Jump to content
 
Sign in to follow this  
kuhla

If you've got nothing to hide, you've got nothing to fear.

Recommended Posts

While I understand that is massively intrusive it's also absolutely retarded that anyone would willingly subject themselves to that. If someone told me I needed to give full admin access to my computer in order to sit for an interview, I would ask if I could schedule this interview in person and if they declined I wouldn't pursue it further.

 

Anecdotally I've heard Amazon is garbage to work for. They work you to death and because of their highly competitive ranking systems, the internal politics are toxic and full of soulless people willing to throw you under the bus in an attempt to get ahead. Not that these exact conditions aren't prevalent at other corporations, but I've heard Amazon can be especially bad.

 

The actual merits of a "test interview" like this are complete shit. I've heard some people suggest a "working interview" where you hire the candidate as a temporary contractor for a week (maybe 2) and see if they can perform some of the tasks expected. This system makes far more sense than some sort of automated test proctored by a third party and done in "sterile" conditions.

 

The unfortunate reality that any manager faces is that you will not have a perfect success rate in picking qualified people. I've heard that most hiring managers average 60-70% chance of hiring a qualified candidate. If your new employee ends up being unqualified/poor fit, logic says you should quickly address the issue and move on. Sadly we all know that doesn't happen either.

Share this post


Link to post
Share on other sites

source - http://arstechnica.com/tech-policy/2016/04/child-porn-suspect-jailed-for-7-months-for-refusing-to-decrypt-hard-drives/

 

 

[....]

 

The suspect, a former Philadelphia Police Department sergeant, has not been charged with any child porn crimes. Instead, he remains indefinitely imprisoned in Philadelphia's Federal Detention Center for refusing to unlock two drives encrypted with Apple's FileVault software in a case that once again highlights the extent to which the authorities are going to crack encrypted devices. The man is to remain jailed "until such time that he fully complies" with the decryption order.

 

[....] [more at source]

 

 

 

Encryption is a crime. That's it.

 

This same story is still going.

 

source - https://arstechnica.com/tech-policy/2017/03/man-jailed-indefinitely-for-refusing-to-decrypt-hard-drives-loses-appeal/

 

 

On Monday, a US federal appeals court sided against a former Philadelphia police officer who has been in jail 17 months because he invoked his Fifth Amendment right against compelled self-incrimination. He had refused to comply with a court order commanding him to unlock two hard drives the authorities say contain child porn.

....

 

In deciding against Rawls, the court of appeals found that the constitutional rights against being compelled to testify against oneself were not being breached. That's because the appeals court, like the police, agreed that the presence of child porn on his drives was a "foregone conclusion." The Fifth Amendment, at its most basic level, protects suspects from being forced to disclose incriminating evidence. In this instance, however, the authorities said they already know there's child porn on the drives, so Rawls' constitutional rights aren't compromised.

....

 

"We already know there is ___________ on there. It's a foregone conclusion. Fifth Amendment does not apply. Give us the files or stay in jail indefinitely."

 

Encryption is a crime.

Share this post


Link to post
Share on other sites
On 3/27/2017 at 3:26 PM, kuhla said:

 

This same story is still going.

source - https://arstechnica.com/tech-policy/2017/03/man-jailed-indefinitely-for-refusing-to-decrypt-hard-drives-loses-appeal/

"We already know there is ___________ on there. It's a foregone conclusion. Fifth Amendment does not apply. Give us the files or stay in jail indefinitely."

Encryption is a crime.

source - http://www.miamiherald.com/news/local/community/broward/article153373524.html

Quote

 

A Hollywood man must serve 180 days in jail for refusing to give up his iPhone password to police, a Broward judge ruled Tuesday — the latest salvo in intensifying legal battles over law-enforcement access to smart phones.
....

Wheeler will eventually be allowed to post bond pending an appeal. If he gives up a working pass code, he’ll be allowed out of jail, Judge Rothschild told him.

 

 

Share this post


Link to post
Share on other sites

source - https://www.aclu.org/blog/free-future/why-are-dc-police-keeping-their-body-cameras-during-inauguration-and-womens-march

Quote

 

Why Are DC Police Keeping Their Body Cameras Off During Inauguration and the Women’s March?
....
It’s not an ACLU “demand,” it’s actually DC law. True, the ACLU of DC supported and encouraged adoption of that law, but the wider District of Columbia community as represented by its city council agreed with us. And that law is not absolute; in its full form it says that:

    MPD officers may record First Amendment assemblies for the purpose of documenting violations of law and police actions, as an aid to future coordination and deployment of law enforcement units, and for training purposes; provided, that recording First Amendment assemblies shall not be conducted for the purpose of identifying and recording the presence of individual participants who are not engaged in unlawful conduct.
....
Such concerns are why the ACLU recommends (including in our model legislation) that police department adopt a policy against the taking of video of people who are merely exercising their First Amendment rights.

