Have you created a ShazzleMail account on your smartphone? This is a required first step.

Yes No

Free Encrypted Email

Posts Tagged ‘spying’


Always-on Voice Technology Raises Privacy Concerns

October 30, 2017

New technologies positively advertise constant microphone monitoring–but is it what consumers want?
Where speaking with Siri was once a forced, awkward endeavor, we’ve now become accustomed to talking to our devices. Whether we’re asking for the World Series schedule or would like Alexa to read us a recipe, human-to-device communication is no longer unusual. Still, as new such devices appear in the marketplace, there are some potential privacy concerns as we explore their capabilities.

Can You Hear Me Now?
Recently, more devices have appeared that are always (or almost always) on—always listening to what’s happening around them. The GoPro Hero 6 is one example. A largely voice-controlled camera, a user can instruct the GoPro to begin recording, even when the camera is off. Though you can change the setting, it is also possible for your camera to remain in a low-power listening mode that allows only the microphone to remain on. But it’s on all of the time, lasting up to eight hours and draining between five and 10 percent of the battery.

And the GoPro certainly isn’t alone.

New and Different
CEVA and Cyberon recently announced a partnership which offers a low power voice activation solution that is interestingly always listening. Designed for smartphones, consumer, and IoT devices, the CSpotter is Cyberon’s optimized implementation of their voice recognition engine for the CEVA-TeakLite family of DSPs. The CSpotter on CEVA-TeakLite-4 silicon will be demonstrated on October 27 at the CEVA Technology Symposium in Taiwan.

The CSpotter listens to ambient speech to detect and respond to predetermined words and trigger commands. It supports 33 languages based on phoneme acoustic models and has optimized both speaker independent and dependent voice activation. Currently, it already exists on CEVA-powered merchant silicon.

“The CEVA-TeakLite family of DSPs already powers billions of smartphones, consumer electronics, and other smart IoT devices, making CEVA an ideal partner for our CSpotter technology. CSpotter on CEVA’s DSPs is a highly compelling offering, with unmatched accuracy and performance in the noisiest environments and at a minimal power consumption,” said Tai-Hsuan Ho, Cyberon founder and CEO.

Moshe Sheier, who serves as the director of strategic marketing at CEVA, believes that Cyberon’s low footprint voice trigger and word spotter, as well as the offered support across a variety of languages makes the CSpotter something special. “Coupled with the world’s lowest power audio/voice DSP family, the joint implementation offers a perfect combination of performance and power efficiency for adding an always-listening voice interface to a wide range of smart devices, including smartphones, toys, wearables, automotive, and IoT,” he said.

Image courtesy of Cyberon.

An Industry Shift?
Some have suggested a shift in the industry toward a voice-controlled relationship with technology, which sounds like an easy and elegant solution for human-to-device communication. But what about security?

If enterprise systems begin relying on voice commands, a number of privacy concerns arise. First, who (and what voices) will be able to control said devices? Secondly, what happens to the recordings? And finally, who, if anyone, can tune in to listen or in some cases view the always-on devices?

Image courtesy of Pixabay.

Addressing Privacy Concerns
Some companies have begun to address these concerns. Google, for example, recently introduced a new camera geared toward parents that can constantly record. The Clips camera uses machine learning to begin to identify subjects you’d like photos of. By setting it on a counter, you can walk away and return to a host of moments that the camera has determined might be interesting to you, all recorded as snapshots for your viewing pleasure. The images are only accessible via your device and aren’t communicated to the cloud, which makes some users feel safer about a perceived lack of privacy.

Undoubtedly, many companies will have to develop strategies to combat consumer privacy fears as voice technology continues to develop. For now, users are perhaps encouraged to enjoy the changing landscape of technology.

Tags: , ,

privacy picture a;dlsfjasd;lkfj

NSA spied on millions of US communications in 2016

May 3, 2017

The US National Security Agency (NSA) collected more than 151 million records of Americans’ phone calls last year, even after Congress limited its ability to collect bulk call records.

A report from the office of Director of National Intelligence Dan Coats presented the first measure of the effects of the 2015 USA Freedom Act, which limited the NSA to collecting the phone records and contacts of people that the US and allied intelligence agencies suspect may have ties to “terrorism”.

NSA collected the 151 million records even though it had warrants from the secret Foreign Intelligence Surveillance Court to spy on only 42 suspects in 2016, in addition to a handful identified the previous year, the report said.

READ MORE: What is electronic surveillance?

Because the 151 million would include multiple calls made to or from the same phone numbers, the number of people whose records were collected would be much smaller, US officials said. They said they had no breakdown of how many individuals’ phone records were among those collected.

Politicians have repeatedly asked US intelligence agencies to tell them how many Americans’ emails and calls are vacuumed up by warrantless government surveillance programmes.

NSA to stop citizen surveillance programme
“This report provides a small window into the government’s surveillance activities, but it leaves vital questions unanswered,” Senator Ron Wyden said in a statement. “At the top of the list is how many Americans’ communications are being swept up.”

