Thursday Morning: Fast and Furious Edition
![[image (modified): Adam Wilson via Flickr]](https://www.emptywheel.net/wp-content/uploads/2016/01/ThursdaySticker_AdamWilson-Flickr_mod.jpg)
[image (modified): Adam Wilson via Flickr]
Let’s move on.
Some U.S. utilities’ still wide open to hacking
Dudes, how many times do you need to be told your cheese is still hanging out in the wind? Some heads should roll at this point. US government’s Industrial Control Systems Cyber Emergency Response Team’s Marty Edwards sounded pretty torqued about this situation at the S4 ICS Security Conference this week. I don’t blame him; if a utility gets hacked, it’s not like your grandmother’s PC getting held ransom. It means the public’s health and safety are at risk. Get on it.
Your cellphone is listening to your TV — and you
Bruce Schneier wrote about the Internet of Things’ expansive monitoring of consumers, citing the example of SilverPush — an application which listens to your television to determine your consumption habits. Bet some folks thought this was an app still in the offing. Nope. In use now, to determine current TV program listings and ratings. Listening-to-your-consumption apps have now been around for years.
Wonder if our pets can hear all this racket inaudible to humans? Will pet food companies embed ads shouting out to our pets?
But you may be able to hide from devices
…depending on whether you are using location-based services, and if you can use the app developed by Binghamton University. A paper on this technology was presented last month at the Institute of Electrical and Electronics Engineers (IEEE) GLOBECOM Conference, Symposium on Communication & Information System Security. The lead researcher explained the purpose of the app:
“With Facebook, Twitter, LinkedIn and others we provide a huge amount of data to the service providers everyday. In particular, we upload personal photos, location information, daily updates, to the Internet without any protection,” Guo said. “There is such a chance for tragedy if that information is used to in a bad way.”
The app isn’t yet available, but when it is, it should prevent personally identifying location-based data from being used by the wrong folks.
VW emissions scandal: Well, this is blunt
I think you can kiss the idea of nuance goodbye, gang.
“Volkswagen made a decision to cheat on emissions tests and then tried to cover it up,” said CARB chair Mary Nichols in a statement.
“They continued and compounded the lie, and when they were caught they tried to deny it. The result is thousands of tons of nitrogen oxide that have harmed the health of Californians.”
Yeah. That.
The last bits
Nest thermostats froze out consumers after a botched update. (Do you really need internet-mediated temperature controls?)
Phone numbers may become a thing of the past if Facebook has its way. (Um, hell no to the Facebook. Just no.)
Senator Al Franken quizzes Google about data collection and usage on K-12 students. (Hope he checks toy manufacturers like Mattel and VTech, too.)
That’s a wrap, hope your day passes at a comfortable speed.
Re SilverPush:
Gee! I guess end to end encryption works real well when corporate spies own both the ends. You end up feeling safe knowing that you encrypted stuff they already know.
“Wonder if our pets can hear all this racket inaudible to humans? Will pet food companies embed ads shouting out to our pets?” Hmm. When our dogs are lying on the bed, the one watches the TV pretty much all the time. I wonder, if we take her into the pet store, will she point out the food (treats, more likely) that she wants?
:)
please god, no.
the cats make their wants known often enough as it is.
i read schnier’s article on silver push yesterday and again today with the cite to ars technica. very interesting.
the word “snyched” never appeared in either article. am i right or wrong in thinking that the power of the silver push approach increases with synching and the number of synched devices?
i refuse to “synch” anything because in my world that’s just not that critical – maybe if i worked on wall street these days…. or was selling coke to people who did.
i also didn’t see any names named about who uses silver push or similar services. how does one determine what apps include this oh so clever surveillance?
Rayne, you once posted something like you’d be crazy to opt out of the ‘todays’ system’. I guess as you become more aware just how manipulative the spying is, and the adverse effects of it are, your going a lil crazy yourself. What to do!
Get a lover and turn off the TV permanently. john
I was blown off emptywheel for a long while and just now have been able to block the spies’work. There’s only one way that works and its to turn off… ., when they knock.
bloopie2 (9:52) — I wonder if human-inaudible ads are the reason we see so many photos online of cats sitting on computers. LOL
orionATL (10:08) — I saw something yesterday very specific about an app listening to TVs for ratings purposes, and I’ll be damned if I can find it. I’ll share it once I track it down. Was in a feed, didn’t open it, not in my history, makes the hunt a time-sucking nuisance.
galljdaj (10:10) — There’s no choice any longer. There’s no opting out. Government has ensured that citizens do not exist who are not identified in a digital framework. Even human lovers are traceable, just like your visit here today. :-)
Yes Rayne, my visit was traced, but very lil else gets traced especially if i choose to be not. And i do choose not most of the time now.
H.L. Menken “Nobody ever went broke from underestimating the intelligence of the American public.” That includes public utilities.
.
