Engineering is great because of that. You can try to introduce all the gender or social justice bullshit you want into it, but at the end of the day the thing either works or it doesn't.
True! The scientific method was devised by the same people that directly inspired our nation. It was meant to be a method through which anyone could reproduce the same results and compare, allowing the people to garner true knowledge instead of relying upon a large body to filter it to them.
Obviously, we're in need of a return to form on that. Climate change science is a chief example. Somehow, ONLY the giant science foundations have the resources and the abilities to process the data right, violating that concept that science should be accessible. Obviously, with something as complex as that, that makes a degree of sense, but nonetheless, there should be performable experiments by individuals that can verify their data, yet there does not appear to be.
Is it wrong? I can't prove it's wrong, but I take it with a strong dose of skepticism because if it's inaccessibility (and everything else wrong with it).
Another example might be astrophysics/space science. Unlike climate, however, it IS observable and reproducible by individuals if necessary. People have launched their own satellites and such; curvature of the Earth can be measured by math, and the patterns of the planets and stars can be observed with fairly simple equipment (depending on the scope talked about). In instances of much greater depth (stuff about expansion of the universe and so on) many of the facilities where that data can be found are relatively accessible to the public (large scale space telescopes, for example).
In the private sector if I had an employee who continued missing their marks and insisting that they just need to update their model with new information I would give them an opportunity to do so at least once, but would require them to set bounds on reliability of an acceptable prediction beforehand based on their previous results.
If the model proved to be inaccurate a "second" (I'd assume there would be iterative development and improvement of the model in-between assessments and issuance of predictions) time I would suggest that two things be done before proceeding. (1) Find a comparable system and model for a different data set and determine what their success metrics are and (2) Assuming that there was a significant variance (there would be in this case) I would suggest that they reduce the complexity and shorten the development cycle by breaking the model into smaller component models.
Ideally you would then end up with a system where things like the following scenario could be modeled and specifically tested using components with standardized inputs and outputs that could be refined overtime whenever they were used in a meta model.
Alice wants to know what impact on the reproductive cycle of an endangered bird species a 50% increase in algae blooms in a waterway adjacent to their habitat could have over the next 12-months and which variables, if any, could reduce the velocity of any negative impact on desired outcomes for that bird population.
This approach requires an extraordinary amount of structured data but typically produces excellent results over time as individual issues with component models can be addressed and resolved verifiably on a case by case basis. It also means that labor is conserved across the organization because the component models, assuming standardized input/output with some wiggle room, can be repurposed as is or with modifications (Docker for Data Modeling essentially).
If you only get your tech license, I would encourage you to follow through with upgrading your ham license at least once (to general class). That's a good plan. The local comms that exist in VHF/UHF are fun, but the stuff below 50 MHz are where radio really comes into its own.
Communications on those bands are challenging. You have to understand antennas, how to aim them, and how to check and exploit current atmospheric conditions. It's a bit like sailing, in a sense. Equipment is expensive off the shelf, but building from scratch is entirely feasible.
Past the science, though, this spectrum of radio frequency is unique in that it is the only human technology that allows for worldwide communication without use of external infrastructure. No satellites needed, no comm lines, nothing. The equipment is even feasible to run on solar power, as the energy requirements are modest. It offers a form of independence that can be found no where else.
It is no longer required, but if you have the ear for it consider learning morse code. If you don't have a look at small signal digital modes (FT8 and JS8 Call in particular).
What these transmission modes have in common is narrow bandwidth, and as a result energy efficiency. They let you reach the whole world using modest equipment, and in the case of CW morse code transmission, extremely simple equipment.
I wonder if I could connect my old circa 1988 Radio Shack CT-200 Transportable Phone. Assuming it would even still work as it was a kids toy for years (no battery of course).
That phone uses the old AMPS-800 cellular standard. It predates even the 2G CDMS/GSM stuff.
The last service in the US was discontinued in 2008, and has since been discontinued in much of the world.
It actually uses the same frequencies as modern LTE stuff, but it won't talk to any current towers. Turning it on is probably not the best idea from an interference perspective -- at this point it's basically nothing more than a mostly ineffective jammer.
AMPS was the best. Signal in the middle of nowhere, guaranteed. No one cared that it may have required a 5 foot trunk antenna, but you could always get a call out. It just worked, and it worked beautifully.
Also analog if I recall correctly.
We were on amps to the very end. Probably made one of the last calls too when they flipped the switch.
Now we're sitting here watching Ebay for Iridium phones at a less than new price but might as well get a new one at this point
Yup. Analog. Unencrypted. Good old fashioned FM voice.
Some congressman or other got caught doing something embarrassing when someone recorded his call on such a system.
That's why those two windows in the 800 MHz band are blocked on scanners sold in the US. All comms on those lines are long since encrypted, but the law remains on the books because some idiot in congress thought the best way to secure the signal is to outlaw receivers.
Never got rid of mine, I'm the only one in my family who has a flip phone (even grandma and grandpa got them), and I'm the only one out of my friends who has one. Feels good.
I wonder if i can find a dumb phone i can stick my sim card in. Pull it out and stick it in the smart phone that I literally only ever use at home, in the off chance I need to do something on it in town.
I'd just get a linux phone. Something like a pinephone or gab phone. I gotta imagine there is a semi secure way to make a phone. At least as secure as an actual desktop computer. Android phones and Apple phones we're running around with these days are like if every program you installed on your desktop was also malware lol. If we ever get a phone with an OS that actually blocks those apps from spying on ur device 24/7 or spoofed parts of the phone so the apps think it's talking to part of the phone that isn't really there would be pretty good. Just degoogled my phone with Lineage OS which feels pretty good right now.
One of my coworkers, old school brilliant developer, uses a flip phone exclusively and when he buys laptops (used ThinkPads), he guts them of the junk he doesn’t want, shorts out the microphones, physically disables the camera etc. He then throws an OS like BSD on there.
I’ve been considering going the flip phone route as well.
Easier solution: faraday bags/pouches. Easy to use and very effective (the certified/tested ones), bonus being you can jump right back to the 21st century whenever you want by simply taking the phone out of the bag.
Battery seems to drain a bit faster while the phone is sitting there searching for a signal but outside of that it's still better than going to something like the pine phone or librem 5..
Put your phone in airplane mode when off grid (out in the woods for example) for the same reason. Battery lasts a lot longer when the phone isnt screaming it's poor little head off for towers that aren't there.
Love my faraday pouch. I also imagine someone looking at my little icon on a map, have it disappear only to reappear somewhere completely different 3 hours later.
Wait until you're targeted with APT's. You eventually come around to the realization that someone can royally fuck you any time they want & there's no where to run or hide.
I can tell you from experience that it's not fun at all.
Imagine having your motherboard infected with a rootkit & having your operating system live on top of another operating system. Imagine using a Linux livecd creator to install different distributions & for some reason no matter which installer you try, nothing gives you any options when trying to install the OS to your system. No package selection. Then realizing no matter what you're installing, you're basically just using the same OS skinned to pretend you're using other distros (command line tools & all except certain distros end up being lazy attempts like a KDE based distro that's supposed to look cool ends up having a really shitty barebones KDE environment upon install.
I'm only touching on a small aspect of like 2 - 3 years of being fucked with starting with all of my computers & then eventually being fucked with in bars & shit escalating over time.
Not going to go into too much personal detail but really I can only speculate. And when you're a target like this, the last thing they're going to do is let you know exactly why. The more reasons for you to continuously be stressed the fuck out the better. My guess is it's a control mechanism to either force undesirables into the system (5150) so they can chew you up & spit you out however they desire or manipulate you into believing crazy shit & getting you to join a group like Antifa or go shoot up a theater like that Batman shooter.
MFW people realize that -- since 2009 -- every single Intel-based machine already has exactly what you're talking about: a ring -3 OOB coprocessor that can read and alter the entire contents of memory, framebuffers, network stack (it even has its own TCP/IP stack!), I/O & peripherals...
People are more than happy to run a blackbox for alphabet agencies because they don't have the balls to give up "muh convenience".
No, they didn't. Apple "designed" a SoC which uses ARM, which -- in essence -- has the same blackbox functionality in TrustZone.
Apple "designed their own processors" to further trap people in their walled garden. More things done under contract "in-house" = more room for profit margins and less scrutiny. They can literally do whatever they want now, which was the point.
Still, good luck running any x86 software. And no, I don't mean Rosetta 2. I mean native code execution. And good luck getting any actual work done now that Apple has reduced their offerings to what are essentially tablets with nicer screens, assembled by the lowest bidder for maximum profit at the expense of their devotees.
It's a long story & I don't want to give out too much personal info. Shit basically escalated from online to in person. Some people were cops & some were military. I think some people were in the know of what was going on from the beginning while others got dragged into the situation thinking I was either some 5150 or some criminal with something to hide. This developed over a long period of time.
