In the data drawn from apps, each cellphone is typically represented by an alphanumeric identifier that isn’t linked to the name of the cellphone’s owner. But the movement patterns of a phone over time can allow analysts to deduce its ownership—for example, where the phone is located during the evenings and overnight is likely where the phone-owner lives.
Source: U.S. Government Contractor Embedded Software in Apps to Track Phones – WSJ
The National Security Agency issued new guidance on Tuesday for military and intelligence-community personnel, warning about the risks of cellphone location tracking through apps, wireless networks and Bluetooth technology.
The detailed warning from one of the nation’s top intelligence agencies is an acknowledgment that Silicon Valley’s practice of collecting and selling cellphone location information for advertising and marketing purposes poses a serious national-security risk to many inside the government….
Source: NSA Warns Cellphone Location Data Could Pose National-Security Threat – WSJ
In December 2019, the FAA released a Notice of Proposed Rulemaking requiring mandatory radio-based Remote Identification and tracking of all hobby radio controlled aircraft weighing more than 250 grams (about 1/2 pound). The Final Rule is expected in December of 2021. The NPRM itself eventually ends the radio control model aircraft hobby that currently exists, makes it legal to fly only certified, manufactured drones that are tracked in real time. The primary purpose is to clear the air space above your home and turn it over to AmazonGoogleUPS. The FAA asserts all rights to the airspace in your back yard, for example.
Every remote controlled aircraft would be required by Federal regulation to connect to the Internet and log its activities in an Internet cloud database, in real time. Those providing the cloud databases may offer them for free in exchange for who knows what – but the FAA itself proposed they might collect photo images and telemetry – such as WiFi and Bluetooth communications collected by the craft.
In effect, the FAA mandates a nationwide low level altitude surveillance network of potentially millions of drones collecting data in real time and logging it in data bases – that may as well be located in China.
Meanwhile, the US DoD and the US Department of the Interior banned the use of Chinese made drones over fears of their use for espionage.
While the left hand bans drones from collecting data, the right hand mandates that all drones must collect potentially invasive data on behalf of foreign organizations.
We know that U.S. firms and others are collecting massive amounts of private data through the use of apps on our smart phones. Google itself collects your location data, even when you turn location services off.
The primary business function of the Internet is surveillance to be used for many purposes.
Twitter’s security was so great, only a teen could take over their entire network.
A Tampa teenager is in jail, accused of being the “mastermind” behind a hack on the social media website Twitter that caused limited access to the site and high-profile accounts, accord…
Reports to the FAA of “drone sightings”, used by Congress and the FAA to drive forth draconian remote identification and mandated national surveillance networks using drones, with the goal of pricing drone flying out of the public’s reach – were based on bad data and media hysterics, much of which was false reporting.
Take a look at this – drone sightings have magically disappeared: Drone Sightings: The Actual Non-Hyped Numbers Analyzed (Graphs, Trends, etc.)
After awhile, when the FAA isn’t stealing Youtube content, they seem to have been busy making up fake drone reports to justify a remote ID proposal that mandates all drones be connected to the Internet cloud, in real time, and used as part of a massive national surveillance program, collecting imagery and telemetry and potentially sending it to China. Brilliant. Not like any drones would so something like that.
The FAA’s primary goal is to make hobby flying of radio control model aircraft so expensive and cumbersome as to eliminate it entirely. The reason is to clear the low altitude airspace for AmazonGoogleUPS delivery drones. The FAA asserts that it and it alone owns the airspace in your front and backyards from the ground up. Literally, the airspace below your head when you stand outside is controlled by the FAA and they intend to use it for corporate delivery and surveillance networks. (See my comments to see how that works.)
Claims they’ve turned it off due to “industry conversation” about such technology. The tech is kinda useless when everyone is required to wear an airway restriction device over their face:)
In the hearts of New York and metro Los Angeles, Rite Aid deployed the technology in largely lower-income, non-white neighborhoods, according to a Reuters analysis. And for more than a year, the retailer used state-of-the-art facial recognition technology from a company with links to China and its authoritarian government.
