Mike Gerwitz

Activist for User Freedom

diff options
authorMike Gerwitz <mtg@gnu.org>2017-03-19 23:58:29 -0400
committerMike Gerwitz <mtg@gnu.org>2017-04-02 22:04:28 -0400
commite3d8a282e7fd58fb3011c76429e1b4b44e694a1a (patch)
parent4a30b85b20a79fd2323ff872c5fa7dbb9f6928a3 (diff)
Stationary section mostly ready
There's some stuff to augment; mainly, IoT like smart TVs. * slides.org (Stationary): Mostly ready. * sapsf.bib (insecam): Change entry date to match screenshot. * images/insecam-ss.png: insecam.org screenshot. * images/tp/remote-list: Add ACLU tracked paper title page image. * images/tp/SHA256SUM: Include hash of new image.
-rw-r--r--images/insecam-ss.pngbin0 -> 240966 bytes
5 files changed, 92 insertions, 59 deletions
diff --git a/images/insecam-ss.png b/images/insecam-ss.png
new file mode 100644
index 0000000..0047a3d
--- /dev/null
+++ b/images/insecam-ss.png
Binary files differ
diff --git a/images/tp/SHA256SUM b/images/tp/SHA256SUM
index c1d2892..e30819f 100644
--- a/images/tp/SHA256SUM
+++ b/images/tp/SHA256SUM
@@ -6,6 +6,7 @@ ca51e8ba23a87140b1f2cf573d4761df888d7f939947823c695004ce5d3f31f7 replicant.png
4b0050a377af1fcd72f14863408eef44d40e7ba6fe31e2121ec7c3a51781a752 alpr-capture.png
31597ba3731e6eccf2e68ae8b91ad25b2e6e4685814e723333d9ea1d2579b635 alpr-pips.png
e7029f70524f420ef32044aeae8280434d5b03ddbab4e90188409a93597c0726 sf-cameras.jpg
+67483c5d78b168782b787765284937b8a269ae6d87d4effbb58f4a7d603d8997 aclu-tracked.jpg
9edddcac31bbb09e4ba9f6fea5d36e5298ec65ce88d4c015121fc27edd466947 silverpush-logo.png
cfda12117815c35bfc51266d9e8227b1645dcd5ffe054c4ae9922e75595f09b9 ga-dashboard.png
d905d3b378daea4c002c873a4ad8192246959cb6df6fb470e29ade9f2b2354c9 piwik-dashboard.png
diff --git a/images/tp/remote-list b/images/tp/remote-list
index abf561a..72ffeae 100644
--- a/images/tp/remote-list
+++ b/images/tp/remote-list
@@ -6,6 +6,7 @@ alpr-mounted.png https://web.archive.org/web/20170318173251/https://www.eff.org/
alpr-capture.png https://web.archive.org/web/20170318173346/https://www.eff.org/files/2015/10/20/paxton_captures.png
alpr-pips.png https://web.archive.org/web/20170318173427/https://www.eff.org/files/2015/10/15/pipscam9_redacted.png
sf-cameras.jpg https://web.archive.org/web/20170318173846/https://cbssanfran.files.wordpress.com/2015/09/san_francisco_surveillance_cameras_092315.jpg
+aclu-tracked.jpg https://web.archive.org/web/20170320025735/https://www.aclu.org/sites/default/files/styles/content_area_full_width/public/field_media_media_image/web15-feature-alpr-report-580x535.jpg?itok=n_JYZGN5 -crop 410x535+170+0
silverpush-logo.png https://web.archive.org/web/20160623032522/http://1.bp.blogspot.com/-r9WGkxWE3RI/Vk9wK_RisSI/AAAAAAAAAy0/ZydFsogCrnc/s640/silverpush.png
ga-dashboard.png https://web.archive.org/web/20170315055350/https://www.google.com/analytics/images/analytics/features/hero_1x.png -crop 580x370+115+35
piwik-dashboard.png https://web.archive.org/web/20170310025254/https://piwik.org/wp-content/themes/piwik/assets/img/piwiklaptop.png -crop 730x520+225+85
diff --git a/sapsf.bib b/sapsf.bib
index 2448d63..90c0295 100644
--- a/sapsf.bib
+++ b/sapsf.bib
@@ -264,7 +264,7 @@
