kajer | sudo bash@drahardja@sfba.social
It would be a shame if cameras started getting disabled.
https://infosec.exchange/@kajer/114852777154507455
Rick O@kajer@infosec.exchange @drahardja@sfba.social This company needs to be disabled.
kajer | sudo bash@rickoooooo@social.authbypass.com @drahardja@sfba.social I didn't go poking at the API servers that collect photos/video from all the cams. Something tells me someone will probably find open S3 buckets soon.
Dave Rahardja@kajer@infosec.exchange @rickoooooo@social.authbypass.com Every one of these for-profit public-surveillance equipment companies will:
1. Surveil and collect way more data than initially agreed upon
2. Sell said data to brokers
3. Sell access to said data to law enforcement
4. Train AI models on said data
5. Sell derivative products that infringe on their usersβ liberty (e.g. pre-crime prediction, profiling, what have you)
6. Retain data far longer than they agreed to (through negligence or data-retention laundering)
7. Get hacked, releasing personally identifiable data to the criminal web
8. Get sold to another company that will use the data for things the initial contract never intended
This happens every time. EVERY DAMN TIME.
Say no to #surveillance. No short-term βsafetyβ benefit is worth this #enshittification.
Rick O@drahardja@sfba.social @kajer@infosec.exchange these are all the same concerns I've had! I'm really hoping this Norfolk lawsuit will go the right way but I suspect it will take years just to find out. We're trying to push back at the local level right now. If successful here our group will move to pushing for change at our state level.
Dave Rahardja@rickoooooo@social.authbypass.com @kajer@infosec.exchange Itβs really hard to push back. Iβve attended local meetings where these systems are proposed, but by the time public opinion is sought out, the whole deal is already basically negotiated.
I have zero organizing skills. It really needs organizing to get these things out of our neighborhoods.
Rick O@drahardja@sfba.social @kajer@infosec.exchange Our police department installed them without consulting our police commission. So we are now trying to stop them from putting in more and ideally removing the rest. Ultimate goal would be having these systems prohibited by local laws.
The topic came up at our local defcon meetup group where a few like-minded folks started talking. Also some folks on the local subreddit, also some other activists groups. Then we started converging to form a new group to focus on this issue.
Rick O@drahardja@sfba.social @kajer@infosec.exchange right now we are really trying to spread the word around town as much as possible and fight the misinformation spread by the PD and local news. We have a city council meeting coming up and I want to see it packed with anti flock people. This issue is heating up in our town which is exactly what we need.
Dave Rahardja@rickoooooo@social.authbypass.com @kajer@infosec.exchange Keep us posted!
kajer | sudo bash@drahardja@sfba.social @rickoooooo@social.authbypass.com
I'll send you the camera I have, although it's not entirely in 1 piece anymore.
The camera uses a yolov3tiny model and for sure is a generic model that detects vehicle, people, etc.
kajer | sudo bash@drahardja@sfba.social @rickoooooo@social.authbypass.com
in my linked thread, the camera does not do ALPR on the device. it just captures jpegs and mp4 files of vehicles, and does some cropping and uploads to "the cloud."
I was hoping to try SQL injection via ALPR, but no. Just jpegs and metadata about the jpegs. :(