Wednesday, May 2, 2018

"Privacy Is No Longer A Social Norm"

It is widely believed that in 2010 Mark Zuckerberg said "Privacy is no longer a social norm" but apparently that wasn't exactly what he said. Below the fold, I take off from this and other misquotes to look at our home-town's major industry, surveillance. Facebook (now headquartered in Menlo Park) has been getting all the attention recently, but they probably know less about you than Palantir Technologies, still headquartered in Palo Alto.

Ann Cavoukian, Information and Privacy Commissioner of Ontario, wrote at the time:
There was a considerable amount of controversy recently when Mark Zuckerberg, co-founder and CEO of Facebook, the world's most popular online social network, was misquoted as saying that "privacy is no longer a social norm." What he actually said was: "People have really gotten comfortable not only sharing more information and different kinds, but more openly and with more people. That social norm is just something that has evolved over time."
I, along with many others, believed when I wrote last year that:
it was in 1999 that Scott McNealy famously said "privacy is dead, get over it". It is a whole lot deader now than it was then.
Apparently I misquoted McNealy too. In Wired at the time Polly Sprenger wrote:
THE CHIEF EXECUTIVE officer of Sun Microsystems said Monday that consumer privacy issues are a "red herring."

"You have zero privacy anyway," Scott McNealy told a group of reporters and analysts Monday night at an event to launch his company's new Jini technology.

"Get over it."
Katherine Noyes' Scott McNealy on privacy: You still don't have any shows his libertarianism has changed his mind in one respect:
Today, he considers governments the biggest threat on the horizon.

“It doesn’t really bother me that Google and AT&T have information about me, because I can always switch to another provider,” McNealy said in an interview last week. “If Uber starts screwing around with my data, I’ll use Lyft.”

It’s a different story when it comes to government.

“There’s only one DMV,” he said. “What scares the daylights out of me is the idea of a planned socialist economy driven by a bureaucratic government of appointed officials.”
Scott was always libertarian, just not as much as Peter Thiel. But he should be worried about Peter Thiel's company Palantir, and especially about its incestuous relationship with his bogeyman, the US government. Palantir Knows Everything About You by Peter Waldman, Lizette Chapman, and Jordan Robertson has the subhead:
Peter Thiel’s data-mining company is using War on Terror tools to track American citizens. The scary thing? Palantir is desperate for new customers.
Waldman et al summarize Palantir's history thus:
Founded in 2004 by Peter Thiel and some fellow PayPal alumni, Palantir cut its teeth working for the Pentagon and the CIA in Afghanistan and Iraq. The company’s engineers and products don’t do any spying themselves; they’re more like a spy’s brain, collecting and analyzing information that’s fed in from the hands, eyes, nose, and ears. The software combs through disparate data sources—financial documents, airline reservations, cellphone records, social media postings—and searches for connections that human analysts might miss. It then presents the linkages in colorful, easy-to-interpret graphics that look like spider webs. U.S. spies and special forces loved it immediately; they deployed Palantir to synthesize and sort the blizzard of battlefield intelligence. It helped planners avoid roadside bombs, track insurgents for assassination, even hunt down Osama bin Laden. The military success led to federal contracts on the civilian side. The U.S. Department of Health and Human Services uses Palantir to detect Medicare fraud. The FBI uses it in criminal probes. The Department of Homeland Security deploys it to screen air travelers and keep tabs on immigrants.
It isn't just the Federal government:
Police and sheriff’s departments in New York, New Orleans, Chicago, and Los Angeles have also used it, frequently ensnaring in the digital dragnet people who aren’t suspected of committing any crime. People and objects pop up on the Palantir screen inside boxes connected to other boxes by radiating lines labeled with the relationship: “Colleague of,” “Lives with,” “Operator of [cell number],” “Owner of [vehicle],” “Sibling of,” even “Lover of.” If the authorities have a picture, the rest is easy. Tapping databases of driver’s license and ID photos, law enforcement agencies can now identify more than half the population of U.S. adults.
Are you worried that Peter Thiel knows everything about you, Scott? You can't switch to another surveillance provider, and Thiel is really out there:
In a 2009 essay for the Cato Institute, he railed against taxes, ­government, women, poor people, and society’s acquiescence to the inevitability of death. (Thiel doesn’t accept death as inexorable.) He wrote that he’d reached some radical conclusions: “Most importantly, I no longer believe that freedom and democracy are compatible.” The 1920s was the last time one could feel “genuinely optimistic” about American democracy, he said; since then, “the vast increase in welfare beneficiaries and the extension of the franchise to women—two constituencies that are notoriously tough for libertarians—have rendered the notion of ‘capitalist democracy’ into an oxymoron.”
And I don't think he agrees with you that government invasions of privacy are a bad thing:
Thiel told Bloomberg in 2011 that civil libertarians ought to embrace Palantir, because data mining is less repressive than the “crazy abuses and draconian policies” proposed after Sept. 11. The best way to prevent another catastrophic attack without becoming a police state, he argued, was to give the government the best surveillance tools possible, while building in safeguards against their abuse.
No need to worry, though, because Thiel and Palantir are paragons of integrity:
In one adventure missing from the glowing accounts of Palantir’s early rise, I2 accused Palantir of misappropriating its intellectual property through a Florida shell company registered to the family of a Palantir executive. A company claiming to be a private eye firm had been licensing I2 software and development tools and spiriting them to Palantir for more than four years. I2 said the cutout was registered to the family of Shyam Sankar, Palantir’s director of business development.

