Friday, April 05, 2013

Privacy In Public II (less privacy)

Ars Technica ran this story last month
“Stop the Cyborgs” launches public campaign against Google Glass ,

Its about a group who think we should resist Google Glass, There are some thought provoking points raised:

As soon as we got inside however, the employees at Starbucks asked us to stop filming. Sure, no problem. But I kept the Glass’ video recorder going, all the way through 
"Google Glass is possibly the most significant technological threat to 'privacy in public' I've seen," Woodrow Hartzog, an affiliate scholar at the Center for Internet and Society at Stanford Law School, told Ars.
 The law has yet to figure out how to unravel the fact that there are many situations where individuals expect privacy in public. So perhaps the best approach to this, at least initially, is a vocal, context-based opposition

Privacy In Public

I'm becoming increasingly disturbed by the possibility of what I call "MAC address stalking", where people could be located if their WiFi is on and if you can associate their phone number with the phone's MAC address. So imagine my horror this week when I saw these instructions for accessing free WiFi in ASDA stores..

Registering for Asda Wi-Fi couldn’t be easier with just a few simple steps:
1. Select Asda Free Wi-Fi from your network list on your phone
2. Enter your mobile number
3. Receive a text message with your access code
and from their Terms and Conditions this:
"By signing up to the WiFi service, you agree for us to share your information with ASDA and ASDA group companies for them to use this information for marketing and analytics purposes" 
Note that "ASDA group companies" probably means the whole of WalMart.
Doing this would mean that ASDA now have a link between MAC address and phone number.

At its most benign this means that whenever the same MAC address is seen nearby (you wouldn't even need to "connect" to their WiFi again) they could "use this information" to send a text or a call "for marketing" or just log you for "analytics purposes".

You wouldn't need to interact in any way for them to know that you walked past their store at 2am.

If this data got into the wrong hands (and ASDA isn't necessarily the right ones) it could be a stalkers charter.

Imagine if you could look up someone's phone number and get their phone's MAC address, then you could use the network to find out where they are connected, and use Google's location service to find their physical location.

Ok its not as simple as it sounds, but if I can imagine it, someone somewhere can make it happen. Interested?

Read more here:

android map - by samy kamkar
Stalker App Strikes Back at iPhones & Starbucks 
Hacker pilfers browser GPS location via router attack
Hack uses Google Street View data to stalk its victims 

I know nothing, I'm not a fortune teller, and you'd be insane to think that I am. This disclaimer was cribbed from an email footer I once received. It is so ridiculous I had to have it for myself.

Statements in this blog that are not purely historical are forward-looking statements including, without limitation, statements regarding my expectations, objectives, anticipations, plans, hopes, beliefs, intentions or strategies regarding the future. Factors that could cause actual results to differ materially from the forward looking statements include risks and uncertainties such as any unforeseen event or any unforeseen system failures, and other risks. It is important to note that actual outcomes could differ materially from those in such forward-looking statements.

Danny Angus Copyright © 2006-2013 (OMG that's seven years of this nonsense)