All posts by nensmenger

What Surveillance Valley knows about you

Google is very secretive about the exact nature of its for-profit intel operation and how it uses the petabytes of data it collects on us every single day for financial gain.

Fortunately, though, we can get a sense of the kind of info that Google and other Surveillance Valley megacorps compile on us, and the ways in which that intel might be used and abused, by looking at the business practices of the “data broker” industry.

Thanks to a series of Senate hearings, the business of data brokerage is finally being understood by consumers, but the industry got its start back in the 1970s as a direct outgrowth of the failure of telemarketing. In its early days, telemarketing had an abysmal success rate: only 2 percent of people contacted would become customers. In his book, “The Digital Perso,” Daniel J. Solove explains what happened next:

To increase the low response rate, marketers sought to sharpen their targeting techniques, which required more consumer research and an effective way to collect, store, and analyze information about consumers. The advent of the computer database gave marketers this long sought-after ability — and it launched a revolution in targeting technology.

The dossiers are not restricted to generic market segmenting categories like “Young Literati” or “Shotguns and Pickups” or “Kids & Cul-de-Sacs,” but often contain the most private and intimate details about a person’s life, all of it packaged and sold over and over again to anyone willing to pay.

Take MEDbase200, a boutique for-profit intel outfit that specializes in selling health-related consumer data. Well, until last week, the company offered its clients a list of rape victims (or “rape sufferers,” as the company calls them) at the low price of $79.00 per thousand. The company claims to have segmented this data set into hundreds of different categories, including stuff like the ailments they suffer, prescription drugs they take and their ethnicity:

These rape sufferers are family members who have reported, or have been identified as individuals affected by specific illnesses, conditions or ailments relating to rape. Medbase200 is the owner of this list. Select from families affected by over 500 different ailments, and/or who are consumers of over 200 different Rx medications. Lists can be further selected on the basis of lifestyle, ethnicity, geo, gender, and much more. Inquire today for more information.

MEDbase promptly took its “rape sufferers” list off line last week after its existence was revealed in a Senate investigation into the activities of the data-broker industry. The company pretended like the list was a huge mistake. A MEDbase rep tried convincing a Wall Street Journal reporter that its rape dossiers were just a “hypothetical list of health conditions/ailments.” The rep promised it was never sold to anyone. Yep, it was a big mistake. We can all rest easy now. Thankfully, MEDbase has hundreds of other similar dossier collections, hawking the most private and sensitive medical information.

via What Surveillance Valley knows about you | PandoDaily.

The Second Class Citizens of the Google Cafeteria

A rising wind raises all rideshare helicopters–or so the pixel Pollyannas of the Valley would have you think, all progress and prosperity. And the… Read…

As part of a week-long exploration of income inequality in the midst of an economic boom, NPR has matched some faces with abstract dots on a map, demonstrating that you can work for Google and still go hungry.

All Tech Considered interviewed Manny Cardenas, a 25-year-old part-time security guard who has worked at Google\’s Mountain View campus for a year and a half, commuting from low-income housing in San Jose. Cardenas earns $16/hour without benefits and has had to rely on a food pantry to care for himself and his daughter. He never gets more than 30 hours a week.

via The Second Class Citizens of the Google Cafeteria.

Research shows how MacBook Webcams can spy on their users without warning

The woman was shocked when she received two nude photos of herself by e-mail. The photos had been taken over a period of several months — without her knowledge — by the built-in camera on her laptop.

Fortunately, the FBI was able to identify a suspect: her high school classmate, a man named Jared Abrahams. The FBI says it found software on Abrahams’s computer that allowed him to spy remotely on her and numerous other women.

Abrahams pleaded guilty to extortion in October. The woman, identified in court papers only as C.W., later identified herself on Twitter as Miss Teen USA Cassidy Wolf. While her case was instant fodder for celebrity gossip sites, it left a serious issue unresolved.

Most laptops with built-in cameras have an important privacy feature — a light that is supposed to turn on any time the camera is in use. But Wolf says she never saw the light on her laptop go on. As a result, she had no idea she was under surveillance.

via Research shows how MacBook Webcams can spy on their users without warning.

I bought fake job references on the Internet—and it worked

For a small fee, CareerExcuse.com promises to not only craft an elaborate lie based on your exact job specifications but to see it through for as long as necessary. The site will provide a live HR operator and staged supervisor, along with building and hosting a virtual company website—complete with a local phone number and  toll-free fax. CareerExcuse will even go so far as to make the fake business show up on Google Maps.

via The Daily Dot – I bought fake job references on the Internet—and it worked.

