June 14, 2014

These Devices May Be Spying On You (Even In Your Own Home)

Think you are safe in your own home? These innocent-looking devices may be spying on you, or performing other nefarious actions:

Your Television

Televisions may track what you watch. Some LG televisions were found to spy on not only what channels were being watched, but even transmitted back to LG the names of files on USB drives connected to the television. Hackers have also demonstrated that they can hack some models of Samsung TVs and use them as vehicles to capture data from networks to which they are attached, and even watch whatever the cameras built in to the televisions see.

Your Kitchen Appliances

Many recent-generation kitchen appliances come equipped with connectivity that allows for great convenience, but this benefit comes at a price – potential spying and security risks. Information about when you wake up in the morning (as extrapolated from data on your Internet-connected coffee maker) and your shopping habits (as determined by information garnered from your smart fridge) can help robbers target your home. Furthermore, potential vulnerabilities have been reported in smart kitchen devices for quite some time, and less than a month ago a smart refrigerator was found to have been used by hackers in a malicious email attack. You read that correctly – hackers successfully used a refrigerator to send out malicious emails.

Your DVR/Cable-Box/Satellite-TV Receiver

Providers of television programming can easily track what you are watching or recording, and can leverage that information to target advertisements more efficiently. Depending on service agreements, providers could potentially even sell this type of information to others, and, of course, they are likely to furnish this information to the government if so instructed.

Your Modem (and Internet Service Provider)

If it wanted to, or was asked by the government to do so, your ISP could easily compile a list of Internet sites with which you have communicated. Even if the providers themselves declined to spy as such, it may be possible for some of their technical employees to do so. Worse yet, since people often subscribe to Internet service from the same providers as they do television service, a single party may know a lot more about you then you might think.



Your Smartphone

Not only may your cellular provider be tracking information about you – such as with whom you communicate and your location – but it, as well as Google +0.02% (in the case of Android), Apple AAPL-1.09%(in the case of iPhones), or other providers of software on the device, may be aware of far more detailed actions such as what apps you install and run, when you run them, etc. Some apps sync your contacts list to the providers’ servers by default, and others have been found to ignore privacy settings. Phones may even be capturing pictures or video of you when you do not realize and sending the photos or video to criminals!

Your Webcam or Home Security Cameras

On that note, malware installed on your computer may take control of the machine’s webcam and record you – by taking photos or video – when you think the camera is off. Miss Teen USA was allegedly blackmailed by a hacker who took control of her laptop’s webcam and photographed her naked when she thought the camera was not on. Likewise, malware on computers or hackers operating on those machines could potentially intercept transmissions from security cameras attached to the same network as the devices (some cameras transmit data unencrypted), and copy such videos for their own systems. Such information is invaluable to burglars.

Your Telephone

It is common knowledge that the NSA has been tracking people’s calls, and even the changes proposed by President Obama won’t truly eliminate the spying. Of course, phone companies also track phone calls as they need call information for their billing systems. So, even if you use an old, analog phone your calls may be tracked. If you are receiving phone service from the same provider as you get your Internet and/or television service, phone records are yet another element of information that a single party knows about you.

Your Lights, Home Entertainment System, and Home Alarm System

Various newer lighting, home entertainment, and home security systems can be controlled via Wi-Fi or even across the Internet. Remote control is a great convenience, but it also raises questions as to whether information is reported to outside parties. Does your alarm provider get notified every time you come and go? Is information about your choice of audio entertainment relayed to manufacturers of the equipment on which it is played or the supplier of the music? Could hackers gather information from smart lighting, entertainment, or security devices – or the networks on which they communicate – to determine patterns of when you are home, when you are likely to have company over, and when your house is empty?

Your Thermostat (Heat and/or Air Conditioning)

Various Internet-connected thermostats are now available. They provide great convenience, but might they also be transmitting information about your preferences to others? Google’s acquisition of Nest has raised interest in this issue – but Nest is not the only provider of such technology. There are even products distributed by utilities that raise concerns. In my area, for example, the utility company offers a discount to people who install a thermostat that allows the utility to remotely cycle air conditioning on and off in case of excessive power demand. Might that thermostat – or future generations of it – also report information to the utility company?

Your Laundry Equipment

Like kitchen appliances, washers and dryers that connect to the Internet may report information that users may not realize is being shared, and that if intercepted, or misused, could help criminals identify when you are home and when you are not.

Your Medical Devices

It is not news that pacemakers, insulin pumps, and other medical devices can be hacked. But even normal functioning devices may spy on you. Various pacemakers relay patient status information over the Internet – this may be valuable in some cases, but also creates risks. Could unauthorized parties obtain information from such data in transmit? What if a criminal sent out phony “pacemaker impersonating” messages stating that a patient is in distress in order to have his physician instruct him to go to the hospital – and leave his home vulnerable?

Your iPod or Other Entertainment Devices

Yes, there are still millions of people using specialized non-phone-equipped electronic devices, but these devices are often Wi-Fi enabled and pose similar to risks to smartphones as discussed above. Of course if you are reading books or magazines, watching videos, or listening to audio supplied by an online provider, your choices and preferences are likely being tracked.

Coming Soon… Your Handgun

Millions of Americans keep guns in their homes, so privacy issues surrounding firearms are an issue regardless of one’s position in the perpetual American debate about gun control. In the near future so-called “smartguns” – firearms that contain computers with various safety capabilities intended to prevent accidents and curtail unauthorized use – are expected to enter the market. But, will the embedded computers also spy on the firearms’ owners? Do the guns contain circuitry that might allow law enforcement to track – or even to disable – the weapons? It is hard to imagine that governments would not be interested in adding such “features” to weapons; the US government is alleged to have installed malware onto thousands of networks and placed spy chips into computers, and known to have lost track of weapons it intended to monitor. Would the government really treat firearms as being less worthy of spied upon than telephones?

Vendors may attempt to address some of the aforementioned concerns, but many of the issues are sure to remain for quite some time. So, if you want to take advantage of the benefits of connectivity and smart devices, keep in mind the privacy risks and act accordingly.