A Peeping Tom in Your Living Room
And who will watch the watchers? Nearly two millennia after the poet Juvenal asked that question, it remains just as relevant, although in ways the Roman satirist surely never imagined. Vizio, a maker of “smart” televisions, agreed earlier this year to pay $2.2 million to settle charges that it installed software that could collect viewing data from 11 million televisions without seeking the consent of the people doing the watching.
The televisions were capable of capturing second-by-second data on what viewers were watching, whether it was via cable, broadcast, set-top box, DVD or streaming devices, according to a complaint by the Federal Trade Commission and the New Jersey attorney general.
Devices aren’t just tracking what we watch, they’re also listening. That’s why Arkansas police sought a warrant for the audio data collected by an Amazon Echo device at a home where the police were conducting a murder investigation. Amazon turned down the request for the data, but it highlights that when such devices are on, they’re always listening, if only for their “wake” word—or even during Super Bowl ads. After a commercial for the Google Home voice assistant aired during the big game, fans took to the Internet to report that the ad—specifically the words “Okay Google”—had turned on the devices in their home.
Don’t Talk to Strangers
Smartphone voice assistants may be another source of danger. A study by computer scientists at Georgetown and Cal-Berkeley showed smartphones could be vulnerable to hacking by hidden voice commands from web videos, for instance, and prompted to open web sites with malware.
Speaking of unimagined outcomes, the inventor of sticky tape might not have dreamed that it would fill a computer security need—taping over webcams—for people who just want to be sure the devices they’re looking at haven’t suddenly decided to look back. That very low-tech defense has reportedly been taken up by Facebook founder Mark Zuckerberg and FBI Director James Comey.
The Industry Strikes Back
After a massive cyber attack last fall that was mounted via a veritable zombie host of Internet-connected devices, some of the biggest names in technology and cybersecurity have banded together to boost security on the Internet of Things. AT&T, IBM, Nokia and security firms Palo Alto Networks, Symantec and Trustonic said they were forming the IoT Cybersecurity Alliance Trustonic to combat cyber attacks from connected devices.
AT&T says it has seen a 3,198% increase (that’s not a typo) in attackers scanning for vulnerabilities in web-connected devices.
“Be it a connected car, pacemaker or coffee maker, every connected device is a potential new entry point for cyberattacks,” says Bill O’Hern, AT&T chief security officer. “Yet each device requires very different security considerations.”
When Your Data Talk
The warning about data collection and pacemakers might have come in handy for an Ohio man who was charged with arson and insurance fraud after he told police he had carried a variety of items from his burning home in a short period of time, the local Journal-News reported. A cardiologist said data from the man’s pacemaker told a different story.