I2 sued Palantir in federal court, alleging fraud, conspiracy, and copyright infringement. In its legal response, Palantir argued it had the right to appropriate I2’s code for the greater good. “What’s at stake here is the ability of critical national security, defense and intelligence agencies to access their own data and use it interoperably in whichever platform they choose in order to most effectively protect the citizenry,” Palantir said in its motion to dismiss I2’s suit.

The motion was denied. Palantir agreed to pay I2 about $10 million to settle the suit. I2 was sold to IBM in 2011.
Just traditional Silicon Valley vigorous competition in action. Not as if they were doing naughty Cambridge Analytica stuff and interfering in politics:
Sankar, Palantir employee No. 13 and now one of the company’s top executives, also showed up in another Palantir scandal: the company’s 2010 proposal for the U.S. Chamber of Commerce to run a secret sabotage campaign against the group’s liberal opponents. Hacked emails released by the group Anonymous indicated that Palantir and two other defense contractors pitched outside lawyers for the organization on a plan to snoop on the families of progressive activists, create fake identities to infiltrate left-leaning groups, scrape social media with bots, and plant false information with liberal groups to subsequently discredit them.
In any case, Palantir is so successful that minor glitches like this can easily be overlooked:
The company’s early data mining dazzled venture investors, who valued it at $20 billion in 2015. But Palantir has never reported a profit. ... Palantir’s high installation and maintenance costs repelled customers such as Hershey Co., which trumpeted a Palantir partnership in 2015 only to walk away two years later. Coca-Cola, Nasdaq, American Express, and Home Depot have also dumped Palantir. ... Some investors are weary and have already written down their Palantir stakes. Morgan Stanley now values the company at $6 billion. Fred Alger Management Inc., which has owned stock since at least 2006, revalued Palantir in December at about $10 billion, according to Bloomberg Holdings. One frustrated investor, Marc Abramowitz, recently won a court order for Palantir to show him its books, as part of a lawsuit he filed alleging the company sabotaged his attempt to find a buyer for the Palantir shares he has owned for more than a decade.
Waldman et al's recount the horrors the LAPD's use of Palantir's software visit upon citizens who are innocent but brown. Of course, Scott would never expect the software to be used on rich, straight white guys. Except that Waldman et al start with the saga of Peter Cavicchia III, JP Morgan's in-house version of James Jesus Angleton. Cavicchia was hired to use Palantir's software to detect and suppress "insider threats" such as leaks to the press. JP Morgan's management was fine with the help's privacy being invaded in this way until they realized they weren't exempt:
JPMorgan’s experience remains instructive. “The world changed when it became clear everyone could be targeted using Palantir,” says a former JPMorgan cyber expert who worked with Cavicchia at one point on the insider threat team. “Nefarious ideas became trivial to implement; everyone’s a suspect, so we monitored everything. It was a pretty terrible feeling.”
Just like Facebook, you can't opt out of Palantir's surveillance, and you have no way of knowing what they will do with your data. And, because Palantir has become so embedded in the national security and law enforcement structures, the government can't opt out either. Palantir has beaten the banks; it has become too big to fail without ever needing to turn a profit.

