|
hobbesmaster posted:Supposedly part of the leaked data set can include individuals' profiles. China could do some simple data mining against all those SF-86s they got from OPM and figure out where individuals are stationed. I didn’t know there was a leaked data set, all I’ve seen are screenshots of the regular strava heatmap service.
|
# ? Jan 29, 2018 03:22 |
|
|
# ? Apr 27, 2024 08:25 |
|
The Fool posted:I didn’t know there was a leaked data set, all I’ve seen are screenshots of the regular strava heatmap service. https://twitter.com/tobiaschneider/status/957765269316886528
|
# ? Jan 29, 2018 03:23 |
|
Ok, not an actual leak, just the usual social media garbage. If you’re a soldier stationed at a FOB and your social media profiles aren’t turned off or locked down then I don’t know what to loving tell you.
|
# ? Jan 29, 2018 03:29 |
|
The Fool posted:Ok, not an actual leak, just the usual social media garbage. Apparently neither did their CO's.
|
# ? Jan 29, 2018 03:30 |
|
The Fool posted:Ok, not an actual leak, just the usual social media garbage. So why not attach a tag that does it for you, but why would anyone do that
|
# ? Jan 29, 2018 03:38 |
|
Those aliens from arrival are speaking to me through strava https://labs.strava.com/heatmap/#16.49/39.21399/33.81002/hot/all Somebody is making a pretty good circle in the middle of the desert
|
# ? Jan 29, 2018 03:48 |
|
The Fool posted:Strava heatmap has been around for years, what’s new about this? People who don't workout are just finding out about Strava.
|
# ? Jan 29, 2018 04:16 |
|
There was someone on twitter (and honestly don't care enough to look it up) who said when he was deployed base locations weren't classified, but the routes taken between bases were.
|
# ? Jan 29, 2018 04:18 |
|
The Fool posted:Ok, not an actual leak, just the usual social media garbage. I know that "buhhh it's just metadata it's not real data" is considered a compelling argument in the grey thread, but consider that if there were any military bases on this map that didn't belong to US allies, they have been destroyed.
|
# ? Jan 29, 2018 04:20 |
|
I did click on the link. The thing I keyed on was “public profile” On Strava making your profile private is a literal two-click affair. While I am against meta-data collection in general, I do feel the onus is on the user to control their public information. E: a word The Fool fucked around with this message at 04:32 on Jan 29, 2018 |
# ? Jan 29, 2018 04:28 |
|
The Fool posted:I did click on the link. The thing I keyed on was “public profile” Having the onus to keep poo poo private is something most people don't even realize there is such an onus to be taken until they find out the rough way. People use devices out of the box and basically don't configure it beyond linking it to accounts and/ or the bare minimum to get it working. Here's some good proof of concept of that fact. Do you hate that soap opera "cinema" mode effect newer TV's have where they add more frames to make it look smoother but make everyone look mealy mouthed? Have you turned it off at your home? How many places where you watched TV at where the mode was on because the mode is default on?
|
# ? Jan 29, 2018 04:44 |
|
Bad default settings and bad ui design is a different discussion. We’re also currently talking about a user base that should arguably be more aware of their personal information security than the average user. Also, I’ve met some dumb soldiers, but how loving hard is “don’t post gps data from secure facilities on a public service”
|
# ? Jan 29, 2018 05:21 |
|
Apparently, too hard? Like, is your claim that this isn't a problem because it's easy to avoid, even though it's clear people aren't avoiding it?
|
# ? Jan 29, 2018 05:41 |
|
Usability has no place in a discussion about the effects of how people are using something. beep boop the GPS protocol doesn’t carry a unique identifier and furthermore
|
# ? Jan 29, 2018 11:46 |
|
hobbesmaster posted:Who is delivering pizza to FOBs in Afghanistan?
|
# ? Jan 29, 2018 12:05 |
|
I think this point in this Twitter thread is the start a good explanation. Scroll back and see some of the results, scroll forward for more text. https://twitter.com/gavinsblog/status/957785753366548481 Absurd Alhazred fucked around with this message at 13:07 on Jan 29, 2018 |
# ? Jan 29, 2018 13:04 |
|
Good news they just covered this on Today so I’m sure nothing bad will come of it.
|
# ? Jan 29, 2018 13:10 |
|
The Fool posted:Bad default settings and bad ui design is a different discussion. *LOUD BUZZER SOUND*
|
# ? Jan 29, 2018 15:02 |
|
The Fool posted:I do feel the onus is on the user to control their public information. The onus should be on the government, who requires these companies to not do the kind of poo poo that they're doing, but lol that's never going to happen in the U.S. At least the E.U. is doing something with GDPR I guess.
|
# ? Jan 29, 2018 15:32 |
|
We are talking about a service which the entire purpose is to share GPS information. And people are being surprised that GPS information is being shared.
|
# ? Jan 29, 2018 18:07 |
|
The Fool posted:We are talking about a service which the entire purpose is to share GPS information. We are talking about a pervasive corporate culture that universally believes your information is theirs to do whatever the gently caress they want with unless you specifically tell them no, and even then you don't have much control or granularity. It's not this one instance, as hilarious as it is, but the complete back-rear end-wards-ness of how companies treat private information as a secondary revenue source.