I don't know it's complicated. But things did escalate to being fucked with in person. I did get roofied at one point & had my Surface Pro 4 used in the middle of the night hours after I blacked out & found it locked in my car. Not gonna rehash that whole story but that could've been the cops thinking I was some criminal (and not who was hacking me in the first place) or just another way of fucking with me.
Paper maps are tough to come by, but, if you’re driving, at least, road signs are extremely helpful. Might make a wrong turn or two but you’ll figure it out. And if you’re going by foot, memorize your directions, take note of things you pass, and carry a compass. If the compass fails, at least you’ll have memory to go off of. And you can always trust the stars when you can see them.
USGS still published them. Local ranger stations in national parks will still sell section topographical maps, and digital copies of same (essentially just pictures of the maps) are free to download.
These are mostly useful for wilderness use but will generally cover urban areas as well. They also often contain trails and forest back roads that don't appear on Google/Apple.
Still use a candy bar phone, too. Never "upgraded" to all that smart nonsense.
I sit in front of a real computer all day. I don't also need a limited pseudo computer the size of a brick in my pocket. I like to just leave it all behind when I leave the house.
It's a computer that's harder to use, performs worse, is a walled garden where some corporation determines what you're allowed to do, many cost more than a desktop PC and the app ecosystem is a cancerous mess of censorship, ads and microtransactions.
I have the real thing. I don't need a watered down copy.
A smartphone isn’t supposed to be a replacement for a home PC, it allows me the convenience to do everything I would reasonably want to do on a PC from a plane, uber, the front seat of my car, at seconds notice with a device that literally fits in my pocket.
The advantages FAR outweigh any perceived disadvantage.
Apple and Google controlling what you are allowed to do on your own device is more than perceived. Just ask Gab, Parler and all the other apps that got removed for political reasons.
Yea by sideloading, which is something the vast majority of users don't know how to do or won't do. It's irrelevant in the grand scheme of things. If it ain't in the official store it might as well not exist.
I use my smartphone for more or less 3 things: nav, camera, and looking stuff up on the web while I'm out. If they cripple one of those features I'll move to a weird linux phone.
Fun fact: That TI-89, thanks to 20 years of being the same price, is now cycle for cycle one of the most expensive computational devices on the planet -- by a wide margin.
Pretty much all of the TI graphing calculators should cost about $20 these days.
Yeah, they are Z80 based. Twenty years of tech advancement should have crashed the price to almost nothing -- only reason it hasn't is TI effectively has a monopoly due to being embedded in textbooks and test requirements.
I work with a lot of IT guys for my job. Nearly all of them still rocking old school watches, flip phones and you'll get an ear full of security info if you ask about it.
I'm a programmer and I agree 100%. Even Windows 10 is a huge liability with how much info they try to obtain, all the bloatware and all their cloud based bullshit. They really try to move your entire life to their servers. You have to do a lot of work to get that OS to an acceptable level of privacy.
Yup I kept Win7 around (last good windows) as long as I could mainly to PC game but I finally broke down and got a macbook after years of dicking with Linux and BSDs on laptops and went back to console (and played less games) I am sure to use Little Snitch (block trustd !!!) and am still on Mojave. The build quality on macbooks is slipping and I'll be putting together another Linux-based laptop soon.
As in, building your own from separate components? I would be hugely interested in how you do that. Can you share any good resources for a relative beginner? (Only put together Windows gaming PCs up to now, no idea about Linux.)
Desktops will be the same for Windows and Linux, so if you have built one there you are set. It sometimes pays to do a bit of background research as the driver situation can be more painful for some hardware, but these days darn near everything in desktop land "just works".
If you do want to find a modular laptop, look at a company called Clevo. They are an OEM for Sager and a few other high end gaming laptop brands. They are the closet thing to a modular laptop chassis in existence -- though from a cost/performance perspective you will almost certainly be better served by some mass produced consumer laptop. Modularity in portable machines just isn't very economically competitive.
I don't trust apple at all. Like not even a little bit. Never owned an apple anything. Not gonna lie though those M1 arm chips look pretty cool with the 20 hr battery life but not if I have to run mac os on it.
I'd agree with this. Out of Apple/Google/Microsoft, Apple is the one that makes most of it's money selling you hardware, vs selling your data.
I wouldn't trust any of them, but from a security standpoint OSX and iOS seem to be the best locked down under the hood.
Linux is probably the option with the most potential for security, but it's also possible to setup a system that is NOT secure. Something like a Pinebook or Pinephone is extremely interesting from a security perspective, but that is one hell of a rabbit hole to go down if you aren't already steeped in that world.
IMO Apple is the most trustworthy option in terms of privacy
LOL no.
Apple is a telemetry/privacy nightmare. The words "Apple" and "privacy" don't belong in the same sentence. They "refused" to help the FBI while reminding them -- behind closed doors -- that Apple (and Google) intentionally leave CVEs unpatched to provide alphabet agencies an attack surface. What you saw was a PR stunt.
Privilege escalation (which is what's required for unsigned code a la jailbreaking) is just one type of attack vector. Scrambling to lock you into a walled garden != patching CVEs that allow alphabet agencies unfettered access. WikiLeaks Vault 7 explains precisely what I'm talking about.
I think that entire thing was bullshit propaganda. I think snowden or the cia leaks pretty much suggested they can break into 100% of Apple products 100% of the time. They all use the same hardware. Android has to be built by the manufactures to run on that specific android the phone maker made on Android to run on that specific device resulting in many different setups for each phone. I think that whole thing was a movie script for normies to buy the only operating system they could break into 100% of the time. I could be wrong I don't have any insider knowledge it just didn't feel like a legit face off between corporate america and the government since they're essentially on the same team.
I refuse to buy a smart TV or any smart device. It's literally impossible to purchase a new TV from the store that is not "smart". People are too stupid to realize they are bugging their own homes for the Police State.
Soon they will only sell electronics with spy devices implanted. They will also convince consumers it's an amazing new feature everyone would love to have.
It's less about spying and more about planned obsolescence IMHO. They'll stop supporting your smart gadget after a couple of years and half the shit stops working.
Edit:
Same reason why wireless anything in your home is crap: someone will find a vulnerability at some point, usually after the vendor ended support.
There was another wlan hack going around a few months back that affected tons of consumer routers and access points. Most never got an update.
Smart and wireless gadgets all come with a hidden best-by date.
Except for the fact that they keep putting microphones and cameras in everything. Like Fridges, furniture, and even smart TV's are coming with cameras and mics installed. I get what you're saying but it's that and the spy thing. It's all the things. Private corporations are allowed to do things the government never could. Then the government buys all the data from "3rd party vendors" and it's not illegal. The Pentagon buys up all the cellphone GPS data being collected for top dollar. It's insane the level it's gotten to already.
Seriously though, electrical tape is opaque and microphones can be found and stabbed repeatedly with something sharp. RFIDs can be disabled by microwaving them.
If you are really determined, you can still physically abuse your appliances into submission. At least so far.
Like how Hyundai sold remote start that only work through their app(which has a monthly fee). At the end of this year all 2016 and older models with this remote start will no longer be usable because the company that runs the app will no longer support the 2g transmitting that the cars use to communicate. Hyundai is offering no option to upgrade or replace the receiver so all those customers are shit out of luck.
Cars are particularly bad because they are (well, were) intended to last a long time.
Yet with all the smart crap stuff often stops working way before the end of life of the car. Whether it's because more complicated systems break more often or simply because some software no longer receives any updates.
Plus, the more pointless electronics they shove in there the harder it gets to maintain and repair your car yourself.
And don't get me started on the whole monthly-fee/as-a-service shitshow.
Met a woman that grew up in Eastern Bloc pre and during WWII. She was incredibly sharp, and talked about how one day there was a program to give everyone free radios. One time her family was talking the wrong way and the KGB showed up. The "free" radios came with bugs that were being actively monitored. She then went on to laugh cynically and say that people today are so blind they can actually charge them for the ability to monitor them; and that's what has happened.
This was a couple years back. She was in her nineties (I think, that's what the math seems to say) and was smarter than probably 95% of the populace of all ages.
Pretty sure the closest thing she received to formal higher education was being put through Nazi labor programs when they occupied her area (following their defeat, she escaped to the west, but her family remained in Eastern Europe [she had already been separated by the Nazis]. She didn't talk to them again for like, 20 years, and even then, they had to be very careful about how they corresponded to avoid her family getting disappeared.)
How quickly people forget the lessons of the past.
There is a reason our politicians can't use Android or Apple phones for official business. They are designed to be hacked. Our government could never afford to install all the spy devices we freely buy and install for them. It's as brilliant as it is evil.
I had a counselor at the YMCA who grew up in East Berlin under the Stasi. She escaped with her family at the age of 9. She made sure to teach us kids a thing or two.
