I am a lawyer but I still don’t understand how these warrants can be constitutional (or legal). Doesn’t it have to be specific in its request, “identifying the person or property”? First, google would have to search its entire systems for the specific location, then narrow down to the specific time. (I know it’s probably the same search. But wouldn’t that be too broad and not “identifying” enough for the warrant?
> That geofence warrants scoop up innocents’ data has now been proven beyond doubt.
While true, it's unclear how relevant this is. The equivalent police process of canvassing people determined to be likely bystanders also involves police interviewing and investigating people who turn out to be innocent.
Probably the relevant question is "Is there a fundamental difference between police identifying potential involved parties via eyewitness testimony and 'common sense' practices like looking for windows overseeing a crime scene and police fetching location identifiers from passive sensors?"
Under US law, you have no expectation to privacy for data that you give to a third party (in this case Google). I think you hit the nail on the head here, there's not much legal difference between Google and a nosy neighbor other than scale.
Search warrants are issued for specific suspects. This is equivalent to searching a crowd, which is a violation of your fourth amendment.
Naturally this hinges on whether or not your activity on google is yours or theirs. While their terms of service is clear, courts may have different opinions.
If I understand correctly, warrants are issued for a place to search and/or items to be seized. I don't think the criteria is actually naming a specific individual.
If it were, police would be prevented from executing warrants where evidence shows that stolen goods are being warehoused until they had an idea of who was doing the stealing, right?
> If I understand correctly, warrants are issued for a place to search and/or items to be seized. I don't think the criteria is actually naming a specific individual.
The property typically has an owner. This is the individual to which I was referring, though this is obviously a metaphorical application like you need to do applying the constitution to modern day.
Emotionally, when I hear things like this I think unconsciously I secretly want companies not to give data over ever. And really the companies shouldn't collect it (hackers also exist)..
However rationally I think there is a balance. Investigators need to do their jobs and chase every lead they can to catch criminals. I wonder if google could have complied with a query that simply grabbed the users in the areas during the 3 time periods combined.
Maybe we just need laws that limit how much data can be returned per warrant, to encourage more limited warrants.
I would be okay with it if the court system actually bothered to protect people's rights and police didn't abuse their power. But abuse of power is now industry standard. In all likelihood the data will be keep beyond what is necessary to collect the necessary evidence. In all likelihood this data will then be used as a springboard for indiscriminate civilian surveillance. I don't even trust that the excuse given for the collection is in any way true. Our government has shown a willingness to enforce secret laws, put people in secret prisons through extrajudicial processes, torture them in secret, lie about it repeatedly, lie about evidence. And at no point has our justice system seen fit to hold anyone accountable for it.
What balance is there when one side operates without limits or consequence and can use gag orders and the ability to classify information to operate in secret?
One issue is that if the police find evidence of a crime during the investigation of another crime, then they are bound to pursue the newly found crime too [0]. Under such dragnets, which you can nearly 'grep' for crime, many more totally innocent people can be found to be felons without their knowledge. 2011's Three Felonies a Day by Silvergate and Dershowitz [1,2] is a good launching point into issues with the US federal justice system. If you'd like to learn more, Ken White's twitter is a great place to start the learning process into law's foibles [3].
[0] Under many complex and often conflicting legal codes, this is admittedly a dubious statement. Add in budget issues and whoo-boy, might as well throw dice. But, in general, this is mostly true. Also, I am not a lawyer, consult your own lawyer.
I agree with the points you're making, but I should mention that now that I clicked on your Amazon link, Amazon is recommending me nothing but Sovereign Citizen nonsense and anti-Semitic ramblings. Like, Amazon's recommendation system decided it was suddenly going to form a completely different opinion of the sorts of books I'm interested in.
His behavior since Trump’s election puts your latter claim into serious doubt. I am not surprised that now he is being associated with what flows from Info Wars, etc.
> I would be okay with it if the court system actually bothered to protect people's rights and police didn't abuse their power.
This country was founded on the principles that all governments decay, and all legislation should take this into account. We can't give the government power which could be abused to public detriment with a simple change in leadership.
It's not an argument over secret, or non-secret data collection. It's an argument over abuse of power, secret data collection being one of the examples of abuse of power.
Just so I understand, do you include this particular incident as an abuse of power? AFAICT, as long as they end up only using the data for the stated purpose, and not to charge random other people with random crimes, it would be a correct use of power, at least by my judgment.
They do get warrants and they do serve subpoenas just because they are awarded them under a pretext that you don’t like does not mean there is an abuse of power. If you are to make a claim as huge as that you can at least back it up with some sort of data.
> I would be okay with it if the court system actually bothered to protect people's rights and police didn't abuse their power.
The court system does a pretty good job, in fact that's why the police want to bypass it so often. It's much easier for the police to catch real criminals if they don't have to worry about due process (it's just that due process is what removes the false positives).
Conversely, if someone smashes into my parked car and flees, most major cities won’t investigate. Whereas they could use stop light cameras and a few hours of work to potentially identify the suspect.
Likewise, if live in SF and someone breaks in your car, the police won’t investigate it unless you’re A-Rod.
Isn't that just a cost/benefit calculation? How many projects have you worked on where someone suggested spending X hours on something only to have it shot down for minimal ROI? Obviously it matters more to you personally, and you'd like to have a sense that "justice is done" but really it's just an insurance claim. Of course it's also frustrating if the thief has only gotten some random junk out of your car - if it wouldn't lead to endless extortion I personally would be happy to hand him or her $10 to not break my window, even if there's no deductible, just to spare me dealing with it.
I understand the goal of this sentiment, but this is not how most societies work. Equality under the law is the proper ideal, but it's not at all how things work. There are a lot of reasons for that, from bias to lack of resources. But whatever the particular reason may be, most people only notice and complain about inequality when they are its losing side.
Make no mistake about it though, from the police at the bottom of the stack, all the way up to how the judges rule on cases at the top of the stack, the legal system has never been equitable.
Laws and budgets are set on different time-scales; there is never 100% alignment between the cost of enforcing the law and the availability of the budget required.
In fact, most of the time, there's very little alignment, because there's no incentive to have those things be aligned. Sometimes even disincentive: there are laws on the books nobody wants enforced, and a culture in policing of enforcing the letter of the law, not the spirit—but one can always choose to not enforce a law one doesn't agree with by just making an informal agreement that certain crimes (of basically equal severity) take enforcement priority, such that those crimes nobody sees as crimes just get "de-prioritized" to the point that they're never enforced at all.
