Archives April 2017

“What’s on your mind?” It’s the friendly Facebook question which lets you share how you’re feeling. It’s also the question that unlocks the details of your life and helps turn your thoughts into profits.

Facebook has the ability to track much of your browsing history, even when you’re not logged on, and even if you aren’t a member of the social network at all. This is one of the methods used to deliver targeted advertising and ‘news’ to your Facebook feed. This is why you are unlikely to see anything that challenges your world view.

This feedback loop is fuelling the rise and power of ‘fake news’. “We’re seeing news that’s tailored ever more tightly towards those kinds of things that people will click on, and will share, rather than things that perhaps are necessarily good for them”, says one Media Analyst.

This information grants huge power to those with access to it. Republican Party strategist Patrick Ruffini says, “What it does give us is much greater level of certainty and granularity and precision down to the individual voter, down to the individual precinct about how things are going to go”. Resultantly, former Facebook journalist, Adam Schrader thinks that there’s “a legitimate argument to this that Facebook influenced the election, the United States Election results.

Children refusing to put down their phones is a common flashpoint in many homes, with a third of British children aged 12 to 15 admitting they do not have a good balance between screen time and other activities.

But in the US, the problem has become so severe for some families that children as young as 13 are being treated for digital technology addiction.

One ‘smartphone rehab’ centre near Seattle has started offering residential “intensive recovery programs” for teenagers who have trouble controlling their use of electronic devices.

The Restart Life Centre says parents have been asking it to offer courses of treatment to their children for more than eight years.

Hilarie Cash, the Centre’s founder, told Sky News smartphones, tablets and other mobile devices can be so stimulating and entertaining that they “override all those natural instincts that children actually have for movement and exploration and social interaction”.

Child psychotherapist Julie Lynn Evans, who has worked with hospitals, schools and families for 25 years, said her workload has significantly increased since the use of smartphones became widespread among young people.

“It’s a simplistic view, but I think it is the ubiquity of broadband and smartphones that has changed the pace and the power and the drama of mental illness in young people,” she told The Telegraph.

A ComRes poll of more than 1,000 parents of children aged under 18, published in September 2015, found 47 per cent of parents said they thought their children spent too much time in front of screens, with 43 per cent saying this amounts to an emotional dependency.”

… or a dream come true for those in power. And those in power are the same entities pushing IoT technologies.

A little background reading about JTRIG from the Snowden documents is helpful. It’s the modern-day equivalent of the Zersetzung—the special unit of the Stasi that was used to attack, repress and sabotage political opponents. A power greatly expanded with a society driven by IoT.

Full article from Daily Dot:

“In 2014, security guru Bruce Schneier said, “Surveillance is the business model of the Internet. We build systems that spy on people in exchange for services. Corporations call it marketing.” The abstract and novel nature of these services tends to obscure our true relationship to companies like Facebook or Google. As the old saying goes, if you don’t pay for a product, you are the product.

But what happens when the Internet stops being just “that fiddly thing with a mouse” and becomes “the real world”? Surveillance becomes the business model of everything, as more and more companies look to turn the world into a collection of data points.

If we truly understood the bargain we were making when we give up our data for free or discounted services, would we still sign on the dotted line (or agree to the Terms and Conditions)? Would we still accept constant monitoring of our driving habits in exchange for potential insurance breaks, or allow our energy consumption to be uploaded into the cloud in exchange for “smart data” about it?

Nowhere is our ignorance of the trade-offs greater, or the consequences more worrisome, than our madcap rush to connect every toaster, fridge, car, and medical device to the Internet.

Welcome to the Internet of Things, what Schneier calls “the World Size Web,” already growing around you as we speak, which creates such a complete picture of our lives that Dr. Richard Tynan of Privacy International calls them “doppelgängers”—mirror images of ourselves built on constantly updated data. These doppelgängers live in the cloud, where they can easily be interrogated by intelligence agencies. Nicholas Weaver, a security researcher at University of California, Berkeley, points out that “Under the FISA Amendments Act 702 (aka PRISM), the NSA can directly ask Google for any data collected on a valid foreign intelligence target through Google’s Nest service, including a Nest Cam.” And that’s just one, legal way of questioning your digital doppelgänger; we’ve all heard enough stories about hacked cloud storage to be wary of trusting our entire lives to it.

