If Someone Can, They Will

Last modification on

People put their trust into pretty much everything. They trust that their phone isn't spying on them, that their Ring security system is only accessible by them, and that their Echo only hears them turn on their lights or their requests for the weather. These systems have more access into people's lives than they realize.

Phones are tracking devices. Even if you disable all the location features in your operating system, it is a tracking device. Your carrier knows where you are. Sure, they might not have exact coordinates because they don't have the precision of GPS, but they do know you're in a certain region next to other phones, phones they also have the location of. They'll see Bob, Andrew, and Craig are all in the same area and see that Bob's listed billing address is in that area. They'll have a pretty good idea where you are. Let's be real though. Almost no one disables that location data, so Google, Apple, and everyone else know exactly where you are at all times. It's even enough to link you to a crime even if you had nothing to do with it. The best way to get around this is by not carrying a cell phone. There are other reasons why cell phones are not to be used, but that is irrelevant to this post and will come at a later date.

Ring security systems give people warm feelings of assurance inside. Knowing you can check on your home from anywhere gives you thoughts that you have security. What if I told you that other people could access it? If something is accessible from "the cloud", then you can't guarantee you're the only one able to use it. Sure, those Ring incidents are probably due to poor account security (credential stuffing is mentioned in one article). They also introduce security holes into your network. These kinds of security systems can also be used to commit burglary. These articles also don't even mention the potential of a rogue employee of Amazon (or any other company providing this type of security system) accessing feeds of your home. They could use it to virtually stalk you by knowing what you do in your home in your most private moments. These types of things should be considered before you allow someone to put eyes and ears into your home even though they tell you "only you can access this".

Amazon also has had problems with their Echo line of smart speakers. Amazon employs people to listen to and transcribe your Alexa recordings. Sure at first glance, what's the big deal of someone listening to you say, "Alexa, what's the forecast?" However, Alexa doesn't just hear those requests. How many times have you just been talking with someone and then randomly Alexa or your other "smart" assistant will reply? That means you activated their wake up word and whatever you had been saying is now on Amazon's servers. That's really creepy. These devices also function by listening all the time. How else would they know you said "Alexa"? Sure they claim that it only records when you activate it, but there's no way of verifying this because the firmware is proprietary and hidden. You can't check the source code to verify it's doing what they say it is.

These are just examples of how you can't just trust that things are the way they appear. Amazon wants you to think you own the books you buy on Kindle or their other services. However, they can remove them at any time, like they've done in the past. If someone has the power to do something malicious, they will. Richard Stallman, the founder of the Free Software Movement, has stated that these companies are capable and willing to do these things with their DRM and proprietary software. He's been right every single time. When are we going to listen?

People also tend to trust "the cloud" implicitly. They have no qualms about uploading their data to Google's servers. They trust that Google will keep their data safe. What happens if Google dies tomorrow? Unlikely, but it's possible. What if their data centers suddenly burn down or someone gets into their network and wipes/encrypts their servers? You can't do anything about it because you gave up ownership of your data to them. There's also nothing stopping Google from going through your data. People upload their entire lives to Google through their products, including their search history, photos, and messages. Can you really trust "the cloud" (which is really just a buzzword for someone else's computer) when you don't own your data anymore? It's not just Google's cloud that is untrustworthy. I speak of every cloud that you don't control.

The US government continues its fight against cryptography. They claim that they will only allow "good guys" to access the backdoor they want to implement in encryption. However once a hole exists, it will be breached by unauthorized individuals. A malicious third party will find a way in. They also don't have any way to verify that the people they willingly give access to are "good guys". We can't even trust that the guys writing this are "good guys"! Also like Digital Restrictions Management (which uses encryption, so go ahead and backdoor DRM's encryption, NSA ;) ), if they implement it to "stop the bad guys", it will only hurt the innocent. People participating in criminal activity will not hesitate about using illegal encryption. Why would lawbreakers care about breaking this law? It's just like how DRM only hurts legitimate customers and doesn't stop unauthorized copying because people that want restriction-free copies will find a way.

Don't blindly trust companies will take care of you. They don't care. They only care about their profit. You need to use software (preferably copyfree) that respects your freedoms and lets you decide what you do with it. You shouldn't use software that enslaves you. You're worth more than that.

Note: If you are interested in learning more about switching to privacy-respecting alternatives to products you use, please email me.