Connect with us

Real Estate Technology

Smart homes spy on you, here’s how to spy back

(TECHNOLOGY) Wow surprise, smart homes spy on you constantly. Here’s why it matters, and how to spy back.

Published

on

smart homes

We’ve long talked about the risks and rewards of technology, especially IoT devices in the home. For every cool gadget, there’s a chance your information will get hacked or tracked.

Last year, Congress thought it would be fun to give Internet Service Providers (ISPs) power to spy on customer internet usage data and sell it. Which means your ISP can see all the data from your smart devices and profit from selling you out to third parties.

Some folks at Gizmodo decided to conduct an experiment to see how much data can be tracked from smart homes.

Back in December, Gizmodo senior reporter Kashmir Hill set up just about every smart device imaginable in her apartment including an Amazon Echo, smart TV, smart lights, toothbrushes, baby monitor, and even a mattress.

Hill’s colleague Surya Mattu, Gizmodo data reporter, configured a router to track the device’s network activity and give the duo the same view as Hill’s ISP.

They found that since the router’s installation in early December 2017, there was not a single day without activity from the router.

At least once a day, at least one of the smart devices sent data packets to the ISP, manufacturer, or third parties. If Hill told the living room to turn on the lights, Phillips got alerted. If the family watched something on Hulu, the smart TV sent information to data brokers.

Every action could be (and in most cases was) tracked and recorded, creating a vast data set about Hill’s daily routines and schedules.

Routine tracking may seem mundane since right now most of the data isn’t being used, just monitored and recorded. However, this data may have more impact in the future.

We already have car insurance companies that offer discounts for safe driving if you use their driving monitors. Cybersecurity expert David Choffnes points out we’re not too far from a world where smart toothbrushes may connect to dental insurance rates and discounts. We’ve explored how smart watches and even browser history could impact your health insurance rates and insurability. Right now it’s all theoretical, but the bones are there to create a tech-inspired Frankenstein.

Plus, it’s inherently creepy to think that an ISP could deduce your family’s schedule based on use of smart devices.

So how can you spy back to see what kind of data is being reported?

Well, for starters you’ll need to have some computer knowledge. Or a pal who is willing to help you out in your endeavor to be a smart home spy.

For the Gizmodo experiment, Mattu built a customized router using a Raspberry Pi 3, which is a tiny computer you can custom program. If you want to replicate their test, these run around $35 for a single board.

Fortunately, the Raspberry Pi 3 comes with built in wifi hardware so it should be fairly easy to configure it as a router if you already know how to use one.

Once connected to the internet and set up as a wifi router, you’ll add the script to monitor network traffic. For this part, you need an understanding of Git and Github.

Next, set up a server so you can store traffic. Mattu and Hill used Amazon Web Services, but you can use your own server if you want. They also crafted a front-end interface to analyze the data.

Note the times when you connect and use the devices for easier analysis. If you want more details about setting up your very own smart home data traffic monitoring router, check out their article.

Some of the information collected from the devices may seem trivial. After all, what does it really matter if Philips knows what time you get up in the morning? Hill noted the data being sent is “basic, boring, information, but revealing information about how we live our life.”

This data could start to matter if companies and ISPs use your information control how you use their devices and how products are sold to you.

TV watching data is already being sold to data brokers. It’s just a matter of time before your sleep score from a smart mattress gets reported to your health insurance to determine coverage or something equally Big Brother-like.

Smart homes are predicted to be a $27 billion market by 2021, with an unprecedented number of new devices in our homes. Before rushing out to get the latest smart device, make sure you’re fully aware of what data you may be inadvertently sharing with companies.

Check out different products’ privacy policies before buying to make sure you’re cool with what information the device will be sending. And if you don’t want your ISP to know how often you make lattes, maybe opt for a coffee maker that isn’t wifi-enabled.

