Phantom Kitty would step all over NY Senate Bill S9197

A New York (state) bill is making the round in the news that would require that if a person would like to purchase a rifle or shotgun, they would need to provide 3 years of social media history and 1 year of internet search history (via access to accounts) to the police chief. (read it here https://legislation.nysenate.gov/pdf/bills/2017/S9197). Although this bill does not seem to have much of a chance at becoming law since it is so obviously unconstitutional, this scenario could easily happen in other countries that don’t have the freedom that people in the US have.

It would be priceless to see the police chief’s face after a year of using a phantom kitty device to inject searches into your search history. If you ran it a few hours overnight every day for a year, you could easily accumulate over half a million additional searches to include in your handout to the police chief.

Introducing the PK PAW

I am pleased to introduce the PK Paw. This device plugs into a computer’s USB port and pretends to type with a keyboard, producing the same results as the Alpha Kit video below without all of the hardware. It is currently available for sale in the store and is compatible with windows using a firefox browser. When it is plugged in, it starts entering search strings automatically until you unplug it and routinely clears your search history so you really don’t know what it did while you left it alone. Make sure to follow the directions to ensure it is properly set up.

Please send me an email if I don’t have shipping options available for your country.

Solenoid Driving Printed Circuit Board for Arduino

Creating the circuit board to control the solenoids added a huge room for error and added much time.  The number of connections made it really easy to screw up manually connecting the dozens of components.  To reduce the chance of error and open up making this to all skill levels (all you need to know how to do is solder), I've worked to create a PCB that is specifically  designed to make this project easier.  I'm on the first iteration of the board which is available in the store.  Features are below:

  • 16 arduino inputs
  • Multiple power inputs
  • 16 outputs for driving solenoids
  • 16 leds for indicating a solenoid is being driven
  • 1 power led for indicating the board has power
  • Appropriate diodes and resistors for driving solenoids
  • Connections for stacking the boards to create 32/48/64/or more input/output connections

The board uses a N-Channel MOSFET for switching the solenoids on.  This makes it silent compared to typical relay-type boards, and is much smaller than typical relay boards.

DSC_0052.JPG

When this Provider Activity Comes to Light, Outrage will Ensue

I had the opportunity to meet an advertising and marketing professional this past week.  Much of the work that this professional worked with is in the field of online ads.  This person informed me that although much of the work that their company works with is on the more 'ethical' side of advertising, the major players such as Google, track and use you in ways that I didn't even realize were possible.  One way that really made me very uncomfortable was that Google will take search terms that you had searched for recently and push ads to people that you are with or will likely be with very soon (by tracking all of your devices and associating you as friends or contacts, and anticipating your behavior).  The purpose is that your friends may see an ad, bring it up in a soon to occur conversation, and you, who have unknowingly started this conversation, will jump into talking about this service/product that you have already searched for because of a thought or need you may have had.  In the end, your search has bled over to your associates to try to sell a new product or service to them, and also, their conversation with you will possibly reinforce your thought, making you more likely to purchase said product or service.  Pure genius or pure evil?

Cambridge Analytica, the Catalyst

It has come to light that company that sells profiling and propaganda products, Cambridge Analytica, has been officially hand slapped by facebook for scraping user data without paying for it.  There are innumerable articles that even venture to state that the crime is the unethical usage of 50 million profiles to help target adds to sway a presidential election.  BONKERS!  This type of data collection and usage is common place and regularly used to influence peoples behavior.  Why do you think the majority of presidential campaigns are in swing states? to influence those that can sway an election.  If you think Cambridge Analytica is the only firm to unethically use data to sway an election, you have been asleep for the past decade or more.  The only "crime" was that they didn't pay for the data and that the data was used to elect a republican. 

All of this is wrong  and unethical, and Cambridge Analytica is just a patsy for countless other data firms doing the exact same thing.  Here's a better idea, stop posting all of your data to facebook and letting them sell it.

Privacy Policy Interpretation - Microsoft

Microsoft Score = 7 - Slimy  (9 Dec 17).  This is a standard policy that provides the most flexibility to the company without much thought to privacy.  It is full of easter eggs and language that is clear data that Microsoft collects is permanent and distributed to multiple other parties for commercialization.

