Fullscreen HTML5Med Res (??MB)HTML4

Big Brother is tracking you! Part One: By Dr David Maddison When people picture what spying looks like they might think of the more traditional methods, but governments, businesses and individuals – benign or nefarious, nearby or far away – can and do track just about everything you do online (and a lot more besides). H uman society has never been under as much surveillance as it is today. This is partly because the widespread use of computers means that every transaction, interaction and movement can be recorded. It’s also because many governments and businesses have an insatiable lust to surveil their subjects, often with very few protections to guarantee any sort of privacy. Many private organisations and criminals seek advantage from watching you as well. While this all sounds pretty sinister, please note that surveillance itself is not necessarily illegitimate. There are good reasons (or excuses) to watch certain people, for example, violent criminals. But the ease with which surveillance data is collected from people, both by government and corporations (especially ‘social media giants’), makes it likely or even inevitable that such information will be misused. Put it this way: it’s much easier to trawl the ocean with a giant net, pull it up and see what you’ve caught than it is to catch a particular fish with a rod and line. But what if the net catches more than is intended? Perhaps some tasty but endangered fish. Can we trust the fisherman to throw those ones back? Big problems can arise when the collected data is sold to third parties (usually for profit – how do telemarketers get your phone number?). Or when government(s) or corporations want to dictate what you see and hear. Do you accept the adage “if you have nothing to hide, you have nothing to fear”? Famous whistleblower (or, depending on whom you ask, criminal leaker) Edward Snowden said that “Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say.” As you read the following, note that all the information presented in this article is readily available from public sources. We won’t discuss old-fashioned surveillance methods like reporting on your neighbours, as is standard in dictatorships. We will restrict ourselves to providing a taste of some of the more interesting and current electronic methods. We say taste because there is so much digital surveillance going on that we can only scratch the surface (and not all of it is public knowledge). Facebook, Google, Twitter and LinkedIn are examples of ‘free’ services which collect user information. It’s a matter for the individual whether the information they give out is worth the benefit from the platforms they use. 16 Silicon Chip Australia’s electronics magazine siliconchip.com.au On related topics, see our past articles on the History of Cyber Espionage and Cyber Weapons in the October and November 2019 issues (siliconchip. com.au/Series/337). Tracking privacy concerns can be broadly divided into two categories: governmental & non-governmental. Given that the government makes the laws (and often can ignore them), clearly there is more scope for losing privacy to government actors. Part one of this article will concentrate on investigating non-government actors (typically large corporations) and will also discuss some options you have for enhancing your privacy. Next month, the follow-up article will detail how governments, including ours, can and do track their citizens. Free services Pretty much nothing is truly free – as the old saying goes, “there ain’t no such thing as a free lunch”. ‘Free’ services offered on the internet and via your phone usually compromise your privacy with extensive recording and analysis of almost everything you do. One of the objectives is to use your information for targeted advertising or other purposes. You may be receiving a ‘free’ service but giving away an extensive profile of yourself. There’s another, more modern saying which goes something like, “If you are not paying for it, you’re not the customer; you’re the product.” Until the universal adoption of mobile phones, the main ways people could be surveilled was by inspection of telephone and banking transaction records (eg, credit card purchases). But with smartphones, everyone has their own personal tracking device, and many details of one’s life is frequently recorded on it (or on other nearby devices). In addition, effective facial and car number plate recognition technologies mean that you can be recognised anywhere there is a camera or anywhere a picture is posted online. EXIF data It is often possible to tell where a photo is taken. Many photos posted online contain so-called EXIF data, which often includes GPS coordinates. Even if it doesn’t, it is possible to use Google Earth (or other) imagery to work out where a photograph was taken. Sometimes even if an image file lacks EXIF data, it might be possible to find another copy of the image online with the EXIF data intact by using a “reverse image search” (described later in this article). Now virtually the whole Earth has been mapped, including street views, in visual databases such as Google Earth. So there is enough data available that a skilled person can use Google Earth to determine the location a photo was taken using only visual clues. Other tracking methods Every smartphone has a GPS, but even if this is deactivated, mobile phones can still be tracked by signal triangulation or via nearby WiFi networks, regardless of whether you have connected to them. Some Apps track your location this way. Voice recognition is now good enough to work reliably, without training, in real-time. A stream of your voice converted into plain text can be easily searched by anyone who has access to it. Social media companies have been known to search speech-to-text logs for ‘forbidden’ topics they wish to censor, blocking posted videos and the like, regardless of the author’s qualifications. EXIF (exchangeable image file format) data is created when taking photos using a camera, phone or other system. It stores some identifiable information such as GPS co-ordinates, the date & time when the photo was taken along with camera information such as focal length, aperture etc. How people are surveilled or tracked We should first consider some ways that surveillance