Apps That Are Spying on Your Location

404 Media and Wired are reporting on all the apps that are spying on your location, based on a hack of the location data company Gravy Analytics:

The thousands of apps, included in hacked files from location data company Gravy Analytics, include everything from games like Candy Crush to dating apps like Tinder, to pregnancy tracking and religious prayer apps across both Android and iOS. Because much of the collection is occurring through the advertising ecosystem­—not code developed by the app creators themselves—­this data collection is likely happening both without users’ and even app developers’ knowledge.

Tags: , , , ,

Posted on January 10, 2025 at 11:27 AM28 Comments

Comments

Larry Seltzer January 10, 2025 12:53 PM

Do they actually have anything more than IP-based location? Because that’s border-line useless.

SeymourButts January 10, 2025 1:42 PM

Just want to give you a heads up that your source link has a login-wall that will stop your readers. Probably should blacklist 404 media from linking on the blog.

Who? January 10, 2025 4:58 PM

Is there any chance to get a link to a source that is not behind a paywall? It would be great having a complete list of compromised apps.

Clive Robinson January 10, 2025 5:34 PM

@ Bruce, ALL,

For a jaded old soul such as mine, you have to be somewhat cynical about various aspects of life.

Like Banks and other Financial institutions are always going to be a long way behind on the security of there users (which is why Sim-Swap attacks still work).

What this “advertising ecosystem” tells us is that there is a distinct lack of ability for people to make money on the Internet in ways most would consider “honestly”.

As the old saying has it,

“This is why we can’t have nice things!”

Like Privacy and the Anonymity and Security that underpins it.

Worse, as people find out, those that push to have Privacy “In Real Life”(IRL) and Online / Virtual life those that make the legislation and regulation are “bought off” by Big-XXX lobbyists.

Obviously there is an issue there because you can not be in a “democracy” where “lobbying” and those with “unlawfull interests” can,

“Buy what they want, when they want.”

Effectively with impunity (as the legislation to turn unlawful into illegal / criminal does not happen, or atleast not often).

Thus shocking as this “out of sight” behaviour of those in the “advertising ecosystem” is, in all honesty I can not say I’m even remotely surprised.

Two things people need to understand at a very in-depth level these days,

1, Your Mobile phone number or Email address are now near “universal identifiers” once known.
2, That E2EE and Storage Encryption, now nolonger realy work due to the various forms of “On Device in UI” or “Device Side Scanning” and “fingerprinting”.

Worse the oft faux-legal excuse of “Know Your Customer”(KYC) is used to force you to divulge those “universal identifiers”. Or another wheeze is 2FA using those identifiers for the “side channel”, thus requiring they be divulged.

With just about every advert that happens in your internet or email client is acting either directly or indirectly to do “Device Side Scanning” or “Fingerprinting”.

The “universal identifier” and “fingerprint” are very very quickly irrevocably linked.

Worse the data that then gets recorded is easily available to those involved in “SIM Swap” and similar “social engineering” attacks.

Are there ways to stop this?

Yes use “throw away identifiers” and “change your system fingerprints frequently”.

But the sheer level of “Operation Security”(OpSec) to do this is way beyond most peoples capabilities, due to the way humans generally work.

In the past I’ve indicated,

1, Turn off JavaScript and more recently those HTML5 extensions etc.
2, Don’t have a Personal Email account, and never use the Work one for Personal.
3, Have at least two computers, one that is “Private” and one that is “Public”.
4, Where possible remove all mutable memory from the Public computer and never ever use it for Private activities.
5, Don’t have an Internet or other Communications or Connections that connect to your private systems.

For which in the past it’s been suggested I’m “Paranoid”. Yet here we are at the start of 2025 with an example of why the above points are not in any way paranoia, and were just the minimum of sensible precautions.

But they are now actually insufficient, because there are those that really “are out to get you” in their DataBase or as Nixon used to say “On my list”[1]. With Google, Microsoft, Meta and Apple being just the more obvious actively pursuing ways to make Fingerprinting and Device Side Scanning “built in” and “unavoidable”.

