Nainstalovat Steam
přihlásit se
|
jazyk
简体中文 (Zjednodušená čínština)
繁體中文 (Tradiční čínština)
日本語 (Japonština)
한국어 (Korejština)
ไทย (Thajština)
български (Bulharština)
Dansk (Dánština)
Deutsch (Němčina)
English (Angličtina)
Español-España (Evropská španělština)
Español-Latinoamérica (Latin. španělština)
Ελληνικά (Řečtina)
Français (Francouzština)
Italiano (Italština)
Bahasa Indonesia (Indonéština)
Magyar (Maďarština)
Nederlands (Nizozemština)
Norsk (Norština)
Polski (Polština)
Português (Evropská portugalština)
Português-Brasil (Brazilská portugalština)
Română (Rumunština)
Русский (Ruština)
Suomi (Finština)
Svenska (Švédština)
Türkçe (Turečtina)
Tiếng Việt (Vietnamština)
Українська (Ukrajinština)
Nahlásit problém s překladem
Pravidla a pokyny k diskuzím
Nahlásit tento příspěvek
It does seem like a major breach of privacy on one hand but on the other hand imho, I have kind of suspected those things for some time on one level or another so it doenst really suprise me tbh.
Yet it still makes for facinating reading.
Without condoning or condeming it almost seems like an inevitable result of our technologies becoming more connected (internet of things etc) in that at some point there will have to be ( or most likely actually is) a database (s) of collected information which even in the most mundane form would be used to augment things like targeted advertising in the very least.
Of course its almost a whole other topic but there are reasons for like helping authorities to "track" terroism for example.
The "samsung tv" privacy issue was all over the media a while ago although last I read the hack itself was a proof of concept and needed someone to physically alter the device or insert code - after the device had left the manufacturer - ie once it was in your lounge?
That implies a specific security loophole rather than being designed with the backdoor fully programmed and activated with the manufacturers knowledge and consent.
Although personally imho, its a very fine line between that and being able to send a software update that could conceivably activate the "spying function" due to the online ability of the tv.
Reasoning a bit deeper than the media horror stories...
If someone knows better, then please correct me because these points concern me too to be honest.
Some people would argue that such a device being in standby (and hence not "listening") for voice activation may not be strictly true because the standby status to the user could be faked via software as it is basically signified by an led on the unit or a status dialog window via the os of the telly.
Also if the device can be apparently on standby and classed as "safe" in that it is not listening to conversations - how is it that it can be woke from standby with a voice command?
Does that itself not imply that the device is in fact "always listening" so that it can correctly receive and interpret the command to come out of standby mode in the first place?
Thirdly and I may be mis informed on this, but bear with me:
One other concern people seem to have is that devices with voice activation like fancy Samsung tellys, games consoles, tablets and phones and even those imho despicable Amazon Echo -read Alexa in your home cough I mean Amazon always in your lounge gathering info...
...Well Even some interactive dolls for children it would seem have voice activation and online connectivity which to me is frankly messed up and Im generally open minded lol.
I dont know, does alexa or siri for example work fully with no online connection?
Personally I think they would, other than accessing live info on other services - I mean cortana is pretty insistent on windows 10 lol and im fairly sure even without online access "she" or it still has the ability to answer machine specfic queries and searches locally on my device.
I think that the online availability allows greater flexibility for the service sure but my view is that the requirement for third party data processing is basically for targeted advertising but that would be one point where personal data could be captured (or databases leaked via hacks for more insidious means)
My reasoning is that voice recognition on a device even as small as a childs doll surely does not - with todays level of technology- "need" access to third party servers in order to recognise the user and perform tasks expected of it.
It would suprise me greatly if someone pointed out that such technology was not available "on a chip" to function 100% locally and fully on the device within reason, and that it had to use these other third party servers in order to function correctly.
Now understand me when I say "third party servers" that I dont mean connecting to other services to say gather required info on weather, or google maps or social media as a smart phone or the samsung smart tvs mentioned earlier.
I refer to a service that apparently augments the voice processing.
See my point about that surely being able to be computed locally on the device, in this case a doll or a tv.
The original user agreement for those tvs caused a lot of controversy and was in fact re worded and their company response was that apparently the device used third party servers to analyse the received voice commands, process them and send them back to the unit which sounds like nonsense. To me that implies the telly is incapable of processing voice recognition itself and simple sends the data elsewhere between detecting the voice command and providing the appropriate response.