No, the law does not and should not use maximum resources for everyone. It is clearly beneficial to not send whole teams of people looking for weeks for your stolen wallet like they would for a missing person.
>The ROI calculations are to be budgeted and accounted for
Often this would require you to pay more in tax than the value you would get back from it. Are you ok paying $1000 to track down the person who smashed your window when you will likely never get any money from them or will you just pay the $100 it costs to get a new window which doesn't happen very often.
Personally, I would vastly prefer cops focused on minor property crimes. That’s not to say the need a statewide manhunt, but something approaching 1:1 of property damage vs police respond quickly adds up to several hours of investigation.
Generally, a tiny fraction of the population commits the vast majority of such crimes. People will do 500$ worth of damage to make 30$, work out what it takes to make useful amounts of money and these people end up destroying a lot of property. So, the ROI calculation needs to account for windows not smashed.
A good example is copper wire thieves. They pull up to a house and access the electrical panel in the garage which they turn off. Using a winch, they pull out all the copper wire in the house that's directly connected to the box (there's also many branch lines left behind). They then sell the wire as scrap for $20 or so and presumably use the money to buy drugs.
Fixing this damage can run $30,000 to $100,000. The whole house can have to be torn apart from the inside to reinstall all the electrical.
> It is clearly beneficial to not send whole teams of people looking for weeks for your stolen wallet like they would for a missing person.
A massive miscalculation -- stolen wallets, cell phones etc are individually small-ticket items, but the criminals who make a living stealing them do hundreds per month and thousands per year. Taking the perpetrator of a thousand muggings or pickpocketings off the street is a job worth doing, possibly more so than chasing small time drug dealers or runaway teens.
San Francisco doesn't want the law applied equally to everyone: that would preserve existing structural injustices. We want the law applied towards equality, cutting down the rich and lifting up the poor.
Punishing an already poor and marginalized person is counterproductive to that goal, so we try to avoid it as much as possible. And that's probably who you're going to find on the other end of a car break in. So why bother looking?
There is an intangible to living in a place where cars are regularly broken into vs. living in a place where they aren't. Think of the kinds of attitudes that people develop towards others in the two places. Trust vs. distrust, comfort vs. unease, open vs. closed. There's also the second-order effects of having a class of people going around committing those kinds of crimes with impunity. Many become emboldened and move on to other malfeasance. Order breeds order and chaos breeds chaos.
Your words bring to mind my experience with gentrification in a few cities: one person's order is another person's chaos. If you ask a longterm resident in a gentrifying neighborhood how they feel about what the new developments are doing to their social fabric, you might find your simple truism gets wierded <3
It's often that crimes restore lost order and stability for some people. Not saying it's moral on one side or the other, but it certainly doesn't feel like a neat little package.
I know that moral philosophy is a complex matter, but I should hope we can agree that being upset that your car was broken into is significantly different than being upset that there’s a hip coffee shop in your neighborhood.
> Many become emboldened and move on to other malfeasance. Order breeds order and chaos breeds chaos.
Why does SF have a sizable increase in property crimes over the past 10 years but a drop in violent crimes? I'd imagine if chaos did truly beget chaos, then rates of crime across the board would be going up.
So true. Reminded me of Swiss towns in the Alps where houses, bikes in the shopping street and cars in general are unlocked. Really refreshing and makes you feel safe. The bigger risk to a car is when it is locked and the lock mechanism freezes over.
At the far other extreme of the spectrum, in blighted urban neighborhoods, everyone also leaves their cars unlocked. If you let the junkies inspect the contents of your car freely, they won't smash the windows to do it.
Last car I owned in SF somebody broke a window and rifled through the inside. I didn't fix it, except to tape some plastic over the broken window. Shortly later, somebody broke another window (instead of just ripping off the tape, WTF!). Eventually sold the car and had to replace the windows, costing about $1000.
Similar here. Both back side windows. Fortunately they were on hinges and could be cracked open so I was able to get used ones at a junkyard for $60 each and replace them myself. Then the rear window got smashed in. $200 at the junkyard for that one and a lot harder to DIY. Then the trunk got jimmied, breaking the lock. I can't remember what that costed to fix, I had to have it keyed by the dealer, I think it was fairly expensive. Stolen radio (value approximately $300) I didn't replace. Stolen technical manuals and books (maybe $300 as well) I replaced some. I doubt they were able to even sell those.
It's one of many reasons I moved away from there and do not entertain any job offers from that region, regardless of how much they are offering. At a certain point one needs to write off these cities. That or accept being a victim with no legal recourse knowing your car's going to be vandalized damaged and stolen on a regular basis and you are going to be hassled by guys with guns when walking down the street.
Truly spitballing an answer to this. A car window replacement is probably a few hundred bucks ($200-500), I imagine there are some instances with some really high value (greater than $1k USD, think a laptop) takes but there's also probably a ton of small hauls (loose change, stereo) or unsuccessful takes. I'd guess the average probably couldn't be more than a thousand bucks a break in, on average. This means this back of the napkin math puts car break-ins in that area costing probably not more than $30M, not including some insurance overheads and what not.
So judging by off the napkin math on costs and optimistically assuming stronger enforcement would lead to 50% less car break ins, if strong enforcement costs more than $15 million is it worth it? When does the cost of enforcement become inconsequential to the results? A good question to debate on either side IMO.
Even if a single police officer costs $1M a year all-in (which I'm significantly high-balling, I hope), I imagine 15 police officers hired specifically to work on car break-in cases would make a huge dent. The car thieves keep doing what they're doing because they know the police won't track them down. Even some minor efforts to start tracking them down could act as a powerful deterrent.
That's not really the point, though. It's not just a simple monetary calculation. Even if the true value of repairs and stolen items was $30M, I would allocate several times that of taxpayer money just for the quality of life benefits, assuming it would do some good.
Problem here is, if person #1 can do something, and gets away with it, then person #2 does that, and gets away with it, many more people will do the same.
Spending more on the crimes with negative ROI, makes the total ROI higher because it acts as a deterrent for future would-be criminals.
Reddit was full of video of really trashy kids, driving their bicycles through malls and stores harrassing random people there, and "nobody could do anything" about them. If those kids were arrasted, sent to juvie, given community service (or maybe even just shown on tv crying in court, instead of acting all badass on their bikes), that would sure stop many others from repeating what they did.
