This is the first article in our new series, Modern Privacy.
At the beginning of 2017, I published an article on privacy. Typically, my articles take hours to write and research, not to mention the editing process for which I am eternally grateful to Jennifer Yeadon of SmartFile (thanks! -Ed.). This particular article, however, took weeks to finish.
That’s not because it’s longer or more complex than other articles I’ve written. Rather, we live in interesting times where news story after news story turns up about privacy, security and how our rights as Americans are eroding. It’s almost as if the world couldn’t catch up to the endless stream of news that was pouring out of every corner of our media.
Every morning I start at 5 a.m. by reading the cyber security, cyber warfare and privacy news coming out of Asia, then the Middle East, Europe/Africa and, finally, the western hemisphere. It keeps me ahead of the threats to be able to alert both my staff and clients of the latest global threats.
Since not everyone is as fanatical as I am, we thought it would it be a great idea to create a regular column on the latest threats to privacy and security out there as well as an analysis of the impact on every aspect of our lives. So, without further ado, let’s begin!
Amazon’s CIA Listening Device, Echo, Now Lets Your Ex Virtually Into Your Home
If you’re unfamiliar with Amazon Echo, aka Alexa, then you’re probably not reading this article but rather heading into town in your horse and buggy. This IoT device has taken the tech market by storm. Amazon has made a smart and convenient device that plays music, keeps your shopping list and lets you buy things from Amazon immediately. It also may or may not let the CIA and NSA hear you and your spouse argue, or worse.
To continuously expand the capabilities of the unit, Amazon has added a calling feature to the Echo that searches your contact list and enables you to call and message contacts directly through the Echo. Including those you may have blocked — like an ex-partner.
Here’s the issue: Amazon forgot to add any kind of filtering capability, so now anyone in your contact list, including the ex, can contact you directly via the app and Echo in your home. Amazon, I’m sure, is working on updating the app to reflect more private settings but its lack of inclusion from the start shows where Amazon’s mentality is regarding privacy in general. As long as you’re in their ecosystem for everything, privacy has a backseat to their needs and desire to sell you more stuff.
[Update: As of June 2017, Amazon has now incorporated blocking capabilities into the Amazon Echo.]
The FCC Thinks All the Cool Kids Hate Privacy
I wrote a recent article that is more in depth on the subject of how we, as US citizens, are seeing rollbacks in our privacy rights regarding data collection by our internet service providers (ISPs) thanks to our new administration. Unfortunately, this issue is not unique to the United States.
Freedom House, an independent watchdog over privacy and freedom rights, has released a report on internet access rights around the globe and the results are a bit depressing. It would appear that the countries that range from “Partly Free” to “Not Free” outnumber those that are considered “Free.”
With the removal of privacy protection rights in the U.S., the country has shifted more towards the “Partly Free” category. This country has historically gone to great lengths to ensure individual rights for a myriad of things, from gun rights to freedom of speech and enshrined as an inalienable right is a right to privacy from others, including corporations and the government. Hopefully, the FCC will reverse what they just reversed but we shall see.
Good News: The NSA is Collecting Slightly Less Data
The NSA recently stated that they would not be collecting emails and texts that contain “identifying terms” sent by Americans to email servers overseas. The NSA collects vast amounts of data that move through the internet infrastructure of the United States and we do know that they have deep ties with many of the ISPs that give them an unprecedented amount of access.
We also know that they have created secret arrangements to weaken security to make it possible to infiltrate government and corporate entities with ease. So, news like this is rather welcome to the Privacy Rights community.
I’m not getting on a soapbox here. Odds are if you’re reading this then you’re probably well informed on the shenanigans the US government likes to get into and understand that part of it is acceptable from a cyber defense/cyber warfare strategy. However, there is definitely overreach into the privacy rights of citizens.
The point is that this declaration is a step in the proper direction in terms of a citizen’s ability to maintain slightly more privacy when communicating outside of this country. That’s not a bad thing and while the NSA can often be looking for a needle in a haystack they do have multiple tricks up their virtual sleeve to achieve their goals.
Proving that You Get What You Pay For: Google Docs to Strengthen Security After Attack
Pretty much everyone I know received at least an email from someone they know saying they needed you to open a Google Docs link and form, which ended up being an elaborate phishing scam. In the aftermath of this mess, Google has announced they’re going to enact greater security measures and protocols to combat future phishing attacks via their products.
Love them or hate them, Google has always been rather solid and on-the-ball with threat mitigation through patching and development. Like most major tech companies, they’re under constant attack and, as I’ve written before, have been hit hard in the past. Good to see them learning from past lessons and mistakes! Please, Google, never stop being vigilant for your users’ sakes.
Cyber Warfare 101: Turning Your Antivirus Software Against You!
This last bit of news is beyond fascinating. A pair of researchers has been able to turn anti-virus software into a weapon and have it attack the computer and network it was designed to protect. By finding a way to fake out the antivirus engine, the software could be fooled into thinking that legitimate files were threats and then proceed to wipe them out. It’s a brave new world, folks.
Consider that most cyber security experts, myself included, believe that the next major horizon of cyber threats for regular users is the IoT phenomena. This is an industry that is wrought with poor cybersecurity development into their products and is constantly being hit and infected thus turning the devices into weapons for a hacker or worse. Enter this new issue, where we have software designed to be whitelisted and elevated into computers and we have another massive threat out there in that our computers can be used against us on top of the IoT infection issue.
As hackers innovate so do the good guys. This is a never-ending cat-and-mouse game and the best we can do is keep up with the threats to our security, privacy and keep educating ourselves on the potential dangers and threats to both. Stay safe out there!