#6 Mass Targeted Attacks: How Your Data Gets Out

The 6th episode of our weekly podcast ‘Conversation with a Hacker’. Non-technical podcast about privacy, security and other mysteries. From an ex-professional hacker.

‘Mass Targeted Attacks’:
In this episode, Greg walks us through 3 types of ‘mass targeted attacks’ that affect all of us and that we don’t know much about: GSM attacks, mass surveillance and data collection, and shares a few important tips on how to protect ourselves from them.

  • GSM: This has to do with your phone number. ISPs collect your data out of the GSM network. They collect the data on a mass scale, on everybody.

This data collection involves your position, who you call, who you text, the content of your texts,.. Tips to protect yourself include:

Use communication apps, that communicate on the network. Don’t call somebody using GSM, and don’t text with simple SMS. Use apps like Signal (private version of WhatsApp), as these apps won’t be logged on the GSM network.

  • Mass surveillance: This is done by governments. They basically scan the entirety of internet, calls etc. Tips to protect yourself include: use tools that are End-to-End encrypted.
  • Data collection: This is quite a complex attack. Your phone is sending everyday a lot of info, gigabytes of your data, to a lot of companies, and you don’t know where or how. This data goes through different companies, and then companies sell it to ‘data brokers’. ‘Data brokers’ amass and collect the info, and then sell it back.

As a customer you don’t have access to these ‘data brokers’, however a range of companies can, e.g. background check companies. Through these background check companies, anybody can have access to all your info (info from your phone, social networks, what you did, etc), so anybody can access the info that your phone and your apps collect and send, without you knowing at all.

Tips to protect yourself:

Don’t use a smartphone.

If you use one, use more privacy oriented phones: Apple better than Google. If you use Google, go for pure version of Google. You can also go for privacy focused phones like PinePhone, Librem 5.

Be careful with the apps you install on your phone: don’t install apps that you know are selling your data or that have problems with privacy.

  • Example of Facebook with data collection: how creepy it gets
  • The invisible cameraman
  • Use private tools to protect yourself from mass targeted attacks
  • Instead of WhatsApp, use Signal
  • Use VPNs
  • Go for privacy focused companies/tools

Tools mentioned: