The NSA and GCHQ are not making any corporate friends with their incessant snooping. They’re using the apps we use on our smart phones to glean just about everything about us, which is not only going to annoy people and keep them from using apps but also brings attention to how much corporations are stealing our information.
The National Security Agency and its UK counterpart GCHQ have been developing capabilities to take advantage of “leaky” smartphone apps, such as the wildly popular Angry Birds game, that transmit users’ private information across the internet, according to top secret documents.
The data pouring onto communication networks from the new generation of iPhone and Android apps ranges from phone model and screen size to personal details such as age, gender and location. Some apps, the documents state, can share users’ most sensitive information such as sexual orientation – and one app recorded in the material even sends specific sexual preferences such as whether or not the user may be a swinger.
Many smartphone owners will be unaware of the full extent this information is being shared across the internet, and even the most sophisticated would be unlikely to realise that all of it is available for the spy agencies to collect.
Don’t upload photos or use Google Maps, either.
In practice, most major social media sites, such as Facebook and Twitter, strip photos of identifying location metadata (known as EXIF data) before publication. However, depending on when this is done during upload, such data may still, briefly, be available for collection by the agencies as it travels across the networks.
Depending on what profile information a user had supplied, the documents suggested, the agency would be able to collect almost every key detail of a user’s life: including home country, current location (through geolocation), age, gender, zip code, martial status – options included “single”, “married”, “divorced”, “swinger” and more – income, ethnicity, sexual orientation, education level, and number of children.
The agencies also made use of their mobile interception capabilities to collect location information in bulk, from Google and other mapping apps. One basic effort by GCHQ and the NSA was to build a database geolocating every mobile phone mast in the world – meaning that just by taking tower ID from a handset, location information could be gleaned.
A more sophisticated effort, though, relied on intercepting Google Maps queries made on smartphones, and using them to collect large volumes of location information.
So successful was this effort that one 2008 document noted that “[i]t effectively means that anyone using Google Maps on a smartphone is working in support of a GCHQ system.”
If anything is going to put a stop to this, it’s companies like Google throwing their weight around. They don’t want people thinking that using their maps “is working in support of a GCHQ (or NSA) system.”
After all, they want your information for themselves.
Ah yes, corporations are the guardians of civil and consumer rights and will save us from the big bad government:
This is crazy-talk.
Why do you think that’s crazy? I thought the same thing.
Corporations are not a friend of the people. We’re nothing but laborers (preferably as cheap as possible) to bring their products and/or services to market and consumers of their products. They’d prefer to use machines for the production but have yet to figure out how to replace people on the consumption end.
I never said the corporations would do it to help us!
Exactly.
Then can’t sell product unless they get this under control.
More broadly, failure to rein in the NSA substantially and the demise of the net neutrality “information superhighway” legal regime that was the internet that Al Gore built ends the internet as a viable commercial medium.
But it is unwise to be sanguine about the sort of internet regime that the corporations will build in their turn. Corporate collection of non-essential data for “big data” analysis and data mining is almost as intrusive (and when you start talking about credit checking, almost as catastrophic) as what the NSA has been doing.
This is going to require a huge public “No”. Is self-governing, democratic America even capable of a democratic political response to this capture by the national security institutions? How would such a response manifest itself?
Was only explaining why I think looking to corporations to restore our rights that the NSA and its colluding tech companies is crazy.
Am longing for the good old days of TPC (the phone company) that everybody knew sucked, but it was a highly regulated monopoly. (ITT was the bad player.)
.
US corporations are losing clients and contracts across the globe. Large data centers with servers for cloud computing are moving out of US territory to overseas locations. Out of US jurisdiction.
○ Nandan Nilekani, chairman of the Unique Identification Authority of India, to join Congress party
Campaign underway to obtain biometrics ID-card for over 1 billion Indian citizens … how’s that for democracy and voting rights!
I grew up with computers, and have been online since I first connected to a local bulletin board system using my dad’s 1200 baud modem. Even in those days — when my age was in the single digits — I assumed that nothing online was truly private. I’ve pretty much been going by that assumption ever since and it hasn’t really steered me wrong.