If I know Alexa is listening, then I can make sure the regime hears me saying things I want them to hear me say. They will think I am loyal in ways that they would not if I didn't give them that channel.
In the above radio example, I can watch what I say around the radio, and if my loyalist neighbor gets too nosy, I can start having conversations with family members about disturbing things I saw the neighbors do, and I wonder does it warrant reporting them, or would I be inconveniencing the authorities?
If I habitually leave my phone on the table and take it with me when I go outside, then my location tracking will show that pattern. If I leave the house without the phone deliberately, they will think I am home when I am not -- this is even more useful than them not knowing. If the phone is attached to my cat the illusion that I am at home becomes stronger. Especially when dumb phones are rare and become data points in and of themselves -- a way to be noticed.
If I want to disappear, and we have established that my phone is a good way to track me, then my phone becomes a very valuable tool indeed. I can attach it to some other object (such as inside the bumper of my neighbor's car, or jammed into a cushion on a city bus), and suddenly I am in two places at once.
ALL systems are a two way street. It's good to cultivate a mindset of looking at any rule-based or software based systems and trying to think of creative ways to screw with it. You get more ideas with practice, and it's fun! There is no such thing as "their tool" or "your tool" -- there are only tools, and they belong to whoever figures out how to make use of them.
Oh for sure, this is a reason why I still use a smart (android even) phone. The other thing to remember is that refusal marks you as a target, too.
Off topic a little more, this is a thing I've been thinking a lot about lately: if they can have their bad actors infiltrate every level of government and our party, pose as us, and take us down that way, why can't we do the same? If we infiltrated their party en-masse, really legitimately posing as lefties (we mock them for how predictable and stupid they are as it is, so it surely shouldn't be too hard?) when some big thing happened, we could all activate at once to disrupt them completely, just as they've done to us. We could take key positions from them without them even knowing it. On top of it all, they'd have some idea as to what is going on, which is good - "those with power are afraid to lose it" - their paranoia as to who is truly a loyalist would run rabidly out of control, which would cripple their own ability to operate entirely. They'd start firing (or if shit got bad enough, executing) people left and right (haha see what I did there?), not knowing who was truly a loyalist and who is a secret Trump supporter. We'd bring them to their knees using their own ambition.
And yet, I remember there being a big issue with Obama and his BlackBerry when he first was in office. And Trump’s tweets always came from an iPhone. I’m sure they have “special” phones but that never sat right with me. And, honestly, who’s going to deny the President access to his phone? Quite alarming when you think about it.
This is why you set up an air gapped home network along side your regular internet network. You connect all the spy devices that you don't need internet access to, to the home network (so you have access to your media and whatnot, and take precautions with the internet connected network. Only secure devices.
It’s good you’re learning! Anything with a microphone could be listening. And especially anything that responds to your commands unprompted by anything but your voice. Same goes with cameras and facial recognition software. They’re literally selling you “security” that has the ability to spy on you.
Hasn't worked in a while for me, since I educated the majority of them. But when it did, it was like the seven stages of grief playing out in 30 seconds. Anger was usually directed at me.
Bargaining to make LG stop playing was the funniest.
Heck yea. My flipphone is camera faced down and off and mostly stays home. Mic and camera stay unplugged when not in use. You have to look out for all leaks these days. Just because you don't use IOT though doesn't mean you can't learn the protocols. Never know when things like that could come in handy.
Two different times I saw power outages keep people out of keyfob building doors. Physical is still better than digital in dire situations. When I see a Nest type thermostat inside a public building I suddenly shut up lol It's like someone standing there moving a mic toward my lips - it cuts me quick. Cameras have been around for years but always on IOT bothers me a lot more.
👆 this will save an immense amount of time and headache.
But for folks with an existing home a great way to run that network is to use existing wires like coax. Tie the cat6 to it, pull 2 cables through the wall, then pull the coax back into place with the extra cable.
I'm in my 30s and this is the mindset I've always held. I honestly can't understand people that hook everything up to the internet, so freakin' dangerous. Wtf, smart speakers, thermostats, lights, windows, doors? It honestly confounds me.
I grew up with tech in the 80s on a Tandy1000. Then saw BBSs in the 90s. If I had the type of phones and internet info and tech at my finger tips as a kid in the 80s/90s.. .Damn. I dunno how I woulda turned out. But I saw a hint of it at my GFs place on the holidays. Her young son was completely into all the voice activated alexa stuff. Tying in every lightbulb in the house, glass break sound sensors, you name it into alexa. I was/AM completely HORRIFIED at how much info Jeff Bezos has on you. Amazon can tell at any time where people are in the house, they can tell what lights in what rooms are on, when you are at home, when you are in the bathroom.
HOLY SHIT PEOPLE. On one hand I can see the glee in the kids eyes at this tech. But getting older has certainly shown me why my dad was always a bit scared at me logging on to BBSs..
I'm neither programmer not engineer, but as a proud Luddite I won't have that crap in my house. I was pissed when the electric meter was changed against my wishes. Many days I'm sorry I have internet.
Didn't someone say there was an online thermostat transmitting info during the election? Not sure if it was a larp but I could swear I remember something about it.....
Pretty much. IT guy here. I don't use WiFi in my house unless somebody is staying over and asks me to turn it on. I do have cat-6 wired to a couple rooms and outdoor IP cameras, which record to my own NVR server that cannot be accessed outside of my house. No smart home devices. Fuck Google. Fuck Amazon. Been saying it for years.
Anything that is possible bon the Google home devices is possible with your smartphone. So unless you use a flip phone you likely have similar exposure.
Is he based, and just not aware of the danger? Especially with how chucked any responses are when you ask it a question? When I started dating my wife she had all that and I got rid of it Ron Swanson style.
He's not based...I haven't asked him why he's cool with all the "smart" devices. We'll probably end up arguing about how I've "overdosed" on MAGA. I guess he still has some faith in government, and he thinks we have nothing to fear if we're not doing anything wrong.
In reality...even though you are being spied on you really don’t have to worry. They are using you to advertise.
Biggest real dangers are 1) unlimited blackmail material on our business owners and politicians and 2) the ability to micromanage the entire country through ai, manipulation, and AB monitoring.
I'm a firmware engineer -- I basically work on these exact types of systems, and I agree completely with this sentiment. The silicon valley "pay with your privacy" model is scummy by design.
Some of this stuff is benign, but most of it is not terribly secure, so even if you have a product that was designed in good faith (they do exist - stuff that doesn't phone home to the cloud is usually at least intended to behave politely) there is a risk of it being hijacked and misused. Often a substantial risk, I am sorry to say.
On the other hand, I've kind of taken the attitude that the best way to fight surveillance is to stop wearing clothes at home. Spying on me should be its own punishment.
Know the feeling and every sibling calling you a conspiracy nut because you use strong passwords and not using google and chrome and wifi has 20+ password length.
My sibling was thinking I was crazy at first then fully jumped into privacy and is now more concerned than I am, it was quite comedic but very reassuring
Any smart home or home surveillance should be on a closed circuit network that has no possible way of connecting to the Internet. Which would mean using an open source software and raspberry pis that you have full control over, not like Alexa's setup. Which is still, for the time being, too complicated for the "techies."
There's a couple open source smart home alternatives to Alexa, such as openHAB, but the quickest way to get started is switching from Amazon Fire TV sticks to Raspberry Pi as your home media centers.
Here's some of the potential pain paints with IOT especially.
Lots of it runs off of electricity - so when it "phones home" by communicating with its software repository or does any checking in, or spies on you, or is being actively hacked or attacked, it's using your electricity and costs you money. If it's plugged in, for sure, it's using your electricity regularly.
CHECK + uses more electricity
Same with the bandwidth on your internet line, any time those devices call home, check in, spy on you, are being hacked or attacked, they are using your internet bandwidth.
CHECK + uses more internet bandwidth
When you have any device running on your internet, it likely has a "port". A port is how it transfers bandwidth to and from the internet. That port being open is like an invitation to anyone exploiting software. When someone does a "port scan" on your network they hear that device broadcast (like someone screaming across the room) I'm over here... I'm ready to talk.... do you have something to say to me? Oh you want to issue me a command - ok, I can do that. And that's how you get hacked. But you don't know about it because you don't turn off that device that is crucial for your life. So now you have either a nasty attacker spying on you because of a bug in software or a known exploit, or something still unknown to security people. As an example, there were exploits only found YEARS later in Windows OS that came right through the ports.
CHECK + vulnerable to more port scanning vectors and inquiries
Another thing with ports is worms... ok worms don't need you to DO anything. Just being connected is enough for them to sneak in (again through a port, most likely). They travel around networks looking for openings and aren't driven by humans, only let loose once then travel the wires.
