Metadata is surveillance, and it’s too easy to do

One of the key tenets of the argument that the National Security Agency and some lawmakers have constructed to justify the agency’s collection of phone metadata is that the information it’s collecting, such as phone numbers and length of call, can’t be tied to the callers’ names. However, some quick investigation by some researchers at Stanford University who have been collecting information voluntarily from Android users found that they could correlate numbers to names with very little effort.

The Stanford researchers recently started a program called Metaphone that gathers data from volunteers with Android phones. They collect data such as recent phone calls and text messages and social network information. The goal of the project, which is the work of the Stanford Security Lab, is to draw some lines connecting metadata and surveillance. As part of the project, the researchers decided to select a random set of 5,000 numbers from their data and see whether they could connect any of them to subscriber names using just freely available Web tools. Continue reading


Strace for fun and self-education

What strace does is capture every single system call that gets called when executing a program. System calls are the interface between userspace programs and the kernel, so looking at the output from strace is a fun way to understand how Linux works, and what’s really involved in running a program. Continue reading

End-of-year security/technology

. . .
Fun tech:

Decentralize the Internet

a staggering percentage of communications flow through a small set of
corporations—and thus, under the profound influence of those companies
and other institutions. Google, for instance, now comprises twenty-five
per cent of all North American Internet traffic; an outage last August caused worldwide traffic to plummet by around forty per cent.

Continue reading

Arduino and the ETH shield and Asynchronous JavaScript and XML

Even the basics of hardware hacking look pretty daunting. I had not expected a basic Arduino tutorial to go all the way to Asynchronous JavaScript and XML.

I guess I was expecting something more like, “Here’s the difference between an old-fashioned oscilloscope and a modern multimeter.”

It might be time to backtrack to sparkfun and check out their newbie tutorials.