Lindsay is an editor for The American Genius with a Communication Studies degree and English minor from Southwestern University. Lindsay is interested in social interactions across and through various media, particularly television, and will gladly hyper-analyze cartoons and comics with anyone, cats included.

Real Estate Technology

Google’s creepy new patent to watch your every move at home

(TECHNOLOGY) This new patent confirms that Google’s technology is as creepy as you suspected…

Published

on

google patent

As if we needed another reason to squirm, it’s been revealed that Google has just applied for patents on devices that would place sensors and cameras in every room of your home. Why? To watch and analyze your every move, of course! EWW.

Some of you out there with the tape over your laptop cameras might be going, “Duh, dummy. I told you so,” but for the others of you who have welcomed smart home devices into your humble abodes, well, we’re telling you now. You probably won’t listen because even your toddler’s addicted to making demands of the Alexa and Siri, but better late than never?

So here’s the skinny:

Using the excuse of “all the better to send you targeted ads, my dear” Google has filed a patent that would allow the company to mount sensors and cameras in our homes which would be attached to smart devices we already use.

The patent states that Google can “use smart-devices to monitor activities within a smart-device environment, report on these activities, and/or provide smart-device control based upon these activities.”

For example, if you’re wandering around your house wearing a Game of Thrones t-shirt, the sensors could capture this image and report it back to Google who would then start sending you targeted ads for the upcoming final season.

No, Google isn’t reading your mind, they’re reading your shirt because they can see you and now they know you’re amped to see who wins and more susceptible to ads.

If this doesn’t creep you out, it should because it’s just the tip of the iceberg. Google can also hear you – your conversations of an intimate nature, your crying jags, your fits of laughter. All of it. And what do they do with it? They sell your information to the highest bidder.

What’s more, the information they gather is for Google to use however they see fit and if you’re wondering “how the hell is this legal?” wonder no further, it is. There are no laws keeping them from peeping.

And just how are they planning on doing this, you ask? Well, the patent was awarded to the development team associated with Nest thermostats. So, maybe you want to rethink that smart thermostat and cool and heat your house the old-fashioned way.

Look, we’ve already given up our privacy. Facebook and Instagram track our every move, Alexa is listening to us, and way too many people in tech have tape over their laptop cameras for us to be surprised by this overture. As sure as winter, it was coming.

However, we may balk and say, “Well, this is a bridge too far!” and it is, but it’s too late. We did this to ourselves when we unwittingly invited them into our homes. Did you really think these corporations had your best interests in mind? 

Remember, if the product is free, you are the product. 

Continue Reading

Real Estate Technology

Throw a smart bulb away, give out your passwords

(TECH NEWS) It turns out that Internet of Things, like smart bulbs in homes, are not secure and give up your info – here are some security tips.

Published

on

smart bulbs

Most of us know that we need to protect our computers from hacking, identity theft, and other security hazards. But now that more and more everyday items in our households – from light bulbs to washing machines to baby monitors – are connected to the internet, we need to make sure that these items are secured as well. Because they’re not.

Unfortunately, Internet of Things (IoT) devices are notoriously unsecure, and a troubling investigation by hacker, Limited Result, reveals that some IoT devices are not only potential targets when connected to your home internet network, but could even pose a security threat after you’ve thrown them in the garbage.

Limited Results investigated several budget smart lightbulbs and found that many of them have no security features protecting the information held on the microchips inside the bulb.

Some lightbulbs could be taken apart, and the chips removed and hacked to reveal unencrypted data, including the Wifi password for the network to which it had formerly been connected.

“Seriously, 90 percent of IoT devices are developed without security in mind. It is just a disaster,” Limited Results told TechCrunch.

There were other safety issues beyond the security of personal data. Limited Results also found that inexpensive smart lightbulbs were so cheaply-made and poorly insulated that they posed a serious risk of electrical fire.

So how can you make sure your IoT devices are secure?

