click the image to see the original video

I saw the most horrifying ad ever during the Super Bowl this last weekend. Ring (the company that makes camera doorbells) tried to convince us that their AI-assisted image recognition software would help save the PWOOR WIDDLE PUBBIES! when it's clear as day that they're building a surveillance network using customers who are opted in to the 'service' by default without their consent.

Even if you weren't already aware of and terrified of the surveillance by corporations like Google, Meta, and others, hopefully you get that when they sell this to government agencies like ICE, the NSA, FBI, and so on, that's a big, big problem.

Ring needs to be given the finger in every way possible. We need to tell the to shove their surveillance where the sun don't shine – encourage state Attorney Generals to sue and block this and, ideally, to do go further and investigate/fine/pass laws to protect our data gathered by Amazon echos and similar.

Click the thumbnail above or click here to see the video on BlueSky.

Minority Report : Tom Cruise
(See online!)

Summary

In the not-too-distant future, technology has progressed to the point that we can predict murders and convict people before the crime is committed. When the name of the officer running the program comes up as a murderer one day, he has to find a way to prove his innocence… assuming he doesn't actually do the crime.

Spoilers ahead!

You can see that people have a lot of trust in the police. They accept the incarceration of people who the police say would have committed murder even though the crime never happened. At one point, a horde of spider-like machines is released into a building to scan people's retinas to prove their identity. A couple in the middle of arguing heavily stop to allow the machines to crawl onto their face, point light into their eyes, and then resume the argument immediately after. Every time they walk into a store, the automated displays greet them by name and ask them about prior purchase before making customized recommendations on something else they might like.

One that most people miss is the scene where Tom Cruise's character is eating a bowl of cereal and because he put the box down on the counter next to his TV, a quiet advertisement for the cereal begins to play. Cruise, annoyed, throws the box across the room.

There are some great lessons about government trust and accountability plus it's a great action flick. I definitely recommend it! To learn more, click the movie thumbnail above.

Being innocent isn't enough

(Image used under: Creative Commons 2.0 [SRC])

It's a proven fact that there are more strangers than people you know. While there may be some percentage of complete strangers who will treat your private life with the same care and diligence as a close friend or family member would, odds are that most won't. Though most people aren't dangerous, some are and they don't come with forehead labels so you can tell the difference.

Why should I care? I've done nothing wrong

According to who? Some would say that because you have a house and a TV and maybe a nice phone, your privilege grants them the right to target you for burglary. When I was a government worker, that fact alone justified harm in some people's minds (stick it to "the man"!) while elsewhere in the world, simply being a US citizen means you're guilty and deserving of death. What if you simply look similar to a known terrorist? Did you leave a big enough tip at the restaurant?

("from): mom's ex boyfriend. He was a waiter at a very elite restaurant and had normally expected very nice tips. Some guy left him a $5 tip for an over $100 bill and he got pissed and posted the customer's information on Facebook.

The world is made up mostly of people who don't know or care about you, but might depending on what information they find about you. Whether you post it yourself or its exposed accidentally, all it takes is one errant tweet or photo taken out of context to get you fired, harassed, or sent death threats.

Once someone decides to target you, the ways they can harm you is limited only by what information they have about you and their imagination.

Outrage doesn't stop to consider or wait for an explanation. Evil doesn't feel remorse or mercy. Once someone decides they don't like you, the ways they can harm you is limited only by what information they have about you and their imagination.

Did you know that thieves are watching social posts to find out which houses are unguarded while the family is on vacation (and if your insurance finds out, they may not pay)? What if someone doesn't like how you treated them and can find out where you work? It's not especially difficult to contact someone's boss and make a case for why you shouldn't have a job anymore… and depending on what I know about you and share with the boss, it might not be that hard of a pitch.

It's worse than you think

Why you should never talk to the police
(See online!)

Snooping and judging is the new norm. Do you imagine I won't dig up everything I can find on someone who wants to date my daughters? Do you still think you can get a job and not have your own social posts brought up in the interview?

Our courtrooms live and breath on the evidence that comes from your online activity. Lawyers, co-workers, or ex-lovers may all be motivated to paint you as someone you're not. Could they use your emails and comments to make you look biased, predisposed, violent, or whatever else they need to win? Sometimes police and politicians are under so much pressure to make someone pay that they're not very careful about who actually goes to jail. It's in your best interests not to hand them the knife they stab you with

Small bits of data can add up to a clear picture... and it might not be one you want people to see

And then there's the everyday data gathering businesses and online sites do every day to profile you and exploit your weaknesses for money. Even when it's as simple as giving private information to the dentist or rental car company, information they hold has a habit of leaking away to even more people you don't know. When you give information to organizations like these, you have no idea how many people or what kind of people will end up in possession of it leading to ID Theft or worse.

