We have seen such great advances in technology in the past couple of decades. Nearly everyone nowadays has a camera, a GPS navigation device, and a telephone inside their pocket. Now this marvelous technological advancement is spreading beyond our pockets and into our homes.
I’ve had a decade long career in the technology field, and even though I see the modern conveniences I’m missing out on every time I visit friends and family, I’d like to share why my work experience won’t let me have internet-connected devices (some of which are constantly listening to conversations) in a place I consider a sanctuary.
I get to see some of this tech in action at the home of a close friend who uses it to do everything from seeing who’s at their front door from the internet-connected device in their bedroom, to operating their home’s lights while comfortably plopped on their sofa. On a recent visit, their smart speaker activated when someone accidentally uttered the magic words, and my friend deactivated the device by saying “stop listening”. In that moment I realized how well these devices have been designed to blend seamlessly into our lives, so that we forget they’re even there, but would no longer be able to picture our lives without them. However, I’d like to try and paint a different picture for you with some reasons why utilizing these smart home devices could prove to be a not-so-smart choice.
Always On Microphones
As I mentioned above, these smart devices are always listening. Which means they are always recording. These recordings are immediately spirited away to a data warehouse where they’re analyzed and tagged in a million different ways. Companies will tell you that this is necessary so that they can do research and development, keep making the product better, smarter. Oh, but don’t worry though, because the data is anonymized.
Anonymized or not, as a tech employee, I know that someone has to have access to the raw data as it comes into their facilities. This is because should anything break, they have to be able to fix it. Now, the chances that this person will know you personally, and be interested in what you have to say in the privacy of your home, are very slim. But there’s a reason why we don’t dial a random number on our phones and set it aside so that the person on the other end can hear our conversations, right?
Data Governance
This is a system that’s put in place to control who has access to certain pieces of data. Corporations are the most likely to have these systems in place because of the amount of planning and resources that goes into setting them up and maintaining them. Startups are less likely to have these systems in place because of the limited resources available to them, also because they’re completely focused on launching their main product. Even if the system is in place, it doesn’t eliminate the possibility of an unscrupulous employee obtaining access to this data. It could be as simple as a coworker temporarily entering their credentials for another coworker so that they can complete an assigned task. This typically happens during training, but it could also be the result of laziness (we are human after all), or implicit trust. It could also be the result of a sophisticated social engineering hack, which could have dire consequences, since these types of intrusions are much harder to detect.
Bad Software
We’re humans, and humans make mistakes. I have had my fair share of software releases with serious flaws. The more tenured you are, the more you learn to mitigate the effects of a bad release, but you can never truly eliminate the chances that something will go wrong. Sometimes we (Software Engineers) can’t even test the effects of a software change we need to make before releasing it. So we have no choice but to pull the trigger and hope for the best.
This is why it’s possible to make something as simple as a microwave completely inoperable. Someone either hasn’t had their morning coffee yet, or they’re having a bad day and aren’t as focused as they should be; whatever the case, mistakes happen. Choosing “dumb” home appliances will save you from these situations.
Hack(s)
While most of the recent hacks we’ve heard of in the news have focused on holding data hostage for a ransom, there continue to be instances of hackers illegally obtaining data, especially personally identifiable information (aka PII). Conscientious entities will go through the trouble of only storing and encrypting PII they absolutely need for their operations. Unfortunately, a lot of companies either don’t do this, or they use an encryption mechanism that at some point becomes outdated, eventually making them decryptable by a determined enough hacker.
Voice recordings made by smart devices could offer a potential gold mine of information which would be much harder to protect. Speech recognition has gotten to the point where conversations could be transcribed in real time. A hacker could conceivably transcribe recordings, and database the text. From there, it’s a rather simple matter of searching for credit card numbers, or using a machine learning algorithm to sniff out any PII that could be used for nefarious purposes. To the best of my knowledge, this hasn’t actually occurred out in the wild, but the basic building blocks are there.
Pattern Recognition
Another scary possibility could be the use of metadata to provide a completely invisible form of home surveillance. Metadata, or data made about some specific piece of data (think time, date, size of data, etc), can easily be an afterthought at most tech companies. It’s not often considered as useful as the data it’s about, but in vast quantities, it could paint an elaborate picture. Say you have a smart lock for your home, and all someone is able to obtain are the times it has been unlocked. A pattern could be discovered from this simple data to determine the most likely times of the day you may or may not be home.
A less nefarious implication of the potential use for this data could be companies hyper focusing the ads they serve you throughout the day. A Dunkin’ Donuts alert as soon as you lock your front door in the morning, and a Papa John’s notification when you arrive home later than usual. Tech companies have to figure out how to profit from all these devices and services after all, and advertisers are more than willing to pay for what they’re truly selling.
Much like the modern car with its constant march towards technology and electrification, I realize that we may find ourselves in a future where we won’t be able to find any products that aren’t internet-connected in some way. Some even argue that our climate future depends on it. I think the industry still has a lot of issues to resolve before we even consider that possibility, and consumers need to be given absolute control over the devices they do decide to bring into their homes. Someone halfway across the world shouldn’t be able to damage your appliances, and it shouldn’t require technical experience to learn how to prevent this from happening.
If our cell phones start acting up because of software updates, we can easily replace it with a new one. The same can’t be said for your home or your appliances.
Leave a Reply