Damned security is inconvenient, all those passwords and vpn tunnels, and and… That’s a lot of overhead. In Flint we can put lead in the water without any of that stuff.
hey, unlax. silver push may not even be here yet, but this is (or maybe or was):
.
http://www.theguardian.com/technology/2016/jan/14/nvidia-chrome-blames-apple-chrome-incognito-mode-diablo
orionATL — Regardless of whether SilverPush is already being used, apps already listen to us.
Like Google’s Voice Search.
And Samsung’s smart TVs.
Sony’s smart light is a little less sophisticated, but it’s only a matter of time before it hears you enter a room and then says, ‘Watch this now!’
jeez. where can i hide?
Don’t have a camera attached to my computer. Or a mike. (Hell, my cell phone usually needs to be charged before I can use it.)
Many US agencies wish you would be better, and further, on line so they can track you no matter what.
re rayne #10
you’re telling me they’re listening – the future is now :)
[… The relative popularity of Netflix’s original series is a matter of much debate, since the company rarely parts with viewership numbers. According to a report in Variety, NBCUniversal’s research chief, Alan Wurtzel, offered data on his competitor’s original shows gleaned from an app on 15,000 phones that logs information about what TV shows are playing within earshot of the phone’s microphone yesterday….]
http://www.theguardian.com/technology/2016/jan/14/tech-company-stock-fall-apple-alphabet-twitter-facebook-gopro
who needs old george gallup any more.
orionATL — THAT’S IT. That’s the piece I was looking for. They’re already listening to your TVs to check ratings. You know NBC’s already watching your streaming habits if you’re a Comcast customer because NBC is Comcast’s little bitch. But they don’t know what you’re watching on broadcast, and they don’t want to diddle with Nielsen anymore if they can go straight to your phones.
All they need now is to tap into your Apple iPhone whenever it integrates that Emotient stuff so they can tell exactly what you feel about what you’re watching and when.
Welcome to the entertainment panopticon.
Edit: Remember William Gibson said, “The future is already here — it’s just not very evenly distributed.” Yeah. That.
another q. if a consumer links (“synchs”) several devices, can those devices share information? can they be querried for info by a google, et al. can querrying one device allow info from all to be “harvested” :)
Away from my desktop, can’t do much research, but I see JetBlue lost power and phone service.
Check out @BNONews’s Tweet: https://twitter.com/BNONews/status/687708061570580486?s=09
No solar storm that I know of. You thinking what I’m thinking?
VW has some friends in Congress who are using their fraud to take a run at class action suits, making it much more difficult to assemble a class and sue.
I know someone who works at NEST/Google/Alphabet of whatever it’s called now. Do you need a thermostat that connects to the Internet? Well, it can be extremely useful for demand side management which is one of the next steps in a more efficient and responsive grid.
But I’d be very happy to introduce Bruce Schneier to my friend at NEST sometime for an informed conversation. I’ll mention it to Bruce when next I see him at the Berkman Center or Harvard Law.
This is a fact. Actually, between the administrative agencies and Congress,there are more than one effort to bail VW out of this legal pit. And that is just civilly, and not mentioning the criminal liability that appears to have already been shined on.
Thanks for the promo. We agree on priorities; we may differ on process.
When I said in an earlier post’s comments that refusing entry permits on VW cars would lack nuance as a govt response to VW’s crimes, I listed several contemporaneous actions the US should do instead (or in addition). That is, if it was serious about making VW pay for its crimes and serious about motivating VW and other large multinational players to stop engaging in criminal behavior.
The USG would, for example, engage German and VW bureaucracies at all levels, from junior lawyer/bureaucrats working out privacy and disclosure issues, to high-level elected officials. It would play hardball, using, as you suggest, collateral actions that would restrict VW’s profit-taking, and potentially that of other German companies, until VW played ball and cooperated with US regulators AND stopped its illegal conduct. (It would require enough nuance to get the German govt and VW to comply, while creating precedents the US would be willing to live with when the shoe is inevitably on the other foot.)
The more typical corporate response to the outing of alleged criminal behavior is to change CEO’s (or preferably lower level staff), rename the behavior, defend it as legit, and wait until it can compare the cost of sanctions vs. the profits it could take from continued illegal actions. That’s the route pioneered by the oil and tobacco majors, Dick Cheney and Jeffrey Skilling/Enron. (Skilling’s formula was an extension of the Ford Pinto gas tank team’s: Any profitable behavior is mandatory and should be continued until the govt stops you AND imposes personal and corporate costs that exceed expected profits. He was right in observing that govt sanctions rarely exceed profits.) I also said that the US comes into this without a pair of clean hands. Its non-response to bankster criminality comes to mind.
The USG will need considerable sustained goading by its citizens, forcing it to make a large multinational stop acting criminally, and to enforce sanctions against a corporation that considerably exceed expected profits from illegal conduct. That sort of policing seems tied to a recessive gene in the American body politic; it hasn’t found common expression since, oh, Eleanor, Franklin and his brain trust left office.