Pushing Back Against Backdoors: 2018 Year in Review

In article , Mayayana
wrote:


| There is a very good android firewall that can be set to block every
| app from using the phone and/or wifi. You can be selective.

I simply don't believe that.

of course not. you only believe what you want to believe.

Google controls the system.
With iPhones, Apple controls the system.

nope. google, apple, microsoft, etc. *developed* their systems. they do
not control it.

It's like the
idea of privacy on Win10, only worse. Once you're
locked out of the system it can't be trusted. A sandboxed
app can't do anything about controlling the system.

a sandboxed app is limited to what permissions have been granted or
denied.

it's up to the user to grant or deny access for various services, for
specific apps or systemwide.






I also know how to read a map, don't need Waze, have
no interest in mob-based restaurant reviews, and have
no reason to use Uber/Lyft. I don't listen to music, so
I don't need earbuds and music. I'm not curious about
counting my footsteps or being told my heart rate.

you sound like the life of the party.

paper maps won't tell you about real time traffic or speed enforcement.
the route you planned while at home won't auto-update because of a
crash that happened moments ago, and by the time it makes it to the
traffic reports (if it does at all), you'll be stuck in it.

restaurant reviews have been around long before smartphones, except
that now it's a lot easier to find a good restaurant, including looking
at the menu beforehand to help decide whether it's worth a visit.

not listening to music is unhealthy and counting footsteps helps
maintain a healthier lifestyle by motivating people to reach exercise
goals.

if your heart rate is outside of normal ranges, not knowing could cost
you your life.

In article , Mayayana
wrote:


There is a very good android firewall that can be set to block
every app from using the phone and/or wifi. You can be selective.

I simply don't believe that.

of course not. you only believe what you want to believe.

Google controls the system.
With iPhones, Apple controls the system.

nope. google, apple, microsoft, etc. *developed* their systems. they
do not control it.

It's like the
idea of privacy on Win10, only worse. Once you're
locked out of the system it can't be trusted. A sandboxed
app can't do anything about controlling the system.

a sandboxed app is limited to what permissions have been granted or
denied.

it's up to the user to grant or deny access for various services, for
specific apps or systemwide.






I also know how to read a map, don't need Waze, have
no interest in mob-based restaurant reviews, and have
no reason to use Uber/Lyft. I don't listen to music, so
I don't need earbuds and music. I'm not curious about
counting my footsteps or being told my heart rate.

you sound like the life of the party.

paper maps won't tell you about real time traffic or speed
enforcement. the route you planned while at home won't auto-update
because of a crash that happened moments ago, and by the time it
makes it to the traffic reports (if it does at all), you'll be stuck
in it.

restaurant reviews have been around long before smartphones, except
that now it's a lot easier to find a good restaurant, including
looking at the menu beforehand to help decide whether it's worth a
visit.

not listening to music is unhealthy and counting footsteps helps
maintain a healthier lifestyle by motivating people to reach exercise
goals.

if your heart rate is outside of normal ranges, not knowing could
cost you your life.

I understand his suspicions, but the way the firewalls work is to
intercept the outgoing connections. So nothing get out except through
it. I am sure that android can be programmed to bypass this, but I
don't think that it is. After all, Windows has been bypassing
firewalls since W7 to force updates upon us. W7 and W8 could be
stopped from doing this by removing certain executables, but W10
apparently cannot be stopped, except for as far as MS allows.

"anonymous" wrote

| I understand his suspicions, but the way the firewalls work is to
| intercept the outgoing connections. So nothing get out except through
| it.

Connections from apps. Isn't the firewall an app?
If not it would have to be a modifying system process,
perhaps even a replacement kernel, because the apps,
as I understand it, don't have system access. If they did
then permissions for an app would be meaningless because
they'd be unenforceable.
And to stop the apps going out you also have to stop
their permissions to do what you installed them to do.
What good is enforcement if Acme Drive Guide sells your
location and personal info to advertisers and won't work
otherwise? The main business model for phone apps is
"free" spyware/adware.

| I am sure that android can be programmed to bypass this, but I
| don't think that it is.

