You mean[yes][advanced privacy settings that needs to be set individually for the hundreds of "collaborators" so that you just look at it and decide that it's too much trouble and just accept it]?
Your personal data should be legally treated as your personal property and not some companies private property to be aggregated then monetized or exploited.
@@Bone_guy This is true, there are people who wouldn't be able to afford stuff, but it's also a double-edged sword, because you pay anyway, for example by buying more expensive products because they can be better advertised to you.
@@casperes0912 ... I "always" do this when ever possible. How ever I don't really believe it makes any real difference.... For single instance use it might work, but for repetitive use OR against "larger actors" I don't think You can "obscure Yourself" !! I'm quite convinced that "The patterns" will always reveal us in the "longer term". Should any "large actor" (state or commercial) decide that they wanted to "identify" You, (for what ever reason) I don't think they would find it particularly hard to pinpoint quite exactly Who You are, and Where You are...(unfortunately) Best regards PS, My opinions regarding "our lost anonymity" against "larger actors" are on the presumption that You are living in the "industrialised world" or "active online" or own a personal mobile phone ((or using a ""credit card""))
To be fair, 4 data points in the same location is still 4 data points. So if I stay somewhere, and it captured my location anonymously four times, I think it still can identify me.
@@andrewmat I was aware it was probably a joke, but there are those who do believe this kind of thing. They believe that there are simple means of remaining anonymous. In today's world, this is next to impossible. About the only way to accomplish this is to "go off the grid."
Turns out, your daily commute to work is unique. While I was working at at a Major Company, they were aware of these details, and were working hard to make sure that a) the data they had was individually untrustworthy (i.e. your mobile would lie about its location at a rate to enough to help mask your true location and speed details), which is fine, because in the aggregate data, these lies are noise that can be accounted for, but not filtered out, b) they try and only ever give out aggregated data, out of the company, and even inside the company, this way you cannot link say a path of locations to a single user, and c) they make sure that when releasing additional aggregated data, they don’t create an interference pattern that can then be used to filter out individuals in the aggregated data. I mean, none of these systems are perfect, it’s kind of impossible, but they were working really hard, and had a ton of smart people working on how to prevent information leakage revealing personal info.
BTW, this post accidentally brought to you by: pseudoanonymization really doesn’t work, because information leakage makes it very easy to figure out who I worked for.
With location data it is very difficult to be anonymous: The common night location will be the home address and the common day location will be the work/school/etc. address (or opposite in a few cases).
@@veggiet2009 I don't subscribe to this hyper paranoid idea that you always have to act like the NSA is investing millions of dollars into tracking you down, that's not how it works at all, unless you are some sort of hitman or drug lord, or someone like edward snoden then maybe.
I sometimes wonder why some people believe that "this data is anonymous, you can trust us with it, it's just meta data" and don't just realize that companies wouldn't be after all this data, if they wouldn't get anything out of it (like accurate profiles for targeted ads).
But there also exist use cases where anonymous location data is a necessary information for the company to be able to provide acceptable service to the customer. Think, " service centre near me." Also, it is not necessary that every firm asking for anonymous geo data (for strictly essential, non nefarious purposes) will keep on storing that data forever with them, or is it?
@@m77dfk No, I see no reasons (except those of monetary nature), why a company needs any of my personal data not strictly necessary to provide the service. For example, any company that provides me with the information "nearest service center" doesn't need to know my location, it just needs to show me a map with markers where I can look for the nearest service center myself. No company "needs" ALL my e-mail addresses, my message history, my location history, my interaction data, or my other social media account names. One e-mail should be absolutely sufficient. But even worse is the claim that they "need" this data to improve their services... looking at UA-cam which gets worse every single year... looking at Google which gets more ad-infested every single year. The only app on my smartphone that I have noticed to be improving over time is, coincidently, one of the apps not asking for any data and instead relying on reviews from users.
@@WaluigiisthekingASmith I don't see where you are pulling this implication from. I clearly state that anonymous data is useless, *unless* it is critical for the operation of the service. Moreover, I also see anonymous data as useful, if the resulting gains in convenience far outweigh the losses in privacy. Let's look at the geolocation data and the "nearest service center" example again. Unless I am located deep in the woods without obvious landmarks to help me pinpoint my exact location myself, sending my location data just is not critical for the service to work, because giving me a navigatable map is absolutely sufficient. Now, sending the location data makes finding the nearest service center *a little bit* more convenient, but the potential risks of giving away my location are just far to great for this little bit of convenience. A solution would be to kindly ask for my permission to use my location data and offer a solution for users that deny this permission, or to simply use less accurate location data. Now, what about birthdays? What possible use case could there be for a company to store my birthday? I can think of two things: Reminding me of my own birthday (which is absolutely useless) and verifying my age. For the former use case we only need to send the day of birth but not the year of birth. For the latter use case an approximation with the year of birth is totally sufficient. Now, the year of birth alone is not sufficient, if the company wants to be sure about the age (e.g. UA-cam verifying your age to show appropriate content), so there needs to be some kind of proof for the age. Sony does this by asking for an id card (in Europe at least), which is far to overkill to verify the age. What about all the Google cookies on nearly every website to track your every move? Are they critical for the operation of the services that use them. No, absolutely not! We can remove them and block them easily and the websites still work. Is it critical for the operation of GMail to scan through my e-mails? No, unless I instruct Google to do so, for example to find something in my e-mails, scanning through my e-mails is not critical for GMail to work. Is it critical for the operation of Google Drive to scan through my documents? Similarly, no, unless I instruct Google to do so. Is it critical for Steam to link your account to Origin/Epic just to play games you purchased on a different platform? No, this could have been solved differently, namely in a manner that does not necessitate the exchange of personal data between those platforms. Is it critical for the operation of WhatsApp to send all the chat and contacts metadata to Facebook? No, see Telegram for example. Do the gains of convenience in the above examples far outweigh the losses in privacy? NO, ABSOLUTELY NOT! If you find an example of metadata which is not strictly critical for the operation of a service, but whose gains in convenience far outweigh the losses in privacy, feel free to tell me about it.