is possible before we discuss specific technical details. The following, at a minimum, allows you to be surveilled: • Using an internet connection (wired or wireless), or other network connection such as Bluetooth or a mesh network. • Using a wired or wireless phone. • Connections established via Internet of Things devices (“IoT”). • Making purchases with a credit card, debit card or mobile phone. • Being subject to facial, voice or car number plate recognition (see our April 2019 article at siliconchip. com.au/Article/11519). • Being listened to or observed by microphones or cameras on your smart TV, mobile phone or PC. siliconchip.com.au Some see this as a challenge; there is a YouTube channel by “GeoWizard” (www.youtube.com/c/GeoWizard) who, in his “Geo Detective” series, invites viewers to submit random photos of themselves. He then uses his Google Earth skills to work out where the photo was taken. See “Can I pinpoint the EXACT location of my fans using a single image?” at https://youtu.be/k-5J0kL7aRs If one had high-level access to the Google Earth database (or similar), this could possibly be done automatically, using scene-matching algorithms without human intervention. Australia’s electronics magazine November 2021  17 Fig.1: a WiFi and cellular network map of part of Melbourne from https://wigle.net/ You can check the website to see if your own home or business access point (AP) is shown. You can also participate in data collection for this database using an App on your Android smartphone or laptop. Tracking via wireless networks Every WiFi access point (AP), public and private, including any you have at home, has a unique ID. These are freely visible to anyone with a WiFi device (even if they don’t have the AP password), and maps showing their locations are freely available. An example of a freely available WiFi map is https://wigle.net/ (see Figs.1-3). This information is available by necessity, because a WiFi network has to identify itself to authorised users who can then log on using a password. Information for these WiFi maps is collected by private individuals who may do it as a hobby, such as with wigle.net It is also done by major corporations such as Google and Apple. A lot of information can be obtained apart from the unique ID called the SSID (service set identifier), which is a natural language name, and the BSSID (basic service set identifier), which is a 48-bit number following MAC (media access control) address conventions. A MAC address is permanently assigned at manufacture to addressable devices on a network and is printed on the device. The user can change the SSID but not the BSSID. Smartphones act as a 24/7 monitoring tool for Google and Apple, reporting the WiFi networks near you. Using triangulation, they can determine your Fig.2: a zoomed-in view of a foreign city showing SSIDs and BSSIDs. To see this level of detail, you need to establish an account, but that is free and takes only seconds. 18 Silicon Chip Australia’s electronics magazine location fairly accurately (probably to within 10m). You don’t even have to be connected to those networks; your phone always sees them. Your Google or Apple ID is associated with your current position with respect to WiFi networks and GPS location. This feature cannot be turned off (unless WiFi is turned off) because your phone is constantly broadcasting its BSSID. However, a de-Googled Android or Linux phone will not do this, as discussed later. Google and Apple are constantly tracking you. By default, Google records where you visit and the route you take. Apple is also tracking you 24 hours a day, and monitoring your WiFi devices have a BSSID which is both a unique and unchangeable identifier. Software such as Cain & Abel can also be used to demonstrate how insecure these networks can be. siliconchip.com.au Map Net ID SSID Name Est. Long Channel Bcn Int. QoS map 00:01:38:74:9E:58 mcdonalds map 00:01:38:81:AF:C7 McDonalds infra -20.72732735 139.49467468 6 0 0 49.99446106 36.23361206 4 0 map 00:01:9F:11:5D:69 Mcdonalds 2 2020-08-02T16:00:00.000Z 42.98684311 -84.54867554 6 0 map 00:01:E3:46:78:25 McDonalds 1 2014-06-20T20:00:00.000Z 2014-06-28T14:00:00.000Z 51.25014496 6.47709274 9 0 map 00:02:2D:27:D7:DE Mcdonalds 2 2002-06-15T02:00:00.000Z 2004-07-05T00:00:00.000Z 33.35100555 -111.82453156 1 0 map 00:02:2D:5F:EF:97 McDonalds 5 2001-01-01T00:00:00.000Z 2006-04-03T14:00:00.000Z 32.51906204 -84.95638275 1 0 map 00:02:2D:75:5B:D1 McDonalds 0 2001-01-01T00:00:00.000Z 2004-05-03T18:00:00.000Z 32.50689697 -84.97121429 0 0 map 00:02:2D:C4:3C:C0 Mcdonalds 0 infra 2005-08-14T16:00:00.000Z 2020-08-06T00:00:00.000Z 32.81165695 -116.91766357 11 0 map 00:02:6F:08:0D:53 7 McDonalds ???? 2004-05-25T04:00:00.000Z 2004-05-24T23:00:00.000Z 40.63832474 -116.9475174 0 0 map 1 00:02:6F:08:0D:54 McDonalds ???? 2004-05-25T04:00:00.000Z 2004-05-24T23:00:00.000Z 40.95933151 -117.74948883 0 0 1 map 00:02:6F:30:E9:55 McDonalds Prism I infra 2004-06-19T08:00:00.000Z 2005-09-24T18:00:00.000Z 39.17835617 -119.76688385 1 0 2 map 00:02:6F:33:B1:1F McDonalds WiFi Hopper infra 2006-10-04T05:00:00.000Z 2008-10-26T02:00:00.000Z 35.15372849 -106.58855438 3 0 4 map 00:02:6F:36:B4:0F McDonalds 2001-01-01T00:00:00.000Z 2007-11-27T11:00:00.000Z 34.07216644 -106.89331818 6 0 0 map 00:02:6F:38:5B:47 McDonalds 2001-01-01T00:00:00.000Z 2007-11-27T11:00:00.000Z 34.0725174 -106.89299774 7 0 0 map 00:02:6F:71:11:13 McDonalds infra 2010-11-23T21:00:00.000Z 2012-05-07T07:00:00.000Z 42.21239471 -71.18297577 10 0 7 map 00:02:6F:98:A2:2C McDonalds infra 2012-02-08T12:00:00.000Z 2012-04-01T09:00:00.000Z 4.68668699 -74.0754776 3 0 7 Mcdonalds 1 Type First Seen Most Recently 2001-01-01T00:00:00.000Z 2009-02-28T00:00:00.000Z 2013-01-02T16:00:00.000Z 2013-04-03T02:00:00.000Z infra 2001-12-17T16:00:00.000Z infra BBS McDonalds11915 Prism I Crypto Est. Lat Found by Me Free Pay Comment Fig.3: a search on wigle.net for an SSID that might correspond to the name of a famous fast-food restaurant chain. This shows some of the information that is freely transmitted by WiFi access points and also recorded, in this case, by https:// wigle.net/ users. Google and others collect similar information. activity patterns; that’s how it can predict where you’re going and your estimated time of arrival. The tracking can be disabled to a certain extent in both cases; search online forums if you are interested in doing so. If you have a Google account, your location history is viewable at https:// maps.google.com/locationhistory/b/0 Apart from Google and Apple, if you knew or could guess someone’s SSID, you could search one of these public databases to find where that AP is located and find their BSSID. However, keep in mind that if the device in question is mobile, the position would not necessarily be accurate unless it was updated very recently. The SSID is given a default name by Apple devices, using a user’s first name, such as “John’s iPhone”. When I searched “iPhone” on wigle.net, I got over one million hits. Someone who knew John had an iPhone and lived within a particular geographical area and could guess their SSID would have a fair chance of finding where they live. Even if John became wise and changed his SSID, the BSSID would remain with the device, and if it was already known before the SSID was changed, John could still be located. Suppose the device had been used regularly at any location away from home, such as at work, a pub or a family member’s home. In that case, John might still be locatable if his SSID or BSSID has been recorded at that location. siliconchip.com.au For this reason, it is advisable not to use Apple’s default SSID or an identifiable SSID on any wireless device. If you don’t want such information to be recorded, the only answer is to use a hardwired connection to your laptop or phone and turn off WiFi on all your devices, including the router and modem. It is actually possible to buy Ethernet adaptors for phones – see Fig.4. Yes, your phone would be plugged into a cable and attached directly to your router, but it’s not much different to connecting to a charger. Alternatively, you could only use 3G/4G/5G data and not WiFi. In 2010, Google admitted they were (apparently mistakenly) using Google Street Cars for WiFi sniffing as well as photography; see siliconchip.com.au/ link/ab9n If you want to keep using WiFi but don’t want Google to use the information gathered in the process, see the following website on how to opt out of providing that data: siliconchip.com. au/link/ab9o However, that doesn’t stop your SSID or BSSID from being broadcast to others. You can hide the SSID broadcast, but should you? See siliconchip. com.au/link/ab9p for a discussion on the subject. Fig.4: a safer way to connect your smartphone to the internet. Some such adaptors also have a power pass-through to keep your phone charged at the same time. This is a screengrab from the video titled “Connect Network Adapter to Smart phone” at https://youtu.be/I215rJy7y10 Australia’s electronics magazine November 2021  19 Relevant video links ● Skynet is Here – Ready for the Singularity? – https://youtu.be/DVzY5bk1EZA ● You’re WRONG about Linux phones – https://youtu.be/z29aJCTn-mY ● The Best Browser for Internet Privacy? – https://youtu.be/fZTXGUjHTJc ● The MOST private browser (2021) – https://youtu.be/G09oVgDurTI ● Tracking Our Locations – New Tech in 2021 – https://youtu.be/p0_nXC30snk ● Book review: www.politico.com/magazine/story/2018/06/03/cyrus-farivarbook-excerpt-stingray-218588/ Facebook The social media website Facebook is ‘free’ but makes its revenue from vacuuming up the data of everything its users post, such as photographs, status updates, friendships, the pages they follow, etc. This enables a detailed profile of each user to be created, which is then used for targeted advertising. Data is gathered, and your privacy is lessened through various means such as: • Facial recognition being used to determine who is in pictures you post, along with the time and location of those photos • Others can “follow” your posts without your knowledge • Pending (yet-to-be-approved) “friends” can see your posts • Facebook shares collected user data with third-party Apps • They track your location and if other users are nearby • They track places you “check in” to • They track links you click on • Almost anything you do on Facebook is collected and analysed The Guardian has an article on how Facebook violates users’ privacy at siliconchip.com.au/link/ab9x You can opt out of some features of Facebook to improve your privacy. The data collected can be reviewed by checking your “off-Facebook activity”, see www.facebook.com/ help/2207256696182627/ According to a 2016 report in the Washington Post (siliconchip.com. au/link/ab9y), 98 separate parameters are included in users’ profiles, with probably more by now. The complete list is too long to publish here, but it includes things like: • Education level • Field of study • Ethnic affinity • Income and net worth • Job type, employer or employee and sector • Users who are away from family or hometown • Users who are friends with someone who has an anniversary, is newly married or engaged, recently moved, or has an upcoming birthday • Mothers, divided by “type” (“soccer”, “trendy” etc) • Users who are likely to engage in politics and their leanings • Users who plan to buy a car (and what kind/brand of car, and how soon) • Style and brand of car or bike the user drives • Users who donate to charity • Users who invest • Users who carry a balance on their credit card • Preferences for TV shows • Consumption behaviour of users, eg, do they buy a lot of medicine, Starting just two years ago, Facebook now provides a way to check and manage what data is collected by third-party websites and applications when browsing Facebook – https://about.fb.com/news/2019/08/off-facebook-activity/ 20 Silicon Chip Australia’s electronics magazine siliconchip.com.au alcohol, beauty products, pet food etc • Types of restaurants user eats at • Kinds of stores user shops at • Users who are ‘receptive’ to offers from companies offering online insurance, higher education or mortgages, and prepaid debit cards/satellite TV • Users who are interested in sport • Users who travel frequently, for work or pleasure There’s a lot more information on how Facebook tracks users in the book “Anti-Social Media: How Facebook Disconnects Us and Undermines Democracy” by Siva Vaidhyanathan. Google Google, like Facebook, is another ‘free’ service. They are most famous for their search engine. They also offer a free email service (Gmail), cloud data hosting (Google Drive), the YouTube