privacy – Michmutters

This Anti-Tracking Tool Checks If You’re Being Followed

Matt Edmondson, at federal agent with the Department of Homeland Security for the last 21 years, got a call for help last year. A friend working in another part of government—he won’t say which one—was worried that someone might have been tailing them when they were meeting a confidential informant who had links to a terrorist organization. If they were being followed, their source’s cover may have been blown. “It was literally a matter of life and death,” Edmondson says.

“If you’re trying to tell whether you’re being followed, there are surveillance detection routes,” Edmondson says. If you’re driving, you can change lanes on a freeway, perform a U-turn, or change your route. Each can help determine whether a car is following you. But it didn’t feel like enough, Edmondson says. “He had those skills, but he was just looking for an electronic supplement,” Edmondson explains. “He was worried about the safety of the confidential informant.”

After not finding any existing tools that could help, Edmondson, a hacker and digital forensics expert, decided to build his own anti-tracking tool. The Raspberry Pi-powered system, which can be carried around or sit in a car, scans for nearby devices and alerts you if the same phone is detected multiple times within the past 20 minutes. In theory it can alert you if a car is tailing you. Edmondson built the system using parts that cost around $200 in total, and will present the research project at the Black Hat security conference in Las Vegas this week. He’s also open-sourced its underlying code.

The anti-tracking tool is made up of a Raspberry Pi, wireless signal detectors, and a battery pack.

Photographer: Matt Edmondson

In recent years there’s been an explosion in the number of ways people can be tracked by domestic abusers, stalkers, or those in the murky world of government-backed espionage. Tracking can either be software- or hardware-based. Stalkerware and spyware that can be installed directly on people’s phones can give attackers access to all your location data, messages, photos, videos, and more, while physical trackers—such as Apple’s AirTags—have been used to track where people are in real time . (In response to criticism, Apple has added some anti-tracking tools to AirTags.)

A quick search online reveals plenty of tracking tools, which are easy to buy. “There’s so much out there to spy on people, and so little to help people who are wondering whether they’re being spied on,” Edmondson says.

The homemade system works by scanning for wireless devices around it and then checking its logs to see whether they were also present within the past 20 minutes. It was designed to be used while people are on the move rather than sitting in, say, a coffee shop, where it would pick up too many false readings.

The anti-tracking tool, which can sit inside a shoebox-sized case, is made up of a few components. A Raspberry Pi 3 runs its software, a Wi-Fi card looks for nearby devices, a small waterproof case protects it, and a portable charger powers the system. A touchscreen shows the alerts the device produces. Each alert may be a sign that you are being tailed.



Lawsuit filed by Kobe Bryant’s widow over graphic crash photos to be heard by LA jury

A lawsuit filed by the widow of NBA star Kobe Bryant over photos taken of his body immediately after his death will begin Wednesday US time in Los Angeles.

Vanessa Bryant is suing the LA County Sheriff’s Department and the city’s fire department for invasion of privacy, seeking unspecified millions in compensation for pictures taken of the basketballer’s body that were circulated after he was killed in a helicopter crash with their daughter and seven others in 2020 .

Mrs Bryant claims deputies did not take the photos for investigative purposes, and shared them with firefighters who responded to the crash scene. The lawsuit says a deputy showed the photos to bar patrons and a firefighter showed them to off-duty colleagues.

“Mrs Bryant feels ill at the thought that sheriff’s deputies, firefighters and members of the public have gawked at gratuitous images of her deceased husband and child,” according to the lawsuit.

“She lives in fear that she or her children will one day confront horrific images of their loved ones online.”

Kobe Bryant, their 13-year-old daughter, Gianna, and other parents and players were flying to a girls’ basketball tournament when their chartered helicopter crashed in the Calabasas hills, west of Los Angeles, in fog.

Federal safety officials later blamed pilot error for the wreck.

A zoomed-in photo shows firefighters in yellow hi-vis uniforms working next to smoking wreckage on a tree-lined hillside.
Firefighters at the scene of the helicopter crash that killed NBA star Kobe Bryant, along with his daughter and seven others, in January 2020.(AP Photo: Mark J Terrill)

Mrs Bryant has also sued the helicopter charter company and the deceased pilot’s estate.

