The Walls have Ears: Couple’s Private At-home Conversation is sent to a Random Contact by Amazon

Blog / The Walls have Ears: Couple’s Private At-home Conversation is sent to a Random Contact by Amazon

You may have been wondering where I have been these past 6 weeks.  Well, excuses aside, I was out of the office for about 4 weeks – and once returning, I had a backlog of action items that needed attention. Thanks to Karl Buckley, our Cyber Security Supervisor, TRINUS hasn’t been totally silent when it comes to weekly newsletters.  Thanks Karl!

Of course, Cyber events – both good and bad – don’t rest for anyone.  The one that caught my eye recently was the story that broke about the unidentified couple in the US having their private conversation on hardwood floors sent to a person in their contact list by their Amazon Echo.  For those unfamiliar with these devices, they’re part of Amazon’s entry into the Home Automation market.  The Echo is a clever device that listens for your voice commands and then acts to carry them out.  From simple tasks like “What is the weather in Las Vegas?” to turning on your appliances and lights – to ordering supper from the local pizza parlour, these marvels of voice recognition are designed to make life easier.  Their activation is supposed to be by key words and phrases; the “wake” word.  For Echo, it’s set to Alexa, Echo, Amazon, or Computer. For Google‘s device (Google Home), it’s OK Google.

Given the millions of these devices sold by Amazon and Google, the occurrence of this privacy tech-goof shouldn’t surprise anyone.  In fact, I’m more surprised it hasn’t been reported before this. What really scares me is what happened after it was reported to Amazon.

Upon reporting the incident to Amazon, they conducted an investigation, which consisted of examining the conversation logs, as well as analyzing what was said – and how the Echo apparently got fooled into being activated and sending the conversation to a person on their contact list.

Think about that for a minute. They had the ability to go back several days and listen to the conversation even before Echo was supposed to be “awake.”  Otherwise, how did they know the wrong wake word was used.  They went on to listen to the entire conversation and compare it to the commands the Echo actually responded to.

So the strong inference is that Amazon’s  Echo is listening – and recording – all the time. And that Amazon’s employees can monitor and review the conversations “at will.” Notwithstanding their employee standards and codes of conduct, I don’t feel comfortable with that kind of access.  Don’t pretend that the Google Home Eco-system is any more private; it isn’t.

Home automation through a myriad of IoT devices is coming your home and business very soon, and the Echo and Home voice-activated interfaces are supposed to make controlling these devices almost effortless. But it also opens up a Pandora’s Box of Privacy concerns. Sending embarrassing conversations to a stranger is one thing, but think of the Corporate Espionage or Privacy Breaches if these devices start showing up in Doctor’s clinics, Government offices, or in the corporate boardroom.

I occasionally use Amazon’s Prime Service to order a wide variety of items; it’s incredibly faster and efficient. Car parts, books, even a new razor – are a simple one-click away from arriving at my doorstep. But I think I’ll continue to type and click my way to the new convenient lifestyle and keep my conversations within the 4 walls of my house. And I can turn the lights off from the light switch – thank you very much.

I expect there will be push-back on the use and abilities of these devices, as governments and the Privacy hawks grapple with the amount of data being collected and recorded.  The European Union has recently enacted tougher new Privacy Laws called GDPR, that took effect last week.  They’re designed to give individuals greater control over the data collected about them. So far, Canada does not have this type of legislation.

 

If you have any questions about IoT Security, you can always reach out to your TRINUS Account Manager for some stress-free IT.

 

Thanks!

Dave White

TRINUS

stress-free IT

dwhite@trinustech.com

www.trinustech.com

/Partners /Systems /Certifications

TRINUS is proud to partner with industry leaders for both hardware and software who reflect our values of reliability, professionalism and client-focused service.