For me, the
most shocking revelations to come out of Wikileaks’ release of classified CIA
documents rWikileaks’ release of classified CIA documents relating to the
agency’s spying activities has been how the alleged vector of attack has
changed to targeting consumer electronic devices.
Whether it
is iPhones, Android devices or Samsung Smart TVs, the spy agency has clearly
seen the opportunities provided by the often paper-thin security of many of
today’s IoT-connected, smart gadgets.
Whereas in
the cold war era, agents would, we are told, sneak into hotel rooms and offices
undercover, in order to plant bugs and monitoring devices, today there is no
need. The connected world offers them ready-built conduits into our homes and
vehicles. And judging by the arsenal of hacking tools the CIA has been revealed
to have at its disposal, manufacturers’ attempts to secure our privacy have
been at best incompetent, and at worst, collaborative.
Of course,
the documents, so far, do not go into a great deal of depth about how widely
these intrusive technologies have been deployed. In other words, we know what
they can do, but very little about what they have actually done.
The best
case scenario is that these tools all represent technology that has been
deployed legally – that is, used when security services have, through the
correct channels, established there is a situation which requires them to take
action to protect the public.
But the
potential implications go far wider. These tools haven’t all been developed by
the CIA themselves – in fact a substantial portion of the leaked information
relates to a catalog of software and utilities that have been “collected”.
No-one knows who they have been collected from. But what it does show is that
the CIA has been aware for some time that the devices we are increasingly
filling our homes with are not safe. And rather than act to help manufacturers
and software developers shore up those vulnerabilities, they researched how
they could best be exploited.
It’s scary,
because there is certainly a lack of understanding about how thoroughly
sensors, scanners and cameras cover our lives, and just how powerful, in theory
(and it seems practice) their potential for surveillance is.
The problem
might be that it’s simply too big a concern for most people to worry about – we
know we aren’t going to sacrifice our smartphones and Internet-enabled TVs, and
in coming years we’re probably be buying swarms of autonomous cars and IoT home
entertainment and utility devices. Most of us probably rely on the fact that
there’s nothing in particular of interest about us for someone to want to spy
on us in the first place.
But this
complacency – though understandable – is based on the flawed assumption that
whoever has this power – be it the CIA, partner agencies they work with, or
anyone who has got access to the same tools – will always be working in our
best interests. History tells us that this will far from always be the case,
and the CIA actions at the base of this week’s revelations again make that
point.
Thanks to
Snowden of course, we’ve known for years that intelligence services are engaged
in mass-surveillance of the public. These leaks show just how far reaching
their capabilities have become, when it comes to extracting data about our
lives. And when you consider how this data could be used, together with cutting
edge analytics and machine learning – , it goes beyond even what George Orwell
imagined in 1984. At least his hidden cameras had to be monitored by humans to
determine who should be accused of facecrime or thoughtcrime.
Some have
sought to downplay the implications of the leaks – suggesting that it has long
been known that security services are capable of accessing personal devices and
turning them into surveillance tools. This is true – but in my opinion comes
dangerously close to “normalizing” the idea that we should accept intrusion
into our personal and private lives. Again, the scary implication is not
necessarily what the US government is doing now, but what a future
government or even a private entity, in
the US or elsewhere, could potentially do tomorrow.
On the other
hand, hopefully this will act as a wake-up call. It’s certainly true that
Snowden’s 2013 revelations sparked a wave of interest and awareness in
encryption – to the point that it became enabled by default in Whatsapp, the
world’s most popular messaging application. The installed userbase of the
“secure” messaging app Signal also have also soared. This reassures me that an
ever-growing number of people are becoming aware of privacy issues, and willing
to take basic steps to safeguard their data.
What’s
needed now is for continued demand from citizens that their governments and
security services put their interests first – and that means protecting their
rights to privacy and ensuring that these powerful and invasive tools are only
used when public safety is at stake.
Written by Bernard Marr for
Forbes
Source:
Forbes
No comments:
Post a Comment