You don't think Android bypasses your firewall? How
would it communicate with a cell tower? Both iPhone
and Android are also known to store a record of your
location by using that data. That's all part of the
system. Remember when Google was caught slurping
WiFi data with their streetview cars? (You may also
remember that they lied about it until they were caught
having written software specifically for the task.)

http://www.theregister.co.uk/2011/04...vacy_concerns/

That was 2011. And a very interesting read.

"In October, Google pledged to stop using its world-roving Street View
vehicles to collect Wi-Fi data and said it instead would rely on Android
handsets to get the information. When phones running the Google OS detect
any wireless network, they beam its MAC address, signal strength and GPS
coordinates to Google servers, along with the unique ID of the handset."

"...the Android cache (of location data) appears to contain at least one
significant difference (from iPhone): It limits locations derived from
cellphone towers to just 50 entries and Wi-Fi data to just 200. There is no
evidence that the consolidated.db file stored on iPhones and iPads has any
constraints."

Now combine that with news in 2016 that Google had changed
their terms to explicitly give themselves the right to stop pretending
their data trove is "anonymized":

https://www.propublica.org/article/g...e-web-tracking

These are just two articles out of a few dozen I've collected
about privacy issues. It takes me a moment to find a handful
of the numerous articles published about the lying and cheating
of tech companies.

To imagine that you can use any Google/Apple
service or device and not be surveilled in everything you do is
naive. Surveillance is central to their business model. Location-
aware ads are the aim. Timmy Cook, of course, squeals that Apple
is honest and only cares about sending you Goodness through
the iDevices you pay through the nose for. The difference seems
to be mainly just that Apple maintains tighter control over who
can profit from your data. They don't like to share. But that
doesn't mean they don't collect it and let others see it. Or
perhaps it would be more accurate to say that AppleSeeds
tend to be passive, non-techie people who are actually proud
that their iPacifiers do their thinking for them. (Like nospam,
depending on his iCrap to save him from a heart attack while
he listens to his "healthifying" music.

| After all, Windows has been bypassing
| firewalls since W7 to force updates upon us. W7 and W8 could be
| stopped from doing this by removing certain executables, but W10
| apparently cannot be stopped, except for as far as MS allows.

Exactly. And that's a computer OS, not a kiosk device.

You don't think Android bypasses your firewall? How
would it communicate with a cell tower?

We are talking about apps accessing the web, not the phone system.
But there is obviously going to be no appeasing your suspicions, so
just tell your shrink what is going on in your paranoid mind and maybe
he will be able to soothe your nerves.

Both iPhone
and Android are also known to store a record of your
location by using that data. That's all part of the
system. Remember when Google was caught slurping
WiFi data with their streetview cars? (You may also
remember that they lied about it until they were caught
having written software specifically for the task.)

"techguy32" wrote

| You don't think Android bypasses your firewall? How
| would it communicate with a cell tower?
|
| We are talking about apps accessing the web, not the phone system.

Who's we? I said one reason I don't use a cellphone is
because of privacy and not wanting a tracking collar.
You may get a nice feeling about being watched by
Google. I don't. Google and the apps are both part of
one system of ad/surveillance - supported services.

I don't make a distinction between Franks Fried Chicken
Finder App showing Doubleclick ads and Google showing
Doubleclick ads. It's a spyware "ecosystem".

| But there is obviously going to be no appeasing your suspicions, so
| just tell your shrink what is going on in your paranoid mind and maybe
| he will be able to soothe your nerves.
|

The first defense of the ostrich: Call anyone
with questions a tinfoil hat wearer. If you don't
care about privacy then that could, conceivably,
be an informed decision on your part. But to be
angry and derisive simply because other people
do care about privacy is an irrational response and
a sign denial... That you don't want to know.

Or maybe you're a Google shill, selling Eric Schmidt's
case that anyone who wants privacy must have
skeletons in the closet?

https://www.youtube.com/watch?v=A6e7wfDHzew

And we're not just talking here about the creepiness
of being tracked and shown ads based on surveillance.
Spying is power. For instance, Eric Schmidt's plan to
take the 2016 election for Hillary, not by having a good
platform and informing the public about it, but by using
collected surveillance data, marketing, and propaganda:

https://www.itwire.com/government-te...n-in-2014.html

Welcome to the 21st century.

