Bits of Books - Books by Title


Data and Goliath:

The hidden battles to collect your data and control your world by Bruce Schneier

by Bruce Schneier



Fitbit collects so much data from you that it can tell when you're having sex.

Student in Europe sued Facebook, demanding that they show him everything they had stored about him. After a two-year legal battle, Fb sent him a CD with a 1200 page pdf file. All the photos and pages he'd ever clicked on, and all the ads he'd been exposed to. Fb doesn't use all this information, but it finds it easier just to store everything.

We don't lie to our search engine. We tell it exactly what we are thinking about, as clearly as possible. If Google wanted to, it could figure out which of us was worried about their mental health, thinking about evading taxes, or planning a violent protest. Google actually knows more about what you're thinking, because Google remembers everything.

Google autocomplete: if you type "Should I tell my w...." Google will offer "Should I tell my wife I had an affair" and "Should I tell my work about my dui." Google knows who clicked on those completions, and everything else they searched on.

Cheap surveillance equipment: $80 pen with hidden camera and mic so can record any meeting; a camera hidden in a clock radio or a smoke alarm; $120 for a device which will disgorge all the data on a smartphone.

Big money in car repos, so towies and spotter cars drive round with roof cameras, using plate recognition tech to look for a match with numbers on database of delinquent payers.

If you read a book on a Kindle, Amazon knows exactly how much of it you read, where you stopped, which bits you highlighted.

Buzzfeed runs lots of little quizzes, which ask quite personal questions about incomes, savings and habits. It saves all the responses. WebMD saves all the queries and answers on medical searches and forums.

Face recognition scanners are already better than humans; iris scanners that can work at a distance; gait recognition systems.

US Postal Service photographs the front and back of every piece of mail sent in the US.

Car companies record your location from GPS in your car.

We are actually living in a unique time period in that surveillance is still visible - we can still see the CCTV cams; we still produce physical bits of paper when asked for ID. But in the near future, this will all be invisible - micro cameras everywhere (in the name of crime prevention), and your identity will be known from your smartphone (in the name of convenience - and it will be very difficult to do anything without one).

The value in big data sets is the inferences that can be drawn. Your grocery buys tell on your medical and alcohol consumption. Marketers look for patterns that indicate you plan to do something expensive, like travel, get married, have a baby, buy a home etc. Facebook knows you're engaged before you announce it, and gay before you come out - and its postings may reveal that without your permission.

And, because all your data is stored, companies or governments can go back years to discern relationships or activity. The NSA stores all phone records for 5 years. If a NSA operator chooses to look at anything on your file, all your data is kept indefinitely. If you use certain search terms, all your data is kept indefinitely.

Having large data sets lets NSA fish for speculative connections. Can find everyone who has a similar pattern of search queries, who are also in the same place at same time, for example. Or if you know that a person-of-interest was at say a coffee bar at 10am on Monday, a book shop at 12 on Tuesday, and a rail station at 4pm a week later, they can find everyone else who was at the same places at those times. All from cell phone meta data. So even if two people are apparently not communicating electronically, the algorithm links them as probable associates.

The NSA collects data on people who turn their phones off, and for how long. It then looks for other people who turned their's off at same time, implying they were at a secret meeting.

Tracks burners - phones which are used for a short while then never used again. And it uses the usage pattern to chain them to the next temporary burner.

It's the ability to co-ordinate all this data that gives it its power. CCTV plus increasing cheap and small drones filming all public areas, plus increasingly accurate face and body recognition software, plus the billions of tagged photos, from drivers licences, Facebook, newspapers and magazines, school yearbooks that can be correlated, and stored, forever.

Not just govt agencies. Carnegie Mellon U researchers put up a camera on a public street, and used just facial recognition software to find a match with a Facebook identity, then linked to other public databases to display personal info about that person, in real time, as the person walked by.

Maintaining anonymity is just about impossible. You only have to slip up once, and forget to enable your protections, and your name will be forever linked to that anonymous provider you are using.

The woman who had an affair with the CIA director David Petraeus, used hotel and public networks when she anonymously emailed him. But when the FBI correlated hotel guest records, hers was the only name in common.

Imagine the US govt passed a law requiring all citizens to carry a tracking device. You will be required to notify the authorities every time you make a new acquaintance. And you need to provide copies of all your emails and phone conversations.

Of course, the law is not needed - you do all this voluntarily.

When first got the Internet, it was non-commercial, so 'free' became the default. But 'free' is a special price, and we don't act rationally around it. We consume more, and we value less, what we are giving away in exchange.

