Time to patch (Intel released new firmware) and go on with life. Keys in secure hardware reportedly can be exposed in as little as a few minutes:
…timing leakage on Intel firmware-based TPM (fTPM) as well as in STMicroelectronics’ TPM chip. Both exhibit secret-dependent execution times during cryptographic signature generation. While the key should remain safely inside the TPM hardware, we show how this information allows an attacker to recover 256-bit private keys…
In 2013 I was flying around speaking on big data security controls, and waste water analysis was one of my go-to examples of privacy and integrity risks.
The charts I showed sometimes were the most popular drugs detected in each city’s wastewater site (e.g. cocaine in Oregon) and I would joke that we could write a guide-book to the world based on what “logs” were found.
Scientists at that time claimed the ability to look at city-wide water treatment plants and backtrack outputs to city-block locality. In near future they said it would be possible to backtrack to house or building.
For example, you get a prescription for a drug and the insurance company buys your wastewater metadata because it shows you’re taking the generic drug version while putting brand label receipts in claim forms. Or someone looks at past 5 year analysis of drugs you’re on, based on sewer data science, to estimate your insurance rates.
This wasn’t entirely novel for me. As a kid I was fascinated by an archaeologist who specialized in digs of the Old West. Everything in a frontier town might be thrown down the hole (e.g. destroy evidence of “edge” behavior), so she would write narratives about real life based on the bottles, pistols, clothes, etc found in and around where an outhouse once stood.
I’m a little surprised, therefore, that instead of a water sensor for toilets the latest startups ask people to use their phones to take pictures of their stool and upload.
…Auggi, a gut-health startup that’s building an app for people to track gastrointestinal issues, and Seed Health, which works on applying microbes to human health and sells probiotics — are soliciting poop photos from anyone who wants to send them. The companies began collecting the photos online on Monday via a campaign cheekily called “Give a S–t”…
It’s a novel approach in that you aren’t pinned to the toilet in your home and can go outside and take pictures of poop on a sidewalk to upload.
This could be a game-changer given how many rideshare drivers are relieving themselves in cities like San Francisco.
Here’s the sort of chart we need right now, and not just because it looks like ride-share companies giving us the finger.
Uber’s army of 45,000 people suddenly driving from far-away places into a tiny 7 mile by 7 mile peninsula, with zero plans for their healthcare needs, infamously drove up rates of feces deposited all over public places.
…anecdotal complaints have gotten the attention of San Francisco City Attorney Dennis Herrera. Last week, his office released information for the first time about the number of Uber and Lyft drivers estimated to be working in the city: 45,000. To compare, 1,500 taxi medallions were given out [in 2016], according to the city’s Treasurer & Tax Collector. For perspective, Bruce Schaller, an urban transportation expert, said there are about 55,000 Uber, Lyft and other ride-sharing drivers in New York City, a metropolis of 8 million people, eight times the size of San Francisco.
I’ll just say it again, that a rise in human waste on the streets correlates pretty heavily to a rise of ride share drivers from far away needing a convenient place to relieve themselves (especially as many ended up sleeping in their cars).
In a conversation I had with a man in 2016 who had jumped out of his car to start peeing on the sidewalk in front of my house (despite surveillance cameras pointed right at him), he told me his plight:
There definitely was a spike in 2016, which perhaps could have been correlated to gig economy workers seeing that $700 bonus and wandering into the city.
In some cases it appears that ride-share drivers would accumulate a giant bag during the day and then throw it onto the street.
Sightings of human feces on the sidewalks are now a regular occurrence; over the past 10 years, complaints about human waste have increased 400%. People now call the city 65 times a day to report poop, and there have been 14,597 calls in 2018 alone. Last year, software engineer Jenn Wong even created a poop map of San Francisco, showing the concentration of incidents across the city. New mayor London Breed said: “There is more feces on the sidewalks than I’ve ever seen growing up here.” In a revolting recent incident, a 20lb bag of fecal waste showed up on a street in the city’s Tenderloin district.
Do you know what also became a regular occurrence over the past 10 years? Ride share vehicles with drivers needing to poop and no time or place to go.
Many people mistakenly attribute the dirty truth about ride-share driver behavior to homelessness, despite curious facts like “there aren’t actually more homeless people than there have been in the past”.
People also ignore the fact that being homeless and living on the street doesn’t mean that people don’t care about their living environment. Homeless are known actually to clean and sweep, whereas a driver is far more likely to poop at whatever spot they can get away with and then scoot.
I’m not sure why it is so hard for people to admit that a massive rise in ride-sharing drivers and no public restrooms for them becomes an obvious contributor of waste problems.
In one case I even saw an Uber SUV stop in the middle of a street, a passenger with a dog jumped out and peed directly uphill from a small restaurant with sidewalk seating…the Uber crew then jumped back in and sped away as those eating watched helplessly while rivers of hot dog urine flowed under their dining tables.
That kind of scenario is common sense bad, no? Just look at ride-sharing booms in the 1800s for cities like London, which led to special huts being built for driver care and control.