There’s many things wrong with the US and police, but a big one is this; The cops shouldn’t be doing cost/benefit analysis; They should be prosecuting every crime they feel they can win (have enough evidence for).
Oy. If we're going to deploy scary tech against criminal behavior, let's pls not rally for it to be used for petty crime committed by desperate ppl. If our liberties are getting flayed, let's at least see it used against ppl at the top -- suspected inside traders, etc. At least that way we'll get the powerful backlash and safeguards we all deserve ;)
Of course all of this feels gross, but as someone who was homeless in SF for a bit, going after people on the outs feels really backward.
I just recently got my window smacked in a mid size city. Was very pricey, but I wouldn't want to give my state permanent location data in exchange for the possibility of catching some random perpetrators. On the contrary, I would perhaps become a criminal because I would try to smash the cameras to protect my privacy.
Surveillance still is one of the most uncreative and probably also one of the worst forms of crime prevention/reduction.
I think you're missing the point of the parent comment. They aren't suggesting more surveillance, they're pointing out that right now the status quo is that even when there's already surveillance footage that could be used to identify a suspect, all too often the police can't be bothered to do any "good old fashioned police work".
We don't need draconian surveillance measures enacted to solve this type of crime. We need police resources to actually follow up and prosecute petty theft for all victims, not just corporations and celebrities. A couple of years ago my father was involved in a hit and run when a man in a red late model corvette turned out of a small subdivision right in front of traffic. This was during morning rush hour on a weekday, there's only about a dozen houses on that road, and only one red late model corvette parked in the driveway of one of those houses. That single red corvette was also parked with a car cover on it afterwards. Even though there were numerous witnesses to the hit and run given that it was during morning rush hour traffic, and even though it is pretty obvious what happened and there are plenty of ways to get evidence to support it, the police couldn't be bothered to do anything about it. As far as I know, they didn't even so much as question him about the hit and run.
We're currently paying the privacy tax with existing surveillance yet people like you and me cannot benefit from that surveillance.
Stop light cameras do not record contiounsly. And cities often have no access to them as they are run by third party companies that get a cut of the tickets they issue on the cities behalf (complete with city paying them if they don't get enough tickets to write) They only need the relevant clip for the ticket.
> if someone smashes into my parked car and flees, most major cities won’t investigate
I've had three home break in and robberies. In no case would the police even show up to take a report. In the case where my cameras identified the perps and I tracked down and documented them trying to fence my property, and worked with other neighbors to document an actual crime syndicate that was taking orders for specific things to steal, the police would do absolutely nothing. Police are about collecting fees from "in" drug dealers in return for looking the other way, while protecting their turf against incursion from rival drug gangs. They are also involved, along with judges in the USA, with child sex trafficking. The idea we need to give up freedom and be surveilled by these people is unrealistic.
I think we have reached a point where your analysis no longer holds up. I used to agree, but:
- The laws that govern legal search and seizure have departed dramatically from the protections afforded by the bill of rights.
- There have been multiple incidents of companies not disclosing extralegal "cooperation" with state actors such as the US government (and others)
- Warrant canaries are legal, yet big tech refuses to use them. Why not? Because using legal methods to improve user privacy and security are not considered "cooperative" enough.
- We have no reason to believe that governments are following the laws, even in the US. The recently revealed CIA scandal illustrates just how out of control things are.
- There is now a revolving door between big tech and state intelligence agencies, and big tech is becoming increasingly sympathetic to authoritarian candidates and hostile to third party or far left candidates.
"The laws that govern legal search and seizure have departed dramatically from the protections afforded by the bill of rights."
That, right there, is the problem. That should be illegal and should have been shot down every single time such a law was challenged in court. The fact that it wasn't says something about the status of the 4th amendment. And the lack of citizen revolt over this is disheartening.
Thank Bush family friends the osamas for 9/11. Patriot act normalized sweeping search and surveillance. Just like a lobster in boiling water average citizen has became more complacent with their rights being taken away. Smh
This is the truth, and the fact it is downvoted speaks volumes as to the tech communities apathy and complacency in systems that are part of the violation of our rights.
"Fuck you I got mine" might just be the death of the enlightenment.
I'm honestly starting to contemplate how hard it would be to setup on Mars and breakaway from all current earth governments. Maybe the only hope is freedom of space travel.
I upgrade infrequently. Recently I was alerted my 3G phone is not going to work after December 31 as 3G networks are being shut down in the US nationally and all bandwidth reallocated to 4G only.
So, I've bought and returned 4 phones since then because I very carefully read and analyzed the terms of service and privacy policy that I couldn't read until buying them. All were totally and completely unacceptable in every way to me. But obviously not to others.
As a result come the new year I'm going phone less. I literally could not find a single contract that was not morally reprehensible.
I know of not a single other person sharing my concerns. Some say I am a mad man or unreasonable or unrealistic, or a potential terrorist ne'er do well. But I'm none of those. I just read the contract. Something they, and no one else in the entire USA, has done.
I think the devil is in the details with this type of data hand off. If there's no PII in the first batch of phones, just location and a unique ID, it doesn't seem intrusive compared to the benefit. Law enforcement would need to make a second request to de-identify a few specific numbers. If PII is handed over during the first request, then it's a lot more intrusive
Phone number is definitely PII and can easily be used to de-identify. Mac address is better, but still not great. A Google or dump specific id would be best
I'm not sure if MAC addresses are used in cell network negotiation, and they are easily spoofed, but the cellular network provider could certainly link an IP address to a device id. then again, most criminal "burner" phones are not internet enabled anyway
Why phone number? My phone number has no association with my google account lol. I swap sims and phone numbers on a whim. My email address is the most constant thing about me.
You say dragnet searches are rational, but your only rationalization was that "inveatigators need to do their job." That seems like remarkably lazy thinking. We have limitations for a reason, everything from separations of powers such as judicial review/warrants, to natural rights such against use of physical of force, property seizure, to privacy rights, etc.
Just saying this is rational because investigators must do their jobs seems entirely ignorant of the obvious, implicit balance of powers issue here between free peoples and government authorities.
In short: There are, in fact, good reasons most civil liberty organizations fight against dragnet searches. It is not an emotional hunch.
If this becomes more common, won't criminals just turn their phones off or leave them home as an alibi? The practice is a dead end. Using this for such a thing as fire vandalism and two dead dogs is a real waste here (I realize that sounds heartless). How about tracking terror suspects? Law enforcement is showing their hand here.