video platform and the Chrome web browser. Google also maintains massive map databases and Google Earth, with high-resolution imagery of the Earth from above, street-level photos and imagery of other planets. Google probably knows more about you than you do, and tracks your movements. However, that (and certain other monitoring features) can be disabled if you know how. Like Facebook, Google earns revenue from targeted advertising based on your profile, including advertising related to the things you search for and the contents of your Gmail account. By using their services, Google and others build a profile on you. This profile is used for purposes such as deciding what ads to serve you to but it can also affect what results you get from web searches. There are many articles about how to improve your privacy with Google. Search for “how to improve privacy on Google”. This is a humorous video related to ordering pizza and what Google might know about you, titled “Google Pizza Joke 2021” at https://youtu. be/Fr0Vl_ovbjw The name “cookies” might seem fairly innocuous, or even enticing, they play an important role in storing information about website visitors. Authentication cookies can be a useful way to retain login details for websites you commonly visit, while tracking cookies may be used to create a record of one’s browsing history. Apart from these there are a wide variety of terms used to describe the different uses of cookies – https://w.wiki/3hJb use that EXIF data for their own purposes, such as to suggest people you may know who happened to be in the same location as your photo at around the same time. Also, consider that there are websites that offer reverse image searches (including Google), which, combined with social media, can find photos that you feature in via facial recognition. This could reveal whom you know, where you have been, what you have done etc. Reverse video search Say you have a video and want to find its origin, or you might want to see if your video has been plagiarised. It is currently not possible to upload a video clip and find other instances of it as you can for still images. This is technically feasible, but the storage and computational requirements would be massive, so it is not really done yet. But it will happen sooner or later. Today, to do a reverse video search, it is necessary to do one or more screengrabs of individual frames from the video of interest and upload those still images to reverse image search engines. A free plug-in tool for Chrome and Firefox called inVID, primarily for journalists, automates the above process and makes a reverse video search easier. See siliconchip.com.au/link/aba2 and siliconchip.com.au/link/aba3 for more details. Cookies & tracking pixels Cookies are small files that are stored on your computer to remember various settings when you visit a website. This way, you don’t come to a previously visited website as if you are a new visitor. For example, it will remember whether you logged into the website recently and keep you logged in. Unfortunately, while these can be very useful, they can also be abused to keep track of what pages of which websites you visit, so that certain sites can show you ads for products they think you might be interested in. If you’ve ever searched for a product or service online, you will usually find you are presented with numerous ads for that good or service afterwards. This is called “remarketing” (see Fig.5). Google dominates the field with its Google Ads. The technique used by marketers (and spammers and phishers) is to implement a “web beacon” or “tracking pixel”. This involves an invisible image, often a single pixel, embedded in a web page. The initiation of the download by your computer involves sending identifying information such as your IP address, device type, OS, screen size, referring site, time of visitation, browser or email client and cookies that may have been previously sent. This allows the remote server to generate a unique session ID and target you for future advertising, plus Photos on social media Even though photos uploaded to social media sites typically have their EXIF data automatically stripped for publication, social media giants may siliconchip.com.au Fig.5: how ‘remarketing’ works. They keep track of items you view or search for online, then advertise them on other websites you visit. Australia’s electronics magazine November 2021  21 GDPR, tracking cookies and ‘opting in’ Up until 2016, websites were generally free to use cookies how they wanted to, including tracking users for serving targeted advertisements or other purposes. In 2016, the EU brought in its General Data Protection Regulation (GDPR; https://gdpr-info.eu/) laws. Because of the difficulty in knowing where website visitors are located, these laws have affected the way everyone interacts with websites. One of the biggest changes was requiring users to agree both that they are willing to accept tracking cookies, while also providing information on what other data is kept about user activity (eg, logging user IP addresses and search terms). The result of this is the widespread track your visits to other websites or App usage. All this is added to your ‘online profile’. Tracking pixels can also use cookies. Advertising networks that use tracking pixels include Facebook Ads, Google Ads, Snapchat, Pinterest, Quora, Twitter, Linkedin and Bing, among others. Other search engines There are many other search engines apart from Google, although Google is by far the largest with well over 90% of the market. The next most popular search engine is Microsoft’s Bing (USA). Yahoo (USA) holds third place, followed in no particular order by Baidu (China), Yandex (Russia), DuckDuckGo (USA), Ask (USA), Ecosia (Germany), Qwant (French) and AOL (USA). No search engine will be completely private or bias-free. DuckDuckGo has a good reputation for maintaining privacy and not having biased search results. It doesn’t track users, store search results or identify computers it’s being used from. Editor’s note: for improved privacy, consider a metasearch engine such as Searx (https://searx.me/). use of popups that appear when you first visit a website (or possibly every time), asking you whether you are willing to accept the cookies or not. Of course, they want you