Yep a burner phone would be best when visiting certain countries. Years ago at a party in the Westminster area where you would expect to find the odd civil servant I was talking to a bloke for a while. I was talking to him because he was a bit more interesting than anyone else I'd met so far. He was working he said for the FCO and couldn't go into more detail about his role because of the Official Secrets Act. He did say his job just involved doing a lot of things you'd find in a non governmental office. I was trying to tease things out of him but he wasn't budging and he flatly denied being in the "Executive Branch". Anyway after a few more drinks I did get out of him a story about where someone had 'lost' their government issue BlackBerry. This was in an unnamed foreign country and had happened at the airport after landing. The strong suggestion was that the local security service had purloined the device. There had been another almost identical situation before and the FCO were now wise to this. If you flew into that country your BlackBerry was a new issue and therefore wouldn't have anything classified on it or I think be provisioned to access anything yet. There were also rules/guidelines for security in that country that were enhanced compared to the normal rules applied elsewhere.
World Cup apps pose a data security and privacy nightmare
With mandated spyware downloads to tens of thousands of surveillance cameras equipped with facial-recognition technology, the World Cup in Qatar next month is looking more like a data security and privacy nightmare than a celebration of the beautiful game. Football fans and others visiting Qatar must download two apps: Ehteraz …
COMMENTS
-
-
Friday 11th November 2022 20:40 GMT Eclectic Man
Nokia rules!
My dad's phone is an old Nokia, and totally un-smart, no apps, no touch screen, not even colour. So I'm curious as to what the rules state for someone who does not carry a smartphone. (My dad is not going as he is in his 90's now and a bit unsteady on his feet, so all academic to him.)
-
-
-
Saturday 12th November 2022 09:53 GMT jmch
Re: App Stores
"money trumps rights & decency most times for big corporations ..."
Also for FIFA, which explains why Qatar were awarded this world cup, and Russia the previous one. And since money is the only language they understand, it will only change by large numbers of fans not attending, not watching games on TV, not buying merchandise, boycotting world cup sponsors.
The last few years I've gradually lost interest in a game where players are disconnected from fans, insane money flows for seemingly no reason, and the level of football on offer is, excepting very rare moments, not so exciting.
I used to watch world cups religiously, including at insane hours for the ones in US and Brazil. I won't miss this one
-
-
Monday 14th November 2022 08:59 GMT Fred Daggy
Re: App Stores
Just wait until you watch Test Cricket (unless it's a greentop pitch)!
Tension and interest doesn't come just from scoring. No sport is interesting when the scores are lopsided and unless there is a "personal interest story", there won't be. Conversely, it's easy to manufacture tension when the scores are close - even between the two worst teams in the competition.
Icon, because SWMBO will never join me at the cricket and I get a chance to enjoy one or two in moderation. (Cell phones have put an end to any chance of peace and tranquility though)
-
-
-
-
Friday 11th November 2022 21:09 GMT VoiceOfTruth
I would like to see the not-so-subtle racism in this article applied elsewhere
Actually I would not, but fair is fair. Naughty Qatar. But the UK does just as badly
-> Authoritarian regimes are keen to track who you meet in country, and who you know.
As though there is one country in the world which does not.
-
Saturday 12th November 2022 12:04 GMT SCP
Re: I would like to see the not-so-subtle racism in this article applied elsewhere
I seem to recall there was quite a bit said when UK police tried (or did) use Covid tracking app information, so I am not sure that there is totally one-side treatment of nations on this sort of topic. Indeed one of the regular topics on The Register is security and numerous states, companies, and general user "stupidity" have been called out.
In this case Qatar is insisting on use of applications which have a security implication for users; it is a relevant news story, and if the same situation regarding apps had arisen with the World Cup being held in the US I am confident The Register would have covered it equally as well without fear or favour - it is not as though the TSA gets a free pass on this site.
-
Sunday 13th November 2022 04:54 GMT that one in the corner
You keep using that word, I do not think it means what you think it does
Racism?
I just re-read the article and didn't spot a single reference to any characteristic of any individual at all. Did you perhaps misread "Qatar snoops" as "Qatari snoops"?
No, wait, spotted it: you think that "regime" is an ethnicity and all the members of that group are being labelled as authoritarian!
-
Monday 21st November 2022 23:15 GMT tekHedd
No defense
"As though there is one country in the world which does not."
Yup, they're down to "but he did it too!" because they have no defense. Everyone from the the execs to lowly sockpuppets will be repeating the same whaddabout-ism from now until it's over because...it's all they've got.
-
-
Friday 11th November 2022 21:27 GMT DS999
How is it going to get your contacts, location, etc.
If you don't give the app permission to do so? That's been necessary on iPhone forever, and I thought Android had added similar stuff a few revs ago? Does the app refuse to operate if it can't grab your contact list? Seems to me they could rely on collecting that info only on those rocking obsolete Androids. Given how much a visit for the World Cup costs, I doubt any of them is carrying a phone that old!
