Spying on Phone Calls via Ear Speaker Vibrations Captured by Accelerometer

As smartphone manufacturers are improving the ear speakers in their devices, it can become easier for malicious actors to leverage a particular side-channel for eavesdropping on a targeted user’s conversations, according to a team of researchers from several universities in the United States. The attack method, named EarSpy, is described in a paper published just before Christmas by researchers from Texas A&M University, Temple University, New Jersey Institute of Technology, Rutgers University, and the University of Dayton. EarSpy relies on the phone’s ear speaker — the speaker at the top of the device that is used when the phone is held to the ear — and the device’s built-in accelerometer for capturing the tiny vibrations generated by the speaker.

— source securityweek.com | Dec 28, 2022

Nullius in verba


How to Protect Yourself If Your School Uses Surveillance Tech

There are more eyes on students today than just a teacher’s watchful gaze. Thousands of school districts use monitoring software that can track students’ online searches, scan their emails, and in some cases, send alerts of perceived threats to law enforcement. A recent investigation by The Dallas Morning News revealed that colleges have been using an AI social-media-monitoring tool to surveil student protesters.

While technology companies claim to be able to prevent violence, there’s little proof that surveillance can actually protect students. Meanwhile, monitoring software has been used to reveal students’ sexuality without their consent. Low-income, Black, and Hispanic students are also disproportionately exposed to surveillance and discipline.

If your school (or your child’s school) uses monitoring software, there are a couple of steps you can take to protect your privacy—and start a conversation with your school.

Ask Your School These Questions

It’s important first to understand why your school is using monitoring software in the first place. In the US, schools are required by the Children’s Internet Protection Act to have some kind of web filtering in place to prevent students from accessing obscene or harmful material online. Schools are not required to implement sophisticated technologies

— source | Pia Ceres | Oct 10, 2022

Nullius in verba

Privacy at School

Wired published an article of advice for students about how to resist surveillance by their schools.

The advice it gives is valid as far as it goes, but it falls far short of what students need to know to resist all the threats.

The article poses the question:

How is student data secured?

This question invites confusion. If someone claims to keep data about you “secure,” what does that mean? Secure from whom? The school’s computers are unlikely to keep anyone secure from snooping EdTech companies that operate with the school’s cooperation.

“Using your own personal device” usually means using a snoop-phone. It may protect you from snooping by the school and by EdTech companies, provided you never use it to visit a site that has anything to do with the school or an EdTech company and never do unencrypted communication [1]. But the device was made by a computer company—usually Apple or Google—that also made the operating system in it. That system always contains nonfree software that snoops on you plenty. Most apps for that snoop-phone are nonfree, and they

— source gnu.org | Richard Stallman

Nullius in verba

Is Revised Data Protection Bill a Charter of Surveillance Capitalism?

The new avatar of the Indian Data Protection Bill 2022 is not simply a rebirth of its 2019 version. Its earlier objective was to provide a legal framework to the Supreme Court’s Puttaswamy judgement that privacy is a fundamental right. The purpose of the 2022 bill is different. It proclaims the citizen’s right to privacy but allows the government to override it. Its other objective is to enable Big Businesses—Indian or foreign—to use our data for their benefit. In other words, the 2022 bill intends to do the opposite of what it claims: not protect privacy but create the architecture of a surveillance state and build surveillance capitalism.

I don’t argue the 2019 bill was perfect. It was not. The Joint Parliamentary Committee suggested 92 amendments in it. But after extensive reviews in Parliament, public discussions and deliberations in the JPC, the government suddenly withdrew the bill and released a new one without explanation. The answer materialises when we examine the

— source newsclick.in | Prabir Purkayastha | 10 Dec 2022

Nullius in verba

Tor Browser 12.0 Released

Tor Browser 12.0 is now available from the Tor Browser download page and also from our distribution directory. This new release updates Tor Browser to Firefox Extended Support Release 102. Once again, the time has come to upgrade Tor Browser to Firefox’s newest Extended Support Release. As part of that process, anything that may conflict with Tor Browser’s strict privacy and security principles has been carefully disabled.

— source torproject.org | Dec 7, 2022

Nullius in verba

Who’s Watching

During Berlin’s annual Fuckparade in 2000, Matthias Fritsch took a video of a bare-chested reveler whose hypnotic dance moves on the Rosenthaler Straße would subsequently earn him, in the blighted annals of internet virality, the moniker Technoviking. This parade attendee was not pleased by the sudden virality and sued Fritsch for infringing on his personality rights. A Berlin court eventually sided with the unwilling celebrity, who continues to remain anonymous, and ordered Fritsch to pay back what he’d earned from YouTube advertisements, as well as court fees. This past summer, New Yorker Lilly Simon realized that a stranger had taken a video of her while she was riding on the subway and posted it to TikTok, speculating that her neurofibromatosis type 1 tumors were monkeypox lesions. Simon posted a response calling the person out for filming her, and the original video was eventually removed—long after it had already gone viral—though it’s unclear if it was deleted by the poster or taken down by the app.

These incidents and their digital afterlives reveal the diminished extent, in an age where antisocial surveillance masquerades as social media, to which any of us might expect to have a right to “privacy” in public. In the United States, this right is a relatively new legal idea, despite the fact privacy as a concept predates its articulation. Originally conceived in the nineteenth century, it arose in response to one of the technological advances of the time: the camera. As more and more people started taking photographs—and

— source thebaffler.com | Marina Manoukian | Dec 1, 2022

Nullius in verba

Privacy Is the Entry Point for Our Civil and Basic Rights

JJ: Well, maybe let’s start with the shape of the problem. What are the concerns right now around data privacy that are generated specifically by this court ruling and other rulings around abortion access and its criminalization? What could happen? Or what do we see happening?

NB: From the outset, the gutting of Roe by Dobbs is so devastating for, of course, the constitutional reasons, that at one time, Roe codified and really affirmed that abortion was a basic right.

Dobbs, in overruling that, overturning that, has laid open states to pick and choose whether they will allow abortion providers and individuals that kind of right.

But we’re in a very different moment now in 2022 than we were in the 1970s, and that’s really because of the rise of the digital age. With it, as you mentioned in your opening, is that the Internet is our primary pathway for almost everyone, I think, to information, to healthcare to, you know, telehealth appointments.

— source fair.org | Jul 27, 2022

Nullius in verba