IT Security Tip #26: Who really has access to what?
This may start off sounding like conspiracy theory stuff, but hang with me and I think I’ll dispel that notion pretty quickly.
I’ve known for a very long time that if a thing is digital, we all assume what its doing is what we we’re told it does. 99.9% of the time, I believe thats indeed the reality.
However, by the nature of it being digital, and ALWAYS if its connected to some form of communication method – internet, RFID tags, bluetooth, or any wiring to something else – what that thing does is not under your sole control, but it’s entirely controllable by the author or creator of the device and whomever they may choose to give access to it.
Now let me reiterate…I’m not saying your digital devices ARE spying on you, I’m saying they all have the potential to do so and you should be continually aware of it.
Lets take a big example in all of our lives…the Internet. You will never, ever, do anything privately on the internet. You may choose Incognito or “InPrivate” or some other internet-history-erasing method for your browser which is supposed to delete all the temporary files cataloged on your computer or phone during an internet session, but does nothing on the massive communications network that starts at your internet access point. The internet service provider or even something in your own home or business network may be tracking everything you do and InCognito doesn’t affect that. Just because you can’t see the evidence of being tracked, absolutely doesn’t mean you aren’t. I say at the end of every video “if its free, you’re the product” and I mean it. It is in business’ and the government’s best interest to keep up with every little thing each of us do, and they have the computing power and data storage capacity to do so!
Here’s a great example of what I think is simply Digital Naiveté. The Samsung company has a literal time bomb on their hands in the form of the the Galaxy S7 phone which has a problem of catching on fire spontaneously. Efforts to recall them depend on customers volunteering to give their phones up, some of which don’t want to because their phone hasn’t burned up yet! To ensure that Samsung eventually stops getting sued over this, they took the very public step of causing the phones to be updated with a patch that prevents them from charging and when the battery runs out next, its never coming back on. Problem solved.
Many Samsung phone owners freaked out when they realized that the phone they “own” is still under the control of the creator. Samsung invented it, has to update it, and so long as the device continues to communicate via the cellular or wireless networks, Samsung can do whatever they want when they want whether the person holding the phone knows it or not. And so can everyone else that creates a digital and connected device or application. You know that pesky little document called an End User License Agreement or “EULA” on which you clicked “I agree” way back when…you should read it for ‘realz’.
In closing, I’m not saying you ditch digital. I’m saying know what’s in your hand and what may be listening to your voice. When you’re saying “OK Google” or “Hey Siri” or calling on Amazon’s Alexa, keep in mind it’s listening long before you even thought about asking the question!