The Carillion scandal in Britain shows the danger of governments outsourcing essential functions to monopoly service providers, especially if their finances are as shaky as Carillion's:
The company experienced financial difficulties in 2017, and went into compulsory liquidation on 15 January 2018, the most drastic procedure in UK insolvency law, with liabilities of almost £7 billion. Before its liquidation, it was the second largest construction company in the United Kingdom,[5] was listed on the London Stock Exchange, and had some 43,000 employees (around 19,000 of them in the United Kingdom).

In the United Kingdom, the insolvency has caused project shutdowns and delays, job losses (in Carillion – 2,221 UK redundancies up to 23 April 2018 – and its suppliers), financial losses to joint venture partners and lenders, and potential financial losses to Carillion's 30,000 suppliers and 28,500 pensioners. It has also led to questions and parliamentary enquiries about the conduct of the firm's directors, its auditors, the Financial Reporting Council and The Pensions Regulator, and about the UK Government's relationships with major suppliers working on Private Finance Initiative (PFI) schemes and other privatised outsourcing of public services. It also prompted legislation proposals to reform industry payment practices, and consultations on new government procurement processes to promote good payment practices.
The functions that are being outsourced to Palantir are even more essential than those outsourced to Carillion.

But wait, there's more! Once again China leads the way in outsourcing privacy-invading technology.The sub-head of Steven Chen's ‘Forget the Facebook leak’: China is mining data directly from workers’ brains on an industrial scale reads:
Government-backed surveillance projects are deploying brain-reading technology to detect changes in emotional states in employees on the production line, the military and at the helm of high-speed trains
The technology is actually pretty simple:
Hangzhou Zhongheng Electric is just one example of the large-scale application of brain surveillance devices to monitor people’s emotions and other mental activities in the workplace, according to scientists and companies involved in the government-backed projects.

Concealed in regular safety helmets or uniform hats, these lightweight, wireless sensors constantly monitor the wearer’s brainwaves and stream the data to computers that use artificial intelligence algorithms to detect emotional spikes such as depression, anxiety or rage.
Its just wearable EEG. But wearable MRI is coming down the pike:
This technology enables continuous scanning of the body and brain in the form of a true wearable the size of a ski-hat or bandage. The implications of this architecture are profound for healthcare and can even enable communication with thought alone (as has been well documented by neuroscientists using the room size MRI scanners). With read/write ability - we may be able to upload/download and augment our memories, thoughts and emotions with a ski-hat form factor, non-invasively.
"The future is already here — it's just not very evenly distributed." Yet.


David. said...

I missed at least three important points in this post.

First, we talk about online privacy as if the problem is what companies know about you. But it is also what the people in the companies know about you, and not just CEOs like Peter Thiel. Joseph Cox & Max Hoppenstedt's Sources: Facebook Has Fired Multiple Employees for Snooping on Users spotlights this problem:

"On Tuesday, Facebook fired an employee who had allegedly used their privileged data access to stalk women online. Now, multiple former Facebook employees and people familiar with the company describe to Motherboard parts of the social media giant’s data access policies. This includes how those in the security team, which the fired employee was allegedly a part of, have less oversight on their access than others."

Second, McNealy's idea that if you don't like what one company is doing with your data you can move to another ignores the way the companies who collect data monetize it by selling it to other companies:

"Consumers and policymakers are only just now waking up to the reality that many businesses quietly seek to identify consumers personally and sell information about them to others. This information is transferred to data brokers, and repackaged and resold. Keeping the consumer in the dark is key to new information-intensive business models, because data brokers know that consumers will object to them."

And these companies sell it to other companies and so on ad infinitum.

Third, as I pointed out in Not Whether But When, it is inevitable that personal data collected about you will eventually end up in the hands of criminals and governments other than your own. Richard Smith, the CEO of Equifax while the company leaked personal information on most Americans uttered an uncomfortable truth:

"There's those companies that have been breached and know it, and there are those companies that have been breached and don't know it,"

This is true of governments as well as companies. See, for example, the OPM hack.

