👎 Decrypted Crime

Australia switching all WhatsApp users to business accounts | A crowd-sourced surveillance network

👎 Decrypted Crime

Greetings fellow web travellers; sometimes the end of the week feels like a satisfying pull at the drain clog: you yank at one hair and everything comes out with it, in one big convenient clump.

This week has been a smelly pile of something I could have done without 👎**.** What's made me dry-heave this week?

  • Whatsapp's privacy policy strikes again
  • Some chilling words from Australian lawmakers about encryption
  • Smart device? More like... fart device... idk

🧟‍♀️ This week in smart devices dystopia

Here are three gruesome lozenges for you to choke down with your flat white:

📶 1. Bluetooth networks: Amazon have added Tile to Amazon Sidewalk, which is their network of bluetooth receivers designed to 'help devices work better'.

  • Pls note: bluetooth is a very handy, lightweight way to know where devices are in relation to each other. Tile make tracking tags that you can attach to your possessions, and the point of Amazon's Sidewalk is to make sure devices (like the tags) stay wirelessly 'connected' even when there is no Wifi.
  • In other words: bluetooth is a great way for one device to find another device, without the need for any pesky internet
  • In other other words: bluetooth is a great way to get consumers to build a surveillance network so that you can passively gather more data about them; bluetooth receivers are basically everywhere already (airports, shopping centres) because they are so very 'useful'.
  • In other, less words: there is a reason why the Facebook app likes to access the bluetooth functionality on your phone even though it doesn't 'need' to.
  • Direct competitor: AirTag, by Apple. Tile of course hate this and think it's unfair that Apple are trying to compete, because Apple already have bags of devices to leverage. Love it when one capitalist condemns the other capitalist for just doing capitalism.

🏚 2. Smart home standards: there are lots of things we should strive to standardise — and smart device connectivity is not one of them. A company called Matter now want to put their logo on all smart devices, so that you, the over-coddled and ever docile consumer, can be reassured that the pet feeder you just bought will definitely work with your Amazon Echo, and definitely not work when AWS goes down again. It's PERFECT. Apple and Google are also in on the project to develop this open standard.

🍒 3. The cherry on top*: an airbag vest is designed to puff up and save your life if you have a motorcycle accident. This one will only do it if you never miss a subscription payment. Hahahaha (that's me laugh-crying with horror).

In case it wasn't clear, I think smart devices are stupid, and the lot of you need to stop being so amazed by a kettle that you can control with an app. Any OBJECT that you control with an app is just a surveillance device that you willingly allowed into your home or personal life — please have a look at yourself.

*this cherry was brought to you by my new cool friend Ellie — thank you Ellie for adding this to our collective filofax of doom.

🤪 Australia: if you don't commit crimes, you don't need encryption!

The other day, this piece of proposed legislation from the Australian Criminal Intelligence Commission (ACIC) somehow landed on my filthy laptop screen. Prepare to shudder as you read this direct quote:

"ACIC observation shows there is no legitimate reason for a law-abiding member of the community to own or use an encrypted communication platform."

😳 uhhh.... okay then. Well. Sure? I hate encryption as much as the next law-abiding citizen. Why can't we just be completely open and transparent with each other, right? I have absolutely nothing to hide from you, fellow humans. All of you — even the ones I don't know; even the ones who have great power over me — are my life companions and I trust you with everything. Everything.

Okay but in all seriousness, what the cocking-fuck did I just read? Key points:

  • The ACIC fear that their technology is not good enough to catch cyber criminals who are laundering money over the dark web and organising drug deals via Telegram (all things that cannot be done IRL and definitely did not exist before the internet)
  • Their solution: "asking for back doors is TOO HARD because this whole 'tech' thing seems to be more than just a phase — what if we just lose encryption altogether? Brb, a fax of the latest crime stats just came through..."
  • Other powers they want: account takeover warrants, network activity warrants, all kinds of other crap which will definitely threaten the human rights of Australian citizens.

🔦 The obvious issue staring all at us in the face: the ACIC has a gaping hole where a cyber security and/or infosec division should be. I don't mean to tell them how to do their jobs, and I'd never even heard of them until this week, but I am 100% certain they have absolutely no idea what they're doing.

🙅🏻‍♀️ WhatsApp: it's that time again!

Maybe the Australian government should force everyone to switch over to a WhatsApp business account? If you don't know what I'm talking about, you will by the end of this section. And then if you still don't know, you weren't paying attention in the previous section...

Your new deadline to agree to the WhatsApp privacy policy is the 15th of May. They moved it from the 8th of February because everyone was understandably confused.

This time we're going to take a quick look at what Germany are doing about it: they're banning Facebook from collecting data from WhatsApp users in Germany for three months. Germany say — that's right... the WHOLE of Germany — that locking someone out of a service unless they agree to a privacy policy is unlawful. Is it? I wish it was. Maybe it is? Facebook seem to get away with a lot of unlawful things.

Either way, bold move, Germany. But I doubt it will make a dent in any of the following: Facebook's power, profit, pride, or any decisions relating to this privacy policy change.

How is the policy different to before? (different part clearly marked for ease). WhatsApp achieve the absolute bare minimum when it comes to the box-ticking exercise of protecting user privacy. All messages you send and receive are therefore encrypted. THIS → Unless, one party is a business account. Communication with those is not encrypted ← THIS.

✨ My ultimate protip to move people away from WhatsApp and onto Signal: throw your phone into the sea and go do something else. Or, bit easier, spread some misinformation.

Have you ever played AI Dungeon? It's a text adventure game that runs on GPT-3, and the selling point is that there is absolutely no limit to what you can do in the game. So obviously, the game is producing disturbing stories.

When I played it last year, the bias towards all genitals being penises was so strong that even when I told it to give me vaginas, it still gave me penises??

A screenshot of AI Dungeon, where the word penises is circled after the instructed was clearly to use vaginas
I told it to paint vaginas everywhere and it painted... penises. Thanks a lot GPT-3

It's very possible that I end these posts on something about genitals way too often. Unfortunately for you: I don't care.

Stay tubular x

✨Do you disagree with me? Have something to add? Wanna just vent about how software is eating the world? → Email me or get me on Twitter.