Source: Rite Aid deployed facial recognition system in hundreds of U.S. stores
Twitter’s oversight over the 1,500 workers who reset accounts, review user breaches and respond to potential content violations for the service’s 186 million daily users have been a source of recurring concern, the employees said. The breadth of personal data most of those workers could access is relatively limited — including such things as Internet Protocol addresses, email addresses and phone numbers — but it’s a starting point to snoop on or even hack an account, they said.
The controls were so porous that at one point in 2017 and 2018 some contractors made a kind of game out of creating bogus help-desk inquiries that allowed them to peek into celebrity accounts, including Beyonce’s, to track the stars’ personal data including their approximate locations gleaned from their devices’ IP addresses, two of the former employees said.
Source: Twitter Hack: Broad Access to User Accounts, Security Woes – Bloomberg
In my comments to the FAA regarding their NPRM to require mandatory Remote ID and data logging into cloud-based data bases, I pointed out that the FAA was establishing a nationwide aerial surveillance network. This finding appears to validate my comments to the FAA:
According to the reports, the suspicious behaviors include:
The ability to download and install any application of the developers’ choice through either a self-update feature or a dedicated installer in a software development kit provided by China-based social media platform Weibo. Both features could download code outside of Play, in violation of Google’s terms.
A recently removed component that collected a wealth of phone data including IMEI, IMSI, carrier name, SIM serial Number, SD card information, OS language, kernel version, screen size and brightness, wireless network name, address and MAC, and Bluetooth addresses. These details and more were sent to MobTech, maker of a software developer kit used until the most recent release of the app.
Automatic restarts whenever a user swiped the app to close it. The restarts cause the app to run in the background and continue to make network requests.
Advanced obfuscation techniques that make third-party analysis of the app time-consuming.
Source: Chinese-made drone app in Google Play spooks security researchers | Ars Technica
DJI admits the software has these capabilities with this double speak:
DJI officials said the researchers found “hypothetical vulnerabilities” and that neither report provided any evidence that they were ever exploited.
The FAA said they processed all 50,000+ public comments received in regards to their NPRM on Remote ID in just 60 days and are now full speed ahead on implementing their final rule, to be released in December of 2020. My expectation is the FAA will ignore most public input and will ram this rule through at all costs, as they were bought off by AmazonGoogleUPS. While the rule will not ban drones, it is likely to make flying a personal drone expensive and difficult, with mandatory real time tracking and logging into cloud databases of every flight – in other words, a potentially de facto ban on most personal flying. Their proposed rules, in fact, do call for the eventual banning of all home made radio controlled airplanes – a large hobby that has existed safely for over 90 years.
The FAA is, like most government agencies now, acts as authoritarian tyrant.
This mandatory tax software (for tax filing) is required to be used by all companies doing business in China:
Three weeks ago, security researchers exposed a sinister piece of malware lurking inside tax software that the Chinese government requires companies to install. Now there’s evidence that the high-stealth spy campaign was preceded by a separate piece of malware that employed equally sophisticated means to infect taxpayers in China.
Source: Malware stashed in China-mandated software is more extensive than thought | Ars Technica
I’ve been slow to be suspicious of China-based tech – but this report has pushed me to be very suspicious of China-made tech including all types of electronics, computers and drones.
At the bottom of the news report is a series of questions related to the article. The questions then ended with this item:
Several people involved in the events that took down Twitter this week spoke with The Times, giving the first account of what happened as a pursuit of Bitcoin spun out of control.
Source: Hackers Tell the Story of the Twitter Attack From the Inside – The New York Times
Twitter security is garbage. Yeah, teens took over Twitter.
Twitter is garbage and is not safe to use. Use TweetDelete.net to remove your posts, then de-activate your account.
Read the whole thing – Twitter blog post update.
It’s pretty clear they still do not have a full handle on the situation.
Twitter acknowledges that the hackers downloaded the Twitter Data for some accounts, which may include private Direct Messages.
I no longer regard Twitter as safe. I deactivated 2 of my 4 accounts, and had already deleted all content of my main account – except DMs. I’m in process of clearing out all the DM’s now. I intend to keep one or two of the accounts alive but will probably no longer use them.
This incident was a total and complete failure of Twitter security and their ability to be trusted with holding information. At this time, no one should have any trust in Twitter – and I mean no one. Clear your data as soon as possible. What just happened could have created one or more international incidents as hackers seized control of prominent political accounts.