  1. Ethics (1) - Data is collected without you knowing and you cannot opt-out of collection.
  2. Transparency (1) - Windows seems to hoard every interaction that users make with it.  Cortana is stated as recording everything you type without a means to turn it off.  The symbol should just be an eye looking at you...
  3. Security (2) - Identifiers are removed from data after 6 and 18 months.  It is unclear if the data is secure or encrypted.
  4. External Use (1) - Data is sent to unnamed third parties and vendors who's privacy policies are not provided. 
  5. Necessity (1) - There is data that does not appear to be necessary to collect from everyone for the purpose of a graphical computer interface - i.e. keystrokes, search terms on a page, voice data, all data input..
  6. Intent (1) - Data appears to target ads and give to others.  Data gathering slows services so comes at a great cost to the user.

Your privacy is important to us (it really isn't but we want you to think it is, so we made this the first thing you read). This privacy statement explains what personal data Microsoft collects from you, through our interactions with you and through our products, and how we use that data.

Microsoft offers a wide range of products, from server products used to help operate enterprises worldwide, devices you use in your home, software students use at school, and services developers use to create and host what’s next. References to Microsoft products in this statement include Microsoft services, websites, apps, software, servers and devices.

Please read the product-specific details in this privacy statement, which provide additional information about some of Microsoft products. This statement applies to Microsoft’s interactions with you and the Microsoft products listed below, as well as other Microsoft products that display this statement.

Personal Data We Collect

Microsoft collects data to operate effectively and provide you the best experiences with our products. You provide some of this data directly (unbeknownst to you), such as when you create a Microsoft account, administer your organization’s licensing account, submit a search query to Bing, register for a Microsoft event, speak a voice command to Cortana (bet you didn't know that), upload a document to OneDrive, purchase an MSDN subscription, sign up for Office 365, or contact us for support. We get some of it by recording how you interact with our products by, for example, using technologies like cookies, and receiving error reports or usage data from software running on your device. We also obtain data from third parties (so we get information about you without you even using our products).

How We Use Personal Data

Microsoft uses the data we collect to operate our business and provide you the products we offer, which includes using data to improve our products and personalize your experiences (we want to make money off you, so we monitor you). We also may use the data to communicate with you, for example, informing you about your account, security updates and product information. And we use data to help show more relevant ads (we, a software company, sell you software and then make more money off you from ads), whether in our own products supported by advertising like MSN and Bing, or in products offered by third parties (third parties pay is for us funneling them to you). However, we do not use what you say in email, chat, video calls or voice mail, or your documents, photos or other personal files to target ads to you (but we do keep it on file and may sell it to third parties to will target ads to you).

Reasons We Share Personal Data

We share your personal data with your consent (even if you didn't read our lawyerspeek) or as necessary to complete any transaction or provide any product you have requested or authorized. We also share data with Microsoft-controlled affiliates and subsidiaries (without telling you who); with (unnamed) vendors working on our behalf; when required by law or to respond to legal process; to protect our customers; to protect lives (really we swear, we stop terrorists by watching you data); to maintain the security of our products; and to protect the rights or property of Microsoft.

How to Access & Control Your Personal Data

You can view, edit, or delete your personal data online for many Microsoft products (but can't stop us from gathering more). You can also make choices (some, but not many) about Microsoft's collection and use of your data. How you can access or control your personal data will depend on which products you use.

You can always choose whether you wish to receive promotional email, SMS messages, telephone calls and postal mail from Microsoft. You can also opt out from receiving interest-based advertising from Microsoft by visiting our opt-out page. (note that we said that the opt-out is only for targeted ads, we still will collect your data and may sell it to third parties who may target ads to you)

Cookies & Similar Technologies

Microsoft uses cookies (small text files placed on your device) and similar technologies to provide our websites and online services and to help collect data. Cookies allow us, among other things, to store your preferences and settings; enable you to sign-in; provide interest-based advertising; combat fraud; and analyze how our websites and online services are performing. Microsoft apps use other identifiers, such as the advertising ID in Windows described in the Windows section of this statement, for similar purposes.

