this post was submitted on 27 Jan 2024
407 points (99.8% liked)

Technology

59689 readers
3200 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

NSA finally admits to spying on Americans by purchasing sensitive data::Violating Americans’ privacy "not just unethical but illegal," senator says.

all 28 comments
sorted by: hot top controversial new old
[–] minibyte 44 points 10 months ago (2 children)

I’m only disappointed because they BOUGHT my data. I figured they stole it.

[–] [email protected] 9 points 10 months ago

Seriously with the budget they have and numerous existing legal holes in the 4th Amendment, they just went and threw money to whoever could and would sell metadata to get every last crumb of information? At what point should the comparisons to the Stasi become incredibly concerning to the average individual?

[–] [email protected] 9 points 10 months ago

So not only do they spy on you, but you're also indirectly paying for it through taxes

[–] [email protected] 31 points 10 months ago (2 children)

Didn't snowden leaks confirm this?

[–] [email protected] 5 points 10 months ago

The Snowden leaks proved that the NSA was spying on Americans, but the excuse back then was that it was "just metadata" and since then the narrative has focused on Snowden being in Russia and that therefore he must be a Russian plant and that we should all focus on that instead of the fact that this unconstitutional program exists and that we're all being spied on by our own government.

[–] [email protected] 2 points 10 months ago (1 children)

I have t read the article yet but followed to Snowden story closely. On the surface, i think the purchase part is different.

In the last interview I saw with him, he mentioned end to end encryption makes a bit of a difference, wonder if this is affected by that?

[–] [email protected] 2 points 10 months ago

Could be some loophole where reading something unencrypted can be compared to open radio transmissions, while cracking encryption to opening paper mail.

(Just imagining.)

[–] [email protected] 10 points 10 months ago* (last edited 10 months ago) (1 children)

I bet, if they haven't already, some of the info stored by sites is how we interact with it. And I bet with AI you can pretty much fingerprint someone based on habits.

So even your alt accounts will know it's you.

Edit: why do you think Reddit made the big push for their own app? Engagement, time spent looking at a post, how fast you scroll past something, all useful metrics for ad revenue. And we know that ad companies like tracking us.

Any spooky shit comes after the systems are developed for ads.

[–] [email protected] 5 points 10 months ago (4 children)

I don't think AI is necessary. Reddit was able to find all my alt accounts pretty easily years back. Now I'm banned I can't even sign up without the new account being banned in a few days for trying to circumvent it.

[–] [email protected] 7 points 10 months ago

Eh, it was detecting my alts when I wouldn't clean cookies before registering a new one. When I would, it wouldn't.

Cleaning caches and cookies for the website you are creating an alt on is basic procedure.

[–] [email protected] 4 points 10 months ago* (last edited 10 months ago) (3 children)

Edit: ~~Likely~~ Sounds to me like an IP and/or MAC address ban (MAC address is tied to motherboards IIRC). I got banned once from one of my old favorite games (PSO2) for mistakenly swapping my vpn mid game. After a lot of troubleshooting and an apartment move in between, a MAC spoofing program is what did the trick.

Side note, does lemmy use markdown format? If not, does anyone know what it uses?

[–] [email protected] 6 points 10 months ago* (last edited 10 months ago) (1 children)

Reddit can't see your MAC address. You don't have a direct L2 connection to Reddit.

While the game can, since it's running on your machine and can see everything.

EDIT: And I doubt they do IP bans of subnets given to end users, that's stupid, people change IPs all the time.

[–] [email protected] 1 points 10 months ago

Yeah, that was poor wording on my part, reading my comment back. I said it's likely that it was either of those, but I was thinking more along the lines of "it sounds similar to either of those". I also doubt they do IP bans, and I don't know enough about MAC address logistics. I assumed they'd be able to pull that info from a web browser, depending on the one used.

[–] [email protected] 3 points 10 months ago (1 children)

MAC address is tied to motherboards IIRC

It isn't. It's tied to your network hardware, and can be randomised/changed at will (or at least, the one it sends out can be altered). Some phones do that when connecting, to make it harder to track them, for example.

If you're using an ethernet port on your motherboard, then it'd be tied to that, but if you're using Wi-Fi/Ethernet from a Network card, it'll be connected to the card.

[–] [email protected] 1 points 10 months ago

Ah, that makes more sense. I couldn't remember the specifics but I've have always done ethernet on my pc so that checks out for my experience.

[–] [email protected] 2 points 10 months ago

I think it's a combination of IP address as well as app fingerprint when you login to multiple accounts within their app - they can see each account coming from the exact same app/device. I personally believe this was a HUGE part of killing off third party apps so they could collect a lot more data directly about you in their own app.

And IP factors in too. I was in hospital WiFi for a few days when my kid was born and got a random message on all of my accounts that I was banned for 7 days for "ban evasion". Never been banned before and had only posted on some parent subs during that time.

I think the IP address probably had bans associated with it given it was such a huge public network and was next door to a high school that used the hospital food court a lot too, and thus the WiFi also.