What I take away from this is: Don't use any social media! If you don't offer any information about yourself, you can't be identified. Those who use social media are asking for it.
This is why aggregation is so important to anonymization. instead of U1 being a list of points, aggregate it so you only have how many users were at each point at any time.
The solution seems to be to maximize the system fit by using strong fits to eliminate weaker fits from consideration in some hierarchical process - that is to end up with a set of fits that can't be improved on. For this, you need a metric of the strength of fit.
All you really need is to put all location points for a user in a map. In most cases you can assume that the address where the user spends most of the nights are the user's home address. Likewise, if the data shows a daily commute to a business address, followed by a gym, you can assume that is the work address and where they go to work out etc. No equations needed.
That's the biggest factor in most algorithms. They usually immediately sort people into homes and work from there, with drastic misalignments being counted as "moving house" events
Most people in comments are talking about the names not being in alphabetical order. So here are some fun facts: In BOB, ALICE & CARLOS - 2nd alphabet is in Z-A sorting order. - 3rd alphabet is in A-Z sorting order. In ALICE & CARLOS - 4th and 5th alphabets are in A-Z sorting order.
Part of me wonders if it makes sense to get some app or something to poison my location data...when I spend hours at home watching youtube the phone could think that it was touring the other side of the city.
@@repzo5551 in addition, your location is based on your WiFi connection which is usually a small radius, cell tower, and statistics on which Bluetooth devices are nearby. One really needs airplane mode to disappear
Its the choice of people to share their data. Tagging locations, photos and what not. It must be taken by default that if you are not hosting your own encrypted server for all your digital transactions anything you touch is bound to be public. No matter what anyone says. There are backdoors even in the most trusted entities that say they don't use your data.
I don't know anyone who would call this kind of data anonymous. Location data is always Personally Identifiable Information (PII) and treated at the same level as a user's name, SSN, birthday, uploaded data, uploaded data's filename, IP address, etc.
13:40 It's irrelevant if researchers are developing technologies that won't de-anonymize the data, if that data can be de-anonymized it's still a threat.
I just installed Windows 10 on a spare SSD to play Forza 4 with my friends, and boi oh boi they want all my data really bad. I even got a mail welcoming me to Windows 10. If only they knew that I'm not planning to switch.
Could you find the similarity between individuals in the first set, then similarities in the second set and match people that way? The paths of people aren't independent of each other, so there is information to be collected between people.
When he says he only needs four points to identify someone in 95 % of the cases, he refers to four very specific points, right? The points that give away the most useful information. That would in practical terms require the adversary to have access to all the points, in order to be able to choose these four most useful points. I'm curious of what that percentage would look like if it were four random points instead. Wouldn't that be more realistic?
Pretty sure its talking about random points, though some distance apart. Really, if the points are not unique, then it only means that these people walk together
Can you make an a.i that spoofs your location and goes from town to town driving around and making posts on burner social media sites about locations in said town and posting generated photos.
Delete your social media accounts and go back to just sending e-mails, text messages, and making phone calls. If you have to comment on something online, do not use your real name, do not give them any real information about yourself. Use a completely different handle for every website. If you need to provide a name, use a fake one. Have separate e-mail addresses for different things (one for banking things, one for government things, one for medical things, one for work things, one for miscellaneous things, etc.) which never get cross-contaminated. Never give your phone number. Use fake birthdays, addresses, etc. Get over your narcissistic desires for "likes" and "shares". I have been warning people about this for over 20 years now but nobody ever listened. Now people are finally starting to wake up, and it might be too late.
the question is how did they get the data in the first place.. it's not like it is listed on Wikipedia.. that must be kinda breach from someone who tracks you.. for instance, google or apple.
From consenting (or not) to offering up location data - think map-based apps, social media, etc You leave the box ticked when you use the service & therefore a data point exists on location updates, which gets added to the pool. Aside from location, it could include data such as device type, mobile carrier name, device fingerprint, os version etc. this becomes more specific to you, with the more metadata that is captured.