The county has argued that Mrs Bryant has suffered emotional distress from the deaths, not the photos, which were ordered deleted by Sheriff Alex Villanueva.

It said the photos have never been in the media, on the internet nor otherwise publicly disseminated, and the lawsuit is speculative about harm she might suffer.



How to Use Lockdown Mode in iOS 16 to Make Your Phone More Secure

Apple prides itself on the security measures built into its software and hardware—and it continues to add new protections and safeguards over time. Lockdown Mode is a new feature heading to iPhones, iPads, and Macs later this year, and it promises to protect your devices from “highly targeted cyberattacks.”

As you might surmise from the name, Lockdown Mode is a bit like closing the shutters, double-bolting the doors, and turning off all the lights in your home. It severely restricts the kinds of activity allowed on your devices, the logic being that if something unwanted has gained access, the damage will be limited.

For example, attachments other than images get turned off in Messages, and link previews are disabled. Incoming FaceTime calls from unknown numbers are blocked, as are wired connections with other hardware and accessories. Shared albums are removed from the Photos app, and new shared album invitations are blocked.

On a more technical level, a number of web technologies are turned off, including just-in-time (JIT) JavaScript compilation (where code is run and compiled at the same time.) In addition, configuration profiles (for work or school for example) can’t be installed.

Lockdown Mode will be arriving on iPhones with iOS 16.

Courtesy of Apple

Lockdown Mode is disabled by default but can be enabled on an iPhone by going to Settingsthen Privacy and Securitythen LockdownMode. Turning it on or off requires a system reboot and the device’s PIN. While Apple is describing the feature as something for users at risk from “state-sponsored mercenary spyware”—which sounds like high-profile targets—anyone will be able to switch it on for additional protection.

“Lockdown Mode is an extreme, optional protection that should only be used if you believe you may be personally targeted by a highly sophisticated cyberattack,” is the way that Apple puts it in its support documentation. “Most people are never targeted by attacks of this nature.”

As Apple explains, the overall idea is to reduce the attack surface that malware and spyware have access to. Tools including the Pegasus spyware package developed by the NSO Group have the potential to read texts, track calls, collect passwords, monitor a user’s location, and more—and some require no interaction from the user.

With Pegasus, for example, a WhatsApp call to the target device is all it takes for the spyware to start its work, even if the call isn’t answered. It’s worth noting that this particular piece of spyware is blocked from running on devices with iOS 15 or higher installed, but there are plenty of other threats still out there, and plenty more that will be developed in the future.



WhatsApp Says It Won’t Let Governments Scan User Conversations

WhatsApp is currently one of the most popular instant messaging platforms in the entire world, and needless to say, whenever a new government bill related to user privacy is under debate, the Meta-owned company obviously has an important word to say.

This time, the Online Safety Bill in the United Kingdom is the one that’s giving WhatsApp headaches, as the local government would essentially be able to scan user conversations and look for any content that would be related to child abuse.

In other words, the government is looking into a way to break the end-to-end encryption, something that WhatsApp isn’t willing to accept.

WhatsApp: Breaking E2E is a big no-no

CEO Will Cathcart told BBC in an interview that WhatsApp wouldn’t agree to compromise the privacy of all users just because the government wants to scan the conversations of a small number of accounts.

“Client-side scanning cannot work in practice. If we had to lower security for the world, to accommodate the requirement in one country, that…would be very foolish for us to accept, making our product less desirable to 98% of our users because of the requirements from 2%. What’s being proposed is that we – either directly or indirectly through software – read everyone’s messages. I don’t think people want that,” Cathcart said.

On the other hand, the government says that end-to-end encryption could eventually become a roadblock in every attempt to catch criminals hiding under this technology when going online.

“They shouldn’t ignore the clear risk that end-to-end encryption could blind them to this content and hamper efforts to catch the perpetrators,” a government spokesperson was quoted as saying by the same source. “We continue to work with the tech sector to support the development of innovative technologies that protect public safety without compromising on privacy.”