> Investigators need to do their jobs and chase every lead they can to catch criminals.
Do they really though? This is the question.
Is there no other way to live peacefully and be good to one another without an overarching busy-bodied state apparatus causing perpetual fear even among the innocent?
Implementing proper UBI and reducing poverty would cause a similar reduction in crime. It's not the end-all solution, but as societies build more safety nets, shift towards rehabilititive instead of punitive justice, and generally increase the "collective" wealth, crime will continue to fall.
The proper laws are already in place and on the books and work remarkably well.
There is a crime, you get a warrant or subpoena and you act on it. As long as it’s transparent it works. This idea that percolates particularly from the very left of the software community is dangerous as you pointed out.
They are so anti law enforcement they’d prefer to never help law enforcement do their job but at the end of the day, an overwhelming majority of the crimes they investigate are in support of actual crimes and not some oppressive government overreach.
It’s ok to not trust law enforcement, the US is built on distrust of government.. But then don’t cry bloody murder when nothing gets done because now you’ve tied their hands so much that they can’t investigate properly .
There is an excellent podcast called intelligence matters where an FBI chief went on to talk about end to end encryption and said something along the lines of yes e2e encryption hinders their job but if the public wants and supports that. Then they’ll have to work around it as long as the public understands reaction to crimes will be slowed drastically or go uninvestigated due to lack of evidence.
There is a balance. I know this is Hacker News and we're all supposed to be progressive technical vanguards fighting against The Man, but genuine bad guys exist out there. And we need to protect ourselves from them.
This isn't a case of an innocent man going to prison just so we can jail a hundred criminals. This is giving up a modicum of privacy in order to make the world safer for everybody. I think that's entirely reasonable.
The feds were able to do police work just fine before everyone had a tracking device in their pocket. They'd do just fine if Google would stop storing this data and there was no way to get it.
This isn't rational, this is purely emotional. This could be a statement from a police officer that did see some awful criminals, but that would be filed under being emotionally compromised.
If you look on large scale threats to the general population, this kind of surveillance poses a much bigger risk.
> genuine bad guys exist out there. And we need to protect ourselves from them.
I doubt this is about protecting people or preventing crime. Justice comes after the fact and is all about retribution. Depending on the crime, the damage done by perpetrators can never be undone.
> This is giving up a modicum of privacy in order to make the world safer for everybody.
How far will you go? Would you give up all privacy for safety? What if society's idea of safety doesn't align with yours?
HN does have a lot of fellow libertarians (and leftists) who oppose surveillance states. But you make a good point, that authoritarian violence has always been popular, all throughout history.
It is no surprise that people like you still romanticize the notion of state violence and greater authoritarian power. Fascism is always popular amongst certain types.
I mean all the criminal had to do was tell Google to delete the location data right after doing the crime. Google does provide controls to view and delete your data. You're not going to jail for a lack of evidence. In this case, when the police don't seem to know who the suspect actually is, you wouldn't even get a knock on your door. At the end of the day, if this works, the criminal must have been pretty dumb.
too suspicious, instead we should have the existing courier network (food delivery services) have an additional service where they take people's phones around with them for a few hours to mess up the travel pattern data
could be a charging lock box with a little accountability like the ones at bars and clubs
Alternatively, with a simple SDR you could create a network of small tranceivers around town and for a fee have them ping cell towers with your IMEI in a realistic fashion.
Are there any current generation gaming platforms that don’t collect extremely detailed usage information? Never mind the thousand other middlemen also collecting data.
If you have data, or have any way to collect data, you can be compelled to hand it over.
The only real way to address #2 is by finding a way for companies to get all the value that comes from having this data without having to store or even process it.
Why should these companies be entitled to the value of this data in the first place? The only reason they've gotten away with it this long is nobody understood what they were doing.
If you catch a child doing something they aren't supposed to... Say sneaking chocolate you hid in your closet, when you aren't looking, and you don't catch them doing it until a week later; are we seriously going to entertain that the right action on catching these misbehaving children is to let them keep/continue to reap the benefits of their ill-gotten gains? That's what allowing the continuation of this metadata collection sounds like it amounts to to me.
This pervasive invasion of privacy is not normal, never has been; nor should it ever be.
Not breaking the capability for companies to engage in surveillance capitalism represents an implicit acceptance of the nullity of Constitutional protections through indirections facilitated by Third Party Doctrine. That is not okay.
> Why should these companies be entitled to the value of this data in the first place? The only reason they've gotten away with it this long is nobody understood what they were doing.
In many cases, they're using it to do things users like. Such as estimating commute times. Or do demand modeling and understand where they should upgrade cell networks.
You can offer services without these things - and please do! - but expect users to notice.
You're not only catching a child sneaking chocolate. You're catching a child who are legally told by the police to go get the chocolate and hand it over, or else the child will be expelled from school.
Again, the question becomes: can you fix the child's behavior without fixing the fact that they are legally required to follow the police's words with no recourse?
The real question is: is there a market for privacy-respecting tech services (think Apple's new stance on E2E privacy or laptops like Purism), such that consumers themselves can vote with their own dollars? The best way to protect and re-establish the right to personal privacy is through market demand, not legislation.
It's just so far proven to not be as large as one might hope. Consumers, when faced with services that don't offer them the features they want and higher prices, often think twice about preferring privacy.
There's a lot of money to be made by someone who finds a way to deliver the full-fat experience consumers want at the prices consumers are used to while also respecting privacy. Until then, I expect things like Purism and Protonmail to stay fairly niche concerns.
It's not clear to me what app or service provided / recorded the user locations that were turned over?
Does this have to do with Pixel phones? Or the Google Maps record of a person's device location (which goes across many device types and doesn't even require smartphone)?
Your phone itself, not a specific app, is constantly recording your location.
From my understanding, in the case of Android (with Google services), if you have location history turned on, that location data is pushed up to Google at very regular intervals.
This sort of thing is one of the major reasons why I'm abandoning smartphones. The ecosystem has become entirely unacceptable to me as the spying that it brings, both from more directly involved companies such as Google as well as from apps and marketers, is getting increasingly more difficult to stop.
The carriers have the same data for dumbphones as well as smartphones, and I bet Verizon and AT&T are much more cooperative than Google and Apple with blanket requests.