[1] Yes Nixon really did have an “Enemies List” and for a while it became public knowledge and shocked people. Now it’s mostly not known by those less than a half century old, who mostly have only heard at best a “Cliff Notes” version on “Watergate”. It teaches a lesson of “Abuse of Power” that everyone living in a Democracy or Republic should be quite cognizant of,

https://en.m.wikipedia.org/wiki/Nixon%27s_Enemies_List

Lardy January 11, 2025 10:04 PM

It’s behind a paywall. I’m curious about this topic as well as some others on 404. The Record (R3corded Future) had a great podcast on this issue about a year ago. Any pro/detractor for signing up to 404 (paid)?

lurker January 12, 2025 1:11 PM

@dbCooper
Thanks for the Wired link. Note all the guilty consciences lining up with their Pollyanna excuses.

That article mentions location data from at least two sources: IP geolocation, and GPS. Getting these “easily” and “free” from an ad tracker is not much different from the LEAs getting the cell tower location from the telco at a click of a button.

I know that my geolocation data always shows my telco’s gateway address, not mine. And I always have GPS OFF except on the rare occasions I am really lost and need to know where I am. If FCC requirements for 911 call locating require GPS to be always ON for phones sold in the USA, then we have another case of being careful what you wish for.

I am not a resident of the US, nor was my phone made or sold for the US market. But when I interact with some US-based services, they will often complain that I have my “Location Service” OFF, even when my location does not seem to have any relevance to the particular transaction.

Robin January 13, 2025 3:51 AM

@Lurker, All

Not sure if this is relevant to your experience but I have apps that connect to devices via bluetooth and/or wifi and continually harass me for location, which is evidently not needed for the app itself. On trying to find out why I ended up with:

For iOS:
“This location information is mandatory from iOS version 13 to share the Wifi connection information.”

and

“To provide users with greater data protection (sic!), starting in this release, Android removes programmatic access to the device’s local hardware identifier for apps using the Wi-Fi and Bluetooth APIs.

To access the hardware identifiers of nearby external devices via Bluetooth and Wi-Fi scans, your app must now have the ACCESS_FINE_LOCATION or ACCESS_COARSE_LOCATION permissions”

That was Android 6 (link:
hxxxs://developer.android.com/about/versions/marshmallow/android-6.0-changes#behavior-hardware-id)

Once a connection has been made, the apps seem to work without the location data – so I turn it off; nevertheless the apps continue to ask for it.

Larry Seltzer January 13, 2025 7:32 AM

@lurker
You and I had the same thought about IP-based location. It’s basically useless for tracking someone. I wrote an article a couple years ago about it in the context of claims about TikTok tracking and if I’m somewhere in Manhattan, the location they get is “New York.” When I’m at home in an NJ suburb, they get a different NJ suburb 15 miles away.
Apps can only get GPS location if you explicitly grant it, and they generally don’t even ask unless you do something specific to require it, like try to location-tag a post. I tested this with TikTok and it behaves as I expected.
But 911 is an exception. They get access to GPS data, and this is obviously the right thing to do.

ResearcherZero January 13, 2025 10:12 PM

@Larry Seltzer

Where the accuracy increases, is use over time. As more and more data is collected then the accuracy can improve. With enough data then a device’s movements can be determined. The other devices and mobile hot spots or WIFI networks, Bluetooth all assist the process.

Multiple methods of determining location can be used in combination to produce a more accurate result. Most mobile devices have built in GPS/GNSS receivers of varying quality. The devices tend to vary, where some devices may have an accuracy of within 2 meters and others more than 20 meters. This can depend on the device model and a range of other factors. An accuracy of 20 meters will no doubt be good enough to locate your residence.

If the user of the device has enabled Location, then the location information can be sent immediately to a third party as soon as they use a feature within an app which accesses location data. This might be a camera, map or photo app for example (among others). Apps use SDKs (software development kits) to make development easier, which sell your data.

Mobile phone companies also sell location data to third parties.

Whether the device is in proximity of multiple base stations, such as in built up areas, and the method used to determine location, impacts the accuracy of the location measurement. In remote areas where the device may only be in contact with a single base station, the location may be out by kilometers. In the city it’s possible it may be within 5 meters. It also depends on which other features are enabled, WIFI, Bluetooth, etc.