title = {Insecam - World biggest online cameras directory},
url = {http://insecam.org},
- urldate = {2017-03-12},
+ urldate = {2017-03-19},
annotation = {Load the HTTP (non-HTTPS) site, otherwise mixed content is
blocked and thumbnails will not work.}
diff --git a/slides.org b/slides.org
index 658610b..71ecc74 100644
--- a/slides.org
+++ b/slides.org
@@ -519,20 +519,21 @@ So even with Replicant,
-** REVIEWED Stationary [0/6]
-*** REVIEWED Introduction [0/1] :B_ignoreheading:
+** AUGMENT Stationary [5/5]
+*** READY Introduction [1/1] :B_ignoreheading:
:BEAMER_env: ignoreheading
-**** REVIEWED Introduction :B_fullframe:
+**** READY Introduction :B_fullframe:
:DURATION: 00:00:15
:BEAMER_env: fullframe
-``If you've got nothing to hide, you've got nothing to
- fear.''\cite{rosen:naked,solove:nothing-to-hide,metro:goebbels}
+``If you've got nothing to hide, you've got nothing
@@ -545,8 +546,8 @@ There's certain things that are nearly impossible to avoid.
This quote. We'll get back to it.
-*** REVIEWED Surveillance Cameras [0/6]
-**** REVIEWED Unavoidable Surveillance
+*** READY Surveillance Cameras (CCTV) [5/5]
+**** READY Unavoidable Surveillance
:DURATION: 00:00:10
@@ -567,7 +568,7 @@ Traffic cameras.
Cameras on streets to deter crime.
-**** REVIEWED Private Cameras in Plain View; Tinerloin, SF
+**** READY Private Cameras in Plain View; Tinerloin, SF
:DURATION: 00:00:30
@@ -581,7 +582,7 @@ Cameras on streets to deter crime.
``The idea that you can sort of meet in a public place and quietly have a
conversation that we’re sort of accustomed to from spy movies, that is
-really not realistic anymore,'' ---Nadia Kayyali, EFF
+really not realistic anymore,'' ---Nadia Kayyali, EFF\cite{cbs:sf-smile}
@@ -589,7 +590,7 @@ This is a map of private surveillance cameras in plain view around SF's
Tenderloin neighborhood.
Obviously your city or town might be different.
Could be worse, even.
-And again, these are just the ones that the DA's office found in
+And these are just the ones that the DA's office found in
/plain view/!
According to them,
@@ -601,9 +602,9 @@ Alright, so a bunch of private entities have you on camera;
-**** REVIEWED Access to Data
+**** READY Access to Data
-:DURATION: 00:01
+:DURATION: 00:00:45
- <1-> Data can be obtained with a warrant or subpoena
@@ -639,7 +640,7 @@ The best form of privacy is to avoid having the data be collected to begin
-**** REVIEWED Domain Awareness System (Intro) :B_fullframe:
+**** READY Domain Awareness System (Intro) :B_fullframe:
:DURATION: 00:00:30
:BEAMER_env: fullframe
@@ -648,10 +649,11 @@ The best form of privacy is to avoid having the data be collected to begin
\only<1>{What if all those cameras---including private---were connected?}
-\only<2>{NYPD---Domain Awareness System\incite{nyc:pspg}}
+\only<2>{\Huge NYPD\par Domain Awareness System\incite{nyc:pspg}}
+ \large
Although NYPD documents indicate that the system is specifically designed
for anti-terrorism operations, any incidental data it collects ``for a
legitimate law enforcement or public safety purpose'' by DAS can be
@@ -668,14 +670,14 @@ Let's talk about the NYPD's Domain Awareness System.
