Harry Potter and the Snooping Browser in Collusion with the NYT is my favorite book of the series
Kidding aside, it's a little difficult to swallow some of this stuff when it's coming from websites like this. Sure, I understand there is a huge hierarchy of how the NYT, et al., operate (and of course the set of writers and the people who choose the website's operations are likely fairly disjoint), but it's still somehow vaguely painful to watch.
In their "steps to avoid location tracking of your phone", add this to the list:
5. Disable "high accuracy location" on Android phones.
This mode enables a range of data harvesting by Google Location Services that includes detailed sensor traces fused with GPS, WiFi, and others. Google claims that this information is used in an "anonymous" way to "improve their services", but location data is not, and cannot be, anonymized. The resolution of data harvested here is nothing short of Orwellian, and you just gotta trust Google (as well as all governments that have subpoena and NSL authority over it) now and in perpetuity. No thanks!
> enables a range of data harvesting by Google Location Services that includes detailed sensor traces fused with GPS, WiFi, and others
Brought to you by the company that got caught war driving while running Google Streetview and sniffing for passwords and emails transmitted. All signed of by management[1], despite initial attempts to throw the hacker they hired for it under the bus.
"sniffing for passwords and emails" -> collecting unencrypted data broadcast to anyone nearby.
If you believe them (which you might not, since you seem to have issues here) they never even looked at any of this data once they realized what the software was collecting.
The first disclosure I could find insisted on exclusively collecting MAC and SSID. They also tried to push a "single developer" narrative in updates to it before the FCC investigation (involving fines and subpoenas) turned up several emails and a whitepaper approved by management that documented the whole war driving setup and possible use cases for the collected data.
Next up Al Capone disclosed crime empire: "I might have forgotten to tip a waiter once".
One of the issues with 5G is that you're always handing over your location using "high accuracy location" resolution and you can't disable it. Your cell phone company always had your location but it used to be accurate within a mile or so, but because 5G will have "towers" everywhere you can be located within a few feet of where you're standing.
Also I can't read the article, but hopefully disabling bluetooth is in there. Phones are being tracked via beacons that just collect the ID of every device that passes in range.
Recent iOS versions have a choice between precise or general location permission for apps, no longer just on or off. So of those few apps I give permission, even fewer get precise location.
Is there some info on how they tracked him? Just bought some public data, that was so badly anonymized, that it could be correlated with his public visits?
If I remember correctly, from reading the original story that broke this news, location data at the rectory he was living in correlated with location data at various conferences he attended. That was sufficient to identify the anonymized data as his phone.
> The Pillar correlated a unique mobile device to Burrill when it was used consistently from 2018 until at least 2020 from the USCCB staff residence and headquarters, from meetings at which Burrill was in attendance, and was also used on numerous occasions at Burrill’s family lake house, near the residences of Burrill’s family members, and at a Wisconsin apartment in Burrill’s hometown, at which Burrill himself has been listed as a resident.
This is having a chilling effect on my use of all digital services. I no longer keep my phone on. I think about whether I should click on links that might contain content I would not want associated with me, even though my interest is in learning. I treat every news article I read like clicking on it is a vote for or against something. I add all kinds of extensions to my browser to protect privacy. I use a VPN to keep my ISP from spying on me. I download all my email and delete it on the servers so that theoretically I'm the only one who has a copy. It has made my life more difficult and uncertain. I've done research in computer security so I have some idea of how to protect myself, but I still find some data leaks out. I know all networked computers are vulnerable and have little faith my home network is secure though I've locked it down as best I can. Computers and networks have become a pain to use and their benefit to me keeps going down. I would not be surprised at all if things like ransomware attacks destroy any remaining public utility of computers. Heaven help us if the USA actually gets into a blatant cyberwar (instead of the current semi-covert ones). The longer the USA goes without any kind of data privacy laws the more it looks like that is intentional.
19 comments
[ 0.19 ms ] story [ 69.5 ms ] threadKidding aside, it's a little difficult to swallow some of this stuff when it's coming from websites like this. Sure, I understand there is a huge hierarchy of how the NYT, et al., operate (and of course the set of writers and the people who choose the website's operations are likely fairly disjoint), but it's still somehow vaguely painful to watch.
5. Disable "high accuracy location" on Android phones.
This mode enables a range of data harvesting by Google Location Services that includes detailed sensor traces fused with GPS, WiFi, and others. Google claims that this information is used in an "anonymous" way to "improve their services", but location data is not, and cannot be, anonymized. The resolution of data harvested here is nothing short of Orwellian, and you just gotta trust Google (as well as all governments that have subpoena and NSL authority over it) now and in perpetuity. No thanks!
Brought to you by the company that got caught war driving while running Google Streetview and sniffing for passwords and emails transmitted. All signed of by management[1], despite initial attempts to throw the hacker they hired for it under the bus.
[1] https://www.darkreading.com/risk/google-wardriving-how-engin...
"sniffing for passwords and emails" -> collecting unencrypted data broadcast to anyone nearby.
If you believe them (which you might not, since you seem to have issues here) they never even looked at any of this data once they realized what the software was collecting.
The first disclosure I could find insisted on exclusively collecting MAC and SSID. They also tried to push a "single developer" narrative in updates to it before the FCC investigation (involving fines and subpoenas) turned up several emails and a whitepaper approved by management that documented the whole war driving setup and possible use cases for the collected data.
Next up Al Capone disclosed crime empire: "I might have forgotten to tip a waiter once".
Also I can't read the article, but hopefully disabling bluetooth is in there. Phones are being tracked via beacons that just collect the ID of every device that passes in range.
https://www.pillarcatholic.com/p/pillar-investigates-usccb-g...