Hacker News Comments on
Catherine Crump: The small and surprisingly dangerous detail the police track about you
Catherine Crump
·
TED
·
51
HN points
·
1
HN comments
- This course is unranked · view top recommended courses
Hacker News Stories and Comments
All the comments and stories posted to Hacker News that reference this video.⬐ MithalduOh good. Clickbait title and TED. Wonder what would make the trifecta complete.⬐ jasonhansel⬐ schoenA BuzzFeed article about it?⬐ kzhahouPaywall?⬐ atapRay Kurzweil.License plates have seen such an enormous mission creep, starting out by enforcing safety inspections and liability for car accidents and finding stolen cars, and continuing down to letting the public and private sectors routinely track motorists' whereabouts.When license plates were introduced, the technology to make them more privacy-protective didn't exist. Today, it might, but it would be expensive to switch and challenging to get police to give up monitoring powers they've become accustomed to.
⬐ justonepostWhat I find amusing are body cameras. We want them so bad to protect against police officers violating civil rights, but think how fast they'll ramp them up to doing things like face recognition. And why not? Imagine being able to spot criminals with warrants on them by just walking around in a crowd. Of course, it won't stop there. Hmm, I better go pay off those speeding tickets that are due...⬐ CyberDildonics⬐ javajoshAt least that is only where the police physically are.⬐ whoopdedoYou can justify that, and license plate cameras for that matter, because the camera is only automating a process that the police could still have done manually although it would have taken more time and been less reliable. Namely, if a police officer is told that a person is wanted and he sees a picture of him, then he could walk around a crowd looking for people who resemble the wanted person. The camera is doing the same thing his eyes and memory does, only faster.The problem is not so much the data collection, it's the retention. Because computers never forget, the police are then given a power the existing limits on their authority did not consider. So new laws need to be drafted to limit the actions of a police force that has infinite memory.
Which many states are doing now. Until the police unions tell a bunch of scary "think of the children" stories about why they need unlimited surveillance power. Then the issue shifts from the police to the influence of money in politics. (And perhaps also whether public employees should be allowed to unionize. Or at least, whether a union of public employees should be allowed to lobby.)
To paraphrase an old saying, "When all you have is threat analysis, everything looks like a threat." Law-enforcement in the US has become a victim of it's own unrelenting focus on threat-mitigation, to the extent that they are all too happy to use tools that have always been anathema to American Culture. We have mass surveillance, abusive police, and huge gulags full of people who's first crime was to be poor and under-educated. It used to be these were the things we pointed to when asked, "Why is the USSR/DDR so much worse than you?"Epic fail, USA. Epic.
⬐ dredmorbius⬐ pdkl95I've likened the situation to an auto-immune disease: a hopped-up defense mechanism which false-positive categorizes non-harmful elements as harmful.I like your threat-analysis line.
Automatic license plate scanning is bad enough, but at least some people are concerned about it. Meanwhile, the much more detail information that the phone companies gather for themselves and the NSA as part of COTRAVELER[1] has apparently been entirely forgotten.Building a map of where your license plate has been is bad enough. The map of which {micro,pico,femto}cell you phone has been near will contain far more detailed travel information. It didn't even require any clever hacks or software vulnerabilities; COTRAVELER only required writing a few INNER JOIN / WHERE clauses. It doesn't even use any private information: it only needs the metadata.
Unfortunately, I expect that the conclusion - that it is probably a bad idea in the long run for everybody to be carrying a radio transponder in their pocket - is going to be ignore (or actively avoided). Cognitive dissonance can be a powerful motivator, and these properties - necessarily common to all mobile communication devices are very dissonant with the common socially-acceptable addiction to social media and "being available" that keeps everybody tied to cell phone.
[1] http://www.washingtonpost.com/apps/g/page/world/how-the-nsa-...
⬐ pdkl95⬐ upofadownHmm... as the multiple down-voters left no explanation... I wonder which motivation is more likely: cell-phone addicts that don't want o think about long-term consequences of their habit, JTRIG-style trolling that doesn't like discussion about COTRAVELER, or one of the enemies I've made that like to down-vote most of my posts.⬐ new299> necessarily common to all mobile communication devicesI think there are possible technical solutions if there was a will to adopt them. The main problem is authenticating with the network, if unauthenticated wireless networks were generally available then it would likely make tracking harder.