If you care about that stuff, you should abandon carrying a phone--switching away from a smartphone is probably useless if not counterproductive.
> The carriers have the same data for dumbphones as well as smartphones
This is true. But I'm not a privacy absolutist. I'm willing to sacrifice privacy for some things, and having a phone is one of those things.
But that I'm willing to put up with that from one company in no way means that I'm willing to put up with that from other companies.
> switching away from a smartphone is probably useless if not counterproductive.
I don't see how -- can you explain? Reducing data leakage seems useful even if I'm not completely eliminating it, and I don't see how it's actively counterproductive at all.
There is a large amount of $$$ that goes into security of iOS and iPhone (sometimes orthogonal to privacy, sometimes not) that does not go into a dumbphone. The iPhone is also much more scrutinized and researched into than a random dumbphone, so it is plausible that you get much more exposure to exploits, etc., using a dumbphone that does not get updates etc.
It seems unlikely they put the same efforts into finding a zero day for a nokia. There might be a super easy to find zero-day though, like you're saying.
If it's anything like the old days, they don't need to horde a 0 day.
There were always obscure pieces of software that would pull your forgotten pin right off the device with the right secret code, in which case you have full access to the device.
I'd also expect them to be vulnerable to much simpler attacks like just reading flash chips directly
> On the other hand, China is known to have and use ios zero days
What's your threat-model? If your adversary is a nation-state on par with China, you're probably toast unless you have a well-resourced entity supporting you (think large corporate or another nation-state)
But the majority of that security is required due to the vulnerabilities that come with the smart part of smartphones. A dumb phone has a much smaller attack surface. If I use the phone solely for texting and the occasional tethering and phone call, my exposure is automatically seriously reduced.
The dumb phone has no access to the pocket computer, after all.
A "smart" phone lets you use software with better protocols than the government approved (designed) cell network. For example, turn off your cell radio but still using a messaging app (eg Matrix/XMPP) over open wifi (rotating macaddrs of course), instead of having to connect to cell towers to receive text messages.
I can't tell you which results in better opsec today for say carrying out government-disapproved commerce. But I can tell you that the privacy benefits of having a bona fide computer that you control in your pocket will continue to grow, while the cell network is stuck being forever subservient to government/commercial surveillance.
That's reasonable. A bit cumbersome, but not too bad. It's a shame the Windows client for Signal is an Electron app, which may or may not run well on a small machine.
Imagine being concerned about privacy to the point of building your own pocket computer to carry instead of a smartphone, and then installing Windows on it. I can't even stop laughing at this
> and I bet Verizon and AT&T are much more cooperative than Google and Apple with blanket requests.
I'm always confused by statements like this. What makes you think Google and Apple are any different in willingness than Verizon and AT&T? Or what makes anybody think any of them even have a choice turning over data on their users?
What do people think other people do when some law enforcement agencies show up on their doorsteps with warrants?
Because their business models and strategic positioning are different? If you are already packaging and selling a database during the course of your day to day business as carriers and credit card companies do, are part of an oligopoly leaving customers no choice, you don’t lose much by disclosing everything indiscriminately to law enforcement. If you peddle privacy in your ads and have a worldwide audience as opposed to US-only, you may have some interest in actually bothering to check a warrant for basic validity at very least, for example (even if it is just for show and marketing; this argument does not presume any sort of moral superiority, although I do personally believe that companies are not all created equal on that dimension either).
Also, empirically, I trust Apple and Google to keep data more secure from hackers than AT&T.
(I was also careful to use “blanket” requests as opposed to warrant in my original post)
Tech companies are inherently better at public relations because they're closer to the consumer. Plenty of people think tech companies are just somehow different when it comes to corporate morality.
I'm not a fan of the Apple ecosystem, so that doesn't work for me specifically. But I am going to carry a pocket computer that doesn't have cellphone capabilities to replace what I use a smartphone for. And it will be running ordinary Linux, not Android.
I’m curious, as well, what Linux flavor you’re planning to use. I’ve been considering loading Maru¹ on to an old Nexus 5X, and I wonder if that’s what you have planned, too.
There’s just something about running LineageOS on an old Galaxy Tab 2 (still Android, although apparently the hardware support is phenomenal) that has me trawling eBay for cheap tablets.
Well, I'm undecided. Since I'm beginning the process of shifting my machines from Linux to BSD, my inclination is to use BSD if I can. If there's a showstopper there, then I'll go with Debian.
Same for a Galaxy Note 10.1 2014 for me. Works very well though I believe LineageOS has abandoned updates for the device. Battery replacements take minutes to do as well.
Maybe a good fix for this edge-case scenario would be an optional feature to normally refrain from connecting to the networks (i.e. airplane mode) but to override that and connect straightaway when an emergency call is placed?
This would be true assuming the phone has not previously been compromised. Not a safe assumption considering baseband backdoors have been found in the wild and are suspected to be fairly wide spread. https://redmine.replicant.us/projects/replicant/wiki/Samsung...
This is true -- and if you're happy with Android or iOS, then that's probably the best recommendation. But I don't use iOS, and a big part of the appeal of this for me is to be able to stop using Android.
The prototype I have breadboarded up uses an ARM dev board (I'm keeping close to the chip that R-Pis use, so I can leverage that existing code), but the end product will be a PCB of my own design.
Once I've completed the project, it's very likely that I'll write it up on one of my websites. I'll submit the link to HN at that time so everyone can see what I've done.
The short and sweet, it's an ARM-based micro, with WiFi, Bluetooth, a couple of USB ports and an HDMI output (to use with a HUD that I have). It will have an old-school color 4-inch LCD with resistive touch for its screen (not ideal, but the best I can do right now. I'll work on upgrading that to an OLED w/capactive touch in version 2). It will also have 8 physical buttons, because I like physical buttons. It will be in a 3D printed case. The total size will be roughly the same as an average thin smartphone, but will be a mm or two thicker.
It will link up with my watch, which will be the primary way I interact with it on a daily basis. My goal is that 90% of the time I won't need to actually handle the device itself.
Right now, I'm using a Pebble, but I think that watch doesn't have too many years left in it, so I've been looking at building a new one. That's a future project, though.
It depends on your needs. Right now, I use very nearly zero mobile data with my smartphone -- 99.9% of the time, if I need internet access then I'm within range of a WiFi AP I can use. Texting and phone calls, as well as mobile data, can be done with a feature phone that allows tethering.
