Category Archives: Security

Privacy Loss Has a New Ring: £100,000 Fine for Using Amazon Products?

Source: Ring Store. Amazon is literally promoting the very thing a judge just struck down as intent to violate privacy. Protecting the home legally failed to extend “around” a home.

Ring seems to be hurting the surveillance industry as well as privacy rights. This makes it a bizarre product that benefits very few while it spreads far more harm than good at scale (only really helps the people selling it, I suppose).

Start by looking into the whistleblower “Ring must die” story from just a few months ago:

The deployment of connected home security cameras that allow footage to be queried centrally are simply not compatible with a free society. The privacy issues are not fixable with regulation and there is no balance that can be struck. Ring should be shut down immediately and not brought back.

Then review things like the earlier completely broken and unsafe security model of Ring, leaving all the data exposed.

Software to hack Ring cameras has recently become popular on the forum. The software churns through previously compromised email addresses and passwords to break into Ring cameras at scale.

Finally, consider this emerging odd story about a woman being awarded a huge fine because her neighbor installed Ring cameras:

Judge Melissa Clarke dismissed Mr Woodard’s claim that the driveway camera was used legitimately. She ruled that ‘crime prevention, could surely be achieved by something less’ than the devices. Judge concluded images and audio of Dr Fairhurst’s property captured by devices was her personal data. Also ruled Mr Woodard had breached UK GDPR by failing to process her personal data ‘transparently’. He then ‘sought to mislead Claimant about how and whether the Cameras operated and what they captured’. Fine of up to £100,000 could be handed out by judge. But final sentencing decision will be made a later date.

Putting hefty fines on the people caught with a Ring is… an interesting approach to the problem of product safety.

Image: Alan Lee. A concerned neighbor (left) confronts a Ring user (right).

Will Amazon respond by selling a legal insurance policy along with their freedom-destroying invasive technology (and would any Gollum even accept such a policy)?

At first I didn’t believe this third story was real… then it went to the BBC.

…the judge added: “Even if an activation zone is disabled so that the camera does not activate to film by movement in that area, activation by movement in one of the other non-disabled activation zones will cause the camera to film across the whole field of view.”

On the positive side the latest push back mounts pressure on all retail surveillance camera vendors (looking at you Lorex, DLink, Swann, etc.) to up their game in competitive tests, proving to the market technically how they aren’t back-hauling data that leaves everyone exposed (end-to-end encrypted for local operators using public networks for privacy-preserving views) — to improve confidentiality.

The push back also begs the question of scoping tools, such that sensor technology can limit range and integrity of recordings, while still being obsessively compelled to do the exact opposite — increase range (and fidelity) — to improve integrity.

Reminds me of a homicide case I was pulled into after high resolution cameras on the outside of a building had captured details of a moving car hundreds of feet away. I had to testify the resolution was really that good that long ago (police had downloaded the footage soon after the incident, yet the case wasn’t heard until years later).

While obviously I’m not a lawyer there are some deep legal issues for a judge who generally indicates a camera shouldn’t be pointing at a neighbor or even around a neighborhood the camera owner lives in. That’s seriously grey space.

This case to me thus seems to rest more soundly on an “unfair” and “unsafe” operation principles, rather than on diminishing a right to install and operate sensors for the open spaces around one’s own home.

As a long-time surveillance camera installer and operator, including investigations and court work, I look at the Amazon Ring product as a disaster for all those involved. Without Amazon would such flagrant disregard for security (confidentiality and integrity failures) even survive in the market?

Farid’s Clear Explanation of Apple’s Client Side Scanning

Click to enlarge. McAfee VirusScan Wireless packaging from 2000. Client side scanning for mobile devices has been around a very long time with little to no resistance.

Here’s an important podcast with Hany Farid, definitely worth a listen for anyone interested in the facts related to Apple’s client-side scanning for child sexual abuse material (CSAM)

In this Safeguarding Podcast with Hany Farid, Professor at the University of California, Berkeley: PhotoDNA, what is is and how it works, what PhotoDNA doesn’t do, what are Hashes and do they work in an End-to-End Encrypted world, is Apple’s NeuralHash child safety proposal the incipient slippery slope as many claim, Apple’s Secret Sharing Threshold and why that’s a problem, and “WhatsApp’s hypocrisy”.

Keep in mind when listening to this podcast that the big and primary difference between decades of client side scanning of mobile devices for viruses, and Apple’s new proposal to scan for CSAM is… the latter benefits children (society in general) whereas the former benefits mainly the device owner (with some secondary benefits to society).

Farid repeatedly visits this as hypocrisy without pointing to the ugly underlying cultural motive for it (selfishness).