But remember, over time a more accurate picture can emerge, thanks to fingerprinting.
Some methods claim to reach accuracy below 2 meters, but within “optimal” conditions.

‘https://www.hsc.com/resources/blog/positioning-techniques-for-mobile-devices-in-lte/

It’s a multi-billion dollar industry with a crap load of brokers buying and selling this data. Some of the types of apps and the information collected is listed here:

https://www.nytimes.com/interactive/2019/12/20/opinion/location-tracking-smartphone-marketing.html

ResearcherZero January 13, 2025 10:25 PM

If you live in a war zone, turning off Location probably won’t help avoid 200 lb bombs.

ResearcherZero January 13, 2025 11:36 PM

@Larry Seltzer

All in all it’s around 50-50 that we might hit you or we might hit your neighbour. It’s 50-50 we know who was responsible, and 50-50 we are targeting the right person. It’s a 50-50 chance if they have been operating for 50 years or 10 years. We might know exactly who they are, which military department directed it, who gave the command, who was in charge of the unit, exactly what equipment was used and how it works, or we might not. We might know the specific agents they had on the ground or if they were using proxies, if they paid bounties for each individual who was targeted and killed, we may not know at all.

Only around 2500 individuals have authority to sign off on targeting using means like metadata, and most of the time there is no real certainty regarding who has been hit. It is estimated that collateral damage may be as high as 95%, with around 50% women or children.

“Algorithms, at their best, merely tell us about relationships.”

‘https://www.e-ir.info/2021/02/18/death-by-data-drones-kill-lists-and-algorithms/

ResearcherZero January 14, 2025 1:30 AM

@Clive Robinson

The advantage of paying annually for products like Office 365 is that they track you and sell your location data, while the free products like Libre do not. That is why they discount Office products to students and force install it on Windows, then regularly add and remove a hidden header to documents to break comparability with other products.

There is even a cool new Microsoft lock-in device that signs people into Office 365. It runs a version of Linux that cannot be modified and ensures it only works with Office. You can install the device at your business then lock all of your employees into Office 365!

Convenience has it’s advantages, but they are somewhat limited once you drive 5km from town. You can yell “Cooee!” which can be heard from a long distance. The scrub is pretty high around here, often above 6 feet high, so it’s preferable that everyone at least whistles or makes some kind of noise so you can find one another.

You can guarantee that at least the ticks will find your warms spots.

I always whistle, clap my hands and make a lot of noise so my wife can find me and the snakes get out of the way (hopefully also the goannas and their inch-long claws). Though I’ve never had to use the snake bite bandage in the glove box.

I’m more worried about the goannas to be honest, they sometimes mistake people for trees!
If they run towards you, laying down flat on the ground avoids being climbed by goanna. 😉

Though I have been bitten by Microsoft, right on the bum when I was bending over!

Clive Robinson January 14, 2025 2:16 AM

@ Lurker, ALL,

A question that is not being asked about “location” is,

“Why Apps?”

After all we’ve known how to track animals and humans for over a hundred thousand years, probably longer as “hunters”. Likewise carnivorous creatures have done it since before the dinosaurs and probably before life existed on dry land. Because even very basic single organisms can “track” via chemical or energy sensing.

The answer is actually one of “pollution” or “electro-smok”.

As individuals we now push out all manner of EM Radiation that travels out from us for miles. And as some are now only just realising with MSM reports on Starlink and others wanting to provide “mobile phone service” from satellites, it’s actually hundreds of miles into space…

That is we do not need “Apps” to get location at all to find an EM radiating individuals location, nor do we need the individual to have GPS or some other way to know their location to report it by the app.

Anyone who has worked with “Emergency Position Indicating Radio Beacon”(EPIRB) and similar systems over the past half century or morr knows this implicitly, all you need is an accurate “time difference”. Back in WWII we had the birth of the Gee system,

https://en.m.wikipedia.org/wiki/Gee_(navigation)

From which most other radio navigation / positioning / location systems have evolved[1]. Modern GPNS systems when used correctly can get position down to fractions of a meter (by near differential and long averaging) sufficient to measure continental drift.

So we come back to “Why Apps?” Well the answer is that “hunting” by traditional methods is both resource intensive and single target focused.

