Is your phone or smart home device spying on you? Picks of the Week
Are your sensors spying on you? | Science Daily
Amazon Makes the High-Performance 7-Mic Voice Processing Technology from Amazon Echo Available to Third-Party Device Makers | Amazon
Hackable IoT washing machine provides channel for breaching hospital IT | CyberScoop
Technology is infused in our modern life. Attempts at attaining perspective often fall to historical comparisons. Images frequently circulate of warehouse-sized computers from the 1960s which can hardly compare to the computer power, size, speed, and functionality that even a low-end smartphone possess today. Much has been written on the blistering pace this technological infusion has taken since those early images. Innovation in the technology sector barrels forward. For a short golden age, we marveled at the change, the improvements in our daily lives, and the increase in efficiency, productivity, and global reach that technology afforded us. Yet, in our haste to constantly deploy new technology, masked in a liberative utopian narrative, we may have missed a shift. A slope downward from our zenith. The host of new technology, now pervading almost every aspect of our lives, paired with our physical proximity to all those technologies and connected devices and sensors, creates a variety of privacy and security problems.
A smartphone is a patchwork of technology. Complementing the most obvious sensors (e.g., touch screens, microphones, cameras), smartphones have also Global Position System (GPS) connections, accelerometers, gyroscopes and orientation sensors, bluetooth, light sensors, and Near Field Communication (NFC) to name just a few. Culturally, we have acclimated to living with smartphones in our hands for an average of ~9 hours a day. The constant connection and instant feedback this miniaturized computer affords us creates a bargain: we must provide our phones the information it asks for and allow it to “follow” us around. When installing any smartphone application, the app will proposition a phone for permissions, asking the phone for the ability to interface with sensors on board. Most users do not read the permissions when installing an app, and even if they did and wanted to refuse any part of it, they would not be able to install the app. Some of the sensors built in those devices do not even require permissions to access the data on the phone. While using our smartphones for simple tasks, a number of apps interface with a multitude of sensors in any given moment. Recently, researchers in the United Kingdom revealed the ease with which malicious websites, as well as installed apps and built-in sensors, can spy on us and be exploited by hackers, in one case using the orientation sensor (the sensor phones use to calculate which way it is facing) to crack the pin number of the user. Despite the variety of cyber threats these vulnerabilities expose us to from phishing attacks to identity theft, research shows that people are unaware of the risks and most of us have little idea what the majority of the 25+ different sensors available on current smartphones do.
Our closeness with technology has expanded outward from our pockets and personal computers. The rush has served to saturate the “real world” with Internet-enabled devices. Recent events have highlighted the potential danger of our increased reliance on technology, and media reports have highlighted a series of vulnerabilities in popular consumer-oriented, Internet-connected light bulbs, DVRs, thermostats, security cameras and GPS trackers. In October, hundreds of thousands of insecure IoT devices were used to launch a large-scale distributed denial of service (DDoS) attack on the Domain Name Service host “Dyn” interrupted service for swaths of the Internet. The attack is believed to have launched from compromised “Internet of Things”(IoT) enabled devices, like DVRs, cameras, and baby monitors. Other IoT devices like Amazon’s Echo and Alexa have come under intense scrutiny over concerns of information collection and utilization. Records collected by Alexa are stored by Amazon and have often been subpoenaed by law enforcement, and Alexa records have even been sought as evidence in at least one murder case.
The metaphor used ad nauseum of our current situation is Jeremy Bentham’s panopticon, a circular prison in which a guard can watch all prisoners but the prisoners are never sure if they are being watched. For Bentham, the possibility of always being watched would keep the prisoners behaved. In the modern world, we are always being watched but, unlike Bentham’s prisoners, we are not held in a prison cell. To keep ahead of these developments at best appears overwhelming, and at the worst sisyphean. Privacy, as we conceived by modern society, may be on the path to extinction, but as consumers we can hold on to modicums. Paying attention to the permission requests of apps on your smartphone, reading carefully the functionality of new devices purchased, checking what purchases require an Internet connection, only installing applications from approved app stores, and keeping our phone operating system and apps up-to-date can be effective steps to preserve those remaining fragments of privacy and certainly increase our security online. Encouraging awareness and piecemeal observations may seem a lackluster solution, but it requires a necessary self-reflection on the intent and purposiveness of our technology, and the nature of our increasingly connected society and ‘always on’ devices. – Francesca Spidalieri and Francis Quigley