Video Selections From HOPE #9 ====================================================== CheshireCatalyst-JohnDraper-TomSantaMonica--old-school-phreaking.mov A charming, informative and educational panel with three greybeards of phreaking. Presentation includes step by step walkthrough of audio examples generated from hacks across the national phone network circa 1970. HanniFakhoury--cellsite-location-data-and-nontresspassory-surveillance.mov Current state of legislation regarding cellphone location tracking by Electronic Frontier Foundation staff attorney Hanni Fakhoury. . US vs. Jones (January 2012): "Physical installation of a GPS device constitutes a search under the 4th amendment" -- suggests that third party doctrine will be re-examined . What is cell site location data (CSLD)? . Who is allowed access to CSLD? How is access granted and at what granularity of detail? . Levels of legal protection: legal requirements of 4th amendment; Electronic Communications Privacy Act (ECPA). . What is the legal definition of a tracking device? Why don't cell phones qualify as tracking devices? . Summary of 4th amendment legal framework: Olmstead (1920, wiretapping case); Katz (1967, reasonable expectation of privacy); location privacy (1980, Knots and Carrow [spelling?], distinguished from home privacy); third party doctrine (1970s, Smith and Miller); Justice Marshall: "Secrecy is not a prerequisite to privacy." . ECPA is lesser standard than "probable cause" . Mosaic theory: applies resonable expectation of privacy over time . Means of technology has advanced beyond legal models . New cases: Pitt, Graham; multiple standards of enforcement . Rapid increase of location data requests: more than 1.3 million last year, including "tower dumps" . Law enforcement challenges need to file for search warrants . Third parties (eg, cell phone service providers) should be "transparent, limiting, assertive" . Twitter defends individuals' privacy when subpoenaed as "cell phone provider" in public setting (Twitter "owns" tweets); defense, nonetheless, ignored by courts . Current EFF efforts; tracking legislative battles . Marcia Hoffmann: "protecting your information from the cops" . Iva Galprin: "how to protect yourself and your data" . Privacy policy models for communication providers StephenRambam--privacy-postmortem--part1.mov StephenRambam--privacy-postmortem--part2.mov For those who have faithfully maintained their scepticism regarding the corporate intentions of social networks, despite their popularity -- prepare to be vindicated, though the horror is still deeper and broader than expected. For everyone else: remove the batteries from your cellphone, log out all your avatars and fasten your seatbelt. Stephen Rambam presents a fast paced, though lengthy, summary on the ease, breath and sophistication of information gathering about individuals on planet Earth. Be warned that SR is a colorful personality who holds no punches and provides stark examples that are sometimes disturbing or sad. However, vicerally shocking details comprise only a small fraction of this incredible survey of investigation techniques. Part 1-- 4.45 fundamentals, overview, context of discussion 12.15 table of contents 15.00 personal details; public FBI arrest at HOPE #6 (2006) 17.15 private investigation information gathering: origins to the present 20.45 big data; cell phones; culture of Narcissism (I) (diagram of twitter activity datapoints) 34.45 Facebook; who is Zuckerberg? 45.45 culture of "friends"; Facebook survaillance initiatives 50.30 MySpace; social as grotesque (or TMI) 58.00 Google; tracking of non-subscribed or un-pingable cellphones; 411 as speech recognition research; Appinventor; infrastructure data (geo, power, medical, financial, ...); digital glasses as monitor on real-time subjectivity; facial recognition; sattelite launch; pre-crime; morality of company behavior; misinformation propagation via search results; book scanning project; politics of face blurring; interior maps; reauthoring news stories; harvesting of network data by Googlemaps cars; Safari cookie hack; profit motive as driver; Google addiction cases; what Eric Schmidt said Part 2-- 0.30 how to opt out of Google (humor from The Onion) 3.45 Narcissism II: if you don't post it to the web, did the event actually occur? 4.15 Flickr 5.00 LinkedIn 5.30 all information is collected into one place (ie, passwords, medical, ...) 8.30 de-anonymization; big data begets accuracy in surprisingly simple terms (gross categories provide accurate indentification!) 9.45 "you are your search data"; (congressional record as public exhibition of current technology); browser as the individual's signature (to the satisfaction of a jury); failure of de-fingerprinting; typing mistakes are logged and correlated; distributed cookies; forensic linguistics (trumps Tor) 19.45 photos; EXIF tags; all devices have signatures; camera noise signatures 21.45 tracking a CIA agent via photograph fragments 26.15 identity gathering companies (moral: use different password for every site) 28.00 who else is posting your data?; blogs as hemorrhage of personal data by other people 30.00 Amazon 30.45 Kindle; highlighted text is sent to the server 31.15 Ebay and Paypal; bank accounts 32.30 compilation of all data; ID scans at bars; cellphone tracking of pizza orders (compilation of home addresses); online points of purchase 35.15 trackers (browsers, wii, tivo, metro cards, CD/DVD burners; satellites, checkins, ...) 38.30 cellphones; 1.3 million law inforcement requests for location data in 2011 (bypasses wiretap legislation); follow through with GPS, SkyHook, E911, &c...; records are kept for minimum of seven years -- tracking can be real-time or retroactive; who turns off their cell phone?; cellphones correlate physical location with businesses and points-of-presence; behavior patterns; correlation patterns of multiple cellphones; harvesting cell tower data; cellphone as index into personal profile; geographical tracking; guilt by association 46.45 example: mistaken identity (Milan) -- cellphone ID tracking; abuse/mistakes of context by CIA; correlation of multiple IDs 54.45 accuracy of commercial ID tracking (eg, shopping with cellphones); phones as GPS trackers; cellphone pinging as commercial service (accuracy to 15 meters within 10 seconds) 59.15 iPhone; tracking for adversitements; cellphones as loyalty card 1.02.00 the thoroughness of target marketing -- compiled activity correlated to profile consumer behavior (colorful definitions of personal preference categories); InfoUSA 1.03.30 Axiom; personality profiling; psychographics; reboot of VolksWagen Beetle advertising; political preferences 1.09.30 cameras (accuracy, multiplicty); high-resolution depth panning; numeric explosion of camera installations 1.12.00 drones; sponsored by police, community; drones that recharge on public power lines; cameras with two mile resolution; drones disguised as fauna 1.14.45 micro-drones (micro air vehicles); advanced flight controls; US Army gives away drones to police forces; military to commercial drone ratio is 1 to 3-10; cat drone; national maps of drone usage 1.20.00 recruitment 1.21.30 gesture tracking as diagnosis of intention; facial recognition vs. wanted lists; security cameras as identity mapping; facial recognition against disguises; sub-face recognition 1.24.30 (CUT) WilliamBinney--post-911-surveillance.mov William Binney describes how US funded techniques of surveillance began to be used in the domestic theater. Presentation includes high level technology outline of tools and methods circa early 2000. TrevorTimm-ParkerHiggins--pwn-the-drones.mov Update on the state of the art for drone technology. Discussion includes: GPS jamming vs. spoofing; military vs. civilian drones; using drones as faux cell towers; zombies; overlap and regulation issues with traditionally piloted airspace; powering drones with laser light. WHAT IS HOPE? ====================================================== http://hopenumbernine.net/ Main site for HOPE #9. http://www.hopenumbernine.net/schedule/ http://www.hopenumbernine.net/speakers/ Schedule and description of all events and presenters. http://store.2600.com/honunidv.html Order DVD for any presentation. Audio only may be dowloaded free of charge.