If they want to, sure. But that's not a threat vector that I'm really worried about -- and should that be a concern for some reason, I can always yank the battery.
That's a setting that can be disabled in Android (assuming they're not straight up lying of course), it even asks you about it during initial device setup, separately from enabling location services in general.
If you mean GSM information it's not quite the same. You can also easily power most non-smartphones off, meaning they won't communicate with the tower.
You can theoretically turn off your iPhone easily as well. Unless your dumbphone has a removable battery it would be just as difficult to trust it's actually off than a modern phone. But sure, removable battery would be an advantage on that dimension, I agree.
There was a story on HN a while ago about municipal workers putting their phones in potato chip bags so they couldn't be tracked. Apparently it worked.
Burner phones have a lot more info about you than people think.
Or at least I know that in one court case there was a nice big 8x10 of the defendant purchasing a burner phone. Apparently a lot of Point of Sale systems, especially where they sell burner phones, are wired to take a nice portrait of you when you purchase. I didn't know that at the time, and apparently, neither did the defendant.
That, combined with the location of his phone matching the location of his license plate around town did him in.
So if you try the burner phone thing, someone else has to buy it, and you should never take it with you to places where there are likely to be security cameras. And you also might want to refrain from driving with it in your vehicle.
Not sure if I want to live my life like I’m planning a bank robbery at any minute. Seems more effective to petition your representative to restrict use of this data.
Well the assumption when proposing a plan is that we want the plan to actually accomplish something. If we don't care about effectiveness, then "ignore the problem and hope it goes away" is clearly the best option.
If you're being targeted by the government, this is something you should be aware of. Using today's convenient tech can get you locked up or killed.
However, if state persecution isn't part of your threat model, a burner is one layer of indirection that might make tracking and identification difficult for surveillance companies.
There are still plenty of slightly-used phones with removable batteries that work quite well. Galaxy Note 3 and 4 (possibly 5?) for a start. I recently got a Moto E5 brand new and it too has a removable battery.
Not even then; many electronic devices (PCs, for example!) have coin-cell backup batterys or large capacitors to keep RTCs and the like running during a battery replacement (or mains power outage).
You don't actually need to transmit the data off a backup battery, just store it and ship it out once a proper power supply is reattached. (You lose the data if someone destroys their phone, but that's a much narrower range of scenarios than "turn it off, but for real".) I don't recall GPS recievers being particularly power-intensive, but there's plenty of other sensors to log, most notably the microphone.
It would be naive to think that Google, Apple, Twitter, Facebook would be less cooperative. Remember, these are profit making entities. You don't pay them enough to defend you to death (also, thinking you could pay so, would be a fool's errand). So, when its business or you, then you are going under the bus.
We can protest all we want and these entities would be ready with their PR script, about how they value their users, blah, blah, blah. Because, they know, at the end of the day, users are going to come back to them, use their platform to protest.
Unless there is a mass exodus towards p2p & decentralized network, these entities aren't going to budge, not an inch!
The carriers have your location data on a dumbphone - only the carriers (certainly not Google) - and that's all the data they have. In addition, I can take the battery out of my dumb phone any time and all their ability to track my location goes away. My dumb phone doesn't have apps and doesn't have wi-fi, which means my data isn't being harvested by every company with an app and every passing wi-fi hotspot. Certainly you'd do better not to carry a phone at all but its just wrong to claim that "the same data" is available (and being broadcast) by your dumb phone.
On the contrary, if you're looking at a particular individual and devoting attention to it then it's generally pretty easy to identify someone based on a detailed record of their location.
Case and point, if you've enabled location history for your Google account you can take a look at your own history and see for yourself just how easy it would be to identify someone given the power to subpoena surveillance footage, vehicle registration records, driver's licenses, etc. For my own data for the month of November right off the bat I walked to a nearby McDonald's and paid with a debit card. Even if they didn't have surveillance footage from all of the cameras in the restaurant they still have financial records of the small number of orders that were placed soon after I walked into the restaurant, that combined with the driver's license addresses and vehicle registration records in close proximity to my house would almost immediately identify me. Even just looking at where someone lives is enough to narrow it down to a tiny list of candidates and for >90% of citizens they are going to be on some record as having that address. In short, tax returns generally indicate where you live, as well as specifically state if any dependents that you claim also live with you. Then there's utilities which are just about impossible to avoid, then there's property records which don't need any subpoena as it's literally public records posted on a searchable website for most (all?) of the country. Voter registration data would also tie an individual to an address. USPS, UPS, and Fedex would be another easy way to come up with candidates, the list goes on and on but unless you're homeless you're going to be on a list somewhere. The next day after the McDonalds I drove to WalMart, where I again made purchases with a debit card and walked around in plain view of a plethora of surveillance cameras and again, just from the time of arrival and the time of departure you can narrow down the list of candidates to a relatively small list and I highly doubt any of my immediate neighbors also went to WalMart at the same time as me and left that WalMart at the same time as me. Also even if WalMart did not cooperate with any subpoena or if I paid in cash, it's not uncommon for private companies to drive around with a license plate reader through parking lots cataloging which license plates are present at a location for the purposes of selling that data to repossession companies looking for cars. I drove to that WalMart in a car registered in my name. After that there's a very obvious pattern indicating where I work and when. The company I work for files payroll taxes, none of my coworkers live anywhere near me, assuming it's just less precise positional estimates that a phone company would have for E911 purposes maybe they'd need to also look at the surrounding businesses as well but still, end of the day I think it's highly unlikely that my neighbors right by my house happen to also work right beside my employer. Right after that I travelled to one of our branch offices which would very strongly imply that I work at my specific employer and not the one in the adjacent unit. After that there's more visiting restaurants and gas stations and paying via a debit card as well as visiting my parents house. That's all in the span of a single week. Even with just a coarse history of the location of my phone it's absolutely trivial to identify me specifically. In fact, just off of the property records alone and some public records to determine employment history and family relationships I'd bet it'd be relatively easy enough to identify me by name even ignoring all of the different areas where police could simply subpoena payment records or surveillance footage.
Location data, even coarse location data, is definitely enough to identify almost everyone if you're in a position to correlate that with additional records. Unless you have your burner phone turned off almost all of the time, it really doesn't matter if the phone provider doesn't have your name, there's so many other sources.
What you seem to be looking for is a single solution to the privacy problem. There isn't one (or it's too cumbersome).