The NSA has been gathering a vast quantity of telephone “metadata” – records of callers’ and recipients’ phone numbers and the times and durations of the calls – since the September 11, 2001, attacks.

The spy agency says it doesn’t collect the content of the communications.

US officials on Tuesday argued the 151 million records collected last year were tiny compared with the number gathered under procedures that were stopped after former NSA contractor Edward Snowden revealed the surveillance programme in 2013.

A report in 2014 suggested potentially “billions of records per day” were being collected.

“This year’s report continues our trajectory toward greater transparency, providing additional statistics beyond what is required by law,” said Timothy Barrett, spokesman for the Office of the Director of National Intelligence.

The new report came amid allegations – recently repeated by US President Donald Trump – that former president Barack Obama ordered warrantless surveillance of his communications, and former national security adviser Susan Rice asked the NSA to “unmask” the names of US people caught in the surveillance.

Both Republican and Democratic members of the congressional intelligence committees have said so far they have found no evidence to support either allegation.

The report said the names of 1,934 “US persons” were “unmasked” last year in response to specific requests, compared with 2,232 in 2015. But it did not identify who requested the names or on what grounds.

Tags: , ,


Are your running shoes spying on you?

March 2, 2017

Five or 10 years ago, such a statement might have been appropriate for a cartoon matinee or slapstick farce, but in a new world defined by the Internet of Things, this statement isn’t just a possibility, but an actual cyber vulnerability to be aware of.

Companies today are adding the word “smart” to a constellation of different products: water bottles, refrigerators, televisions, and yes, even running sneakers.

In simple terms that word “smart” means computer code performing some automated function such as data collection, storage, transmittal or other task to offer the user better insight into his or her experience using that product. Those running shoes might log miles walked, calories burned or altitude climbed and then send that data over a connection of some kind, whether physical or Wi-Fi, to another smart device such as a phone, tablet or computer, which the user can use to monitor fitness.

It is that interaction, where the shoes “touch” the mostly unregulated, unprotected web where the true vulnerability lies.

Any code can be altered once a connection occurs. The data you expect those shoes to collect may be changed by the bad guys to collect other data instead, or host malicious code that can be carried to the actual target they want to infect. All you might have to do is walk by the ATM and your bank could now be potentially infected.

We take for granted the utility of smart devices. There is no argument they make life easier, more automated, and allow us to access data we might never have had access to before. Unfortunately, that comfort and joy we experience in the ever expanding landscape of technological wonders has a very evil underside we absolutely must be aware of. We cannot assume that these devices are safe, secure, and protected. They are not.

So the question that comes to mind is simply: what do we do?

This is not some call to revert society back to an agrarian base. Instead, we must grow a culture aware of cybersecurity.

Even the simple act of asking questions: is this device (or shoe or water bottle) connected? How? Should I disable it before I come into work every day – or even not bring it at all? Are there security patches I can load on these items? That simple pause to address what has become a part of every facet of our lives could be the difference between a massive data breach and just another day at the office.

An extreme example recalls how terrorists utilized simple box cutters as weapons of war to then turn civilian aircraft into even deadlier mass destruction devices. It was the definition of asymmetric advantage by a “supposedly” inferior enemy. In an Internet of Things we have created hundreds of these tools, now weapons in waiting. Yet a simple cultural shift, a turn from blind trust to trust but verify, can blunt that advantage.

The Internet of Things offers an unbelievable range of possibility to the consumer. There is truly no limit to the new ways we can utilize smart devices to enhance our lives, but with the massive increase in powerful tools comes the simple responsibility to utilize them safely.

It is like the Wild West in terms of opportunity, so we must realize our role in keeping the cyber peace. Use these new technologies to their fullest, but be skeptical and vigilant that they are just as much a weapon as a tool and the enemy is always watching.

Tags: , ,


Federal Agency Begins Inquiry Into Auto Lenders’ Use of GPS Tracking

February 23, 2017

Auto loans to Americans with poor credit have been booming, and many finance companies, credit unions and auto dealers are using technologies to track the location of borrowers’ vehicles in case they need to repossess them.
Such surveillance, lenders say, allows them to extend loans to more low-income Americans, knowing that they can easily locate the car. Lenders are also installing devices that enable them to remotely disable a car’s ignition after a borrower misses a payment.

Now, federal regulators are investigating whether these devices unfairly violate a borrower’s privacy.

The auto lender Credit Acceptance Corp. said this month in a securities filing that it had received a civil investigative demand from the Federal Trade Commission asking for its “policies, practices and procedures” related to so-called GPS starter interrupter devices, which are used to disable an ignition.

Industry lawyers say the action is part of a broader inquiry by the agency into tracking technologies used in the subprime auto lending market.

The regulatory scrutiny over the GPS starter interrupter devices comes as cracks are starting to appear in the auto loan market. The percentage of auto loans that were at least 90 days delinquent increased to 3.8 percent in the fourth quarter from 3.6 percent in the third quarter, according to the Federal Reserve Bank of New York

The auto finance industry says that without the devices, many low-income Americans would not be able to buy cars that they need to get to work.