to accept them (why else would they be providing them?), so there is usually an “Accept All” button which dismisses that popup. However, under the GDPR law, they also need to provide you with an easy way to opt out of these cookies. So if you are concerned about being tracked, you should obviously do that. Unfortunately, it must be done for every website you visit - currently, there is no good way (apart from using a blocking tool) to apply that choice to every website you visit. There is some question whether However, it should be noted that email is an intrinsically insecure protocol. See the video titled “Is Protonmail Safe for Security and Privacy?” at https://youtu.be/8Ppl62Bl9RE You can also choose to host your own mail server in a non Fourteen Eyes nation (https://w.wiki/3jpk), or you can try encrypting all messages using PGP. Alternatives to Google Maps The collaborative OpenStreetMap is likely the largest alternative to Google Maps (found at www.openstreetmap.org). There is also software such as QGIS (www.qgis.org/en/site/) for many websites are truly compliant with the GDPR rules. For example, the rules state that it must be just as easy to opt out of the cookies as it is to opt in. They also say that users cannot be denied access to any services if they choose to opt out. Not all websites appear to adhere to those rules. Still, the fact that you have the option to opt out of many tracking cookies is arguably very good, despite the inconvenience caused by all those pop-ups (some of which are so large that they cover virtually the whole screen!). The GDPR also provides the guarantee that you can have your data deleted from the website’s servers if requested (called the “right to be forgotten”). people who want an alternative to Google Earth. Virtual assistant devices Amazon Alexa, Apple Siri, and Google Assistant are examples of virtual assistants that use artificial intelligence to provide natural-language interactivity to answer questions, manage emails and to-do lists, and control devices. By their very nature, they are always listening. Some devices perform voice recognition ‘in the cloud’ while others do it on the device. These and other virtual assistant devices have all raised privacy and security concerns. Free email Gmail offers a free email service but monitors the content of emails to generate targeted advertising. Some other free email providers do similar. ProtonMail (https://protonmail. com/) offers a secure, advert-free service but with some capacity limitations which can be extended for a fee. 22 Silicon Chip Amazon Alexa is a device used for home automation, and it has been noted to record conversations it hears while operating – www.nytimes.com/wirecutter/ blog/amazons-alexa-never-stops-listening-to-you/ Australia’s electronics magazine siliconchip.com.au Do tech giants listen to your conversations? It is often claimed that the tech giants listen to your conversations via your phone or webcam, pick out keywords and then deliver targeted advertising to you. We don’t know for sure that this is happening, although many people have tested it. Here are two random videos which suggest they do: “Is my phone listening to me? We tested it, here’s what happened” (https://youtu.be/CVazBWGgg64). “Facebook iPhone Listening into our Conversations for Advertising TEST” (https://youtu.be/U0SOxb_Lfps). There is an Australian video which could find no evidence, titled “Is Facebook listening in on your Conversations?” at https://youtu.be/ NX9dW5YYdMQ There is further discussion on the issue in the video titled “Is Facebook listening to your conversations?” at https://youtu.be/G1q5cQY4M34 If they do listen to what users are saying, it could be region-dependent, which might explain the differing results of these investigations. The Apple AirTag This is a tracking device to put on items such as key rings so they can be found if lost. They communicate via Bluetooth Low Energy (BLE), Ultra Wide Band radio (UWB) and near-field communication (NFC). All Apple devices participate in the tracking process. Fig.6: a vision of Bluetooth Mesh connectivity, from local sensors and up to ‘the cloud’. Source: Ericsson The Washington Post (note this is owned by Jeff Bezos of Amazon) claimed they could be misused to stalk people, at siliconchip.com.au/link/ ab9v But it’s not quite so clear cut: siliconchip.com.au/link/abb9 Tile is a similar product, also using BLE. The Samsung SmartTag uses either UWB or BLE, depending on the model. Mesh networks Most people are familiar with using Bluetooth to connect devices such as headphones, mice and wireless keyboards to computers or mobile phones. With Bluetooth Low Energy (BLE) version 5.0, ranges of 1000m or even more are possible outdoors (shorter in indoor or cluttered environments). Bluetooth Mesh is a mesh networking Content blockers, browsers and the like When using a browser in today’s internet, a content blocker or more can be essential to maintain security when browsing the web. These typically come as web browser addons and can be used to block adverts, trackers, malware sites and other scripts/content on webpages. This can be important as there have been cases of malware sneaking into Google Adverts. The most reliable blocker would be uBlock Origin (https://github.com/gorhill/ uBlock, the Origin name is important) and possibly in conjunction with uMatrix. For a network-wide supplement you can use a Raspberry Pi and install Pi-hole onto it (https://pi-hole.net/). This will let you block content even on your smart TV. For secure web browsers, you can look at un-Googled versions of Chromium (https://github.com/Eloston/ungoogled-chromium or https://iridiumbrowser. de/, the binaries can also be compiled yourself). There are many other alternatives if you’re willing to search for them, for example you can use a virtual private network (VPN) combined with TOR (https://www.torproject.org/). VPNs redirect your internet traffic through another location, making it harder for others to determine where that traffic is coming from. To reiterate a point, a ‘free’ VPN is likely not truly open about what they do with your data; Hola is an example of this: siliconchip.com.au/link/abb0 siliconchip.com.au Australia’s electronics magazine standard based on BLE. BLE was not commonly used until it was implemented on