Just How Much Privacy Do We Have?

stuffman64 writes: "Popular Science is running an excellent article on just how private our daily lives are. The article chronicles a typical day of a make-believe Graphics Designer from Chicago. Throughout his day, he unwittingly supplies companies with information that can potentially be used against him. And with GPS-enabled cell phones just starting to hit the market, our privacy can only continue to deteriorate from here. A must read."

Ya tell me about it

[El_Nofx]

In North Dakota where, we had a total of 5 murders last year, they are installing cameras all over, privacy is gone in public. Noone really even put up a fuss either, strange. On a good note we just approved a law preventing all banks from selling any of your information. First in the nation from what I understand, to be approved in a proposition.

your cellphone *already* lowjacks you

[Jamie+Zawinski]

People who are paranoid about getting GPSes in cellphones must not realize how small most cells are: if your cellphone is turned on, its location can already be determined to within a pretty small area: a quarter mile or less inside cities.

Re:your cellphone *already* lowjacks you

[stuffman64]

This is very true, in fact last year I witnessed a motorcycle accident in State College, Pa (location of my Alma Mater, PSU). When I called 911 to tell them of the accident, they did not ask me for my location, rather, she asked my to confirm if I was infact on East College avenue by the OfficeMax and the Supermarket.

Cell phone location is possible without GPS by timing the signal arrival between different towers. This is not nearly effective as GPS, but this time they hit it right on the head. Unfortunately, this non-GPS solution is much more expensive and less accurate than the GPS route, but nonetheless effective in semi-rural areas such as where I was.

Read about this technology here.

Another good PopSci Read

[stuffman64]

I should have included this in my original post, but PopSci also has a good article about the E911 GPS service in their most recent issue. I thought I saw it on their site, but apparently it is not there.

Here is another feature which links to a website that can map out a route in Manhattan to avoid its 2400 or so security cameras watching your every move. If you happened to read the article, a link to this also appears to the right.

By now you would think I work for Popular Science. I have no job. I employ my University with a $24,000 per year salary.

Ugh. much of this stuff is a no-brainer

[josh+crawley]

--Mark withdraws $100 at his bank's ATM machine.

Big suprise. Guess what that black dome is above it. I'll give you a clue, the sticker that says "Camera" is right... Also, I'd expect the bank to keep the records for at least 10 years (census data/back taxes).

--Mark enters his office building and takes the elevator to 5. (cameras..)

Guess how much theft happens in places like that... They're just defending against that. And if trust between your employer is an issue, you can always get a different job. Just be glad they dont lock the fire doors like they did in the early 1900's.

--Mark writes a friend: "No raise. My boss is a liar."

Unless you're using heavy encryption AND sending to a secure source (someone who wont blab), he's an IDIOT. I'd laugh and then find a different way to fire/lay him off.

--Mark IMs his girlfriend: "Don't worry about last night. I'll get tested. Love you."

Anybody's who heard of DSniff wont be saying stuff like this over ANY network.

--Mark deletes a file containing freelance work he did for a competitor.

We've went over this in every major publication. This should NOT be new material. And figuring the crowd is the SciAM subscribers (me), I'd figure the average computer security like this would be common knowledge.

--Mark calls a friend from the street at his lunch break. "Dude, she wants me to get an AIDS test," he confides.

We know that cell phones are NOT safe. They're broadcast devices. Even during 9-11, some senator said that getting cell records were trivial at best.

--Almost home, Mark stops to buy deodorant and toilet paper; the card saves him 36 cents.

Dead horse. I simply state that I will fill in fake info if you give me one. I then take one, scribble through it, use it, and then toss it on the ground. Stores are pulling this shit, so I do the same.

--Mark shows his driver's license to enter his favorite bar.

I'd demand to talk to the bar manager, demand to know why he thinks he has the right to STEAL my information. If he doesnt let me in, I go elsewhere and LET both bars know that.

A lot of this "information stealing" is the cost of life in this type of society. Much of that data is useless. Simply, use your head. If it seems weird (like idiots who want to pre-approve you for a cred card) TELL EM' NO!

Re:There are several things you can do.

[thelen]

I think it's a mistake to approach the problem in terms of minimizing the footprint you leave. Why set yourself up in opposition to the system when you can utilize it's own methods to protect yourself?

For instance, why not use a grocery card with purchases that you would *want* people to see, like that you buy lots of broccoli and juice? In the worst case scenario, if an insurance company ever saw those records they'd believe you had lower cancer risk. Pay in cash for things you want them *not* to see, such as the bag of chocolates, smokes and double bottle of cheap red wine.

Put books on gardening and cooking on your credit card bill, pay in cash for books on hacking.

Use an ordinary mobile phone except for when you truly *need* privacy, and for god's sake turn it off when you cross state lines to buy grass!

Set up email accounts in several different classes: One that you *want* identified with you for legitimate personal/professional contact; one for questionable personal use (e.g., dirty jokes) that you access through a proxy server; one as a throwaway that you don't really care about, say for registration sites. And don't mix them up!

The point is to understand the system well enough to *purposely shape* the profile that's built of you rather than eliminating it all together. The latter option is becoming increasingly unrealistic.

Re:There are several things you can do.

[Junta]

1) Ok, so wow, they don't know what you buy, but at any one point you have hundreds of dollars on your person at a given time, and if you either get robbed or drop your wallet, well, you are pretty well screwed. An alternative is to make your purchases at the most generic place you can when you buy something. For example, knowing you bought something at a general store is not very informative as opposed to a purchase at a games store.

2) Never signed up for a prepay cell phone, this may be a good strategy, again, paying in cash may not buy you much though.

3) Also a fine point for the paranoid, but I'm not sure all these huge companies are all trading personal information so that any email address can be tracked down to someone.

4) Now this is just damn stupid. This is like telling someone to send all important information on a post card instead of in an envelope. Sure, an encrypted email may raise a flag somewhere, but if you use good encryption and use it for as much of your email as possible, pretty much no one short of the NSA is going to decipher your mail and after the NSA wastes enough time deciphering "Hello, how have you been?" messages, they may decide they are not worth the trouble. And if you believe they will try to read each and every encrypted email even if history shows all to be benign in your case, they would probably be reading your plaintext mail, especially if it happened to contain a few keywords.

5) Alternatively I would say feed the personal information out with bogus data, better yet get your friends to do the same and swap cards ever so often. That way you save money and provide no personal information.

6) If a local grocer or market exists, then yes, this is a nice thing to do, for more reasons than just protecting personal information. In fact, if your sole goal is protection of private informaiton this is not a good strategy. The better strategy would be to cycle your shopping among different stores and have those stores be far away, just because you aren't being electronically tracked does not mean other people can't look and see what you buy. If you are going to be paranoid, might as well be extremely paranoid.

I'm not that protective of my information, I really don't have anything to hide from the NSA. Encrypted email may set off flags, but I don't give a damn, I don't trust post cards and so I don't trust email, and if the NSA knows I'm telling my friend he can come over this weekend, I don't care.

I like protecting what I can from common eyes, but do not obssess over whether executives at Food Lion know I bought beef last week, or even that my bank knows I bought something expensive from an electronics store a while back. Protecting privacy is all good, but there is a point where the inconveniences are just overboard to protect data that no one is really interested in anyway, or at least data that can't really be used against you.