Mobile section nearly ready
Just needs to be augmented with additional information (slides). * slides.org (Mobile): All slides ready. Needs more. * images/tp/remote-list: Add images for Mobile. * images/tp/SHA256SUM: Update with hashes of new images.master
parent
bbc74fbd55
commit
4a30b85b20
|
@ -1,3 +1,7 @@
|
|||
48b3e8553c7c51573eb773a4ef4feeb2221ba33112d207b676e0de7e08665bd3 cell-tower.jpg
|
||||
e45b7dcf52382c2ccb8d0fd2c8b10491e37733f4cfbf611444ca7087aa01e727 stingray.jpg
|
||||
97b9850d7087ff14c93f5e01b3f4b248b030c85d4790d334eb58ce6384ab3d5e gps.jpg
|
||||
ca51e8ba23a87140b1f2cf573d4761df888d7f939947823c695004ce5d3f31f7 replicant.png
|
||||
8df6f6442bfb895e2d4d5d599d2d9a477405f590587f2a473c3e59a46d06b325 alpr-mounted.png
|
||||
4b0050a377af1fcd72f14863408eef44d40e7ba6fe31e2121ec7c3a51781a752 alpr-capture.png
|
||||
31597ba3731e6eccf2e68ae8b91ad25b2e6e4685814e723333d9ea1d2579b635 alpr-pips.png
|
||||
|
|
|
@ -1,3 +1,7 @@
|
|||
cell-tower.jpg https://web.archive.org/web/20170319180434/https://upload.wikimedia.org/wikipedia/commons/thumb/2/2a/T-Mobile_cell_site.jpg/251px-T-Mobile_cell_site.jpg
|
||||
stingray.jpg https://web.archive.org/web/20170319180653/https://upload.wikimedia.org/wikipedia/en/c/c5/Stingray_Harris_handle_side.jpg
|
||||
gps.jpg https://web.archive.org/web/20170319181816/https://upload.wikimedia.org/wikipedia/commons/thumb/8/8d/GPS_Satellite_NASA_art-iif.jpg/300px-GPS_Satellite_NASA_art-iif.jpg
|
||||
replicant.png https://web.archive.org/web/20170320015032/http://www.replicant.us/images/replicant.png
|
||||
alpr-mounted.png https://web.archive.org/web/20170318173251/https://www.eff.org/files/2015/10/20/paxton_and_spencer_.png
|
||||
alpr-capture.png https://web.archive.org/web/20170318173346/https://www.eff.org/files/2015/10/20/paxton_captures.png
|
||||
alpr-pips.png https://web.archive.org/web/20170318173427/https://www.eff.org/files/2015/10/15/pipscam9_redacted.png
|
||||
|
|
33
sapsf.bib
33
sapsf.bib
|
@ -1025,3 +1025,36 @@
|
|||
url = {http://www.trustev.com/technology},
|
||||
urldate = {2017-03-19},
|
||||
}
|
||||
|
||||
@online{w:file:cell-tower,
|
||||
author = {Appel, Thomas},
|
||||
title = {File:T-mobile cell site},
|
||||
organization = {Wikipedia},
|
||||
date = {2015-09-23},
|
||||
url = {https://en.wikipedia.org/wiki/File:T-Mobile_cell_site.jpg},
|
||||
urldate = {2017-03-19},
|
||||
}
|
||||
|
||||
@online{w:file:stingray,
|
||||
title = {File:Stingray Harris handle side.jpg},
|
||||
date = {2013-04},
|
||||
organization = {Harris Corporation},
|
||||
url = {https://en.wikipedia.org/wiki/File:Stingray_Harris_handle_side.jpg},
|
||||
urldate = {2017-03-19},
|
||||
}
|
||||
|
||||
@online{w:file:gps,
|
||||
title = {File:GPS Satellite NASA art-iif.jpg},
|
||||
date = {2006-02-09},
|
||||
organization = {NASA},
|
||||
url = {https://en.wikipedia.org/wiki/File:GPS_Satellite_NASA_art-iif.jpg},
|
||||
urldate = {2017-03-19},
|
||||
}
|
||||
|
||||
@online{wsj:app-loc,
|
||||
title = {What They Know - Mobile - WSJ},
|
||||
organization = {The Wall Street Journal},
|
||||
url = {http://blogs.wsj.com/wtk-mobile/},
|
||||
urldate = {2017-03-19},
|
||||
annotation = {Popular apps that transmit location information in~2010},
|
||||
}
|
||||
|
|
147
slides.org
147
slides.org
|
@ -65,7 +65,7 @@ invasive topic-wise.