That is the ROI on traditional single target surveillance methods is very low, but the use of Apps is an “industrial process” not “bespoke” thus has a cost amortized across millions of people. Better yet it is in effect “automated” and in effect free-rides off of other technology as well as having a “mass market” for the data.

However it is all predicated on you being an “EM Radiator”. If you don’t radiate EM irrespective of you having a backdoored App on your mobile phone you are “invisible” to these current tracking systems[2].

Hence the reason other technologies are being investigated for industrial mass surveillance[2] that will become more ubiquitous fairly quickly and make the use of “Apps” mostly redundant.

However consider that as “mobile phone use” is now considered a necessity of modern life and all mobile phones are tracked, not just by the service provider mobile network, but the phone OS supplier, and all to many Apps, not having one puts a huge question mark over you.

Thus it’s easy to see that in the near future location data from facial recognition and Mobile signals will be “compared and contrasted” to not just build up data but as importantly to see quickly “who is trying to hide”. So where CCTV is used not having a mobile phone on and on you will paint a large target on your back.

In effect it will find suspects of “pre-crime” or “thought-crime” or other things such as “poverty” and be used by Guard Labour for all sorts of atrocities.

After all if sitting eating a sandwich in a public space can get you shot by police, that then suffer no real consequences for killing an innocent person… How far do you think things will degrade in the not to distant future?

Especially when current hallucinating LLM and ML systems are responsible for “target selection”?

As far as I can see the only thing preventing current and future AI system use for such activities, is the cost of implementing the AI systems. And you might have noticed it’s dropping very very rapidly.

What a year ago cost $100million or more is now apparently down to less than $500,

https://novasky-ai.github.io/posts/sky-t1/

(And yes some have noted “How unnecessarily creepy” the name is comparing it to “SkyNet and Terminator 1” from some old Arnie films…)

[1] Whilst arguably what became RADAR and the German “crooked leg” beam systems came first, they were not general location and crude and inaccurate. They were at best “flight path” systems that got less and less accurate with distance from the transmitter which limited their future use.

[2] This issue of “The Invisible Man”(TIM) has not been lost on certain people in Governments and Guard Labour and the marketing industry. Which is why “facial recognition” systems are getting considerable effort this century. Especially as the traditional CCTV “sensors” are now as little as $10 and falling and new technology using optical phased array MEMS sensors that are too small to be seen and don’t show up in most traditional “bug-sweep” detectors are coming into service. Whilst not strictly accurate the term “Micro-Optoele-Ectro-Mechanical Systems”(MOEMS) has been used since the mid 1990’s and seen in E-Ink and some Projector systems.

Buggy January 18, 2025 9:52 AM

Clive, I see no way to use the modern internet without JS, which at a minimum is used to write session cookies. Certainly good advice for OpSec, where spooks shouldn’t ever stream a show or buy something online on any device associated with themselves (and probably not any device), but not for everyday shmoes. I don’t understand why this advice keeps popping up in the context of “all users,” which was what this report/thread was about. You’re basically saying “the way to use the www is to throw away 90% (by traffic) of the www.”

Also, geofencing can be frighteningly accurate. People are conflating IP-location lookup tools (which provide static answers) with how actual location tracking works, which takes into account cel towers, wi-fi routers, adjacent devices on network, inaudible signals transmitted by your “smart TV” or commercials (not joking), and more. It’s why 911 (or the feds) can locate you in an emergency (or a spurious bust).

Apokrif January 18, 2025 2:04 PM

@Buggy: can you elaborate on “takes into account cel towers, wi-fi routers, adjacent devices on network, inaudible signals transmitted by your “smart TV” or commercials (not joking), and more”?

CDN Hell January 19, 2025 5:07 PM

@Apokrif

See: https://developers.google.com/location-context/fused-location-provider

Not sure about audio, but it is technically feasible.

A 2019 US law requires vertical location to be accurate within ±3 meters for E911 calls.

Some newer phones use a barometer to aid vertical accuracy. I don’t believe Android requires any permissions for apps to access barometric data, even though that alone can pinpoint your approximate location over time.