You have your normal computer and then you have the one that's never been near your normal one, never been on the same network, and never had any personal accounts put on it.
well, the number one Orwellian surveillance mechanism is the cell phone, which constantly tracts everywhere you go - you know...where Google ask you to rate some place you've been to even though you never engaged their mapping program. The solution is to get an Android phone model that is supported by the forked-Android, LineageOS project where then unlock the phone and flash the LineageOS-microG image to its ROM (have to get that build - or build it yourself - from the microG project). The microG part of this replaces Google services on the phone such as notification to where anonymously accesses Google's cloud-based notification service. The end result is an Android phone devoid of Google apps and services - i.e., devoid of Google spy/surveillance software. Initially the phone starts out with the F-Droid app store where can download open source Android phone apps; from there one can download, say, Aurora Store, which has an option to be configured to access the Google Play Store as an anonymized user. So with that one can also download Android apps from the Google Play Store. Have to be judicious, of course, as installing any app (or bought property) of Facebook, any Google software - those would totally defeat the purpose of creating an Android privacy-respecting phone. And be judicious as to what permissions any app ask to have (check the communities about the app if unsure). Now there are a number of mapping apps in the Play Store - can do a search for top best mapping apps for Android. A number of these will download map database to where can navigate a route to just requires GPS location - so can easily map and navigate without any cell data service at all; but many of these still offer road condition alerts, speed traps, etc. Can buy a great, brand new phone on ebay for ~ $140, less than $10 for a simm card - pick up an optional sd card - for storing large data like videos; the service am using offers unlimited call and text messaging for $10 a month, and a plan with 5GB data for $25 a month - there are lots out there so is easy to shop and get a non-contract, pay-as-you-go phone service. Anybody that is a computer scientist/programmer in the year 2021 needs to make themselves a privacy phone - be the leaders on this to where we eventually get this to be an option for all phone consumers. (Apple phone users are just out of luck - you're totally at the mercy of Apple.)
Why need a too-complicated algorithm to run the factorial computation? Can you not just download and reference an index of the factorials that someone else already computed?
He wasn't talking about calculating the factorial but the number of combinations that need to be considered. For example, for 3 uses, 6 combinations between two datasets are possible.
@@DanWorrall As a non-Brit, I don't feel at all that the UK's international reputation is down due to Brexit. The overall effects will be clearer in a decade, I guess.
@@DanWorrall I can understand this feeling, but rest assured that the world doesn't care, and just want to trade peacefully with you. Some leaders in the world may say otherwise and be pleased to see you ashamed, but most of the real people just want you happy.
The number of combinations given at 11:00 is wrong. It is N*M, where N is the number of the first set and M the number in the second set. He gives the example of 3, gives the the answer as being 3! or 6 and draws 9 lines. Two sets of 1000 each gives only a million not 1000!. Even in the lines of data, it is not a factorial, but a multiplication of the number of points in the first set against the number of points in the second set.
That’s not true. You’re discussing two different operations. In the second case, there are N! possibilities for matching each user with each location data set. Try drawing out all possible connections between A, B, C and 1, 2, 3 and you will see this clearly.
It's 3!, whatever you think. Let's dive a little about what's going on here first. Let A be 1, you have 2 possible connections for B and C (2 and 3) Ok, we got here 2 possibilities. Next, let A be 2. Now, B and C can be 1 and 3. We can add 2 new possibilities. Then, we do the same for A = 3 and we have: (1, 2, 3) (1, 3, 2) (2, 1, 3) (2, 3, 1) (3, 1, 2) (3, 2, 1) There's 6 permutations possible in this case because there is only 3 cases (A, B and C) so it's 3! = 1 * 2 * 3 = 6. Let's go for A, B, C and D: (1, 2, 3, 4), (1, 2, 4, 3), (1, 3, 2, 4), (1, 3, 4, 2), (1, 4, 2, 3), (1, 4, 3, 2), (2, 1, 3, 4), (2, 1, 4, 3), (2, 3, 1, 4), (2, 3, 4, 1), (2, 4, 1, 3), (2, 4, 3, 1), (3, 1, 2, 4), (3, 1, 4, 2), (3, 2, 1, 4), (3, 2, 4, 1), ... So this case, if we let N be the number of peoples and M be the number of datas. Let's say N = M = 4. As you can see up there, we have 4! = 1 * 2 * 3 * 4 = 24 possibilities. If it was N * M, then explain to me how I have been able to write 16 connections and still have room for more...
@@existenceisillusion6528 it's actually 6 sets of 3 lines, and for 1000 it would be 1000! sets of 1000 lines. The 9 lines just match up every member of set A with every member of set B, which is nothing really to do with the problem at hand
Isn't the real problem here the fact that you're giving away location data on social media? If you didn't give away (voluntarily) the fact that you were at Madison Square Garden watching the NY knicks (or were giving realtime customer reviews at your favourite pizza place), the location data in our database would be useless for reidentification. Lesson - if you value your privacy, stop waiving away that right voluntarily on social media. Stop revealing to the entire world your live locational whereabouts in your posts.
