Archive for March, 2021

Privacy in the Modern Age, Part 4

by Edward Posted: Friday, 3/26/2021

Privacy In The ModernAge, Part 4   <– PDF

There are only two kinds of emails: professional and personal.

If you have a professional email account at your workplace, then everything stated in that email should be professional in tone, all business.  Your boss and others in your company have access to all of them, and if you put personal items into a workplace email or attach offensive pictures, then that is a problem you have created and should correct immediately.  Keep the workplace emails professional.  No one is going to get too concerned about occasional innocuous jokes about how computers don’t work, or why the soda machine eats your quarters.  But never mention any personal comments about other workers, or the boss, or company policy, unless your boss specifically directs you to do so.  Never put the company’s trade secrets in an email, unless directed by the company’s owner.  But if you are directed to put trade secrets in an email by some generic manager, make some excuse not to, and remind him that trade secrets are to be protected.

I have an email that I use for professional purposes.  Since I am an independent writer, I put things in my emails that are intended for public viewing, and I don’t much care what people think about them.  They are written specifically for public consumption.  But the normal workplace is very different: keep to the relevant subjects at hand that pertain to your work, and leave it at that.

Personal emails are a different thing altogether.  You will note that “hotmail”, “gmail”, and many others are given “free”, meaning that the provider pays the near-term direct costs, while you pay the long-term indirect costs.  When you delete an email from your “free” account, it may appear to be gone, but in fact all emails are retained permanently.  A clever enough hacker can obtain all your emails, current and deleted; and of course, the provider has access to them always.  Once again, we do not really know who has access to them or if the providers have agreements with marketing corporations or government agencies to provide copies of all emails for review.  The FBI has been using in-house software since the 1980’s (called OMNIVORE and CARNIVORE) to intercept emails and all internet traffic from a particular ISP.  It has now been replaced by a commercial code NARUSINSIGHT.  Supposedly, the software is designed to intercept only traffic between a certain individual against whom the FBI has secured a search warrant.  But in this age of mass electronic intercept and storage capabilities, it is reasonable to assume that all emails are searched for certain keywords that some government agency deems “offensive” or “threatening”. Remember: if a technology exists, it is first used against recognized national enemies, but the second use is against all citizens.   There is no way to know who has access to your emails, or for what purpose. At minimum, your emails are probably being scanned by corporations for the purpose of directing advertisements in your direction.  That is annoying but harmless; however it is common now for people to have their careers ruined for something they put in an email twenty years ago; and our current ruling elite seems fascinated and overjoyed at the power of intimidation and cancellation they now wield without consequence.

So what is the best you can do to preserve your privacy regarding personal emails?  Here are some simple rules:

a. Use end-to-end encryption if possible. But don’t rely entirely on encryption: someone somewhere has the means to either break the code or obtain the keys.

b. Never put anything in an email of any importance, such as full name, address, phone number, date and place of birth, Social Security Number, mother’s maiden name, names of relatives, places you have previously lived, banking information, or schools you attended. If this information is to be provided for some legitimate purpose (such as applying for a loan), make sure it is provided only on a secure website, not by email. Even better, send it by U. S. first-class mail.

c. Never attach pictures of yourself, your relatives or friends, or any that show your home, car, or street.  If you want to send pictures, have them printed and send them by U. S. first-class mail.

Tags: ,
Posted in Privacy | No Comments »

Privacy in the Modern Age, Part 3

by Edward Posted: Wednesday, 3/10/2021

Privacy In The Modern Age, Part 3  <– PDF

I was stopped at a stop light yesterday, and next to me, also stopped in the left-turn only lane, was a young lady in a sports car, looking down, clearly occupied with her phone.  She was the fourth car in line, and when the left-turn arrow turned green, the first three cars made the turn, but she just sat there, updating her Facebook [“The New AOL”] page or something much more important that paying attention in traffic.  Anyway, she happened to look up just as the arrow was turning yellow, so she accelerated from a dead stop and made the turn just as the arrow turned red.  Fortunately, there was no one behind her in line.