I think even if you are paying for network access then there could be technical solutions to the problem. Perhaps authentication tokens which were purchased but not linked to a user.
I guess fundamentally, breaking apart network access authentication and user identification/authentication would be good.
But I agree, I doubt people are motivated enough to seek out a solution.
⬐ pdkl95While I don't completely rule-out the possibility of finding a technical solution, if such a solution exists it is going to be really hard to find. Re-associating "anonymized" tokens is a lot easier than it looks in many situations, and it doesn't take much data leakage to JOIN tables together. I would love to be wrong on this topic. It would be absolutely incredible if someone can invent a way to make mobile devices still work without leaking any information that can be tracked.I totally agree with separating authentication from authorization; we need to do that anywhere it is possible, not just for mobile devices. Unfortunately, the trend has been in the reverse direction. :/
⬐ new299I would have thought the problem in mobile networks might be easier than elsewhere. Where the wireless network is public infrastructure, for example, if devices used randomized MACs then I'd imagine it'd make them much harder to track.You'd still need to authenticate with a VOIP provider. But by breaking out these services I would guess it would make tracking much harder.
I sold my car so I was doing pretty good up until the part about the cell phone tracking. Time to get a pager I guess...⬐ pdkl95⬐ infectoidhttp://www.washingtonpost.com/blogs/the-switch/wp/2014/08/11...Pagers are probably a good idea.
Does anyone know of any good open source automatic number plate reading software?Was thinking if could be a fun project for my rPi 2 maybe.
⬐ cozzydGood thing I don't drive (but my Ventra card tracks me just the same).⬐ jessaustinTranscript:https://www.ted.com/talks/catherine_crump_the_small_and_surp...
TL;DR: Local cops have Automatic License Plate Readers that run all the time tracking every car that drives by, also that data is kept forever because why not.
⬐ ChuckMcMHere is a startup idea, the "License Plate Club" ...For $10 a month users register their license plate and state, then every month they get a printout of two random plates (at 75% size so as not to be confused with the car's real license plate) which you just stick to the side of your car doors. Of course being on the side of your car no police officer is going to think you're passing it off as your own plate, but every camera trained to detect and record license plates will add a 'hit' to their database right then and there. As more people join more license fuzzing data will be dumped into the databases and eventually all automatically collected license plate data will be useless without manually going through and verifying each sighting by hand, which will make it cost prohibitive.
Hell you could pay pedestrians to walk around with license plates as they go from intersection to intersection. That would be hilarious.
⬐ ams6110⬐ dmixHaving multiple license plates displayed is generally prohibited. As I found out when I had not had time to change my plate after it expired: I had the old one in the usual location, and the new one in the rear window. Got pulled over for it, but got only a warning.⬐ thomaskcr⬐ dragonwriterSame-ish experience (in DE) -- I hadn't taken down my temporary plate from my window and had my real one. Meter-cop walking by offered to throw it out for me and told me I couldn't have both.⬐ ChuckMcMIf you don't mind me asking, what jurisdiction was this?⬐ idohealthWhich makes perfect sense to me. Not sure how you thought that would be acceptable.But then, I am of the unpopular opinion that every car should be tracked, they are far too dangerous, and cause far too many accidents for them not to be.
You want to murder someone and get away with it in our society, the best chance you have is killing them with your car.
> For $10 a month users register their license plate and state, then every month they get a printout of two random plates (at 75% size so as not to be confused with the car's real license plate) which you just stick to the side of your car doors.This is probably illegal in most jurisdictions. For instance, it is definitely illegal in California. Standard licenses plates are 12"x6". 75% size is 9"x4.5". California Regulations (13 CCR Sec. 150.02) requires "facsimile or decorative" plates to be smaller than 9"x3" or larger than 15"x9".
⬐ NoneNone⬐ anonbankerReplying as breadcrumbs to a fantastic idea.⬐ morganvachon> Of course being on the side of your car no police officer is going to think you're passing it off as your own plateHow would you know this? In some jurisdictions you can be pulled over and cited for putting a government issued temporary license plate (i.e. one assigned to your vehicle) in the back window instead of the normal mounting spot. At the very least, fake license plates plastered all over a car would raise suspicion, especially if they return information about another vehicle. This is a bad idea all around.
