Tumblr’s at it again, thanks to the new European Privacy Laws. There’s probably nobody who will read this, but it pissed me off so much that I decided to make a post about it. (Ignore the weird language mish-mash, depending on your country the language might differ.)
OK, so many of us get this screen when we try to access our dash:
Realise how the ‘OK’ button is a nice, attention-grabbing blue? If you’re like me, you’re not exactly into reading a 100 pages document and tend to just click it.
My tip? DONT. Instead click on ‘Manage Options’ right next to it:
Now you’ll see this page:
Still pretty harmless, right? That ‘Accept’ button is looking really attractive right now. Instead, click on Verwalten (Probably something like ‘Manage Options’ or something in english) and you’ll get to this page:
Now that’s not too bad, right? I just switched all the buttons to ‘off’, because I’m jealously guarding my personal information and don’t want Tumblr to go off and do who knows what with it. Looks like we’re done! But wait: There’s a SHOW option.
When we click on that one, what we will get is this:
A HUGE list with OVER 300 ENTRIES of companies that can use your data by default if you’d just clicked ‘OK’ on that very first page. Coincidence that this list is hidden that much? Me thinks not. They’re all switched on by default, but I am still a petty bitch that doesn’t want to give out her data, so I switched them all off. All 300+ of them. There is no option to switch them all off at once, and even if you disable all the options above, the companies are still switched on.
(If you wonder how i got that number, I copied the list into excel and looked at the cell number. No way am I actually counting all those entries)
I too, am a petty bitch who unticked every single one.
Never ever turn off your phone: rethinking security culture in the era of big data analysis.
Back in the 80′s if you were a pissed off anarchist that wanted to burn down a building, you probably checked your home for listening devices and made a plan. If you were the same kind of pissed off anarchist in the late 90′s, you turned off your phone and encrypted your online traffic. In the 2020′s we’re gonna have to change our strategies once again. Intelligence gathering has adapted and so we must adapt too.
To get a head start at this, let’s look at how big data analysis is being used. To do this, we’ll need to talk about 3 things: metadata, patterns and networks. Those sound boring and complicated but I’m not a techy and I won’t bore you with tech language, I’ll keep it as easy as I can.
Metadata: In the context of online activity, ‘content’ means ‘the message you send’ and ‘metadata’ means ‘everything other than the content’. So, for example, if you send your friend a text about lunch, the content might be “Let’s go out for lunch” and the metadata might be “Message send at 01/04/2018 11.32 from phone 0478239055 to phone 079726823 using Signal”.
This information is registered by your phone even if the app encrypts your actual message. Your metadata is very badly protected by technology and very badly protected by the law. No matter which country you are in, most of your metadata if freely available to intelligence agencies regardless of whether you are a suspect in anything.
Patterns: Whether you realize it or not, your metadata has a pattern. If you have a daily job you might have a very consistent pattern, if you do not your pattern might be more flexible but you have a pattern. If someone wanted to know the rhythm of your day, they could very easily do so because your pattern is in the metadata.
For example: Maybe you use the wifi at your favourite bar on most Sunday nights until about midnight, you wake up around 10 AM and check your Signal, you use your public transport card to get to class every Monday afternoon and you spend on average 1 hour on Tumblr twice a day. All this is part of your pattern.
Networks: You have online networks. Your facebook friends, the people in your phone adress book, the dropbox you share with coworkers, everyone who bought online tickets to the same punk band you attended, the people using the same wifi points as you. Take your networks, combine them with other people’s networks, and clusters reveal themselves. Your work community, your family, your activist scene, etc.
If you are in an anarchist community that will probably be abundantly clear from all your minor network connections like going to the same band and knowing the same people as other anarchists. Even if you never liked an anarchist facebook page or pressed ‘going’ on an anarchist facebook event, your network is hard to hide.
Now, let’s say you commit a crime,
the kind that would result in some serious research. Let’s say that on Sunday night 3 AM, you are your friends go out and burn down a nazi’s house. (Of course I would never advice any of you to do such a thing.) It’s obvious that anarchists did it but there are no other clues. You use traditional style security culture: you burn your notes, you are careful not to communicate about your plans near technology and you do not leave physical traces.
But because you commited the crime that night, your metadata will vary strongly from your usual rhythm: you stay at your usual bar until 2 AM to wait for your friends, you do not wake up at 10 AM in the morning so you do not check your Signal or Tumblr until 1 PM. You do not go to class. Your metadata pattern is very different from your usual pattern. The metadata patterns of your friends are different too. If one of you is clumsy, they might generate a super suspicious metadata signal like a phone being switched off at 2.30 AM and activated at 4AM. You wouldn’t be the first.
If I wanted to solve this crime using data analysis, what I would do is:
let a piece of software run a pattern analysis of the local anarchist scene to generate the 300 people most connected to the anarchist scene.
let a second piece of software analyse the metadata patterns of those 300 people over the last months and identify the biggest metadata variations around Sunday night as well as very suspicious metadata activity
Illiminate pattern variations with an obvious cause or an obvious alibi (people who are on vacation, people who are in the hospital, people who lost their job, etc).
