ISSUES

Are Your Home Devices a Security Risk?

If companies like Amazon, Google, or Facebook fail to provide adequate protections, they could face lawsuits and government crackdowns over their technology

Alexa, Google Home, and Apple's Homepod are the convenient smart speakers that do our bidding within our homes, but who has access to the data we provide? Concerns over surveillance and data breaches have generated alarm over the amount of personal information we store in home technology, including our location, our home layout, and our voice. Such wariness is understandable, with Google Home Mini initially listening to its owners in the bathroom and uploading the data to Google's servers. After it was exposed as a glitch, the fault was quickly corrected, but the tech's capability of listening in when deactivated is proven.

However, Jake Williams, founder and president of cybersecurity firm Rendition Infoseek, says the average user isn't likely to be targeted by hackers. "Would-be attackers] don't care what you're talking about at home, they're looking to monetize data." He adds, "The level of effort to do it is too high in the vast majority of cases. Your average American just isn't that interesting."

In order to steal data from a home device, a would-be hacker would need "undetectable audio commands, eavesdropping software and targeting devices connected on a network." Since home tech doesn't store information as sensitive as credit card information, social security numbers, or passwords, it's simply not worth the effort. Of course, there are exceptions, as hackers could opt to target individuals in order to extort ransom payments for the data, but these instances are unlikely and rare.

Of greater concern is a massive data breach at one of the company clouds where customers' information is stored. While individual users can set up two-factor authentication and limit the number of external services they link to their home devices, once the information is collected and stored it's up to the company to provide protection. If companies like Amazon, Google, or Facebook fail to provide adequate protections, they could face lawsuits and government crackdowns over their technology, according to Bloomberg Law. Class action lawsuits, regulatory enforcement, and publicity damage could obviously harm company revenues if a data hack were not prevented.

Melissa Kern, piracy and information security law partner at FrostBrown Todd LLC,said, "If there is a security breach that results in unauthorized access to the personal data they have collected, whether due to a security flaw or not." As a result, Amazon and Google run product security tests to check for major flaws. Large tech companies also test the data transfer between personal devices and the cloud, in order to curb vulnerabilities to hacking.

Of course, there are steps consumers can take to protect their information. The straight forward protections include the smart user management. As consultants advise, "For those who are concerned that Google Bots are listening to everything you say, you might find some comfort in knowing that Google Home listens and even processes who is talking locally. It uploads information to the cloud when the wake word, 'OK, Google' or 'Hey, Google,' is spoken or when you long press the touch interface at the top of the device (except for Mini)." Google Home also has indicators that alert you when the device is listening in.

Ultimately, it's up to the consumer to make smart and secure choices with their data. Limiting how many devices are linked to private accounts is an easy but powerful first step. The data clouds hold all the information the device interprets, whether insignificant, unintentional, or highly sensitive.

Meg Hanson is a Brooklyn-based writer, teacher, and jaywalker. Find Meg at her website and on Twitter @megsoyung.

TECHNOLOGY

How Safe are Your Passwords?

Is it even worth changing your password?

As threats to personal cybersecurity become more and more acute, many websites have created mandatory password update policies, forcing users to switch their login info every few months. This is true of most universities and certain brands of operating systems–Microsoft is notorious for regular prompting password changes. The theory as to how this helps keep you secure is simple. By regularly changing your passwords, you limit the amount of time other people who've stolen your password can access your account. Unfortunately, there does not seem to be much evidence that repeatedly changing your passwords actually works to make your accounts more secure.

Keep reading... Show less
TECHNOLOGY

GPS trackers for kids must focus on security

Do the benefits of knowing a child’s location outweigh the risks of giving that information to hackers?

For busy, working parents, parents of children who take public transportation to school, parents of children with special needs and parents who simply want to know where their children are in case of emergencies, more and more GPS devices promise to track a child's location and broadcast it to the parents' phones. These watches, wristbands and phone-sized devices are immediately attractive to a worried parent. Many offer features beyond tracking, including communication, distress signals, augmented reality, water sensing and more. What parent doesn't want to better protect the children by keeping them away from dangerous places and situations?

Keep reading... Show less