|
|||
|
||||
|
||||
* LACKING Slides :export:ignore:
|
||||
** REVIEWED Introduction / Opening :B_fullframe:
|
||||
** READY Introduction / Opening :B_fullframe:
|
||||
:PROPERTIES:
|
||||
:DURATION: 00:01
|
||||
:BEAMER_env: fullframe
|
||||
|
@ -109,17 +109,18 @@ often used and dismissed as tinfoil-hat FUD.)
|
|||
#+END_COMMENT
|
||||
|
||||
#+BEGIN_CENTER
|
||||
#+BEAMER: \only<1>{You're Being Tracked.}
|
||||
#+BEAMER: \only<2>{(No, really, I have references.)}
|
||||
#+BEAMER: \only<1->{\Huge You're Being Tracked.}
|
||||
|
||||
#+BEAMER: \only<2>{\large(No, really, I have references.)}
|
||||
#+END_CENTER
|
||||
|
||||
|
||||
** REVIEWED Mobile [0/5]
|
||||
*** REVIEWED Introduction :B_ignoreheading:
|
||||
** AUGMENT Mobile [5/5]
|
||||
*** READY Introduction :B_ignoreheading:
|
||||
:PROPERTIES:
|
||||
:BEAMER_env: ignoreheading
|
||||
:END:
|
||||
**** REVIEWED Introduction :B_fullframe:
|
||||
**** READY Introduction :B_fullframe:
|
||||
:PROPERTIES:
|
||||
:DURATION: 00:00:15
|
||||
:BEAMER_env: fullframe
|
||||
|
@ -140,17 +141,33 @@ A phone is often synonymous with an individual;
|
|||
In other words: they're excellent tracking devices.
|
||||
#+END_COMMENT
|
||||
|
||||
*** REVIEWED Cell Towers [0/2]
|
||||
*** READY Cell Towers [2/2]
|
||||
:PROPERTIES:
|
||||
:DURATION: 0:02
|
||||
:END:
|
||||
**** REVIEWED Fundamentally Needed
|
||||
**** READY Fundamentally Needed
|
||||
:PROPERTIES:
|
||||
:DURATION: 00:00:45
|
||||
:END:
|
||||
|
||||
***** Summary
|
||||
:PROPERTIES:
|
||||
:BEAMER_col: 0.75
|
||||
:END:
|
||||
- Phone needs tower to make and receive calls
|
||||
- Gives away approximate location\cite{pbs:nova:boston}
|
||||
|
||||
***** Tower Image
|
||||
:PROPERTIES:
|
||||
:BEAMER_col: 0.25
|
||||
:END:
|
||||
|
||||
#+BEGIN_CENTER
|
||||
[[./images/tp/cell-tower.jpg]]
|
||||
|
||||
\incite{w:file:cell-tower}
|
||||
#+END_CENTER
|
||||
|
||||
#+BEGIN_COMMENT
|
||||
The primary reason is inherent in a phone's design:
|
||||
cell towers.
|
||||
|
@ -173,16 +190,33 @@ You can imagine that such would be a very useful and important feature for
|
|||
#+END_COMMENT
|
||||
|
||||
|
||||
**** REVIEWED Cell-Site Simulators
|
||||
**** READY Cell-Site Simulators
|
||||
:PROPERTIES:
|
||||
:DURATION: 00:00:45
|
||||
:END:
|
||||
|
||||
***** Summary
|
||||
:PROPERTIES:
|
||||
:BEAMER_col: 0.65
|
||||
:END:
|
||||
- <1-> IMSI-Catchers
|
||||
- <1-> Masquerade as cell towers
|
||||
- <1-> Most popular: Stingray
|
||||
- <2-> Free/libre Android program AIMSICD available on F-Droid attempts to
|
||||
detect\cite{aimsid}
|
||||
|
||||
***** Stingray Image
|
||||
:PROPERTIES:
|
||||
:BEAMER_col: 0.35
|
||||
:END:
|
||||
|
||||
#+BEGIN_CENTER
|
||||
[[./images/tp/stingray.jpg]]
|
||||
|
||||
\incite{w:file:stingray}
|
||||
#+END_CENTER
|
||||
|
||||
|
||||
#+BEGIN_COMMENT
|
||||
Cell Site Simulators have made a lot of news in the past (including my local
|
||||
news),
|
||||
|
@ -207,22 +241,22 @@ It is free software and is available on F-Droid.