By 1898 newspapers around the world reported “40 shelters in London, accommodating 3500 cabmen, and there was a fund, provided mostly by subscription, for the maintenance of them.”
An app uploading photos for analysis, or even doing checks within the app itself, would both be a privacy threat to all the ride share drivers hoping to get away with their dirty business on streets, as well as give knowledge that would prove a city’s most vulnerable (homeless) populations aren’t always to blame.
It would also help analysis that often just assumes a public toilet is for people walking rather than drivers who could loiter anywhere in the city.
It’s a highly political topic, such that a “wasteland” interactive map with 2014 data turned into a crazy right-wing propaganda campaign to generate fear about San Francisco sanitation.
No mention ever is made in these political fights about unregulated ride-share drivers despite the obvious impact of at least 40,000 people driving into the city and around in circles all day every day generating pollution, noise, congestion and ultimately desperate for places to poop.
Waste analysis sensors could change all that and the real cost of Uber, Lyft etc could lead to sanitation fees (maintenance funds) for a modern-day Rideshare Shelter, which of course would have sensors on toilets.
However, already there’s a security issue mentioned in the plan for these startups. Their data collection requires people uploading photos to manually classify, which sounds to me like an integrity disaster. A recipe for shitty data, if you will.
[Jack Gilbert, a professor of pediatrics at the University of California San Diego School of Medicine and cofounder of the American Gut Project, a science project that solicits fecal samples from people] said that people are asked to rate their stool on the Bristol stool chart in pretty much every clinical trial he conducts, and automating this process would reduce bias and variation in data collection. “Human beings are just not very good at recording things,” he said.
Hopefully the startups will transition to the automated app and then traditional San Francisco residents who still walk on sidewalks, instead of calling a car to drive them three blocks, can use AI to efficiently report the prevalence of Uber poops.
Joshua Maddux tweeted easily reproducible evidence that the Facebook app turns on your iPhone camera without notifying you and at times you weren’t expecting. TNW picked up the story:
By now, everyone should be well aware that any iOS app that has been granted access to your camera can secretly record you. Back in 2017, researcher Felix Krause spoke to TNW about the same issue.
At the time, the researcher noted one way to deal with this privacy concern is to revoke camera access (though that arguably doesn’t make for a smooth software experience). Another thing he suggested is covering up your camera — like former FBI director James Comey and Facebook‘s own emperor Mark Zuckerberg do.
Before saying that everyone should expect allowing “emperor Zuckerberg” access to your camera means he will spy on you, however, the author backs down and says it’s unclear whether Facebook secretly taking video is to be expected by iPhone users.
It remains unclear if this is expected behavior or simply a bug in the software for iOS (we all know what Facebook will say; spoiler: “Muh, duh, guh, it’s a bug. We sorry.”). For what it’s worth, we’ve been unable to reproduce the issue on Android (version 10, used on Google Pixel 4).
See my earlier post on neo-absolutist card indexes for a historic reference of what life was like for those who couldn’t quit Facebook of the 1800s.
One reason Facebook could repeatedly issue blanket denials “we don’t use your sensors for ads” could be that they shovel meta data into analytic engines, and sell that to affiliates. Those other companies pay for the meta data. Someone else advertises to you, through this tortured logic.
Would that enable Facebook to claim they don’t consider themselves to be using the data for advertising? We’d have to do a deeper line of auditing to find out for sure. Looking at transfer of data is not enough anymore, as analytics increasingly can be done onboard mobile devices including drones collecting massive amounts of sensor data.
This also means Facebook could claim they have no evidence of photos, videos, etc being transmitted to them, while transmitting rich meta data about users based on sensor capture.
See this example thread, which claims Spotify was the one who decided to target ads.
The most direct question is whether Facebook is able to use listening to sell data to companies like Spotify as profile/targeting meta information, without revealing to Spotify or anyone else that a microphone or camera actually was used?
Updated: An official explanation has been posted:
We recently discovered that version 244 of the Facebook iOS app would incorrectly launch in landscape mode. In fixing that issue last week in v246 (launched on November 8th) we inadvertently introduced a bug that caused the app to partially navigate to the camera screen adjacent to News Feed when users tapped on photos. We have seen no evidence of photos or videos being uploaded due to this bug. We’re submitting the fix for this to Apple today.
And again Facebook doesn’t say there was no evidence of photos or video generating data, storing data or sending data, especially meta data or notes about what the camera could see. It says more narrowly that the photos and videos themselves weren’t uploaded.
Police have embraced an emerging tactic that may be giving paws to cyber criminals.
…English springer spaniels who can detect hidden electronic devices. They follow the scent of a chemical coating used in manufacturing just as police dogs can sniff out blood, explosives and narcotics.
This dogmatic approach is not far removed from SIM sniffers used in prisons
The dogs can do this because cell phones have a smell. The psychologist Stanley Coren once wrote that he left a collection of cell phone parts in boxes for ten days and opened them to find “a sweet metallic smell that I might fantasize that a newly built robot would have, with perhaps a faint ozone-like overtone.”
Time to launch a cologne called “Ozone Overtone”?