The list of methods by which the government spies on you seems to grow exponentially by the day. Some people don’t know – others don’t care. They subscribe to tired old arguments like “Well, you can’t stop it or fight it so why bother?” or “They can spy on me all they want, they’ll just be bored.” These arguments reveal two issues: they expose a willful level of ignorance, and they show an unwillingness to learn. That’s an uncomfortable thing to hear for many people, but the fact is that those who dismiss the government and other types of surveillance for the reasons above might as well announce that they are lazy and unconcerned with blatant violations of their privacy – or anyone else’s, for that matter. There are two more incredibly insidious surveillance efforts underway as we speak. The chances are good that you deal with one of them daily. The other? Let’s hope you don’t ever have to.
Facebook’s Ad Engines
A lot of businesses use Facebook to advertise, and those ads come across your feed because Facebook, in its infinite wisdom, thinks you’ll click on it. How does Facebook know what you’ll choose? Every single thing you have ever clicked, posted, shared, or viewed gets cataloged and used to profile you. While you might feel a bit uncomfortable about that in the abstract sense, let’s examine exactly what Facebook has collected on you personally. You can go to your Facebook account and see for yourself – just go to https://www.facebook.com/ads/preferences.
Interestingly enough, Facebook says you can “take control over your ad experience.” That suggests that you are not currently in control of it – which is true, you’re not. Look at the first heading: Your Interests. These are the kinds of ads and other content you’ve explored before, and not necessarily just on Facebook. The list is paginated so be sure to go through all the tabs and subjects.
Scroll down a bit to Your Information, and you’ll see some disturbing things. The subheading About You is fairly standard and might be displayed on your public page anyway – marital status, employer, job title, etc. But click Your Categories, and suddenly you realize who Facebook thinks you are. All that data they’ve collected creates a profile used to peg more advertising to you – and it’s uncannily accurate. Here’s a list of some of the traits Facebook gathered about one person I studied:
- He was Likely to Engage in Political Debate (very conservative)
- He lives away from family members
- He has multiple children
- He’s the parent of a pre-teen
- He buys things online
- He donates to charities
- He likes to eat Italian food
- He works out
- He is a gun owner
Do you see the problem yet? That is a fraction of the information collected, and it’s used to not only decide who you are, but also what you can be predicted to think, say, do, or buy. For someone who may want to force you into an action, that’s a treasure trove of leverage and starting points for weakness manipulation.
Some of us must maintain a Facebook page for work or some other reason. However, if you can get off the platform, consider doing so. If you simply cannot get rid of Facebook, please take the time to go into your ad preferences and at least look at the information they’re collecting. You can remove it from that page, but don’t be fooled. You’re not taking the information away from them. Once they have data, it’s there and will be used – so think about what you’re posting and with whom you’re interacting. If nothing else, stop clicking on ads in your feed. If you see something you’re genuinely interested in, go to your browser and visit it directly – don’t click on Facebook ads regardless of how impressive they look.
Your Windows Crash Reports
If you’re a Windows user, then you already know that it crashes a lot. A little window comes up, announcing yet another episode of “Why Microsoft Operating Systems Are Horrible” and asking if you’d like to report the crash. What you don’t know is that NSA hackers, working on behalf of your government, may be collecting your crash reports and using them to determine how to best break into your computer.
As far back as 2013, German magazine Der Spiegel reported that Tailored Access Operations, the once-secret NSA teams of top-level government hackers, is collecting Windows crash reports from some computers. The whole article is a must-read if you missed it back then, but here’s the gist:
When TAO selects a computer somewhere in the world as a target and enters its unique identifiers (an IP address, for example) into the corresponding database, intelligence agents are then automatically notified any time the operating system of that computer crashes and its user receives the prompt to report the problem to Microsoft. An internal presentation suggests it is NSA’s powerful XKeyscore spying tool that is used to fish these crash reports out of the massive sea of Internet traffic.
The agents can then watch what causes the crashes on that user’s computer, and look for vulnerabilities that will allow them active access for planting malware, logging everything the user does, and much more. Some might find that capability fascinating and even amazing. The problem is that it’s not just being used against some bomb-making engineer in Syria or a nuclear scientist in North Korea. It’s being used against Americans. Schneier notes in his article that the information from that exploit may be limited to crash data, but then asks: “how valuable would this database be for finding new zero-day Windows vulnerabilities to exploit?”
The spiral cycle continues – tech allows more capability, which leads to more tech. Surveillance begets more surveillance and more control. As a society (and a world) we have reached a level of surveillance capability that means the only things private now are your thoughts – and some might even debate that. So next time someone shrugs about privacy and claims not to care about such things, understand this: They do not care about freedom – theirs or yours – for societies without privacy don’t long keep liberty.