Hackaday Links Column Banner

Hackaday Links: March 10, 2024

We all know that we’re living in a surveillance state that would make Orwell himself shake his head, but it looks like at least one company in this space has gone a little rogue. According to reports, AI surveillance start-up Flock <<insert gratuitous “What the Flock?” joke here>> has installed at least 200 of its car-tracking cameras on public roads in South Carolina alone. That’s a serious whoopsie, especially since it’s illegal to install anything on state infrastructure without permission, which it appears Flock failed to obtain. South Carolina authorities are making a good show of being outraged about this, but it sort of rings hollow to us, especially since Flock now claims that 70% of the population (of the USA, we presume) is covered by their technology. Also, police departments across the country are in love with Flock’s service, which lets them accurately track the movements of potential suspects, which of course is everyone. No word on whether Flock will have to remove the rogue cameras, but we’re not holding our breath.

Continue reading “Hackaday Links: March 10, 2024”

Big Candy Is Watching You: Facial Recognition In Vending Machines Upsets University

Most people don’t think too much of vending machines. They’re just those hulking machines that lurk around on train stations, airports and in the bowels of school and office buildings, where you can exchange far too much money for a drink or a snack. What few people are aware of is just how these vending machines have changed over the decades, to the point where they’re now collecting any shred of information on who interacts with them, down to their age and gender.

How do we know this? We have a few enterprising students at the University of Waterloo to thank. After [SquidKid47] posted a troubling error message displayed by a campus M&M vending machine on Reddit, [River Stanley] decided to investigate the situation. The resulting article was published in the February 16th edition of the university’s digital newspaper, mathNEWS.

In a bout of what the publication refers to as “Actual Journalism”, [Stanley] found that the machine in question was produced by Invenda, who in their brochure (PDF) excitedly note the many ways in which statistics like age, gender, foot traffic, session time and product demographics can be collected. This data, which includes the feed from an always-on camera, is then processed and ‘anonymized statistics’ are sent to central servers for perusal by the vending machine owner.

The good news is that this probably doesn’t mean that facial recognition and similar personalized information is stored (or sent to the big vaporous mainframe) as this would violate the GDPR  and similar data privacy laws, but there is precedence of information kiosks at a mall operator taking more liberties. Although the University of Waterloo has said that these particular vending machines will be removed, there’s something uncomfortable about knowing that those previously benign vending machines are now increasingly more like the telescreens in Orwell’s Nineteen Eighty-Four. Perhaps we’re already at the point in this timeline were it’s best to assume that even vending machines are always watching and listening, to learn our most intimate snacking and drinking habits.

Thanks to [Albert Hall] for the tip.

Hackaday Links Column Banner

Hackaday Links: September 10, 2023

Most of us probably have a vision of how “The Robots” will eventually rise up and deal humanity out of the game. We’ve all seen that movie, of course, and know exactly what will happen when SkyNet becomes self-aware. But for those of you thinking we’ll get off relatively easy with a quick nuclear armageddon, we’re sorry to bear the news that AI seems to have other plans for us, at least if this report of dodgy AI-generated mushroom foraging manuals is any indication. It seems that Amazon is filled with publications these days that do a pretty good job of looking like they’re written by human subject matter experts, but are actually written by ChatGPT or similar tools. That may not be such a big deal when the subject matter concerns stamp collecting or needlepoint, but when it concerns differentiating edible fungi from toxic ones, that’s a different matter. The classic example is the Death Cap mushroom (Amanita phalloides) which varies quite a bit in identifying characteristics like color and size, enough so that it’s often tough for expert mycologists to tell it apart from its edible cousins. Trouble is, when half a Death Cap contains enough toxin to kill an adult human, the margin for error is much narrower than what AI is likely to include in a foraging manual. So maybe that’s AI’s grand plan for humanity — just give us all really bad advice and let Darwin take care of the rest.

Continue reading “Hackaday Links: September 10, 2023”

Smart Garbage Trucks Help With Street Maintenance

If you’ve ever had trouble with a footpath, bus stop, or other piece of urban infrastructure, you probably know the hassles of dealing with a local council. It can be incredibly difficult just to track down the right avenue to report issues, let alone get them sorted in a timely fashion.

In the suburban streets of one Australian city, though, that’s changing somewhat. New smart garbage trucks are becoming instruments of infrastructure surveillance, serving a dual purpose that could reshape urban management. Naturally, though, this new technology raises issues around ethics and privacy.

