Article 43

 

Broadband Privacy

Thursday, August 20, 2020

Toyota’s Connected Car

image: toyota phone home

New Toyotas will upload data to AWS to help create custom insurance premiums based on driver behaviour
Connected car vision has been in first gear for years, cloudy scale could jump-start plans

By Simon Sharwood, APAC Editor
The Register
August 18, 2020

Toyota has expanded its collaboration with Amazon Web Services in ways that will see many of its models upload performance data into the Amazonian cloud to expand the services the auto-maker offers to drivers and fleet owners.

Toyota already operates a “Mobility Services Platform” that it says helps it to” develop, deploy, and manage the next generation of data-driven mobility services for driver and passenger safety, security, comfort, and convenience.”

That data comes from a device called the “Data Communication Module” (DCM) that Toyota fits into many models in Japan, the USA and China.

Toyota reckons “the data could turn into new contextual services such as car share, rideshare, full-service lease, and new corporate and consumer services such as proactive vehicle maintenance notifications and driving behavior-based insurance.”

The company has touted that vision since at least the year 2016, but precious little evidence of it turning into products is available.

Which may be why Toyota has signed with AWS for not just cloud tech but also professional services.

The two companies say their joint efforts “will help build a foundation for streamlined and secure data sharing throughout the company and accelerate its move toward CASE (Connected, Autonomous/Automated, Shared and Electric) mobility technologies.”

Neither party has specified just which bits of the AWS cloud Toyota will take for a spin but it seems sensible to suggest the auto-maker is going to need lots of storage and analytics capabilities, making AWS S3 and Kinesis likely candidates for a test drive.

Whatever Toyota uses, prepare for privacy ponderings because while cheaper car insurance sounds lovely, having an insurer source driving data from a manufacturer has plenty of potential pitfalls.

SOURCE

COMMENTS

Posted by Elvis on 08/20/20 •
Section Privacy And Rights • Section Broadband Privacy
View (0) comment(s) or add a new one
Printable viewLink to this article
Home

Sunday, August 16, 2020

Shadow Gate

image: shadowgate

INFOWARS reporter MILLIE WEAVER was just ARRESTED moments before releasing her new documentary on Shadowgate/Obamagate… AFTER Millie was arrested, one of the other whistleblowers involved, TORE, released it anyways.
- NOX and Friends, August 15, 2020

Back in 2006 we found out AT&T PUT ALL ITS INTERNET TRAFFIC INTO A SPLITTER AND SENT ONE OF THOSE FEEDS TO THE NSA:

AT&T provided National Security Agency eavesdroppers with full access to its customers phone calls, and shunted its customers’ internet traffic to DATA-MINING EQUIPMENT installed in a secret room in its San Francisco switching center, according to a former AT&T worker cooperating in the Electronic Frontier Foundations lawsuit against the company

The next year AT&T LET US KNOW IT CAN SHARE OUR PHONE RECORDS WITH WHOEVER THEY PLEASE:

The new privacy policy basically lets AT&T do anything it wants with your information. (Remember, according to the company, its its information.) The specific claim is that AT&T can do whatever it wants with your/its data “to protect [the companys] legitimate business interests.”

To back it up, government started SHREDDING PEOPLES’ PRIVACY RIGHTS:

The new law gives the attorney general or the director of national intelligence the authority to APPROVE SURVEILLANCE of suspected terrorists overseas.

Over the years things have gotten much worse regarding privacy and rights.

Take PRISM FOR EXAMPLE:

This program, code-named PRISM, allowed the NSA and FBI to tap directly into the servers of major U.S. Internet companies such as Google, Apple, Microsoft, Facebook and AOL.

Then came Assange and WIKILEAKS, followed by SNOWDEN and all the stuff his whistle blowing revealed:

Some people take Snowden at face value. Others simply cannot believe a 29 year old could have stolen so many documents from the most advanced spying agency on Earth without getting caught or being secretly sanctioned to do so.

The theory is that it was a NWO (New World Order) tactic to intimidate the public by letting them know they are surveilled slaves and that there’s nothing they can do about it. Then, after the initial shock and explosion, this became a drip-drip-drip disclosure of just how egregiously your privacy and rights are being violated, with the subliminal message that youd better be afraid, because you’re being monitored 24/7.

Who owns The Intercept? First Look Media, owned by Pierre Omidyar, a rich oligarch who founded eBay. So now, the entire trove of leaked NSA documents are in the hands of a private billionaire, probably never to see the light of day again. Was this the plan from the start?

It looks like we don’t just have a internet feed going to the NSA. We got another going to CORPORATE AMERICA.