Summary

Privacy is simple risk management: there are far more people in the world that you don't know and trust compared to people you do. Giving information to people who's motivations and capabilities are unclear is not smart and not safe. Stop saying "I have nothing to hide" and start saying "why do you want to know?"

Until and unless you can determine a specific and valid reason to give up private information, you shouldn't give it. Learn more about protecting your data and identity in my Goodbye Identity Theft course.

Gattaca : Ethan Hawke
(See online!)

In the near future, your job and dating prospects are all a factor of your DNA and the quality of your genetics. Much like the risk of people hunting you down online that we have today, this shows how the essence of who you are could be used against you. Some examples:

Spoilers ahead!

• A girl takes a stray hair to the corner DNA lab to check out a guy she's interested in.
• Our protagonist, who's parents decided to let grow naturally in the womb instead of letting the fetus be genetically perfected, has inferior DNA. This prevents him from getting any kind of job better than cleaning toilets.
• Even though people are legally protected from DNA collection, potential applicants who don't "volunteer" a sample are considered unhirable. Though illegal, the discrimination is impossible to prove..
• Desperate people use the DNA of others to borrow identities so they can get things they otherwise couldn't.
• All police searches, checks, investigations, etc. involve checking DNA.

Basically, it's a cautionary tale of what we could become if we let our genetic data become the standard by which we're treated in society.

An RFID tag hidden under a label

An RFID tag is nothing more than a little chip attached to a paper-thin antenna. The chip's basic function is to store and transmit a small amount of information, usually just a unique identifier. What good is that? Well:

Pros

• RFID attached to shipping pallets can make it easier for companies to track and monitor shipments.
• By replacing UPC codes with RFID labels on individual products (like a can of soda), stores can track inventory, prevent shoplifting, and develop systems that automatically charge you for whats in your cart without you having to stop and scan each item.
• As a cheap short-range wireless transmission system, RFID is perfect for making printers who can tell you if you install the wrong ink or toner cartridge or cars that can sense the air pressure in your tires.
• Because RFID doesn't require physical contact, pass cards like those used for secure door access or subway systems will last far longer than those that use magnetic stripes. Further, because the cards only need to be waved in front of a reader, people can get through the control points a few seconds faster. Multiply by tens or hundreds of people a day and the over-all efficiency skyrockets.
• RFID chips can be implanted under the skin of animals to make them easy to identify if they become lost or stolen.
• Chips implanted in humans can be used in place of the medical alert bracelets which can come off or become hard to read over time.

Though there hundreds of visionary and useful things you can do RFID, because they typically lack strong security controls there are serious risks that come with them too!

Cons

Don't underestimate how easy it would be to track and monitor people by the poorly-secured RFID tags they carry
(See online!)

• If someone steals a pallet full of products from a warehouse, but leaves the RFID chip, the company probably wouldn't know for days or weeks afterward (however long it takes for a real human to go looking).
• A shoplifter with a handheld RFID blaster can remove the tags and walk right out of the store.
• RFID enabled printers coffee machines can prevent you from reusing or buying off-brand replacement supplies.
• Those quickpay and access RFIDs can be easily copied from a distance. Now the bag guy gets free tolls, free gas, or can walk right into your building while the systems assign the responsibility to you.
• RFID has been debated for mandatory implantation in Alzheimer's patients, illegal aliens, and even the military. Because the chips aren't protected, once implanted, they can be used to track the movements and activities of the subjects causing serious privacy concerns. In addition to the possible cancer risks, the chips have been known to tunnel through the skin over time causing damage as well as making it impossible for you to get an MRI in the future if you should need one.

US passports now have RFID that researchers used to trigger an RFID smart bomb
• And how about the fact that your unsecured RFID chip could get hacked and become a tool for spreading viruses?
• Cameras can be programmed to look for specific kinds of RFID or specific people and snap a photo when you go by
• RFID can and WILL be used to track humans and their daily activities. Research is ongoing
• Making yourself "machine readable" makes it possible for someone to program a bomb with your "number" on it.