The claim that it will continue to spy on you forever is even more spurious. If you delete the app as your flight back home takes off, how is it going to do that - unless it has a built in 0 day persistent rootkit (i.e. the holy grail of exploits which is worth millions of dollars and used only for very targeted attacks to prevent its discovery that will render it worthless)
While the built in persistent rootkit is theoretically possible, the PR and diplomatic blowback when that was inevitably discovered (perhaps before the World Cup was even over) would greatly outweigh whatever intelligence they were able to collect. Since those with actual secrets worth stealing would use a burner phone to run the app so all it could get is their whereabouts at a given time (and that assumes they don't "accidentally" swap burner phones with someone else who has a similar model just for the heck of it)
-
Friday 11th November 2022 22:28 GMT doublelayer
Re: How is it going to get your contacts, location, etc.
"Does the app refuse to operate if it can't grab your contact list?"
That'd be an easy way to do it. Anyone who installs this in the first place is willing to accept dodgy software in return for getting into the events, so how many will cheerfully install and activate the app but balk when it demands access and won't work without it? They might not even know about that until they install it in preparation, having already paid for their Qatari lodging and whatever tickets you need to attend.
You're correct about it continuing to spy on you, although I'll point out that you wouldn't need a full rootkit unless the user did a factory reset of their device and a lower-level exploit that doesn't change the system partition would withstand an app uninstall. I don't think they will use either, though. Still, they will be able to collect a significant amount of information while it's running, so even without a beachhead on the device, there's information about you which can be used to drive further attacks if they're motivated to do so. If I scrape your device's common storage and any data I can get by making the user accept permission requests, that's useful in targeting users later or selling to interested parties. I'm not really sure what Qatar would actually do with it, but it's not likely to be good.
-
Saturday 12th November 2022 10:01 GMT Wellyboot
Re: How is it going to get your contacts, location, etc.
>>>not really sure what Qatar would actually do with it<<<
When sharing data with other friendly intelligence agencies this data becomes far more valuable, if you regularly meet a number of people of a certain persuasion* in country A (all fine and dandy) then anyone you meet in country B (where that persuasion isn't) may well be added to the list of poeple to investigate especially if you're often out and about on your own away from the other fans between games.
This is the point that many people don't get about data, one + one does indeed equal three, correlations can be made and inferences deduced by combining all the data on hand, you are not being tracked in isolation. All surrounding circumstances are also being recorded and computer are very good at trawling through a billion data points repeatedly and building representations. Multiplayer shooter games are a very good illustration, all the players computers are tracking all the other players game data and providing a rapidly updated view just from in-game location coordinates and a few other identifiers.
*of any kind they don't like, merely being in some regions for a while will interest many agencies.
-
-
Wednesday 16th November 2022 15:28 GMT Anonymous Coward
Re: How is it going to get your contacts, location, etc.
The Android National Trust app goes completely ga-ga if you try to block it from accessing location services. it's OK if you allow location services but then switch off GPS, but it should still be trying to use coarse location... but it was easier to just delete the app (it's a LARGE app) and use a browser.
(I generally know roughly where I am and roughly where I'm going and only turn on GPS when necessary)
-
-
Friday 11th November 2022 22:22 GMT Anonymous Coward
I'm dying of suprise right now.
The worlds favorite sport is also it's most corrupt. What about the combination of that and Qatar was going to produce anything else? Until there is house cleaning at FIFA and Bladder is back in the ground with a stake in his heart, we should expect this kind of thing. Same for the IOC. I'm surprised the football fans keep rolling over for this stuff, considering the ultras have overthrown bigger governments and have a penchant for taking out their frustrations by burning things.
-
This post has been deleted by its author
-
Saturday 12th November 2022 10:13 GMT jmch
Re: I'm dying of suprise right now.
Blatter has been out of FIFA for a while. What really shows the deep corruption there is that even after it was obvious that awarding the cup to Qatar was a hugely corrupt process, with police raids and prosecutions in US and Switzerland, the award was not rescinded.
World cup is FIFA's cash cow that rakes in billions. FIFA officials distribute these to national associations, trading money for votes. And the majority of FIFA's 200+ members are in countries where corruption is rampant, so each local association distribution of money is also corrupt. There are only a handful of countries where the clubs / FA are so rich that they won't be influenced by FIFA's money. Given the inbuilt incentives, none of this is going to change any time soon
-
-
Saturday 12th November 2022 03:37 GMT Anonymous Coward
I think in most countries the port of entry police have the right to take anybodies phone and copy it's contents. Certainly in the US that is true. Moreover, unless you have "international roaming", which is hugely expensive, if you want local internet connectivity you have to purchase some local SIM contract which usually requires installing some app which doesn't care at all about your privacy, quite the opposite.
-
Saturday 12th November 2022 03:50 GMT Anonymous Coward
Don't go barmy
I wouldn't at all be surprised to find some people getting drunk and doing stupid things - urinating in public, mooning, slobbering on or hugging friends/strangers, getting in fights even with the Qatari police, and then beginning an expensive journey though the Qatari legal system that could last for years. I know that in some Arab countries raped women and minors have been jailed for corrupting morals. It's no joke.
Going for business, staid historic archeological tourism, etc. ? - sure, if you're prepared to behave on their terms.