CHECK + vulnerable to worms when never offline
This is more rare but employees can go rogue at companies and release software that has built in backdoors. You might buy a product with perfectly fine software but they hire someone who makes money off rogue software in their product. Orrr they could be purchased by a company that doesn't have good intentions (Didn't Google buy Nest from someone else...) Since so much code is closed source, you couldn't read about if you wanted to without a lot of effort. You will rarely hear about a rogue employee because it embarrasses the company. They will fire the person (if they find out) but not make public statements unless someone finds out.
CHECK + vulnerable to rogue software because you don't choose when the software gets installed, it is under someone elses control
Then the OP mentions something else - if it's electronic, you need electricity to use it (so they mention mechanical devices as alternatives).
CHECK + less hearty during power outages, natural disasters, grid meltdown, electronic attacks, and sometimes sun flares, bit flipping from cosmic rays (that's when a 1 becomes a 0 or the reverse and it messes up storage hardware or running software) - cosmic rays can come from space at any point to earth
Here's the worst one. Just like Twitter bans people it doesn't like... what if Amazon could turn off your ability to shop and Google turn off your ability to heat your home (until you step into line on the internet and speak correctly). Trusting outside companies to all your appliances and even your ability to heat your home.... well... I suppose you REALLY trust them, huh. Can't say I do since they've abused power previously.
I've been on many calls with brilliant people, far more knowledgeable than myself. One thing they all share in common is the ability to simplify complicated topics so a layman can understand and feel empowered. Your level of mastery and sharing this information is appreciated, u/creamkern
Like OP, I work in tech but abhor most modern devices. As others have stated, it almost isn't worth the time to fight the IOT invasion because it's on so many fronts. However, as you've shown, there are many ways we can fortify our home gear and provide effective protection from average and even some advanced attackers.
Make sure the doors are locked when you go to bed... just don't do it from your bed.
programmer and sys admin for almost two decades here: most people that become too paranoid at this shit are impractical and disfuncional.
You can be in the middle ground: not having too much IoT shit but having a modern life. Besides, good luck convincing you family and friends not using anything, which, unless your inner circle stays as far away from tech as you, you aren’t “off the grid” you are just shooting yourself in the foot in your delusion.
if you want to beat the system fuck with it and hack it, not stay secluded as a hermit. Get a good firewall, not freaking Linux in assembly code that you have to compile.
If the government wants to find something about you, they will, and if they can’t, they will invent it.
You call more attention to yourself by being a fucking blackout-ToR-SMS guy, than by being average.
I am a security expert and yes I don’t have none of that shit and I also disabled Siri in all of my devices. Only work with aliases online and conduct most of my internet traffic through proxies and tor routers.
I wonder how many people whose various cams livestreamed on the internet without their knowledge (to the amusement of 4chan and the like) thought the same.
Reminds me of the good old days when some autist found a way to search on Google for misconfigured web/nanny/surveillance cams that were accessible to anyone on the web, some even with movement controls.
Heck there was even Ghislaine Maxwell's hearing on a teleconference that got hacked and had 11,000 people listening, haha. On the flip side I think I may be OK with our corrupt justice system using such tech.
Question for OP, I get the rest of it, and that connected thermostats can give a company an idea when you are home or not, but is there something else the general population should know about with them?
all these "smart" devices are a potential backdoor to your LAN. They download updates, so at any time the vendor (or someone doing a man-in-the middle attack pretending to be the vendor) could decide to activate a VPN client on it (or any other form of tunneling) and presto they are into your home.
The very minimal value provided by being able to remotely control your home's temperature does not justfiy introducing that kind of security risk. Also, these devices are made by companies whose specialty is pumping refrigerant around... they have extremely limited software expertise to put it politely. Not their domain. There is no reason to think they would be well designed to be secure.
I got some of those little Wyze cameras with a giftcard I got for Christmas.
Cloud app? No thanks. I'll just spend an evening figuring out how to install custom firmware and turn them into dumb RTSP streamers my edge server can ingest and multiplex and eventually record and run motion detection on.
Home automation is fun to play with if you're rolling your own. Also got some ESP32 monitoring gizmos I'm about ready to deploy around the house, running my code.
Lol I work in cyber security. I’m strongly considering going back to a flip phone 😆
flip phone? better off with CB radio
Engineering is great because of that. You can try to introduce all the gender or social justice bullshit you want into it, but at the end of the day the thing either works or it doesn't.
Science in general is great like that. Makes you pretty much immune to bullshit when applied rigorously.
True! The scientific method was devised by the same people that directly inspired our nation. It was meant to be a method through which anyone could reproduce the same results and compare, allowing the people to garner true knowledge instead of relying upon a large body to filter it to them.
Obviously, we're in need of a return to form on that. Climate change science is a chief example. Somehow, ONLY the giant science foundations have the resources and the abilities to process the data right, violating that concept that science should be accessible. Obviously, with something as complex as that, that makes a degree of sense, but nonetheless, there should be performable experiments by individuals that can verify their data, yet there does not appear to be.
Is it wrong? I can't prove it's wrong, but I take it with a strong dose of skepticism because if it's inaccessibility (and everything else wrong with it).
Another example might be astrophysics/space science. Unlike climate, however, it IS observable and reproducible by individuals if necessary. People have launched their own satellites and such; curvature of the Earth can be measured by math, and the patterns of the planets and stars can be observed with fairly simple equipment (depending on the scope talked about). In instances of much greater depth (stuff about expansion of the universe and so on) many of the facilities where that data can be found are relatively accessible to the public (large scale space telescopes, for example).
In the private sector if I had an employee who continued missing their marks and insisting that they just need to update their model with new information I would give them an opportunity to do so at least once, but would require them to set bounds on reliability of an acceptable prediction beforehand based on their previous results.
If the model proved to be inaccurate a "second" (I'd assume there would be iterative development and improvement of the model in-between assessments and issuance of predictions) time I would suggest that two things be done before proceeding. (1) Find a comparable system and model for a different data set and determine what their success metrics are and (2) Assuming that there was a significant variance (there would be in this case) I would suggest that they reduce the complexity and shorten the development cycle by breaking the model into smaller component models.
Ideally you would then end up with a system where things like the following scenario could be modeled and specifically tested using components with standardized inputs and outputs that could be refined overtime whenever they were used in a meta model.
This approach requires an extraordinary amount of structured data but typically produces excellent results over time as individual issues with component models can be addressed and resolved verifiably on a case by case basis. It also means that labor is conserved across the organization because the component models, assuming standardized input/output with some wiggle room, can be repurposed as is or with modifications (Docker for Data Modeling essentially).
See this licensing part is the part that annoys me.
If you only get your tech license, I would encourage you to follow through with upgrading your ham license at least once (to general class). That's a good plan. The local comms that exist in VHF/UHF are fun, but the stuff below 50 MHz are where radio really comes into its own.
Communications on those bands are challenging. You have to understand antennas, how to aim them, and how to check and exploit current atmospheric conditions. It's a bit like sailing, in a sense. Equipment is expensive off the shelf, but building from scratch is entirely feasible. Past the science, though, this spectrum of radio frequency is unique in that it is the only human technology that allows for worldwide communication without use of external infrastructure. No satellites needed, no comm lines, nothing. The equipment is even feasible to run on solar power, as the energy requirements are modest. It offers a form of independence that can be found no where else.
It is no longer required, but if you have the ear for it consider learning morse code. If you don't have a look at small signal digital modes (FT8 and JS8 Call in particular).
What these transmission modes have in common is narrow bandwidth, and as a result energy efficiency. They let you reach the whole world using modest equipment, and in the case of CW morse code transmission, extremely simple equipment.
Hang a wire and you will be surprised how far you can talk with little effort.
I need to get back into it
We should all be doing HAM (I keep slacking on this)
I wonder if I could connect my old circa 1988 Radio Shack CT-200 Transportable Phone. Assuming it would even still work as it was a kids toy for years (no battery of course).
That phone uses the old AMPS-800 cellular standard. It predates even the 2G CDMS/GSM stuff.
The last service in the US was discontinued in 2008, and has since been discontinued in much of the world.
It actually uses the same frequencies as modern LTE stuff, but it won't talk to any current towers. Turning it on is probably not the best idea from an interference perspective -- at this point it's basically nothing more than a mostly ineffective jammer.
AMPS was the best. Signal in the middle of nowhere, guaranteed. No one cared that it may have required a 5 foot trunk antenna, but you could always get a call out. It just worked, and it worked beautifully.
Also analog if I recall correctly.
We were on amps to the very end. Probably made one of the last calls too when they flipped the switch.
Now we're sitting here watching Ebay for Iridium phones at a less than new price but might as well get a new one at this point
Yup. Analog. Unencrypted. Good old fashioned FM voice.
Some congressman or other got caught doing something embarrassing when someone recorded his call on such a system.