|
|||
#+END_COMMENT
|
||||
|
||||
|
||||
*** REVIEWED Wifi [0/3]
|
||||
*** READY Wifi [1/1]
|
||||
:PROPERTIES:
|
||||
:DURATION: 0:01
|
||||
:END:
|
||||
|
||||
**** REVIEWED ESSID and MAC Broadcast
|
||||
**** READY ESSID and MAC Broadcast
|
||||
:PROPERTIES:
|
||||
:DURATION: 00:01
|
||||
:END:
|
||||
- <1-> Device may broadcast ESSIDs of past hidden networks
|
||||
- <2-> Expose unique hardware identifiers (MAC address)
|
||||
- <3-> **Defending against this is difficult**
|
||||
- <4-> /Turn off Wifi/ in untrusted places
|
||||
- <4-> Turn off settings to auto-connect when receiving e.g. MMS
|
||||
- <5-> Use cellular data (e.g. {2,3,4}G)
|
||||
- <6-> **MAC address randomization works poorly**\cite{arxiv:mac}
|
||||
- <1-> Expose unique hardware identifiers (MAC address)
|
||||
- <2-> **Defending against this is difficult**
|
||||
- <3-> /Turn off Wifi/ in untrusted places
|
||||
- <3-> Turn off settings to auto-connect when receiving e.g. MMS
|
||||
- <4-> Use cellular data (e.g. {2,3,4}G)
|
||||
- <5-> **MAC address randomization works poorly**\cite{arxiv:mac}
|
||||
|
||||
#+BEGIN_COMMENT
|
||||
What else is inherent in a modern phone design?
|
||||
|
@ -262,24 +296,26 @@ And of course, we do.
|
|||
#+END_COMMENT
|
||||
|
||||
|
||||
*** REVIEWED Geolocation [0/3]
|
||||
*** READY Geolocation [3/3]
|
||||
:PROPERTIES:
|
||||
:DURATION: 0:02
|
||||
:END:
|
||||
|
||||
**** REVIEWED GPS
|
||||
**** READY Global Positioning System (GPS)
|
||||
:PROPERTIES:
|
||||
:DURATION: 00:01
|
||||
:DURATION: 00:00:30
|
||||
:END:
|
||||
|
||||
#+BEGIN_CENTER
|
||||
#+ATTR_LATEX: :height 1in
|
||||
[[./images/tp/gps.jpg]]\incite{w:file:gps}
|
||||
#+END_CENTER
|
||||
|
||||
- <1-> Not inherently a surveillance tool
|
||||
- <2-> Often enabled by default
|
||||
- <2-> Might prompt user, but features are attractive
|
||||
- <3-> Programs give excuses to track\cite{jots:mobile}
|
||||
- <3-> Navigation systems
|
||||
- <3-> Location information for social media, photos, nearby friends, finding
|
||||
- <2-> Often enabled, and programs abuse it\cite{jots:mobile}
|
||||
- <2-> Legitimate: navigation, social media, photos, nearby friends, finding
|
||||
lost phones, location-relative searches, etc.
|
||||
- <4-> Not-so-good: targeted advertising and building users profiles
|
||||
- <4-> If phone is compromised, location is known
|
||||
- <3-> If phone is compromised, location is known
|
||||
|
||||
#+BEGIN_COMMENT
|
||||
Let's talk about geolocation!
|
||||
|
@ -287,8 +323,8 @@ Many people find them to be very convenient.
|
|||
The most popular being GPS.
|
||||
|
||||
GPS isn't inherently a surveillance tool;
|
||||
it can't track you on its own.
|
||||
Your GPS device triangulates its location based on signals
|
||||
it can't track you on its own.
|
||||
Your GPS device calculates its location based on signals
|
||||
broadcast by GPS satellites in line-of-site.
|
||||
|
||||
Because of the cool features it permits,
|
||||
|
@ -305,19 +341,23 @@ Navigation systems,
|
|||
all of these things are legitimate.
|
||||
You just need to be able to trust the software that you are running,
|
||||
Often times, you can't.
|
||||
Without source code,
|
||||
it's sometimes hard to say if a program is doing other things.
|
||||
Like using it for targeted advertising,
|
||||
and/or building a user profile (which we'll talk about later).
|
||||
|
||||
Even if you can,
|
||||
if your device is owned,
|
||||
they can just enable GPS and your location is known.
|
||||
#+END_COMMENT
|
||||
|
||||
**** REVIEWED But I Want GPS!
|
||||
**** READY But I Want GPS!
|
||||
:PROPERTIES:
|
||||
:DURATION: 00:00:30
|
||||
:DURATION: 00:00:40
|
||||
:END:
|
||||
- <1-> Is the program transparent in what data it sends? (Is the source code
|
||||
available?)\cite{jots:mobile}
|
||||
- <1-> Does the program let you disable those features?
|
||||
- <1-> 2010: 47 of top 100 Android and iOS apps sent location to devs and
|
||||
third parties\cite{wsj:app-loc}
|
||||
- <1-> Ex: /Angry Birds/ sent address book, location, and device ID to
|
||||
third party\cite{networks-of-control}
|
||||
- <1-> Does the program let you disable those [anti-]features?