Some argue that "you don't have to use these services". But that is completely unrealistic. Cannot imagine any student getting through school without using search or Wikipedia, much less finding a job. These are the tools of modern life. They're necessary for a career and a social life. And choosing among providers is not a choice between surveillance and no surveillance, but only a choice of which lords get to spy on you.

(New Scientist)

"DEAR subscriber, you have been registered as a participant in a mass disturbance." This text was sent by the Ukrainian government last year to everyone with a cellphone known to have been near a protest in the capital, Kiev.

Just what you'd expect from an ex-Soviet country? Not so fast. In the US and Europe, police are also seeking information on phones linked to specific places and times - and always without a warrant. We're all spied on. Our phones are bugged, our laptops inveterate informants. Reports on activities that define you - where you go, who you meet, what you buy - are sold to the highest bidder. But do we notice? And do we care?

Bruce Schneier does his best to make us do both. But it's tough: as it fades into the background, surveillance gets easier to ignore. For Schneier, this is a unique time to take a good look at the leviathan before it submerges forever.

So what is surveillance? The US military defines it as "systematic observation". It controls "what we see, what we can do... ultimately, what we say", says Schneier. A director of the Electronic Frontier Foundation in San Francisco, Schneier has been a go-to expert for years. He helped analyse some of the more technical documents leaked by Edward Snowden. But he wears his expertise lightly: the book moves fast and references are relegated to pages of notes.

There are brilliantly creepy examples. Take Cobham, a UK company that sells a system which allows "blind" calls to be sent to your phone. It won't ring, so you won't know you received it, but it makes your phone send a signal so callers can track it within a metre. Then there's Lower Merion School District in Ardmore, Pennsylvania, which installed spyware on laptops for its pupils. School administrators could secretly record chat logs, monitor web use and photograph the kids. This was exposed when a student was shown a picture of himself taking drugs. It turned out to be candy.

And image-based surveillance is poised to make things worse. Researchers at Carnegie Mellon University in Pittsburgh, Pennsylvania, set up a camera in a public space and identified people by combining face-recognition software with Facebook's publicly tagged database. By correlating names with other databases, they displayed data about individuals in the time it took them to pass by.

Many dismiss all this. Schneier cites a Google executive who told him that worrying about a computer reading your email was like worrying about your dog seeing you naked. It's not, Schneier rejoins: your dog won't base decisions on what they see, and will certainly never tell anyone.

Another common justification is that we're only giving up our metadata: the "to" and "from" of emails, not their contents; and the time and duration of calls, not what was said. It can still be highly revealing information and is the equivalent of someone tailing you and reporting who you spoke to and for how long, he says. And whatever's collected is stored indefinitely, often because it's cheaper and easier than filtering out the juicy bits.

Worse, what doesn't bubble to the surface today could do so tomorrow with new techniques. Take Alfred Kinsey's sex research subjects, who participated in the 1940s and 1950s only under the strictest anonymity. In 2013, a study showed that in principle it would be possible to identify 97 per cent of them.

Snooping that once required a warrant and was subject to tight regulations is now routine. At one time, recounts Schneier, an FBI agent listening to a mobster on a bugged phone was required to stop listening when a spouse or child came on the line - quaint niceties compared to the practices of the US National Security Agency and the UK's GCHQ.

How did we get here? Fear - of terrorism in particular, says Schneier. But anti-terrorism laws suffer from mission creep and create a culture that normalises surveillance. How to get out of this is one of the big questions of our time, he adds.

So what can we do? Here, the impish anarchist in Schneier gets loose. Use the anonymising, ad-blocking, cookie-munching solutions available, he says, but also mess with the system: put stickers over laptop cameras, add noise to the data by searching for random names on Facebook, wear masks or face paint to confuse CCTV. He's only half joking. If data is the pollution problem of the information age, then protecting privacy is the environmental challenge. Can we make a difference?

Schneier calls himself a short-term pessimist but a long-term optimist. In 50 years, he says, people will look at today's data practices much as we now view practices like tenant farming or child labour. I'm not so sure. It may well be a generational issue, but not the way Schneier thinks. Few people under 30 worry where the data on their phone goes. Your feelings about Venmo, say - an app combining a digital-payment service with social-media updates on who you're paying - will also depend on age. And sexting is as common among teens as texting a decade ago. What if we look back at surveillance angst as a hang-up we had to overcome?

More books on Computers











Books by Title

Books by Author

Books by Topic

Bits of Books To Impress