⬐ ChuckMcMInteresting thought. Haven't tested it of course. So in California at least some basic searching hasn't found any statute which prevents you from displaying additional plates on your car, there is this one: https://www.dmv.ca.gov/portal/dmv/?1dmy&urile=wcm:path:/dmv_... which is the standard one. I've seen a number of trucks with multiple plates from different states, and of course the trucks from Mexico have both a Mexico plate and a US plate.I'm curious if you got cited for this, what they might cite you as violating?
⬐ morganvachon> I've seen a number of trucks with multiple plates from different statesAll of which would be registered to that vehicle, which is not what you are talking about doing. Your entire premise is about displaying plates that aren't registered to your vehicle, which will at the very least get you pulled over in most jurisdictions, if not cited.
> I'm curious if you got cited for this, what they might cite you as violating?
In Georgia where I live, it would be this:
http://law.justia.com/codes/georgia/2010/title-40/chapter-2/...
In short, you can't display a tag on your vehicle that isn't registered to it.
I get that what you are talking about doing is civil disobedience, and I'm not faulting you for that. I'm not a fan of automated license plate readers myself, or more specifically the lack of oversight given that it's usually operated by third party, for-profit companies. I'm just pointing out the flaws in your plan, based on what I know of the law (and I'm not a lawyer, just a former law enforcement staff member).
⬐ ChuckMcMThat statute is similar to the California one in that it says you have to show a valid plate for your vehicle. And like the California statute is notionally silent on the idea of making a plate visible on your vehicle that is in addition to your completely legal plates, and shown in such a way that it does not imply it is the vehicles registration plate.For the purposes of the experiment I bet you could wrap it in a frame that says "this is not the registration plate for this car" in easy to read letters.
Clearly the safer bet would be enlisting pedestrians or cyclists as the law is silent on either having a car plate visible while they are near street cameras and passing patrol cars.
⬐ morganvachon> is notionally silent on the idea of making a plate visible on your vehicle that is in addition to your completely legal platesNo, it's pretty clear and straightforward:
"(a) Except as otherwise provided in this chapter, it shall be unlawful:
...
(3) To buy, receive, use, or possess for use on a motor vehicle any license plate not issued for use on such motor vehicle"
But again that's Georgia law, so by all means go ahead and plaster your car with fake license plates and post back here with the results. You might indeed not get a second glance from your local law enforcement. And if you end up causing problems for the ALPRs employed by your local government, all the better. :)
⬐ ChuckMcMThanks, I'm going to have to lookup the case law on that one to see if people have ever contested of being in violation of having an additional plate visible on their car.Oh I assumed the piece of data was IMSI. Which IMO is far worse as you're not always in public.Those Cessna planes flying all over American cities can collect far more in a single day than all police cars on patrol can: http://www.startribune.com/nighttime-flight-circles-low-over...
⬐ giancarlostoroI wonder who hosts the data for them? Cops aren't usually this "advanced" in surveillance unless I'm wrong?⬐ dmix⬐ jessaustinSomeone I know works for a company in Florida that runs the servers and sells the license plate cameras to the police. One of many companies I presume.⬐ giancarlostoroAt least it's not the NSA then.⬐ tomohawkLocal police can charge you with crimes, restrict your movement (pull you over when you're trying to drive somewhere), throw you in jail, knock down your door at night and question you.NSA doesn't have any of these powers.
⬐ electicNot to mention they can also kill you with minor consequences.⬐ irishcoffee⬐ kjs3Source?⬐ electicReally?[1] http://www.washingtonpost.com/national/fatal-police-shooting...
⬐ irishcoffeeThanksEx-NSA personnel starting companies, some using NSA-backed VC funding, with promises of NSA and other Gov and LEA buyers. So, totally not NSA.⬐ jessaustinIf NSA were merely voyeurs they'd be much less troubling. The main problem with them, for Americans anyway, is that they transfer the results of their surveillance to law enforcement, typically in a fashion that is contrary to the Constitution and other laws of the nation. The scenario described here just cuts out the middleman, and as there was no mention of warrants or reasonable search it's dubious whether this meets a Constitutional standard either.More info from this researcher on this topic here:https://www.aclu.org/blog/police-documents-license-plate-sca...
[2013]
⬐ SilasXThank you. Could we please change the title to something less clickbaity like "Police are tracking license plates via cameras, revealing lots of private info"?I'm making comments like this disturbingly often...