“The Portable Voyeur” by Paul Myers — Reprinted from elsewhere, well worth reading

The following article is “The Portable Voyeur” by Paul Myers.

It first appeared in the August 26 2010 issues of his newsletter TalkBiz News. You can find out more about him and his newsletter at http://talkbiz.com/?page=2. I signed up for his newsletter a while back and have found a lot that was interesting and thought-provoking to read.

And yes, Paul Myers did expressly include permission in his newsletter to reprint this article.

~~~

“The Portable Voyeur”
===================

In the last issue, I put out the idea of looking at your
online networks and niches as “virtual neighborhoods.” Nothing
especially new in that concept, except that almost no-one in
the marketing field talks about them that way. That discussion
is mostly left to forum operators and social networking geeks.

In this issue, I want to talk about something closer to home.
Literally IN your home.

People spying on you using your own electronics.

Let’s start with the least intrusive, and work up to stuff you
may not believe is happening.

The last few are downright creepy.

….

There’s a thing called “IP geolocation,” which uses a database
of IPs (numbers locating your computer on the network) and
physical areas to show where a computer is located. There are a
bunch of these, and the accuracy can be anything from very
close to wildly off the mark. The good ones can narrow it down
to a few blocks, in most cases. Sometimes to a specific
building.

You can see this most often when you notice an ad on a site
that’s used by people all over the world, but mentions your
city by name. “[YourCity] mom discovers…” or “Man in
[Hometown] loses 47 pounds using…” That’s IP geolocation in
its mildest form.

Twitter has offered the option for a while to attach your IP
address  to a tweet, basically trying to tell people where you
are. You have to opt into that, though. It’s turned off by
default.

Facebook’s new “Places” settings options enable a more
advanced function by default. The idea is to make it easy for
your friends to know where you are. Unfortunately, it also
makes it easy for people you might not want to share your
location with to find you. Or know when you’re not home…

It’s easy to disable this option, if you know it’s there and
what it’s called. John Williams sent me a link to the
instructions. You can read those here:

http://lifehacker.com/5616395/how-to-disable-facebook-places

Why would this matter?

Well, maybe you don’t want your friends to know where you are
every minute that you’re online. Or maybe you don’t want
world+dog knowing when you’re not home. Or maybe you don’t want
your employer knowing you’re logging onto Facebook from work.
Or from the park when you called in sick.

Just how much info should be distributed about you
automatically?

But wait… There’s more!

….

There are applications on some portable devices and phones that
can transmit the data from a GPS system to other sites. This
can be used to pinpoint your exact address, and your location
to within a few feet.

That’s how the “Places” function on Facebook works. And, with
the default settings, your Facebook “friends” can “check you
in” if they’re with you. Handy, if you’re careful about who
your “friends” are, and who you allow to share the info. Given
the default settings, though, it’s an announcement to the world
every time you log in from a mobile device.

That can get into the realm of the dangerous. With it set to
“Friends of friends” able to view the info, you could be
broadcasting your location to burglars, stalkers, ex-
employees, your employer, or even just that annoying person
you’d rather not see right now.

Given recent comments from CEOs Mark Zuckerberg (Facebook –
“Privacy is dead”) and Eric Schmidt (Google – “If you have
something that you don´t want anyone to know, maybe you
shouldn’t be doing it in the first place”), there is every
reason to believe these services will be used as aggressively
as possible.

Both companies have said the comments were taken out of
context. That could be easily believed of Zuckerberg’s remark.
Schmidt’s is a bit less dismissable. None of that matters,
though, when you look at the way their firms actually treat
their users’ private data. Facebook set this option to “On” by
default. Google initially opted every Gmail user into their
social networking platform, Buzz, and created significant and
foreseeable problems for some users.

I’m pretty sure I don’t want those sorts of decisions made for
me without my knowledge or consent. How about you?

And it gets (potentially) much, much worse.

….

Apple has applied for a patent that has some deeply disturbing
implications: http://www.commondreams.org/view/2010/08/24-0

The summary: They want a patent on software that, in mobile
devices, would let them listen to your conversations and/or
take pictures of you or your surroundings, without any way for
you to know it’s happening. Just remotely activate those
functions, at their own discretion.

It would also let them monitor biometric data and all of your
online activities while using their devices.

Ostensibly, this would be developed for purposes of preventing
theft, or catching thieves. It’s even been suggested to me that
Apple may want the patent to keep the idea from being used by
others.

I don’t buy it. But that doesn’t really matter.

First, it’s nearly certain that, if this technology is
deployed and not made illegal for use by private citizens, it
will be abused. The theft-prevention rationale was offered, for
example, by the Lower Merion school district, in their program
giving laptops to every high-school student. “Only to enable