Making RFID Safe

On the plus side again, RFID can help prevent infant abduction or hospital mixups.

RFID, like most technology, isn't something that can (or necessarily should) be stopped. Intstead, we need to harness and direct the technology to reduce the threat. To do this, we need to look at three risk aspects of RFID:

1. Poor authentication

One of the primary issues with RFID and the main thing that makes all the nightmare scenarios possible is that unsecured RFID broadcasts to anyone and everyone. For any implementation of RFID to be acceptable, the chips must be programmed only to speak to proper readers who authenticated themselves first.

For example, say you have a refrigerator that scans the food inside. When you put food inside, the fridge should program the food with a one-time code that makes it impossible for the chips in the packaging to respond to any other reader.

Think no one cares what the contents of your fridge are? Think again.

2. Poor (or no) encryption

Even after a chip authenticates a reader, if it sends the data out in the open, anyone else nearby (or not so nearby) can read it too. All communications between a chip and authenticated reader must be encrypted to prevent eavesdropping by others.

3. Use of Long-term RFID

Implantation is permanent. Passports are good for 10 years. Companies plan to replace UPC barcodes with RFID that will transmit ID codes for the life of the product (from creation to landfill and beyond).

Every RFID implementations will eventually be hacked by someone. All it takes is one person in the world to find a way to break the system and the security is no good anymore (like the millions and millions of pounds wasted with the UK passports). Secure implementations can slow it down or help, but the best defense is NO RFID.

I can't see implants ever making sense and you definitely want to be sure the products you wear and carry around can't be used to wirelessly communicate with the world around them.

Let's just get your SSN, a few fingernail cuttings, an elbow-print, a sample of saliva, and fill out this form of all your deepest fears and personal secrets!

(Image is in the Public Domain)

Defending your information doesn't stop when you walk out the front door. How many times when you're at the store, at the doctor's office, or otherwise out and about does someone ask for your private information? Do you provide it? Should you? How can you know?

The defense is simply this: ask. Why do they want to know? What will they do with it? How do they protect it? Ask and depending on the answer, decide what to do. For example:

• When I went to a new dentist, they asked for my social security number. When I asked, they claimed they needed it for insurance purposes, but a quick call to the insurance company confirmed that wasn't the case and I refused. They were able to put a random number instead and everything worked fine: I got service and they got paid.

I was once asked for my SSN at a video-rental store! Obviously they didn't need it for anything, but it made me wonder how many people provided it just because they were asked.


Most stores will take the Jenny number for discounts and such
(See online!)
• Lots of stores have "club cards" or some kind of membership where you theoretically get discounts or they can pull up your purchase history for returns or some such nonsense. Depending on the specifics, I might sign up (leaving everything I can blank — which is usually a lot if not most of it), but sometimes I'll just give them a common phone number that someone else has already set up. Specifically your area code plus one of the following almost always works: 555-1212 (the number to general information) or 867-5309 (the Jenny number).
• Electronic signatures are everywhere, but are you really comfortable giving companies yet another important piece of data to lose? The system isn't going to check what you put in (even if you draw funny or inappropriate pics instead) so it's up to you what to do in this case. If I were of a privacy mind, I might draw the first letter of my signature for myself (so I could tell later it was me who signed it) and then scribble the rest randomly.

Fun fact: I quite literally stopped the nurses at the birthing ward to ask them why they wanted a SSN on the admission paperwork while my wife was in active labor in the wheelchair behind me. Due to the impending baby, we agreed to handle the paperwork later (spoiler alert: they didn't need it either).

Summary

By being stingy with my data, I have avoided letting people put my information into yet another computer system and be at risk from abuse and hacking. It's not a 100% solution of course, but it costs me little other than some time and confused looks from employees who've never been challenged before. For my effort, my data is harder to find, harder to lose, and harder to exploit.

Exercise

Exercise by Nick Youngson - Alpha Stock Images

(Image used under: Creative Commons 3.0 [SRC])

This section doesn't lend itself well to exercises. Just be careful out there ok?

What you can do is check out the resources page (next in the guide) and make sure to click any remaining orange-colored dots next to the lessons in the guide. This will mark them complete and once all are so-marked, you will receive a course-completion badge in your profile. Congrats for making it through 🙂

Better late than never...">

Many

(Image is in the Public Domain)

Not a bad start at all. Granted, I think we should be able to block data brokers from having our information, but we have to begin somewhere.

(article found at Slashdot.)