With the advent of the ‘Internet of Things’ IoT (internet
connected devices), the average consumer is likely to have multiple devices in
their home, office or on their person that is capable of surreptitious
surveillance and not be aware of it. One of the more high profile examples of
this was the recent Apple
FaceTime bug that would allow anyone
to activate the microphone and camera in your iPhone or iPad without your
permission. While Apple released a patch for this bug within a few days of it
being made public, how long this bug existed and may have been exploited, is
unknown. If you have an Apple device, please make sure you have installed this
update and if you do not use FaceTime, disable it.
Unfortunately, the FaceTime bug is just one of the many
exploits that we know about. Any internet connected OR wireless device (think
baby monitor) in your office, home, car, coffee shop or on your person is
vulnerable to be exploited. To make this problem worse, some of these devices
come pre-configured for ease of installation with default settings that either
cannot be changed or the user does not bother to change. This allows anyone
with a very basic knowledge to gain access to and control those devices.
Additionally, some of the older devices (3+ years) have very basic (if any)
security and do not have the option to be upgraded (built in obsolescence).
So, what does the average consumer do? If you do a web
search for ‘how to protect yourself from the internet of things’ you will find
a LOT of articles. Unfortunately, most of them use terminology and give
recommendations that can be daunting for many. One of the better articles that gives some
common sense advice is this
one from Lifehack. While some of these may require enlisting the help of a
family friend or local geek, at a minimum we suggest you make an inventory of
your connected devices (tip #1), so that you at least know what is at risk and
can potentially mitigate your exposure.
Did you know? If you have an Amazon Alexa or a Google Home
device, then you have a built-in, always on, microphone (and possibly camera)
listening/watching and recording everything
within range, 24x7. George Orwell would be so proud! If you have an Alexa and
want to really be freaked out, login to your Amazon account and you can review
and listen to all of the recordings it has made – and fortunately, delete them.
Perhaps Jeff
Bezos should pay a bit more attention to his own personal internet
security…?
I love technology and have many IoT devices (including Alexa
-which I turn off when not in use and restrict to my office), but I always
assume that any of these devices has the potential to ‘go rogue’. As such, I am
cautious about not only what I use but where I install it, to help me manage the failure points.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.