It has to surely be "third party processing" for advertising and information gathering purposes does it not?
Even if that isnt the case, the process is ripe for abuse.
Many people know that in todays connected world, great masses of personal information etc is harvested from our devices and computers, the online services we choose to use etc for a number of reasons.
It is expected, but I think one issue is the word consent.
People are generally happy if a little scournfull to share their data for the convenience it offers them in their daily lives.
But if they think they are being spied on without their consent it naturally concerns people.
Theres another point there about the choice wording of user agreements ( i think by design ) or the current trend where you have to "choose" to opt out of something and are opted in by default which really bugs me. And that being opted into something, is not always as obvious as it should be (again i think by design and to the providers advantage)
Combined with the concern some people had or have regarding the "always on and listening" even when in standby the logic is basically some unknown third party is basically eavesdropping on your conversations which may even be confidential information.
They believe that "all of the voice data" is captured by the unit and sent for processing before being able to pick out and recognise the specific voice commands native to the device and acting on them.
Although these things need to be present and indeed expected on smart devices, a voice activated childs doll does not need access to facebook, amazon or google maps.
As a consolation prize for your patience, you may find this link interesting.
Although not directly linked to Cicada 3301 it makes you think.
A global surveillance program of which many countries including the United Kingdom and USA partake of along with "big companies" like Google, Microsoft etc.
https://en.wikipedia.org/wiki/File:Prism_slide_5.jpg
This was leaked on wiki leaks a while back:
https://en.wikipedia.org/wiki/PRISM_(surveillance_program)
Haha yeah I know right - I do believe its a thing, but Im not saying I believe all of the smaller details because I have not dug deep enough yet.
I mean, media sensationalism springs to mind for some of the points hence why I mentioned "some peoples concerns" but I do think some of it makes sense with regards to the way personal information and data capture is a valuable thing these days.
Thats part of the reason I thought huh obviously the c.i.a up to their old tricks relating to op's original post regarding Cicada 3301;)
Knowledge is Power and all that if only for better advertising but when I weigh it up against some things I have felt for a while and things like wiki leaks, opting in by default, P.R.I.S.M surveillance and data gathering above and beyond what I consider neccesary in certain operating systems its almost not suprising even though I wish I did have stocks in the tinfoil hat market I could be a rich man by now!
But the big issue for me is if said back doors and security loopholes became known to people with darker intent and abused.
Its strange because although Apple is on the list of Prism companies, there was a big deal in the news here a while back about Apple refusing to break their own security on one of their devices for the authorities regarding a certain incident maybe with a terrorist.
And yet, one supposed purpose of Prism is to assist the authorities in doing just that to aid their investigations. Go figure.
Sometimes it crosses the line into the crazy but I know that here in the UK where I live we are paractically a surveillance state and becoming closer to George Orwells 1984 every year.
It apparently gives a few outlines of the previous puzzles presented and what happened.
Kind of a timeline and also an interesting faq if you will.
Emphasis on apparently. It "sounds" about right to me but I am not exactly an expert on Cicada 3301.
Check it out:
http://uncovering-cicada.wikia.com/wiki/Uncovering_Cicada_Wiki
Most recently the space magpies um... i mean blood ravens of 40k "knowledge is power, guard it well"
However, the phrase has been around for sometime it seems...
https://en.wikipedia.org/wiki/Scientia_potentia_est
As a UK based example, look up our governments history with the so called "snoopers charter" - the detailed logging of citizens internet and phone activities ( a years worth of records for each individual no less ) on a database that for a convenient reason does not apply to the polititians themselves... They themselves in the draft proposals are mentioned to have been notified if their info is being recorded or viewed, unlike the public.
Its a very george orwell 1984 scenario though worded carefully its the same in principle imho.
The charter also mentions "equipment interference" which is basically in all but word, state sanctioned hacking or bugging of peoples computers, smartphones, tablets, mobiles etc and that relates to the stories of companies being forced to break their own security for the "authorities" or provide security loopholes / backdoors in software and naturally not be authorised to tell the user about the security issues in their own software by risk of imprisonment.
The flaw I see in this is that this database of personal info ( ok I know it isnt a new idea ) would be accesable to not only the police, and other security and law enforcement as you would expect, but also to other parties like the Department for Work and Pensions (they who offer basic living allowance funds for the unemployed), whom I do believe from experience to be the last people I would want snooping around my personal internet history.
