Tech Friday

posted by Brian Thomas - 

  • A lawsuit alleges that Facebook apps are mass surveillance: 
    • A lawsuit filed in California alleges that Facebook used its apps to capture information including, location, photos and text messages from users and their friends 
    • This included some people who are not Facebook users
    • The lawsuit was filed by Six4Three and it claims Facebook tracked users extensively, sometimes without consent
    • Court documents refer to confidential emails and messages between senior Facebook executives. At present, these emails and texts are sealed
    • A spokesperson for Facebook said that Six4Three’s "claims have no merit, and we will continue to defend ourselves vigorously" 
    • Thus far, Facebook has not directly responded to the surveillance allegations
    • The surveillance allegations were revealed in a January filing which claims that Facebook implemented a variety of techniques to capture information for commercial purposes
    • One court document claims "Facebook continued to explore and implement ways to track users’ location, to track and read their texts, to access and record their microphones on their phones, to track and monitor their usage of competitive apps on their phones, and to track and monitor their calls"
    • Another claim is that Facebook collected information on the friends and/or contacts for people who used the the Facebook app, including people who are not Facebook users.  By default, it would be impossible for non-Facebook users to consent to data collection
    • This bears watching
    • It's a good time to delete the Facebook app from your devices
  • Yes, your phone is listening all the time:
    • There has been speculation for some time that Facebook, Google and other apps are using the microphone in your devices to listen to your conversations
    • Recent questions about devices like Google Home and Amazon Alexa have only fueled the debate
    • A video from last year has made the rounds again recently and appears to demonstrate that Facebook is constantly listening
    • In the video, a man and his wife who claim to have never discussed or posted about cat food, discussed cat food over the course of a day, and two days later, they started seeing ads for cat food on Facebook
    • It's been shown that it's not hard to do. The BBC asked a cybersecurity expert named Ken Munro to build an app that captured conversations
    • Munro told the BBC "We gave ourselves permission to use the microphone on the phone, set up a listening server on the internet, and everything that microphone heard on that phone, wherever it was in the world, came to us and we could then have sent back customised ads."
    • The app only took a few days to build
    • You can read the BBC story here: http://www.bbc.com/news/technology-35639549
    • This is not the first time this allegation has been made about Facebook, you can find articles going back several years about this theory
    • On June 2nd, of 2016, Facebook directly addressed this allegation here: https://newsroom.fb.com/news/h/facebook-does-not-use-your-phones-microphone-for-ads-or-news-feed-stories/
    • Google has made similar proclamations
    • On October 26th, 2017, Rob Goldman, VP of advertising at Facebook, tweeted "I run ads product at Facebook. We don't - and have never - used your microphone for ads. Just not true."
    • It may just be coincidence, and these platforms are collecting tremendous amounts of information about you using a variety of other means
    • Dr. Peter Hannay, senior security consultant at Asterisk has said phones are listening all the time
    • Personal digital assistants are activated with a phrase such as "Hey Siri" or "OK Google" so the phone has to be listening
    • However, it's theoretically only paying attention when you say the phase, otherwise the data does not leave the phone
    • At that point, 3rd party apps such as Facebook have access to this data and can choose to use if they want
    • Dr. Hannay said "From time to time, snippets of audio do go back to [other apps like Facebook’s] servers but there’s no official understanding what the triggers for that are,” explains Peter. “Whether it’s timing or location-based or usage of certain functions, [apps] are certainly pulling those microphone permissions and using those periodically. All the internals of the applications send this data in encrypted form, so it’s very difficult to define the exact trigger."
    • Apps like Facebook, Twitter or Uber could have many triggers defined to capture certain conversations
    • Dr. Hannay said "Really, there’s no reason they wouldn’t be. It makes good sense from a marketing standpoint, and their end-use agreements and the law both allow it, so I would assume they’re doing it, but there’s no way to be sure."
    • Keep in mind that anything you say around a phone that is turned on could be captured and used in some way
    • You can watch the video here: https://www.youtube.com/watch?time_continue=22&v=U0SOxb_Lfps
  • Your real-time location data is being sold by US carriers:
    • Verizon, T-Mobile, AT&T, and Sprint are selling your real-time location data to a company named LocationSmart 
    • US Senator Ron Wyden recently sent a letter to the Federal Communications Commission (FCC) asking them to investigate why Securus, a prison technology company, can track any phone "within seconds" using data from LocationSmart
    • LocationSmart is a data aggregator that claims to have "direct connections" to cell carrier networks where they obtain real-time location data from cell towers
    • LocationSmart boasts coverage of 95% of the US through access to US carriers
    • Securus purportedly provides the location-tracking feature for law enforcement and corrections officers to help find missing people and fugitives
    • This issue came to light because former Mississippi County sheriff Cory Hutcheson used the service nearly a dozen times to track the phones of other officers, and even targeted a judge
    • Hutcheson accessed phone location data without a warrant and has since pleaded not guilty to charges of unlawful surveillance
    • In his letter, Wyden claims the system allows police and government employees to conduct unauthorized and warrantless surveillance, and it "needlessly exposes millions of Americans to potential abuse and surveillance by the government."
    • Securus said it requires an "official document giving permission" to obtain real-time location data. Wyden's office said that Securus make no effort to verify the authorizations
    • Wyden said Securus provides this information through a self-service portal for police for "nothing more than the legal equivalent of a pinky promise."
    • On their blog, The Electronic Frontier Foundation (EFF) said that law enforcement may be violating the law by not seeking data directly from the phone carriers. "Law enforcement shouldn't have unfettered access to this data, whether they get it from Securus or directly from the phone companies"
    • Cell carriers are reportedly investigating
    • Read Senator Wyden's letter here: https://www.documentcloud.org/documents/4457471-Wyden-letter-to-the-FCC-over-Securus.html
Brian Thomas

Brian Thomas

Based in Cincinnati, OH, the Brian Thomas Morning Show covers news and politics, both local and national, from a conservative point of view. Read more

title

Content Goes Here