Traitorware - the dangers of hidden data

 Back in 2007, when geotagged photographs of newly arrived helicopters at a U.S. Army base in Iraq were published to the Internet, they allowed insurgents to determine the exact location of the helicopters inside the compound and conduct a mortar attack. Four of the AH-64 Apaches on the flight line were destroyed in the attack.

Upon opening the Path application on your phone, it automatically uploaded your address book to Path's servers so it could find "friends" that you might want to connect to without asking for explicit permission to do so, or even implicit permission for that matter.

In the U.S., data from grocery store loyalty schemes has been used by security services to search for terrorist suspects. Turns out the number of toilet rolls you buy can be quite telling.

There was an interesting paper recently by Adam Sadilek of the Department of Computer Science at the University of Rochester. It talked about how geotagged tweets could be used to locate individuals, even if they themselves didn't geotag their tweets — it was enough that their friends did so.

From this article.

EFF on traitorware

No comments: