Andy Burns <
use...@andyburns.uk> wrote
>> I don't test the postimages as 'they' would (over time) be able to
>> track me from just those tests (as I'd always be the first downloader),
>> so I only look at the postimages sporadically (& always on random VPN).
>
> If "they" could track you via download logs, can't they also track you
> via upload logs?
Hi Andy,
Yes. But I have, among my degrees, engineering & microbiology degrees,
where each field has a set of "good practices" that you always follow.
And, looooooong ago, I had TSSI clearance when I worked with the people
whom we shall simply call "Fort Meade" (way before the new buildings) where
they had this big brick building with all the windows covered from floor to
ceiling with heavy layers of carpet-like curtains - and where they escorted
you even _in_ the bathroom (which is the only place I visited that ever did
that although Haifa's visits were similarly secretive - and where I recall
they showed me the holes in the outside safe-room walls from the missile
blasts raining down from Lebanon).
At least in Haifa they have those special protect-you-from-everything rooms
(which is kind of sort of like what I'm trying to do here with images).
For example, I wash my hands after I pee for a happy birthday song time.
And I ground my hands by touching metal before I remove a socketed chip.
Am I really worried that the spirochetes are gonna get me?
Or that the 30K volts from my body is gonna destroy the CMOS gates?
No.
It's just basic habitual good practice.
As for upload logs, I once sold a car so I left a forum and I was shocked
that people were looking for me for years. My contributions to that forum
were acknowledged to be the best where they're still often the first Google
hit when you search for specific keyworded brand-related problem sets.
That shocked me.
People truly care to track me down.
Some geolocated my photos to the same area I lived and they asked the
administrators to track me down. They even checked the obituaries. If you
have a private way of communicating with me I can prove that they tried to
track me down because they were worried that I had died - but the point is
that I keep my real IP address out of anything that I have to log into.
Even Rod Speed, whom I reported to the FBI for asking people to kill me
and, in doing so, he asked them to contact him at his mail address, tried
to track me down when I had Paolo remove a.h.r from his news servers.
But to answer your question about download logs, that's one reason why I
never download my own pictures at any time near upload (or ever, if
possible).
And I don't post to the same nntp newsserver that I read from, as another
example of just basic good practices.
I have every web browser known to man installed, so that I can use one web
browser per task such that it's set up specifically for _that_ task.
I have killswitches that I run when I use decryption software, for another
example, just in case someone is watching in real time (although a
keystroke recorder would negate that in a flash even as I move the mouse on
and off the input field whenever I'm typing passphrases into login fields).
At last count I had six thousand free VPN servers, which are randomly
rotated through, where none of them require a login - but of course - the
VPN service certainly has my IP address.
You may notice my screenshots show GPS spoofing where my phone's location
is always spoofed (where it changes at a certain rate but I wish I could
get it to follow a road instead of just moving randomly about).
It disturbs me that my neighbors don't employ SSID broadcast "hiding" and
that they don't put "_nomap" on their access point SSIDs because Google
Maps has a conniption when it thinks I'm at the San Jose Airport and my
true home location at the same time where you can rest assured I have
"_nomap" and hidden broadcast to prevent my exact location being in the
Google or NetStumbler or WiGle or Mozilla, etc., wardriving databases.
These are all just basic "wash your hands & disinfect your needles" habits.
As a side note, I think it's incredibly rude for the many stupid people
(which are about 990 out of 1000 people) who don't think twice about
broadcasting their SSID in the clear and not including the "_nomap" and
then it's doubly rude for even more stupid people to habitualy upload
everyone's unique BSSID/GPS to those same tracking databases.
It's like 990 out of 1000 people kick a stray dog, just because they can.
>> It's pretty much only Paul and I who care enough to provide others
>> with annotated screenshots (since they're clearly a bitch to make)
>
> Yeah, I generally just save screenshots, very rarely with a bit of
> highlighting.
You do too. It's only the ones who care the most who upload screenshots.
Me? I strive to add value archived for many future users to benefit.
>> Bear in mind that I post thousands of images to the Internet on a
>> variety of forums, and hence I'm aware of Fourier transforms & how they're
>> used by TLAs to identify the exact camera that snaps any photo
>
> Is there a camera involved?
Your thoughtful question shows you're thinking - and - that you're well
ahead of me - as always - in terms of your knowledge level & acumen.
The display of the Android phone is being "recorded" by the Android
screenshot capability - and the display of the PC is also doing that.
Are those two screen displays capable of being digitally fingerprinted?
> I thought we were discussing screen captures, rather than photos of screens.
It's a habit for all images which are posted to the Internet, even on
social media, just alike disinfecting all my meth needles is a basic habit.
However, you bring up a great point where _different_ things are involved!
a. The screen capture of the phone (specifically for long scrolls)
b. The screen capture of Windows (of the phone, via Irfanview's "C" cmd)
c. The camera images (which are less used in OS stuff than in other areas)
Since I'm on many web discussion forums (e.g., I write the best tutorials
you've ever seen for step-by-step electronics repair, for example) there's
a camera involved in almost every situation for home and automotive repair.
However, _most_ cases on these newsgroups are screen captures from Windows
of the Android screen as displayed by scrcpy onto Windows using Irfanview.
But not all cases, since long scrolls, are captured on Android as I don't
know of any way on Windows to capture a long scroll on Android. Do you?
What I do, of course, is habitually mount my phone (over WebDAV over Wi-Fi)
as a Windows drive letter where only recently did I get that hands off.
*How to take long Android screenshots from Windows without touching buttons*
<
https://groups.google.com/g/comp.mobile.android/c/W2l42QgUXZI>
These long scrolls are initiated from Windows (because I never touch my
phone, that's why) and, of course, they're autosaved to the DCIM
Screenshots location, which is mounted as a drive letter on Windows.
Since I was born a problem solver, I just realized as I was typing that up,
that I can maybe capture the long scroll from Windows by displaying the
long scroll on Android and then using Irfanview to snapshot it on Windows.
Then I don't even need to copy the long scroll from the Android Windows
drive letter into my editing folder since Irfanview already does that.
Hmmm... good idea. I'll try that next time & check if resolution suffers.
>> I'm pretty sure Andy understands as he and those like Stan, Paul, & Herbert
>> are way smarter than I am, but for those who don't know this fact,
>> if you put photo #1 from your camera on Facebook, and then you put Photo #2
>> in your political discussion group... "they" (they who run that software),
>> can uniquely associate _every single picture_ you ever posted to the
>> Internet to that same camera - simply by fingerprinting the pixel flaws.
>
> I would expect that sort of thing is possible, but might have assumed it
> would take "several" photos, no just two to make the connection, and I
> wouldn't expect it to be feasible across all photos, but reserved for
> the sort of folk who appear on most-wanted lists.
No. I posted about this years ago. It takes only a two photos to 100%
accurately identify the EXACT camera according to reports from years ago.
Of course, I asked about this on the rec.photo.digital newsgroup, and this
newsgroup, as I recall - but nobody knew anything about it - and - truth be
told - very few people other than the likes of Paul will even understand
it.
I'm sure you do - but you're not on the r.p.d newsgroup - where you'd
"expect" them to know something about photo fingerprinting - but I asked
the question over a couple of years in multiple occasions and determined it
would be a waste to continue trying as they know absolutely nothing.
I was disappointed in the lack of knowledge, and how childish the responses
were (tin foil stuff) but then again, I lack the requisite knowledge too.
I'd love to know more about digital fingerprinting so if anyone has
references, let me know and I'll read them as I have been doing this for
years, such that I've introduced randomness into thousands of uploads.