All your devices are tracking you. Relentlessly

So, you’re watching TV while noodling with your smart phone, your daughter is playing with Hello Barbie, and your spouse is doing errands in your OnStar-equipped car. All of these activities are sending data about you back to their respective motherships. This of course, they promise, is solely done to help you, the consumer, make smart decisions. However it is indeed necessary for them to share your personal information  with third parties, again this is only done to help you. Right. The the security here is flimsy and privacy is mostly non-existent. However, it’s here, it’s not going away, and will only get more intrusive.

I bet you didn’t know Homeland Security is giving grant money to install tracking devices on tour buses. Why do these buses need to be tracked. Do they have audio recording? Who gets to view the data? Is the data stored encrypted? OnStar monitoring in your car can listen to you without your knowledge and permission. Yes, there can be good reasons for this, like if the car has been stolen. But if OnStar can listen in, then no doubt others can too. And their motives may be not be so innocent. Oh look, little 8-year-old Sally, daughter of a billionaire, just told her Hello Barbie she’s going shopping with her nanny. Gentlemen, start your kidnapping engines.

There are three huge problems here. First, our computers, phones, cars, and other devices increasingly send data about us to someplace else. Second, that data is insecure. No one knows what happens to it. Third, such data can and is being used by hackers, identity thieves, corporate and state espionage, and other such lowlife.

Cringely, as usual, nails it.

There is no presumption of privacy riding in a tour bus, so it probably isn’t illegal to listen-in. Bus security cameras and their footage have been around for years now and appear regularly on TV news after bus crimes. But there’s something about this idea of not only our actions being recorded but also our words that I find disturbing. It’s especially so when we consider the burgeoning Internet of Things (IoT). What other devices will soon be snitching on us?

Innocent people have nothing to fear, we’ll be told, but with smart phones and smart watches and smart homes and smart refrigerators and cars with their own continuous LTE links how far can we be from every one of us carrying a listening device?

We already are carrying multiple listening devices.

But the march of technological progress is inevitable so most of this will come to pass. And the fact that we have literal armies of hackers all over the world devoted to cracking networks suggests that once such a listening capability exists for any purpose someone will find a way to exploit it for every purpose.

Then life will become like an episode of Spy versus Spy from the Mad Magazine of our childhood with consumers buying technology to protect themselves. Tell me your kid won’t want that bug-sweeping app or the one that spoofs the insurance company GPS into thinking the car isn’t speeding after all.

And where will that leave us other than paranoid and in constant need of AA batteries? It won’t improve our quality of life, that’s for sure, and I’m willing to bet it won’t save many lives, either.

Be sure to read the comments. Lots of excellent thoughts.

For someone who doesn’t want the new TV to go a-spyin’, there’s three threat models to consider:

1. Business: The TV manufacturer, content provider, content deliverer wanting to model the consumer(s) for commercial purposes.
2. One or more governments hoovering as much general citizen profiling data as possible.
3. A government or criminal actor specifically targeting you for intel.

Threat 1. can only go so far without being caught (Sony rootkit etc) because the spying is not concealed due to ubiquity, so very likely to be spotted.
Threat 2. is limited by public opinion, when the extent leaks (Snowden etc).
Threat 3. is only really limited, for remote (low cost) intrusion, by the end-user’s hardware.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.