Internet of things or IoT can be a cunning way to creep into human lives. Smart TVs, computers, phones, household devices, and security systems will be part of the net that interacts and communicates with each other.
Do you know that smartphones, even without using them, constantly look for similar devices?
For example, smart TVs such as Samsung can spy on viewers. How does it work? All devices, such as computers, phones, or in this case, TVs, have microphones.
When you make a voice or audio call, the device listens to you. It would be nice that the data that you provide would come only between you and the receiver. However, hackers, government, or knowledgeable companies can turn on those microphones without our permission.
For example, Facebook can turn your smartphone’s microphone on when you use the app.
Who does need to hear private conversations?
I thought in the same way because of not being a famous or influential person. Who cares about what type of shoes do I like or what my horse ate at breakfast?
Of course, it is better when you think that everybody minds own business and does not invade privacy. You can be relaxed and enjoy your day.
Unfortunately, thanks to researchers and security technologists such as Bruce Schneier or Michael Bazzell, who writes about Open Source Intelligence techniques, computer crimes, and so on, it is known that devices send data over the Internet to third parties.
For example, the company Nuance turns the voice into text. Overall, it is a great thing if you do not exploit stolen data for harmful reasons.
What do I have in mind?
Did you hear about Dragon Professional software? You can write texts so fast because of the conversion from the voice to the text. Nuance produces them.
The same company gets the data from Samsung. Fortunately, I guess that after it was discovered, Samsung promises to erase all data. Other companies and government, too, save data. Do they erase that? Nope.
There is only a tiny bit of the big murky picture. Cars, fitness trackers, cell phones, surveillance appliances, drones can listen.
What is funny that famous privacy and security expert Bruce Schneier does not know which companies will protect users’ data and “which encryption programs NASA can’t break.
What is scary that according Schneier:
NASA doesn’t care about you or your customers, will burn you the moment it’s convenient to do so.We Have Root, Bruce Schneier, 102
How to protect ourselves from spying on us?
There is no fun when some agencies such as NASA can see and learn about companies or individual citizens’ activities, habits, etc.
You would ask, who cares? However, if you have a company and want to keep your secrets to yourself and not for your competitors or somebody who does not wish you good, it is better to prevent yourselves from using some measures such as
- Do not be obvious; hide in the network using Tor. There is no fun to deal with Tor, a secure browser that helps you to stay anonymous.
- Communication encryption. Use security protocols such as TLS or IPSec.
- Use the new computer without the Internet when you need to work with essential documents. If you want to transfer a file, encrypt it on a secure computer and use a USB stick transferring files into the Internet computer.
- Be careful using commercial encryption software from large companies. Why? They can have backdoors for NASA. Open-source software is more difficult to reach compared with closed-source software.
- Choose symmetric cryptography over public-key cryptography. Prefer discrete-log-based systems over elliptic-curve systems
What does it mean to us?
We need to protect our privacy without the hope that somebody will take care of and provide a safe environment for our data.
There is no clear responsibility and accountability towards how our data collected and how it is used.
One thing that bothers me that search engines, social media use data without payback.
What does it mean?
It means that all these giants earn money from sponsors giving them search and other data from us. It is nothing new for everybody, I guess, how this system does work.
A few years ago, Google announced that it would include individual users’ names and photos in particular ads. It would be without consent from you. For example, if you positively rate a product, your friends would see this ad.
Overall, it is nothing new because knowing that mine or your various data is sold or shared between companies.
It was a simple example when I subscribed to Casey’s research report. After one day, I got seven emails from different companies that I never heard about them. Of course, I put them down the drain using the spam folder. However, who permitted them to share my email address?
Everywhere you search or scroll, you will see ads from previous research. Cookies follow you everywhere unless you use different tools that let you use the Internet without any trace.
Social media and search engines receive millions of dollars from sponsors for placed ads. What is it here for us? Zero.
For example, Google’s 2013 third-quarter profits were around 3 billion dollars.
According to the Bruce Schneier
You’re the product, and you’re being improved for their actual customers: their advertisers.We Have Root, 123
Smart devices online
You the word smart everywhere, especially when you buy new devices for your household, business, or just for leisure.
