I left my shocked face next to the mountain of documented government abuses...
Why are people thinking this is new? Your data down to your current browser session and current location have been sold as much as possible for almost 30 years. Tracking pixels replaced tracking cookies that is linked to your habits and metadata heuristics can pick a single person out of the noise of thousands doom scrolling the same dumb information.
And the .gov has been using it for quite some time - data brokers sell it as readily as adtech has sold your habits to .com. Best part for them - they do not need a judicial oversight to access it and they have unlimited resources to pay for it - look at CALEA.
I doubt they are looking for protesters in general. But it does make it easier for them to "target" people not aware or smart enough to maintain good OPSEC.
As the privacy advocates warned for, what, a decade now?
Who needs the Chinese surveillance system when adtech companies will create mass surveillance for their own profit that the government can use for free?
So, someone should modify openclaw to generate fake personal data, and plug in a fuzzer that creates variants to confuse the AI tech you know these ignorant billionaire techlickers are using to aftempt to build the panopticon.
It isn't as easy as it sounds. It's a lot of fingerprinting, location, and metadata aggregation from an astounding variety of sources that is extremely difficult to fake - It can pinpoint you to an astounding degree. I have been working off and on the last 3 years in the privacy space (passion project) on a similar concept of adtech data obfuscation, and it's far more complex than just "put a fake birthday in a form" (although stuff like this can manifest in interesting ways).
Differential analysis is amazingly powerful. If you're in the US - 30 bits is all you need. And not all bits are equal - some come with implicit anchors, allowing you to segment and search efficiently.
If you know the state, the median number of bits needed is 23. If you know the city, around 10 bits is all you need to identify you as a unique individual.
A drunk raccoon with one eye and a missing paw can sieve out 10 bits of information about a particular person.
You can do probabilistic assumptions and segment the population by fuzzy characteristics you get, like stylometry, assumptions about native language, interests, etc. For a giant database like the spies and agencies have, they can do probablistic ID with extreme accuracy based on a tiny number of leaked bits.
If you snag a giant pile of readily available website data, then tag the person of interest based on that data, then any time you process new data, you can get a probability of that new data being associated with an already known person. Set a five nines threshold, or higher, and then assume those matches are legitimate, and you can chip away at all sorts of identity handles. From there, you can start doing contrastive searches, sieving out known quantities, improving the statistical accuracy of those fuzzy parameters.
Deanonymization and such is borderline trivial, consumer compute is about 5 generations past the threshold where a global database would be considered particularly difficult or challenging.
Fingerprinting is very easy, but obfuscating it is incredibly challenging, with all of the implicit, deliberately leaky data transactions that are imposed on us.
These technologies are easily and readily available for whoever wants to pay for it. I personally believe the scope of the privacy nightmare will result in a glut of faux “privacy” oriented services that just serve the monster more.
I can tell you know what you are talking about here, but communicating this to the masses is difficult to why this matters or how bad it is. Unfortunately there’s a strong industry incentive to keep the status quo.
I take the more cynical view privacy is impossible to participate online, let alone anonymity, and would love a disruptor in the space, but at this point, I’ve become so cynical that participating as minimally as possible in it seems the only real solution. But I am not fatalistic, and cannot expect people to consume things the way I do, so I keep trying. You can’t really fight it in any real way, so my approach has been monitoring, observing, informing, and learning.
I've made astoundingly little technical progress, not much to talk about. Mostly just observations and experiments, but then you look like a malicious user and I definitely ate a platform ban over it once and stopped that. My posting and submission favorites history probably indicate a bit where my interests lie. My most recent work is leveraging data broker removal services (and some letter writing sometimes) to get my address to disappear off the google front page on the barest search of my real name (which is very unique, and without asking google directly) - this is something I want to try to sell and is the most success I've had, but it's a total blackbox, doesn't even approach the scope of the real problem, and as a sibling comment gets at, the tech you are fighting is simply far too powerful and ubiquitous. You're better off at just looking "uninteresting" online, is what I'm slowly concluding, but what is uninteresting today can become extremely interesting to governments of tomorrow.
"Phone Swap Collective" ... You keep an extra smart phone... then just swap phones with people who commute to different areas of your city each day. Keep social media accounts that are effectively "bots" on the collective and post real BS multiple times a day via AI bot interactions.
Give a prepaid to homeless along with a month long bus pass... let 'em ride all over town.
I left my shocked face next to the mountain of documented government abuses...
