See this is what happens with all that AI stuff.

Ron

AI is just a mirror.

 

https://www.bbc.com/news/technology-68250127
Ring video doorbell customers angry at 43% price hike

I run my own local, private and completely secure (hard-wired) system using: https://zoneminder.com/

 

https://gizmodo.com/canada-moves-to-ban-the-flipper-zero-over-car-hacking-f-1851242790
Canada Moves to Ban the Flipper Zero Over Car Hacking Fears



WTF? Are they going to ban USB cables and screwdrivers too?

 

WTF? Are they going to ban USB cables and screwdrivers too?

Well if they ban a dolphin nothing would surprise me.


Ron

 

 

Why you never use WiFi for security.
https://www.tomshardware.com/networ...nd-easier-to-acquire#xenforo-comments-3836522

Wi-Fi jamming to knock out cameras suspected in nine Minnesota burglaries -- smart security systems vulnerable as tech becomes cheaper and easier to acquire

 

When companies (one in particular) started advertising easy, do-it-yourself home security kits that revolved around wireless sensors, the very first thing that popped into my head was -- what happens when someone simply jams the signal?

I don't know the answer, since it is very dependent on the system designer and since it is at the crux of the security and convenience tradeoff. If the preference is security, then you have the alarm go off whenever comms are lost, but that means that you risk a lot of false alarms, with the rate going up the more sensors you have. Another tradeoff is in security verses battery life (another convenience aspect). Do you have the sensor be as passive as possible and just transmit when it detects something? That might give you the longest battery life on your sensor, but now all the attacker has to do is jam the signal and the central unit just assumes that the sensor has nothing to report. Or do you have it at least provide a periodic heartbeat signal? And how well do you encrypt and authenticate your comms?

Wireless security devices CAN be used as part of a decent security system, but only if all of the possible failure modes are considered and the presumption is that any failure that COULD be the result of malicious action IS the result of malicious action.

For instance, in the case of wireless cameras, the camera should have sufficient onboard memory to store enough imagery to act as a backup in case comms are disrupted. Just making up numbers, let's say that you have a camera that transmits video at 10 fps to the base station. Perhaps have it store every tenth frame (1 fps) with enough memory to store 60 frames (1 minute of low-rate imagery). Now you have the base station acknowledge reception of the imagery, either every frame or perhaps every ten seconds. The camera knows it only needs to store data since the last acknowledgement. If more than a minute goes by without getting an acknowledgement, it could start overwriting every other frame at half the rate, so that as longer amounts of time goes by, it will still have 60 frames of data covering the entire period of time since the comms went down.

At the other end, the base station has a timeout that says that if it doesn't get imagery from the camera for more than, say, ten seconds (so it's missed a hundred frames), it sounds the alarm.

Another tactic that might be considered is to have the transmitters in the devices be able to boost their output signal progressively in the face of comm disruptions (and back it back down as comms are restored), and/or go to lower data-rate comms with higher forward error correction. In conjunction with these actions, the system also assumes that these actions are being necessary because of malicious actions (which, maybe it is and maybe it's just some unintentional transmitter nearby) and at least issues notifications, if not actual alarms.

Even then, I wouldn't recommend that a security system be completely, or even mostly, based on wireless devices, no matter how convenient. Investment should be made in a hardwired core system, perhaps one that is pretty minimal, and then wireless devices can used to augment it.

 

At least the door camera/bell/intercom should be hardwired if possible, as that one is where packages are delivered and would be my primary jamming target for a quick score with no record of the actual taking.

Zoneminder

Our nice Post Office driver lady making a delivery.

 

At least the door camera/bell/intercom should be hardwired if possible, as that one is where packages are delivered and would be my primary jamming target for a quick score with no record of the actual taking.

Zoneminder
View attachment 315167
Our nice Post Office driver lady making a delivery.

Some cameras have internal SD cards in case they get temporarily disconnected

 

Jam the camera, then steal the camera (a few taps with the same hammer used to break in your car) and SD card.

 

Jam the camera, then steal the camera (a few taps with the same hammer used to break in your car) and SD card.

sometimes you can be such a wet blanket ...

 

Jam the camera, then steal the camera (a few taps with the same hammer used to break in your car) and SD card.