Of course, none of this means that the police cannot turn on their cameras during the inauguration or march if something goes down. The policy of the DC police, like most, stipulates that officers are to turn their cameras when engaged in “police actions” such as calls for service, pursuits, searches, stops, etc. Thus, if a fight breaks out, or some larger disturbance, the cameras would go on.
....

 

Much more in the article.

I kind of understand what they are saying, it does seem like a fairly relevant privacy issue, but I feel like you have to pick the lesser of two evils here. I'm a fan of body cameras and generally think they do more good than harm. Requiring that they be turned on and off for this reason seems to open up a huge can of worms. Is there a master on and off switch? Who decides what activities qualify for on and off? What if something short-and-fast occures while it was turned off for the cited reason and now there is no record then who made a mistake?

Share this post


Link to post
Share on other sites

source - http://www.dslreports.com/shownews/ATT-Says-It-May-Soon-Charge-You-Extra-For-Privacy-139840

Quote

 

....

AT&T was heavily criticized for the move, and ultimately stopped charging the extra fees -- but only to help secure regulatory approval for its Time Warner merger.

....

But with AT&T getting every indication that its latest massive merger will be approved by Trump...
....

In a an interview on C-SPAN, AT&T Senior Vice President Bob Quinn was quick to acknowledge that the idea wasn't popular among consumer advocates and customers.

"We got an enormous amount of criticism from privacy advocates when we rolled out, in Austin, Texas, an ad-supported Internet service...Privacy advocates screamed about that," said Quinn.
....

"As the privacy revolution evolves, I think people are going to want more control, and maybe that's the pricing model that's ultimately what consumers want," said Quinn, who repeatedly tried to insist this was simply "ad-supported Internet service" that the company would be revisiting eventually.
....

Also note that while paying this additional money stopped you from seeing targeted ads, it didn't even truly stop AT&T from collecting this data.

 

Welp. Guess it's time to setup my browser at home to stay on proxy 24/7. I guess I'll try to set that up tonight.

Share this post


Link to post
Share on other sites

Report back if you can get it to work properly.  When I initially looked into this, I ran into multiple issues regarding their VPN/proxy plugins not supporting the same connection type and authentication as PIA. 

Share this post


Link to post
Share on other sites

http://www.bbc.com/news/technology-41008141

Quote

Flock's sensor, which it offers for $50 a year per house, logs the number plates of every car that drives into a street and takes a picture. The sensor could eventually provide facial recognition.

Residents of monitored neighbourhoods can opt-out of being tracked - but visitors, or people passing through, cannot.

A privacy expert said he believed the data collection to be legal according to US law, but that the idea could ignite a debate about the "right to be left alone in public”.

“One of the great weaknesses in US privacy law is that we only protect against intrusions into private areas, not public spaces,” said Albert Gidari, director of privacy at Stanford Law School's Center for Internet and Society.

Well I guess it was only a matter of time for the private citizenry to get in on the action.  I suppose it's only fair that anybody can collect as much data as possible as long as it's "in public."
Sadly no politician will touch stuff like this because it could be construed as being "weak on crime" or some such nonsense. 

Share this post


Link to post
Share on other sites

More from a technical point of view but that systems seems like it would be severely undermined by a huge amount of false positives which I would define as unique visitor in non-sensitive area but non-malicious activity.

Share this post


Link to post
Share on other sites

I think it's more focused on logging than for prevention.  They briefly mentioned that it "caught" one thief, but if no crimes were committed I doubt they'd have any reason to check their logs.  However if there was a crime you'd have a record of all non-residents and could even look back in records to see if the suspect cased the place before burgling it.  I expect these things to be heavily marketed to gated communities and other places with heavy HOA influence. 

I know there's no legal issues with this, but it rubs me the wrong way that governments and private citizens would record my face and license plate just while I'm driving around. 

Share this post


Link to post
Share on other sites

It kind of makes me think about the theme of technology rushing way ahead of society and laws like one issue that was described in one near-future novel I was reading where people had the ability to build drugs/compounds at home from almost raw material so many people, who simply ignored the laws and did it quietly, practically had their own pharmacy at home.

Share this post


Link to post
Share on other sites

source - https://apnews.com/db9d801feb6841058ee5cb88d9fdad9f

Quote

 

LARGO, Fla. (AP) — Florida authorities went to a funeral home and used a dead man's finger to try to unlock his cellphone as part of their investigation.

Thirty-year-old Linus Phillip was killed by a Largo police officer last month after authorities say he tried to drive away before an officer could search him.

At the funeral home, two detectives held the man's hands up to the phone's fingerprint sensor but could not unlock it.

Phillip's fiancee Victoria Armstrong says she felt violated and disrespected.