Why are people thinking this is new? Your data down to your current browser session and current location have been sold as much as possible for almost 30 years. Tracking pixels replaced tracking cookies that is linked to your habits and metadata heuristics can pick a single person out of the noise of thousands doom scrolling the same dumb information.
And the .gov has been using it for quite some time - data brokers sell it as readily as adtech has sold your habits to .com. Best part for them - they do not need a judicial oversight to access it and they have unlimited resources to pay for it - look at CALEA.
I doubt they are looking for protesters in general. But it does make it easier for them to "target" people not aware or smart enough to maintain good OPSEC.
As the privacy advocates warned for, what, a decade now?
Who needs the Chinese surveillance system when adtech companies will create mass surveillance for their own profit that the government can use for free?
Remember the age of post-privacy? I think some guy who liked to buy up houses next to his own was blabbering about it at some point.
Ever better, the govt will pay the ad tech companies for the data. Win win.
So, someone should modify openclaw to generate fake personal data, and plug in a fuzzer that creates variants to confuse the AI tech you know these ignorant billionaire techlickers are using to aftempt to build the panopticon.
It isn't as easy as it sounds. It's a lot of fingerprinting, location, and metadata aggregation from an astounding variety of sources that is extremely difficult to fake - It can pinpoint you to an astounding degree. I have been working off and on the last 3 years in the privacy space (passion project) on a similar concept of adtech data obfuscation, and it's far more complex than just "put a fake birthday in a form" (although stuff like this can manifest in interesting ways).
Differential analysis is amazingly powerful. If you're in the US - 30 bits is all you need. And not all bits are equal - some come with implicit anchors, allowing you to segment and search efficiently.
If you know the state, the median number of bits needed is 23. If you know the city, around 10 bits is all you need to identify you as a unique individual.
A drunk raccoon with one eye and a missing paw can sieve out 10 bits of information about a particular person.
You can do probabilistic assumptions and segment the population by fuzzy characteristics you get, like stylometry, assumptions about native language, interests, etc. For a giant database like the spies and agencies have, they can do probablistic ID with extreme accuracy based on a tiny number of leaked bits.
If you snag a giant pile of readily available website data, then tag the person of interest based on that data, then any time you process new data, you can get a probability of that new data being associated with an already known person. Set a five nines threshold, or higher, and then assume those matches are legitimate, and you can chip away at all sorts of identity handles. From there, you can start doing contrastive searches, sieving out known quantities, improving the statistical accuracy of those fuzzy parameters.
Deanonymization and such is borderline trivial, consumer compute is about 5 generations past the threshold where a global database would be considered particularly difficult or challenging.
Fingerprinting is very easy, but obfuscating it is incredibly challenging, with all of the implicit, deliberately leaky data transactions that are imposed on us.
These technologies are easily and readily available for whoever wants to pay for it. I personally believe the scope of the privacy nightmare will result in a glut of faux “privacy” oriented services that just serve the monster more.
I can tell you know what you are talking about here, but communicating this to the masses is difficult to why this matters or how bad it is. Unfortunately there’s a strong industry incentive to keep the status quo.
I take the more cynical view privacy is impossible to participate online, let alone anonymity, and would love a disruptor in the space, but at this point, I’ve become so cynical that participating as minimally as possible in it seems the only real solution. But I am not fatalistic, and cannot expect people to consume things the way I do, so I keep trying. You can’t really fight it in any real way, so my approach has been monitoring, observing, informing, and learning.
Would you ever blog/talk about it? Sounds interesting.
I've made astoundingly little technical progress, not much to talk about. Mostly just observations and experiments, but then you look like a malicious user and I definitely ate a platform ban over it once and stopped that. My posting and submission favorites history probably indicate a bit where my interests lie. My most recent work is leveraging data broker removal services (and some letter writing sometimes) to get my address to disappear off the google front page on the barest search of my real name (which is very unique, and without asking google directly) - this is something I want to try to sell and is the most success I've had, but it's a total blackbox, doesn't even approach the scope of the real problem, and as a sibling comment gets at, the tech you are fighting is simply far too powerful and ubiquitous. You're better off at just looking "uninteresting" online, is what I'm slowly concluding, but what is uninteresting today can become extremely interesting to governments of tomorrow.
"Phone Swap Collective" ... You keep an extra smart phone... then just swap phones with people who commute to different areas of your city each day. Keep social media accounts that are effectively "bots" on the collective and post real BS multiple times a day via AI bot interactions.
Give a prepaid to homeless along with a month long bus pass... let 'em ride all over town.