Clive Robinson January 20, 2025 9:56 AM

@ Buggy,

I’ve advised turning off javascript since almost before it became popular back last century.

Nobody has made a “secure sandbox” for consumer and commercial personal computers, computing devices or other smart devices such as Smart Phones. Nor it would appear for US Government users either.

By definition Javascript is “not trusted” and mostly “not secure”, and if thought about sensibly nobody would run “untrusted insecure code” on their computers.

Not using Javascript or around 2/3rds of HTML-5 makes your On-Line activities even safer these days than it did last century.

The people who get most upset are those who make a pittance pushing scamy adds and often included malware at users who do not have the skills necessary to defend themselves. In the past the users computer would be taken over and used as a “bot” or “cut out” to run attacks against other computers and users and even crypto-coin mining and click-scams.

If a site is being “run for profit” but can not “earn it’s keep” evolution would suggest it’s not going to survive anyway. So the sooner those who run it learn the lesson the sooner they can move on to something that will perhaps earn them some kind of income.

But also consider quite a few people are on mobile data plans where “unsolicited advertising” and the veritable tsunami of scat that entails steals large amounts of their data plan that in the US in particular they’ve paid a very high fee for to incumbent telco’s who all apparently happily defraud the Government, their customers and just about anyone else they can. Who spend tens if not hundreds of millions a year via lobbyists to ensure they can continue their very scamy ways.

These are the sorts of unlawfully behaving entities that make so much “tax money” from your pocket for doing nothing.

Buggy January 20, 2025 1:28 PM

@CDN Hell:
This is actually old news: https://www.theatlantic.com/technology/archive/2015/11/your-phone-is-literally-listening-to-your-tv/416712/

@Clive:
I am currently trying to exit Mexico. I disabled JS, then tried to get my boarding pass (Aeromexico) and official government document. 0/2. Yes, it’s insecure, but what are my options if I want to leave my farraday cage’d bunker and experience the Real World? What meaningful e-comm site doesn’t use session cookies via JS? Should I simply decline all pay services on the internet, where I am ALSO the customer, as well as the product?

Clive Robinson January 21, 2025 4:54 AM

@ Buggy,

With regards,

“Yes, it’s insecure, but what are my options if I want to leave my farraday cage’d bunker and experience the Real World?”

Firstly it’s not “the Real World” it’s not even really a quater century old, and it’s three causes are

1, Convenience
2, Corporatism
3, Crime

The first “Convenience” has given rise to “social pressure” to be an “It Person” and more recently “one of the rat race” who are “always on call” and their location and by inference their habits noted. Hence become pray to Corporatism and other forms of Crime.

So in some parts of the world there is an expectation you will conform to corporate interests in “rabid consumerism” and all that goes with it including crime, debt, and bankruptcy, and increasingly ill health and early death.

These are known as “Personal Risks” with the emphasis being on “Personal”. That is it is your choice and your choice alone as to if you participate in the “Risk Taking” or not.

The problem is that a “herd mentality” has arisen, which allows the likes of others such as Governments and Corporates to put pressure on you to conform to what is actually of no benefit to you but quite a large amount of benefit to them and their corporate interests.

Whilst an employer may have some call over you for the hours they pay you, unless you are daft enough or desperate enough to sign up to what then becomes quasi-legal mental abuse you should still have 2/3rds of the working day under your control.

As far as I’m aware the only two legally required channels of direct communication are,

1, The National Postal Service.
2, Access for “Personal Service”.

Outside of that it’s by “your agreement” only which you can rescind at any time by written notification or other reasonable direct action.

Because even in the late 1990’s most people did not have either “Home Internet” or “Mobile Phones” and many especially in the US did not even have the landline “Plain Old Telephone Service”(POTS).

In some places, changing your mobile phone number is as simple as walking into a Super-Market and taking a SIM card package off of the rack and going and paying for it at the checkout with “cash”. Likewise buying extremely cheap non “Smart Phones”.