|
# ? Jan 29, 2018 18:59 |
|
The US could start a war with any country in the world except perhaps NK and China and they'd know through the use of companies such as Google or Apple: - Where every General is at the moment; - Where every politician and aide is; - Where any military gear is stashed. When you have someone like Trump at the helm, that's.. Chilling as gently caress.
|
# ? Jan 29, 2018 19:48 |
|
If it was nearly any other company in the news right now, I'd accept that argument. But in my experience, Strava has always been up front about what data they collect and how they use it. They have clear and easy to access privacy options. Now if Strava's data set was/is leaking information that was marked as private, we can have that conversation. But currently, that does not appear to be the case.
|
# ? Jan 29, 2018 19:51 |
|
orange sky posted:The US could start a war with any country in the world except perhaps NK and China and they'd know through the use of companies such as Google or Apple: This requires/assumes that literally every mobile device is compromised on the entire planet. Or are you saying that Google/Apple would comply with requests to turn over such data?
|
# ? Jan 29, 2018 19:59 |
|
Mr Chips posted:Cheers. For this hypothetical home user, how important is a microcode update if the OS and browser are patched? Microcode mitigates Spectre, which can only read protected memory from inside the same process (browser, Word, Outlook, whatever). With the browser patches installed, each tab runs in its own process and you're pretty well covered. Some programs cannot be mitigated in that way but that scenario is atypical for users. The biggest issue is on servers with sensitive process executing user-controlled code/commands and that will require software re-design barring the microcode fix.
|
# ? Jan 29, 2018 20:03 |
|
AlternateAccount posted:This requires/assumes that literally every mobile device is compromised on the entire planet. Or are you saying that Google/Apple would comply with requests to turn over such data? I guarantee they're already being compelled to turn over the data, FISA issues a warrant that says 'give us all this data, or else' and they have a choice of comply and business as usual, or don't and enjoy the consequences. Failing to comply with a FISA warrant can get whatever level director or Chief whatever locked up until they DO comply, almost without limits.
|
# ? Jan 29, 2018 20:03 |
|
AlternateAccount posted:This requires/assumes that literally every mobile device is compromised on the entire planet. Or are you saying that Google/Apple would comply with requests to turn over such data? Oh I have absolutely no doubt whatsoever that in case of a war they would comply I don't even think it'd take that much convincing to be honest, human nature is a bitch and history has shown us that in full blown war everything's game and it's us vs them E: of course I'm assuming a different geopolitical situation here, right now everything's locked down where if you start a war it's a world war (which is how WWI started and I had no idea about it. but it makes sense, the more you evolve diplomacy the bigger wars get until it's world wars every time)
|
# ? Jan 29, 2018 20:29 |
|
orange sky posted:The US could start a war with any country in the world except perhaps NK and China and they'd know through the use of companies such as Google or Apple: Google and Apple aren't really the best sources for that kind of information. The signal to noise ratio is usually too bad. Companies like this, however, are not any where near as well known, and have some much scarier data sets.
|
# ? Jan 29, 2018 20:35 |
Cisco has another 10.0 perfect score.
|
|
# ? Jan 29, 2018 20:45 |
|
|
# ? Jan 29, 2018 20:52 |
|
I was doing a quick image search to try to find a bigger dumpster, and saw these side by side in the results.
|
# ? Jan 29, 2018 21:14 |
|
So that's a full remote root exploit that's trivial to do? Heh. Noice.
|
# ? Jan 29, 2018 21:15 |
|
The Fool posted:Google and Apple aren't really the best sources for that kind of information. The signal to noise ratio is usually too bad. Yeah, gotta imagine there are people on payroll or contract for the DoD that do this sort of tracking for a living.
|
# ? Jan 31, 2018 18:16 |
|
The Fool posted:Google and Apple aren't really the best sources for that kind of information. The signal to noise ratio is usually too bad. There is a lot of data out there that is considered meta data UNTIL you can turn it into real data because of the links you can make. There is software out there to help you do this yourself.
|
# ? Jan 31, 2018 18:42 |
|
Palantir used to be a lot more open about the capabilities of their software when hooked into social media feeds etc. but they presumably save all that for customer presentations now.
|
# ? Jan 31, 2018 18:44 |
|
Am I missing an option or can't you turn off 2FA with SMS codes in Facebook? I set Authenticator Plus up and wanted to use only it, but it seems like I have to keep both, so what's even the point?
|
# ? Jan 31, 2018 21:19 |
|
When you target the lowest common denominator, you got to take it reeeeeal low. Do you really think Facebook would allow its users to get locked out by being too security-conscious? No way.
|
# ? Jan 31, 2018 21:26 |
|
Thanks Ants posted:Palantir used to be a lot more open about the capabilities of their software when hooked into social media feeds etc. but they presumably save all that for customer presentations now. "Palantir Technologies is a mission-driven company, and a core component of that mission is protecting our fundamental rights to privacy and civil liberties."
|
# ? Jan 31, 2018 21:33 |
|
AlternateAccount posted:
You can't deny it! They make sure to gather all this information and make sure no one accesses it
|
# ? Jan 31, 2018 21:48 |
|
|
# ? Apr 27, 2024 08:25 |
|
|
# ? Jan 31, 2018 21:50 |