One thing I am always aware of are apps that want permission to access Bluetooth and/or Wi-Fi and/or Networks.
Even though Bluetooth is very short ranged it can still be used to tie you into a location within a database based on other database records that are more detailed.
Yeah, I love playing you “My Great Dog-sitting Simulator” (not a real app) but you do not need access to my BT. The OS handles sending your audio to my headphones!
I remember when Bluetooth started demanding location permissions. You’ll never convince me that it’s functionally required or provides any benefit other than furthering efforts to spy on the user.
When it started being rolled out, I avoided any app or hardware that made that demand. Sadly, that’s no longer an option if I want any Bluetooth at all.
It’s not like Bluetooth started demanding location permissions, the conceptual model of the permission was revised: having access Bluetooth means an app could determine your location via a form of lateration.
In earlier versions of smartphone operating systems, this was not transparent to users lacking the technical background, so Bluetooth also requiring location access is actually an attempt at making users aware of that. I’m not an iOS developer, so I can’t comment on iPhones, but on Android versions prior to 11, having access to Bluetooth meant an app would be able to determine your location.
Today, you can require the permission
ACCESS_FINE_LOCATION, which expresses that your app might use Bluetooth to obtain location information on Android. Also, if you’re just scanning for nearby devices to connect your app to, but don’t want users to be confused why your smart fridge app needs to know your precise location, you can declare a permission flag (neverForLocation) and Android will strip beacon information from the scan results, better asserting your intentions.So, overall: no, there is nothing nefarious going on, it was always possible to determine your location via Bluetooth, and the update to the permission model was an honest improvement that actually benefits you as user.
Now, there are still plenty of shady apps around, and apps that are poorly written - don’t use those.
Teams is the worst, you can’t join any call if you don’t allow it to scan your local network. I wish the executives a very nice and agonizing death.
I haven’t done an extensive survey or anything, but every modern router I’ve interacted with supports setting up a secondary WiFi network with guest isolation (so anything on that SSID can’t see any network device besides the router and itself). This is useful for apps or hardware that is untrusted and/or demands unjustified permissions.
I think generally speaking these privacy articles fail to convince the majority of people that there’s a problem, which is crucial to be able to sell the solution.
I think the abortion part is the most relatable, but you’ll hear them say they’ve got nothing to hide. I believe getting access to that data and show people what data they have on them would be the most effective. It’s like saying to someone that has nothing to hide “oh yeah? Give me your phone and your documents, let me browse what’s on them”
“Don’t worry I’m just gonna do the same thing your spying apps do. Let’s see here, oh these are some interesting texts, hey pictures, ooohhh a nude well let me just “anonymize” this by removing the metadata (close enough) and I’ll just send that to my “server” (it’s my phone)… Why? Well so I can more effectively sell you things of course! It looks like you need clothes, check out these pants from Target and this shirt from H&M, don’t you wanna buy them? No? Well ok, here check out those exact same fucking things but this time from Walmart and Macy’s!”
Use FOSS as much as possible, pressure your gov to implement laws against tracking (against what Snowden showed us).
There is no need to know the location and history, and the communication of everyone everywhere.
I hope Google gets split up, that’ll probably be the beginning of the end for targeted ads (I would hope)
I wouldn’t think thats how they are splitting it up … Basically just affecting market shares of some markets (targeted ads being one of them + the ecosystem pushing you into it).
I thought chrome, yt, search, gmail/docs, android, etc. would all be separate entities, making them less willing to share data for financial reasons
If you have a device that’s actively connected to a cellular network, and has been while in your home or work, then your only option is to leave it behind or turn it off. That includes your car if it was made in the past decade, if nothing else, so it can catch OTA firmware updates, and send telemetry data.
GPS and location services don’t mean shit when your carrier keeps logs of where you’ve been based on cell-tower triangulation.
Do we know how carrier shares cell data?
In another thread, it was suggested thet “cant” just sell it like they isp traffic data for example.
Obviously the state can get it since is logged. Not sure if they would need s warrant tho
This video, where Veritaseum hacks LinusTechTips’ phone, gives a good overview of how it’s possible to track cellphones or hack sms, even without asking a carrier or having physical access to the device: https://m.youtube.com/watch?v=wVyu7NB7W6Y
TLDW: cellphone networks rely on old, unsecure infrastructure
I was talking specifically about how telcos behave within law and corp policy.
But yeah a threat actor with money can do anything if they really care.
I don’t think enough people have mentioned that Auto manufacturers have been able to locate vehicles since the 90’s.
How did they do it tech wise?
Originally the D.A.I.R. project (Driver Aid, Information and Routing) was conceptualized in the 60’s. It wasn’t until Hughes assisted EDS in the 90’s that they were able to create a beacon that could communicate via Satellite and Cellular.
I myself didn’t realize this was a thing until about a decade ago when I was trying to create an automation for my lights to turn on when I pulled into my driveway. I kept getting a ping about 5min after my phone connected to my WiFi. The MAC matched nothing I had in the house, I just blew it off.
When an associate stopped by to work on a HoneyPot project we started seeing a bunch of random MACs attempt to connect to the open wifi, we wrote that noise off as people walking by my house and their cell phones were just trying to connect. It wasn’t until the garbage man showed up and stopped to talk to me that I was able to find his truck listed with an address connected to the open wifi, sent a few packets, then left. We made the correlation that the MAC’s could be from cars so we started researching the manufacturer of those device MAC’s
That pretty much opened a weird rabbit hole leading us to find out that almost every car has been tracked since the mid-90’s.
Joking aside, I would move to Amish country if it weren’t for the whiskey and bitches. But in all honesty; my family lives a much more comfortable life than I ever imagined I would with working in the IT field.
There’s a got to be a way to create an sudo Amish community where technology is hyper regulated but still allowed
Not even “pseudo-”… well done
Sudo Amish. That’s the name of the religion.