That's why those two windows in the 800 MHz band are blocked on scanners sold in the US. All comms on those lines are long since encrypted, but the law remains on the books because some idiot in congress thought the best way to secure the signal is to outlaw receivers.
It’s likely that old GSM phones are incompatible with today’s networks.
sauce / ad from the time:
https://www.sts-productions.com/blog/2018/5/25/radio-shack-ct-200-transportable-cellular-phone
and this one looks like the scenery a famous builder from NYC could have seen (CT-201 tough):
https://i.maga.host/mcfGXC8.png
Same. I’m considering a “dumb” phone.
Never got rid of mine, I'm the only one in my family who has a flip phone (even grandma and grandpa got them), and I'm the only one out of my friends who has one. Feels good.
I wonder if i can find a dumb phone i can stick my sim card in. Pull it out and stick it in the smart phone that I literally only ever use at home, in the off chance I need to do something on it in town.
I'd just get a linux phone. Something like a pinephone or gab phone. I gotta imagine there is a semi secure way to make a phone. At least as secure as an actual desktop computer. Android phones and Apple phones we're running around with these days are like if every program you installed on your desktop was also malware lol. If we ever get a phone with an OS that actually blocks those apps from spying on ur device 24/7 or spoofed parts of the phone so the apps think it's talking to part of the phone that isn't really there would be pretty good. Just degoogled my phone with Lineage OS which feels pretty good right now.
One of my coworkers, old school brilliant developer, uses a flip phone exclusively and when he buys laptops (used ThinkPads), he guts them of the junk he doesn’t want, shorts out the microphones, physically disables the camera etc. He then throws an OS like BSD on there.
I’ve been considering going the flip phone route as well.
All my laptops always immediately get linux put on them an a bandaid over the camera.
I really do enjoy Linux Mint.
Easier solution: faraday bags/pouches. Easy to use and very effective (the certified/tested ones), bonus being you can jump right back to the 21st century whenever you want by simply taking the phone out of the bag.
Battery seems to drain a bit faster while the phone is sitting there searching for a signal but outside of that it's still better than going to something like the pine phone or librem 5..
Put your phone in airplane mode when off grid (out in the woods for example) for the same reason. Battery lasts a lot longer when the phone isnt screaming it's poor little head off for towers that aren't there.
Turn the damn thing off when you're not using it or not expecting calls
I don't even trust that!
That's cute. You think you can turn your phone off? No, it just looks off unless the battery is completely, totally dead.
Sure but in a faraday bag it'll burn less battery is the whole point
Love my faraday pouch. I also imagine someone looking at my little icon on a map, have it disappear only to reappear somewhere completely different 3 hours later.
Got my old Nokia 3310 only issue is my current sim card does not work with it same size and everything but they just cant communicate it seems.
Being an IT guy of 25+ years, I can confirm this is spot on.
Wait until you're targeted with APT's. You eventually come around to the realization that someone can royally fuck you any time they want & there's no where to run or hide.
I can tell you from experience that it's not fun at all.
APT's?
Advanced persistent threats...
Imagine having your motherboard infected with a rootkit & having your operating system live on top of another operating system. Imagine using a Linux livecd creator to install different distributions & for some reason no matter which installer you try, nothing gives you any options when trying to install the OS to your system. No package selection. Then realizing no matter what you're installing, you're basically just using the same OS skinned to pretend you're using other distros (command line tools & all except certain distros end up being lazy attempts like a KDE based distro that's supposed to look cool ends up having a really shitty barebones KDE environment upon install.
I'm only touching on a small aspect of like 2 - 3 years of being fucked with starting with all of my computers & then eventually being fucked with in bars & shit escalating over time.
I'd like to hear more about this and why were you targeted.
Not going to go into too much personal detail but really I can only speculate. And when you're a target like this, the last thing they're going to do is let you know exactly why. The more reasons for you to continuously be stressed the fuck out the better. My guess is it's a control mechanism to either force undesirables into the system (5150) so they can chew you up & spit you out however they desire or manipulate you into believing crazy shit & getting you to join a group like Antifa or go shoot up a theater like that Batman shooter.
https://www.startpage.com/av/proxy-image?piurl=https%3A%2F%2Fsecure.i.telegraph.co.uk%2Fmultimedia%2Farchive%2F02506%2FJames_Holmes_2506390b.jpg&sp=1612033618T12fd43350c674d343a9d2c7f66b211c7a82851d5d86182903fc893b3f5d48232
Every time I see this kids eyes, I think someone must of sent him into some sort of psychosis.
MFW people realize that -- since 2009 -- every single Intel-based machine already has exactly what you're talking about: a ring -3 OOB coprocessor that can read and alter the entire contents of memory, framebuffers, network stack (it even has its own TCP/IP stack!), I/O & peripherals...
People are more than happy to run a blackbox for alphabet agencies because they don't have the balls to give up "muh convenience".
My guess is that's part of the reason why Apple said fuck Intel & designed their own processors?
Just a running theory of mine...
No, they didn't. Apple "designed" a SoC which uses ARM, which -- in essence -- has the same blackbox functionality in TrustZone.
Apple "designed their own processors" to further trap people in their walled garden. More things done under contract "in-house" = more room for profit margins and less scrutiny. They can literally do whatever they want now, which was the point.
Still, good luck running any x86 software. And no, I don't mean Rosetta 2. I mean native code execution. And good luck getting any actual work done now that Apple has reduced their offerings to what are essentially tablets with nicer screens, assembled by the lowest bidder for maximum profit at the expense of their devotees.
It's only a matter of time. This is literally the bar to penetration. Time.
Ok, I get the APT's thing now but how does it translate to being messed with in bars?
It's a long story & I don't want to give out too much personal info. Shit basically escalated from online to in person. Some people were cops & some were military. I think some people were in the know of what was going on from the beginning while others got dragged into the situation thinking I was either some 5150 or some criminal with something to hide. This developed over a long period of time.
Oh so they thought you were a high value target or something and were trying to get something out of you, even in person? Damn
I don't know it's complicated. But things did escalate to being fucked with in person. I did get roofied at one point & had my Surface Pro 4 used in the middle of the night hours after I blacked out & found it locked in my car. Not gonna rehash that whole story but that could've been the cops thinking I was some criminal (and not who was hacking me in the first place) or just another way of fucking with me.
Like I said, it's complicated.
Can confirm. Got two degrees in IT and Networking.
I use a disposable candybar phone with no internet and no camera.
Do yourselves a favor, get rid of your "smart phone", uninstall blue tooth.
Turn off all automatic updates and actually read and choose what's getting installed on your computer.
Stop being so reliant on GPS and start memorizing roads. And for goodness sakes, learn math and stop relying on calculators.
Your brain is amazing; use it.
Wait, the calculators are working against us too?
Even the fucking abacus is suspect at this point.
Mine tried to fuck me in the ass last weekend. I got drunk, woke up, and could only count to 4 on that dam thing.
Fucking Chinese, am I right?
🤣
Joking aside, learn to use an abacus and a slide rule, and teach your kids to do the same.
Even if you never use them as tools, they impart intuition that you won't get any other way.
The abacus is a Chinese product after all. Instant sus.
earthmoonmeme.jpg
"always have been"
I have my issues with not using calculators being a student because i dont want to do integrals by hand
Wait until you learn Laplace and Fourier transforms and realize 95% of Caclulus can be reduced to simple Algebra. :mind blown:
Didn’t you know math is racist these days?
Paper maps are harder to come by now, at least in my area. So I look as I travel.
Thomas Bros still makes great maps.
Paper maps are tough to come by, but, if you’re driving, at least, road signs are extremely helpful. Might make a wrong turn or two but you’ll figure it out. And if you’re going by foot, memorize your directions, take note of things you pass, and carry a compass. If the compass fails, at least you’ll have memory to go off of. And you can always trust the stars when you can see them.
USGS still published them. Local ranger stations in national parks will still sell section topographical maps, and digital copies of same (essentially just pictures of the maps) are free to download.
These are mostly useful for wilderness use but will generally cover urban areas as well. They also often contain trails and forest back roads that don't appear on Google/Apple.
Truck stops still had road atlases last time I looked.
Still use a candy bar phone, too. Never "upgraded" to all that smart nonsense.
I sit in front of a real computer all day. I don't also need a limited pseudo computer the size of a brick in my pocket. I like to just leave it all behind when I leave the house.
Counter argument: I gain more from the use of a smart phone than it can harm me in any reasonable realm of likelihood.
This sounds like a boomer argument akin to leftists decrying “climate change”
It' doesn't "harm" me. It's just useless to me.
It's a computer that's harder to use, performs worse, is a walled garden where some corporation determines what you're allowed to do, many cost more than a desktop PC and the app ecosystem is a cancerous mess of censorship, ads and microtransactions.
