Your IoT devices may be turned against you
Internet of Things (IoT) devices are trending right now, and chance is good that more and more devices will come to market that may make things easier on the one hand, but may cause privacy issues on the other.
You don't have to look further than at smart home devices that listen to your commands to provide you with information or assistance in controlling various other gadgets or parameters such as the heating.
Like your browsing or call history, these conversations that you have with digital assistants or smart devices, spark the interest of law enforcement and companies.
Engadget reports about a case in Arkansas where police wanted Amazon to hand over any audio recordings that the company stored on its servers of a suspect's Echo device. Amazon appears to have declined the request, but police said it managed to pull data off the speaker. No information was provided on the data though.
While listening devices are designed to only respond to user commands, the past has shown that these things are not overly accurate when it comes to that. It can very well happen that an Internet of Things device listens to conversations by accident.
What is particularly interesting about this case is that the police managed to retrieve evidence from other smart home devices the suspect had installed in the home. The police was particularly interested in a smart water meter that showed that a large quantity of water was used in the night of the murder.
The deceased was found dead in the suspect's bathtub,and investigators allege that the water was used to wash away evidence on the patio.
People need to be aware that their devices can, and probably will, be used against them. This is not limited to smart home devices, not in the least. Windows 10 comes with Cortana, a digital assistant, and both Google Android and iOS ship with personal assistants as well that you can talk to.
Then there is Amazon Echo and other smart home devices, TVs that may be listening in, services that may listen in for marketing purposes and track you across devices, and even apps may do it.
It is clear that we will see an increase in requests by law enforcement and others in the future to access data that smart devices have collected.
As Billy Steele over on Engadget points out, it will be interesting to see how law enforcement and the companies that create these devices will find the right balance of respecting user privacy.
Now You: Do you own smart devices?
The first principle when regulating this field, hopefully, should be to “keep local things locally”, and “only reach to the outside when necessary to fetch the information from the outside, or send it there, e.g. when looking for something, a schedule, news, etc.”. Meaning, voice recognition should definitely be done locally (if not feasible yet at this point, then I’m damn sure it’s at least feasible to locally store & recognize “Hey Sarah” (or whatever you define) to trigger voice commands, so the whole “non-stop listening” can pretty much be – well, local).
It would be nice to see a clear set of design and interoperability principles which the companies would adhere to. Oh wait, that’s probably too much to expect; after all, I’m still not able to send messages from Facebook to Twitter or Instagram or Skype etc. (or even subscribe/follow between platforms). :>
Until these things are implemented this way, I will opt out of IoT. Which reminds me, I found this hilarious IoT-related twitter a while ago: https://twitter.com/internetofshit – it really shows how things should not be made.
The only thing worse than having no privacy is thinking you have privacy when you have none. No govt will ever give up the privilege of being able to rifle through your innermost secrets no matter what laws are on or off the books.
It is scary to realize how fast we are losing control about our privacy and nevertheless this fact is celebrated by the moronic majority which is even paying for it.
No smart devices here, not even a basic smartphone. At home desktop computing, elsewhere a simple cellphone. I am not at all thrilled by the IoT universe, because the very idea of life in a perpetual connected world is not mine. In fact once outdoors I feel happy of being disconnected, I breath as I touch reality. I appreciate, I’m even quite fond of the computer-tool but not at all of the computer-master. I dislike the very idea of artificial intelligence when research has the arrogance to conceive it in a quasi-philosophical perspective, that of a human’s competitor. What is this, Frankenstein adapted to the modern world, a world in quest of overlapping itself by considering its role as that of a god, this time with intelligence when genetics aim creation of life itself? I consider this attitude as mad, “lucid madness” as it was called a century ago, a soul’s madness when the mind itself appears conform to social standards. I dare say we are surrounded by madness and that is of course dangerous.
Too much advertisements for the whole computing business, social networks are now considered as totally integrated to the Web in the same way some users believe Flash is a built-in feature of all computers. I am fed up by the computer hysteria, not one topic which hasn’t its relationship to computer devices clearly stated. Too much for a tool, too little for a master honored by its slaves. I dislike selfies, memes, the whole fashion craps universe and attitudes. I dislike people, everywhere, dialoging via their “smart” devices and forgetting their neighbor.
This is not how I conceive the benefits of computers in my life. Definitely not.
IoT devices are being hacked into botnets and used in DDoS attacks.
I’m still corious when people realize how many problems it can create unknown before.
Breaking privacy is not the bigest one I’m sure.
So much paranoia. I call mine ‘Kalashnikov’ and nobody seems worried.
I’d call mine Bazooka, like the chewing-gum, without the included joke.
Pants, would that be you per a chance?! It’s not paranoia, I like the guy, I miss his thrilling comments.
I thought Pants was a lady, Tom… ;)
You know, ShintoPlasm, when I appreciate someone for other reasons than sentimental I always call him or her “guy” :) I even got to hear myself say “She’s a nice guy” … which I guess is not a correct formulation.
Now, if we get down to under the pants I’d say my opinion is that the bohemian horse is a male, and that the female theory aimed only at playing with disinformation! A last possibility, and I say so with absolutely no offense, would be that of a gay guy, who knows? Frankly, I really don’t care, this is not a dating arena, is it?!
A Passenger Renamed His Wi-Fi Device ‘Galaxy Note 7’ And Almost Got His Flight Diverted
These ‘smart’ IoT devices are the dumbest, least secure devices ever made. Devices made to solve numerous problems which did not exist in the first place. Privacy invasive too.
Those voice controlled assistants are completely useless. Thank god I got rid of that cr.p once I installed CyanogenMod on my phone, it was obnoxious as hell.
Numerous reports of people buying ‘smart cameras’, which apparently they were once sold to someone else, but returned for different reasons, and now the first buyer could still access it remotely. How stupid is this? Could you not just dump the camera’s output locally on a HDD and then access it remotely, without involving any third parties? Ofcourse you could, but how else could companies monetise you after you purchased their device if you did so..? A simple search for ‘IoT camera’ will reveal an overwhelming number of results regarding these flaws; hacked cameras because security leaves a lot to be desired with these devices, partly due to the incompetence of the manufacturers, or their simpe lack of care for their potential customers.
A disaster, made to impress the average consumer, but nothing more.
They already declared they will spy on us through IoT.
CIA chief: “We’ll spy on you through your dishwasher”.