Sending an email message is like sending a postcard, says scientist Andy Yen in this thought-provoking talk: Anyone can read it. Yet encryption, the technology that protects the privacy of email communication, does exist. It’s just that until now it has been difficult to install and a hassle to use. Showing a demo of an email program he designed with colleagues at CERN, Yen argues that encryption can be made simple to the point of becoming the default option, providing true email privacy to all.
a glut of companies are lurking in the shadows of the Internet, gathering your data to sell it to anyone who’s willing to pay the price. These so-called “data brokers” can easily follow your digital trail by using your browser cookies and other ingenious tracking methods.
And it’s not just general statistics, demographics, or overall trends that they’re selling. Many data brokers sell dossiers on individuals, complete profiles that include your name and personal information, without your knowledge or consent. These dossiers can include sensitive information such as medical history, political and religious affiliations, and sexual orientation.
There are no regulations for companies such as these. If you want to keep your personal data private and not let anonymous companies bid over it, you have to take matters into your own hands to block their efforts.
As a parent Adam Sheffield says he worries about his Xbox Kinect being capable of spying on his family in their home, “It recognizes him when he enters the room and says “Hi.” The question a lot of people have, what’s that data being used for?”
Sheffield is a Cyber Security Program Manager and he says there is a good reason to be worried, “You should assume anything that can connect to internet – push info out, is a source of collection.”
And this applies to more than just gaming devices – computers, TV’s, cellphones – anything online. “When you download an app you give them permission to access phone book, camera, microphone. Could they go in and turn on your camera and microphone? They could. Are they? I am not quite sure.”
Experts say go into your privacy settings and make it as private as possible, but there’s no promise it’s fool proof. Make sure to change your password from the default and decide how many devices online you actually need.
“Develop a personal threshold with what you are comfortable sharing with. As for my son, we put a sticker over the camera unless he is using it. Not that we are paranoid or anything,” says Sheffield.
A new Barbie doll has been designed to record and store conversations it has with children. The recordings will be analyzed by researchers who say they will use the data to make the toy’s responses more complete.
“Whatever we come away with as our first blush attempt at the conversations, we’ll see what kids want to talk about or not. We’ll take our honest best guess at that and then see what comes back, and then that will change and evolve over time as those conversations happen between individual children and Barbie dolls,” Oren Jacob, CEO of ToyTalk said in a recent statement.
However, security experts have raised concerns about how else that information could be used.
“It wouldn’t take much for a malicious individual to intercept either the wi-fi communications from the phone or tablet, or connect to the doll over Bluetooth directly. These problems aren’t difficult to solve; the manufacturer needs to check the phone application carefully to make sure it’s secure. They also need to check that any information sent by the doll to their online systems is protected,” Ken Munro, a security researcher at Pen Test Partners said.
The company responded to these concerns with a statement, saying that:
“While we’re familiar with the Cayla doll and with what happened in terms of a privacy breach, Hello Barbie is fundamentally different on many levels. As with all of ToyTalk’s products–we started with apps for kids–online privacy and security is of utmost importance. That’s why we ask for parental consent and agreement to use their kids’ speech, anonymously, to add to our database in order to increase Barbie’s conversational capabilities. To address the issue of being able to intercept the wi-fi communications or connect Barbie via Bluetooth, all communications take place over a secured TLS (HTTPS) network and it’s not possible to connect her via Bluetooth. Further Barbie connects directly to ToyTalk servers–not via an outside app with local data stored on it. And no back doors are being added to the app, to further avoid access issues.”
The problem they are not addressing is that they will be recording the conversations of children. Children do not have a fully functioning filter to know what they should and should not be talking about to what is a stranger. They don’t know who will be listening to them or what is going to happen with those conversations.
Children also have a habit of telling their dolls, stuffed animals and figurines confidential stuff they do not wish to share with anyone else.
This is yet another example of surveillance microphones attempting to get their foot in the door to our homes. We already have to be leery of Xbox Kinect, Amazon Echo, Samsung Smart TV and everything else listed in the Internet of Things.