively almost nobody does.
All of those things are within the dedication to privacy. A lot of upfront time commitment but near effortless after the fact. On desktop it's even easier.
The fact that we have a technology such that do not justify his use nor an expansion of the surveillance. Au contraire it is the time to fight back.
Well then fight back. Relinquish your phone first, as it's the easiest thing to.
I live in the UK. We stopped people having guns after a mass shooting.
This can be done without constantly recording or transmitting what the microphone perceives. It can simply start recording sound and picture when a noise is detected that is loud enough / matches the pattern we’re looking for. This can be done just on the device. No big brother tech needed.
None needed, but that doesn't stop autocratic regimes from doing mass surveillance.
https://www.nytimes.com/2022/06/21/world/asia/china-surveillance-investigation.html
I don't think it's wise to install potential dual use surveillance tech that a future government/leader could use
This is like claiming speed cameras are filming all the time.
https://www.police.uk/advice/advice-and-information/rs/road-safety/automatic-number-plate-recognition-anpr/
A system like this isn't any less harmful to privacy than speed cameras, is it?assuming it's not implemented with a bunch of other non privacy friendly features (which I'd argue isn't an issue with the microphone)
They know where you've been...which is fine until the govt doesn't like you
https://www.police.uk/advice/advice-and-information/rs/road-safety/automatic-number-plate-recognition-anpr/
Why isn't a microphone an issue? It could easily record everything and upload it