Cars are equipped with 20-40 computers. Medical equipment has the ability to track information about how does body functions.
Smart means that devices use the Internet to function and collect data. It does not mean that they listen to what you will have for breakfast or that type of bread you need to buy.
Devices collect data about user habits to improve service and to optimize experience now and in the future.
There are smartpens, dog collars, insulin pumps, modern pacemakers, smart coffee cups, beds, door locks, smart sensors for plants, smart toys, and so on.
It means that our habits and activities can be collected and used for various entities as they wish without our knowledge.
It is more such as the interaction between various Internet systems. For example, if somebody compromises your Amazon account, it can gain access to the Apple account, later to Google and Twitter accounts. It happened to reporter Mat Honan.
Individual systems can be fine, but they become vulnerable when used in conjunction with each other.
Do you like that?
Most people do not recognize a danger that lurks in simple habits, but it can lead to consequences. For example, a person who smokes can be denied some of the health coverage. A person who has health problems and uses a particular type of medicine can be targeted by those who want to remove somebody from the path.
You would wonder how somebody would know about that? Do not be afraid of old-time spies. Nobody would bother to check your activities when devices can do it in more efficient and cheaper ways. Algorithms from search engines and various devices connected to the Internet do their job consistently, 24 hours.
When our habits and preferences are widely known, it may be used to take advantage of or harm us.
How to protect privacy online?
First, look around what you have in your household and what type of devices you use for the Internet.
Decide what is most important to you, and step by step, use the best tactics to protect your data.
Steps on how to be safe on the Internet
There are steps how to be safe on the Internet
- Use a private window. In Google, it is called an incognito window. This search protects you from cookies that follow you everywhere on the Internet.
- Clear browsing history.
- Avoid sites that track your behavior and activities. For example, posts on Facebook can ignite curiosity when you tell friends about a future trip.
- Use a search engine that does not track you, such as DuckDuckGo.
- Stay away from public Wi-Fi. Instead, you can use your phone as a mobile hotspot and create a password for it.
- Use a VPN (a virtual private network). When you install a VPN, it directs all traffic through its server.
- Encrypt data on both ends(end-to-end encryption).
- Use different passwords and password managers. I have LastPass, and overall it works without faults. However, the main passwords I remember by myself. Paranoid, maybe.
- Use encryption for emails.
- Check non-US email service providers. Neomailbox is pretty expensive, but Mailfence does offer free service till you reach certain limits.
- Using phone, lock it after activities on that.
- Encrypt text messages. Use apps that do not store files on servers, such as cyber Dust. It requires new updates such as 14.2 on the iPhone.
- For calls, use encryption apps such as Cellcrypt, Ostel, Secure Call.
- Stay away from public phones.
- Use prepaid phones. Encrypt that and try do not to disclose important information.
- Avoid free apps that can leak data.
Computers and phones
- Use passwords, different and tricky ones, and save them using password managers such as 1Password, LastPass, Keeper, Dashlane, RoboForm, McAfee, or Password Boss.
- Cover the camera with sticky tape if you do not want somebody would record you. Do you remember the movie Snowden by Oliver Stone, when the main actor was surprised how you can easily spy on people using a phone or computer camera?
- Update every time of your devices. Usually, Apple informs about updates, or it works automatically.
- Use a wired network instead of Wi-Fi. You will have your own IP address if you use a router such as the NETGEAR business router or a similar device. You can set a VPN for your devices too. Besides using the wired network instead of Wi-Fi, you will reduce EMF influence on your body.
- Use DuckDuckGo search engine that does not track you
If you want to protect data without danger that somebody will take advantage of that, you can use air-gaped computer. I know it is a really funny name but the Internet it is a virtual thing that connects devices and people.
Disconnecting from the Internet lets you to be sure that nobody will sneak into your documents, projects, or just a simple virtual diary.
Using air-gapped computer
Bruce Schneier, a security guru who lectures on Public Policy at Harvard Kennedy School, is a board member of the Electronic Frontier Foundation, the Tor Project, and AccessNow, advises on how to use tools staying safe from sneaky organizations, hackers, and everybody who thinks he or she has a right to peak into your business.