I have the real thing. I don't need a watered down copy.
A smartphone isn’t supposed to be a replacement for a home PC, it allows me the convenience to do everything I would reasonably want to do on a PC from a plane, uber, the front seat of my car, at seconds notice with a device that literally fits in my pocket.
The advantages FAR outweigh any perceived disadvantage.
Apple and Google controlling what you are allowed to do on your own device is more than perceived. Just ask Gab, Parler and all the other apps that got removed for political reasons.
I have Gab open on my phone right now.
Can you access Parler on your laptop right now then?
No - you don’t know what you’re talking about.
Yea by sideloading, which is something the vast majority of users don't know how to do or won't do. It's irrelevant in the grand scheme of things. If it ain't in the official store it might as well not exist.
I use my smartphone for more or less 3 things: nav, camera, and looking stuff up on the web while I'm out. If they cripple one of those features I'll move to a weird linux phone.
The TI-89 that's sat within proximity of my desk for like 20 years says fuck off
Fun fact: That TI-89, thanks to 20 years of being the same price, is now cycle for cycle one of the most expensive computational devices on the planet -- by a wide margin.
Sure it's not the TI-83+? I think they're still being issued in schools and still based on a Z80 core.
Pretty much all of the TI graphing calculators should cost about $20 these days.
Yeah, they are Z80 based. Twenty years of tech advancement should have crashed the price to almost nothing -- only reason it hasn't is TI effectively has a monopoly due to being embedded in textbooks and test requirements.
I work with a lot of IT guys for my job. Nearly all of them still rocking old school watches, flip phones and you'll get an ear full of security info if you ask about it.
They are right.
I'm a programmer and I agree 100%. Even Windows 10 is a huge liability with how much info they try to obtain, all the bloatware and all their cloud based bullshit. They really try to move your entire life to their servers. You have to do a lot of work to get that OS to an acceptable level of privacy.
Yup I kept Win7 around (last good windows) as long as I could mainly to PC game but I finally broke down and got a macbook after years of dicking with Linux and BSDs on laptops and went back to console (and played less games) I am sure to use Little Snitch (block trustd !!!) and am still on Mojave. The build quality on macbooks is slipping and I'll be putting together another Linux-based laptop soon.
As in, building your own from separate components? I would be hugely interested in how you do that. Can you share any good resources for a relative beginner? (Only put together Windows gaming PCs up to now, no idea about Linux.)
Nah, not that hardcore. I keep an old Thinkpad I got used, running OpenBSD that has all the networking disabled for secure stuff.
I was thinking more Viking or System76.
Desktops will be the same for Windows and Linux, so if you have built one there you are set. It sometimes pays to do a bit of background research as the driver situation can be more painful for some hardware, but these days darn near everything in desktop land "just works".
If you do want to find a modular laptop, look at a company called Clevo. They are an OEM for Sager and a few other high end gaming laptop brands. They are the closet thing to a modular laptop chassis in existence -- though from a cost/performance perspective you will almost certainly be better served by some mass produced consumer laptop. Modularity in portable machines just isn't very economically competitive.
I don't trust apple at all. Like not even a little bit. Never owned an apple anything. Not gonna lie though those M1 arm chips look pretty cool with the 20 hr battery life but not if I have to run mac os on it.
IMO Apple is the most trustworthy option in terms of privacy. Tell me who else has done something like this: https://en.wikipedia.org/wiki/FBI–Apple_encryption_dispute
They refused to help the FBI get into the San Bernardino shooters recovered phone. Fucking glowies had to outsource the job to some Israeli hacker.
I'd agree with this. Out of Apple/Google/Microsoft, Apple is the one that makes most of it's money selling you hardware, vs selling your data.
I wouldn't trust any of them, but from a security standpoint OSX and iOS seem to be the best locked down under the hood.
Linux is probably the option with the most potential for security, but it's also possible to setup a system that is NOT secure. Something like a Pinebook or Pinephone is extremely interesting from a security perspective, but that is one hell of a rabbit hole to go down if you aren't already steeped in that world.
LOL no.
Apple is a telemetry/privacy nightmare. The words "Apple" and "privacy" don't belong in the same sentence. They "refused" to help the FBI while reminding them -- behind closed doors -- that Apple (and Google) intentionally leave CVEs unpatched to provide alphabet agencies an attack surface. What you saw was a PR stunt.
OK. That must be why jailbreaks take longer and longer to come out, or why there's a minor version release of iOS within days of each one.
Privilege escalation (which is what's required for unsigned code a la jailbreaking) is just one type of attack vector. Scrambling to lock you into a walled garden != patching CVEs that allow alphabet agencies unfettered access. WikiLeaks Vault 7 explains precisely what I'm talking about.
Spez: sorry for your feelings.
I think that entire thing was bullshit propaganda. I think snowden or the cia leaks pretty much suggested they can break into 100% of Apple products 100% of the time. They all use the same hardware. Android has to be built by the manufactures to run on that specific android the phone maker made on Android to run on that specific device resulting in many different setups for each phone. I think that whole thing was a movie script for normies to buy the only operating system they could break into 100% of the time. I could be wrong I don't have any insider knowledge it just didn't feel like a legit face off between corporate america and the government since they're essentially on the same team.
Windows 10, fixed:
https://ameliorated.info/
wow this is awesome!! thanks a lot
Especially win 10 is s liability.
Holy shit, that’s accurate.
I refuse to buy a smart TV or any smart device. It's literally impossible to purchase a new TV from the store that is not "smart". People are too stupid to realize they are bugging their own homes for the Police State.
Soon they will only sell electronics with spy devices implanted. They will also convince consumers it's an amazing new feature everyone would love to have.
It's less about spying and more about planned obsolescence IMHO. They'll stop supporting your smart gadget after a couple of years and half the shit stops working.
Edit:
Same reason why wireless anything in your home is crap: someone will find a vulnerability at some point, usually after the vendor ended support.
There was another wlan hack going around a few months back that affected tons of consumer routers and access points. Most never got an update.
Smart and wireless gadgets all come with a hidden best-by date.
Except for the fact that they keep putting microphones and cameras in everything. Like Fridges, furniture, and even smart TV's are coming with cameras and mics installed. I get what you're saying but it's that and the spy thing. It's all the things. Private corporations are allowed to do things the government never could. Then the government buys all the data from "3rd party vendors" and it's not illegal. The Pentagon buys up all the cellphone GPS data being collected for top dollar. It's insane the level it's gotten to already.
Gouge its eyes out!
Seriously though, electrical tape is opaque and microphones can be found and stabbed repeatedly with something sharp. RFIDs can be disabled by microwaving them.
If you are really determined, you can still physically abuse your appliances into submission. At least so far.
Like how Hyundai sold remote start that only work through their app(which has a monthly fee). At the end of this year all 2016 and older models with this remote start will no longer be usable because the company that runs the app will no longer support the 2g transmitting that the cars use to communicate. Hyundai is offering no option to upgrade or replace the receiver so all those customers are shit out of luck.
Cars are particularly bad because they are (well, were) intended to last a long time.
Yet with all the smart crap stuff often stops working way before the end of life of the car. Whether it's because more complicated systems break more often or simply because some software no longer receives any updates.
Plus, the more pointless electronics they shove in there the harder it gets to maintain and repair your car yourself.
And don't get me started on the whole monthly-fee/as-a-service shitshow.
Met a woman that grew up in Eastern Bloc pre and during WWII. She was incredibly sharp, and talked about how one day there was a program to give everyone free radios. One time her family was talking the wrong way and the KGB showed up. The "free" radios came with bugs that were being actively monitored. She then went on to laugh cynically and say that people today are so blind they can actually charge them for the ability to monitor them; and that's what has happened.
This was a couple years back. She was in her nineties (I think, that's what the math seems to say) and was smarter than probably 95% of the populace of all ages.
Pretty sure the closest thing she received to formal higher education was being put through Nazi labor programs when they occupied her area (following their defeat, she escaped to the west, but her family remained in Eastern Europe [she had already been separated by the Nazis]. She didn't talk to them again for like, 20 years, and even then, they had to be very careful about how they corresponded to avoid her family getting disappeared.)
How quickly people forget the lessons of the past.
There is a reason our politicians can't use Android or Apple phones for official business. They are designed to be hacked. Our government could never afford to install all the spy devices we freely buy and install for them. It's as brilliant as it is evil.
I had a counselor at the YMCA who grew up in East Berlin under the Stasi. She escaped with her family at the age of 9. She made sure to teach us kids a thing or two.
These tools have intriguing possibilities though.
If I know Alexa is listening, then I can make sure the regime hears me saying things I want them to hear me say. They will think I am loyal in ways that they would not if I didn't give them that channel.