I’ve learned to give up on the prospect that anything on phone or internet is private. It’s a lot less stressful when the expectation of privacy doesn’t exist. I’m not willing to disconnect from the grid, so I pays my money and I takes my chances.
I guess everyone is finally up to speed now. There is no privacy on the internet or on your phone never has been and never will.
Frankly, I rather the government have it than Google but both have it and there is nothing anyone can do about it if you want to live in the modern world.
Issues at play.
1- Expectation of privacy on the Net.
To explain the possibilities to new users, ISPs and OS brands used Icons and concepts from our everyday (and privacy rich) lives. Envelope Icons, Telephone Icons, “mail” etc…. While it helped introduce the concepts and services, they were just “aproximations”, not reality.
Here is another aproximation.
“The Internet is like a partyline phone line. Anyone can be listening.” And they are.
And another.
“Email, SMS, etc… are like sending postcards, not private letters. Anyone who handles them can read them” And they are. Look in the headers of an email you have recieved. Run a tracert on the originating IP#. You will see 8-10 hops. And those will only be the announced ones. Just like sending a postcard from New York to Birmingham, AL. Multiple stops at sorting stations. And anyone can read it if they want. Do you put confidential personal info in emails, or texts? Don’t, without protection.
Here is one more-
Posting to Social Networks is like posting to the bullitenboard of your local grocery store. No matter what your “privacy” settings are, there are still many, many more people who can see it than you think.
2) There is no free lunch in America-
Those free games, aps, and services sprouting up to make your smart phone fun and useful, ain’t free. You are paying with your personal data, which is extremely valuable to someone out there. Marketers, advertisers, etc… all want it. Would you tell it to a stranger on the street ? Let him rifle through your wallet or credit card statement for a sucker? If not, why tell it to a funny bird on your 3″x4″ screen? Of course the expectation was that it was only going to Angry Bird Inc; but remember point #1. Party line and all that.
3 Leaking OS-
As desktop computing and the Internet began to take off, the problems of security began to come to the forefront. Firewalls, AV/anti-malware programs, closing ports… all became the interest of those who worried about such things. Now you are carrying around a computer more powerful than the one you had on your desk in 2001, with less protection and more personal data. Data that isn’t on your desktop. Who you called and where you were when you called. The route you take to work. Where you spend your evenings or Saturdays. Where you plan to go. Not to mention all the texting, email checking, game playing that merges your physical life with your online life and accounts for a large part of your real life each day. Many of us spent a lot of effort to lock down our desktops (some wasted, some effective) to prevent a portion of this bleed over. Those protocols that work keep a portion of our lives from anyone but the most determineded, with huge corporate or nation state resources.
The current smart phone OSs leak like a seive. The aps that run on them do the same. This little nugget was in the ProPublica article-
” One secret report shows that just by updating Android software, a user sent more than 500
printed lines of data about the phone’s history and use onto the network. …”
http://www.propublica.org/article/spy-agencies-probe-angry-birds-and-other-apps-for-personal-data/si
ngle
In the past, such a data dump would have been discovered and all hell would have broken out on the Net. But as its done over the cell network, its harder to capture the data stream as it leaves your phone. It can be done, but convoluted.
I think, until the OSs and programs are hardened and people begin to be more aware as to what these minicomputers do and don’t do, you have to be Very Careful in their use. that might mean cutting down on their automatic and convienient usage or storing your life on one. If you don’t want to bother, then don’t whine about Govt spying; because YOU are the one spewing and broadcasting all your personal data around the world. Don’t be surprised if governments and corporations look at it to make money or enhance the security State.
Ridge
Let’s be really clear.
We have privacy up until we start sharing our information with corporations, especially over the internet.
If you don’t have a facebook account, don’t have your information saved on clouds, and keep private information private, ala not putting it out over the internet, you still have privacy.
I think people just assume that their stuff is private without knowing how data moves from your house/phone/computer over various tubes and satellites that the government clearly has access to.
.
○ NSA has cracked encryption protecting your bank account, Gmail, and smartphone