In other places where the telco’s have too much power such as AT&T in New York, they believe they are above the law,

https://arstechnica.com/tech-policy/2025/01/att-complies-with-law-requiring-cheap-internet-by-ending-a-service-in-ny/

It’s actually shocking just how much AT&T charge for what is “basic service” in the UK. If I shop around in the UK I can get a way better service for less than ~$10/month…

Which demonstrates that US Corporates in a Monopoly or Cartel position are not just exploiting their customers but behaving unlawfully yet the legislators and justice system “sit on their thumbs” for various reasons.

But it’s your choice what “Personal Risk” you take within your “Social Context”. The only people who can resolve the unlawful abuse by Corporates and Employers is legislators acting in the interests of their voters.

If they won’t act then it’s upto you as an individual to “take technical measures” as well as as a voter take political actions to ensure your “Privacy”. And if enough voters do, then “society moves” and the legislators have little choice but to follow or take other measures.

At the end of the day I can point out what technical measures easy or otherwise are available to you and the information you need to do them. But you have to understand two very important things. Firstly,

“It’s your choice to evaluate the ‘Personal Risk’ of taking ‘Convenience over Privacy’.”

And secondly as importantly,

“There after live with the consequences of your choice.”

As that terrible US saying has it,

“Brace up and buckle up your big boy pants.”

Though not many these days take a “Belt and Braces” attitude to trousers or anything else which is probably in part why we are in the mess we are.

Clive Robinson January 21, 2025 11:03 AM

@ Bruce,

OFF Topic but related.

Whilst Apps which are near the top of the computing stack can track you, so can lower layers.

As quite a few people are aware to decrease response times and backbone load, large network organisations cache more frequently accessed files more locally to a user.

Have you ever thought,

“What if I could see who had accessed a file at a given HTTP network cache and when?”

Well that is what a person who calls themselves Daniel has done with CloudFlares HTTP caches that are often less than a couple of hundred miles from a user,

https://gist.github.com/hackermondev/45a3cdfa52246f1d1201c1e8cdef6117

The result was they were able to get broad geo-location information on users of Signal, Discord, and no doubt just about any other HTTP using service which has files cached by a network service provider.

In a way this is an invisible to the user attack as it is against an infrastructure mid point not a user or service end point.

Buggy January 23, 2025 8:55 PM

Thanks for all the words, Clive, but I still don’t see how this helps me. The fact that enough people sacrifice security for convenience means I can’t even go to a travel agent to buy a plane ticket any more. Again, leaving your faraday’d bunker requires interacting with the internet, and that will only be more true over time.

I agree with everything you’re saying aside from the practicality of functioning as you propose, even with a moderate level of techiness. Lay folks are just screwed (not that they care, but they will, eventually).

Clive Robinson January 26, 2025 8:19 PM

@ Buggy,

With regards,

“Lay folks are just screwed (not that they care, but they will, eventually).”

True but you should ask “Why?”

Easy “victim blaming” used by those with unstated agendas says,

“They did it to themselves”

And yes in a way they did because,

1, It was less expensive for them
2, It was more convenient for them

Which is generally the aim of technologists be they scientists, engineers, inventers, and those gazing into the future either as consultants or authors. They are all in their own way,

“Trying to make a better world for society.”

Which if you think about it is what most people actually want (as well as the desire for sufficient health and time to enjoy such benefits as technology brings).

So your next question should be along the lines of,

“Why are there so many,”downsides” to technology?”

As I’ve said in the past,

1, Technology is agnostic to use, the use it is put to is chosen by a “Directing Mind” and judged by “independent observers”.
2, What is good or bad is currently decided by a human, be they the “Directing Mind” or “Independent Observer” set at a point in time of societal moors that change constantly.
3, As a species humans have an issue as to where they stand with regards “Individual Rights v Social Responsibilities” and the resulting “Entitlement” they assume/claim.
4, All Technologies have an implicit issue to do with the spectrum of “Efficiency v Security”.

Although these may appear independent of each other they actually are not, they are all not just interlocked in some way, they all effect the others often negatively for either a “Directing Mind” or an “Independent Observer”.

All of which changes constantly as society changes as others have noted,

“For every winner, there are many that loose.”

Whilst it is neither,

1, A two player game.
2, Zero sum game.

At times it can feel that way.

That said even in a two player game there are four states to consider,

1, You Win.
2, You Loose.
3, You Draw.
4, You Don’t play.

For each and every game these states have different probabilities and outcomes. For instance sometimes winning in a game causes you to loose outside of the game. Likewise not playing may cause you to loose outside of the game.

To asses this you have to realise that every game is played in a context that we call at some level “society”. So as society changes the game context changes and therefore so do the state probabilities.

Thus to answer you question of,

“[B]ut I still don’t see how this helps me[?] The fact that enough people sacrifice security for convenience means I can’t even go to a travel agent to buy a plane ticket any more.”

The short answer is,

“You have to change society.”

Or as others say,

“Move the pain points, to move the comfort zone.”

The faux theory used to be you did this by a “democratic process” involving those who wished to vote.

The problem is neither you nor I live in a democracy but what is falsely named a “Representational Democracy” that is in reality a corruption so bad that it is in no way what most are taught a democracy is or should be.

I have my own views on how to solve some of the issues, such as,

1, Take the money out of politics.
2, Make every piece of legislation have a sufficient review and “cooling off period”.
3, All legislation to have a “sunset clause” mechanism.

None of which are in any way unreasonable, except to the “self entitled”, who fill many positions in politics, and of course those who have “gamed the system” and society to their benefit through them.

History shows that those that see themselves as “entitled” through their self espoused “Individual Rights” will more often than not resort to violence be it covertly or overtly even in the face of peaceful and reasoned desire for change in society wanting “Societal Responsibility”. Unless the desire for change by society is so overwhelming or appears so that they have little choice.

To help reduce this one of the first steps would be to sort out the “Guard Labour” with effective oversight such that they can not be used as,

“A private Force against Society.”

Unfortunately this will have some negative consequences but ask yourself,

“Over all will they be better or worse for society?”

Which brings us back to the “Directing Mind” and “Independent Observer” problems.

Whilst I do have suggestions for solutions, they appear to distant to the problems you describe. But unless society wants or sees the reason for change and in effect demands it, it’s not going to happen.

For instance “End to End Encryption”(E2EE) the battle over this goes back to before Louis Freeh was Director of the FBI in the early 1990’s. And his world tour payed for by US tax payers to try and con other Nations Law Enforcement leaders and their legislators to prevent civilian cryptography. Because he knew that he had no hope in the US unless he could point to other Nations.

Arguably the battle started back in the Victorian era of the late 1800’s when machine cryptography first started to appear and threatened the functioning of the then existent “Black Chambers”. However long before the proposal for the “Data Encryption Standard”(DES) it was obvious that society was being hurt by the lack of communications privacy that encryption gave to “financial transactions” that increasingly were carried out “over the wire” in plaintext. Ever since the battle for “weak or backdoored crypto” has been fought, untill the past few months.

When it became overwhelmingly clear that “backdoored Crypto” communications was not “NObody But US”(NOBUS) and was actually seriously hurting not just individuals but “Nation States”. As allegedly “Axis of Evil” hackers were running freely through the entire “National Telecommunications Infrastructure” in the US using what was supposedly a NOBUS system from the 1990’s… Which was in no way a surprise to those fighting on the civilian side of the “Crypto Wars” who had warned that this was an obvious class of attack vector.

Whilst the war on E2EE is apparently over, few realise why, it’s not a victory at all. Because we are now moving into the next battle which the FBI DoJ and similar are delighted with, and that is “user plaintext” “Device Side Scanning” being added by Apple, Google, and Microsoft irremovably in the device OS’s. Which will no doubt in a short period be assisting the alleged “Axis of Evil” hackers…

All you can really say is

“They never learn from their stupidity”

Or as Upto Sinclair once put it,

“It is difficult to get a man to understand something, when his salary depends on his not understanding it.”

So we end up with a saying –incorrectly– attributed to Albert Einstein that the definition of,

“Insanity is doing the same thing over and over again and expecting different results.”

Thus it can be said that the bureaucratic mind set is by definition insanity. Likewise that of the “Self Entitled” who by putting what they see as their “Rights” over “Social Responsibilities” do so much harm.

So the age old question of who is running the asylum comes to the fore…

If you have answers or questions feel free to propose them because unless we discuss them no change will get consensus.

Leave a comment

Blog moderation policy

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.