The US military’s privacy pearl clutching

The Ease of Tracking Mobile Phones of U.S. Soldiers in Hot Spots – WSJ:

 

In 2016, a U.S. defense contractor named PlanetRisk Inc. was working on a software prototype when its employees discovered they could track U.S. military operations through the data generated by the apps on the mobile phones of American soldiers.

…  The discovery was an early look at what today has become a significant challenge for the U.S. armed forces: how to protect service members, intelligence officers and security personnel in an age where highly revealing commercial data being generated by mobile phones and other digital services is bought and sold in bulk, and available for purchase by America’s adversaries.

 

A bunch of thoughts:

I can’t help but immediately think about the push in many political quarters to weaken security by breaking encryption. I’ll get back to that.

Why did this get attention in 2016? And no, this was not “an early look”.

The government has known for decades that cell phones are trackable if they have power and their transceiver is on. It’s how cell phones work. Anyone who’s watched any incarnation of Law & Order in this century or the last also knows this. The government could have mandated a phone system that would have afforded protections but the carriers resisted, I expect.

And don’t forget cell phones aren’t always phones – laptops and tablets and watches and Kindles and a bunch of other things might – and eventually will – have cell connectivity. With 5G, the distinction might go away if the media (cell, wired, wifi, &c.) converge as advertised. Imagine golf gloves that report your stats back to the cloud.

By the way, all that additional social media data is gravy to the buyer, but someone specifically wanting to track the movement of US military personnel around the globe don’t need it … from military personnel.

Take this scenario:

  • They script a tool like the McDonalds Ice Cream Machine tracker to scrape airline seat assignments to see if open seat availability suddenly drops on certain routes;
  • They scrape social media for hub airport and airline workers who are talking about increases in military personnel coming through; and
  • They watch counts for private Facebook groups for military families to see if their memberships increase.

Based off of that trivial-to-collect data (It’s free or for sale), and we assume they just generally monitor social media and the news, it’s not hard to get an idea of what’s happening. And before anyone complains that my loose lips are sinking ships, this is a simple scenario that is well understood and the plot of several books, movies, and TV shows.

Note, my above scenario assumes all the military personnel are disconnected and analog.

Also note that the above scenario works for advertisers as well as it does for bad actors and for industrial espionage …  and other use cases..

That things would evolve into what the Wall Street Journal article describes was predictable:

buried in the data was evidence of sensitive U.S. military operations by American special-operations forces in Syria. The company’s analysts could see phones that had come from military facilities in the U.S., traveled through countries like Canada or Turkey and were clustered at the abandoned Lafarge Cement Factory in northern Syria, a staging area at the time for U.S. special-operations and allied forces.

The U.S. military’s clutching of pearls and muttering, “Well, I do declare that I never …  ,” about this situation is perhaps disingenuous. ※

The U.S. government has built robust programs to track terrorists and criminals through warrantless access to commercial data. Many vendors now provide global location information from mobile phones to intelligence, military and law-enforcement organizations.

But those same capabilities are available to U.S. adversaries, and the U.S.—having prioritized a free and open internet paid for largely through digital advertising with minimal regulation of privacy—has struggled to effectively monitor what software service members are installing on devices and whether that software is secure.

Which brings us back to encryption – strong, uncompromized encryption –  is one of the tools that the government could bring to bear to help protect troop movements. There are innumerable ways they could, and do, leverage encryption. By the way, we need strong encryption for e-commerce, on-line banking, and a ton of other critical things.

There’s some reflection on the tech industry welding batteries into their phones (and devices) and adopting eSIMs, predicating an always on-line but always trackable society, that needs considering.

Solving this problem, the consolidation of anyone’s/everyone’s/each-of-our on-line and off-line life into a revenue stream for the advertising companies that are Facebook and Google, one that is very much the government’s own creation yet needs to be solved by the government, is a complex undertaking that will require the private sector to forgo some profits for the greater good. Oh, it could fix some of the military troop movement leak issue as a byproduct.

※ There is a American trope about the White southern belle or matriarch who, when faced with realities with which she does not want to deal, does what I describe.

More on the charismatic leader problem

Dense Discovery – Issue 136:

The current debate should make us more level-headed when it comes to our relationship with work. It should give us cause to reflect on how much we allow our identity to be tied to corporate constructs that don’t have our best interest at heart – not to the extent we like to believe they do. It should make us stop idolising corporate ‘thought leaders’ for anything other than their opinions on maximising profit – certainly not for their guidance on social or moral issues. – Kai

I would change the above slightly: “The current debate should make us more level-headed when it comes to our relationship with work and technology.

