Did you think that using a VPN when browsing the world wide web would be more than enough to be safe from surveillance programs and tracking efforts from various organizations, advertisement companies, and government agencies? How about using TAILS OS? If that’s the case then unfortunately you were wrong. No VPN or specially designed operating system could counter some of these ingenious tracking and surveillance techniques mentioned on this list.
No matter how much we are up for protecting our privacy, thanks to rapid technology advancements it is becoming extremely difficult from becoming a victim – a piece of data for sell, to be analyzed, or abused. Here is a list of 10 creative ways some companies and government agencies are collecting information about you without your consent and there is not much that you can do about it unless of course you are someone with 10 gold mines or someone willing to give up on all the pleasures of life.
Have you ever owned a smartphone or a tablet which utilizes the Android OS and used it to connect to any WiFi network? Chances are high that Google knows your WiFi password. According to a report back in 2013, If an Android device (phone or tablet) has ever logged on to a particular Wi-Fi network, then Google stores the Wi-Fi network password in plaintext on its servers by uploading backups from your Android device.
Do you know what the worst part is? The FBI, NSA, and any other government organization across the globe would no longer need hackers and cryptographers to exploit vulnerabilities in WPS. Simply if Google (Member of the PRISM surveillance program) is sharing your password with government agencies then they can connect to your WiFi network and easily eavesdrop on and modify any unencrypted Internet traffic. An attacker can scan for computers, phones, and tablets on the connected network, scan for open ports, and exploit vulnerable services. WPA2 encryption and a 24 digit password can not save you from this massive invasion of privacy!
The good news, however, is that Google can only continue to do this till the time you allow backups of your device. To disable this act, go into Settings -> Search -> Backup and Reset -> Google Account -> Back up my data -> OFF
9. Printer Steganography
Printers are a type of technology we have come across at least once in our lives, some even use it daily to perform some important tasks such as printing homework at school, printing sensitive documents for your lawyer, or printing important company documents. In 2015, Electronic Frontier Foundation A.K.A EFF reported that all printer manufacturing companies that produce color laser printers signed a secret agreement with government agencies to include “Yellow dots” on printed documents. The dots can later be decrypted to find out the date and time of the printout, serial number of the printer, and any other helpful information to locate the origin of the document. In short, making the documents easily traceable through computer forensics.
How this works is that when you print a document, the printer embeds “yellow dots” on the printed document which you can not see from the naked eye. Instead you would need a blue light and a dark room to view the dots. While there is speculation that the existence of this is to prevent counterfeit currency notes and originally introduced by the U.S Secret Service, it has been used by government agencies like NSA to keep tabs on civilians. To counter this, you could go the same route as the German government which has decided on using typewriters to counter U.S surveillance. Unfortunately, at this moment there is not way to disable the printing of these yellow dots. Perhaps you can ask the United States Secret service for me?
Sounds like something from the Star Wars movie series but I assure you, it is nowhere close. What is Stringray, you may ask. Stringrays or IMSI (International Mobile Subscriber Identity) catcher, is a cell phone spying tool that allows an attacker to track and record locations, intercept internet traffic and phone calls, install malware on phones, send fake texts, and perform man-in-the-middle attacks. How Stringrays works is that a Stringray impersonates a legitimate cell phone tower, then tricks, and forces all nearby cell phones to connect to the decoy cell tower.
California Police Department has in the past mounted DRTBOX (Military-grade surveillance technology with capabilities of Stringray) on to aircrafts to eavesdrop on conversations from the 16 million people who visit Disneyland annually and crack carrier-based encryption. In a similar way, the New York Police Department has used Stringrays over 1,000 times to track and eavesdrop on civilians without any warrant. At this moment, apart from using end-to-end encrypted messaging apps like Signal, there is no way to truly counter this privacy threat.
7. License Plate Readers
Perhaps you’ve seen License Plate Readers also known as Automatic License Plate Reader/Recognition attached to the trunks of police cruisers: two or three mounted cameras, pointed down at an angle as if its looking at the feet of passersby. But they’re not checking out your shoes they’re reading the license plates of every vehicle, parked or moving, that the police cruiser passes. License Plate Readers are cameras that can capture up to 1,800 license plates in a minute with vehicles speeding up to 150 MPH (Miles per hour). These scans are then automatically saved in a database and once any authorized personnel searches for a specific license plate number, it would turn up a list of all the sightings of the registered vehicle. Which means if someone has your license plate number they can know where you go, how often you go, at what time you go, and how many passengers are in the vehicle with you at that time.