In the above radio example, I can watch what I say around the radio, and if my loyalist neighbor gets too nosy, I can start having conversations with family members about disturbing things I saw the neighbors do, and I wonder does it warrant reporting them, or would I be inconveniencing the authorities?
If I habitually leave my phone on the table and take it with me when I go outside, then my location tracking will show that pattern. If I leave the house without the phone deliberately, they will think I am home when I am not -- this is even more useful than them not knowing. If the phone is attached to my cat the illusion that I am at home becomes stronger. Especially when dumb phones are rare and become data points in and of themselves -- a way to be noticed.
If I want to disappear, and we have established that my phone is a good way to track me, then my phone becomes a very valuable tool indeed. I can attach it to some other object (such as inside the bumper of my neighbor's car, or jammed into a cushion on a city bus), and suddenly I am in two places at once.
ALL systems are a two way street. It's good to cultivate a mindset of looking at any rule-based or software based systems and trying to think of creative ways to screw with it. You get more ideas with practice, and it's fun! There is no such thing as "their tool" or "your tool" -- there are only tools, and they belong to whoever figures out how to make use of them.
Oh for sure, this is a reason why I still use a smart (android even) phone. The other thing to remember is that refusal marks you as a target, too.
Off topic a little more, this is a thing I've been thinking a lot about lately: if they can have their bad actors infiltrate every level of government and our party, pose as us, and take us down that way, why can't we do the same? If we infiltrated their party en-masse, really legitimately posing as lefties (we mock them for how predictable and stupid they are as it is, so it surely shouldn't be too hard?) when some big thing happened, we could all activate at once to disrupt them completely, just as they've done to us. We could take key positions from them without them even knowing it. On top of it all, they'd have some idea as to what is going on, which is good - "those with power are afraid to lose it" - their paranoia as to who is truly a loyalist would run rabidly out of control, which would cripple their own ability to operate entirely. They'd start firing (or if shit got bad enough, executing) people left and right (haha see what I did there?), not knowing who was truly a loyalist and who is a secret Trump supporter. We'd bring them to their knees using their own ambition.
And yet, I remember there being a big issue with Obama and his BlackBerry when he first was in office. And Trump’s tweets always came from an iPhone. I’m sure they have “special” phones but that never sat right with me. And, honestly, who’s going to deny the President access to his phone? Quite alarming when you think about it.
This is why you set up an air gapped home network along side your regular internet network. You connect all the spy devices that you don't need internet access to, to the home network (so you have access to your media and whatnot, and take precautions with the internet connected network. Only secure devices.
Can anyone recommend a good modern "Dumb" TV?
Computer monitor + VPN + BitTorrent. You're welcome.
I have 2 smart TV but never let them have network access.
Do they have BlueTooth? They can be hacked if so.
I remember. And the cameras in your laptop.
https://wikileaks.org/vault7/document/Dumbo-v3_0-Field_Guide/page-2/#pagination
Weeping Angel
I am a youngling in this regards and oh boy... I am getting real paranoid about all this shit, really, really quickly.
from the start i knew social media and smart devices were a consumer trap
“If it is free, you are the product”
It’s good you’re learning! Anything with a microphone could be listening. And especially anything that responds to your commands unprompted by anything but your voice. Same goes with cameras and facial recognition software. They’re literally selling you “security” that has the ability to spy on you.
Oh holy shit, I found my new frens!
Even my clocks are analog. When I visit friends' houses, I make sure to announce myself to all the spy gear, loudly...
"Ok Google, Alexa, Siri, Bixby... order thirty pepperoni pizzas and play Lady Gaga".
It's more entertaining than you'd think. No one IRL likes Lady Gaga.
What are your friends' reactions???
Hasn't worked in a while for me, since I educated the majority of them. But when it did, it was like the seven stages of grief playing out in 30 seconds. Anger was usually directed at me.
Bargaining to make LG stop playing was the funniest.
Heck yea. My flipphone is camera faced down and off and mostly stays home. Mic and camera stay unplugged when not in use. You have to look out for all leaks these days. Just because you don't use IOT though doesn't mean you can't learn the protocols. Never know when things like that could come in handy.
Two different times I saw power outages keep people out of keyfob building doors. Physical is still better than digital in dire situations. When I see a Nest type thermostat inside a public building I suddenly shut up lol It's like someone standing there moving a mic toward my lips - it cuts me quick. Cameras have been around for years but always on IOT bothers me a lot more.
It'd be good to run cat6 and fibre, with easily-accessible conduits for upgrading. No need for wireless at all.
Each room gets one of those electrical outlets but for cat 5 cables lol That's what I'd want.
👆 this will save an immense amount of time and headache.
But for folks with an existing home a great way to run that network is to use existing wires like coax. Tie the cat6 to it, pull 2 cables through the wall, then pull the coax back into place with the extra cable.
Only if they didn't staple the coax or put any foam insulation around the holes. So extremely YMMV, but worth a shot.
25 years in IT. I refuse all voice activated stuff. I do have a wifi thermostat, but ZERO other smart home stuff.
My 10 year old printer finally died, so I do have a new one.
If GAB makes a phone, I'll probably buy it.
What are your thoughts on possible linux based phones?
Yes
I think it would be awesome. I'm a big Linux guy myself ever since the mid 90's.
I think a device with a small market share is less likely a target for big brother.
Network Security here. You stand out like a sore thumb when you connect with an esoteric device using extremely niche OS and browser.
The current best approach is to poison the well
Software engineer here. Yep, I don't trust anything with a processor
I like you
I spit my rootbeer when I got to the part about the printer and the gun!
I'm in my 30s and this is the mindset I've always held. I honestly can't understand people that hook everything up to the internet, so freakin' dangerous. Wtf, smart speakers, thermostats, lights, windows, doors? It honestly confounds me.
I grew up with tech in the 80s on a Tandy1000. Then saw BBSs in the 90s. If I had the type of phones and internet info and tech at my finger tips as a kid in the 80s/90s.. .Damn. I dunno how I woulda turned out. But I saw a hint of it at my GFs place on the holidays. Her young son was completely into all the voice activated alexa stuff. Tying in every lightbulb in the house, glass break sound sensors, you name it into alexa. I was/AM completely HORRIFIED at how much info Jeff Bezos has on you. Amazon can tell at any time where people are in the house, they can tell what lights in what rooms are on, when you are at home, when you are in the bathroom.
HOLY SHIT PEOPLE. On one hand I can see the glee in the kids eyes at this tech. But getting older has certainly shown me why my dad was always a bit scared at me logging on to BBSs..
I work in IT. In our training, it tells us not to take conference calls near any recording devices such as Alexa.
I'm neither programmer not engineer, but as a proud Luddite I won't have that crap in my house. I was pissed when the electric meter was changed against my wishes. Many days I'm sorry I have internet.
Didn't someone say there was an online thermostat transmitting info during the election? Not sure if it was a larp but I could swear I remember something about it.....
Yep I remember reading that and thinking it was quite plausible. Looks like it's already being scrubbed online:
https://web.archive.org/web/20210110203113/https://www.ar15.com/forums/General/A-smart-thermostat-spy-in-voting-machines-sent-data-direct-to-China/5-2407196/
https://joannenova.com.au/2020/12/a-smart-thermostat-spy-in-voting-machines-sent-data-direct-to-china/
Thank you! Very interesting.
Pretty much. IT guy here. I don't use WiFi in my house unless somebody is staying over and asks me to turn it on. I do have cat-6 wired to a couple rooms and outdoor IP cameras, which record to my own NVR server that cannot be accessed outside of my house. No smart home devices. Fuck Google. Fuck Amazon. Been saying it for years.
Anything that is possible bon the Google home devices is possible with your smartphone. So unless you use a flip phone you likely have similar exposure.
Even if you have a flip phone.
My HP Laserjet 4000 is 1998
And all this time I thought it was just me
AMEN!!!! Same here. I'm an engineer and will never put that shit in my home.
So true. I've been in IT for almost 30 years and everyone I know is low-tech as heck. Any new tech gets quarantined like it was an IED.
...that feeling when your 3D printer starts printing trebuchets...
I am a programmer. If I hadn't lost my firearm in a tragic boating accident, it would be resting atop my printer.
100% accurate may-may
Let me add another IT experts signature to this.. in big bold ink.
...um...my husband also works in IT. And he can't get enough of that Google/Alexa shit.
Wife? You're on patriots.win? I love you even more now.
Alexa, lock the door.
Ok google, turn the lights down low.
The only positive to Alexa:
Alexa what is the airspeed of a swallow?
https://youtu.be/MECcIJW67-M
Is he based, and just not aware of the danger? Especially with how chucked any responses are when you ask it a question? When I started dating my wife she had all that and I got rid of it Ron Swanson style.
He's not based...I haven't asked him why he's cool with all the "smart" devices. We'll probably end up arguing about how I've "overdosed" on MAGA. I guess he still has some faith in government, and he thinks we have nothing to fear if we're not doing anything wrong.