the Android and iOS platforms, where it is used (among other things) for COVID-19 contact tracing via Apps that use this feature. Bluetooth Mesh was introduced in July 2017 and the standard was finalised in December 2020. It can interconnect all manner of so-called “slave” devices such as sensors, lighting systems, actuators, security systems, environmental controls, phones, tablets, PCs, appliances and almost anything else IoT-related. Bluetooth Mesh devices can send and receive messages, but “gateway” devices also act as relay stations for messages from elsewhere on the mesh. Like any mesh network, Bluetooth Mesh networks do not need access to the internet to work. Data can travel long distances using only mesh nodes. That independence from the internet can be considered an advantage, depending on your point of view. The vision of Bluetooth Mesh is to have vast numbers of mesh devices rolled out throughout the world and controlling everything. An example is a “smart building” that would sense your arrival by some sort of wearable or implanted identity device (eg. NFC) and then adjust lights and heating and other controls to your liking and logs on your computer – see Fig.6. This automation is another way you could be surveilled. For example, every visit to the bathroom could be logged. A further extension is that millions of sensors everywhere could track every aspect of your life, wherever you are. And all without an internet connection. November 2021  23 ► ► Fig.7: a mobile automatic numberplate recognition (ANPR) system fitted to a NSW highway patrol vehicle. Source: www.flickr.com/ photos/34236324<at>N05/5017098510 Fig.8: the PortaPow is said to prevent ‘Juice Jacking’ by breaking the connections in the USB data lines. Amazon Sidewalk is another mesh network technology that connects and shares many low-bandwidth devices. Sidewalk is built into things like the Amazon Echo, Ring Security Cameras, outdoor lights, motion sensors, Tile trackers and other home automation devices. It is enabled by default in these devices, but can be turned off. It uses BLE for shorter ranges, 900MHz LoRaWAN (Long Range proprietary low-power wide-area network) for longer ranges and FSK (frequency-shift keying) for interacting with devices such as older garage door openers. The 900MHz frequency gives much better range than higher frequencies. With permission, other users such as neighbours can utilise up to 80kbps bandwidth on your Sidewalk device. We are not suggesting there are security defects in this. Nevertheless, some people have raised concerns about massive connectivity over a wide area, including the possibility that criminals could get access to the system. Apple HomeKit is a software framework from Apple to control smart appliances. It uses Bluetooth, BLE and WiFi for communications. Automatic car number plate recognition Today, automatic recognition of number plates is a fairly straightforward technology (see Fig.7), and many police vehicles are equipped with it. It is also likely that surveillance cameras 24 Silicon Chip around Australia (public or private) can also track motorists via their number plates; this is definitely true for the ‘point-to-point’ average speed cameras in various locations such as between Victoria and NSW. Most Australian shopping centres also now use number plate recognition for car park billing, to track how long you have spent in their parking lot. Possibly compromised commercial products In 2018, Chinese Hikvision and Dahua cameras were banned from critical infrastructure by the US Government because many security researchers have been concerned they have deliberately installed “backdoor” code to transmit video and network data for espionage purposes. Many such cameras have been installed around critical infrastructure in Australia. The Sydney Morning Herald published an article (siliconchip.com.au/ link/ab9z) stating that various Australian Government agencies, including the Department of Defence, have removed Hikvision cameras. However, it is not clear if they have been banned in Australia. A few months ago, I saw a Hikvision camera being installed in Victoria as part of a fixed speed and red light camera installation. I reported it to my local member of parliament, but he did nothing. See also articles from the ABC (siliconchip.com.au/link/aba0) and Australia’s electronics magazine GadgetGuy (siliconchip.com.au/link/ aba1). There are similar concerns with Huawei 5G mobile data systems, which were banned in Australia and the USA over espionage concerns. Juice Jacking Charging your phone by plugging it directly into a USB charging port at public places (eg, airports) has potential risks. Criminals have been known to compromise these data ports to install malware on your phone, or steal your personal information. This type of attack is known as “Juice Jacking”. It can be prevented by only charging your phone using a mains adaptor, or using a USB charging cable with the data lines disconnected (which you can buy or make yourself). Hikvision cameras were banned by the US government from being used in “critical infrastructure”. siliconchip.com.au making it harder to track them. John McAfee’s Privacy Phone Fig.9: movements of Sydneysiders using the Citymapper App from the 2nd of March 2020 to the 17th of July 2021. A device called a PortaPow (Fig.8) enables charging, but has no data lines connected, and there are others like it. Both Apple and Android have taken measures to minimise Juice Jacking. Citymapper (https://citymapper. com/) is an App you can voluntarily install to upload your movements to build a database of aggregate movement data in various cities worldwide. Even without the map, you can view the data (see Fig.9). mobile phone location data such as via GPS or tower triangulation, nearby WiFi or mesh networks, IP address ranges etc. Various apps use geofencing for purposes such as advertising. For example, there have been times when I have walked into a store and received a notification on my phone that a particular product was on sale (because I had that retailer’s App installed on my phone). Until that point, I was not aware that the retailer was tracking my movements. Geofencing Privacy phones A geofence is a designated geographic area in which some type of notification is sent or received if a subject