Secrecy, privacy, security, intrusion

At a time when increasing numbers of unsophisticated users are trying to work remotely, serious flaws have been found in popular video conferencing software:

[edit 1]
And the software maker’s disclaimer is somewhat dodgy:

[edit 2]
Advice from the Australian Cyber Security Centre:
https://www.cyber.gov.au/publications/web-conferencing-security

2 Likes

The United States Federal Bureau of Investigation’s Boston office also issued an alert over the rash of ZoomBombing attacks, in which uninvited people hijack video conferences, in some cases exposing themselves and/or posting obscene material.

Would probably liven up most of my work meetings. :slight_smile:

Pro tip: :slight_smile: Always set a password on your meetings, preferably a half decent password.

2 Likes

At times like this, secrecy is probably not the best policy:


Meanwhile, across the ditch:

[edit]
Watch out for what gets implemented to counter the epidemic. It might prove hard to get rid of.

3 Likes

One size fits all? I have a bad feeling about this.

[edit]
More on Zoom:

1 Like
1 Like

The purported target is spread of the virus.

We can trust Google not to misuse what it knows about us. We can. Really, we can.

1 Like

82 posts were split to a new topic: COVID app privacy concerns

As I wrote above, critics of the legislation suggested that inevitably there would be mission creep i.e. that inevitably the retained metadata would be used for other purposes.

Inevitably.

I’m fairly certain that you can circumvent this specific problem by leaving your phone at home. Then Voda (and the other mobile carriers) will report you as being 100% compliant. So not only do you avoid that aspect of surveillance but you have a positive record showing that you have been being compliant. :slight_smile:

4 Likes

And anyone who doesnt see a problem with this, needs to acquire/watch/download a fictional series called Person Of Interest. Yes, its fiction, but it remains a cautionary tale. Not so much at the start, but one or two seasons in and you start getting nervous…

1 Like

What about facial recognition and vehicle number plate surveilance?

2 Likes

I recommend that you ensure your privacy by putting your phone in a Faraday cage.

Oh dear. I watched the preview, and I can’t unwatch it!

Facial recognition is easy.

https://www.sciencealert.com/how-to-fool-facial-recognition-technology-with-juggalo-makeup

Of course, unless you’re at the circus or in a crowd of similarly-painted people you may stand out a little more than desired.

For number plates, you may want to use a frame that filters certain light spectra. (No, I have no idea how reliable this is.)

Privacy is such an old fashioned idea. Just ask Google if you need a second opinion. I looked that one up on Google Maps street view.

Or the Government for a third. As the law is way behind, perhaps best not to ask a lawyer. The answer will be expensive and likely unsatisfactory. :wink:

1 Like

Ever looked into the business end of your TV remote control and pressed a button? typically you see nothing - try looking into it with your phone camera or other digital camera and pressing a button … magic :slight_smile: and the same principle …

Problem is that decent recognition systems can detect this also, not to mention if Inspector Plod looks at his display while following you he’ll see something very similar to the articles depiction of the camera vision - I’m not even tempted to look up whether it is against the law to obscure registration plates from human or machine vision …

You can get them for your face as well …

3 Likes

No effort required. A clearly visible rego plate is the secret to successful fines from cameras as well as road patrols. Typical of each state, although the penalties vary.

  • The number-plate is upright and substantially parallel to the vehicle’s axles and is no more than 1.3m above ground level; and
  • The number-plate isn’t obscured, illegible or defaced; and
  • The numbers on the number-plate are clear and visible from at least 20 metres away and within an arc of 45 degrees away from the surface of the number-plate above or to either side of the vehicle; and
  • Any cover on the number-plate is clean, clear, untinted and flat over its whole surface, and has no reflective characteristics that would prevent the successful operation of a device approved for use under a law relating to the detection of traffic offences; and
  • A number-plate is affixed to the front and rear of the motor vehicle.
3 Likes

The rather generic second point probably nails any external device that effectively obscures, but it’s strange they go into such detail on covers and its the only one to specifically call out detection devices, I know they have a longer history … but as you note, when it comes to revenue they are usually as watertight as possible.

3 Likes

And how legal. In Queensland there was a crackdown on filtering/reflecting number plate covers few years ago with fines issued. Obscuring a number plate in any way is an offense in Qld (and assume it is the same in other states).

2 Likes

In June 2018, we were driving home behind a Commodore sedan for around 7km when the sun started to hit his rear number plate producing a series of blinding flashes which momentarily blinded me.

I reported it to the Transport Dept and provided a video clip from the GoPro with the audio removed for obvious resaons.

1 Like

Correct. That’s what I meant by “specific” and “that aspect of surveillance”.

We already have facial recognition covered. Refer Insane Clown Posse above.

For vehicle number plate surveillance, you will need to take public transport and use an unregistered travel card.

Or you could just #StayHome !

In this case, you don’t want to do that. You want the public record to show that “you” were at home at all times.

I’m not an expert but I believe that a Faraday cage is better at blocking the outside (prevent phone from receiving) than blocking the inside (prevent phone from transmitting). So in theory phone surveillance might still work. It depends in part on whether the surveillance relies on the completion of any kind of handshake - assuming 100% effective screening of anything being received by the phone but a somewhat leaky screening of anything being transmitted by the phone. The handshake may be important because otherwise the detection of the phone may be unauthenticated and hence able to be forged.

That would seem to cover the situation.

1 Like

and in other news (mixed): Charges against News Corp journalist Annika Smethurst still possible after High Court throws out AFP warrant - ABC News

The warrant used by Australian Federal Police officers to search the home of News Corp journalist Annika Smethurst last year has been thrown out by the High Court, but police will be allowed to keep the materials they seized in the raid. (my emphasis)

The Commonwealth had asked the High Court to find it should be allowed to keep the material, even if it was obtained illegally.

I wish I could argue that. Yes, officer, most of my income this year was obtained illegally but I would like to be able to keep it.

1 Like

The list will no doubt expand over time. Then, of course, there’s the occasional hacker.

The problem is that, over time, sections of the media and politicians have so effectively eroded our trust.

Scientists have been working on that. Here’s the best outcome to date:


It’s a bit front-heavy. :upside_down_face:

2 Likes