Mobile section nearly ready
Just needs to be augmented with additional information (slides). * slides.org (Mobile): All slides ready. Needs more. * images/tp/remote-list: Add images for Mobile. * images/tp/SHA256SUM: Update with hashes of new images.master
parent
bbc74fbd55
commit
4a30b85b20
|
@ -1,3 +1,7 @@
|
||||||
|
48b3e8553c7c51573eb773a4ef4feeb2221ba33112d207b676e0de7e08665bd3 cell-tower.jpg
|
||||||
|
e45b7dcf52382c2ccb8d0fd2c8b10491e37733f4cfbf611444ca7087aa01e727 stingray.jpg
|
||||||
|
97b9850d7087ff14c93f5e01b3f4b248b030c85d4790d334eb58ce6384ab3d5e gps.jpg
|
||||||
|
ca51e8ba23a87140b1f2cf573d4761df888d7f939947823c695004ce5d3f31f7 replicant.png
|
||||||
8df6f6442bfb895e2d4d5d599d2d9a477405f590587f2a473c3e59a46d06b325 alpr-mounted.png
|
8df6f6442bfb895e2d4d5d599d2d9a477405f590587f2a473c3e59a46d06b325 alpr-mounted.png
|
||||||
4b0050a377af1fcd72f14863408eef44d40e7ba6fe31e2121ec7c3a51781a752 alpr-capture.png
|
4b0050a377af1fcd72f14863408eef44d40e7ba6fe31e2121ec7c3a51781a752 alpr-capture.png
|
||||||
31597ba3731e6eccf2e68ae8b91ad25b2e6e4685814e723333d9ea1d2579b635 alpr-pips.png
|
31597ba3731e6eccf2e68ae8b91ad25b2e6e4685814e723333d9ea1d2579b635 alpr-pips.png
|
||||||
|
|
|
@ -1,3 +1,7 @@
|
||||||
|
cell-tower.jpg https://web.archive.org/web/20170319180434/https://upload.wikimedia.org/wikipedia/commons/thumb/2/2a/T-Mobile_cell_site.jpg/251px-T-Mobile_cell_site.jpg
|
||||||
|
stingray.jpg https://web.archive.org/web/20170319180653/https://upload.wikimedia.org/wikipedia/en/c/c5/Stingray_Harris_handle_side.jpg
|
||||||
|
gps.jpg https://web.archive.org/web/20170319181816/https://upload.wikimedia.org/wikipedia/commons/thumb/8/8d/GPS_Satellite_NASA_art-iif.jpg/300px-GPS_Satellite_NASA_art-iif.jpg
|
||||||
|
replicant.png https://web.archive.org/web/20170320015032/http://www.replicant.us/images/replicant.png
|
||||||
alpr-mounted.png https://web.archive.org/web/20170318173251/https://www.eff.org/files/2015/10/20/paxton_and_spencer_.png
|
alpr-mounted.png https://web.archive.org/web/20170318173251/https://www.eff.org/files/2015/10/20/paxton_and_spencer_.png
|
||||||
alpr-capture.png https://web.archive.org/web/20170318173346/https://www.eff.org/files/2015/10/20/paxton_captures.png
|
alpr-capture.png https://web.archive.org/web/20170318173346/https://www.eff.org/files/2015/10/20/paxton_captures.png
|
||||||
alpr-pips.png https://web.archive.org/web/20170318173427/https://www.eff.org/files/2015/10/15/pipscam9_redacted.png
|
alpr-pips.png https://web.archive.org/web/20170318173427/https://www.eff.org/files/2015/10/15/pipscam9_redacted.png
|
||||||
|
|
33
sapsf.bib
33
sapsf.bib
|
@ -1025,3 +1025,36 @@
|
||||||
url = {http://www.trustev.com/technology},
|
url = {http://www.trustev.com/technology},
|
||||||
urldate = {2017-03-19},
|
urldate = {2017-03-19},
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@online{w:file:cell-tower,