But some find it unsettling that the technology gives lenders so much control over borrowers.

“They don’t need to know what we are doing — when we go out to eat, when we go on vacation,” said Elias Sanchez, a forklift operator in Austin, Texas. “We want our privacy.” His auto dealer didn’t tell him that a GPS tracking device had been installed in his 2005 Ford SUV, he said.

Tags: , , ,

featured image 3


February 15, 2017

By Jason Knowles and Ann Pistone
Monday, February 13, 2017 10:42PM

CHICAGO (WLS) — Millions of people have smart hub devices like the Amazon Echo and Google Home, but they could be putting users’ privacy at risk.
The I-Team tested the devices with experts and found potential vulnerabilities that could be used by hackers and thieves.
The devices act as home assistants who respond to verbal command words. The I-Team found that the Amazon Echo app for Alexa records and saves users’ conversations — even if the smart hub device only “thinks” it hears the word “Alexa.” Brian Liceaga, of the Evolve Security Academy, found even more personal information.
Experts said they can be an identity thief’s dream if users don’t have a pass code on their phone or tablet, or if those devices are on unsecure Wi-Fi networks.
“So they can start building a profile around you and execute a social engineering attack. So they might know when you’re going on vacation, they know your interests, they might know things that you’ve looked up, that you’ve asked the device,” said Liceaga. The I-Team inspected an Echo belonging to a man known as “Professor Fraud.”

“If it thinks it hears the name ‘Alexa,’ it wakes up and starts recording. So it’s potentially an invasion of privacy and also potentially embarrassing,” said William Kresse, a professor at Governors State University.
Amazon said the saved recordings are stored to improve accuracy and make the product better, but they can be deleted individually or all at once. The I-Team also found that Kresse’s answering machine could be used to control Alexa via voice commands. This could be used by a burglar checking to see if anyone is home or even a neighbor trying to order something for themselves.

“Now Amazon has the option to put in a four-digit code whenever you want to place a purchase order. Otherwise, anyone could just say a few words – even accidentally – and the next thing you know, you’ve got a delivery coming to your house,” Kresse said. The I-Team also examined a Google Home, which belongs to Patrick Connor, the husband of an ABC7 employee, and the Google app for it.
“I had no idea that I could go back and even hear my own voice on my own phone. I think what was most alarming to me was that it even seemed to be recording before I said ‘Okay Google,'” Connor said. “So now I’m wondering, ‘Is this thing always listening? Is it always on?'”
Google said the device only stores audio after recognizing the words “Ok Google” or “Hey Google,” but said that content is sent to Google servers. Google officials also note that voice history can be deleted, similar to web history. The I-Team also tried to hack both devices. Expert were able to locate the Google Home but couldn’t crack into either. Amazon and Google both said devices go through extensive security and privacy reviews.

“Amazon and Google have, not only large security teams, but some of the best in the world and the best talent in the world,” Liceaga said. But he says you should still be skeptical over that extra set of ears. “This device that’s always there and listening, we have to use it with caution and safety,” Liceaga said.
Users may want to mute devices when not in use to prevent unwanted recordings. For the Echo, users can turn off voice purchasing or even chose between two other command words instead of “Alexa.” Also, users should make sure software for the device is updating automatically. Experts also said that the riskiest vulnerabilities aren’t in the smart hubs themselves, but in those apps or accounts on your tablets and computers.
“Their windows computer might actually have the password to the amazon account in which case I can bypass this all together,” Liceaga said. Liceaga said users should put smart hubs on a guest Wi-Fi network which is separate from the one used by other devices to create a barrier between the smart hubs and other devices. Experts also suggest changing the smart hub device name on the Wi-Fi so it can’t be detected.

Tags: , ,

Introducing ShazzleMail Email and How it Works

Privacy is your Fundamental Human Right.

Our Daily Blog
Edward Snowden’s Autobiography Makes a Plea for the Fourth Amendment, the Right to Privacy, and Encryption
September 24, 2019

America's most famous whistleblower calls for restricting the power of government. Article by SCO...

Read more
Chinese deepfake app Zao sparks privacy row after going viral
September 3, 2019

Critics say face-swap app could spread misinformation on a massive scale A Chinese app that lets ...

Read more
Google tightens grip on some Android data over privacy fears, report says
August 19, 2019

The search giant ends a program that provided network coverage data to wireless carriers. BY CARR...

Read more
Wikipedia co-founder slams Mark Zuckerberg, Twitter and the ‘appalling’ internet
July 8, 2019

Elizabeth Schulze Wikpedia Co-Founder Larry Sanger said in an interview social media companies ...

Read more
Why America Needs a Thoughtful Federal Privacy Law
June 26, 2019

More than a dozen privacy bills have been introduced in this Congress. Here’s what it needs to do....

Read more