It is no secret that Americans are incrementally losing their privacy rights. Advances in technology have made spying on citizens easier and cheaper than ever.
Have you ever stopped to think how the government and big corporations may be spying on you? These entities incorporate voluntary and involuntary methods of gathering data on individuals which can be used to erode your privacy. Let’s take a deeper look at some of the tactics used to invade personal privacy.
1. IMSI/IMEI/TMSI Catchers
What is an IMSI/IMEI/TMSI catcher? In plain English, it is an illegitimate device that masquerades as a cell phone tower and tricks mobile devices into connecting to it. Some US citizens believe that organizations such as the NSA utilize these types of devices to gather metadata – for instance, cell phone serial numbers on potential suspects. Mobile phone security is another topic altogether, but the catchers have been used by governments and organizations all around the world.
Mobile device catchers are believed to have been used during the recent protests in Ukraine. Protesters who believed that their mobile device connected to an IMSI/IMEI/TMSI catcher received a creepy text message that said, “Dear subscriber, you are registered as a participant in a riot.” These catchers can be configured to record the serial number of a device and if a government has limitless access to mobile carrier’s network, a person could theoretically be tracked whenever you have the device in your pocket.
2. Facial Recognition On-Demand
Facial recognition technology isn’t anything new. In fact, Las Vegas casinos have utilized the technology in some way, shape or form for decades. Facial recognition has traditionally encountered technological bottlenecks such as computing power, storage and advanced software capabilities … until now.
In the past year, all of these limits have been removed thanks to the maturation of cloud computing. Earlier in 2014, the biggest public cloud providers engaged in what the industry has dubbed the “Cloud Pricing War” which reduced cloud computing prices by up to 60 percent across the board. Cloud computing allows corporations to have limitless access to CPUs, storage and bandwidth for a low, hourly fee.
Imagine a camera in your favorite grocery store that notices you the exact moment you walk in the door. Since the camera can reference your facial features stored inside of the cloud’s database, you can walk into any of that store’s locations and the cloud-connected facial recognition software will know exactly who you are. Applications are being developed on this concept and they are being used to cross-reference your confirmed identity within a customer relationship management suite.
CRM, as it is commonly called, can be queried to bring up every action you have conducted with the business and the data could then be used to market specific offers to the customer. If the customer has opted into receiving text messages or emails, an email or a text could be sent as soon as they walk into the store informing the customer of special daily offers that have been tailored for the individual.
Governments plan on implementing facial recognition software in places such as airports, courthouses and other public facilities.
3. Rise of the Microdrone
There’s an old saying, “Wouldn’t you like to be a fly on the wall during that conversation?” With the invention of microdrones, government agencies or operators of the microdrones can do just that. What was once thought to be science fiction, Popular Science wrote an article in early 2014 describing one of Harvard Robotics Laboratory’s top inventions called “RoboBees.” The prototypes of RoboBees show that the device is about the size of a penny. At first glance, the microdrones do not look to be much different than a common insect you might see flying around on a warm summer day.
As you would expect, these microdrones can be configured to relay audio and video in efforts to target unsuspecting individuals. TechJect is a company that sells a microdrone that resembles a dragon fly. Jayant Ratti, president of TechJect, mentions that the microdrone is capable of capturing high resolution video and wireless communications. Ratti also went on to say, “It is not yet a mature technology, but it’s getting there. We are still getting feedback and making improvements.”
4. Connecting to Public WiFi & Securing Personal WiFi
WiFi routers in public places are often easy targets for hackers trying to get your information. During the Sochi Winter Olympics, attendees were told not to connect to WiFi networks while in Russia due to the fact that the majority of the hot spots had been hacked. Connecting to a hacked WiFi router can lead to detrimental consequences for mobile device and your privacy. You should never connect to public WiFi hotspots with mobile devices that contain any sort of private data. In fact, you should never connect to public WiFi hotspots unless it is absolutely necessary. On devices that include sensitive data, you should protect your device while not in use with low tech means such as the “Block-it Pocket.”
What about a personal WiFi at home? Although these systems use standard encryption, it is possible for an experienced computer guru (or anyone with your WiFi password) to alter your configuration in order to see the data you are sending and accessing. If an experienced user accesses your personal home computing network, everything that you do online is free game for the person who nefariously connected to your WiFi. In order to mitigate these types of attacks, change your WiFi password frequently, regularly clear the password cache of your mobile devices and ensure that you are using the best encryption available on your WiFi router. You could completely mitigate these hazards by only using hard-wired connections and connecting to a private VPN tunnel as soon as you connect to an unknown network.
5. Consolidation of technology. This is a trend you may have noticed in the past decade. No longer do you need a camera; you have one on your phone. No longer do you need a music player; it’s also on your mobile device. Edward Snowden confirmed that the NSA can tap a mobile device in order to have it remotely take pictures or relay audio without the user knowing. While some security conscious individuals see this as old news, the Snowden leaks are just the tip of the iceberg.
Consolidation of technology will result in mobile devices being used as credit and debit cards. It has also resulted in streamlined processes for merchants who use point-of-sale (POS) equipment. Instead of swiping and signing, credit cards of the future will simply reside on your mobile device and once you get close enough to a point of sale system, consumers will simply authenticate the transaction on their mobile device. Visa recently announced this technology in early 2014, which incorporates host card emulation and cloud in order to authenticate users and allow them to make legitimate transactions.
If your credit card information resides on your mobile device, your mobile device essentially becomes the new age purse or wallet. Thieves of the past had to steal your wallet or purse by physically taking it from you. As we are seeing now, thieves are targeting point-of-sale systems with malware and stealing information without people ever losing track of their belongings. This is just one of many examples where consolidation of technology has opened up a new world of exploits. When mobile devices replace credit and debit cards, point-of-sale technology must mature in order to keep up with the hackers.
More on POS Malware
As websites such as IntelCrawler point out, hackers are building POS malware by the day. Securing these vulnerable systems will be essential in order to fully protect consumer privacy. Point of sale malware is rapidly becoming the preferred method that hackers employ when they are attempting to steal personal financial information. POS malware places all of the blame on the merchant’s infrastructure for not having security measures in place and it allows hackers to rapidly gain critical information on unsuspecting consumers.
POS malware isn’t something that focuses on small businesses. At the end of 2013, it was discovered that Target was the victim of a widespread POS malware attack that compromised the personal data of more than 40,000,000 consumers all around the world. What’s even worse is that the malware operated unacted upon throughout Target’s busiest shopping season for several weeks. This fact alone means that it is your personal responsibility to take the best measures in order to protect yourself in this ever-evolving digital age we live in.
What privacy threats concern you? Tell us in the comments section below.