You need to think in terms of risk assessment and onion security. Use your most secure and cumbersome security apparatus for activities and data that afford it.
If you don't want ANY data to be collected about you, anywhere, you're going to have a very hard time. Not even fully analog people can easily manage that anymore.
In summary, ask yourself what you're protecting from. I've gone through a paranoid phase and learn all of this the hard way. It's not fun and brings little tangible benefits.
Excellent advice. My primary concern is to avoid data leakages to marketers, app developers, and the Googles of the world. My secondary concern is to avoid being caught up in dragnet operations of the sort that the article is reporting.
Trying to evade a governmental body who is interested in me specifically isn't really on my radar at all, in part because I'm not interesting to such bodies, and in part because if that becomes a point of concern for me, then I need to stop carrying any devices that transmit radio signals at all.
While I do agree with you generally, I'm not sure there is much you can do if a governmental body wants you for some reason. I always find Mickens to have the best explanation here:
Threat: The Mossad doing Mossad things with your email account
Solution: Magical amulets? Fake your own death, move into a submarine? YOU’RE STILL GONNA BE MOSSAD’ED UPON
Your choice, but its a completely overblown reaction to something. Unless you are willing to give up credit cards, driving, as well as any internet use outside of your residence, then its pretty pointless just to give up cellphones.
> This sort of thing is one of the major reasons why I'm abandoning smartphones.
I haven't been able to find any real dumbphones that will work well in the US (non-LTE call service being phased out). Where are you and what do you plan to use?
I guess from the description that it does have some internet capabilities, but I would assume they can be disabled.
Another option if you're just trying to get away from Google/Apple would be an Android phone with Lineage OS and no Google services. You loose access to the usual Play store apps, but still have a lot more capabilities than a flip phone.
You don't really lose access to the Play Store, you can access it indirectly using the free Aurora app instead.
There is also microG, a free reimplementation of Google Play Services, which would allow you to even use apps that depend on that (for instance, for push notifications).
Of course what I actually recommend is doing neither of those and only using apps from F-Droid instead. But it is an option.
Depending on your usage pattern and whether you need to be able to receive calls or push notifications, it's possible your needs might be met by a laptop with an LTE stick that you only plug in when you actually need data, and a voip client on that laptop for making calls.
Obviously there's some inconvenience here, but it has the nice property that assuming you can use wifi at your main locations (home, work, coffee shop, library, etc), you'll only ever be on the cellular network in between places. And because the stick is naturally de-powered when not plugged in, there's no need to seek out a battery-removable phone.
I think we must have very different ideas of "some inconvenience" when your cellphone replacement is an entire laptop with additional plugin-in peripherals. Got one of those that will fit in my pocket?
The user who started this thread described an intent to replace his smartphone with a dumbphone paired with a "pocket computer" running "ordinary Linux, not Android."
Unless you're using the phone for a lot of calls and texting, it's probably not much worse to do it all from the "pocket computer" or laptop than to have two separate devices.
In any case, I traveled overseas ~12 years ago with no phone and just a white MacBook, so I'm aware of some of the compromises required, things like saving pages and making screenshots of maps, always on the lookout for places likely to have free or inexpensive wifi.
I'm 37 and I've never really owned a smart phone. I'm a Software Engineer, and I fear I would be one of those people that compulsively checks the thing every 35 seconds. I'm much happier having conversations with people around me than starting into a phone, and for me it's easier to just not have the temptation.
Technically I do have a 6 year old Android something-or-other my sister gave me that I use sometimes on wifi (no sim card in it).
I do think I might get a sim for it soon for the convenience, though my usage plan will be different than most people.
Leave the phone off 99% of the time, and just turn it on when I want to use it for something - make a call or send an email.
Install zero apps so I never get notifications or have to deal with things that intrude into my life.
Essentially I will have the phone so I can use it when I want, but not so that it can get my attention when I don't want. It will be an interesting experiment.
I have, yes, and it looks to be a great option. I prefer having a non-smartphone solution that is running a normal operating system (Linux or BSD), but if that weren't possible, I'd likely go with this.
I really can't wait til we have some sort of wifi everywhere, and choice. I currently do use a sim, but it's data only. I haven't used 'cell voice' nor text messaging in a long time. That said, I still need the data connection so still trackable. Once we can get rid of reliance on cellular networks, all kinds of interesting platforms can arise.
> This sort of thing is one of the major reasons why I'm abandoning smartphones.
You should also abandon:
- Dumbphones (AT&T will give LEO all the same information.)
- Landlines (AT&T will give LEO all the same information.)
- Automobiles (Automated license plate readers abound. I suppose if you never drive on a toll road, or an arterial, or within line of sight of a cop car, you may still be OK...)
- Public transit (Passes + pre-loaded cards are the only reasonable way to use them, nobody is going to be fishing for 2 dollars and 3 quarters every single bus trip - and your travel is recorded.)
- Private transit (Uber, Lyft, coach buses, airlines all keep records of passenger travel. I guess you could hand-hail a regular taxi, and pay in cash, if you live downtown, but as we all know, HN hates taxis.)
- Debit cards (Payment processors will give LEO all of your information, and sell the rest to other companies.)
- Credit cards (Payment processors will give LEO all of your information, and sell the rest to other companies.)
- Bank accounts and cheques (See above.)
Have fun commuting by bicycle, paying for every minor purchase with a mixture of one-dollar bills and exact change, and communicating with your acquaintances by carrier pigeon, snail mail, and semaphore.
Alternatively, you can accept that the 21st century is a world where every third party you transact with is constantly making records of those transactions, and where (in the US) the law of the land allows law enforcement to compel these third parties to turn over those records. [1]
You'll be in the company of people who are outraged that passports are required to travel, and that you have to do a background check, credit check, and criminal record check to get a job flipping burgers at Mickey D's.
[1] If you really want to make an impact, this is actually what you should push on. It's much easier to change, than to make every single firm you transact with not keep records.
A person doesn't need a globally completely consistent set of priorities to accomplish anything.
This smacks of the same stupid arguments that you cant possibly not like huge amounts of corporate money in politics if you dare purchase anything from a corporation.
Attitudes like this ensure that nothing changes, ever.
No, it doesn't, because the argument you're presenting is a convoluted sequence of causes and effects, that are all quite, well, arguable.
The comparison I'm presenting is trivial. OP has issue with third party collection of their records, and is dumping smartphones. I point out that this will accomplish nothing meaningful in reducing the global third party collection of their records - especially if they switch to a dumbphone.