People now seem to be obsessed with whatever crap is on their phone, but that is not the worst of it.  The real problem is that people are now in the habit, a very bad habit, of storing important information on their “smart” phones.  Your “smart” phone represents a very high risk to your privacy.  First of all, it is likely that all “metadata” on all phone calls is being stored in some corporate or government database other than the phone provider.  “Metadata” is information on: a) your phone number; b) the other party’s phone number; c) both locations; d) time of day; and e) length of call.  It is collected automatically by the phone service providers (usually for billing purposes), but we do not know if that data is sold, to or whom it might be sold to, or what it is used for.  Marketing people can use metadata to target you for advertising, if the metadata determines that you call certain types of businesses.  The police can use it to determine if two people know each other.  Artificial intelligence algorithms are now in use that can use metadata in conjunction with public records to determine a person’s identity, even if they only know the phone numbers.  The data on the calls you make, and the calls made by your contacts, and the ones subsequently made by those parties will allow an algorithm can determine to what extent many different people are connected.

Second, text messages are eternal; they are stored by the phone provider and on your phone, along with any and all pictures.  I like to watch the true crime (“dumb criminal”) TV shows in which a woman kills her boyfriend’s wife, then texts him, “Yup, I done killed her dead, I stabbed her 14 times and threw the knife in the dumpster behind the 7-11.”  You should regard text messages as being the equivalent of a billboard next to the interstate highway.  They are never deleted by the phone provider, even If you delete them from your phone.

Third, if your “smart” phone has internet access, all the sites you visit and all your email messages are being stored by your provider, and also on your phone, same as on your computer.   If your “smart” phone can take pictures, each picture is time-tagged along with the location of the phone when the picture was taken.

Fourth, we do not know who has access to all this metadata, and worse than that, we do not know who is recording our phone calls.  What is the possibility that such data could actually be stored?  Most phone calls end up on a communication channel that use the T-1 standard developed in the early 1960’s.  T-1 is a digital stream at 1.544 Mb/s that can handle 24 calls at 64 kb/s each (plus some additional timing and frame synchronization overhead).  Since a byte is 8 bits, T-1 voice channels operate at 8 kB/s.  Let’s suppose you are on the phone for an hour a day.  An hour is 60 minutes, each consisting of 60 seconds, for a total of 3600 seconds per hour.  At 8 kB/s, an hour of recorded voice in digital format would require 28.8 MB of data storage.  If there are 320 million people in the U. S. and each is on the phone an hour a day (assuming both two channels are required to obtain both sides of the conversation), the total storage requirement would be 9.216E+09 MB per day, or 9.216E+15 bytes per day.  A terabyte (TB) is 1000 gigabytes (GB), and a GB is 1000 megabytes (MB).  A terabyte disk drive can be purchased for about $50 retail.  Therefore a TB is 1.0E+12, and thus 9216 one-TB drives would suffice to record in digital form all these phone calls.  Multiply by 365 to get the storage requirement for one year: 3.364 million one-TB drives.  It is not too hard to conceive of a data storage facility with this capacity, given the density of storage units.  Recording and storing is the easy part; it is the indexing and accessing that would present a more difficult problem.  But it doesn’t matter: the fact that it can be done means that you should assume that it will be done, or maybe is already being done.

So, anyone with inside connections, or a cooperative agreement between your phone provider and the government, or your phone provider and a paying corporation, means that sooner or later, anyone who wants the content of your conversations and text messages will be able to get them.  That is leaving aside the current capability of the police to obtain all this if they are granted a search warrant under probable cause.  We do not know if there are any “secret” probable cause standards that may apply.

Once again, there is no reason to assume that corporations or governments (especially foreign governments) are abiding by their advertised “privacy” policies. You do not have the means to force them to prove it.  You should assume they are not abiding by their stated privacy policies, and that any data they possess about you is at least being used for marketing purposes.

So, what can you do to improve your privacy position?  You cannot prevent your phone provider from collecting metadata; that is written into the contract. But you can do several other things:

  1. Get rid of your “smart” phone and go back to the dumbest phone you can find.
  2. Stop texting; if it’s not important enough to talk to someone about, it probably isn’t important enough to bother them with. Go back to having normal conversations like humans are meant to do.
  3. Use your dumb phone to make one or two wrong number calls each day; completely random.
  4. Even if your dumb phone has camera capability, do not take pictures with it. Buy a separate camera for pictures.
  5. If you must have a “smart” phone, use encryption.
  6. No matter what kind of phone you have, turn it off most of the time and use pre-arranged times to turn it on and call people.
  7. Go back to a house phone and minimize the use of mobile phones (if you can afford the extra charge).
  8. Ward off “junk” phone calls by answering them with greetings like “Alien Abduction Hotline”, “Bigfoot Sighting Information Center”, “Internal Revenue Service Audit Division”, “Lucifer’s Mortuary”; and “Ford Pinto Parts and Service”. You get the idea.
Tags: ,
Posted in Bill of Rights, fourth amendment, Privacy | No Comments »