Twelve Million Phones, One Dataset, Zero Privacy

Twelve Million Phones, One Dataset, Zero Privacy is part one of One nation, tracked, an New York Times investigation series.

Twelve Million Phones, One Dataset, Zero Privacy

is part one of One nation, tracked, an New York Times investigation series of smart phone information tracking and by Stuart A. Thompson and Charlie Warzel, within their privacy project. The research covers multiple topics, only starting out with an analysis of the potential contained in smartphone tracking information.

What we learned from the spy in your pocket.

Twelve Million Phones, One Dataset, Zero Privacy

The authors analyse a large dataset of location information from New York and Washington, DC, cell phone users. With the analysis, the article debunks myths about data privacy. The key takeaway of the analysis, to my interpretation are:

Twelve Million Phones - One Mobile Phone User in Munich
Mobile Phone User – Munich
  1. Data is not anonymous – the authors successfully identified a Senior Defense Department official and his wife. And this was possible during the Women’s March. According to authors, nearly half a million descended on the capital for this event. (Other sources only mention one hundred thousand attendants)
  2. Data is not safe – the authors point out complex relationships of companies in the tracking business. Complexity makes it impossible to ensure ownership. There is no foolproof way for anyone or anywhere in the chain to prevent data from falling into the hands of a foreign security service.
  3. Affected persons cannot consent – the authors criticism seems reasonable. Virtually all companies involved with tracking require user consent. And even cell phones make the geo-tracking feature visible to users. Only barely anyone in the business makes purpose transparent. In other words, no company prominently announce how they package and sell data or insight.

One Nation, Tracked

The article is a creepy read, but worth the time spending. The series One Nation, Tracked continues with 6 other parts:

  1. discussing how to Protect Yourself
  2. National Security, which is for the the US in the article.
  3. details on How it works
  4. individual spying in One Neighborhood
  5. Protests is about how this business betrays democracy
  6. And offers Solutions through privacy rights.

Source: Opinion | Twelve Million Phones, One Dataset, Zero Privacy – The New York Times

Security Nightmares beim 36C3

Security Nightmares – Frank und Ron beim 36C3 in Leipzig

Wie jedes Jahr , jedenfalls seit 1999 während des 19C3 in Berlin, haben Frank und Ron auch dieses Jahr wieder Ihren Vortrag Security Nightmares beim 36C3 zu Sicherheitsbezogenen Vor- und Rückschauen gehalten.

Frank und Ron zu Security Nightmares 0x14 auf dem #36c3
Security Nightmares 0x14

In einer Rückschau auf diesen ersten Vortrag “vor zwanzig Jahren” blicken die beiden auf die Vorhersagen von Damals und die Ereignisse der letzte Jahre zurück und fassen den ganzen Zeitraum der beiden Jahrzehnte damit zusammen, ob man Makros erlauben möchte. Makros waren schon 1999 (Melissa, I love you) wie heute (Emotet) einer der wichtigsten Angriffsvektoren für Malware. Der folgende Rückblick auf die letzten zehn Jahre alleine fällt etwas technischer aus. Trotzdem ruft der Teil einige schöne Ereignisse noch einmal ins Gedächtnis. Darunter z.B. den Aufschrei Deutschlands gegen Streetview, die Debatte um intelligente Stromzähler oder die elektronische Gesundheitskarte. Themen, die auch bis heute nicht vollkommen abgeschlossen sind.

Ein “Internet-Normalitätsupdate” setzt jüngere und auch noch laufende Angriffe mit bekannten Zahlen in Perspektive.

Darüber hinaus setzt der Vortrag sich mit Rückschauen in den Themenfeldern E-Gov, Datenreichtum und Crypto (SPD Mitgliederbefragung!), Geschäftsfelder, Crypto, Sport und Bemerkenswertem auseinander, bevor sich Frank und Ron den Stichworten für 2020 widmen. Wenig technisch wagen die beiden eine Prognose zu Berufsfeldern, die die Cyber-Situation hervorbringen könnte. Das reicht von der Cyber-Nachsorge für das Seelenheil Betroffener, über die Cyberfantasy-Geschichtenschamanen, die magiehafte Technologie nachvollziehbar erzählen können, bis zu Verzerrungs-Sucher und IPv6 Exorzisten

Wie jedes Jahr ein interessanter und unterhaltsamer Vortrag. Auch wenn ich die Lesung nicht selbst hören habe können, lohnt sich die Aufzeichnung auf nachzusehen.