Continue reading “Smart Garbage Trucks Help With Street Maintenance”

Bluetooth Battery Monitors That Also Monitor Your Position, Without Asking

These days Bluetooth-based gadgets are everywhere, including for car and solar batteries. After connecting them up to the battery, you download the accompanying app on your smartphone, open it up and like magic you can keep tabs on your precious pile of chemistry that keeps things ticking along. Yet as [haxrob] discovered during an analysis, many of these devices will happily pass your location and other information along to remote servers.

The device in question is a Bluetooth 4.0 Battery Monitor that is resold under many brands, and which by itself would seem to do just what it is said to do, from monitoring a battery to running crank tests. Where things get unpleasant is with the Battery Monitor 2 (BM2) mobile app that accompanies the device. It integrates a library called AMap which is “a leading provider of digital map in China” and part of Alibaba. Although the app’s information page claims that no personal information is collected, the data intercepted with Wireshark would beg to differ.

In part 2 of this series, the BM2 app is reverse-engineered, decompiling the Java code. The personal information includes the latitude and longitude, as well as GPS, cell phone tower cell IDs and WiFi beacon data, which understandably has people rather upset. In addition to leaking your personal info, the BM2 app seems to be also good at running constantly in the background, which ironically drains your phone’s battery at an alarming rate.

Cases like these should be both a warning to not just install any app on your smartphone, as well as a wake-up call to Google and others to prevent such blatant privacy violations.

(Thanks to [Drew] for the tip)

Circumvent Facial Recognition With Yarn

Knitwear can protect you from a winter chill, but what if it could keep you safe from the prying eyes of Big Brother as well? [Ottilia Westerlund] decided to put her knitting skills to the test for this anti-surveillance sweater.

[Westerlund] explains that “yarn is a programable material” containing FOR loops and other similar programming concepts transmitted as knitting patterns. In the video (after the break) she also explores the history of knitting in espionage using steganography embedded in socks and other knitwear to pass intelligence in unobtrusive ways. This lead to the restriction of shipping handmade knit goods in WWII by the UK government.

Back in the modern day, [Westerlund] took the Hyperface pattern developed by the Adam Harvey and turned it into a knitting pattern. Designed to circumvent detection by Viola-Jones based facial detection systems, the pattern presents a computer vision system with a number of “faces” to distract it from covered human faces in an image. While the knitted jumper (sweater for us Americans) can confuse certain face detection systems, [Westerlund] crushes our hope of a fuzzy revolution by saying that it is unsuccessful against the increasingly prevalent neural network-based facial detection systems creeping on our day-to-day activities.

The knitting pattern is available if you want to try your hands at it, but [Westerlund] warns it’s a bit of a pain to actually implement. If you want to try knitting and tech mashup, check out this knitting clock or this software to turn 3D models into knitting patterns.

Continue reading “Circumvent Facial Recognition With Yarn”

Adversarial IR Hoodie Lets You Own The Night In Anonymity

If you’re in the market for something to obfuscate your nefarious nocturnal activities, rejoice — this adversarial infrared hoodie may be just what you’re looking for.

Not that we condone illegal activities, of course, and neither does artist [Mac Pierce], who created “The Camera-Shy Hoodie.” His purpose seems to be exploring the nature of the surveillance state, or rather to perplex it in the name of anonymity. The idea is simple — equip a standard hoodie with a ring of super-bright IR LEDs, and control them with an RP2040.

We’ve seen blinding hoodies before, but here the LEDs strobe on and off in one of three different patterns, all of which are timed to confound the autoexposure mechanism in just about any surveillance camera by not giving it time to adjust to the rapidly and drastically changing light level. The result is near-total obfuscation of the wearer’s facial features, at least when the camera is in night-vision mode. Check out the results in the video below.

There are some nice touches to [Mac]’s approach, like aluminum PCBs for the LEDs and the use of soldered-on fabric snaps to attach them to the inside of the hoodie, making them easy to remove for laundering. With the LEDs peeking through holes in the fabric, the hoodie looks pretty run-of-the-mill — until, of course, night falls and the USB battery bank in the hoodie’s pocket powers up the light show.

Granted, this won’t exactly help you avoid detection — the big ball of light around your head will be instantly seen by even the most casual observer. But at least it makes it easier to keep your face to yourself. And it won’t help much in daylight — for that, you might want something a little more like this passive adversarial ugly sweater.

Continue reading “Adversarial IR Hoodie Lets You Own The Night In Anonymity”