From Matt Birchler:

To be abundantly clear, I think this Basecamp situation is bad and gets worse the more we hear about it, and I don’t mean to imply my admiration of the Hey service means I admire the leadership actions at Basecamp. Rewind a year and I would have told you I was signing up in large part because of that same leadership team, but things have changed since then, to say the least.

Matt’s comments are along the lines of what I wrote yesterday about the dangers of choosing technology based on who’s producing it. It’s not that Hey is a flawed product because of the Basecamp founders. If it solves problems for you, so be it, but there’s a moral and ethical calculus that should take place about continuing to do business with them (which takes me into a whole “SaaS solution drawbacks” rant I will save for another day).

We need to remember that these charismatic leaders are not super humans or even better people. They are people, just as flawed as the rest of us. We should cast an especially critical eye when they seem to be getting high on their personal narrative, as Joel says over at Ata Distance:

corporate heroes are mostly marketing. To which I would add that in the case of a Carlos Ghosn, the corporate savior image was nothing but marketing, media manipulation…and good old ‘west is best’ cultural snobbery. The very same western cultural snobbery his apologists use to defend him. [emphasis mine]

Excellent call on including Ghosn, and for those who either aren’t in Japan or the automotive industry check out that story. I went out with a woman who worked at Nissan and spent half of our date talking about him in reverential tones. Her support of him waned, but it took a while for her to escape his glamour.

And yes, they are making Ghosn’s story into a miniseries.

Beware charismatic leaders; they won’t save us

Basecamp resignations:

About a third of Basecamp’s employees have said they are resigning after the company, which makes productivity software, announced new policies banning workplace conversations about politics.

I followed Basecamp’s Signal v. Noise blog for a long time and I’ve got a few of the founders’ books on my eReader. I avoided the Hey! email product because it seemed to me to solve someone else’s problem.

A few Christmases ago my nephew talked my ear off about Elon Musk. Musk is not for me. He’s not entertaining to watch/hear/read, I suspect he isn’t as innovative as his marketing suggests, and I suppose he likely has a few Jony Ives behind the scenes he prefers to keep there so as not to diminish his limelight. I love my nephew regardless of his taste.

Before that I was into Google in a big way, not just for Brin and and the other guy but what Marissa Meyer was doing there. I had a crush, intellectual and schoolyard. When she jumped ship to Yahoo!, I was on-board. Marissa would be free to do her thing! She disappointed.

Google disappointed me, too, in so many ways. They’re in the process of killing off the last remnant of what I found essential of Google, Voice. Once it’s gone I think my Gmail account will go into forward only hibernation.

Steve Jobs.

Palm was a great example of charismatic leadership keeping a moribund property afloat. It divided and reformed and divided again and made a big platform change and, in many respects, is the Apple cautionary story had things played out differently. The new Palm had new leadership and new investors (Bono!). When HP bought Palm under Mark Hurd, I was ecstatic – finally enough money and tech savvy to realize the vision, I thought. Hurd was ethically compromised, so the guy from SAP came in and effectively killed Palm. Then Meg Whitman came to town and I left town (I worked for HP) and she “maximized shareholder value” and then went on to launch Quibi.

I’m sure in my timeline there are other folks I elevated or could have elevated who would have disappointed me.

Companies will lose whatever approximation of soul the founders might have tried to imbue, what with absolute power and all. There’s too much money, power, and prestige at stake.

UPDATE: an earlier version of this post said Meg Whitman ran for governor of California after her time at HP. That happened before she went to HP.

Paying for Civilization – Teacher Appreciation Edition

Performative appreciation resembles action:

That’s What the Money Is For:

Teacher appreciation — outside of verbal and written praise — shouldn’t manifest in individual tokens that hinge on family income and gendered labor, because we actually have an efficient, effective, and generally fairly distributed way to show public servants our gratitude and support. It’s called taxes. Taxes are the way we “appreciate” the people who build our roads, the people who process our wedding paperwork, the people who maintain our buildings. And taxes should also be the way we appreciate our teachers: to adequately outfit their classrooms with enough supplies, to make a wage that allows them not to take on a second job and afford housing in their district, to have the sort of stability that makes it possible for them to continue to be one of the most important people in your children’s lives, but also the lives of children you’ll never know. [emphasis mine]

Read the whole article, specially if you have kids and are going though Teacher Appreciation Theater.