McNealy doesn't trust the US government. Does he trust the Russian or Chinese government? Or some scam artist like Sergei Mavrodi?

David. said...

Tracking Firm LocationSmart Leaked Location Data for Customers of All Major U.S. Mobile Carriers Without Consent in Real Time Via Its Web Site by Brian Krebs starts:

"LocationSmart, a U.S. based company that acts as an aggregator of real-time data about the precise location of mobile phone devices, has been leaking this information to anyone via a buggy component of its Web site — without the need for any password or other form of authentication or authorization — KrebsOnSecurity has learned. The company took the vulnerable service offline early this afternoon after being contacted by KrebsOnSecurity, which verified that it could be used to reveal the location of any AT&T, Sprint, T-Mobile or Verizon phone in the United States to an accuracy of within a few hundred yards."

David. said...

News crew discovers 40 cellphone-tracking devices operating around DC by Cory Doctorow reports:

"An NBC investigative journalism team and a security researcher went wardriving around the DC area with a cell-site-simulator detector that would tell them whenever they came in range of a fake cellphone tower that tried to trick their phones into connecting to it in order to covertly track their locations (some cell site simulators can also hack phones to spy on SMS, calls and data).

They found more than 40 such devices in a single ride; these were sited in such sensitive locations as K-Street, home to DC's massive lobbyist contingent; the Trump Tower hotel; around the city's many embassies; around the Pentagon, Fort Meade and Langley; and in many residential areas. "

David. said...

What a surprise. Dan Gooding writes in SS7 routing-protocol breach of US cellular carrier exposed customer data:

"On Tuesday, [Senator] Wyden sent a letter to Federal Communications Commission Chairman Ajit Pai that heightened concerns of SS7 hacks on US infrastructure.

“This threat is not merely hypothetical—malicious attackers are already exploiting SS7 vulnerabilities,” Wyden wrote. “One of the major wireless carriers informed my office that it reported an SS7 breach, in which customer data was accessed, to law enforcement through the government’s Customer Proprietary Network Information (CPNI) Reporting Portal.”

Such reports are legally required when carriers believe customer data has been illegally accessed. [Wyden's spokesperson] Chu declined to say who the US carrier is."

David. said...

"the US Attorney's Office for the Southern District of New York revealed today that it had obtained additional evidence for review—including a trove of messages and call logs from WhatsApp and Signal on one of two BlackBerry phones belonging to Cohen. The messages and call logs together constitute 731 pages of potential evidence. ... This change is likely because of the way the messages are stored by the applications, not because the FBI had to break any sort of encryption on them. WhatsApp and Signal store their messages in encrypted databases on the device, so an initial dump of the phone would have only provided a cryptographic blob. The key is required to decrypt the contents of such a database, and there are tools readily available to access the WhatsApp database on a PC." writes Sean Gallagher at Ars Technica.

David. said...

This post should have mentioned that Apple is alone among the big tech companies in trying to build systems that care about privacy. A good example is described in Apple is rebuilding Maps from the ground up by Matthew Panzarino. For example:

"Because only random segments of any person’s drive is ever sent and that data is completely anonymized, there is never a way to tell if any trip was ever a single individual. The local system signs the IDs and only it knows to whom that ID refers. Apple is working very hard here to not know anything about its users. This kind of privacy can’t be added on at the end, it has to be woven in at the ground level.

Because Apple’s business model does not rely on it serving to you, say, an ad for a Chevron on your route, it doesn’t need to even tie advertising identifiers to users.

Any personalization or Siri requests are all handled on-board by the iOS device’s processor. So if you get a drive notification that tells you it’s time to leave for your commute, that’s learned, remembered and delivered locally, not from Apple’s servers."

Go read the whole article - it is really interesting.

David. said...

"In a dossier published on Tuesday, civil-rights warriors Privacy International said that top governments – from the US, UK and China to France, Germany, and the European Union – are financing, training and equipping countries, including authoritarian regimes, with surveillance capabilities. By doing so, the countries with the most extensive security and military agencies are “transferring their electronic surveillance capabilities, practices, and legislation around the world,” the report said." from Rebecca Hill's Revealed in detail: World powers stuff spyware kit, how-to guides in dodgy nations' pockets at The Register.