@@iLikeButter35 Unlike social media posts, that cellphone data is non-public and only available to the mobile carriers, not usable except by corrupt mobile phone carriers (/ police, with relevant warrants / corrupt politicians - but corrupt politicians are so 2017). Google Maps OTOH...
"that italian restaraunt had to close because of brexit" Why would a restaraunt have to close because of brexit? If its a restaraunt ran by UK citizens in the UK nothing happened. If its a restaraunt ran by UK citizens in the EU they either closed because they were no longer welcome in the EU, or nothing happened. If its a restaraunt ran by EU citizens in the UK, then they either closed because they were no longer welcome in the UK, or nothing happened. If its a restaraunt ran by EU citizens in the EU, nothing happened. So, ultimately, you need to address your claim that suddenly EU businesses are no longer welcome in the UK, or vice versa, or explain your reasoning, otherwise this is baseless claim that can be dismissed without evidence since it was asserted without evidence.
Look up the effect Brexit has had on the flower industry and maybe you can draw the same conclusions for an Italian restaurant trying to import Italian cooking ingredients/things. I recently heard an economist on Freakonomics cite one such flower shop owner who had to close because all of his flowers where French imports and the new prices were too high to be viable.
Restaurant close because they can't import food in to UK fast, cheap and fresh, simple as that No EU driver would drive there knowing they'll spend week waiting without hefty compensation Something that could be easily done within 8h shift now takes days far away from home So, final products will raise in prices, a lot Happy brexit!
Do you wanna anonymously share your name, address and phone number so we can improve our service?
[yes] [advanced privacy settings]
Also your credit card details
Also page takes ridiculously long to load the advanced page 😂
@@OnlyHerculean and the order of the yes/no buttons keeps changing
@@Yobleck OOF Exactly!
You mean[yes][advanced privacy settings that needs to be set individually for the hundreds of "collaborators" so that you just look at it and decide that it's too much trouble and just accept it]?
"You can trust us"
"All this data is harmless"
Your personal data should be legally treated as your personal property and not some companies private property to be aggregated then monetized or exploited.
Depending on the application requirements; Add some sphere of uncertainty to the data and occasionally lie, while keeping it statistically minimal
@@RazorSkinned86 Trouble is if you're not paying for the product then for sure you are the product.
@@Bone_guy This is true, there are people who wouldn't be able to afford stuff, but it's also a double-edged sword, because you pay anyway, for example by buying more expensive products because they can be better advertised to you.
@@casperes0912 ... I "always" do this when ever possible. How ever I don't really believe it makes any real difference.... For single instance use it might work, but for repetitive use OR against "larger actors" I don't think You can "obscure Yourself" !! I'm quite convinced that "The patterns" will always reveal us in the "longer term".
Should any "large actor" (state or commercial) decide that they wanted to "identify" You, (for what ever reason) I don't think they would find it particularly hard to pinpoint quite exactly Who You are, and Where You are...(unfortunately)
Best regards
PS, My opinions regarding "our lost anonymity" against "larger actors" are on the presumption that You are living in the "industrialised world" or "active online" or own a personal mobile phone ((or using a ""credit card""))
"you need only four data points to identify the user"
It's ok. I only go to three places.
But, even if you only go to one place... if you make four posts saying you went there, that's four data points.
@@laurendoe168 first, that was a joke. Second, as I understood, both data sets must contain 4 data points to have 95% of trust
To be fair, 4 data points in the same location is still 4 data points. So if I stay somewhere, and it captured my location anonymously four times, I think it still can identify me.
@@andrewmat I was aware it was probably a joke, but there are those who do believe this kind of thing. They believe that there are simple means of remaining anonymous. In today's world, this is next to impossible. About the only way to accomplish this is to "go off the grid."
There's also the fact that you're now part of a small set of people that only go to 3 places! 😆
Turns out, your daily commute to work is unique. While I was working at at a Major Company, they were aware of these details, and were working hard to make sure that a) the data they had was individually untrustworthy (i.e. your mobile would lie about its location at a rate to enough to help mask your true location and speed details), which is fine, because in the aggregate data, these lies are noise that can be accounted for, but not filtered out, b) they try and only ever give out aggregated data, out of the company, and even inside the company, this way you cannot link say a path of locations to a single user, and c) they make sure that when releasing additional aggregated data, they don’t create an interference pattern that can then be used to filter out individuals in the aggregated data.
I mean, none of these systems are perfect, it’s kind of impossible, but they were working really hard, and had a ton of smart people working on how to prevent information leakage revealing personal info.
BTW, this post accidentally brought to you by: pseudoanonymization really doesn’t work, because information leakage makes it very easy to figure out who I worked for.
You stepped up the animation level for this one! They look amazing
With location data it is very difficult to be anonymous: The common night location will be the home address and the common day location will be the work/school/etc. address (or opposite in a few cases).
And even worse now with the lock down
I decided a long time ago that basically anything you do online you should consider it like you're doing it in public
problem is that with phones.. we're effectively doing *everything* online.