Indiana State Police Acknowledge Use Of Cell Phone Tracking Device

A USA Today and IndyStar investigation found the Indiana State Police purchased a device called a Stringray that captures nearby cell phone data.

State Police Captain Dave Bursten responded to the report Wednesday, saying the agency is operating within the bounds of the law.

The Indiana State Police are responding to lawmakers’ and civil rights organizations’ concerns that it is overstepping its boundaries by using a device that can track cell phone calls, text messages and movements within a set radius.

Indiana State Police Captain Dave Bursten said in a statement the department is working well within the bounds of the law.  He says protection of investigation methods is key to the success of building a case.

Bursten won’t say exactly how the technology is used, because he says it would be “like a football team giving up their playbook.”

A joint USA Today and IndyStar investigation found earlier this month that the state police spent $373,995 on a device called a Stingray.

Often installed in a surveillance vehicle, the suitcase-size Stingrays trick all cellphones in a set distance — sometimes exceeding a mile, depending on the terrain and antennas — into connecting to it as if it were a real cellphone tower. That allows police agencies to capture location data and numbers dialed for calls and text messages from thousands of people at a time.

State police officials initially refused to provide any records related to the purchase of the Stingray.

After the IndyStar appealed the denial to the Indiana Public Access Counselor, the Indiana State Police provided a one-page document confirming the purchase of the device but no information about how it is used.

via State Police Acknowledge Use Of Cell Phone Tracking Device | News – Indiana Public Media.

“Revenge porn” operator arrested, charged with ID theft

Websites that post nude pictures of adults without their permission, commonly known as \”revenge porn\” sites, have recently drawn public scorn and a few lawsuits.

Now, the owner of one revenge porn website is facing prison. Kevin Bollaert, a 27-year-old San Diego resident, was arrested today for running a website called ugotposted.com and has been charged with 31 counts of identity theft, extortion, and conspiracy. The suspect is being held in jail on $50,000 bail.

\”This website published intimate photos of unsuspecting victims and turned their public humiliation and betrayal into a commodity with the potential to devastate lives,” said California Attorney General Kamala Harris in a statement about today\’s arrest. “Online predators that profit from the extortion of private photos will be investigated and prosecuted for this reprehensible and illegal internet activity.\”

Bollaert allegedly followed a business model similar to a now-defunct site run out of Colorado called IsAnybodyDown. According to court documents, he created ugotposted a year ago, inviting anyone to post nude pictures of others. Bollaert required that along with the photo, identifying information was posted, including a full name, location, age, and Facebook link.

Then, Bollaert refused to take the posts down—unless the pictured victims paid up. When he got e-mails complaining about the practice, users would be directed to a separate website, called changemyreputation.com. Then they would be asked to pay a fee, between $300 and $350, in order to get their pics down.

via “Revenge porn” operator arrested, charged with ID theft | Ars Technica.

If a Story Is Viral, Truth May Be Taking a Beating

Truth has never been an essential ingredient of viral content on the Internet. But in the stepped-up competition for readers, digital news sites are increasingly blurring the line between fact and fiction, and saying that it is all part of doing business in the rough-and-tumble world of online journalism.

Several recent stories rocketing around the web, picking up millions of views, turned out to be fake or embellished: a Twitter tale of a Thanksgiving feud on a plane, later described by the writer as a short story; a child’s letter to Santa that detailed an Amazon.com link in crayon, but was actually written by a grown-up comedian in 2011; and an essay on poverty that prompted $60,000 in donations until it was revealed by its author to be impressionistic rather than strictly factual.

Their creators describe them essentially as online performance art, never intended to be taken as fact. But to the media outlets that published them, they represented the lightning-in-a-bottle brew of emotion and entertainment that attracts readers and brings in lucrative advertising dollars.

When the tales turned out to be phony, the modest hand-wringing that ensued was accompanied by an admission that viral trumps verified — and that little will be done about it as long as the clicks keep coming. “You are seeing news organizations say, ‘If it is happening on the Internet that’s our beat,’ ” said Joshua Benton, director of the Nieman Journalism Lab at Harvard. “The next step of figuring out whether it happened in real life is up to someone else.”