6. RFID Chips in Drivers License and Passport
Everyday before we leave our homes, we make sure that we grab our drivers license and credit/debit cards then pretty much forget about them through out the day. But did you know that most states in U.S.A are now embedding RFID chips in driver license and passport books, which would now make it easy to verify the credentials of an individual. Rather than swiping the strip of the ID, you would now hover the chip over a machine which would run the data through a government database to verify if a person is who they claim they are, however, not everything comes flawless especially where technology is concerned.
Back in 2009, a security researcher, Chris Paget, proved how big of a threat RFID chips could be. The researcher with only a $250 device made from mainly scrap materials drove around San Francisco for only 20 minutes and was able to clone two passport cards without the knowledge of their owners. With such a threat and the rise of RFID chips, it will only prosper identity theft crime rings.
5. Social Media Access at U.S Airports
You read that right. Just a few months ago, a new proposal was submitted by the Department of Homeland Security where people arriving into the U.S would be required to provide social media information to customs and immigration officers. And I quote:
“Collecting social media data will enhance the existing investigative process and provide DHS greater clarity and visibility to possible nefarious activity and connections by providing an additional tool set which analysts and investigators may use to better analyse and investigate the case”
Refusal to provide such information could result in deportation, but allowing access to social media would mean handing over your private and personal conversations. Who is to say that after you have left the airport, no one would continue to be monitor your social media activity? Speaking of which…
4. Tracking location by MAC addresses
You think giving social media access at the airport is bad? This one’s even more worse. Have you ever been at an airport waiting for the boarding gates to open? You know how torturous the wait is so like everyone else you unlock your smart phone and connect to the airport WiFi network to help pass time.
According to documents leaked by NSA Whistleblower Edward Snowden, Canadian spy agency tracks airline travellers even days after they have left the terminal by capturing the device’s MAC address from the complimentary provided WiFi service at the Canadian airport. Later by cross-referencing it with the intercepted information from Wifi at cafes, libraries, and other public places.
3. Your Car
When you have to pay your bills online, you enter your credit/debit card details online to initiate a transaction. Likewise when you own a modern car with bluetooth, it is hard to resist from its convenience and you permit the bluetooth system to connect to your phone and download the phone book. How else could you use the GPS on your phone (that is if your car doesn’t already come with a GPS navigation system)?
If you have ever utilized the car technologies on your modern motor-vehicle then chances are extremely high that your home and recent addresses are saved in your cars navigation system and your phone book is stored in the cars memory system. The question now arises is that what happens when someone steals your car? Can they access the list which contains all the contacts on your phone and could they find out where you live? Absolutely!
2. United States Postal Service (USPS) Mail
Not to be confused with UPS, the USPS is an independent agency of the United States government and provides postal service within the U.S. There are many reasons as to why the USPS landed on this list but there are 2 reasons which every dark net marketplace user should be concerned about.
The first reason, according to an article by the NYTimes in 2013, the U.S Postal service is responsible for logging every mail that they process for various law enforcement agencies. At the request of law enforcement officials, postal workers record information (Metadata) from the outside of letters and parcels before they are delivered. Metadata includes names, addresses, return addresses, and postmark locations, which gives the government a pretty good map of your contacts – who your bank is, where do you spend your money, your recent purchases, who your doctors are, what items have you bought online. Tens of thousands of pieces of mail each year undergo this scrutiny.
The second reason, according to a 2007 U.S Department of Justice letter, the US government is not allowed to open first class or priority mail, however, mail of other classes can be opened WITHOUT any warrant! This means that even if an officer gets a “gut” feeling but there’s no probable cause, they can open up your mail and manipulate the package/mail without any second person even catching a wind.
1. Your Smart TV at home
According to a spokesperson from the company, Samsung Smart TV only collects voice sounds from the TV and the remote, each having their own dedicated microphones and the intended use is to make your navigation on the TV smoother, however, who’s to say that your evil plans aren’t being recorded and being forwarded to the appropriate authorities? So next time you are around your Samsung Smart TV or the TV remote, you should avoid talking about tax evasion, drug trafficking or production, cheating on your significant other, weird fetishes, or perhaps even your PayPal credentials. If you are someone who can live without the built-in netflix or web browser then one thing that you could do is to disable/disconnect your Smart TV from your home WiFi network so this way no information can be transmitted over the internet. But your TV is not the only thing in your home spying on you, these days any IoT (Internet of Things) at home can be eavesdropping on you at any given moment. You can read further on this topic at HuffingtonPost, CNN, and TheGuardian.