We also use web beacons to help deliver cookies and gather usage and performance data. Our websites may include web beacons and cookies from third-party service providers (other unnamed entities that pay us give you cookies, and beacons too)

You have a variety of tools to control cookies, web beacons and similar technologies, including browser controls to block and delete cookies and controls from some third-party analytics service providers to opt out of data collection through web beacons and similar technologies. Your browser and other choices may impact your experiences with our products.

Bing services include search and mapping services, as well as the Bing Toolbar and Bing Desktop apps. Bing services are also included within other Microsoft services, such as MSN Apps and Cortana, and certain features in Windows (which we refer to as Bing-powered experiences).

Bing

When you conduct a search, or use a feature of a Bing-powered experience that involves conducting a search or entering a command on your behalf, Microsoft will collect the search or command terms you provide, along with your IP address, location, the unique identifiers contained in our cookies, the time and date of your search, and your browser configuration (and store and sell this information indefinitely). If you use Bing voice-enabled services, additionally your voice input and performance data associated with the speech functionality will be sent to Microsoft (we do keep your voice inputs). When you use Bing-powered experiences, such as Ask Cortana or Bing Lookup, to search a particular word or phrase within a web page or document, that word or phrase is sent to Bing along with some surrounding content in order to provide contextually relevant search results (we monitor what you look at on the page you visit too and what words you look up).

Search Suggestions. For the Search Suggestions feature, the characters that you type into a Bing-powered experience to conduct a search will be sent to Microsoft (so if you type it, then delete it, we still record and keep what you thought you might input). This allows us to provide you with suggestions as you type your searches. To turn this feature on or off, while using Bing Search, go to Bing settings. Search Suggestions cannot be turned off in Cortana (evil laugh...  haha). On Windows, you can always hide Cortana and the search box so as not to use the feature (you can't ever turn it off, just put a sticky note on your screen if you don't want to use it).

Bing Experience Improvement Program for Bing Desktop and Bing Toolbar. If you are using Bing Desktop or Bing Toolbar and choose to participate in the Bing Experience Improvement Program (or got stuck with it with bloatware), we also collect additional data about how you use these specific Bing apps, such as the addresses of the websites you visit, to help improve search ranking and relevance. To help protect your privacy, we do not use the data collected through the Bing Experience Improvement Program to identify or contact you, or target advertising to you (but we do sell it to third parties who might). You can turn off the Bing Experience Improvement Program at any time in the Bing Desktop or Bing Toolbar settings (please don't). Finally, we delete the information collected through the Bing Experience Improvement Program after 18 months (but third parties might keep it longer).

Retention and de-identification. We de-identify stored search queries by removing the entirety of the IP address after 6 months, and cookie IDs and other cross-session identifiers after 18 months. (but don't worry, we still have ways to find out who did it, you know, it might save lives)

Personalization through Microsoft account. Some Bing services provide you with an enhanced experience when you sign in with your personal Microsoft account, for example, syncing your search history across devices. You can use these personalization features to customize your interests, favorites, and settings, and to connect your account with third-party services. Visit the Bing settings page to manage your personalization settings or the Microsoft privacy dashboard.

Managing Search History. Bing's Search History service provides an easy way to revisit the search terms you've entered and results you've clicked when using Bing search through your browser. You may clear your search history on the Microsoft privacy dashboard at https://account.microsoft.com/privacy. Clearing your history removes it from the Search History service and prevents that history from being displayed on the site, but does not delete information from our search logs (haha, you think its cleared, but we keep it), which are retained and de-identified as described above.

Non-Microsoft services that use Bing. You may access Bing-powered experiences when using other non-Microsoft services, such as those from Yahoo!. In order to provide these services, Bing receives data from these and other partners that may include date, time, IP address, a unique identifier and other search-related data (yep, other people give us your info too). This data will be sent to Microsoft in order to provide the search service. Microsoft will use this data as described in this statement or as further limited by our contractual obligations with our partners. You should refer to the privacy policies of the non-Microsoft services for any questions about how they collect and use data.

