Yeah, I’m really wondering how many, of these 'Business 2 Business/Government (B2B/B2G) “solutions”, are hiding in plain sight. Researching ‘smart cities’ led me to tech100.pro, back then listing: videtics.com/en/integrations, showing Genetec as a partner. Ultimately, it’s just a matter of knowing what to search for: it all right there, just not marketing itself to you and I, but to organizations instead.
I’ve sunken way too much time into writing this haha. But I figured it important enough
From left to right, top to bottom: 2 fixed box cameras (most likely 2 generations of ALPRs: an older (larger/yellowed: which they won’t bother removing, and instead keep for redundancy), and a newer (more capable) model), a ‘Pan Tilt Zoom (PTZ)’, and what appears to be a radar sensor (for detecting objects: possibly serving as a redundancy, during challenging weather conditions). I suspect the radar sensor got installed first (just for perimeter intrusion detection), they added the old ALPR next (to detect patterns in registered license plates); and the rest as an upgrade (including an increased field of view: through the PTZ’s movable head).
The biggest privacy loophole in WhatsApp is cloud backups. By default, unencrypted updates to the backup, flow through WhatsApp servers in a readable format, to be encrypted on the server-side by the cloud providers (Google or Apple). Even if specifically opting into E2EE backups, the cloud provider still receives the contents in readable format (as it does the encryption of the backup). Even if you personally don’t have this “feature” enabled, the other end might; and your interactions are also included in their backups. On a stock device there’s an entire myriad of other potential vectors; too many to list here.
I noticed it just before heading to bed, so I’ll take the sound bit of advise, and sleep over it the next time haha.
That’s correct, I’ve also added some ALPRs to OSM; which is why I decided to check it once more. There’s other websites, which also render ALPRs (alongside other surveillance POIs) on a map. However, DeFlock’s is the most clear for ALPRs in specific, at least for what I’ve seen, and also providing information on the subject. I simply noticed it being offline, and figured it might be relevant to the community.
E2EE isn’t really relevant, when the “ends” have the functionality, to share data with Meta directly: as “reports”, “customer support”, “assistance” (Meta AI); where a UI element is the separation.
Edit: it turns out cloud backups aren’t E2E encrypted by default… meaning: any backup data, which passes through Meta’s servers, to the cloud providers (like iCloud or Google Account), is unobscured to Meta; unless E2EE is explicitly enabled. And even then, WhatsApp’s privacy policy states: “if you use a data backup service integrated with our Services (like iCloud or Google Account), they will receive information you share with them, such as your WhatsApp messages.” So the encryption happens on the server side, meaning: Apple and Google still have full access to the content. It doesn’t matter if you, personally, refuse to use the “feature”: if the other end does, your interactions will be included in their backups.
Cross-posting my comment from the cross-posted post
Hmm, maybe it also monitors for changes to the DOM: cosmetic filtering done by uBlock (to hide/remove containers for these elements)? Something which network filtering by itself cannot do?
Checking the network traffic, it does a series of “s_a_f_e…Overflow” (indicating safe buffer overflows?), replacing them with filter-list-specific domains after the overflow (the address after the long string of characters); triggering uBlock to block these requests?
It’s been like that for quite a while. I remember deleting all big-tech accounts in 2019, and shortly after, Facebook started requiring login for full public page access. Therefore I created a burner account using a ‘this person does not exist’ picture, which provided me short-lived access after manual review. For account recovery, I was required to supply additional selfies (or even video-selfies?), but at that point I gave up.
Great article! “education” … “risk assessments” … “early intervention” … Got to break their spirit while they’re young
I don’t turn my face towards houses while I’m walking if I notice a doorbell camera
I do that haha… In all seriousness, I’ve recently quit my job as mailman, in part because of this. Year after year I saw the number of doorbell cameras increase, and so grew my discomfort of my job requiring me to expose myself, to these privacy-hostile situations. The worst case scenarios were semi-detached houses: since the doors to the paired addresses are right beside another. Between the entries there’s often (decorative) separation, requiring some acrobatics to shortcut to the next address. If the second address would have a doorbell camera, while requiring me to sidestep between the obstructions, I could either: A) face the door and have my face right up to the camera, or B) turn my back to it and spin back into position. I did the latter, and I HATED having to adapt my seemingly simple job to this extend, just to protect my dignity.
The Netherlands technically requires a sign which indicates camera surveillance, besides having to direct cameras in such a way that they cannot capture the public sphere. But have a guess at how much enforcement there is in this regard…
It really is… I’ll definitely further explore some of the concept mentioned in this piece. The GDPR foremost, the role insurance companies play in this, and perhaps common implementations.