@@platinummyrr And when you talk on the phone, talk like the other person has their phone on speaker and are in a public shopping center
@@veggiet2009 I don't subscribe to this hyper paranoid idea that you always have to act like the NSA is investing millions of dollars into tracking you down, that's not how it works at all, unless you are some sort of hitman or drug lord, or someone like edward snoden then maybe.
Script correction: "...and we assume that Carlos is U2. Let's presume that *we still haven't found what we're looking for*. ..."
I sometimes wonder why some people believe that "this data is anonymous, you can trust us with it, it's just meta data" and don't just realize that companies wouldn't be after all this data, if they wouldn't get anything out of it (like accurate profiles for targeted ads).
But there also exist use cases where anonymous location data is a necessary information for the company to be able to provide acceptable service to the customer. Think, " service centre near me."
Also, it is not necessary that every firm asking for anonymous geo data (for strictly essential, non nefarious purposes) will keep on storing that data forever with them, or is it?
@@m77dfk No, I see no reasons (except those of monetary nature), why a company needs any of my personal data not strictly necessary to provide the service. For example, any company that provides me with the information "nearest service center" doesn't need to know my location, it just needs to show me a map with markers where I can look for the nearest service center myself. No company "needs" ALL my e-mail addresses, my message history, my location history, my interaction data, or my other social media account names. One e-mail should be absolutely sufficient. But even worse is the claim that they "need" this data to improve their services... looking at UA-cam which gets worse every single year... looking at Google which gets more ad-infested every single year. The only app on my smartphone that I have noticed to be improving over time is, coincidently, one of the apps not asking for any data and instead relying on reviews from users.
This implies anonymous data is useless which just isn't true
@@WaluigiisthekingASmith I don't see where you are pulling this implication from. I clearly state that anonymous data is useless, *unless* it is critical for the operation of the service. Moreover, I also see anonymous data as useful, if the resulting gains in convenience far outweigh the losses in privacy.
Let's look at the geolocation data and the "nearest service center" example again. Unless I am located deep in the woods without obvious landmarks to help me pinpoint my exact location myself, sending my location data just is not critical for the service to work, because giving me a navigatable map is absolutely sufficient. Now, sending the location data makes finding the nearest service center *a little bit* more convenient, but the potential risks of giving away my location are just far to great for this little bit of convenience. A solution would be to kindly ask for my permission to use my location data and offer a solution for users that deny this permission, or to simply use less accurate location data.
Now, what about birthdays? What possible use case could there be for a company to store my birthday? I can think of two things: Reminding me of my own birthday (which is absolutely useless) and verifying my age. For the former use case we only need to send the day of birth but not the year of birth. For the latter use case an approximation with the year of birth is totally sufficient. Now, the year of birth alone is not sufficient, if the company wants to be sure about the age (e.g. UA-cam verifying your age to show appropriate content), so there needs to be some kind of proof for the age. Sony does this by asking for an id card (in Europe at least), which is far to overkill to verify the age.
What about all the Google cookies on nearly every website to track your every move? Are they critical for the operation of the services that use them. No, absolutely not! We can remove them and block them easily and the websites still work. Is it critical for the operation of GMail to scan through my e-mails? No, unless I instruct Google to do so, for example to find something in my e-mails, scanning through my e-mails is not critical for GMail to work. Is it critical for the operation of Google Drive to scan through my documents? Similarly, no, unless I instruct Google to do so. Is it critical for Steam to link your account to Origin/Epic just to play games you purchased on a different platform? No, this could have been solved differently, namely in a manner that does not necessitate the exchange of personal data between those platforms. Is it critical for the operation of WhatsApp to send all the chat and contacts metadata to Facebook? No, see Telegram for example.
Do the gains of convenience in the above examples far outweigh the losses in privacy? NO, ABSOLUTELY NOT! If you find an example of metadata which is not strictly critical for the operation of a service, but whose gains in convenience far outweigh the losses in privacy, feel free to tell me about it.
I agree with the title. You're never truly anonymous online and even offline, and thats kinda sucky ngl.
People don't understand that everywhere you go online is like leaving your house screaming the whole time with a blood trail behind you
@@i-never-look-at-replies-lol D: but muh VPN :p
@@i-never-look-at-replies-lol A bit exaggerated (idk how u spell that so correct me if im wrong) but its true
That's a myth, while companies make an effort to collect your data, one educated enough can absolutely make themselves anonymous.
WhatsApp regularly uploading our phone contacts makes this a lot easier for Facebook.
I was on social media and never give my date of birth, recently I logged in and they said "we've adjusted your date of birth" I was like EH!
1.1.1971?
@@ricecake1228 isn't it 1970?
They saw you were in group where everybody acts like boomer so they figured you are boomer 💀
Super interesting. Thank you for the in-depth, yet very clear explanation
with anonymous location you find my home and my place of work quite easily and you basically got me
The killer robots will find you.
They don't even need to resort to all that work because device-fingerprinting is much faster and easier. Check the EFF site Panopticlick.