|
||||||
|
author = {Appel, Thomas},
|
||||||
|
title = {File:T-mobile cell site},
|
||||||
|
organization = {Wikipedia},
|
||||||
|
date = {2015-09-23},
|
||||||
|
url = {https://en.wikipedia.org/wiki/File:T-Mobile_cell_site.jpg},
|
||||||
|
urldate = {2017-03-19},
|
||||||
|
}
|
||||||
|
|
||||||
|
@online{w:file:stingray,
|
||||||
|
title = {File:Stingray Harris handle side.jpg},
|
||||||
|
date = {2013-04},
|
||||||
|
organization = {Harris Corporation},
|
||||||
|
url = {https://en.wikipedia.org/wiki/File:Stingray_Harris_handle_side.jpg},
|
||||||
|
urldate = {2017-03-19},
|
||||||
|
}
|
||||||
|
|
||||||
|
@online{w:file:gps,
|
||||||
|
title = {File:GPS Satellite NASA art-iif.jpg},
|
||||||
|
date = {2006-02-09},
|
||||||
|
organization = {NASA},
|
||||||
|
url = {https://en.wikipedia.org/wiki/File:GPS_Satellite_NASA_art-iif.jpg},
|
||||||
|
urldate = {2017-03-19},
|
||||||
|
}
|
||||||
|
|
||||||
|
@online{wsj:app-loc,
|
||||||
|
title = {What They Know - Mobile - WSJ},
|
||||||
|
organization = {The Wall Street Journal},
|
||||||
|
url = {http://blogs.wsj.com/wtk-mobile/},
|
||||||
|
urldate = {2017-03-19},
|
||||||
|
annotation = {Popular apps that transmit location information in~2010},
|
||||||
|
}
|
||||||
|
|
147
slides.org
147
slides.org
|
@ -65,7 +65,7 @@ invasive topic-wise.
|
||||||
|
|
||||||
|
|
||||||
* LACKING Slides :export:ignore:
|
* LACKING Slides :export:ignore:
|
||||||
** REVIEWED Introduction / Opening :B_fullframe:
|
** READY Introduction / Opening :B_fullframe:
|
||||||
:PROPERTIES:
|
:PROPERTIES:
|
||||||
:DURATION: 00:01
|
:DURATION: 00:01
|
||||||
:BEAMER_env: fullframe
|
:BEAMER_env: fullframe
|
||||||
|
@ -109,17 +109,18 @@ often used and dismissed as tinfoil-hat FUD.)
|
||||||
#+END_COMMENT
|
#+END_COMMENT
|
||||||
|
|
||||||
#+BEGIN_CENTER
|
#+BEGIN_CENTER
|
||||||
#+BEAMER: \only<1>{You're Being Tracked.}
|
#+BEAMER: \only<1->{\Huge You're Being Tracked.}
|
||||||
#+BEAMER: \only<2>{(No, really, I have references.)}
|
|
||||||
|
#+BEAMER: \only<2>{\large(No, really, I have references.)}
|
||||||
#+END_CENTER
|
#+END_CENTER
|
||||||
|
|
||||||
|
|
||||||
** REVIEWED Mobile [0/5]
|
** AUGMENT Mobile [5/5]
|
||||||
*** REVIEWED Introduction :B_ignoreheading:
|
*** READY Introduction :B_ignoreheading:
|
||||||
:PROPERTIES:
|
:PROPERTIES:
|
||||||
:BEAMER_env: ignoreheading
|
:BEAMER_env: ignoreheading
|
||||||
:END:
|
:END:
|
||||||
**** REVIEWED Introduction :B_fullframe:
|
**** READY Introduction :B_fullframe:
|
||||||
:PROPERTIES:
|
:PROPERTIES:
|
||||||
:DURATION: 00:00:15
|
:DURATION: 00:00:15
|
||||||
:BEAMER_env: fullframe
|
:BEAMER_env: fullframe
|
||||||
|
@ -140,17 +141,33 @@ A phone is often synonymous with an individual;
|
||||||
In other words: they're excellent tracking devices.
|
In other words: they're excellent tracking devices.