leaves, enters or is present in an area (Fig.10). Location information comes via such means as GPS, RFID, OK, so it’s clear that all sorts of people want to track you. What can you do about it? One of the biggest offenders is the smartphone, so here are some phones that aim to offer greatly improved privacy to their users, Citymapper Fig.10: an example of how location data and a geofence can be used to send an advertising message. siliconchip.com.au In 2017, John McAfee of MGT Capital Investments (https://mgtci.com/), who recently died under mysterious circumstances, announced what he believed was the most “hackproof” phone ever created, called the McAfee Privacy Phone (see Fig.11). It was Android-based and designed in conjunction with the Nordic IT Sourcing Association https://nordicit. org/, with features such as physical switches to disconnect the battery, WiFi, Bluetooth and GPS antennas, camera and microphone. It was also said to be able to detect and not connect to IMSI-catcher devices (to be described next month), and had an anonymiser for web searches. The phone appears never to have been released. The Braxman Privacy Phone Rob Braxman is a Los Angeles based security consultant and privacy expert (The “Internet Privacy Guy”) and has a YouTube channel at www.youtube. com/c/BraxMe In the interest of privacy, he produces de-Googled phones. de-Googling (or deGoogling) is a worldwide privacy movement established due to privacy concerns about data collection by private companies. A de-Googled phone is based on the Android Open Source Project (AOSP) with no GAPPS (Google Apps) or Google Play Store, only software drivers for the individual phone. The phone is mostly like a standard Android phone, but without any meaningful communication with Google’s servers. Fig.11: the never-released McAfee Privacy Phone. Source: https://twitter.com/officialmcafee/status/856880269160325120 Australia’s electronics magazine November 2021  25 Google will not know who owns the phone or any form of identity to do with the phone. There will be no Google services such as constant location tracking via WiFi scanning, reports to Google of App usage, contact tracing, Google ID, device fingerprinting, or uploading any audio, photos, video, etc. Rob Braxman regards this as the only current solution to a privacy phone, apart from Linux phones, which are still under development. When turning on a de-Googled phone, there is no login to Google and no association with your email address, so your activities can’t be tracked and logged by Google and associated Apps. However, the phone carrier will still be able to identify the phone by its SIM card and IMEI number, as would law enforcement agencies. A phone can collect a lot of data such as location via WiFi scanning, GPS, movement via inertial movement sensors, facial recognition, cameras, microphones, fingerprints etc. But a de-Googled phone prevents the collection of any of this data in a central repository. Android versions that come with standard phones are tightly integrated with Google, so the original version in ROM has to be replaced (not a recommended procedure unless you are an expert). Not all phones can be de-Googled. There are many flavours of Android for de-Googled phones, the most popular being LineageOS (https://lineageos. org/; we don’t recommend you attempt de-Googling your phone, unless you know what you are doing). A list of other Android versions, or custom ROMs (or firmware) as they are also known, is at: https://w.wiki/3uRX Rob Braxman notes that privacy can never be achieved on an iPhone because of Apple’s tight control over the phone identity via Apple ID and Apps. Also consider the new ‘backdoor’ Apple has introduced to allow for client-side scanning of end-to-end encryption on iMessage (see the EFF at siliconchip.com.au/link/abaz). In the video by Rob Braxman titled “What it’s like to use a De-Googled phone in real life? (Q&A of concerns)” at https://youtu.be/mqSCmT5S-2w he addresses numerous concerns about de-Googled phones. The most 26 Silicon Chip interesting questions & answers (abbreviated) are: What Google Apps can be used on a de-Googled phone? No Google Drive, Google Photos, Gmail, YouTube, Google Play Store, or Chrome browser. You can still do a Google search via other browsers or use other search engines. Waze no longer works as it now uses Google Maps. NewPipe can be used as a YouTube client, K-9 Mail to access Gmail and other email providers, NextCloud for cloud services. Can I install my favourite Apps? About 90% of Apps will work on a de-Googled phone as long as two additional Apps are included: Aurora Store, a replacement Google Play Store client, and MicroG, an open-source implementation of proprietary Google Play Services Android libraries to spoof Google Maps and Google Notifications, as might be required by some Apps. Why do some Apps not work on a de-Googled phone? These Apps rely on Google infrastructure (apart from Maps and Notifications) or Google Pay (eg, the Uber App will not work without it). Can the phone be used with zero connection to Google? There will still be traffic with Google even if spoofed and anonymised, such as via Aurora and MicroG. If zero connectivity with Google is desired, you can use the F-Droid Store. What can I use for navigation and maps? Open-source and free OsmAnd can be used for maps and navigation. However, it doesn’t have the crowdsourced information of Waze, such as traffic hazards. What about battery life? Without Google services, the battery life can be doubled. What is Google services doing that uses so much battery life? No one knows precisely, as the code is proprietary. But one thing Google themselves stated was that each phone collects the MAC addresses, GPS locations and signal strengths of every WiFi router the phone receives signals from. This builds the Google Australia’s electronics magazine database for WiFi location tracking. And all that data is associated with your Google ID. Other activities might include using Bluetooth contact tracing. The code is there, whether it is used or not. App usage is also monitored. The constant telemetry back to Google services all uses energy and thus battery life. Contact tracing is part of Google (and Apple iOS) and will not work on de-Googled phones. Google contact tracing was introduced