Did you bother to read my links? Presumably not.
You don't want to know the facts. But I post them,
anyway, because some people do want to know
the facts. And even if they don't care about privacy,
unlike you I think they deserve to know what they're
signing up for.

On Sun, 30 Dec 2018 10:07:50 -0500
"Mayayana" wrote:

"techguy32" wrote

| You don't think Android bypasses your firewall? How
| would it communicate with a cell tower?
|
| We are talking about apps accessing the web, not the phone system.

Who's we? I said one reason I don't use a cellphone is
because of privacy and not wanting a tracking collar.
You may get a nice feeling about being watched by
Google. I don't. Google and the apps are both part of
one system of ad/surveillance - supported services.

I don't make a distinction between Franks Fried Chicken
Finder App showing Doubleclick ads and Google showing
Doubleclick ads. It's a spyware "ecosystem".

| But there is obviously going to be no appeasing your suspicions, so
| just tell your shrink what is going on in your paranoid mind and
maybe | he will be able to soothe your nerves.
|

The first defense of the ostrich: Call anyone
with questions a tinfoil hat wearer. If you don't
care about privacy then that could, conceivably,
be an informed decision on your part. But to be
angry and derisive simply because other people
do care about privacy is an irrational response and
a sign denial... That you don't want to know.

Or maybe you're a Google shill, selling Eric Schmidt's
case that anyone who wants privacy must have
skeletons in the closet?

https://www.youtube.com/watch?v=A6e7wfDHzew

And we're not just talking here about the creepiness
of being tracked and shown ads based on surveillance.
Spying is power. For instance, Eric Schmidt's plan to
take the 2016 election for Hillary, not by having a good
platform and informing the public about it, but by using
collected surveillance data, marketing, and propaganda:

https://www.itwire.com/government-te...n-in-2014.html

Welcome to the 21st century.

Did you bother to read my links? Presumably not.
You don't want to know the facts. But I post them,
anyway, because some people do want to know
the facts. And even if they don't care about privacy,
unlike you I think they deserve to know what they're
signing up for.



If you want privacy and security, use Linux Mint. No account, no
activation. Apps are free.

How about a smartphone, that doesn't track you, and is built for
privacy?

https://puri.sm/products/librem-5/

"Johnny" wrote

| How about a smartphone, that doesn't track you, and is built for
| privacy?
|
| https://puri.sm/products/librem-5/
|

That looks interesting. I didn't know such a project
was happening. If I ever actually want a cellphone
and want to pay $600+ + $100/month to use it, then
I might check back.

On the other hand, for now it looks a lot like the
problems with Linux. If it doesn't have common apps
that people want then they probably won't buy it.
That was part of the discussion above: For what most
people want it's not possible to avoid tracking.
OpenStreetMap is a nice idea, for instance, but it
just doesn't work well enough to use it.

Johnny wrote:
On Sun, 30 Dec 2018 10:07:50 -0500
"Mayayana" wrote:

Did you bother to read my links? Presumably not.
You don't want to know the facts. But I post them,
anyway, because some people do want to know
the facts. And even if they don't care about privacy,
unlike you I think they deserve to know what they're
signing up for.



If you want privacy and security, use Linux Mint. No account, no
activation. Apps are free.

How about a smartphone, that doesn't track you, and is built for
privacy?

https://puri.sm/products/librem-5/

OK, we'll just watch you with one of these then.
The Virgin Mary may have designed your phone,
but nothing protects you from external surveillance.

https://en.wikipedia.org/wiki/Stingray_phone_tracker

"This is accomplished by downloading the IMSI, ESN, or other
identifying data from each of the devices connected to the
StingRay. In this context, the IMSI or equivalent identifier
is not obtained from the cellular service provider or from
any other third-party. The StingRay downloads this data
directly from the device using radio waves."

In a news report this year, it was revealed that
more than one of those is being operated in town,
and when the government checked with the police,
the police were not actively using those.
As a consequence, we don't know who is running those.
A researcher determined, by watching the protocols,
that more than one Stingray is operational.
They're obviously there to make you feel all warm and
fuzzy in your "freedom".