 
But with the IoT, the potential goes beyond simple espionage, into outright sabotage. Imagine an enemy that can remotely disable the brakes in your car, or (even more subtly) give you food poisoning by hacking your fridge. That’s a new kind of power. “The surveillance, the interference, the manipulation … the full life cycle is the ultimate nightmare,” says Tynan.

The professional spies agree that the IoT changes the game. “‘Transformational’ is an overused word, but I do believe it properly applies to these technologies,” then CIA Director David Petraeus told a 2012 summit organized by the agency’s venture capital firm, In-Q-Tel, “particularly to their effect on clandestine tradecraft,” according to Wired.

Clandestine tradecraft is not about watching, but about interfering. Take, for example, the Joint Threat Research Intelligence Group (JTRIG), the dirty tricks division of GCHQ, the British intelligence agency. As the Snowden documents reveal, JTRIG wants to create “Cyber Magicians” who can “make something happen in the real…world,” including ruining business deals, intimidating activists, and sexual entrapment (“honeypots”). The documents show that JTRIG operatives will ignore international law to achieve their goals, which are not about fighting terrorism, but, in fact, targeting individuals who have not been charged with or convicted of any crime.

The Internet of Things “is a JTRIG wet dream,” says security researcher Rob Graham. But you don’t have to be a spy to take advantage of the IoT. Thanks to widespread security vulnerabilities in most IoT devices, almost anyone can take advantage of it. That means cops, spies, gangsters, anyone with the motivation and resources—but probably bored teenagers as well. “I can take any competent computer person and take them from zero to Junior Hacker 101 in a weekend,” says security researcher Dan Tentler. The security of most IoT devices—including home IoT, but also smart cities, power plants, gas pipelines, self-driving cars, and medical devices—is laughably bad. “The barrier to entry is not very tall,” he says, “especially when what’s being released to consumers is so trivial to get into.”

That makes the IoT vulnerable—our society vulnerable—to any criminal with a weekend to spend learning how to hack. “When we talk about vulnerabilities in computers…people are using a lot of rhetoric in the abstract,” says Privacy International’s Tynan. “What we really mean is, vulnerable to somebody. That somebody you’re vulnerable to is the real question.”

“They’re the ones with the power over you,” he added. That means intelligence agencies, sure, but really anyone with the time and motivation to learn how to hack. And, as Joshua Corman of I Am the Cavalry, a concerned group of security researchers, once put it, “There are as many motivations to hacking as there are motivations in the human condition. Hacking is a form of power.”

The authorities want that power; entities like JTRIG, the NSA, the FBI and the DOJ want to be able to not just surveil but also to disrupt, to sabotage, to interfere. Right now the Bureau wants to force Apple to create the ability to deliver backdoored software updates to iPhones, allowing law enforcement access to locally stored, encrypted data. Chris Soghoian, a technologist at the ACLU, tweeted, “If DOJ get what they want in this Apple case, imagine the surveillance assistance they’ll be able to force from Internet of Things companies.”

“The notion that there are legal checks and balances in place is a fiction,” Tynan says. “We need to rely more on technology to increase the hurdles required. For the likes of JTRIG to take the massive resources of the U.K. state and focus them on destroying certain individuals, potentially under flimsy pretenses—I just can’t understand the mentality of these people.”

Defending ourselves in this new, insecure world is difficult, perhaps impossible. “If you go on the Internet, it’s a free-for-all,” Tentler says. “Despite the fact that we have these three-letter agencies, they’re not here to help us; they’re not our friends. When the NSA and GCHQ learn from the bad guys and use those techniques on us, we should be worried.”

If the Internet is a free-for-all, and with the Internet of Things we’re putting the entire world on the Internet, what does that make us?

“Fish in a barrel?”