around May 2020. What other privacy measures are needed for a de-Googled phone? The key is “identity management” and to ensure Apps don’t give away too much of your data such as IP address, email address, location etc, which can all be used to make a unique “fingerprint”. Facebook and associated Apps are regarded as particularly bad in this regard, so it is recommended not to use these on a privacy-oriented phone. Deny Apps any unnecessary information such as location. One should also use a VPN on a phone or at home or the office. How do I transfer phone service to a de-Googled phone? Just move the SIM card to the new phone. How do I acquire a de-Googled phone? You can do it yourself with advanced skills if you are aware of the possibility of ‘bricking’ the phone. You need a phone capable of being de-Googled (see https://lineageos.org/), or purchase one. Make sure any phone you purchase is suitable for use in Australia or wherever you live. We haven’t tested them, but for those interested, various privacy products from Rob Braxman can be seen at siliconchip.com.au/link/aba5 The Freedom Phone The just-released Freedom Phone (https://freedomphone.com/) is from the USA (but made in China...). It is described as “a free speech and privacy first focused phone. With features like tracking blockers and an uncensorable app store”. It runs FreedomOS (https:// github.com/agravelot/FreedomOS), a de-Googled version of Android for OnePlus devices. siliconchip.com.au The e Foundation The e Foundation builds de-Googled Android operating systems for smartphones with an emphasis on privacy (https://e.foundation/). They say: “Your smartphone is harvesting your data all day long, capturing with great detail where you are, who you are, and what you’re doing 24/7. Time to escape from Mobile Surveillance!”. See a video review of the /e/ Phone titled “Android without Google: the /e/ Project blew me away!” at https:// youtu.be/C9fFiaGv2WA Linux phones There are several Linux distributions emphasising privacy available for smartphones, such as Ubuntu Touch, postmarketOS, Sailfish OS, Mobian and LuneOS. PureOS (https://pureos.net/) is a free Linux distribution emphasising privacy maintained by Purism, for the company’s Librem laptop and smartphone, but available free to all. Linux won’t work on all phones. We definitely don’t recommend you attempt to install it unless you have expertlevel skills. Can you track a mobile phone that is turned off? Maybe. Over the years, there have been claims that governments can listen in on the microphone of a phone that has been turned off, or track such a phone, or both. It is undoubtedly true that many electronic appliances, including some phones, are not truly ‘off’ when they are switched off; they are in a ‘standby’ state. TVs are a common example. Some circuitry is always active with modern TVs, awaiting inputs such as a switch-on signal from a remote control. According to the Washington Post in 2013, the US NSA (National Security Agency) since 2004 could use a technique called “The Find” to find a cell phone that was switched off. However, they gave no details on how that works. See siliconchip.com.au/link/aba6 In 2006, it was reported that the US FBI had a technique known as “roving bug” which allowed them to listen in on conversations heard by a mobile phone’s microphone, even though the phone was not engaged in a call, and which might have even been ‘turned off’ at the time. siliconchip.com.au Who is or was Big Brother? This image is an interpretation of what Big Brother might look like (credit: Free Art License, copyright Frederic Guimont). Big Brother was the fictional leader of the totalitarian state Oceania in George Orwell’s famous novel Nineteen Eighty Four. In Oceania, the ruling party was “Ingsoc”, and it exercised power over Oceania’s inhabitants “for its own sake”. Party members were under constant surveillance by “Telescreens”, but the majority of the population were Proles, deliberately uneducated manual labourers living in poverty, with short lives. But they were not likely to rebel as long as they were kept fed and entertained, so they were not surveilled. At the risk of being accused of Wrongthink, we would like to remind today’s leaders that George Orwell intended Nineteen Eighty Four to be a warning, not an instruction manual! In 2014, former CIA employee Edward Snowden (living in Russia since his leaks) said that the NSA could eavesdrop on cell phones when they are turned off. Regarding iPhones, he said, “They can absolutely turn them on with the power turned off to the device.” We are not privy to the techniques these security agencies use. It has been suggested that one possible method is to install malware in a target’s phone while it is switched on. The malware gives the appearance that a phone is turned off when the user turns it off, but it is actually on, and the microphone is recording and transmitting conversations. Location tracking could be done similarly. A further detail is that the above security exploits are achieved when the phone is placed in a low-power mode with only the baseband processor activated. The baseband processor in a phone has its own operating system and is responsible for the radio functions of the phone, which might be subject to exploitation. Quoting Wikipedia: Since the software which runs on baseband processors is usually proprietary, it is impossible to perform an independent code audit. By reverse engineering some of the baseband chips, researchers have found security vulnerabilities that could be used to access and modify data on the phone remotely. In March 2014, makers of the free Android derivative Replicant announced they have found a backdoor in the baseband software of Samsung Galaxy phones that allows remote access to the user data stored on the phone. Testing your internet security You can test aspects of your internet security by visiting www.grc.com/ shieldsup This company is highly reputable and has been around for a SC long time. PureOS is a Debian-based Linux distribution for Purism’s phone and laptop line focused on privacy and security. In the past Purism had done some interesting write-ups on Intel’s Management Engine, which some have described as a “backdoor” (EFF – siliconchip.com.au/link/abb1). Australia’s electronics magazine November 2021  27