[–] [email protected] 3 points 10 months ago

Depends, depends. In your case it's probably about cookies, or IP. Maybe it's inferred identity, hence why it takes a few days.

Are cookies or IP enough for 90% of people? Yeah. But I'm sure that data is worth less, because they already have tons of data on those folks.

What about the 10% that might be using a VPN? The <1% using tor?

That data could be more valuable because it's harder to get.

[–] [email protected] 2 points 10 months ago

That's pretty impressive

[–] matlag 7 points 10 months ago (1 children)

What's interesting here is they no longer need to hack and crack devices through loopholes and backdoors schemes.

All the data they need are already collected by private corporations with the pro-active collaboratron of the users themselves ("Click here to agree to the terms and conditions").

[–] [email protected] 3 points 10 months ago (1 children)

It's been that way for a long time. It's kinda bizarre that when it's slimy marketing company that wants the data to use to manipulate people into buys shit its all 'sign me up!"

But if the NSA looks at the exact same data in the interests of national security suddenly it's "wait no.... my privacyyyyyyyyy."

The old argument of "if you aren't doing anything illegal, there's nothing to worry about" wasn't valid in the past because it meant sacrificing privacy which is something that had value. But now that argument is valid because people signed over their privacy for a small discount or whatever. You already have marketing people, the slimiest people on the planet, poring over that data and trading it around with other companies. So people obviously have no issue with creepy people looking at their data. It's almost like putting personal information on billboard and getting upset that a government employee happened to glance at that billboard while driving by.

If you put data on the market where anyone that pays a small fee can look at it, don't be surprised if the NSA pays the fee to to take a peak. We can be certain that agencies in Russia, China and whatever other country wants to have it has gotten it, so the NSA is going to at least want to know what they know.

[–] [email protected] 1 points 10 months ago (1 children)

Well, some things are stochastic in daily life, but pretty coherent over long periods. In 00s lots of people were enthusiastic over that data harvesting etc creating us a new future. As something which will make the future interesting, even if dangerous.

Well, here it is. Nothing interesting, but the dangers are exactly as expected. As it always happens.

[–] [email protected] 0 points 10 months ago

Yeah there needed to be privacy laws passed back then. It's going to very difficult to do now because there's so much money involved. Personally I think 90% of the "data-driven economy" is bullshit and we'd be better off without it. But when Google, Facebook, etc. are saying "if you pass this law, we will lay of X% of our workforce" it's difficult to to do, even though those companies will likely lay off those workers regardless.

Sometimes I think of an alternate reality where Al Gore was president back then. He invented the internet! Yeah, I know that thing was just GOP disinformation, but he did actually care about technology. Maybe technology growth could've gone down a better path. Instead we got Dubya and a war in Iraq.

[–] [email protected] 6 points 10 months ago

This is the best summary I could come up with:


The National Security Agency (NSA) has admitted to buying records from data brokers detailing which websites and apps Americans use, US Senator Ron Wyden (D-Ore.) revealed Thursday.

"The US government should not be funding and legitimizing a shady industry whose flagrant violations of Americans' privacy are not just unethical but illegal," Wyden said in a letter to Director of National Intelligence (DNI) Avril Haines.

To fix the problem, Wyden wants intelligence communities to agree to inventory and then "promptly" purge the data that they allegedly illegally collected on Americans without a warrant.

Wyden's spokesperson, Keith Chu, told Ars that "the data brokers selling Internet records to the government appear to engage in nearly identical conduct" to X-Mode.

That includes some commercially available information on Americans "where one side of the communications is a US Internet Protocol address and the other is located abroad," data which Nakasone said is "critical to protecting the US Defense Industrial Base" that sustains military weapons systems.

Rather than being a customer in this sketchy marketplace, intelligence agencies should stop funding companies allegedly guilty of what the FTC has described as "intrusive" and "unchecked" surveillance of Americans, Wyden said.


The original article contains 976 words, the summary contains 193 words. Saved 80%. I'm a bot and I'm open source!

[–] [email protected] 5 points 10 months ago (1 children)

This is why it's so terrible that you need email for everything and you need a phone number for email and to view a video on youtube and with a VPN you are constantly blocked and captcha'd.

[–] [email protected] 2 points 10 months ago (1 children)

You don't need a phone number to register an Outlook mailbox, of all companies. And they even don't object that much if you create plenty of alts. That's funny.

But I'm not sure if there's any other major email provider where you can get a free mailbox with IMAP without a phone number.

[–] [email protected] 1 points 10 months ago (1 children)

Not sure about outlook, but creating a new microsoft account failed recently. I suspect this also depends if you're in the US or EU. Europe requires id card to register phone and almost all big email and social media now require phone numbers. Making you basically immediately personally identifiable. Or if you're on any kind of VPN or not. Knowing this definitely has a chilling effect on me.

[–] [email protected] 1 points 10 months ago

I'm talking about outlook specifically.