And if you also got some facebook data where people annotate where they are with timestamps. Things are getting even easier
What I take away from this is: Don't use any social media! If you don't offer any information about yourself, you can't be identified. Those who use social media are asking for it.
This is why aggregation is so important to anonymization. instead of U1 being a list of points, aggregate it so you only have how many users were at each point at any time.
Ciao Andrea! Thanks for sharing your knowledge. Grazie !!!
Maaaaan ho realizzato che eri italiano dall'accento dopo 40 secondi di video! Figata, iniziato da poco a studiare per diventare informatico anche io!
The solution seems to be to maximize the system fit by using strong fits to eliminate weaker fits from consideration in some hierarchical process - that is to end up with a set of fits that can't be improved on. For this, you need a metric of the strength of fit.
Nice one and I was expected you put the NY article link on the description
All you really need is to put all location points for a user in a map. In most cases you can assume that the address where the user spends most of the nights are the user's home address. Likewise, if the data shows a daily commute to a business address, followed by a gym, you can assume that is the work address and where they go to work out etc. No equations needed.
That's the biggest factor in most algorithms. They usually immediately sort people into homes and work from there, with drastic misalignments being counted as "moving house" events
Please give us detailed information about every aspect of yourself and what you do. Don't worry it's totally anonymous.
he didn't write the names in alphabetical order!!
OCD located
Alice is angry now
That's because Bob signed up before Alice. :P
He put a guy first, the raving misogynist!
**triggered**
@@mikedoe1737 Did you just assume Bob's gender? How dare you‽
Most people in comments are talking about the names not being in alphabetical order. So here are some fun facts:
In
BOB,
ALICE &
CARLOS
- 2nd alphabet is in Z-A sorting order.
- 3rd alphabet is in A-Z sorting order.
In
ALICE &
CARLOS
- 4th and 5th alphabets are in A-Z sorting order.
2nd letters*
Part of me wonders if it makes sense to get some app or something to poison my location data...when I spend hours at home watching youtube the phone could think that it was touring the other side of the city.
You could just turn off Location and only turn it on when you really need it.
@@theterriblepuddle1830 Can you elaborate ?
@@theterriblepuddle1830 Why one cannot "really" turn off location, like even if the location services are off ?
you still have the id of the radio tower you are currently connected to, i.e.
@@repzo5551 in addition, your location is based on your WiFi connection which is usually a small radius, cell tower, and statistics on which Bluetooth devices are nearby. One really needs airplane mode to disappear
I would like to see the follow-up video about how cryptographers are tackling this problem :)
Its the choice of people to share their data. Tagging locations, photos and what not. It must be taken by default that if you are not hosting your own encrypted server for all your digital transactions anything you touch is bound to be public. No matter what anyone says. There are backdoors even in the most trusted entities that say they don't use your data.
Great video! Really well explained.
We are all such special unique individuals, that's why we are so trackable.
I don't know anyone who would call this kind of data anonymous. Location data is always Personally Identifiable Information (PII) and treated at the same level as a user's name, SSN, birthday, uploaded data, uploaded data's filename, IP address, etc.
awaiting the video
grande Gado! Excellent explanation!
Sauron still watching You all.
Thanks for the great video. Very interesting topic
13:40 It's irrelevant if researchers are developing technologies that won't de-anonymize the data, if that data can be de-anonymized it's still a threat.
I just installed Windows 10 on a spare SSD to play Forza 4 with my friends, and boi oh boi they want all my data really bad. I even got a mail welcoming me to Windows 10. If only they knew that I'm not planning to switch.
Let make sure to add a unbloat + anti-spyware bot into BIOS, instead.
Windows debloater is necessary for all Windows installations
Could you find the similarity between individuals in the first set, then similarities in the second set and match people that way? The paths of people aren't independent of each other, so there is information to be collected between people.
Where’s the computer paper ??
Learn to leave you phone at home for starters.
I like what the Librem V does with the privacy hardware switches (although that phone still has a long way to go to replace Android or iOS)
Whats the point of phone then?
Anyone else weirded out that he keeps writing Alice second? It's the ABCs, Alice, Bob, Carlos ... etc. Does he also count like that? 2, 1, 3, ... lol
True computer scientists start at 0.
next time: k-anonymity
Was going to comment the same :-)
10:50 isn't it just n² though? Even in your example of 3 there are 9 lines instead of 6.
I think the n! figure is just for the 'matching' step. The drawing illustrates the 'similarity score' step.
OH YOU TEASE ...THAT ENDING... PLEASE DO THAT FOLLOW UP
When he says he only needs four points to identify someone in 95 % of the cases, he refers to four very specific points, right? The points that give away the most useful information. That would in practical terms require the adversary to have access to all the points, in order to be able to choose these four most useful points. I'm curious of what that percentage would look like if it were four random points instead. Wouldn't that be more realistic?
Pretty sure its talking about random points, though some distance apart. Really, if the points are not unique, then it only means that these people walk together
Can you make an a.i that spoofs your location and goes from town to town driving around and making posts on burner social media sites about locations in said town and posting generated photos.