|
||||||
#+END_COMMENT
|
#+END_COMMENT
|
||||||
|
|
||||||
*** REVIEWED Cell Towers [0/2]
|
*** READY Cell Towers [2/2]
|
||||||
:PROPERTIES:
|
:PROPERTIES:
|
||||||
:DURATION: 0:02
|
:DURATION: 0:02
|
||||||
:END:
|
:END:
|
||||||
**** REVIEWED Fundamentally Needed
|
**** READY Fundamentally Needed
|
||||||
:PROPERTIES:
|
:PROPERTIES:
|
||||||
:DURATION: 00:00:45
|
:DURATION: 00:00:45
|
||||||
:END:
|
:END:
|
||||||
|
|
||||||
|
***** Summary
|
||||||
|
:PROPERTIES:
|
||||||
|
:BEAMER_col: 0.75
|
||||||
|
:END:
|
||||||
- Phone needs tower to make and receive calls
|
- Phone needs tower to make and receive calls
|
||||||
- Gives away approximate location\cite{pbs:nova:boston}
|
- Gives away approximate location\cite{pbs:nova:boston}
|
||||||
|
|
||||||
|
***** Tower Image
|
||||||
|
:PROPERTIES:
|
||||||
|
:BEAMER_col: 0.25
|
||||||
|
:END:
|
||||||
|
|
||||||
|
#+BEGIN_CENTER
|
||||||
|
[[./images/tp/cell-tower.jpg]]
|
||||||
|
|
||||||
|
\incite{w:file:cell-tower}
|
||||||
|
#+END_CENTER
|
||||||
|
|
||||||
#+BEGIN_COMMENT
|
#+BEGIN_COMMENT
|
||||||
The primary reason is inherent in a phone's design:
|
The primary reason is inherent in a phone's design:
|
||||||
cell towers.
|
cell towers.
|
||||||
|
@ -173,16 +190,33 @@ You can imagine that such would be a very useful and important feature for
|
||||||
#+END_COMMENT
|
#+END_COMMENT
|
||||||
|
|
||||||
|
|
||||||
**** REVIEWED Cell-Site Simulators
|
**** READY Cell-Site Simulators
|
||||||
:PROPERTIES:
|
:PROPERTIES:
|
||||||
:DURATION: 00:00:45
|
:DURATION: 00:00:45
|
||||||
:END:
|
:END:
|
||||||
|
|
||||||
|
***** Summary
|
||||||
|
:PROPERTIES:
|
||||||
|
:BEAMER_col: 0.65
|
||||||
|
:END:
|
||||||
- <1-> IMSI-Catchers
|
- <1-> IMSI-Catchers
|
||||||
- <1-> Masquerade as cell towers
|
- <1-> Masquerade as cell towers
|
||||||
- <1-> Most popular: Stingray
|
- <1-> Most popular: Stingray
|
||||||
- <2-> Free/libre Android program AIMSICD available on F-Droid attempts to
|
- <2-> Free/libre Android program AIMSICD available on F-Droid attempts to
|
||||||
detect\cite{aimsid}
|
detect\cite{aimsid}
|
||||||
|
|
||||||
|
***** Stingray Image
|
||||||
|
:PROPERTIES:
|
||||||
|
:BEAMER_col: 0.35
|
||||||
|
:END:
|
||||||
|
|
||||||
|
#+BEGIN_CENTER
|
||||||
|
[[./images/tp/stingray.jpg]]
|
||||||
|
|
||||||
|
\incite{w:file:stingray}
|
||||||
|
#+END_CENTER
|
||||||
|
|
||||||
|
|
||||||
#+BEGIN_COMMENT
|
#+BEGIN_COMMENT
|
||||||
Cell Site Simulators have made a lot of news in the past (including my local
|
Cell Site Simulators have made a lot of news in the past (including my local
|
||||||
news),
|
news),
|
||||||
|
@ -207,22 +241,22 @@ It is free software and is available on F-Droid.
