updated PO files

[tails-test.git] / wiki / src / forum / geoip / comment_2_08fcce140f0663a217a6ef8c26fcdcce._comment

[[!comment format=mdwn
 ip="127.0.0.1"
 subject="comment 2"
 date="2013-03-13T23:00:58Z"
 content="""
@ \"Tails\": 

Are you referring to executables provided by the geoip-database package in Debian stable?

     http://packages.debian.org/stable/geoip-database

>  GeoIP is a C library that enables the user to find the country that any IP address or hostname originates from. It uses a file based database.  This database simply contains IP blocks as keys, and countries as values and it should be more complete and accurate than using reverse DNS lookups. 

I want to be sure, because packages related to Geoclue may be worrisome to users who run Tails from a laptop,  due to the danger of unwittingly providing GPS information to \"location-aware apps\" as one surfs (a potentially dangerous privacy violation to which Windows users are known to be subject, although this concern may be diminished for Linux users):

     http://packages.debian.org/stable/geoclue

> GeoClue provides applications access to various geographical information sources using a D-Bus API or a C library.
 
     http://packages.debian.org/stable/geoclue-geonames

> GeoClue provides applications access to various geographical information sources using a D-Bus API or a C library.  This package provides a geocoder backend for GeoClue. The location information comes from www.geonames.org.  

     http://packages.debian.org/stable/geoclue-gpsd

>  GeoClue provides applications access to various geographical information sources using a D-Bus API or a C library.  This package provides a positioning backend for GeoClue. The location information comes from a GPS receiver through gpsd.
    
As I recall, it is public knowledge that this or a similar utility (installed by the owner of a laptop, as part of a standard installation) has already been hijacked by \"the authorities\" in order to arrest at least one political dissident (an Occupy activist), in a highly publicized case which occurred recently in the USA. 

As I recall, it is also known (for example, from papers in the freenode archive) that under certain circumstances, dbus vulnerabilities can be abused by our adversaries.  This could be particularly relevant for users who boot Tails from a USB stick.

One recalls that Google, which has just been fined 7 million dollars for illegally snagging 

* the name and MAC address of all WiFi routers encountered by StreetView vehicles
* information about any encryption used
* MAC addresses of attached peripherals
* email content snagged in passing from unencrypted routers

One recalls further that a Google patent application laid out pretty clearly Google's interest in collecting such data: it wants to identify by MAC address to map by geolocation all the home and office electronic equipment in the world, to within one metre accuracy, in three dimensions.  Pretty amazing, but the patent application is quite clear, and it is easy to see what kinds of organizations Google planned to sell this data.  (Alas, other organizations are hard at work on similar projects, mostly with less secrecy than has been adopted by Google.)

I can dig up some links if anyone is interested.


"""]]