U could probably make a bot pretty easily
Delete your social media accounts and go back to just sending e-mails, text messages, and making phone calls. If you have to comment on something online, do not use your real name, do not give them any real information about yourself. Use a completely different handle for every website. If you need to provide a name, use a fake one. Have separate e-mail addresses for different things (one for banking things, one for government things, one for medical things, one for work things, one for miscellaneous things, etc.) which never get cross-contaminated. Never give your phone number. Use fake birthdays, addresses, etc. Get over your narcissistic desires for "likes" and "shares". I have been warning people about this for over 20 years now but nobody ever listened. Now people are finally starting to wake up, and it might be too late.
the question is how did they get the data in the first place.. it's not like it is listed on Wikipedia.. that must be kinda breach from someone who tracks you.. for instance, google or apple.
From consenting (or not) to offering up location data - think map-based apps, social media, etc
You leave the box ticked when you use the service & therefore a data point exists on location updates, which gets added to the pool.
Aside from location, it could include data such as device type, mobile carrier name, device fingerprint, os version etc. this becomes more specific to you, with the more metadata that is captured.
@@everyhandletaken i am not asking where they are collected I mean.. how do 3rd parties get those data
@@marcello4258 selling the data or having it leaked, most likely
@@everyhandletaken yea.. what i thought.. unfortunately
I always thought Bono was U2, who is this Carlos person?
It wasn’t just me then, I’m glad.
Lesson: Dont post your position
You have your normal computer and then you have the one that's never been near your normal one, never been on the same network, and never had any personal accounts put on it.
Lesson: Don't post - period. No Facebook, no WhatsApp, no Twitter, no Flickr, no Instagram, no nothing.
@@laurendoe168 no youtube?
@@maxmusterman3371 Yes, even no UA-cam. :D
WOOW why this dude sounds sooo Italian...
Oh... beh, rispetto
It works for button presses too... Or any interaction... Unless you're me!
Why I like Tails OS.
Is the word "unicity"?
Thanks for explaining.
Be funny to try use this to catch politicians not following lockdown orders haha
well, the number one Orwellian surveillance mechanism is the cell phone, which constantly tracts everywhere you go - you know...where Google ask you to rate some place you've been to even though you never engaged their mapping program. The solution is to get an Android phone model that is supported by the forked-Android, LineageOS project where then unlock the phone and flash the LineageOS-microG image to its ROM (have to get that build - or build it yourself - from the microG project). The microG part of this replaces Google services on the phone such as notification to where anonymously accesses Google's cloud-based notification service. The end result is an Android phone devoid of Google apps and services - i.e., devoid of Google spy/surveillance software. Initially the phone starts out with the F-Droid app store where can download open source Android phone apps; from there one can download, say, Aurora Store, which has an option to be configured to access the Google Play Store as an anonymized user. So with that one can also download Android apps from the Google Play Store. Have to be judicious, of course, as installing any app (or bought property) of Facebook, any Google software - those would totally defeat the purpose of creating an Android privacy-respecting phone. And be judicious as to what permissions any app ask to have (check the communities about the app if unsure). Now there are a number of mapping apps in the Play Store - can do a search for top best mapping apps for Android. A number of these will download map database to where can navigate a route to just requires GPS location - so can easily map and navigate without any cell data service at all; but many of these still offer road condition alerts, speed traps, etc. Can buy a great, brand new phone on ebay for ~ $140, less than $10 for a simm card - pick up an optional sd card - for storing large data like videos; the service am using offers unlimited call and text messaging for $10 a month, and a plan with 5GB data for $25 a month - there are lots out there so is easy to shop and get a non-contract, pay-as-you-go phone service. Anybody that is a computer scientist/programmer in the year 2021 needs to make themselves a privacy phone - be the leaders on this to where we eventually get this to be an option for all phone consumers. (Apple phone users are just out of luck - you're totally at the mercy of Apple.)
I guess for many people the similarity score for 2020 to previous years is lower than e.g. 2019 to previous years, with all the pandemic changes.
Can this cause lawsuits?
And if you use a strong password, they use the North Korean algorithm.
There’s a Hungarian algorithm? 🤔
s.q.l attacks are a problem for this tips of data base stuff.
Not very applicable to the seasonal lockdowns trend in my area.
interesting!
Why need a too-complicated algorithm to run the factorial computation? Can you not just download and reference an index of the factorials that someone else already computed?
He wasn't talking about calculating the factorial but the number of combinations that need to be considered. For example, for 3 uses, 6 combinations between two datasets are possible.
@@abhijeetviswa Got it. I think. Thanks!
When you don't write the names in alphabetical order
Italiano?
let me guess, another Israeli unit 8200 veteran?
Exactly what a french spy WOULD say!
...can I score a fry?
9:18 Italian restaurants don't close because of Brexit, they close because of lockdowns.
Yep! I loled at that level of ridiculousness. Assuming it wasn't just him misspeaking, no one should listen to him for accurate political opinions.
Brexit is only killing manufacturing, fishing, the music industry, the city of London, our international reputation, etc. etc.