IF YOU CAN BELIEVE IT this new documentary “Shadow Gate” [ ONLINE | DOWNLOAD ] picks up where SNOWDEN LEFT OFF:

Weaver also claimed these contractors were responsible for creating the fake news in mainstream media. She alleged that the “shadow government” was responsible for spurring the recent nationwide protests and promoting the defund the police movement.

Weaver goes on to accuse Republicans and Democrats of working together in a plot to bring down President Trump. Both parties are equally guilty of covering up what should turn out to be an even bigger scandal.

Shadow Gate: the tactical and operational role the shadow government played behind the scenes carrying out the coup against President Trump. We’re going to be looking behind the puppets at who the real puppet master, string-pullers are.

---

Shadow Gate documentary released after “Millennial Millie” Weaver gets arrested
There are a lot of questions surrounding what’s going on, but one thing is certain: THE DOCUMENTARY is a must watch.

By Scott Boyd
NOQ Report
August 15, 2020

Independent journalist ”MILLENIAL MILLIE” Weaver and her husband were arrested at their home yesterday just prior to the release of their documentary. TORE SAYS, one of the main sources in the documentary, released the video on her YouTube channel, seen above.

Very little has been reported about the arrests, but her name trended on Twitter and HER GOFUNDME PAGE collected well more than the goal for her emergency legal fund. Here’s the VIDEO OF HER ARREST.

According to MEAWW:

In a shocking piece of news, investigative reporter Millie Weaver and her husband were arrested at their home. The arrest comes in the wake of her documentary release on the topic of the US “shadow government” which was all set to be screened on YouTube as she had teased in her last tweet. While there seems to be no confirmation as to why she was taken by the officers, a string of speculative theories seem to have popped up on social media.

Born on February 6, 1991, in San Bernardino, California, United States, Weaver was an aspiring actress and singer who went on to be a political activist and reporter. She is a mother to a four-year-old son and a nine-month-old daughter, as per a report from YHStars.com. Not just that, the same report says that the 29-year-old was named as one Newsmax’s “30 Most Influential Republicans Under 30.”

On August 11, 2020, she posted the trailer with the caption: The ObamaGate scandal only scratches the surface. This may the biggest whistleblowing event to date. Official Trailer - Shadow Gate. After the shocking news, the tweet went viral with over 7,000 retweets and 8,000 likes in a few hours. The narration in the trailer says, “Both parties are equally guilty in what should turn out to be an even bigger scandal.” Shadow Gate the tactical and operational role the shadow government played behind the scenes carrying out the coup against President Trump. The trailer also detailed that the documentary would detail who the real puppetmasters and string-pullers are.

This video is a must-watch. Millie Weaver takes us all down the rabbit hole of Deep State corruption that is far worse than weve seen in the past. The timing of her arrest cant be a coincidence.

SOURCE

Posted by Elvis on 08/16/20 •
Section Revelations • Section Privacy And Rights • Section Broadband Privacy • Section Dying America
View (0) comment(s) or add a new one
Printable viewLink to this article
Home

Saturday, August 08, 2020

Splinternet

image: splinternet

One of the unifying themes I seek to emphasize here is the importance of the Internet and the many media that feed into it as the most influential shaper of current events. When are we being played by experts in psyops and deception and when are we dealing with spontaneous developments that could not have been planned or spun to advance predetermined political agendas? What is the role of the Internet?
- Battle for the Internet, June 8, 2020, American Herald Tribune

Is the US about to split the internet?

By James Clayton - North America technology reporter
BBC
August 7, 2020

US Secretary of State Mike Pompeo says he wants a “clean” internet.

What he means by that is he wants to remove Chinese influence, and Chinese companies, from the internet in the US.

But critics believe this will bolster a worrying movement towards the breaking up of the global internet.

The so called “splinternet” is generally used when talking about China, and more recently Russia.

The idea is that there’s nothing inherent or pre-ordained about the internet being global.

For governments that want to control what people see on the internet, it makes sense to take ownership of it.

The GREAT FIREWALL OF CHINA is the best example of a nation putting up the internet equivalent of a wall around itself. You won’t find a Google search engine or Facebook in China.

What people didn’t expect was that the US might follow China’s lead.

Yet critics believe that is the corollary of Mr Pompeo’s statement on Thursday.

Mr Pompeo said he wanted to remove “untrusted” applications from US mobile app stores.

“People’s Republic of China apps threaten our privacy, proliferate viruses, and spread propaganda and disinformation,” he said.

The first question that sprang to mind was: what are the Chinese apps that Mr Pompeo does trust? The assumption is very much that he’s talking about ALL Chinese apps.

