[HN Gopher] Inside A Global Phone Spy Tool Monitoring Billions
___________________________________________________________________
Inside A Global Phone Spy Tool Monitoring Billions
Author : dharmab
Score : 77 points
Date : 2024-01-24 20:32 UTC (2 hours ago)
(HTM) web link (www.404media.co)
(TXT) w3m dump (www.404media.co)
| chaps wrote:
| The linked paper goes into some of the more-technical details
| about how the multicast ad exchanges work. Very much worth a
| read. The number of avenues for capturing this information,
| legally or otherwise, is intense. Though I disagree with the
| conclusion of the paper that it's remotely fixable through
| abstract walls -- that's really just moving the goalpost.
|
| https://www.iccl.ie/wp-content/uploads/2023/11/Europes-hidde...
| happytiger wrote:
| It's also irrelevant if one can cross reference just a few
| pieces of data: phone did, address, location geo associated
| known associates, multiple locations (school, work, home),
| demographic info, one can de-anonymize data relatively
| painlessly. And that is a lot easier if I'm targeting a single
| person and know some of those data points to start.
|
| And how much of this applies to the companies that aren't
| buying the data but generating it themselves?
|
| RTB is just one vector of many, and while it's useful to expose
| how much data is constantly leaking, it's just the tip of the
| iceberg.
| chaps wrote:
| Well, yes. Yes.
|
| The more we can understand this stuff, the better. Not many
| journalists are working on these issues, and it's nice to see
| it get more coverage by folk dedicated to it. I've personally
| had an exceptionally difficult time pitching this sort of
| story to outlets -- they want something _big and juicy_. But
| the reality of it all is boring, subtle and routine. Then
| made much worse by the army of lawyers who will argue to the
| bone about what "private" and "consent" means in the favor
| of privacy damning systems like what we see here.
| 399393993 wrote:
| Googol's response is incredibly amusing. "The government can't be
| trusted with all that info! We have to cut them off! Only we can
| be trusted with all that info!"
| JohnFen wrote:
| Most companies seem to be of the opinion that spying is bad
| except when they're the ones doing it.
| happytiger wrote:
| This has been known for years. I'm not sure why it's only now
| getting attention.
|
| Section 702 was just renewed, so maybe it's out the issue on
| people's radar?
|
| https://www.nationalreview.com/news/house-passes-annual-defe...
|
| Until we have a privacy bill or rights or equivalent, attached to
| the individual, privacy will be exploited by every nation and
| business imaginable. And the efforts to try to make it more
| difficult to tap data without an warrant are asinine... all it
| does is push the databases to public/private partnership models,
| and these models can generally easily de-anonymize data by cross
| referencing data.
|
| It's strange to see an article on the subject published a month
| after the section 702 renewal, as if fisa and warrants weren't
| the issue but commercial collection sources somehow are.
|
| Besides... It's not some big secret: the website is easily
| Googleable as is the deck.
|
| http://isasecurity.org/patternz
|
| https://sovsys.co/wp-content/uploads/2020/04/PATTERNZ-NATION...
|
| AND Forbes also covered this exact system back in November of
| last year.
|
| https://www.forbes.com/sites/emmawoollacott/2023/11/14/web-b...
|
| The real scoop would be looking at how new AI systems are being
| used to mine this data. This is the real problem national
| security agencies have to solve: how to consistently gain useful
| and actionable insights at scale and decide what's _not_ worth
| paying attention to because the absolutely colossal volumes of
| data generates huge amounts of review.
|
| Anyone know why this article is dropping now? Odd timing.
| BLKNSLVR wrote:
| Semi rhetorical question: is it too late to introduce
| legislation protecting this kind of private data?
|
| Discussion point one: is the industry profiting from gathering,
| shifting, mining, selling this data large enough that it would
| cause an employment problem for any country that may enact such
| legislation? (probably a much bigger problem for the US than
| any other country).
|
| Discussion point two: is it likely that, even if the
| legislation doesn't have favouritism carve-outs for specific
| groups/companies, the industry would find ways around it, with
| the end game being: nothing changes.
| e12e wrote:
| I think gdpr style legislation can work - but the price (and
| purpose) would be making most types of surveillance
| capitalism illegal.
|
| People can bug your house with fiber optics today, but only
| the government and perhaps your family can do it legally.
| overstay8930 wrote:
| If you have an iPhone aren't you safe from this with tracking
| protections enabled (including iCloud Private relay)?
| WhackyIdeas wrote:
| Although I don't know for sure, I doubt the iPhone is safe from
| this.
|
| Considering there were multiple zero days found within malware
| targeting Kaspersky employees recently, and the zero days used
| vulnerable secret api's only known to Apple themselves, I would
| assume that Apple users (like myself) are not any more
| protected from anything.
___________________________________________________________________
(page generated 2024-01-24 23:00 UTC)