Great point, not that I agree with your conclusion that we shouldn't care about privacy, but good point that most supposed privacy people are living in cognitive dissonance.
This is why I always lol at people putting duct tape over their laptop webcams when their phone cameras are completely exposed always and taken to much more private places than their laptops. (Phone microphone too.)
You basically have to accept that nation-states know everything about you and will always know everything about you. Therefore the only practical goal of personal opsec is protection against other civilians.
If you steelman the argument, there’s actually several reasonable alternatives, and this is the benefit of having the discussion: it pathfinds the way for people to get off the bus, and changes the narrative over time.
Yes, because cherry-picking any one of those problems, while ignoring the mountain of other ones is not particularly productive.
If you can't get access to third party record rules overturned (Good luck, there's centuries of legal precedent for this sort of thing), it's not a hill worth dying on.
The problem is the the private sector keeps expanding the amount of data it wants to collect. The other day a store clerk demanded ID from me to buy cough medicine - not the kind you can get high from, just generic honey+lemon flavor powdered acetaminophen (I think the branded version is Theraflu). When challenged the clerk said they can't sell it to people under 18. I'm nearly 50. There's no legal requirement for this in my state, I checked.
If you turn it into a battle, you will be fighting that battle with every single organization that you will ever do business with. You are not going to win any meaningful number of them. Since some of these organizations are monopolies, or duopolies, you can't meaningfully make a choice to opt out, short of becoming a cave hermit.
If you do want to fight, fight the problem at its root - whether or not third party data should be accessed by LEOs through a warrant[1], how it can be shared with other organizations, and what purposes it can be used for. The (much-reviled on HN) GDPR happens to go a long way to address the latter two points...
This requires legislature, not grand-standing about cherrypicked examples. But for various reasons, the hacker community is very much against using legislature to solve these global problems, so it sticks to grand-standing. [2]
[1] As I've mentioned before, centuries of western legal precedent believe the answer to this is 'Of course, how is this even a question?' I don't think that's going to change in my lifetime.
[2] Consider your own example - do you think it's more productive for you to boycott the clerk that wouldn't sell you cough medicine, or to try to change the rules for what requires, and what does not require ID?
This requirement for ID only began recently; I purchased the same product some months ago with no ID. They're probably expanding the amount of data they collect in advance of the new (GDPR-inspired) privacy laws that go into effect here next month.
You're not telling me anything I don't already know, but I think you're overlooking the asymmetrical problems wherein it's far easier for corporations to collect data (even with these regulatory requirements) than for individuals to maintain even basic privacy.
Yeah agree. The only reason I use a smart phone is for everything besides a phone. Sometimes I'll browse on the web, but it's usually because I see so many drones doing it and it looks fun. I don't instagram, tweet. Mainly just reading eBooks, music, and wasting time on youtube, but I've been a good boy lately and have cut down on that dramatically. If only someone had created something where I can upload my music and my books to something without all the connectivity. I can't touch on what I'd call it.
> "The requests, outlined in two search warrants obtained by Forbes, demanded to know which specific Google customers were located in areas covering 29,387 square meters (or 3 hectares) during a total of nine hours for the four separate incidents."
A far more reasonable - and less freightening - request would be: which customers were in 3 of 4 or 4 of 4 areas in the time windows. People of showing up once or twice are likely not suspects.
As much as I hate the idea of government surveillance, I think Google is absolutely not at fault here. They followed a narrow set of warrants to the letter [1]. However, I hate that private companies are legally allowed to collect this much information from us citizens. Even worse is the rare times that a company makes it optional, they are allowed to make it opt out. Letting this continue in the era of ring cameras, smart speakers, and home DNA tests is almost certainly going to inspire malicious actors (please remember that the Nazis used secular census data collected to track down Jews). This is a legislative issue, plain and simple.
[1] > The requests, outlined in two search warrants obtained by Forbes, demanded to know which specific Google customers were located in areas covering 29,387 square meters (or 3 hectares) during a total of nine hours for the four separate incidents.
If they had narrowed what information they collected to the absolute minimum and deleted it as soon as it was no longer required, then they wouldn't have any information to give.
Information is a "toxic" liability. Google chose to hoard it. They are absolutely liable.
Technically the users chose to keep it by turning on location services, which is a specific Google-wide setting that tracks your location. I find it extremely useful so I leave it on. I have asked Google to store my location.
The parent commenter seems to be referring to this article:
Google often doesn’t provide information right away, investigators said. The Google unit handling the requests has struggled to keep up, so it can take weeks or months for a response. In the Arizona investigation, police received data six months after sending the warrant. In a different Minnesota case this fall, it came in four weeks.https://www.nytimes.com/interactive/2019/04/13/us/google-loc...
Friend in law enforcement. They don't know if Google is actually swamped but mentioned that these now take much longer to fulfill than they did in the past. Their assumption is that Google must be swamped.
Doubtlessly, this evidence alone could not lead to a conviction. It's more likely to lead to further search warrants which reveal more direct evidence.
The government had a warrant for the data. You are able to disable the feature which allows Google to collect this location history. If you had disabled it, Google never would have stored it. But with the feature enabled, and with the government presenting a valid warrant, what would you have Google do?
I think this counts as a "general warrant", and is probably unconstitutional. To find which phones were in an area, the location history of everyone has to be searched. But warrants for everyone's location would be illegal, so if Google does that filtering, we kind of pretend it's legal. For now - I don't think this specific practice has been ruled on by the supreme court yet.
As far as Google is concerned - I'd have them not store the data in the first place, and at a minimum have the spying be opt-in, instead of out. But I can't fault them for what they did after getting the warrant. Ideally they would try to fight it and get a supreme court ruling, but that's squarely in the good bucket. As it stands, the best I can hope from them is to be neutral, or at least not too evil.
Most people have acceppepted the device as an advertising board but with targeted advertising, is it possible to target in a defined area and at what resolution. If not today, soon as it is technically possible.
But equally, they have become a form of 1984 in which the citizens freely pay for and constantly upgrade. Orwell never saw that aspect comming.
I find Brave New World by Huxley to be a much more accurate portrayal of the current state of affairs at least with regard to the whole, actively participating in and enjoying our descent into total surveillance and control. There's a YouTube video somewhere showing the comparison but I don't have a good enough connection right now to search YouTube.