Depends on how accessible the camera is -- and also what the cost/feature tradeoffs are. One line of cameras I came across about ten or fifteen years ago had a port for remote storage specifically so that you could make the storage device less accessible than the camera, even by simply mounting the storage device on the interior wall with a short cable going out to the camera, although the guide that was on the website suggested locating the storage device in as hidden or inaccessible a location as possible, such as up in an attic or down in a basement. Now, these were not particularly cheap cameras, but this kind of feature is not particularly costly or advanced, so it wouldn't surprise me if there are cheap cameras with external video ports that could be used in this way.

 

Depends on how accessible the camera is -- and also what the cost/feature tradeoffs are. One line of cameras I came across about ten or fifteen years ago had a port for remote storage specifically so that you could make the storage device less accessible than the camera, even by simply mounting the storage device on the interior wall with a short cable going out to the camera, although the guide that was on the website suggested locating the storage device in as hidden or inaccessible a location as possible, such as up in an attic or down in a basement. Now, these were not particularly cheap cameras, but this kind of feature is not particularly costly or advanced, so it wouldn't surprise me if there are cheap cameras with external video ports that could be used in this way.

It's a good countermeasure but unfortunately one of the most popular brands 'Ring' don't have that option on most the popular cameras because IMO it might cut into their subscription revenue stream.

 

sometimes you can be such a wet blanket ...

I'm just saying, if you can afford a jammer, you can afford a hammer or you can ask for one.

 

It's a good countermeasure but unfortunately one of the most popular brands 'Ring' don't have that option on most the popular cameras because IMO it might cut into their subscription revenue stream.

I won't use any device that lets others access the data, so that rules out Ring and most of the others. It strikes me a ironic (moronic?) to give up security in the search for increased security. Yes, there are advantages to granting that kind of access to someone that, at least ostensibly, is monitoring things for security purposes, but it's not a tradeoff I'm comfortable making. This is also why I don't have Siri or Alexa or any other always-spying-on-you-so-that-you-can-be-a-bit-more-lazy devices, either.

 

https://www.theregister.com/2024/02/15/echr_backdoor_encryption/
European Court of Human Rights declares backdoored encryption is illegal

While the ECHR decision is unlikely to have any effect within Russia, it matters to countries in Europe that are contemplating similar decryption laws – such as Chat Control and the UK government's Online Safety Act.

Chat Control is shorthand for European data surveillance legislation that would require internet service providers to scan digital communications for illegal content – specifically child sexual abuse material and potentially terrorism-related information. Doing so would necessarily entail weakening the encryption that keeps communication private.

 

https://www.theregister.com/2024/02/15/echr_backdoor_encryption/
European Court of Human Rights declares backdoored encryption is illegal

Good news.

These kinds of laws are just another example of violating the rights and privacy of law-abiding citizens while at the same time have virtually zero impact on the bad guys.

 

https://gizmodo.com/your-ai-girlfriend-is-a-data-harvesting-horror-show-1851253284
Your AI Girlfriend Is a Data-Harvesting Horror Show

One of the more striking findings came when Mozilla counted the trackers in these apps, little bits of code that collect data and share them with other companies for advertising and other purposes. Mozilla found the AI girlfriend apps used an average of 2,663 trackers per minute, though that number was driven up by Romantic AI, which called a whopping 24,354 trackers in just one minute of using the app.

 

https://www.geekwire.com/2024/inter...ompanys-response-to-discovery-of-spy-cameras/

Expedia Group CEO Peter Kern emailed employees Friday about the discovery of spy cameras in two bathrooms on the company’s Seattle campus — empathizing with their feelings about what he called an abuse of trust by one of their own, and addressing its handling of the incident following internal criticism of its response.

The unnamed employee who found a device with a camera lens under the sink in one of the bathrooms in December first tried to report it to a staffer at a security desk, who theorized that the device was related to the soap dispensers, the affidavit said.
...
Equipment found in Vargas-Fernandez’s home included at least 33 spy cameras in various forms, 22 SD cards, and six hard drives with at least 20 terabytes of storage capacity, according to an update to the affidavit after his booking. The prosecuting attorney said the state “has cause for concern that there are additional venues where the defendant has illegally placed cameras.”

 

https://www.reuters.com/technology/...ter-police-leak-identities-online-2024-02-20/


https://www.state.gov/reward-for-information-lockbit-ransomware-as-a-service/

The U.S. Department of State is offering a reward of up to $10,000,000 for information leading to the identification or location of any individual(s) who hold a key leadership position in the Transnational Organized Crime group behind the LockBit ransomware variant. In addition, a reward offer of up to $5,000,000 is offered for information leading to the arrest and/or conviction in any country of any individual conspiring to participate in or attempting to participate in ALPHV/Blackcat ransomware activities.