It was designed in part from the usual unjustifiable and irrational response
to terrorism threats after 9/11.
-But any ``incidental data'' can be used by law enforcement.
-Yeah, sounds familiar; business as usual.
+But any data this system collects for ``legtimate'' law enforcement or
+ public safety purposes can be used against you.
-**** REVIEWED Domain Awareness System
+**** READY Domain Awareness System
-:DURATION: 00:01
+:DURATION: 00:01:15
- <1-> Partnership between the NYPD and Microsoft at a cost of $230M
@@ -696,7 +698,7 @@ The Domain Awareness System is a partnership between Microsoft and the NYPD.
It's mammoth.
It's pretty amazing---it's like science fiction.
But I care about privacy,
- so instead I'm going to use adjectives like ``Orwellian''.
+ so instead I'm going to use adjectives like ``Orwellian'' and ``Kafkaesque''.
It contains over six thousand security cameras,
over two-thirds of which are private closed-circuit cameras.
@@ -725,29 +727,39 @@ In fact,
-*** REVIEWED Driver Surveillance
-**** REVIEWED Automated License Plate Readers (ALPRs)
+*** READY Driver Surveillance [3/3]
+**** READY Automated License Plate Readers (ALPRs)
:DURATION: 00:00:30
+***** Images
+:BEAMER_col: 0.50
#+BEAMER: \only<1>{
- #+ATTR_LATEX: :height 1.5in
- [[./images/tp/alpr-mounted.png]]\incite{eff:alpr}
+ [[./images/tp/alpr-mounted.png]]\par\incite{eff:alpr}
#+BEAMER: \only<2>{
- #+ATTR_LATEX: :height 1.5in
- [[./images/tp/alpr-capture.png]]\incite{eff:alpr}
+ [[./images/tp/alpr-capture.png]]\par\incite{eff:alpr}
+#+BEAMER: }
+#+BEAMER: \only<3>{
+ #+ATTR_LATEX: :height 2in
+ [[./images/tp/aclu-tracked.jpg]]\par\incite{aclu:tracked}
+***** Summary
+:BEAMER_col: 0.50
- Scan passing cars' license plates\cite{aclu:tracked,eff:alpr}
- - Produce alphanumeric representation with timestamp and photograph
+- Produce alphanumeric representation with timestamp and photograph
-So before we leave the topic of government surveillance for a little bit,
- I want to talk about a couple issues related to driver surveillance.
+I want to talk about a couple issues related to driver surveillance.
These things are a widespread, nasty threat to privacy,
and they don't need a sophisticated Domain Awareness System to deploy.
@@ -765,7 +777,7 @@ The ACLU has an excellent report on it,
-**** REVIEWED Automatic Toll Readers
+**** READY Automatic Toll Readers
:DURATION: 00:00:30
@@ -773,7 +785,7 @@ The ACLU has an excellent report on it,
- <1-> In the North-East we have E-ZPass (RFID)\cite{w:ezpass}
- <1-> Golden Gate Bridge requires FasTrack or plate-based
- <2-> /But/ they provide an option for an anonymous FasTrack account
- using cash\cite{goldengate:anon}
+ using cash\cite{goldengate:anon}
- <2-> (Granted, you're still captured by an ALPR)
- <3-> Routinely used by law enforcement\cite{baynews:fastack-data}
- <4-> They're not very secure,
@@ -799,7 +811,7 @@ And they have their security issues;
-**** REVIEWED Akin To GPS Tracking
+**** READY Akin To GPS Tracking
:DURATION: 00:00:30
@@ -826,20 +838,21 @@ But it's a useful comparison against precedent.
-*** REVIEWED Internet of Things [0/7]
-**** REVIEWED Internet-Connected Cameras
+*** AUGMENT Internet of Things [7/7]
+**** READY Internet-Connected Cameras :B_fullframe:
-:DURATION: 00:00:45
+:DURATION: 00:00:35
+:BEAMER_env: fullframe
-#+BEAMER: \only<1>{Cameras used to be only physically accessible}
+#+BEAMER: \only<1>{Cameras used to need physical access}
#+BEAMER: \only<2>{Today\ldots not always so much}
-In the past, these cameras were "closed-circuit"---
- they were on their own segregated network.