|
||||||
#+END_COMMENT
|
#+END_COMMENT
|
||||||
|
|
||||||
|
|
||||||
*** REVIEWED Wifi [0/3]
|
*** READY Wifi [1/1]
|
||||||
:PROPERTIES:
|
:PROPERTIES:
|
||||||
:DURATION: 0:01
|
:DURATION: 0:01
|
||||||
:END:
|
:END:
|
||||||
|
|
||||||
**** REVIEWED ESSID and MAC Broadcast
|
**** READY ESSID and MAC Broadcast
|
||||||
:PROPERTIES:
|
:PROPERTIES:
|
||||||
:DURATION: 00:01
|
:DURATION: 00:01
|
||||||
:END:
|
:END:
|
||||||
- <1-> Device may broadcast ESSIDs of past hidden networks
|
- <1-> Device may broadcast ESSIDs of past hidden networks
|
||||||
- <2-> Expose unique hardware identifiers (MAC address)
|
- <1-> Expose unique hardware identifiers (MAC address)
|
||||||
- <3-> **Defending against this is difficult**
|
- <2-> **Defending against this is difficult**
|
||||||
- <4-> /Turn off Wifi/ in untrusted places
|
- <3-> /Turn off Wifi/ in untrusted places
|
||||||
- <4-> Turn off settings to auto-connect when receiving e.g. MMS
|
- <3-> Turn off settings to auto-connect when receiving e.g. MMS
|
||||||
- <5-> Use cellular data (e.g. {2,3,4}G)
|
- <4-> Use cellular data (e.g. {2,3,4}G)
|
||||||
- <6-> **MAC address randomization works poorly**\cite{arxiv:mac}
|
- <5-> **MAC address randomization works poorly**\cite{arxiv:mac}
|
||||||
|
|
||||||
#+BEGIN_COMMENT
|
#+BEGIN_COMMENT
|
||||||
What else is inherent in a modern phone design?
|
What else is inherent in a modern phone design?
|
||||||
|
@ -262,24 +296,26 @@ And of course, we do.
|
||||||
#+END_COMMENT
|
#+END_COMMENT
|
||||||
|
|
||||||
|
|
||||||
*** REVIEWED Geolocation [0/3]
|
*** READY Geolocation [3/3]
|
||||||
:PROPERTIES:
|
:PROPERTIES:
|
||||||
:DURATION: 0:02
|
:DURATION: 0:02
|
||||||
:END:
|
:END:
|
||||||
|
|
||||||
**** REVIEWED GPS
|
**** READY Global Positioning System (GPS)
|
||||||
:PROPERTIES:
|
:PROPERTIES:
|
||||||
:DURATION: 00:01
|
:DURATION: 00:00:30
|
||||||
:END:
|
:END:
|
||||||
|
|
||||||
|
#+BEGIN_CENTER
|
||||||
|
#+ATTR_LATEX: :height 1in
|
||||||
|
[[./images/tp/gps.jpg]]\incite{w:file:gps}
|
||||||
|
#+END_CENTER
|
||||||
|
|
||||||
- <1-> Not inherently a surveillance tool
|
- <1-> Not inherently a surveillance tool
|
||||||
- <2-> Often enabled by default
|
- <2-> Often enabled, and programs abuse it\cite{jots:mobile}
|
||||||
- <2-> Might prompt user, but features are attractive
|
- <2-> Legitimate: navigation, social media, photos, nearby friends, finding
|
||||||
- <3-> Programs give excuses to track\cite{jots:mobile}
|
|
||||||
- <3-> Navigation systems
|
|
||||||
- <3-> Location information for social media, photos, nearby friends, finding
|
|
||||||
lost phones, location-relative searches, etc.
|
lost phones, location-relative searches, etc.
|
||||||
- <4-> Not-so-good: targeted advertising and building users profiles
|
- <3-> If phone is compromised, location is known
|
||||||
- <4-> If phone is compromised, location is known
|
|
||||||
|
|
||||||
#+BEGIN_COMMENT
|
#+BEGIN_COMMENT
|
||||||
Let's talk about geolocation!
|
Let's talk about geolocation!
|
||||||
|
@ -287,8 +323,8 @@ Many people find them to be very convenient.
|
||||||
The most popular being GPS.
|
The most popular being GPS.
|
||||||
|
|
||||||
GPS isn't inherently a surveillance tool;
|
GPS isn't inherently a surveillance tool;
|
||||||
it can't track you on its own.
|
it can't track you on its own.
|
||||||
Your GPS device triangulates its location based on signals
|
Your GPS device calculates its location based on signals
|
||||||
broadcast by GPS satellites in line-of-site.
|
broadcast by GPS satellites in line-of-site.
|
||||||
|
|
||||||
Because of the cool features it permits,
|
Because of the cool features it permits,
|
||||||
|
@ -305,19 +341,23 @@ Navigation systems,
|
||||||
all of these things are legitimate.
|
all of these things are legitimate.