But this is crazy and foolish.
-
Saturday 12th November 2022 06:40 GMT Anonymous Coward
Re: Don't go barmy
"I know that in some Arab countries raped women and minors have been jailed for corrupting morals"
This is a consequence of an honour-shame society. If a woman or girl becomes pregnant due to rape, they have dishonoured their family by being party to extramarital sex and presenting clear evidence to society.
Meanwhile, if the rapist is careful and the only witness is the rape victim, they aren't guilty of any dishonour.
-
-
-
Saturday 12th November 2022 16:17 GMT JimBob01
Re: Just buy the cheapest smart phone you can get
Was thinking the same thing.
The rules seem to say you have to have the apps, not that they have to be on every phone you possess. Given how many people seem happy to live with (at least) 2 phones, is having another just for FIFA and Qatar such a big deal?
-
-
Saturday 12th November 2022 22:25 GMT Dan 55
There is also the COP27 app.
The useless Google Play info says both that there is third party data collection and that no data is collected, and no mention of e.g. passport info is made.
-
Sunday 13th November 2022 05:47 GMT James O'Shea
If I were going
Which I'm not, I'd take my recently replaced iPhone SE. I would:
1. erase it completely and then install the latest OS version which would work on it, making certain to NOT turn on my AppleID. This means a nice fresh new set of non-data in Photos, Contacts, Music, etc. They can snoop to their hearts content, there ain't nothing there for them.
2. insert a temp SIM. Lots of options available.
3. as it's not worth anything as a trade-in, erase it again and just leave it in the airport on my way out.
I might/might not take my new iPhone, the one which replaced the SE, powered off, at the bottom of my bag. It would also be erased, and the SIM would be removed and replaced with another temp SIM. If the authorities detected it, something which would make the level of survielence quite clear, it would be erased again as soon as I got to the hotel, and the real SIM would not go near it. And as soon as I got home I'd report a hardware problem and have it replaced under the warranty. My actual data would never be exposed.
But I wouldn't set foot in Qatar in the first place, so all this is moot.
-
Sunday 13th November 2022 16:55 GMT Anonymous Coward
Sorry to trouble you, folks, but
this is the future. You'd better get used to it. Each and every government, democracy or no democracy, needs to know everything about you, for your own good of course (safety and security, fast and efficient delivery of public services, eliminating insurance and financial fraud, reducing pollution, utilities consumption etc.).
What a wonderful world!
-
Monday 14th November 2022 09:22 GMT Anonymous Coward
There is no need for Ehtaraz or Vaccination documents
Hi everyone,
Just to give a heads up, there is no need to install either applications starting November 1st as per https://www.qatarliving.com/forum/news/no-obligation-showing-ehteraz-qatar-november-1 and other local news sites/papers. I have some agreements with this article as a Government employee, a resident and national here as I am a cybersecurity novice who is very much concered about my own privacy.
However, I just want to inform everyone if your local airlines does not permit you (this was communicated to most commericial airlines as well) then you can send the Ministry of Interior or Foreign affairs a tweet and they can handle it with the airline. I don't work in either, but they usually take these actions as fast as possible and help non-residents that are coming for the FWC. As I mentioned I have a lot of dislike for the application and some of the research done within this article is great work that I have done myself as well during the start of the pandemic where I was really critical of the application.
Although I dislike the pandemic application Ehtaraz, it had warned me when in many locations of infected people such as my university Campus/classroom which had an infected person which the university hid away and didn't tell the students as not to cause panic. The people who recieved the notification had immediately took an action to leave campus that day and most of the people who usually turned it off/forced the application to stop did not recieve that notification had gotten covid due to the fact the university kept quiet/refused to take action (which were fined heavily later by the Government). I do wish people to tell their families to be very careful COVID and other Viruses wise when visiting a World Cup, I haven't had COVID nor do I wish it on anyone and my co-worker had recently caught a different Virus which she didn't disclose as well as the privacy of mobile phones by having a burner phone to visit any country ( I do it myself because I dislike how google summarizes my trips even when I disable maps off ).
-
Tuesday 15th November 2022 08:43 GMT Anonymous Coward
don't import any settings or contacts, or log in to your social media accounts
Does it mean that you wouldn't be ALLOWED to use local comms (roaming, mobile, data), UNLESS your handset has those two apps installed, in other words, the authorities (well, via telecom operators) would block any such 'unapproved' devices from operating? Otherwise, if this advice applies only to 'infected' handsets, it's damn obvious that's compromised completely, every aspect of it. I mean, if wanted to not to be tracked, I'd keep the infected phone off all the time,and ideally in some tinfoil box ;) and only turned it on to enter the stadium (or a go-go club, etc.), and use my 'real' phone for the usual activities. Not that' d ever want to go to such a toxic country in the first place, for any reason.
-
Saturday 19th November 2022 01:56 GMT bigtimehustler
If you have a Samsung phone, just install the apps into the secure folder instead of the main phone. It will only have access to what else is in your secure folder. Just make sure when anyone us going to check, you already have the app open and don't go searching into the secure folder in front of them.