[SATLUG] NSA/IP stack in non-free wifi drivers?

Mark Spieth mspieth376 at gmail.com
Wed Aug 14 12:09:13 CDT 2013

"The issue is not whether you are paranoid, the issue is whether you are paranoid enough." 
- Max, Strange Days

To some extent these days this is true. We as human beings living in a modern data driven, digital culture must come to a few realizations.. 

First, privacy is a thing of the past. Period. No if’s and’s or but’s about it, and it will only get worse. Can the government place back-doors into stuff? Of course they can. You may pretend that open source saves you from such things, but does it?

On one level is does. If you are so included to look at the source code or research it, you probably could be reasonably certain that it does not contain any back-doors etc. But is this actually realistic? Look at everything that goes into a stock Ubuntu Desktop install, then add software. I just finished reloading my Linux Mint Notebook and added a few things that I know I need. I and am already at 8+ gigs used.  

A dpkg –get-selections |wc –l shows 2204 installed programs, libraries etc.  Since we all can use different sources, mirrors etc, the reality is, there most certainly could be back-doors and such on my new Linux notebook. 

But even if I went with some sort of minimal install and checked everything, I can’t know what the hardware is actually doing as the bios and firmware on most things are NOT open source. There is no reason to believe that the firmware that runs your SATA controller can’t have something in it which could forward information it see’s as it writes to disk. Now of course, you could start to look at outbound connections, and or have a paranoid edge firewall in hopes of seeing and or blocking such connections. But that’s only a very small piece of the puzzle.

I look at it this way.. If the NSA see’s everything I do and is actually concerned about it, then most likely the world we live in is a much different place than it is today as I don’t do anything that in today’s world they would have the resources to care about.

To be honest with you, while the NSA stuff is very disturbing, I have to agree with Brad, the NSA is not really as much of a concern to me as corporate America is.  

Each of us has a digital past and future, most of which is not under control, nor have we actually ever interacted with it. Thanks to cloud computing, and big data tools such as hadoop, and machine learning, lots of things are possible, both good and bad.

For example… You Drive to Wal-Mart for something.  The external parking lot cameras show you driving in, what car you have and your license plate. They track you as you walk into the store, they watch your every shopping move and record your shopping habits. Both via Cameras and by triangulating on your cell phone signal. How long you look at an item, the path you walk through the store etc. Then you purchase something, probably using your credit/debit card. Now they can match you to your face and car via your credit card, and facial recognition. Next they start trolling Facebook and other public sources of information to gain more information about you your lifestyle and your friends. Since you shop there often you have the Wal-Mart app on your phone, if you have ever looked at the permissions most phone apps get, its scary!

That’s a lot of information they have on you just from going to Wal-Mart! I’m not saying this is a problem, its just reality. If one could obtain and analyze all the digital information there is about you across all the stores, insurance companies, DMV, tax information etc. One would probably know more about you financially, physically, and psychologically than you do!

The biggest area, which I just do not understand, is healthcare data and its privacy. To me one of the first areas we need to give up privacy on is your healthcare record. Being in the healthcare industry, every year more and more rules come down as to how I have to further secure healthcare information. To me making it secure should not be our first concern, it should be how that information is or can be used. 

While a lot of bad things can come from a completely open digital society, a lot of really good things can happen also. 

If I had access to everyone’s health records, I could analyze that data and find out which drugs actually work, not just which drugs work according to the drug companies. Most Drug/Drug and Allergy information used by today’s doctors really is not all that accurate. If you take 6 medications daily, I doubt anyone has ever actually done a study on the exact combination you are taking.  But if we could look at the data produced by everyone’s healthcare record, we would be much closer. If I added in you’re eating habits via HEB’s knowledge of what you buy, I could start to trend what foods, chemicals etc. cause cancer, Autism etc. Just using data that they are already collecting on you.

Just to give one more example.. You are your family are driving across country on a road trip. You stop at many places along the way and shop, sight see and eat. 3 days later, your whole family is sick with dreaded but rare Big Toe eating Bacteria. How and where did you get this illness? If we could access your healthcare record, GPS information from your phone, and credit card transactions we would know everywhere you went. Then look for others who came down same Bacteria during the same time frame and along the same routes. Quickly we would probably find out at least where you got the Big Toe eating Bacteria, and hopefully save another families big toes! Oh.. This might also work well for helping to contain the Zombie Apocalypse!

Just something to think about…


More information about the SATLUG mailing list