For starters, don’t just go for the cheapest version available. Although there’s no guarantee that the top dollar devices are secure either, be mindful of installing smart devices outside of your home. For example, you may want to sacrifice being able to tell Alexa to turn on your porch lights. Dispose of smart light bulbs carefully, and don’t donate them to second hand stores.

Another option is to create a subnetwork or guest network for your connected devices. And as always, make sure everything is password protected and change your password often. Especially your wifi passwords.

The conveniences of IoT devices need to be weighed against the potential security risks, at least until IoT manufacturers create regulations and standards for security.

Continue Reading

Real Estate Technology

These password managers protect you and your clients’ info

(TECH NEWS) Identity theft is nothing new, but what are you doing to protect yourself and your business? Have you considered these simple password managers?

Published

on

lastpass password managers

Online safety is often discussed after data breaches, hacking scares, and identity theft, but it shouldn’t take an event of this magnitude to get you thinking about your online safety.

Passwords are used for everything; from email to doorways, banking to business terminals, entering passwords has become so common, we hardly ever give it a second thought, but we should. Every single time you get online, people are lurking, waiting to hijack your accounts and steal not only your money, but your reputation and access to your personal information.

The first thing most people tell you to do when your account seems to be compromised is “change your password.”

In essence, this is meant to foil hackers and re-secure your account, but if your password isn’t “strong,” this option won’t work for long.

“Strong” passwords consist of a random mix of numbers alongside upper and lowercase letters (and oftentimes symbols as well). However, coming up with something that meets this criteria, but is also fairy memorable is a pain for one site, not to mention for the 20-30 sites we regularly access. Before you use the same password on multiple sites (which is a HUGE no-no), consider online password generators.

Online password generators are magical devices that generate one of these complex passwords for you.

You can set the parameters such as length of password, upper/lowercase letters, symbols, numbers, and even ambiguous letters. A few reliable generators you can try:

Once you’ve generated your password, you’re going to have to remember it and every other password you create.

Impossible you say? Well, you’re right. With as many sites as we regularly access, remembering all our passwords is darn near impossible without help. Writing them down in a day planner is fairly common, but not exactly 100 percent secure.

Instead, give password managers a chance. While all online repositories have some vulnerabilities, most modern storage sites are very secure.

Browsers like Firefox, Chrome, and even Internet Explorer offer to store your passwords for you. Sure, it’s convenient, but is it secure? Most tech experts say no.

Sean Cassidy, chief technology officer of Defence Storm, states, “Browser-based password manager extensions should no longer be used because they are fundamentally risky and have the potential to have all of your credentials stolen without your knowledge by a random malicious website you visit or by malicious advertising.”

What do these password managers do exactly?

Traditional password managers live in your computer and act like digital assistants, gatekeepers if you will, your first line of defense standing between your accounts and the hackers looking for access. The manager will fill in your vital information (login and password) when you arrive on a site, meaning, rather than remembering 40 different unique site passwords, you’ll only need to remember the master password for your chosen password manager.

While there are several reliable managers on the market, there are three that have emerged as most popular:

All of these managers have the ability to safely store and recall your passwords and login information. You simply need to remember your single master password to log into the manager site you’ve selected.

Password managers are so heavily encrypted, storing your information is considered safe, but keep in mind everything you do online comes with a risk. I do not believe any site is completely hack-proof, however, a password manager is another line of defense against hacking and with their use of top-level encryption, it makes hacking a little bit harder and that’s exactly what you want.

Regardless of whether you choose to use a password generator or manager (or both), one thing is crystal clear: online data safety is of paramount importance. Keep your data safe, starting with using a strong password and a different strong password for each site.

Keep your personal information safe, and more importantly, safeguard your clients’ data.

This story was first published June 2017.

Continue Reading
Advertisement

Our Parnters

Get The Daily Intel
in your inbox

Subscribe and get news and EXCLUSIVE content to your email inbox!

Emerging Stories

Get The Real Daily
in your inbox

subscribe and get news and EXCLUSIVE content to your email inbox