In other words, what if I told you a primary objection to Apple’s CSAM seems rooted in American political thinking (e.g. techno-political-extremism denying children rights) that wants to block power from being used to protect the most vulnerable in society (e.g. sad history of America’s unique tipping culture)?

Also I bristle when anyone attempts to claim an “incipient slippery slope” to CSAM or any other technology. A slippery slope risk is similar to likelihood of being impaled by unicorns.

Here’s how the fallacy works and why slippery slope is illogical:

  1. They warn the government soon could be using this thing to hurt you.
  2. Then I say why stop there, the next thing I know they are using it to hurt me.
  3. They say whoa there, that’s crazy, why on earth would they want to hurt me.
  4. Then I say sorry it’s a slippery slope (fallacy) therefore nothing stops the slide. Anything is possible, therefore everything will happen including them hurting me.
  5. They protest saying reasons X, Y, Z means they wouldn’t do that.
  6. Then I say AHA! See the problem? Suddenly reasons exist for a slope being not slippery?

New war is old war: Propaganda targeting activists is a norm

A new article makes the strange claim that propaganda networks have “shifted” targeting from drugs to political activism.

New war: How the propaganda network shifted from targeting ‘addicts’ to activists.

The problem with such “new” analysis, any historian could probably show, is that activists historically have been called things like drug addicts to make them targeted more easily (avoid scrutiny of anti-democratic actions).

There is no shift, just recognition a system of heavy-handed criminalization uses encoding to escape proper scrutiny.

The Nixon campaign in 1968, and the Nixon White House after that, had two enemies: the antiwar left and black people. You understand what I’m saying? We knew we couldn’t make it illegal to be either against the war or black, but by getting the public to associate the hippies with marijuana and blacks with heroin, and then criminalizing both heavily, we could disrupt those communities. We could arrest their leaders, raid their homes, break up their meetings, and vilify them night after night on the evening news. Did we know we were lying about the drugs? Of course we did.

Today extremist right-wing Americans just overtly say they are going with war with the “left” instead of pretending to care about drugs.

50 Waymo Per Day Reportedly Stuck in a Dead-end Street

Sad to see how driverless car “learning” is failing so badly:

“We have talked to the drivers, who don’t have much to say other than the car is programmed and they’re just doing their job,” King says.

“There are fleets of them driving through the neighborhood regularly,” says Lewin. “And it’s been going on for six, eight weeks, maybe more.”

How many driverless cars does it take to map a dead-end? Apparently up to 50 every day for two months… so far.

Not just a massive failure of learning, a colossal waste of resources.

The Day Churchill Called Mussolini “greatest living statesman of our time”

This very typically biting and insightful anecdote about Churchill comes from a military history book describing Allied preparations for D-Day:

Air Superiority in World War II and Korea: An Interview with Gen. James Ferguson, Gen. Robert M. Lee, Gen. William W. Momyer, and Lt. Gen. Elwood R. Quesada. (1983). United States: Office of Air Force History, U.S. Air Force. Page 56

The General probably should not have been shocked. Everyone surely knows Churchill was known for his failure to admonish Mussolini, right?

Mosley was to put it more concisely later when he repeated that the British Fascists wanted to turn Parliament ‘from a talk-shop to a work-shop’. When Churchill praised Mussolini’s Italy for its economic realism, it was of course the British Chancellor of the Exchequer envying the Fascist dictator for the room for manoeuvre which the absence of an effective opposition gave him.

The offensive declarations of January 1927 were of a different nature, in that they clearly justified the introduction of Fascism as a bulwark against Bolshevism.

However, a careful reader of history will note that Churchill preferred death to either Fascism or Bolshevism and thus was crudely thinking of himself as above either.

…his Commons speech of 14 April 1937 he suggested that a self-respecting Briton would face death rather than accept ‘to choose between Communism and Nazism’ :

I hope not to be called upon to survive in a world under a government of either of these dispensations.

Self-respecting here is taken to mean a Briton who hasn’t stooped so far as to allow extremism to take hold. Or to put it another way, as I described in a 2014 blog post, fall victim to what Germany experienced:

The stock market crash of 1929 led to extremely heated conflict by radical groups trying to split votes; intellectual communism versus ultra-nationalism. This led to violence, which led to mob rule by fascist militia and 1932 end of the republic.

Britain arguably rested upon a representative government that had increasingly allowed for mass dissent. And while it was far from an ideal system it didn’t end with abrupt violent revolution in the “European” way.

Seems almost natural for Churchill to claim to appreciate the very thing that he also detested so much, through dark sarcasm and sharp wit.