|
||||
- <2-> Pre-download location-sensitive data (e.g. street maps)
|
||||
- <2-> OsmAnd (free software, Android and iOS)\cite{osmand}
|
||||
|
||||
|
@ -325,6 +365,14 @@ Like using it for targeted advertising,
|
|||
So you may legitimately want GPS enabled.
|
||||
It's terrible that you should be concerned about it.
|
||||
|
||||
Are the programs you're using transparent in what they're sending?
|
||||
A precondition to that answer is source code;
|
||||
it's otherwise hard to say if a program is doing other things.
|
||||
|
||||
A study by the Wall Street Journal found that 47 of the 100 Android and iOS
|
||||
apps in 2010 shared your location with not only the developers,
|
||||
but also with third parties.
|
||||
|
||||
You need to know what data you're leaking so that you can decide whether
|
||||
or not you want to do so.
|
||||
And you need the option to disable it.
|
||||
|
@ -337,9 +385,9 @@ Some apps let you use pre-downloaded maps,
|
|||
#+END_COMMENT
|
||||
|
||||
|
||||
**** REVIEWED Location Services
|
||||
**** READY Location Services
|
||||
:PROPERTIES:
|
||||
:DURATION: 00:00:45
|
||||
:DURATION: 00:00:30
|
||||
:END:
|
||||
|
||||
- <1-> No GPS? No problem!
|
||||
|
@ -349,7 +397,7 @@ Some apps let you use pre-downloaded maps,
|
|||
nearby cell towers\cite{w:wps}
|
||||
- <2-> Signal strength and SSIDs and MACs of Access Points
|
||||
\cite{w:trilateration,acm:spotfi,acm:lteye}
|
||||
- <3-> Gathered by Google Street View cars
|
||||
- <3-> Some gathered by Google Street View cars
|
||||
- <3-> Your device may report back nearby networks to build a more
|
||||
comprehensive database
|
||||
- <4-> Works even where GPS and Cell signals cannot penetrate
|
||||
|
@ -365,7 +413,7 @@ There are numerous services available to geolocate based on nearby access
|
|||
Based on the signal strength of nearby WiFi networks,
|
||||
your position can be more accurately trangulated.
|
||||
|
||||
These data are gathered by Google Street View cars.
|
||||
Some of these data are gathered by Google Street View cars.
|
||||
Your phone might also be reporting back nearby networks in order to improve
|
||||
the quality of these databases.
|
||||
|
||||
|
@ -376,14 +424,14 @@ And it works where GPS and maybe even cell service don't, such as inside
|
|||
So just because GPS is off does not mean your location is unknown.
|
||||
#+END_COMMENT
|
||||
|
||||
*** REVIEWED Operating System [0/3]
|
||||
*** READY Operating System [3/3]
|
||||
:PROPERTIES:
|
||||
:DURATION: 0:02
|
||||
:END:
|
||||
|
||||
**** REVIEWED Untrusted/Proprietary OS
|
||||
**** READY Untrusted/Proprietary OS
|
||||
:PROPERTIES:
|
||||
:DURATION: 00:00:45
|
||||
:DURATION: 00:00:40
|
||||
:END:
|
||||
|
||||
- <1-> Who does your phone work for?
|
||||
|
@ -413,7 +461,7 @@ In November of last year it was discovered that these popular phones
|
|||
That software could also remotely execute code on the device.
|
||||
#+END_COMMENT
|
||||
|
||||
**** REVIEWED Free/Libre Mobile OS?
|
||||
**** READY Free/Libre Mobile OS?
|
||||
:PROPERTIES:
|
||||
:DURATION: 00:00:30
|
||||
:END:
|
||||
|
@ -421,7 +469,14 @@ That software could also remotely execute code on the device.
|
|||
- <1-> But every phone requires proprietary drivers, or contains
|
||||
proprietary software
|
||||
- <2-> Replicant\cite{replicant}
|
||||
- <3> Niche. Interest is low, largely work of one developer now.
|
||||
- <2> Niche. Largely work of one developer now. (Help if you can!)
|
||||
|
||||
#+BEAMER: \uncover<2>{
|
||||
#+BEGIN_CENTER
|
||||
#+ATTR_LATEX: :width: 7in
|
||||
[[./images/tp/replicant.png]]
|
||||
#+END_CENTER
|
||||
#+BEAMER: }
|
||||
|
||||
#+BEGIN_COMMENT
|
||||
Android is supposedly a free operating system.
|
||||
|
@ -439,7 +494,7 @@ I feel like I can at least trust my phone a little bit,
|
|||
#+END_COMMENT
|
||||
|
||||
|
||||
**** REVIEWED Modem Isolation
|
||||
**** READY Modem Isolation
|
||||
:PROPERTIES:
|
||||
:DURATION: 00:00:30
|
||||
:END:
|
||||
|
|
Loading…
Reference in New Issue