recovery in event of theft,” they said. That didn’t stop people
at the school from using it to spy on students in their homes.

Yeah. Really.

One kid was disciplined for “improper behavior” that occurred
at home, in his bedroom. The Vice-Principal used a photo taken
using the webcam in the laptop as his evidence. According to a
forensic analysis commissioned by the district, the school took
66,503 screenshots and photos using these systems. The school
admits these include pictures of the kids in their bedrooms.

If teachers will do that, what would a corporation do?

….

So, if you have one of these portable devices, where do you use
it? In what situations do you simply carry a cell phone, iPad
or other portable computing device? Do you want people able to
spy on you in all those places, at any time, without warning?

It’s been suggested to me that there is prior art that might
cause the USPTO to reject such a patent application, or be used
later to invalidate it if granted. That raises other
challenges. Specifically, anyone at all could include it in
their systems.

Google has a cell phone OS. Just how much do you want them to
add to their collection of data on you?

Then there’s the “social networking” phone, which is designed
specifically for use with Facebook and Twitter. Do you want
your kids to have one of those broadcasting their location to
the world at every moment the phone is on?

This isn’t science fiction, folks. We’re not getting into foil
fedora territory here. This stuff is real.

….

And then there are the outright criminals.

There is already malware code in the wild that lets remote
operators turn on the webcam on infected computers. That’s not
a big deal if you use a desktop machine and don’t keep one
connected, or disconnect it when you don’t intend to use it.

But what about the laptops and netbooks, and even some
monitors, that are sold with a camera and microphone installed
in the machine itself? The last two portables that I got have
them. Where do you, or your kids or employees, use laptops?

This isn’t especially difficult stuff to do. And the market
isn’t restricted to criminals. For instance, on the first
related search I did, I found someone asking how to remotely
activate the webcam on his wife’s laptop without her knowing.

Some of these devices come with GPS systems installed. Anyone
who can access those will know exactly where you are, what
you’re doing or discussing, and with whom.

Anyone want to market sound-proof phone carriers, with built-
in Faraday cages? A month ago, I would have considered that a
ridiculous idea. Now, I’m thinking it’s a niche.

….

Electronic security isn’t just about data protection any more,
folks. It’s gotten very personal, and it’s about to get more
so.

You can take steps to reduce your exposure to this kind of
invasion of privacy. First, make sure you have proper security
software on all your computers. That’s good policy anyway,
so that’s not too extreme.

With the social networking sites, it’s a matter of watching
your preferences. Also just common sense. And easy.

Don’t leave external webcams attached when they’re not in use,
if you have any objection to what you do in the same room with
them being seen by someone else. Using a USB hub makes
disconnecting them easy, and it’s a reasonable precaution, with
the amount of trojans running loose online.

With laptops and netbooks, just be aware that this stuff is
possible, and take whatever precautions you may feel are
appropriate. That might be nothing at all, for many of you. It
could mean turning the thing off when it’s not in active use.
Or putting tape over the camera lens. Or, if you have the need
or desire to be especially cautious, having a physical switch
installed to prevent remote activation of the camera or
microphone.

I can’t begin to guess what level of security will work for
you. Some people won’t consider it an issue at all, and they
may well be right. For them. For others, these are real
concerns. It’s getting very easy to install this kind of
monitoring code, and there are too many people with incentives
to do it. Employers, co-workers, competition, family members,
and various less savory types. Brings new meaning to the word
“spyware,” yes?

Make sure your kids are aware of the potential issues, too.

….

I’m told that law enforcement agencies have had the ability to
turn on cell phones remotely as listening devices for a while
now, with a proper warrant. I consider that a very different
thing than random strangers being able to access these kinds of
info at will.

As of this moment, I am not aware of this being a problem for
cell phones and similar portable devices. Just keep this in
mind, and pay attention for it.

Whether Apple gets that patent or not, it’s coming.

….

If it’s installed or used by any corporation, I have a
suggestion that seems appropriate: The top officers and all
members of the board(s) of directors should be required to
carry one of the devices with them at all times, with the audio
and video enabled 24/7, and streaming to the web for the whole
world to view.

Hey, if we don’t get to decide what we can keep private, why
should they?

….

The idea here isn’t to scare you, or create some sort of
conspiracy buzz. If that was the goal, I’d point you to an even
more extreme, and equally current, example of invasive
observation: http://talkbiz.com/r/iris.php

As you can see, this stuff is real. The technology exists right
now, and most of it is already in use. It may not pose much of
a threat to many of us, but it’s something to be aware of and
to watch out for.

Knowing it’s possible is 90% of the battle.

Be careful out there.

Paul

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s