Smart Homes – Creepy or Convenient?


smart home devices

We live in a day and age where technology is advancing at an incredible rate. As a result, we seem to be inviting more and more of it into our daily lives. The question is…at what cost?

Because many of these Internet of Things (IOT) devices have microphones and cameras that are always online, they’re an inviting target for hackers who can use them to spy on us.

How many devices are out there?

The research firm IDC estimates worldwide shipments of 815 million smart speakers, security cameras and other devices in 2019, up 23% from 2018. Many of the sales are for gifts.

Are we too complacent when it comes to integrating smart devices and smart technology into our homes and personal lives? I don’t know the answer to that as it is very personal to each and every one of us. Admittedly, I’m a “tech” person to some extent. I like technology and the convenience it affords.

However, I do know we should probably use a little more diligence in researching and analyzing what we are willing to accept.

smart home devices

One thing is for sure, we are barely scratching the surface in terms of what the future holds. Let’s take a look at a few of the headlines making the news as of late.

Connectivity working groups?

On December 18, 2019, Amazon, Apple, Google, and the Zigbee Alliance announced a new working group that plans to develop and promote the adoption of a new, royalty-free connectivity standard to increase compatibility among smart home products, with security as a fundamental design tenet.

The decision to leverage these technologies is expected to accelerate the development of the protocol, and deliver benefits to manufacturers and consumers faster.

The project aims to make it easier for device manufacturers to build devices that are compatible with smart home and voice services such as Amazon’s Alexa, Apple’s Siri, Google’s Assistant, and others.

What does this mean for consumers like you and me? Maybe it’s good news…time will tell.

Creepy Connectivity

On December 15, 2019, The New York Times ran a story about a couple who recently installed a Ring security camera in the bedroom of their three daughters.

Four days after mounting the camera to the wall, a built-in speaker started piping the song “Tiptoe Through the Tulips” into the empty bedroom, footage from the device showed.

When the couple’s 8-year-old daughter, Alyssa, checked on the music and turned on the lights, a man started speaking to her, repeatedly calling her a racial slur and saying he was Santa Claus.

The Ring security system had been hacked and there were at least three other similar cases reported during the same month.

On January 3, 2020, it was reported that Google has disabled access of Xiaomi devices after a user said he was able to see into the homes of strangers while trying to stream video to his Google Nest Hub.

The move comes two days after a Xiaomi camera owner in the Netherlands said he saw still images of homes that aren’t his own as he tried to stream video from the smart device to Google Nest Hub. The images included a baby fast asleep in a crib, an old man dozing off in an armchair, and a sun-filled living room.

Other incidents

smart devices

There is one person, Geoffrey A. Fowler, who has been on a quest to find out what information our smart devices are obtaining from us and what we can do about it.

According to his findings, every time Amazon’s artificial intelligence activates, it keeps a recording. He states that Amazon had four years of his family’s conversations. Fowler added that Amazon also keeps reports on appliances connected to Alexa.

Fowler says that Amazon acknowledges it collects data about third-party devices even when you don’t use Alexa to operate them. It says Alexa needs to know the “state” of your devices “to enable a great smart home experience.”

But keeping a record of this data is more useful to them than to us. You can tell Amazon to delete everything it has learned about your home, but you can’t look at it or stop Amazon from continuing to collect it.

There are lots of ways your data can, and will, be used against you. Governments frequently compel companies to hand over what they know. Tracking what you watch on TV lets politicians micro-target your fears. Tracking your Web surfing lets marketers glimpse your desires — to get you to buy things you may not really need.

What do we do?

nest smart device

How creepy is that smart speaker, that fitness tracker, those wireless headphones? Mozilla created a guide to help us shop for safe, secure connected products. Go here for a list of products that meet their Minimum Security Standards.

Outside of getting rid of every device threatening our privacy, what can we do? Here are just a few suggestions I’ve collected:

  • Make sure your wifi router is secure as it’s typically the backbone and gateway to a lot of your smart devices.
  • Be sure to read privacy policies and double-check what the default settings are. There’s a good chance you can tweak a few things and greatly improve your privacy.
  • Amazon now lets you request automatic deletions after three or 18 months — but you need to set that up, and there’s no option to keep Amazon from saving your command history at all.
  • When using internet-driven security cameras indoors (or even outdoors), consider turning the cameras away from you and your family when you are home. The downsides are the inconvenience and the possibility of forgetting to return them to a working position when needed.
  • If you don’t plan on using the internet features on your smart TV, simply don’t connect it to the internet.
  • Disable “human review” on devices that allow it.
  • Use 2-step-verification whenever possible.
  • If you have devices with cameras and you do not want/need to use them, simply place a piece of tape over the camera to prevent video access.

What is the industry doing?

Here are a few things The Hustle gathered from Day two of the Consumer Electronics Show (CES).

  • Google forced its smart assistant to forget. The search giant now lets users tell Google to forget what it just heard by saying “Hey Google, that wasn’t for you.” 
  • Amazon debuted a privacy control center for Ring. It lets users manage which apps can access their connected cameras and lets users opt out of sharing data with police — but still doesn’t require 2-factor authentication or ban 3rd parties from accessing data.
  • Facebook updated its “Privacy Checkup.” The new tool shows users how their data is used and who sees their profile (and also offers tips for boosting account security).

The Hustle accurately emphasizes, the default strategy for most of these tech giants remains the same: collect and monetize user data.

Conclusion

Are there other things you can do? Sure! I’m not an expert in this field and this just scratches the surface in regards to what you can do. Keep in mind, there are a lot of folks who don’t care and won’t give it a second thought.

However, for those who are concerned with privacy rights, you may be fighting an uphill battle.

Do you have any tips or suggestions as to what can be done to enhance consumer privacy? If so, be sure to share them so we can all benefit from our collective knowledge.

Cody

With over 17 years of federal law enforcement, training, and physical security experience, Cody focuses his time nowadays on both consulting and training. He regularly advises individuals, groups, multinational corporations, schools, houses of worship, and NGOs on security threats while conducting customized training as needed.

Recent Posts