+In the past, these cameras were on their own segregated networks.
You'd _have_ to subpoena the owner or get a warrant,
or otherwise physically take the tape.
@@ -849,20 +862,20 @@ It might be intentional---to view the camera remotely or on a device---or it
may just be how the camera is set up by default.
-Let's expand our pool of cameras a bit.
-Because it's not just businesses that use Internet-connected cameras.
-They're also popular among individuals for personal/home use.
-Home security systems.
+It's not just businesses that use Internet-connected cameras.
+They're also popular among individuals for personal/home use so that they
+ can view them on their smart phones and elsewhere.
+Like home security systems.
Baby monitors.
-**** REVIEWED The ``S'' In IoT Stands For ``Security''
+**** READY The ``S'' In IoT Stands For ``Security''
-:DURATION: 00:01
+:DURATION: 00:00:50
- <1-> Shodan---IoT search engine\cite{shodan}
- - <2-> You'll also find other interesting things. Secure your databases.
+ - <2-> You'll also find other things. Secure your databases.
- <2-> Can search for specific devices
- <2-> If you are vulnerable, someone will find you
@@ -895,15 +908,32 @@ Followed by "Cams", "Netcam", and "default password".
-**** REVIEWED Who's Watching?
+**** READY Who's Watching?
-:DURATION: 00:00:15
+:DURATION: 00:00:20
+***** Screenshot
+:BEAMER_col: 0.30
+#+ATTR_LATEX: :height 2.25in
+***** Summary
+:BEAMER_col: 0.70
- Insecam is a directory of Internet-connected surveillance
- Live video feeds (browser connects directly to cameras)
But Shodan isn't the only thing out there.
Anyone heard of Insecam?
@@ -916,10 +946,10 @@ I can tell you personally that you feel like a scumbag looking at the site.
-**** REVIEWED Insecam Example 1 :B_fullframe:
+**** READY Insecam Example 1 :B_fullframe:
:BEAMER_env: fullframe
-:DURATION: 00:00:30
+:DURATION: 00:00:40
@@ -957,10 +987,10 @@ Somewhat cool, even.
Let's get a little more personal.
-**** REVIEWED Example 2 :B_fullframe:
+**** READY Example 2 :B_fullframe:
:BEAMER_env: fullframe
-:DURATION: 00:01
+:DURATION: 00:01:00
@@ -1002,14 +1032,14 @@ These people are unaware.
And these manufactuers set them up for this.
Even if you can't find a camera on this site,
- Shodan might have indexed it
+ Shodan might have indexed it;
just connect.
-**** REVIEWED ALPRs Wide Open
+**** READY ALPRs Wide Open
-:DURATION: 00:00:15
+:DURATION: 00:00:20
@@ -1035,9 +1065,9 @@ In both cases,
-**** REVIEWED Biometrics
+**** READY Biometrics
-:DURATION: 00:00:45
+:DURATION: 00:01:00
- <1-> Humans no longer need to scour video
@@ -1070,7 +1100,7 @@ Don't have a face?
You can also be identified by your gait.
No gait?
Facebook famously got even creepier by saying it could recognize people by
- their dress, posture, and hair, without seeing their face.
+ their dress, posture, and hair, without even seeing their face.
Your fingerprints and iris data can even be extracted from high-resolution
@@ -1081,8 +1111,8 @@ We'll come back to it.
-*** REVIEWED Social Media [0/1]
-**** REVIEWED Collateral Damage
+*** READY Social Media [1/1]
+**** READY Collateral Damage
:DURATION: 00:00:45
@@ -1112,6 +1142,7 @@ What they're actually doing is inflicting collateral damage.
If I'm off in the background when you take a picture of your friends in the
I'm still in the photo.
+Just something to consider when taking photos of others..