Legal experts mostly agree that what the detectives did was legal, but they question whether it was appropriate.

Charles Rose, a professor at Stetson University College of Law, tells the Tampa Bay Times that dead people can't assert their Fourth Amendment protections because you can't own property when you're dead. But those rights could apply to whoever inherits the property.

 

Because of this and other reasons I am very slowly starting to think of changing back to pin unlock on my phone.

Share this post


Link to post
Share on other sites

Technically there are some security measures in place regarding this. 

Quote

Sometimes, use your backup method

For security, you'll unlock with your backup PIN, pattern, or password after:

  • Your fingerprint isn't recognized after a few tries
  • You restart (reboot) your phone
  • You switch to a different user
  • More than 48 hours have passed since you last unlocked using your backup method

https://support.google.com/pixelphone/answer/6285273?hl=en

This does not solve every situation.  If you were incapacitated (or dead) and someone used your fingerprint within the 48 hour window it wouldn't request a pin.  But it does work in situations with a little bit of forethought, like if you're heading towards a TSA/custom's checkpoint I would just turn off or restart my phone which would trigger the PIN requirement.

I haven't looked too hard into the options for using both a fingerprint and pin, but I imagine something like that might be doable as well.

Share this post


Link to post
Share on other sites

Remember kids, "1984" by George Orwell wasn't a dystopian sci-fi novel, it was a guidebook for the UK government. 

Quote

Later this year, new UK legislation will require visitors to adult websites to prove that they’re over the legal age of 18.

It’s likely most porn sites will verify user ages through credit cards. After all, in the UK at least, you need to be over the age of 18 in order to access any kind of credit.

[...] the government department responsible for enforcing this law, the BBFC, has proposed another method of age verification that’ll see adults buy “porn passes” from high-street stores.

It’s also believed they’ll have a use outside of porn. The Telegraph reports that the passes will also be used to buy alcohol and knives online — the sales of both being tightly restricted in the UK.

https://thenextweb.com/uk/2018/05/13/uk-adults-may-soon-have-to-buy-porn-passes-from-corner-shops-to-prove-their-age-online/

I'm not going to try and claim that the US is a superior government, but I strongly believe that legislation like this wouldn't work in the US.  I can't tell if the British populace is so weak willed that they're unwilling to push back against online censorship (the "porn" filter often censors other content deemed "adult") or if the British are just completely apathetic and willing to watch any semblance of freedom they have get taken away by the nanny state. 

I don't live in Britain (I do have citizenship), but every time I read news articles about these topics I feel a genuine sense of sadness.  At this point I would not want to live there. 

Share this post


Link to post
Share on other sites

Just read the whole news post at source. It's not long.


source - https://www.engadget.com/2018/09/03/five-eyes-countries-anti-encryption-policy/

Quote

Five Eyes governments get even tougher on encryption

Official statements from the Five Country Ministerial meeting make it clear: Voluntarily build lawful access into encrypted messaging systems, or else. It's not a good look.

 

Encryption is a crime.

Share this post


Link to post
Share on other sites

"Looking Down Under for a Back Door"
article - https://slate.com/technology/2018/10/australia-u-s-encryption-backdoor-law.html
 

Quote

 

....

The Australian government is working to enact legislation to make it easier for law enforcement and intelligence agencies to access electronic communications information, including data protected by encryption, by forcing companies to weaken the security of their products.
....

The United States brought its campaign for encryption back doors to the Five Eyes—an intelligence-sharing alliance composed of Australia, Canada, New Zealand, the United Kingdom, and the United States that dates back to World War II. Limited information is publicly available about how intelligence sharing works among the Five Eyes. But we do know that alliance members have also begun collaborating on law enforcement policy.
....

Once enacted into law in Australia, these powerful new tools could help provide the United States with a back door to an encryption back door. The U.S. government cannot ask the Australian government to collect and hand over data that the United States is legally prohibited from collecting on its own, but some data may be shareable under the secret terms of the Five Eyes alliance. Beyond that, if Australia gains the tools to force providers to undermine the security of their products, the United States and other governments could exploit those same tools.
....

 

Encryption is a crime.

Share this post


Link to post
Share on other sites
On 11/30/2018 at 10:13 AM, kuhla said:

source - https://www.zdnet.com/article/coalition-and-labor-strike-deal-on-encryption-legislation/

Quote

 

New national security laws dealing with encrypted communications are likely to pass Parliament by the end of the week, as Labor and the government have come to an in-principle agreement on key parts of the Bill after a series of concessions from the Coalition.
....

Energy Minister Angus Taylor accused Labor of "running a protection racket for terrorists" by refusing to rush through the laws; Finance Minister Mathias Cormann said Labor wanted terrorists to be able to communicate via WhatsApp; and current Australian Prime Minister Scott Morrison accused Labor leader Bill Shorten of being "happy" for terrorists to plot attacks using encrypted messages.
....

