It’s a connected world, and nearly every gadget, device, appliance, and machine with some sort of computer running inside it can be connected to others through the Internet of Things (IoT). What a great leap forward in this journey we call human civilization! But does this recent advancement come with a dark secret that can someday turn on us? Are smart devices spies in our midst?
Listen and Learn
Many smart appliances today, particularly smartphones and virtual assistants like Alexa and Google Home are equipped with voice command capabilities. They can, therefore, listen to and record your comments and conversations even after they’ve carried out your original command. Concerns about devices turning on voice command by themselves and listening even when you do not enable the feature have also been raised. The question then is: What actually happens when your smart device is listening? How much information gets recorded, and where does this eventually end up in?
To help you understand how vulnerable this makes you, consider a listening app called “Alphonso.” You can’t download it directly from Google Play or the App Store, but it comes with some games and apps that you can install. While you or your child are playing games on your smartphone, Alphonso comes to life and listens to what you are watching on TV. It then records this information and sends it to some server somewhere, and the data is analyzed to build a profile about your TV-viewing habits. But if that doesn’t seem wrong to you, then how about this: Alphonso continues to listen for TV signals even when you are not playing the game it came in with.
Alphonso proves that devices can listen to what you say and do. Now, what’s to stop devices from gathering other data? They can be made to look at chat and text messages or your calendar, for example. Everything about you would be fair game. Now here’s where it gets even more frightening: What if the data the devices collect isn’t just so they can send you the right ads?
Infiltrating Your Home
Now, if that still doesn’t seem creepy to you, consider the case of Alexa and Google Home. As it turns out, these two popular smart home platforms have security gaps that hackers can exploit to spy on your conversations. They may even trick users into handing over sensitive information. Security experts have been raising alarms over these vulnerabilities since last year. For their part, Google and Amazon have responded quickly to address issues. But just as quickly, hackers spotted other holes to exploit in the systems.
Compounding this problem are the armies of third-party app developers for these platforms. Google and Amazon provide developers with access to their systems’ features and functions so they can develop custom apps. Unfortunately, these are like wide-open back doors through which threat actors can enter. They then can manipulate the platforms to fall silent but still remain active, capturing every word you speak that can potentially land you in some sort of phishing trouble.
Alas, this seems to be the price we have to pay for the convenience that technology gives us. Every technological advancement will naturally attract exploiters. Personal data is a prized commodity. So we should expect any information resulting from our interactions with technologies would be collected, processed, and used by someone else for whatever purpose. We should thus take steps to protect ourselves from this eventuality.
First, we can no longer allow our devices and apps to take control by default. We need to understand how they are set up, particularly their privacy settings. We should also look into customizing “wake” words for smart assistants so that third parties do not have access to them.