@@DanWorrall As a non-Brit, I don't feel at all that the UK's international reputation is down due to Brexit. The overall effects will be clearer in a decade, I guess.
@@R_V_ I do. I'm ashamed to be British.
@@DanWorrall I can understand this feeling, but rest assured that the world doesn't care, and just want to trade peacefully with you. Some leaders in the world may say otherwise and be pleased to see you ashamed, but most of the real people just want you happy.
The number of combinations given at 11:00 is wrong. It is N*M, where N is the number of the first set and M the number in the second set. He gives the example of 3, gives the the answer as being 3! or 6 and draws 9 lines.
Two sets of 1000 each gives only a million not 1000!.
Even in the lines of data, it is not a factorial, but a multiplication of the number of points in the first set against the number of points in the second set.
Ok, I’m not crazy. Thanks!
That’s not true. You’re discussing two different operations. In the second case, there are N! possibilities for matching each user with each location data set.
Try drawing out all possible connections between A, B, C and 1, 2, 3 and you will see this clearly.
It's 3!, whatever you think. Let's dive a little about what's going on here first.
Let A be 1, you have 2 possible connections for B and C (2 and 3)
Ok, we got here 2 possibilities.
Next, let A be 2. Now, B and C can be 1 and 3.
We can add 2 new possibilities.
Then, we do the same for A = 3 and we have:
(1, 2, 3)
(1, 3, 2)
(2, 1, 3)
(2, 3, 1)
(3, 1, 2)
(3, 2, 1)
There's 6 permutations possible in this case because there is only 3 cases (A, B and C) so it's 3! = 1 * 2 * 3 = 6.
Let's go for A, B, C and D:
(1, 2, 3, 4), (1, 2, 4, 3), (1, 3, 2, 4), (1, 3, 4, 2), (1, 4, 2, 3), (1, 4, 3, 2), (2, 1, 3, 4), (2, 1, 4, 3), (2, 3, 1, 4), (2, 3, 4, 1), (2, 4, 1, 3), (2, 4, 3, 1), (3, 1, 2, 4), (3, 1, 4, 2), (3, 2, 1, 4), (3, 2, 4, 1), ...
So this case, if we let N be the number of peoples and M be the number of datas. Let's say N = M = 4. As you can see up there, we have 4! = 1 * 2 * 3 * 4 = 24 possibilities. If it was N * M, then explain to me how I have been able to write 16 connections and still have room for more...
@@existenceisillusion6528 it's actually 6 sets of 3 lines, and for 1000 it would be 1000! sets of 1000 lines. The 9 lines just match up every member of set A with every member of set B, which is nothing really to do with the problem at hand
All your base are belong to us
You have really said nothing!!! You made a couple guesses is all, but ZERO algorithms or proof
Madison Square Garden is not at that location.
Please redo this video and write the names in alphabetical order :)
Why?...
It's nice to see smart Italians abroad doing what our home country doesn't; allows to do. Good luck, hope Brexit will not give you too much problems.
Italy doesn't allow data research?
What are you talking about ???
Isn't the real problem here the fact that you're giving away location data on social media? If you didn't give away (voluntarily) the fact that you were at Madison Square Garden watching the NY knicks (or were giving realtime customer reviews at your favourite pizza place), the location data in our database would be useless for reidentification.
Lesson - if you value your privacy, stop waiving away that right voluntarily on social media. Stop revealing to the entire world your live locational whereabouts in your posts.
cell phones ping towers every hour with time stamp and signal strength, mobile carriers already have that information.
@@iLikeButter35 Unlike social media posts, that cellphone data is non-public and only available to the mobile carriers, not usable except by corrupt mobile phone carriers (/ police, with relevant warrants / corrupt politicians - but corrupt politicians are so 2017).
Google Maps OTOH...
"that italian restaraunt had to close because of brexit"
Why would a restaraunt have to close because of brexit?
If its a restaraunt ran by UK citizens in the UK nothing happened.
If its a restaraunt ran by UK citizens in the EU they either closed because they were no longer welcome in the EU, or nothing happened.
If its a restaraunt ran by EU citizens in the UK, then they either closed because they were no longer welcome in the UK, or nothing happened.
If its a restaraunt ran by EU citizens in the EU, nothing happened.
So, ultimately, you need to address your claim that suddenly EU businesses are no longer welcome in the UK, or vice versa, or explain your reasoning, otherwise this is baseless claim that can be dismissed without evidence since it was asserted without evidence.
Look up the effect Brexit has had on the flower industry and maybe you can draw the same conclusions for an Italian restaurant trying to import Italian cooking ingredients/things. I recently heard an economist on Freakonomics cite one such flower shop owner who had to close because all of his flowers where French imports and the new prices were too high to be viable.
Hope you're joking on this one
Restaurant close because they can't import food in to UK fast, cheap and fresh, simple as that
No EU driver would drive there knowing they'll spend week waiting without hefty compensation
Something that could be easily done within 8h shift now takes days far away from home
So, final products will raise in prices, a lot
Happy brexit!