Do indepth research into the ones that remain.
Which is how, out of a massive amount of people that I couldn’t possible all listen to at the same time, I could quickly identify a few to monitor closely. This is how I could find and catch you.
So, now what?
If traditional security culture doesn’t protect us as well as it used to, how do we adapt? Well, I don’t have all the answers but for a start, I’d say: know your network + know your pattern.
In the case of the example above: leave the bar at midnight, return home and put your phone on your bedside table. Check the apps you check before going to bed and set your alarm to 10AM. Return to the bar without your phone. Wake up at 10AM and check your Signal. Drag yourself to class or ask a comrade to make the trip with your travel card and do not use technology in your home while the comrade is taking your travel card to class. Stick to your pattern. Never ever turn off your phone.
You might also be able to manipulate your network but that seems much harder to do. Not having a smartphone and dropping out of all social activity online is a big commitment. Knowing your data pattern and making sure your data pattern doesn’t look out of the ordinary? Much less commitment.
Some of the old rules will still apply: don’t talk about a crime around devices with microphones, don’t brag after a succesful action, etc. Other rules, like ‘turn off your phone when planning an illegal act’ need to change because their metada looks too out of the ordinary. No one switches off their phone anymore. We look suspicious as fuck when we do.
This is just one idea on how we could update our security culture. There are probably other people with other, better ideas about updating our security culture. If we start the conversation, we may get somewhere.
Finally: we need to keep adapting.
As technology changes, more information is becoming available, including data we have very little control over. Smart-tv’s and ads in public spaces that listen to every word we say and the tone of our voice when we say it are examples. Data analysis projects are currently using license plate reading software on security footage to map the travel patterns of cars. A lot suggests they may soon be ready to do the same with face recognition, at which point the presence of our face in public space becomes part of our metadata. More information means more accurate data analysis. Our metadata may soon be too vast annd too complex to completely map and mirror. Which means we will need to adapt our counter measures if you want to hide something.
How do we keep it all under the radar? I don’t know. But let’s try to figure this shit out. These are some first thoughts about what security culture should look like in the age of modern big data analysis and I’d be very happy for any insights from comrades that have some thoughts on this.
Also: feel free to distribute and rework these words without credit.
Anarchists, anticapitalists, antifascists, antiracists and ecoactivists are all criminalized for existing. The systems that maintain injustice know that we are the biggest threat to their existence. They will do to us whatever they can get away with. Dig into security culture. Stay safe so you can stay dangerous.
What you’re seeing is a stressed pigeon who is at risk from contracting a potentially lethal bacterial infection from the kittens fur/saliva. A human being put this kitten under this nesting pige for a “cute video.” You should never put a predator and prey species together like this, especially not a baby animal with a hormonal protective bird who could easily peck/injure it.
Its not safe or cute. This is abuse.
It’s a stray kitten that crawled under there itself according to the Facebook link that is right there
Stray kittens just don’t “happen” to crawl into a pigeon cage and right into a nest. People lie for internet cute points y’know. Even if it did the person behind the camera is filming and posting a dangerous situation that put the pigeon at risk. Its gross neglect. There’s literally no justification for it.
Many pigeons will adopt just about anything because they’re domesticated and don’t know any better. Should the kitten decide to claw or nip at the pigeon’s brood patch he could very well end up with a deadly infection. I’ve heard plenty of horror stories about people allowing pigeons to adopt baby rabbits who nearly always end up injuring one of the parents by cutting open the delicate skin of their brood patch.
Never mind this pigeon definitely didn’t adopt the cat. He’s setting on eggs and behavior indicates that he’s very displeased about the kitten being there. The way he pecks at the cat is aggression, not affection. To be clear: this pigeon is NOT protecting the kitten, he has eggs and is protecting those. While I am a pigeon keeper I will tag @ramseyringnecks who has been keeping them longer than I have and can also confirm that This Is Bad.
Fortunately, I was able to get mine back. They’d been moved to a sort of ghost file system, and I just had to move them back to the regular desktop. The ghost file system is still there, and it’s hard to find things sometimes, but everything still exists. (And now it exists in a couple more places than it did before, just to be safe.) Not everyone’s been so lucky.
The update that happened a couple of days ago (today being May 24, 2018) sparked a whole bunch of new traffic to the thread. Now people are getting nonfunctional desktops, or black screens. The numbers of people who report having the same problem is up to 205. One of the people who posted in the thread was a tech guy who said that the same thing happened to eight of his customers, and the only thing he can do is pull their hard drives, copy the important files, and reinstall Windows 10. And the Microsoft people agree that yes, this is the thing that has to be done, even if it costs you money, even if they were the ones who caused it in the first place.
I guess what I’m saying is, if you’re using Windows 10, do not go gentle into that good update. Postpone it and back things up, preferably externally. Probably you’ll be all right, 205 out of all the people who use Windows is infinitesimal, but something is going very wrong with some of these updates, and Microsoft doesn’t seem to be taking it seriously, even though people are losing data.
This is happening to me and it’s suffering. Please please please don’t let this shit update until they figure this out
BettSplendens Tumblr Evac 