If you live in a rural area, you're "safe" :-/

Nobody has sufficient money to service rural areas.
Even the black hats.

Paul

In article , Wolf K
wrote:

How about a smartphone, that doesn't track you, and is built for
privacy?

For a cellphone to work, it must have a unique ID, and be within range
of at least one cellphone tower.

In most of the USA and Canada, the cellphone user is are within range of
three towers, which means the location of the phone can be triangulated
to within a few meters.

nowhere near that close, even in dense urban areas where cell sites are
tightly spaced.

in rural areas, the distance between towers could be 10 miles or more,
especially in flat terrain, giving quite a large area of where someone
might be.

And for billing purposes (even prepaid), every call is recorded.

nope. that's wiretapping and illegal.

what's recorded is the *metadata*, including the phone numbers of
outgoing calls as well as incoming (when available) and how many
minutes the call was.

Tracking you is therefore relatively simple. That's why smart crooks buy
(or steal) a phone, use it once, and toss it.

most crooks aren't smart (that's why they're crooks), but even if they
do use a burner phone, they still leave a trail.

In article , Wolf K
wrote:

And for billing purposes (even prepaid), every call is recorded.
nope. that's wiretapping and illegal.

You misread my intension, context is "for billing purposes", not "for
surveillance". (BTW, "intension" is the correct spelling for my meaning).

you used the wrong word.

recording a call is very different than logging the numbers and length
of calls, which is all that's needed 'for billing purposes'.

and actually, only the length is required. logging the number is a
holdover from when long distance cost more.

In article , Wolf K
wrote:

Tracking you is therefore relatively simple. That's why smart crooks buy
(or steal) a phone, use it once, and toss it.

most crooks aren't smart (that's why they're crooks), but even if they
do use a burner phone, they still leave a trail.

A trail that ends in a trashcan....

which can be retrieved from the trashcan, possibly with fingerprints or
dna, its track determined, then combined with surveillance video of who
was in the area at the time, along with where the phone was originally
purchased and other places it's been prior to the crime, plus call logs
on the phone and other evidence, can narrow things down quite a bit.

On 2018-12-29, Mayayana wrote:

Unfortunately, that's also a big part of the reason there's
a vortex. Geeks can fend for themselves and dismiss anyone
who can't as an idiot. It's not enough to have things like
Mozilla prefs and Linux /etc config files. Control of the system
needs to work like any other technology, with buttons and
adjustments that anyone can use.

next you'll be saying the dictionary has too many words in it.

--
When I tried casting out nines I made a hash of it.

Wolf K wrote:
Words don't have meanings, they have usages.

So the concept of denotation and connotation has no use for you in
regards to a word's meaning?

On 2018-12-31, The Man in the High Castle wrote:
Wolf K wrote:
Words don't have meanings, they have usages.

So the concept of denotation and connotation has no use for you in
regards to a word's meaning?
In my language:
nije shija nego vrat...

--
press any key to continue or any other to quit...

In article , Wolf K
wrote:

And for billing purposes (even prepaid), every call is recorded.
nope. that's wiretapping and illegal.
You misread my intension, context is "for billing purposes", not "for
surveillance". (BTW, "intension" is the correct spelling for my meaning).
you used the wrong word.

Oh fergawdssakes! Are you really one of those "There is only one correct
meaning for a word" idjits?

nospam, you know better. Or you should. Words don't have meanings, they
have usages. One of the purposes of a literary education is to enable
the reader to parse usages other than his own.

*you* should know better, especially with a lame excuse about meanings
versus usage.

the meaning, or as you put it, usage (doesn't matter what it's called)
of the phrase 'every call is recorded' is *very* clear: to save an
audible copy of every call made, both incoming and outgoing, so that
someone can listen to them at a later time.

it does not mean to simply log the time/date and length.

some businesses do record calls, and will inform callers with a
prerecorded announcement that 'all calls are recorded for quality
purposes', 'this is mr. jones on a recorded line' or something similar,
due to wiretap laws.

tl;dr 'recording calls' is not the same as 'logging calls'. you used
the wrong word.