In reality...even though you are being spied on you really don’t have to worry. They are using you to advertise.
Biggest real dangers are 1) unlimited blackmail material on our business owners and politicians and 2) the ability to micromanage the entire country through ai, manipulation, and AB monitoring.
I'm a firmware engineer -- I basically work on these exact types of systems, and I agree completely with this sentiment. The silicon valley "pay with your privacy" model is scummy by design.
Some of this stuff is benign, but most of it is not terribly secure, so even if you have a product that was designed in good faith (they do exist - stuff that doesn't phone home to the cloud is usually at least intended to behave politely) there is a risk of it being hijacked and misused. Often a substantial risk, I am sorry to say.
On the other hand, I've kind of taken the attitude that the best way to fight surveillance is to stop wearing clothes at home. Spying on me should be its own punishment.
Hahahaha. I say that daily. My kids laugh because it's funny. I laugh because it's true.
/u checks out
engineer here. yup. agree.
Know the feeling and every sibling calling you a conspiracy nut because you use strong passwords and not using google and chrome and wifi has 20+ password length.
My sibling was thinking I was crazy at first then fully jumped into privacy and is now more concerned than I am, it was quite comedic but very reassuring
Any smart home or home surveillance should be on a closed circuit network that has no possible way of connecting to the Internet. Which would mean using an open source software and raspberry pis that you have full control over, not like Alexa's setup. Which is still, for the time being, too complicated for the "techies."
I'm a computer science major and could probably figure this stuff out if I was pointed in the right direction, any suggestions?
There's a couple open source smart home alternatives to Alexa, such as openHAB, but the quickest way to get started is switching from Amazon Fire TV sticks to Raspberry Pi as your home media centers.
Governments exploited parallel port printers to install malware, and that was I think before 2004.
Wasn't.just governments... ;) DMA channels FTW!
yeah, service ppl act like im crazy when I say no to all tech features
As someone who falls squarely in the tech enthusiasts bracket can some galaxy brained pede explain why it’s so bad? Is it just privacy?
Here's some of the potential pain paints with IOT especially.
Lots of it runs off of electricity - so when it "phones home" by communicating with its software repository or does any checking in, or spies on you, or is being actively hacked or attacked, it's using your electricity and costs you money. If it's plugged in, for sure, it's using your electricity regularly.
CHECK + uses more electricity
Same with the bandwidth on your internet line, any time those devices call home, check in, spy on you, are being hacked or attacked, they are using your internet bandwidth.
CHECK + uses more internet bandwidth
When you have any device running on your internet, it likely has a "port". A port is how it transfers bandwidth to and from the internet. That port being open is like an invitation to anyone exploiting software. When someone does a "port scan" on your network they hear that device broadcast (like someone screaming across the room) I'm over here... I'm ready to talk.... do you have something to say to me? Oh you want to issue me a command - ok, I can do that. And that's how you get hacked. But you don't know about it because you don't turn off that device that is crucial for your life. So now you have either a nasty attacker spying on you because of a bug in software or a known exploit, or something still unknown to security people. As an example, there were exploits only found YEARS later in Windows OS that came right through the ports.
CHECK + vulnerable to more port scanning vectors and inquiries
Another thing with ports is worms... ok worms don't need you to DO anything. Just being connected is enough for them to sneak in (again through a port, most likely). They travel around networks looking for openings and aren't driven by humans, only let loose once then travel the wires.
CHECK + vulnerable to worms when never offline
This is more rare but employees can go rogue at companies and release software that has built in backdoors. You might buy a product with perfectly fine software but they hire someone who makes money off rogue software in their product. Orrr they could be purchased by a company that doesn't have good intentions (Didn't Google buy Nest from someone else...) Since so much code is closed source, you couldn't read about if you wanted to without a lot of effort. You will rarely hear about a rogue employee because it embarrasses the company. They will fire the person (if they find out) but not make public statements unless someone finds out.
CHECK + vulnerable to rogue software because you don't choose when the software gets installed, it is under someone elses control
Then the OP mentions something else - if it's electronic, you need electricity to use it (so they mention mechanical devices as alternatives).
CHECK + less hearty during power outages, natural disasters, grid meltdown, electronic attacks, and sometimes sun flares, bit flipping from cosmic rays (that's when a 1 becomes a 0 or the reverse and it messes up storage hardware or running software) - cosmic rays can come from space at any point to earth
Here's the worst one. Just like Twitter bans people it doesn't like... what if Amazon could turn off your ability to shop and Google turn off your ability to heat your home (until you step into line on the internet and speak correctly). Trusting outside companies to all your appliances and even your ability to heat your home.... well... I suppose you REALLY trust them, huh. Can't say I do since they've abused power previously.
Very well explained, thank you.
I've been on many calls with brilliant people, far more knowledgeable than myself. One thing they all share in common is the ability to simplify complicated topics so a layman can understand and feel empowered. Your level of mastery and sharing this information is appreciated, u/creamkern
Like OP, I work in tech but abhor most modern devices. As others have stated, it almost isn't worth the time to fight the IOT invasion because it's on so many fronts. However, as you've shown, there are many ways we can fortify our home gear and provide effective protection from average and even some advanced attackers.
Make sure the doors are locked when you go to bed... just don't do it from your bed.
Remember that days when GRC was raising hell about all the ports being easy access
Wow never heard of OpenWRT before. Something to learn about for me.
It's a great piece of open source software to run your router, really easy to flash and keep running, tons of plugins. etc.
It's almost as if I wrote this... 10/10
This is the way.
IoT = Invasion of (your) Technology
Memes against technology are a smidge on the ironic side.
I wouldn't stress about it though. This whole internet thing is probably just a fad.
programmer and sys admin for almost two decades here: most people that become too paranoid at this shit are impractical and disfuncional.
You can be in the middle ground: not having too much IoT shit but having a modern life. Besides, good luck convincing you family and friends not using anything, which, unless your inner circle stays as far away from tech as you, you aren’t “off the grid” you are just shooting yourself in the foot in your delusion.
if you want to beat the system fuck with it and hack it, not stay secluded as a hermit. Get a good firewall, not freaking Linux in assembly code that you have to compile.
If the government wants to find something about you, they will, and if they can’t, they will invent it.
You call more attention to yourself by being a fucking blackout-ToR-SMS guy, than by being average.
Remember this? https://external-content.duckduckgo.com/iu/?u=https%3A%2F%2Ftse3.mm.bing.net%2Fth%3Fid%3DOIP.wwMPaHv51ocwKOX38nt9UQHaFj%26pid%3DApi&f=1
I'm a computer science major and I can confirm that technology is a huge threat to everyone's safety
openwrt absolutely fascinating
And a bad idea for the vast majority of people. If you don't know what you're doing it's just as bad or worse than a semi-trustable company.
I am a security expert and yes I don’t have none of that shit and I also disabled Siri in all of my devices. Only work with aliases online and conduct most of my internet traffic through proxies and tor routers.
I currently have tech only because I currently have nothing to hide I put emphasis on currently
I wonder how many people whose various cams livestreamed on the internet without their knowledge (to the amusement of 4chan and the like) thought the same.
Reminds me of the good old days when some autist found a way to search on Google for misconfigured web/nanny/surveillance cams that were accessible to anyone on the web, some even with movement controls.
Heck there was even Ghislaine Maxwell's hearing on a teleconference that got hacked and had 11,000 people listening, haha. On the flip side I think I may be OK with our corrupt justice system using such tech.
Good old days? That's today. I can give you the google search if you are interested.
Question for OP, I get the rest of it, and that connected thermostats can give a company an idea when you are home or not, but is there something else the general population should know about with them?
all these "smart" devices are a potential backdoor to your LAN. They download updates, so at any time the vendor (or someone doing a man-in-the middle attack pretending to be the vendor) could decide to activate a VPN client on it (or any other form of tunneling) and presto they are into your home.
The very minimal value provided by being able to remotely control your home's temperature does not justfiy introducing that kind of security risk. Also, these devices are made by companies whose specialty is pumping refrigerant around... they have extremely limited software expertise to put it politely. Not their domain. There is no reason to think they would be well designed to be secure.
Don't put them on your LAN? Mine are on their own VLAN. They can talk to each other, and to the internet.
I didnt consider the update vector being used to gain local access. Thanks.
I got some of those little Wyze cameras with a giftcard I got for Christmas.
Cloud app? No thanks. I'll just spend an evening figuring out how to install custom firmware and turn them into dumb RTSP streamers my edge server can ingest and multiplex and eventually record and run motion detection on.
Home automation is fun to play with if you're rolling your own. Also got some ESP32 monitoring gizmos I'm about ready to deploy around the house, running my code.
Not so far off here!