The Power of Privacy is a half-hour documentary by The Guardian, which shines the spotlight on a few modern threats to privacy. It briefly covers the history of privacy, showing how we got to the present day, in terms of technology and human behavior.
Why Privacy Matters
A personal data consultant featured in the film says,
You might say to me, ‘Well, my life is an open book, I’m not worried about you revealing any of that information.’ But if I’m looking to go after you and to get you to do something you might not want to do, I’m going to use anything at my disposal to create some sort of psychological leverage.
Cybersecurity specialists demonstrate how they hacked a target’s laptop:
- Register a look-alike domain (theguardlian.com rather than theguardian.com).
- Put a copy of the genuine website on the look-alike domain.
- Use Facebook or LinkedIn to find someone the target is connected to (the target’s director).
- Find the email address of the director on LinkedIn or Facebook.
- Send a spoofed (fake) email from the director’s email address to the target’s email. Include a link to the look-alike domain.
- When the target clicks the link, they see a copy of the actual website. After a few seconds, a popup asks for the target’s email address and password. The target enters those credentials.
- The hackers now have control of the laptop and could redirect the browser, take files from the laptop, etc.
Hackers frequently use social engineering (manipulating or tricking people into giving access to information or systems). Even the best security hardware and software can be made useless if you willingly give hackers what they want.
It’s not just the content of your messages and conversations that can reveal info about you; even the fact that you sent a message or had a conversation reveals info. Metadata (such as who you communicated with, when you communicated, etc.) can be revealing.
Internet of Things (IoT)
It’s estimated that presently 1% of everything that could be connected to the Internet is. Imagine a world where the other 99% are also constantly sensing, storing, and communicating data about every aspect of our lives.
Smart home technology can be exploited by hackers. For example, cameras can be hacked to allow others to spy on you in your home.
Manufacturers of smart devices want to ship products as quickly as possible, so they don’t put as much effort into security and privacy as they should.
There are 3 major attack surfaces for smart devices (IoT devices):
- App associated with smart device
- Smart device
- Cloud storage of user data
A theme of the documentary is stated near the end:
The responsibility for our security starts with us.
What You Should Do
I recommend watching the documentary, The Power of Privacy. I’ve briefly summarized a few of its points here, but you’ll have a fuller understanding and deeper appreciation for privacy by watching it. Some advice based on the documentary:
- Be careful about the digital trail you leave. Pay attention to what you post on social media and websites.
- Don’t plug untrusted devices (USB drives, keyboards, etc.) into your computer.
- Be skeptical, especially about free offers. If it’s too good to be true, it probably is.
- Be aware of what metadata can reveal, even when you protect your messages and conversations.
- Before purchasing or installing a smart device, think carefully about the privacy ramifications. How could the device be used against you? How could the data collected by the device be used against you?
- Take responsibility for your digital security and privacy. By reading the Defending Digital blog (or listening to the podcast), you’re taking initiative!