David. said...

"With little public scrutiny, the health insurance industry has joined forces with data brokers to vacuum up personal details about hundreds of millions of Americans, including, odds are, many readers of this story. The companies are tracking your race, education level, TV habits, marital status, net worth. They’re collecting what you post on social media, whether you’re behind on your bills, what you order online. Then they feed this information into complicated computer algorithms that spit out predictions about how much your health care could cost them."

From Marshall Allen's Health Insurers Are Vacuuming Up Details About You — And It Could Raise Your Rates. Because the last thing for-profit health insurance is about is health.

David. said...

" When Hang Do Thi Duc published her work on the privacy implications of payment processor Venmo's "public-by-default" directory of payments, she did not release her dataset out of respect for the privacy of the Venmo users whose personal lives were on display in the data.

Joel Guerra went further. In an effort to create a sense of urgency around this bad privacy design, he's created a twitterbot called @venmodrugs, which scours public Venmo data for keywords and emojis that seem to indicate a sarcastic jokes about drug-buys and payment for sexual services and tweets them."

From Cory Doctorow's Twitterbot mines Venmo's public-by-default transactions and tweets presumably sarcastic drug buys and sexual services.

David. said...

The abstract of When the cookie meets the blockchain: Privacy risks of web payments via cryptocurrencies by Steven Goldfeder et al reads:

"We show how third-party web trackers can deanonymize users of cryptocurrencies. We present two distinct but complementary attacks. On most shopping websites, third party trackers receive information about user purchases for purposes of advertising and analytics. We show that, if the
user pays using a cryptocurrency, trackers typically possess enough information about the purchase to uniquely identify the transaction on the blockchain, link it to the user’s cookie, and further to the user’s real identity. Our second attack shows that if the tracker is able to link two purchases of the same user to the blockchain in this manner, it can identify the user’s entire cluster of addresses and transactions on the blockchain, even if the user employs blockchain anonymity techniques such as CoinJoin. The attacks are passive and hence can be retroactively applied to past purchases. We discuss several mitigations, but none are perfect."

David. said...

Prof. Douglas Schmidt's must-read report Google Data Collection is a deep dive into the myriad ways Google collects data on you. For example:

"Android helps Google collect personal user information (e.g. name, mobile phone number,birthdate, zip code, and in many cases, credit card number), activity on the mobile phone (e.g. apps used, websites visited), and location coordinates. In the background, Android frequently sends Google user location and device-related information, such as apps usage, crash reports, device configuration, backups, and various device-related identifiers."


"Our experiments show that a dormant, stationary Android phone (with Chrome active in the background) communicated location information to Google 340 times during a 24-hour period, or at
an average of 14 data communications per hour."

David. said...

"For the past year, select Google advertisers have had access to a potent new tool to track whether the ads they ran online led to a sale at a physical store in the U.S. That insight came thanks in part to a stockpile of Mastercard transactions that Google paid for.

But most of the two billion Mastercard holders aren’t aware of this behind-the-scenes tracking. That’s because the companies never told the public about the arrangement." from Google and Mastercard Cut a Secret Ad Deal to Track Retail Sales by Mark Bergen and Jennifer Surane.

Hat tip Rob Beschizza.

David. said...

A week ago the US Treasury issued a press release Treasury Designates Iran-Based Financial Facilitators of Malicious Cyber Activity and for the First Time Identifies Associated Digital Currency Addresses:

"The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) took action today against two Iran-based individuals, Ali Khorashadizadeh and Mohammad Ghorbaniyan, who helped exchange digital currency (bitcoin) ransom payments into Iranian rial on behalf of Iranian malicious cyber actors involved with the SamSam ransomware scheme that targeted over 200 known victims. Also today, OFAC identified two digital currency addresses associated with these two financial facilitators. Over 7,000 transactions in bitcoin, worth millions of U.S. dollars, have processed through these two addresses - some of which involved SamSam ransomware derived bitcoin."

See this comment above about the ease with which transactions can deanonymize cryptocurrency users.