Posted on

Big Brother is watching…..and waiting for you to invite him into your home.

So here is your horrifying thought for today:  Your own government could very quickly have a video and audio surveillance device readily accessible in your house.  But that isn't the scariest part.  You ready for it?  YOU will be the one PAYING to put it there, by your own choice.

 

Don't believe me?  Let's consider some things that have been happening recently: 

 

1. The NSA's massive Utah Data mining center – A 1 million square foot facility, capable of storing yottabytes of data, gleaned from every type of communication device we use.  Also consider the fact that every piece of communication passes through a wire at some point, even your cell phone, so literally EVERYTHING is accessible at some junction point. Even if you encrypt your transmission with the highest level of encryption available today, that doesn't matter in the long run.  If they can't crack it now, they will store it and crack it when they have the ability to in the near future.


2. PRISM – Since 2007 (but more realistically since the Patriot act was first passed in 2001), the NSA has been using your own internet providers, popular sites, and makers of the worlds most used devices to provide direct access of all their products and services to the government.  Since the news broke recently, all the companies on the list of PRISM partners have come out stating, in some form or another, that they are not giving direct or backdoor access to the government, and that they are only responding to court orders as required by law.  I call bullshit, for a couple basic reasons:

A. We've already been lied to, and then when they were caught in the lie, they tried to assure us that it wasn't as bad as we are making it out to be, specifically with federal wiretapping.  We were all told that it was ONLY calls originating from foreign countries or placed to foreign countries, and that the surveillance was extremely limited in nature.  Fast forward to this week, and we find out that was complete bullshit, and that they have been monitoring ALL calls, including ones that are ENTIRELY domestic, for years.  Verizon has been handing over data for years already:  "While the order itself does not include either the contents of messages or the personal information of the subscriber of any particular cell number, its collection would allow the NSA to build easily a comprehensive picture of who any individual contacted, how and when, and possibly from where, retrospectively."  This program has been going on since as far back as October of 2001, in some form or another. 

B. All the companies on the PRISM list don't want a mass exodus from their services.  Why wouldn't they lie, to retain users?  And furthermore, even if they aren't just lying to retain users, it doesn't matter, as they are under a federal gag order from FISA anyway, so even if the wanted to talk about it, the can't!

 

3.  The Ace in the Hole:  The Xbox One – A few things on this to get started;  To operate, the device must call home once every 24 hours (NOTE: this is to be able to play games.  MS has stated that you will not need to connect to watch live TV or DVD's. Who cares, I can already do that without an Xbox).  The Kinect MUST be connected for the system to operate.  Unless you unplug the entire thing, the Xbox One is always on in a low power state.

 

So let's put all this nifty information together into one cohesive thought:  The NSA is building a massive data retention center using, at least in part, the information it is gathering from it's partners listed in the PRISM project.  The very first company to sign on to the PRISM project was Microsoft.  The NSA data center will be completed in October, roughly around the same time that the new Xbox One will be hitting stores.  Do you honestly believe that if they are already tapping your phone, email, web searches, Facebook, and all your other internet communications, that the NSA won't want to get their greedy little claws where they couldn't go before?  Inside your house, directly into your living room?  Into the Xbox One and Kinect, that can record a live video and audio stream?  Talk about fleshing out the whole picture….

 

And the best part is…you are going to pay THEM for the privilege.

Posted on

Are You Writing Anonymously? Well, Maybe.

I’ve pondered running another blog with a more direct relation to my real name. This other blog would cover strictly professional / technical matters. Valuing privacy, not many bloggers write under real names. Over the years, I’ve written under many different pseudonyms on various forums and social media sites. Anyone seriously research me online would find this blog, but could they identify this blog from writing excerpts? How easily could someone associate my new technology blog to crazy political rants here?

There’s been some significant research on analyzing text to match writing patterns. The general idea is that every person has unique linguistic patterns and turns of phrase. Fin can pick out my writing (or her sisters) almost immediately.

At some point, I read about some researchers using compression to identify authors of text excerpts. Compression algorithms create new encoding schemes based on pattern recognition. In theory, we can recognize an author’s style by seeing which piece of writing results in the best compression. Does it work?

The idea seems too simple to work – at least with any meaningful accuracy. Still, finding it fascinating, I decided to run an experiment. Searching my google reader, I found 2 blogs covering similar topics to mine, and a third wildly different blog covering technical posts. Scouring these blogs, I worked at creating a text collection for each author. Excerpts were selected based on covering similar subject matter.

My ‘test’ subjects included a blog post written 3 years ago by myself, a work email sent roughly 3 weeks ago, and a collection of Google+ posts over the past few months. In addition, I grabbed 2 posts from the selected blogs. The work email and technical blog use extremely similar terminology throughout. In theory, the compression technique should fail in this case – picking up technology idioms instead of language usage.

To form a baseline, an unrelated text excerpt is added to each text collection. The collection is compressed using “Zip” and the final size recorded. After forming the baseline, I replace the additional text with each excerpt to identify.

Running the tests, I expected the results to be poor at a minimum. I’d purposefully selected difficult scenarios for the test, hoping to prod it into failure. In the end, all 5 tests resulted in a correct identification of the author. I’d suspected a few to hit on chance, but not a 100% positive identification rate. For those curious, my work email scored first with my personal blog here, and second with the technical blog.

The strongest match? Identifying the social media posts.

I’d guess that increasing the number of authors would decrease the positive ID rate. Still, we could improve that situation by adding to the baseline and test data sets. Obviously, a short test using a common sentence( eg: I’m hungry ) won’t work well. Conspiracy theory thought: isn’t social media providing an ever growing baseline data set?

The idea of social media building the strongest matches has interesting implications for this technique and author identification in general. While we write on social media with our real names, are we working against our interest in remaining anonymous elsewhere? In any security scenario, the weakest element tends to be the humans running the show. While we research technologies such as “Tor” for privacy and protection of political dissidents – the very published speech points right back at the author. Could a child’s grammar school paper condemn them as an adult?

In general, the take away here is that writing on social media, or blogs, or English papers can be used to identify people in other contexts. Could I write this post and publish it truly anonymously?

Not as much as I’d like to think.

— Fate

Posted on

Sprouts and Walkways

Yesterday was a beautiful day and I got a couple outside projects finished up. I cut down and bundled some tree branches and my parents house for them and also finished the walkway at our house between the house and the garage:

I really should have taken a couple before pictures. It used to be mud and you could barely see the stepping stones. The mud turned out to be mud mixed with a bunch of rock that I dug out and found a tarp serving as a barrier. Those black edgers were there already. The only think I had to buy was new rock because I couldn’t get the old rock to wash off, the mud was very much clay. It made a big difference and I like the way it turned out.

Here’s a couple sprout pictures:


That would be Tomatillos and Early Girl tomatoes. The peppers are just barely starting to peek out, we should really be seeing those in a couple days.

My next project? Researching growing my own edible mushrooms. I’m curious how hard/cost effective it is. I know you can get kits for that, but that’s about the extent of my knowledge. Also planning on looking into growing my own sprouts, bean and alfalfa. I know it can be done easily, just not sure how to get started. Research away! :p

–Fin