Don't Trust Your Smart Devices

Don't Trust Your Smart Devices

Credit: Unitree Robotics

Smart devices like Amazon Echo, Google Home, and Amazon Ring have made the lives of millions of people more convenient, and to an extent safer. Unfortunately, the trade-off is their data is now at the hands of these corporations.

As convenient as home assistants are, they are dangerous to privacy and anonymity, and there aren’t a lot of ways to make them less privacy-invasive.

In this blog, we are going to discuss a few of the home assistant devices people use, and the different privacy flaws they all have.

Your Voice Matters to Amazon Alexa

The standard Amazon Alexa has about seven microphones in a circle that can detect sounds from every direction. These microphones are extremely sensitive and can detect sound or pressure changes below and above human hearing ranges. Due to the way these microphones are designed, they are always detecting sound, even if the mute button is on. The microphones on an Alexa device can still hear even if the device is blocked with a tape or a pillow.

Alexa will monitor everything you say and every sound. These smart devices are always listening for a wake word (“Hey, Alexa”). Once the wake word or phrase is said, Alexa will begin recording everything until it hears a pause. This audio file is sent to the Amazon cloud and is processed by an algorithm.

Amazon calls this your “dialogue history” and says that this data can improve your Alexa experience. Although you can review and delete these recordings, there is still a possibility that the transcripts of these recordings can still be saved on Amazon’s servers.

On top of your private data and conversations being at the hands of Amazon, Alexa could share your info with other parties. The operating system on an Alexa can share access to basic information that the owner provided when they first set up the device, such as log-in information, credit card details, and more.

If the Amazon account has been linked to a phone or other smart devices, the Alexa could also be linked to other storage that shares similar details – for example, a Google Drive account that is using the same Gmail account the Amazon account is using.

Neighborhood Watch with Amazon Ring

In 2020, it was estimated that nearly 400,000 people purchased a Ring unit. People purchasing these devices have the right idea – see who is at the door, and make sure they aren’t a threat to their home. Unfortunately, there are several concerns with privacy and anonymity that should not be ignored.

First and foremost, Ring footage is not private. It’s in the cloud. With a ring camera, Amazon employees have access to the same cloud server where personal footage is stored. In some cases, local police departments have partnerships with Ring, and they may send citizens requests asking them for footage from that Ring’s camera any time a crime occurs. Citizens who refuse to give up this footage can easily be overruled by a warrant; the local police can get one through a judge and Amazon without the person even knowing.

Amazon Ring devices are unique in that they can affect the privacy of people who do not even own them. People who choose not to install one or participate in the local surveillance network – an app called Neighbors, cannot opt-out. If a neighbor has a Ring camera, the unwilling participant cannot make them, Amazon or the police exclude footage of them from the recordings.

Added to the privacy concerns with Ring, there is an increased chance the local neighborhoods will be more paranoid and less willing to communicate with each other. Ring’s default setup is designed to alert someone anytime motion activation is triggered. Any time a delivery person, jogger, or dog walker passes by the phone buzzes. There’s no faster way to convince someone that their house is under siege and their neighborhood is crime-ridden than to be startled by every person that passes by.

Does Every Device Have to be “Smart”?

The Internet of Things (IoT) refers to the large number of “things” that are connected to the internet. This includes everything from smartphones, coffee makers, washing machines, smart microwaves, and more. IoT devices also apply to components of machines, like a jet engine on an airplane or the drill of an oil rig.

IoT technology can help cut costs and help eliminate time-consuming processes. The problem is with the advancement in technology and social media, personal data is easily available. With so many devices and accounts connected, hackers have a wide range of tools to break into a network and steal information.

Every smart device installed in someone’s home has access to the internet, and it gives hackers multiple options for an entry point. In many cases, the home network that is connected to these devices is not secure. Most, if not all these devices are controlled through a single smartphone, which makes a phone a valuable database for any hackers wanting to break in.

Wrapping Up – If You Have to Use Them, Protect Yourself!

The convenience of these smart devices makes it difficult to give up. If you find yourself unwilling to give up all the features smart devices have to offer, there are some important security changes you should make.

It is best to delete any history on these devices as often as you can, unless it affects the functionality of the device – like Wi-Fi on a smart bulb, for example. Since hardly any smart device will work properly without network connectivity, make sure the password to your home network is secure. Passwords need to be lengthy– anywhere between 12 and 16 characters should do. A secure password should include numbers and symbols, upper and lower-case characters.

Most of the apps that are included with these smart devices send personal and identifiable data to third-party trackers. These trackers are mostly used for analytics to help the app run better, but these trackers also receive info on things like what type of phone you are using or your IP address. Take the time to go through the privacy and security settings on all the apps you use. There will usually be options to remove tracking or access to a location. Unless these settings prevent the app from running smoothly, turn as many of these trackers off as you can.

Back to blog