(ISC)2 mailed me

Dear Andreas,

You have satisfied your Annual Maintenance Fee (AMF) and Continuing Professional Education (CPE) requirements for your CCSP.

Your CCSP certification has been renewed to a new three-year cycle!

Happy to be certified again!

Hello twenties.

Hello twenties.


Social media is a mistake: Let me start the new decade in the Photo category with a video. In the past year I challenged myself and take a picture every day. The project was inspired by an old, fellow student. It sounded easy in first place, turned into a challenge soon and I use to self-reflect upon achievements and new experiences. Taking a photo of something new every day will make you start think about what you did. Sometimes, after a long day in office, it requires plenty of discipline to pay attention to your schedule and environment.


To measure the result, when starting, I decided to go for Instagram. Get Likes has never been the goal. The level of interaction with the platform and exposure to the crowd I got there gave plenty of insight into how the crowd works. But the service never convinced for many reasons. As stated elsewhere, the experience just re-affirmed my feeling that social media is a mistake.

The medium is driven by vein and pride, just as Scott Galloway put it, the seven deadly sins. These are not good guidance in first place. And they are by no means compatible with the goals of the project, even though it generated plenty of attention and positive feedback.


And finally, the company owning Instagram, Facebook, requires to accept a license through their Terms of Service to grant to them a non-exclusive, transferable, sub-licensable, worldwide license to host, use, distribute, modify, run, copy, publicly perform or display, translate, and create derivative works of your content (consistent with your privacy and application settings) for purposes of making the Instagram Service available. While comprehensible the service needs authority over content to offer the service, these purposes are too broad for what I want to achieve. Instagram is driven by users registered and wouldn’t allow the audience I have in mind to consume the photos without registering. Just try scrolling through the page, it will require registration quickly.


You can end this license anytime by deleting your content or account. Following the Terms of Service, this is the only way to not grant these. And while Instagram offers means to download all content, this still ain’t too easy: all the content over there has meta information, like comments and or locations, that are not straight forward to transfer. Which brings me to one of next years resolutions: not only continue my own project here – to take a photo every day as an act of self-reflection. But also to migrate existing content from Instagram over here.

Hello twenties: Instagram Err(or?)
Instagram Error

And the same is true for other social media. For example, LinkedIn does also leverage such mechanisms. While the above is only an example, I try to put more attention to these models. And this page shall serve as a basis to replace others in the .

Social media is a mistake. Take back the web and decentralise the next decade.

A new decade

31. December 2019 marks the end of a decade. Time to reflect upon the past years but also to look forward and think about exciting developments.

31. December 2019


A lot happened. Many things changed. Ten years ago, I was not married, I did not have kids. I grew up to become a responsible father and husband. And I took on areas of responsibilities I never thought of, both privately and professionally.

Today, 31. December 2019, marks the end of a decade, before a new decade begins. It doesn’t feel like it, even when the past years will be remembered as the 10s. And we’re entering the twenties now.

At the beginning of the decade, I only earned my MBA. Back then, I worked for one of the most amazing companies I could imagine up till today. At that company, I was given an assignment, not only abroad but on a different continent. After having traveled Europe and the entire Middle East in the years before, I had an opportunity to visit all countries South East Asia from Singapore in this decade.

During that time, cloud computing did merely exist, it was a newly coined term. And people were excited by what Apple shaped in form of the iPhone. Social Media was still new and innocent, people were excited by the opportunity to exchange with friends, family but also to meet total strangers on the Internet.

Feuerwerk 2009

Since then, I did not only have the opportunity to take on responsibility for one of the most popular smart lighting products, also did I have the opportunity to transition to a role I wanted to grow into.

In this role today I work for one of the largest European software vendor, proudly contributing to a product in the hottest Enterprise Software space.

A new decade

I had the opportunity to see it all grow and develop, into technology that shapes both society and business. And I had an opportunity to exchange ideas in that space with the brightest minds in the industry. And to build a network of friends and colleagues that are among the best and most motivated.

We’ll see more development in technology and society. Social media has seen it’s peak. Consumers are sceptical of being tracked. Big Data, Machine Learning and Artificial Intelligence are exciting technologies. Society will benefit from these, but it will require policy and products that use them right. Awareness for the correct use of technology will increase and sustainability will become more important.

