Membership is FREE!   Professional Designations for Business & Technology Professionals

Privacy

Violating Your Privacy is NOT an Oopsies – It’s Premeditated and Systematic

2 Mins read

I’m just re-stating the obvious. But I think it’s worth re-stating because most of you are not cyber security researchers by day and may not remember the many reported examples of security and privacy violations over the years.

Let me paint you a picture, starting with the smart devices we willingly invited into our homes in recent years — Amazon Alexa, Google Home, and Apple HomePod with Siri. Indeed it is convenient to be able to ask “Alexa, what’s the weather today?” in the mornings, or “OK, Google, how many feet in a mile?” But are these cool, little conveniences worth the privacy tradeoffs? Oh, you didn’t know these smart assistants were constantly sending data to the cloud, in addition to listening to you all the time? Of course, these devices have to send some data to the cloud in order to return responses, but that should happen only after you activate it with your hot word. And all of that assumes the devices are working properly, and not hacked.

Further reading:

Assuming you’re comfortable with Amazon, Google, and Apple listening to you in your home all the time, let’s take a look at other devices you may have brought into your home — connected security cameras, speakers, light bulbs, refrigerators, televisions, photo frames, microwave ovens, bathroom scales, toothbrushes (yeah, there are connected toothbrushes), etc. — collectively known as the Internet of Things (IoT). Are they all honoring your privacy? Or are they collecting and sending data about you to the cloud, or worse, to servers in foreign countries? How would you even know?

Well, now we know, through some documented examples of privacy faux pas. Within the last week, we saw Xiaomi home security cameras “accidentally” sending video feeds to strangers’ Nest Hubs. They called it a “bug” — oopsies! Perhaps Vizio and Samsung smart TVs listening to your conversations were not oopsies; those were features! Further, we’ve seen repeated, documented examples of Ring camera hacks, where hackers gained access to video feeds inside and outside the home and in one-case, the hacker told an 8-yr old girl he was Santa Claus. Smart lightbulbs have been shown to leak Wi-Fi passwords and smart plugs have been documented being used as a jumping off point for hackers to get into your home or office networks. These security issues are not new at all. Everyone has heard of the examples of hacking home networks via connected printers, which have been around a lot longer than IoT devices.

Further reading:

Are you still comfortable that a wide variety of IoT devices have been documented to have security “flaws?” What if I showed you some more examples of low-cost Android devices coming with pre-installed malware, bloatware, adware, or worse.

Note that malware or adware that is pre-installed by the manufacturer cannot be uninstalled; also, it may not be detected by anti-malware software, and it basically has administrative access to everything on your device. Do you still think these are “flaws” or “bugs” and do you believe the manufacturers of these devices when they claim “oopsies, we didn’t know?”

Consider the following graphic, that shows you what your devices “know” about you — including passwords, credit card numbers, social security numbers, etc.

No alt text provided for this image

What about…

Read The Full Article

Related posts
Privacy

Statement from the Privacy Commissioner of Canada following the tabling of Bill C-11

2 Mins read
Original post – GATINEAU, QC, November 19, 2020 – Privacy Commissioner of Canada Daniel Therrien today issued the following statement regarding the tabling…
Privacy

CASL Review: The 13 Recommendations of the ETHI Committee

11 Mins read
The ETHI Committee conducted a CASL Review between July 1, 2017 and Dec. 2017 as required by the law itself. “As a…
Privacy

A new privacy bill for our age

2 Mins read
Bill C-11 aims to give more meaningful information about the collection, use and disclosure of data, while giving organizations tools to be…
Join BIZTEK

Yes, I have read and live by this Code of Ethics - https://biztek.org/code-of-ethics/. We are BIZTEK, located in Mississauga, Ontario. Business Certification is an important part of doing business in Canada. Join us to set new standards and professionalism to the technology sector. We will email you regarding issues that affect business and technology professionals in Canada. Contact us at info@biztek.org or call us at 647 499 2744. You can unsubscribe at any time.