Search query passed in referral URL. When you click on a search result or advertisement from a Bing search results page and go to the destination website, the destination website will receive the standard data your browser sends to every web site you visit - such as your IP address, browser type and language, and the URL of the site you came from (in this case, the Bing search results page). Because the URL of the Bing search results page contains the text of the search query you entered (which could include names, addresses, or other identifying information), the destination website will be able to determine the search term you entered (we make no effort to hide you or your data from anyone).

If your browser is enabled to allow pages to pre-load in the background for faster performance, when your browser loads a page in the background, it will have the same effect as if you visited that page, including sending the Bing search results page URL (containing your search query) and downloading any cookies that page sets.

Sharing search data for research and development purposes. We share some de-identified search query data, including voice queries (we use your voice without your permission for R&D, well technically its with your permission because you're supposed to have read and agreed to this, if you don't, too bad. You have to use windows cause your employer requires it, so you might as well not even read this and just agree to it), with selected third parties for research and development purposes. Before we do so, we remove all unique identifiers such as IP addresses and cookie IDs from the data. We also run the data through a process designed to remove certain sensitive data that users may have included in the search terms themselves (such as social security numbers or credit card numbers) (but usernames, addresses, names, etc. are all fair game). Additionally, we require these third parties to keep the data secure and to not use the data for other purposes (this is really for a CYA, we really don't check them.. its some new college grads who think they are the shit, you think they care about you?).

Windows

Windows is a personalized computing environment that enables you to seamlessly roam and access services, preferences and content across your computing devices from phones to tablets to the Surface Hub. Rather than residing as a static software program on your device, key components of Windows are cloud-based, and both cloud and local elements of Windows are updated regularly, providing you with the latest improvements and features (but please ignore it is much slower and updates way more often). In order to provide this computing experience, we collect data about you, your device, and the way you use Windows (that you can't opt out of). And because Windows is personal to you, we give you choices about the personal data we collect and how we use it. Note that if your Windows device is managed by your organization (such as your employer or school), your organization may use centralized management tools provided by Microsoft or others to control device settings, device policies, software updates, data collection by us or the organization, or other aspects of your device. For more information about data collection and privacy in Windows, go to go.microsoft.com/fwlink/?LinkId=529552. Legacy versions of Windows (including Vista, 7, 8, and 8.1) are subject to their own privacy statements.

Global Opt Out?

There appears to be a site where you can opt out having random worthless companies using your data to target adds.  

https://www.evidon.com/resources/global-opt-out/

My issues with this site are that:

1) There are 699 companies listed.

2) if you "Opt out of All" it really means "opt out of all with little check boxes" which is 182.

3) You need to manually click on the remaining 517 companies and figure out how to opt out of each of those websites individually (which may not be in English)

4) The "opt out" really means they supposedly won't use your information to provide targetd advertising to you.  But they will presumably still collect everything they can to sell or use elsewhere.

It's a start.  Wait, no, its really not. it looks to be more of a knee-jerk reaction to some sort of regulation and this site doesn't seem effective or usable.  I still am getting targeted adds after opting out, whatever that means...

 

Guardian Article Explains Common Internet Snoops

An article in theguardian highlights many of the common ways you're being looked at while using some of the most common social and shopping sites. 

Here are some interesting highlights:

  • The Apply Magic Sauce tool can use twitter, facebook, or even just a sample of text to identify your demographics and psychological profile. 
  • Data was used to craft targeted messages to voters that were deemed to be persuadable from psychological profiling of online data.
  • Online retailers use economic profiling to steer wealthier shoppers to more expensive items and in some cases even charge them more than standard shoppers.
  • Amazon, Apple, Facebook, Google, and Microsoft all track nearly everything you do to send back to their data centers (not really a surprise here).  There are some ways to limit some of the data sent back in privacy settings, which are typically buried and defaulted to share your data as much as possible.
  • Windows 10 is spyware.

Please check out their full article here: https://www.theguardian.com/technology/2017/may/13/how-to-get-privacy-digital-life-data-monitoring-gathering-amazon-facebook-google