“It’s shocking,” says Alan Woodward, a security expert based at the University of Surrey. “This is the Balkanisation of the internet happening in front of our eyes.

“The US government has for a long time criticised other countries for controlling access to the internet and now we see the Americans doing the same thing.”

That might be a slight exaggeration. Mr Pompeo’s reasons for “cleaning” the US network of Chinese companies is very different to authoritarian government’s desire to control what is said online.

But it’s true that if Mr Pompeo were to go down this road, it would be reversing decades of US cyber-policy.

If there is one country that has championed a free internet, based on the constitutional tenets of free speech, it is America.

President Donald Trump’s administration has taken a different approach though, in part because of the legitimate security concerns that some Chinese companies operating in the US raise.

WeChat warning

Alex Stamos, former chief security officer at Facebook, told me that much-mentioned TikTok was just the tip of the iceberg in terms of Chinese apps to worry about.

“TikTok isn’t even in my top 10,” he told me.

The app Mr Stamos suggests the US should be more wary of is Tencent’s WeChat.

“WeChat is one of the most popular messaging apps in the world - people run companies on We Chat, they have incredibly sensitive information.”

Mr Pompeo has also namechecked WeChat as a potential future target.

It’s hard not to view this through the prism of the US elections in November. Mr Trump’s anti-China rhetoric isn’t limited to tech.

Policy or posture?

So is this a policy position - or simply posture?

Mr Trump may also of course lose in November. The Democrats would probably take a more moderate position on Chinese tech.

But, as it stands, Mr Trump’s vision of the US internet - an internet in the main free of China - makes it a far more divided place.

The great irony is that the internet would then look a lot more like China’s vision.

Just look at TikTok itself. If Microsoft does buy the US arm there will be three TikToks.

A TikTok in China (called Douyin). A rest of the world TikTok. And a TikTok in the US.

Could that be a model for the future of the internet?

SOURCE

Posted by Elvis on 08/08/20 •
Section Privacy And Rights • Section Broadband Privacy
View (0) comment(s) or add a new one
Printable viewLink to this article
Home

Monday, March 09, 2020

DNS Tunneling

image: cybercrime

How Hackers Use DNS Tunneling to Own Your Network

By Ron Lifinski, Cyber Security Researcher
Cynet
October 22, 2018

DNS Tunneling

Most organizations have a firewall that acts as a filter between their sensitive internal networks and the threatening global Internet. DNS tunneling has been around for a while.  But it continues to cost companies and has seen hackers invest more time and effort developing tools.  A recent study[1] found that DNS attacks in the UK alone have risen 105% in the past year.  DNS tunneling is attractivehackers can get any data in and out of your internal network while bypassing most firewalls. Whether it֒s used to command and control (C&C) compromised systems, leak sensitive data outside, or to tunnel inside your closed network, DNS Tunneling poses a substantial risk to your organization. Heres everything you need to know about the attack, the tools and how to stop it.

Introduction

DNS tunneling has been around since the early 2000s, when NSTX[2] an easy to use tool has been published to the masses. Since then there was a clear trend - tighter firewall security led to more widespread DNS tunneling. By 2011 it had already been used by malware such as Morto[3] and Feederbot[4] for C&C, and by the popular malicious payload for point-of-sale systems FrameworkPOS[5] for credit card exfiltration.

Why It’s a Problem

DNS was originally made for name resolution and not for data transfer, so its often not seen as a malicious communications and data exfiltration threat. Because DNS is a well-established and trusted protocol, hackers know that organizations rarely analyze DNS packets for malicious activity. DNS has less attention and most organizations focus resources on analyzing web or email traffic where they believe attacks often take place. In reality, diligent endpoint monitoring is required to find and prevent DNS tunneling.

Furthermore, tunneling toolkits have become an industry and are wildly available on the Internet, so hackers don’t really need technical sophistication to implement DNS tunneling attacks.

Common Abuse Cases (and the tools that make them possible)

Malware command and control (C&C) Malware can use DNS Tunneling to receive commands from its control servers, and upload data to the internet without opening a single TCP/UDP connection to an external server. Tools like DNSCAT2 are made specifically used for C&C purposes.

Create a “firewall bypassing tunnel” - DNS Tunneling allows an attacker to place himself into the internal network by creating a complete tunnel. Tools like IODINE allow you to create a common network between devices by creating a full IPv4 tunnel.

Bypass captive portals for paid Wi-Fi A lot of captive portal systems allow all DNS traffic out, so it’s possible to tunnel IP traffic without paying a fee. Some commercial services even provide a server-side tunnel as a service. Tools like YOUR-FREEDOM are made specifically for escaping captive portals.

How It Works

image: dns tunnel

The attacker acquires a domain, for example, evilsite.com.

The attacker configures the domains name servers to his own DNS server.

The attacker delegates a subdomain, such as “tun.evilsite.com” and configures his machine as the subdomain’s authoritative DNS server.

Any DNS request made by the victim to “{data}.tun.evilsite.com” will end up reaching the attacker’s machine.

The attacker’s machine encodes a response that will get routed back to the victim’s machine.

A bidirectional data transfer channel is achieved using a DNS tunneling tool.

References

[1] www dot infosecurity-magazine.com/news/dns-attack-costs-soar-105-in-uk

[2] thomer dot com/howtos/nstx.html

[3] www dot symantec.com/connect/blogs/morto-worm-sets-dns-record

[4] chrisdietri dot ch/post/feederbot-botnet-using-dns-command-and-control/

[5] www dot gdatasoftware.com/blog/2014/10/23942-new-frameworkpos-variant-exfiltrates-data-via-dns-requests

[6] github dot com/iagox86/dnscat

[7] github dot com/yarrick/iodine

[8] heyoka dot sourceforge.net/

SOURCE

Posted by Elvis on 03/09/20 •
Section Privacy And Rights • Section Broadband Privacy
View (0) comment(s) or add a new one
Printable viewLink to this article
Home

Tuesday, November 12, 2019

Project Nightingale

image: google

Google’s “Project Nightingale” analyzes medical records to create “Patient Search” for health providers

By Abner Li
9to5Google
Nov 2019

Beyond the ACQUISTION OF FITBIT earlier this month, Google’s health ambitions are multi-faceted and extend into services for hospitals and health providers. Such an effort named Project Nightingale was detailed today, along with the end product: Patient Search.

The Wall Street Journal today REPORTED on Project Nightingale, with Forbes providing more details on the effort, including screenshots.  Ascension - one of the country’s largest healthcare systems - is moving its patient records to Google Cloud. This complete health history includes lab results, doctor diagnoses, and hospitalization records.

In turn, Google is analyzing and compiling that data into a Patient Search tool that allows doctors and other health professionals to conveniently see all patient data on an overview page.

The page includes notes about patient medical issues, test results and medications, including information from scanned documents, according to presentations viewed by Forbes.

The interface is quite straightforward and not too different from hospitals that offer results directly to patients today.

Internally, the project is being developed within Google Cloud, and 150 Googlers reportedly have access to the data. This includes Google Brain, the companys internal AI research division. The WSJ describes another tool in development that uses machine learning to suggest possible patient treatment changes to doctors.

Google in this case is using the data, in part, to design new software, underpinned by advanced artificial intelligence and machine learning, that zeroes in on individual patients to suggest changes to their care.

That appears to be further off in the distance compared to ԒPatient Search, which is already deployed to Ascension facilities in Florida and Texas, with more locations planned this year. Google is apparently not charging Ascension for the work and could offer the tool to other health systems in the future.

When asked for comment, Google said Project Nightingale abides by all federal laws and that privacy protections are in place. Experts that spoke to the WSJ believe that this initiative is allowed under the Health Insurance Portability and Accountability Act (HIPPA).

SOURCE

Posted by Elvis on 11/12/19 •
Section Privacy And Rights • Section Broadband Privacy
View (0) comment(s) or add a new one
Printable viewLink to this article
Home
Page 1 of 26 pages  1 2 3 >  Last »

Statistics

Total page hits 9999979
Page rendered in 1.2566 seconds
40 queries executed
Debug mode is off
Total Entries: 3275
Total Comments: 337
Most Recent Entry: 11/24/2020 12:34 pm
Most Recent Comment on: 01/02/2016 09:13 pm
Total Logged in members: 0
Total guests: 13
Total anonymous users: 0
The most visitors ever was 172 on 12/25/2019 07:40 am


Email Us

Home

Members:
Login | Register
Resumes | Members

In memory of the layed off workers of AT&T

Today's Diversion

The chief lesson I have learned in a long life is that the only way you can make a man trustworthy is to trust him; and the surest way to make him untrustworthy is to distrust him and show your distrust. - Politician Henry L. Stimson

Search


Advanced Search

Sections

Calendar

December 2020
S M T W T F S
    1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28 29 30 31    

Must Read

Most recent entries

RSS Feeds

Today's News

ARS Technica

External Links

Elvis Picks

BLS and FRED Pages

Favorites

All Posts

Archives

RSS


Creative Commons License


Support Bloggers' Rights