31. December 2019 does mark the end of a decade. It does not mark the end of anything else. It’s a random day that marks a rather arbitrary ten years timeframe. I’m thankful for the past decade and excited for the next.

11 Last-Minute-Geschenke

Für alle, für die Weihnachten wieder einmal überraschend kam, die ein Leben on the Edge führen wollen, oder einfach von der Innenstadt in dem Zustand überfordert sind, hat der Postillon eine praktische Hilfestellung: 11 Geschenkideen für den Vormittag des 24. Dezember.


Man kennt das ja. Da glaubt man, man hätte alle Weihnachtsgeschenke beisammen, da fällt einem im letzten Moment auf, dass man Tante Hildegard, Cousin Kevin oder den Ehepartner völlig vergessen hat. Doch verzagen Sie nicht! Der Postillon hat 11 Geschenkideen gesammelt, die Ihnen den Arsch retten, sofern Ihnen nicht 12 Geschenke fehlen:

Der Postillion

Source: Der Postillon: 11 Last-Minute-Geschenke, die Sie jetzt noch schnell improvisieren können

In memoriam of Chuck Peddle

In memoriam of Chuck Peddle: His processor device powered the C64, the Apple I, the Atari 2600 and the tamagotchi. These products changed a generation.

MOS 6502 - In memoriam of Chuck Peddle
650x Processor

In memoriam of Chuck Peddle: Many of us will have started with a C64, that was powered by the 6502 Processor. The device became the most popular home computer, mainly because it was self contained: at the same time it hat all functionality a computer needed, and was still simple enough for everyone to understand.

In it’s popularity, the same 6502 Processor that was sold between 12.5 – 17 million times in shape of a C64 (according to during it’s lifetime was also used in many other devices, including the Apple I, the similarly popular Atari 2600 gaming console, or much later, the Tamagotchi digital pet.

The processor contributed to the transformation of a a whole generation with these devices and became so popular, that even today, creative computer users leverages these devices to produce ‘demos’, that rely on this processor. Until today, in particular the demoscene still produces for computers with this processor, most noteworthy the C64. (again).

In other noteworthy sources, the 6502 has been completely simulated, and among others is available as a visual representation. Visual 6502 allows you to watch and see all of the devices internals, while they are working. The website gives you javascript visual insight into microchip operations, the possibility to play around, stop and step through individual instructions. If you are into this, it gives you the opportunity to understand computing from ground up, without having to tinker with electronics, in your browser.

One of two chip designers, Charles ‘Chuck’ Peddle reportedly passed away this week. Thank you for the great work and rest in peace.

Source: Chuck Peddle 6502 In Memoriam via Slashdot.

Netflix (Security) on Youtube

Netflix (Security) on Youtube: Netflix Security runs a YouTube Channel! As opposed to the company channel, it does not only broadcast previews! This is a great subscription for security practiconers!

Via Stephanie Olsen (on LinkedIn).

Kampf gegen Facebook: Rückenwind für Schrems vor EuGH

Schon seit den Snowden Leaks setzt Max Schrems sich gegen Facebook und für Datenschutz in Europa ein. Noch am 19.12.2019 hat das EuGH in seinem Sinn entschieden, schreibt der Österreichische Rundfunk:

Am Donnerstag errang er [Max Schrems] einen Etappenerfolg: Der Generalanwalt des Europäischen Gerichtshofs (EuGH) empfahl dem Gericht, bei einigen Grundsatzfragen zum Datenaustausch zwischen den USA und EU in Schrems’ Sinne zu entscheiden.

Source: Kampf gegen Facebook: Rückenwind für Schrems vor EuGH –

Quitting Google

Nithin Coca of The Next Web went on a quest to quitting Google. In this article, he describes his experience and gives plenty of pointers on how to achieve the same. He start out making a point about individual privacy, and points out individual alternatives to popular Google services. Starting from using Firefox over Chrome to particular services for daily office use. At the end of the year, this little “Quitting Google” guide contains little news, but serves as a good starting point to maybe develop a new years resolution and be more sensitive about privacy in the upcoming year 2020.

Nithin Coca of The Next Web
Nithin Coca of The Next Web

Over the past six months, I have gone on a surprisingly tough, time-intensive, and enlightening quest — to quit using, entirely, the products of just one company — Google. What should be a simple task was, in reality, many hours of research and testing. But I did it. Today, I am Google-free, part of the […]

Source: How I fully quit Google (and you can, too)