TAG | google
Back in 2010 I blogged about Google’s legal troubles over capturing sensitive open Wi-Fi data with their Street View cars.
In a nutshell, Google was accused of violating the federal Wiretap Act when it intercepted the data on open Wi-Fi networks it passed. The purpose was to capture just the MAC addresses of the base stations to improve their enhanced location services. It appears that recording small amounts of data was accidental. Certainly if they were trying to collect data, they could easily have grabbed much more.
Google lost that case and is now appealing to the Supreme Court, hoping to overturn the decision.
Obviously it was inappropriate for a company like Google to drive around sniffing people’s Wi-Fi traffic, but they are not really the threat. What we all need to be worried about is hackers war driving our neighborhoods, either using our networks to hide their illegal activities, or capturing our personal information for their own purposes.
Whatever the legal outcome of whether it is “OK” to sniff someone’s open Wi-Fi traffic, the reality is that people do, and doing so is trivial. Anyone with a laptop can download free software and be sucking down all the Internet activity in their local coffee shop in just minutes. I think laws like this give a false sense of security. It is like saying that, as you walk down the sidewalk, you can not look in through your neighbor’s big picture window at night when they leave the curtains open.
Thinking that people are “not allowed” to sniff your open Wi-Fi just gives a false sense of security. What we need to do is make sure that ALL Wi-Fi is securely encrypted. Even public Wi-Fi should be encrypted, even if the password is “password” and is posted prominently on the wall. Using encryption changes the situation from looking though a window as you walk by to drilling a peep hole through the wall.
None of should be in denial about this. Open Wi-Fi is insecure. It will be sniffed.
If you find yourself in a situation where you have to use an open Wi-Fi hotspot, for whatever reason, make sure you immediately establish a VPN to protect yourself. I might be biased, but I use Anonymizer Universal for this purpose.
The ability to use remotely loaded images in HTML emails for tracking has been known for years, but perhaps not widely known.
The On The Media: TLDR podcast just re-surfaced the issue in the above article, where they talk about a free Gmail plugin called Streak, which provides this capability.
It automatically embeds the hidden images in emails you send, then lets you see when and even where the recipient opens them.
Because they appear to use IP address based locations, you can block the “where” part by using Anonymizer Universal.
You can block this tracking completely by turning off the loading of images in your emails. Of course, if you then choose to load images, know that you are also enabling tracking. If you block image loading you will also find that your email become much less attractive and significantly more difficult to read.
TechCrunch has a nice article on the location tracking of Android based devices.
It is an “opt in” thing, but I suspect that most people are robo-approving all the questions they are asked when they are trying to get their new phones or tablets set up for the first time.
In this case, you may have given Google permission to track and maintain high resolution location information on you. That information is used to discover where you live and work, to improve weather, travel, and traffic information.
If you follow this link, you can see a track of your activities for up to the last 30 days. Really cool in a very frightening way.
Welcome to episode 13 of our podcast for September, 2013.
In this episode I will talk about:
A major security breach at Adobe
How airplane mode can make your iPhone vulnerable to theft
Russian plans to spy on visitors and athletes at the winter Olympics
Whether you should move your cloud storage to the EU to avoid surveillance
Identity thieves buying your personal information from information brokers and credit bureaus
How to stop google using your picture in its ads
Why carelessness lead to the capture of the operator of the Silk Road
And how Browser Fingerprinting allows websites to track you without cookies.
Please let me know what you think, and leave suggestions for future content, in the comments.
Google is changing its terms of service to allow them to use your name and photo in advertisements to your friends. Most people seem to have been opted in to this by default, although some (including me) have found themselves defaulted out of the program.
If you are uncomfortable with your name, picture, and opinions appearing in ads from Google, just go to Google’s Shared Endorsements Settings page. The page describes the program. At the bottom you will find a checkbox. Uncheck it, and click “Save”.