Debunked: The top conspiracy theories surrounding the Internet of Things

The Internet of Things (IoT) is increasingly well known in a world that is becoming more connected. The IoT is no longer a fleeting idea, but a very real phenomenon. Recent figures from Gartner predict there will be 4.9 billion connected ‘things’ in use globally by the end of this year, with as many as 25 billion by 2020.

While it seems the majority are embracing the IoT, some have growing concerns over what it means for privacy and security. Conspiracy theorists are lining up to prove the IoT isn’t the wonder it is made out to be.

But is this something businesses should be concerned about or has it been over exaggerated?

Smart televisions

Samsung hit the headlines when its Smart TVs were accused of being too smart. The device’s privacy policy suggested that users shouldn’t discuss sensitive topics while the television was plugged in, as the information could be transmitted to a third party. Of course, this generated privacy concerns.

However, the concerns were confidently dismissed. Samsung argued the TVs weren’t always listening and were on ‘standby’ mode until activated by a pre-programmed phrase.

So logically speaking, how does the smart TV know it has heard a this phrase? The microphone must be on for ambient sounds and phrases can be compared. We know the device can transmit data over the Internet – the issue here is whether or not data can be transmitted at the wrong time, to the wrong people.

According to Samsung, its speech recognition technology can also recognise regional dialects and accents to enhance the user experience. To achieve this, smart television makers often employ third-party applications and servers to process the data received, though this is encrypted during transmission and not retained or for sale – at least according to the company’s privacy policy.

So the question is: can we trust the encryption is done correctly, and nobody has stolen the keys? Can we trust the third parties doing natural language processing haven’t been compromised?

Smart phones

Conspiracy theories needn’t be complex. Most people understand there is a potential threat when using a smart phone in a public place, but there is often an element of misunderstanding in this. For example, some believe that simply charging a device via a wall socket can result in stolen data – the premise is there, but the understanding is skewed.

Similarly, recent online videos claimed that stickers affixed to mobile phone batteries were used for covert data collection and transmission, when in fact they are Near Field Communication (NFC) transmitters. Removing these stickers would render the device useless for apps using NFC.

One of the few scenarios where NFC could contribute to the compromising of data is if a device is in the vicinity of another user transmitting malicious code. This could then exploit known vulnerabilities in a document reader/browser, or even the operating system itself.

Smart meters

Privacy activists have argued that smart meters present opportunities for companies to collect detailed personal information such as the television they watch, the appliances they use, the websites they visit and their banking habits. These conspiracy theorists claim that smart meters are used as the ultimate spying tool, making the electrical grid and the utilities that run it the ultimate spies.

Often people do have the right intuition, without being technically accurate. Different appliances use different amounts of power and so when consumption is high, smart meters can identify which devices and appliances might be active. 

Although this isn’t the same as knowing what you’re watching on TV, it is understandable that people are wary of their privacy and want to make sure it isn’t being infringed upon.

What is clear is that as the IoT expands, consumers and businesses alike are inevitably going to be more aware of what this means for privacy. 

Technological advancements mean there are new unknowns and new conspiracy theories will no doubt arise. Businesses are right to be concerned about IoT security but once they fully understand how these technologies work, the effects on privacy and security can be accurately analysed.

Mike King is a supervisor at WhiteHat’s Threat Research Centre at WhiteHat Security.

Share this story

Close
Menu
Send this to a friend