The Internet of Things (IoT) is increasingly well known in a world that is becoming more connected. The IoT is no longer a fleeting idea, but a very real phenomenon. Recent figures from Gartner predict there will be 4.9 billion connected things in use globally by the end of this year, with as many as 25 billion by 2020.
While it seems the majority are embracing the IoT, some have growing concerns over what it means for privacy and security. Conspiracy theorists are lining up to prove the IoT isnt the wonder it is made out to be.
But is this something businesses should be concerned about or has it been over exaggerated
However, the concerns were confidently dismissed. Samsung argued the TVs werent always listening and were on standby mode until activated by a pre-programmed phrase.
So logically speaking, how does the smart TV know it has heard a this phrase The microphone must be on for ambient sounds and phrases can be compared. We know the device can transmit data over the Internet – the issue here is whether or not data can be transmitted at the wrong time, to the wrong people.
So the question is: can we trust the encryption is done correctly, and nobody has stolen the keys Can we trust the third parties doing natural language processing havent been compromised
Conspiracy theories neednt be complex. Most people understand there is a potential threat when using a smart phone in a public place, but there is often an element of misunderstanding in this. For example, some believe that simply charging a device via a wall socket can result in stolen data the premise is there, but the understanding is skewed.
Similarly, recent online videos claimed that stickers affixed to mobile phone batteries were used for covert data collection and transmission, when in fact they are Near Field Communication (NFC) transmitters. Removing these stickers would render the device useless for apps using NFC.
One of the few scenarios where NFC could contribute to the compromising of data is if a device is in the vicinity of another user transmitting malicious code. This could then exploit known vulnerabilities in a document reader/browser, or even the operating system itself.
Privacy activists have argued that smart meters present opportunities for companies to collect detailed personal information such as the television they watch, the appliances they use, the websites they visit and their banking habits. These conspiracy theorists claim that smart meters are used as the ultimate spying tool, making the electrical grid and the utilities that run it the ultimate spies.
Often people do have the right intuition, without being technically accurate. Different appliances use different amounts of power and so when consumption is high, smart meters can identify which devices and appliances might be active.
Although this isnt the same as knowing what you’re watching on TV, it is understandable that people are wary of their privacy and want to make sure it isnt being infringed upon.
What is clear is that as the IoT expands, consumers and businesses alike are inevitably going to be more aware of what this means for privacy.
Technological advancements mean there are new unknowns and new conspiracy theories will no doubt arise. Businesses are right to be concerned about IoT security but once they fully understand how these technologies work, the effects on privacy and security can be accurately analysed.
Mike King is a supervisor at WhiteHat’s Threat Research Centre at WhiteHat Security.