What is air-gap?
The air-gapped computer does not connect to the Internet. You can do what you want except sharing documents or using the Internet for various purposes. It means that nobody connects to you.
Everybody who is sensitive to hacking should use this method. Medical equipment, avionics, military networks, nuclear power controls, everywhere where safety depends on how it is protected can profit from computers’ air-gapped usage.
How to do that?
Bruce Schneier’s advise regarding air gapped computers:
- Buy computer off-the-shelf. Configure the computer anonymously as much as possible. Use a friends network to download what you need for a single session.
- For somebody who does not trust anybody, the purchase of two identical computers would a great way to have peace of mind. Configure one using the above-described method, upload the results to the anti-virus checker based on the cloud. After that, transfer results to the second computer, the so-called air gap machine.
- Disable all operating system services that you won’t need. Install the minimum software set that you need for your tasks. It can be enough to install TrueCrypt, a PDF reader, an OpenSource, and BleachBit.
- Never connect this particular computer to the Internet.
- If you need to install something new, download it anonymously from a random network, put it on removable media, and manually transfer it to the air gaped computer.
- Turn off all autorun features.
- Text files are best. Try to minimize the amount of executable code you move to an air gaped computer.
- Use a USB stick to move on and off files from an air gaped computer.
- CD or DVD is more safe compared with a USB stick. Why? Malware can quietly write data on a stick. It can not spin CD-R without noise. Besides, you can check manually how much data is on CD. If you can get a USB stick that lightens up when you write data on it, you are right.
- Use encryption for everything that you move on and off the air-gapped computer. Encrypt the computer too. The whole-disk encryption works best.
Bruce Schneier advises using the stateless operating system Tails. Outgoing and incoming connections move through Tor that protects privacy and does not let you spy on you.
This advice on how to use an air-gapped computer is to those who feel that somebody is after them. Usually, people do not care about somebody who peeks at them or gathers confidential information.
Phones and cellular towers
Cell towers are a great way to check out where do you go. Your husband or mother will not use it because it is complicated to get information from that. However, interested companies and organizations use towers to complete their mission: track you.
Do you know that devices can communicate with each other? They do it to look for the closest power signal source. This cooperation lets to analyze signals and learn where this or another person is located at a particular moment.
Drones can help to look for locations when agencies create with them fake cell towers. These towers can force a person’s device to search and lock onto NASA’s receiver without the user’s consent.
Drones fly many times around the area, checking signals and inferring distance. The NASA geolocation system is known by the code GILGAMESH.
These particular drones have attached devices that locate SIM cards or handset.
Of course, for now, it is no meaning to go after millions of human beings. In the future? Maybe. It depends on people how they are willing to protect their privacy.
Finding you through web connection
Our data is not safe, thanks to insecure Internet applications that leak information.
Many applications provide location transmitting IP addresses of the computer network.
SHENANIGANS is a platform that uses a pod on aircraft that takes enormous amounts of data from computers, smartphones, routers that are in a particular area.
When I read this information from the Bruce Schneier book We Have Root, I remembered the movie Spaceballs where the bad guy wanted to suck the planet’s air.
It is similar to the data that can be vital for us. Just food for the thought: if you have an idea and want to register a patent, it can lay down on the table of some unscrupulous guy or woman who is a competitor or want to take advantage of you.
Who watches you?
What is uncomfortable that algorithms, not people decide what to buy, how to behave. Google changes searches based on previous behavior.
UK spy agency GHCQ collected millions of webcam images from Yahoo users. Algorithms do that, not people.
From one side, it would be as the play, but when algorithms decide credit score, how you will be met at the airport, how drones do surveillance based on algorithms, it is becoming a creepy business.
The information is the best way to create a successful business, to earn money in various ways. Companies and agencies do it without our knowledge. It does matter do we like it or not.
Protecting data from hackers and spies who want to become rich using our information helps avoid headaches.
Using the above-described methods, you will become an unwanted person to deal with unless you are an important figure in a particular area.
Safe browsers such as DuckDuckGo, Tor, VPN, encrypted email services, limited technologies in your house, and devices can help to stay away from intruders who year after year become smarter.