 

Encryption is a crime.

Share this post


Link to post
Share on other sites

I find it hilarious that you have most people seeing articles about China's social credit score and realizing it's a horrific dystopian hellscape (A nice mix of Black Mirror S03E01 and George Orwell's 1984 on steroids).  And yet some of these same people can't understand why banning encryption is a big deal. 

While I'd love to think that as the current generation of politicians start to die off and be replaced by younger people we might see a shift in policy; I know deep down in my heart that isn't happening.  Kuhla mentioned that the Japanese government's head of cybersecurity has no idea how to use a computer.  Well it's not as funny when Rudy Giuliani (currently listed as a cybersecurity advisor) has no idea how hyperlinks work (or punctuation) and results in accusations of "invading my text"

Share this post


Link to post
Share on other sites

article - https://www.wired.com/story/australia-encryption-law-global-impact/

Quote

Australia's parliament passed controversial legislation on Thursday that will allow the country's intelligence and law enforcement agencies to demand access to end-to-end encrypted digital communications. This means that Australian authorities will be able to compel tech companies like Facebook and Apple to make backdoors in their secure messaging platforms, including WhatsApp and iMessage.
....

Encryption is a crime.

Share this post


Link to post
Share on other sites

"Man sues feds after being detained for refusing to unlock his phone at airport"
article - https://arstechnica.com/tech-policy/2018/12/man-sues-feds-after-being-detained-for-refusing-to-unlock-his-phone-at-airport/
 

Quote

 

....

Federal authorities do not need a warrant to examine a phone or a computer seized at the border. They rely on what’s known as the "border doctrine"—the legal idea that warrants are not required to conduct a search at the border. This legal theory has been generally recognized by courts, even in recent years.
....

 

If even half of the article is true, it really does reinforce the idea that your phone needs to be secure and you need to lock it down (at a minimum) while going through security.

Share this post


Link to post
Share on other sites

You probably heard the story about how most phone companies happily sell your cell phone location data to major aggregators. 
Source: https://motherboard.vice.com/en_us/article/nepxbz/i-gave-a-bounty-hunter-300-dollars-located-phone-microbilt-zumigo-tmobile

Well there were only two bright spots in that entire story.  Verizon didn't seem to participate - at least with this particular vendor.  The second is that Google Fi being an MVNO on T-Mobile/Sprint has also gotten very mad and pushed carriers to stop this at once.
Source: https://motherboard.vice.com/en_us/article/d3bnyv/google-demanded-tmobile-sprint-to-not-sell-google-fi-customers-location-data

I'm not sure how much faith I put in Google having that kind of pull, or any of the telecoms actually taking action and stopping this data from being sold but at least this particular piece of journalism provoked a response. 

Share this post


Link to post
Share on other sites

https://www.forbes.com/sites/thomasbrewster/2019/01/14/feds-cant-force-you-to-unlock-your-iphone-with-finger-or-face-judge-rules/

This gets a little screwy but we now have judges ruling that biometric data such as: fingerprints, face, or iris, cannot be compelled by law enforcement - even with a warrant - when it is being used as a password.
Why does this get weird?  Police can currently compel people to provide biometric data, fingerprints especially as a means of identification.  This has been held up by the Supreme Court. 

I'm not sure where this all ends up but for right now, I agree with the California judge, if biometrics are being used as passwords, I don't believe that law enforcement should be allowed to compel you to provide a password. 

Of course @kuhla has posted previously regarding the issue of people being held permanently under contempt of court for the very same reason of not providing encryption passwords to law enforcement.  So I assume this is another case destined for the supreme court at some point. 

Share this post


Link to post
Share on other sites

I want to be optimistic but I fee like it is too early. That needs to survive testing because we have multiple previous cases that would seem to indicate the opposite is true.

Share this post


Link to post
Share on other sites

Like I mentioned it gets weird because of past case law allowing for biometric data to be harvested from people both from warrants and from convictions.  This is a great example of a judge narrowly skirting around stare decisis
I could see some really nasty ways to get around the ruling by the California judge including charging and arresting the individual for something else and then using the captured biometric data to unlock devices (3d print a false finger based on fingerprint scans collected during the booking.)

This also goes toward the issue of compelling passwords - as I mentioned there are cases where individuals are sitting in prison because they refuse to provide passwords - even though courts have ruled the passwords constitute testimony and testimony cannot be compelled (5th amendment.)  If biometric data cannot be compelled because it is a password we need a proper federal/SCOTUS ruling that provides protections against law enforcement attempting to compel passwords from individuals OR utilizing previously compelled biometrics as a password to unlock devices. 
To go even further down the rabbit hole, you'd still run into the reality of cops unlocking phones, scraping data and then using parallel construction to find convictions. 

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...