Winter September 15, 2020 12:28 PM

This is another example that EVERY precise measurement is a privacy risk. It does not really matter what is measured.

Clive Robinson September 15, 2020 12:49 PM

@ ALL,

The risks of environmental sensors leaking information has been known for decades.

Some longterm readers may remember that the frequency the CPU crystal (xtal) runs at can via the fact it changes be used to measure the temprature inside a computers case, thus it’s work load.

This can then produce information about where the computer is by the load cycle identifing the latitude and the environmental temprature the longitude.

Further work enabled the likes of “Honey Pots” to be detected by comparing network timing thus easily revealing individual computers that were set up to appear to be entire networks. The attack required to get the network timing would appear to the honey pot operator as a “brain dead script kiddy attack” thus get ignored. However the willey hacker having enumerated the network and having high suspicion that it is a honey pot then does not use their hard won zero day exploit on it, thus prelonging the zero day exploit life.

But thus being able to determine that one set of hardware is acting as two or more hosts alows all sorts of other Advanced Pen Tester tactics to be developed.

Over at the UK’s Cambridge Computer Laps one researcher showed that what are now in effect known as “Dark Services” and their users could be revealed remotely.

I’ve pointed out frequently that the “Smart Meter” sensors have sufficient bandwidth to be able to determin what channel or video a person is watching in their home, when they get up how long they shower for when the cook, wash clothes vaccume the house or even in some cases put their phone on to charge…

The important point the researcher does not bring forward is “efficiency-v-security”. As we make things more efficient their power signiture and other signal bandwidths open up alowing more information to leak.

It’s important to know this as you then start to realise that even though someone might think that “low pass filtering” the signal mathmatically (averaging) removes the information, in fact it does not. It simply moves the signal energy across the bandwidth. There are known techniques that can partially reverse this and in effect strip off some of the averaging effects getting the signal back.

Whilst it’s a fairly complex subject there are obviously people out there with the required skills and a desire for a high salary. Which tells you that people are going to put the effort in.

So the moral is do not alow access to any of these sensors or their signals because they will be used to get PII etc about the user.

If you do not believe that have a think for a moment about an obvious example, Google and it’s input field spell checker sending your typing cadence back to Google. Do you realy think Google does not exploit that?

Winter September 15, 2020 1:50 PM

“It simply moves the signal energy across the bandwidth.”

At a certain point, it will become impractical or even impossible to refuse to be “measured”. Below a certain efficiency, social life becomes not possible.

I do not think there is a technical solution. Any effective solution must be political and legal. Which mean bad luck in many places in the world (including the Anglo-Saxon world).

Winter September 15, 2020 2:09 PM

Short term technical solutions to the privacy risks of high precision measurements are already discussed in the paper: Coarse graining of the data and adding noise. These are trade offs between protection and usability. Not real solutions.

Singular Nodals September 15, 2020 6:36 PM

Sometimes, perhaps, de préférenx, most of the time, the lights, ambient or other, are on but nobody is home.

lurker September 15, 2020 6:48 PM

Going on 30 years ago there were posts on lamenting the fact that people had already [sic] forgotten what the first “t” represents in “http”. Oh, and the “transfer” of the second “t” was intended to be in only one direction.

Sherman Jay September 16, 2020 10:46 AM

I am not as sophisticated as most on this blog (and certainly not as sophisticated as Bruce) and I don’t/won’t own a ‘smart’ phone. But, if this ambient light technique runs a ‘visited: true/false’ test on the browser, for that one vulnerability couldn’t you avoid that by just setting the browser to not retain any history?

SpaceLifeForm September 19, 2020 5:21 PM

@ Moderator, Clive, ALL

Why is “[redacted]” trying to hire a hacker?

The motive is BS. Trying to push TOR.

“[redacted]” is just a troll.

The language is a giveaway.

Leave a comment


Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via

Sidebar photo of Bruce Schneier by Joe MacInnis.