|
||||||
You just need to be able to trust the software that you are running,
|
You just need to be able to trust the software that you are running,
|
||||||
Often times, you can't.
|
Often times, you can't.
|
||||||
Without source code,
|
|
||||||
it's sometimes hard to say if a program is doing other things.
|
Even if you can,
|
||||||
Like using it for targeted advertising,
|
if your device is owned,
|
||||||
and/or building a user profile (which we'll talk about later).
|
they can just enable GPS and your location is known.
|
||||||
#+END_COMMENT
|
#+END_COMMENT
|
||||||
|
|
||||||
**** REVIEWED But I Want GPS!
|
**** READY But I Want GPS!
|
||||||
:PROPERTIES:
|
:PROPERTIES:
|
||||||
:DURATION: 00:00:30
|
:DURATION: 00:00:40
|
||||||
:END:
|
:END:
|
||||||
- <1-> Is the program transparent in what data it sends? (Is the source code
|
- <1-> Is the program transparent in what data it sends? (Is the source code
|
||||||
available?)\cite{jots:mobile}
|
available?)\cite{jots:mobile}
|
||||||
- <1-> Does the program let you disable those features?
|
- <1-> 2010: 47 of top 100 Android and iOS apps sent location to devs and
|
||||||
|
third parties\cite{wsj:app-loc}
|
||||||
|
- <1-> Ex: /Angry Birds/ sent address book, location, and device ID to
|
||||||
|
third party\cite{networks-of-control}
|
||||||
|
- <1-> Does the program let you disable those [anti-]features?
|
||||||
- <2-> Pre-download location-sensitive data (e.g. street maps)
|
- <2-> Pre-download location-sensitive data (e.g. street maps)
|
||||||
- <2-> OsmAnd (free software, Android and iOS)\cite{osmand}
|
- <2-> OsmAnd (free software, Android and iOS)\cite{osmand}
|
||||||
|
|
||||||
|
@ -325,6 +365,14 @@ Like using it for targeted advertising,
|
||||||
So you may legitimately want GPS enabled.
|
So you may legitimately want GPS enabled.
|
||||||
It's terrible that you should be concerned about it.
|
It's terrible that you should be concerned about it.
|
||||||
|
|
||||||
|
Are the programs you're using transparent in what they're sending?
|
||||||
|
A precondition to that answer is source code;
|
||||||
|
it's otherwise hard to say if a program is doing other things.
|
||||||
|
|
||||||
|
A study by the Wall Street Journal found that 47 of the 100 Android and iOS
|
||||||
|
apps in 2010 shared your location with not only the developers,
|
||||||
|
but also with third parties.
|
||||||
|
|
||||||
You need to know what data you're leaking so that you can decide whether
|
You need to know what data you're leaking so that you can decide whether
|
||||||
or not you want to do so.
|
or not you want to do so.
|
||||||
And you need the option to disable it.
|
And you need the option to disable it.
|
||||||
|
@ -337,9 +385,9 @@ Some apps let you use pre-downloaded maps,
|
||||||
#+END_COMMENT
|
#+END_COMMENT
|
||||||
|
|
||||||
|
|
||||||
**** REVIEWED Location Services
|
**** READY Location Services
|
||||||
:PROPERTIES:
|
:PROPERTIES:
|
||||||
:DURATION: 00:00:45
|
:DURATION: 00:00:30
|
||||||
:END:
|
:END:
|
||||||
|
|
||||||
- <1-> No GPS? No problem!
|
- <1-> No GPS? No problem!
|
||||||
|
@ -349,7 +397,7 @@ Some apps let you use pre-downloaded maps,
|
||||||
nearby cell towers\cite{w:wps}
|
nearby cell towers\cite{w:wps}
|
||||||
- <2-> Signal strength and SSIDs and MACs of Access Points
|
- <2-> Signal strength and SSIDs and MACs of Access Points
|
||||||
\cite{w:trilateration,acm:spotfi,acm:lteye}
|
\cite{w:trilateration,acm:spotfi,acm:lteye}
|
||||||
- <3-> Gathered by Google Street View cars
|
- <3-> Some gathered by Google Street View cars
|
||||||
- <3-> Your device may report back nearby networks to build a more
|
- <3-> Your device may report back nearby networks to build a more
|
||||||
comprehensive database
|
comprehensive database
|
||||||
- <4-> Works even where GPS and Cell signals cannot penetrate
|
- <4-> Works even where GPS and Cell signals cannot penetrate
|
||||||
|
@ -365,7 +413,7 @@ There are numerous services available to geolocate based on nearby access
|
||||||
Based on the signal strength of nearby WiFi networks,
|
Based on the signal strength of nearby WiFi networks,
|
||||||
your position can be more accurately trangulated.
|
your position can be more accurately trangulated.
|
||||||
|
|
||||||
These data are gathered by Google Street View cars.
|
Some of these data are gathered by Google Street View cars.
|
||||||
Your phone might also be reporting back nearby networks in order to improve
|
Your phone might also be reporting back nearby networks in order to improve
|
||||||
the quality of these databases.
|
the quality of these databases.
|
||||||
|
|
||||||
|
@ -376,14 +424,14 @@ And it works where GPS and maybe even cell service don't, such as inside
|
||||||
So just because GPS is off does not mean your location is unknown.
|
So just because GPS is off does not mean your location is unknown.
|
||||||
#+END_COMMENT
|
#+END_COMMENT
|
||||||
|
|
||||||
*** REVIEWED Operating System [0/3]
|
*** READY Operating System [3/3]
|
||||||
:PROPERTIES:
|
:PROPERTIES:
|
||||||
:DURATION: 0:02
|
:DURATION: 0:02
|
||||||
:END:
|
:END:
|
||||||
|
|
||||||
**** REVIEWED Untrusted/Proprietary OS
|
**** READY Untrusted/Proprietary OS
|
||||||
:PROPERTIES:
|
:PROPERTIES:
|
||||||
:DURATION: 00:00:45
|
:DURATION: 00:00:40
|
||||||
:END:
|
:END:
|
||||||
|
|
||||||
- <1-> Who does your phone work for?
|
- <1-> Who does your phone work for?
|
||||||
|
@ -413,7 +461,7 @@ In November of last year it was discovered that these popular phones
|
||||||
That software could also remotely execute code on the device.
|
That software could also remotely execute code on the device.
|
||||||
#+END_COMMENT
|
#+END_COMMENT
|
||||||
|
|
||||||
**** REVIEWED Free/Libre Mobile OS?
|
**** READY Free/Libre Mobile OS?
|
||||||
:PROPERTIES:
|
:PROPERTIES:
|
||||||
:DURATION: 00:00:30
|
:DURATION: 00:00:30
|
||||||
:END:
|
:END:
|
||||||
|
@ -421,7 +469,14 @@ That software could also remotely execute code on the device.
|
||||||
- <1-> But every phone requires proprietary drivers, or contains
|
- <1-> But every phone requires proprietary drivers, or contains
|
||||||
proprietary software
|
proprietary software
|
||||||
- <2-> Replicant\cite{replicant}
|
- <2-> Replicant\cite{replicant}
|
||||||
- <3> Niche. Interest is low, largely work of one developer now.
|
- <2> Niche. Largely work of one developer now. (Help if you can!)
|
||||||
|
|
||||||
|
#+BEAMER: \uncover<2>{
|
||||||
|
#+BEGIN_CENTER
|
||||||
|
#+ATTR_LATEX: :width: 7in
|
||||||
|
[[./images/tp/replicant.png]]
|
||||||
|
#+END_CENTER
|
||||||
|
#+BEAMER: }
|
||||||
|
|
||||||
#+BEGIN_COMMENT
|
#+BEGIN_COMMENT
|
||||||
Android is supposedly a free operating system.
|
Android is supposedly a free operating system.
|
||||||
|
@ -439,7 +494,7 @@ I feel like I can at least trust my phone a little bit,
|
||||||
#+END_COMMENT
|
#+END_COMMENT
|
||||||
|
|
||||||
|
|
||||||
**** REVIEWED Modem Isolation
|
**** READY Modem Isolation
|
||||||
:PROPERTIES:
|
:PROPERTIES:
|
||||||
:DURATION: 00:00:30
|
:DURATION: 00:00:30
|
||||||
:END:
|
:END:
|
||||||
|
|
Loading…
Reference in New Issue