Not because I have anything incriminating that I have viewed in the past year, but because, beside the principle of privacy, the Job Centre "plus" aka The department for work and pensions are one of the groups I would not trust as far as I could throw.
And that goes especially for my personal info and browsing / phone history.
I am employed, although have had the misfortune of dealing with them in the past and well - no just no.
Or you may note the stories of the various "Leaks" of personal information held by internet service providers such as Talk Talk as well as the potential for abuse of your personal data by interested parties.
Dont get me wrong, personally I accept that a great deal of my personal data is held online since its the nature of our modern society and the price we pay for so much electronic convenience. In general.
My own issue, other than that dodgy snoopers charter in my country which I think is frankly disgusting, is that if my personal data or even conversations is to be stored in significantly greater detail than it is today by a (sometimes un named) third party like with the Samsung tv stories, then by all means go ahead!
- I just seriously want these companies to make sure that if they must take and store so much of my life that they strive to ensure that its as secure as reasonably and practically possible, and not have my personal data leaked or abused due to incompetence or corporate greed their part.
Is that asking much?
To be fair, hacking incidents that may cause data to be leaked to the web on the other hand are not great, especially if you are a victim - however on the other hand they can serve to highlight problems and in securities with current systems which "should" force the respective companies to sort their security out.
There are some companies, though I take appropriate precaution by default, whom I "trust" with my data.
Other companies, I would not trust with any of my most basic data as far as I could physically throw them.
And for the most part, these are all successfull, high performing companies with big names that are well known.
Reputation comes into it, but the trust element I feel comes from how long I have used the services of a specific company without incident and more to the point - if issues do arise relating to hacking incidents or potential data leakage, how quickly they either awknowledge the issue, or how efficiently they resolve it?
I mean like say I was an owner of that specific smart tv?
I would personally be inclined to say that I didnt "ask" or knowingly consent for them to record and store "so much" personal, and potentially private, information maybe due to the wording of their original agreement - or simply because while it might be expected on a computer or a smart phone, most people dont expect that level of data capture for a television.
Is that naive?
But the counter argument is often basically the terms and conditions you accepted for the convenience of our service...
Although sometimes it would seem that such agreements are purposefully obscure and long winded by design and yet for example how many people here know the difference in the amount of data capture for Windows 10 from the "basic" or "advanced / detailed" settings?
If you look it up, you will see that there is not much in it. Basic still sends a heap load of telemetry even compared to advanced.
A long time ago when 10 was beta I had a big soap box rant about what Windows 10 was doing under the hood, as did many others.
But now Im not really bothered - again its expected, and I want to use the service right?
And this OS is most certainly designed as a service;)
If I was that bothered I would switch to Linux right lol.
Again its just a transparency issue, why are Microsoft not so up front in saying hey if you want to know specifically what data we are monitoring on your machine then just click this link or hit this tiny button? But they dont. They just say the meaningless "basic" or "advanced".
Just think of it as an intermission and not a thread de railment :P
I wont post any more security rants unless someone specifically responds to my posts on the topic. Promise!
Seriously though, hopefully there will be some more thoughts on Cicada 3301 here soon.
I see what you did there lol.
But I will take the bait, if only briefly ;)
In answer to your question, I think "anything" that requires a password login online should be mandatory in forcing users to create strong passwords in the very least.
Some do, others less so - or at least have some form of two step verification.
One thing I think is daft is those "age gate" restrictions? I see them here when viewing certain products on the store page but really whats the point?
Anyone can say they were born on Janurary 1st 1929 and the system is like "oh cool, you are old enough - go ahead and view this mind warping age restricted content"
I see them on some websites - like the Eternal Crusade homepage and tbh just cant be bothered and usually go elsewhere. Lazy? Maybe, but its the principle, ya dig?
Also, it need not be published as public information, but why can our Steam accounts just not have our age entered in some account dialog and be done with it so we dont get those daft age verification screens. They are just another barrier to click through when browsing and a useless one at that lol :P
But at the end of the day, you can have the best passwords, the greatest security protocols and the most badass firewalls in the world.
The weak link can often be the human element in the chain and it probably always will be for a hundred reasons sadly.
Humans, unlike machines can be manipulated with social engineering for example or fall prey to scams, lack of training, laziness etc so while its great to have strong passwords, they are not the only thing people should be made aware of.