The sexy side of cybersecurity
How long before some of these dreams will become reality? A cup of tea made just before you realise you want it. A car that picks your children up from school for you. A watch that monitors all your daily activity, alerting you when you’ve been sitting still for too long. Oh, wait…
The last of these scenarios is a reality that just a few years ago was as much of a thought experiment as the previous two. But it won’t be long before the soon the smart tea-maker and the self-driving car are also a reality. They are part of a new technological wave, where everyday items are no longer analogue, standalone devices but are part of a massive technological web, known as the Internet of Things (IoT).
IoT is a term that is rapidly moving from the realm of tech geeks at conferences to the conversations of ordinary people, as WiFi and Bluetooth-enabled devices become increasingly commonplace around our homes.
IoT devices can monitor their surroundings, transmit and receive data in real time, and even act semi-autonomously, meaning they can carry out their tasks without human guidance.
This is all sounds like the stuff of dreams, right? Unfortunately, it could be just as easily make up a nightmare. The same devices that could make you a cup of tea could also be listening in as you go about your home life, and instead of being ‘self’ driving, your car could be controlled by someone else.
And now it is apparent that even your most intimate moments are being recorded by IoT devices. A recent court case against a Canadian sex-toy manufacturer makes it clear that there is nothing that someone won’t try and connect to the internet. For better or worse, the case also illustrates how exposed we all are to cybersecurity threats.
The company was found to be collecting data from thousands of the users of its vibrators, through an app downloaded by the users. Each vibrator was connected to the app via Bluetooth, and the app transmitted usage statistics back to the company.
The information transmitted included the temperature of the vibrator, how often it was used, and even which vibration settings the user preferred.
Signing your life away
In this instance, the company did not have its customers’ permission to collect their personal data. But we all know how many times we’ve checked the ‘I have read the Terms and Conditions’ box without a second glance. They could easily have had their users’ permission to collect the data, and most would have been none the wiser.
Current technology means it is much easier to collect data than it is to behave responsibly with it. Just think, once the company has this information, there’s only some loose data privacy laws between your sex habits and the rest of the world. You might not mind this risk, but it’s not the only one.
Big Brother’s watching
Once you’ve agreed to the company collecting your data, you have very little control over what happens with it. Your data is only as secure as the system it’s stored in, and often there are major vulnerabilities in these systems.
Hackers could intercept the data as it’s transmitted to your phone, or steal it from a company by exploiting vulnerabilities in their database. They may then publish your information online, making it available for your all your friends, family and work colleagues to see.
Who’s in control?
If you thought it couldn’t get any worse, think again. Not only are hackers able to intercept the data, but they may even be able to remotely control the device. Researchers managed to control a self-driving car remotely, turning on its lights and activating its brakes.
A sex-toy has less sophisticated software than a car to prevent these kind of attacks, so it would be much easier to control. This has some serious implications, potentially requiring a rethinking of sexual assault laws.
The Internet of Things is redefining the notion of privacy, so maybe think twice before you buy the next big and shiny internet-connected device. It may change your life, but not in the way you intended…