The difference seems to be that the news organizations that published the recent pieces — Gawker, BuzzFeed, The Huffington Post and Mashable among them — do not see invented viral tales as being completely at odds with the serious new content they publish alongside them. The Huffington Post won a Pulitzer Prize in 2012, Gawker was among the first to report the cocaine use by Toronto’s mayor, Rob Ford, and BuzzFeed is building teams of investigative and foreign correspondents. Of course, websites like these are not the only news organizations to be seduced by stories that are too good to be true. In just the last month, CBS’s venerable “60 Minutes” had to apologize for taking too credulously the claims of a security agent about the 2012 attack on the American diplomatic mission in Benghazi, Libya.

via If a Story Is Viral, Truth May Be Taking a Beating – NYTimes.com.

“That Dead Girl”: A Family And A Town After A Cyberbullied 12-Year-Old’s Suicide

In September, after a year of being bullied online, Rebecca Sedwick threw herself off a three-story cement silo, sparking an international freak-out over the responsibility social media networks like Ask.fm have in fostering this kind of harassment. But for Rebecca’s family, friends, and neighbors, the problem isn’t technology or opportunistic startups — it’s people.

 

Five weeks after Rebecca’s death, Lakeland Sheriff Grady Judd arrested two girls from Crystal Lake Middle School and charged both with aggravated stalking, a felony. Although they were minors, Judd released their names: Guadalupe Shaw, a 14-year-old who went to school with Rebecca, who was the purported ringleader, and 12-year-old Katelyn Roman, her accomplice. Judd claimed they had organized a network of up to 16 other teenagers who verbally and physically threatened Rebecca in school and then bombarded her social media accounts — particularly via her Ask.fm page and an app called Kik Messenger — with cruel comments, many urging her to kill herself. And that was what elevated Rebecca’s story from a small-town tragedy to global cautionary tale for an unchecked epidemic of cyberbullying.

Both Kik and Ask.fm are especially popular with teenagers desperate for more private social networks than Facebook, which is to be expected — teens don’t want to hang out with their parents, especially on the internet. Kik Messenger is a mobile instant messaging app that gives users a discreet way to chat and share videos and pictures. According to figures from this spring, more than 200,000 people sign up for the Kik app daily, and 50 million currently use it. Kik connects users with Facebook friends and people in their phone’s address book, giving them the ability to anonymously message one another. Friends and family say Rebecca often wasn’t even sure whom she was being bullied by.

via “That Dead Girl”: A Family And A Town After A Cyberbullied 12-Year-Old’s Suicide.

World of Spycraft: NSA and CIA Spied in Online Games

Not limiting their activities to the earthly realm, American and British spies have infiltrated the fantasy worlds of World of Warcraft and Second Life, conducting surveillance and scooping up data in the online games played by millions of people across the globe, according to newly disclosed classified documents.

Fearing that terrorist or criminal networks could use the games to communicate secretly, move money or plot attacks, the documents show, intelligence operatives have entered terrain populated by digital avatars that include elves, gnomes and supermodels.

The spies have created make-believe characters to snoop and to try to recruit informers, while also collecting data and contents of communications between players, according to the documents, disclosed by the former National Security Agency contractor Edward J. Snowden. Because militants often rely on features common to video games — fake identities, voice and text chats, a way to conduct financial transactions — American and British intelligence agencies worried that they might be operating there, according to the papers.

via World of Spycraft: NSA and CIA Spied in Online Games – ProPublica.

This Popular Flashlight App Has Been Secretly Sharing Your Location And Device ID

The Android app Brightest Flashlight has been installed between 50 million and 100 million times, averaging a 4.8 rating from more than 1 million reviews. Yet its customers might not be so happy to learn the app has been secretly recording and sharing their location and device ID information.

On Thursday, the app maker GoldenShores Technologies settled Federal Trade Commission charges that it deceived users and is thus prohibited from further \”misrepresenting how consumers’ information is collected and shared and how much control consumers have over the way their information is used.\”

GoldenShore\’s privacy policy had mentioned that information collected would be used by the company, but the FTC said location and device information was shared automatically with advertisers and other third parties–even when users opted out. In fact, before they could accept or refuse the app\’s terms of agreement, the FTC said Brightest Flashlight was already collecting and sending information.

via This Popular Flashlight App Has Been Secretly Sharing Your Location And Device ID | Fast Company | Business + Innovation.