Even if you do a good job of keeping track of devices and their functions, device manufacturers are known to not advertise the presence of some of the sensors, cameras and microphones embedded in their smart home devices. This isn’t limited to obscure brands from unknown Chinese manufacturers. Nest, (by Google), announced that its thermostat has a microphone years after its initial release. Google claimed that it was never supposed to be a secret, and that may be true, but that doesn’t mean we should simply trust them.
Sometimes the additional sensors are added in anticipation of future functionality. Sometimes they are included because they are part of a silicon chip-set that simply included them. They are there for the manufacture to employ, but they are also available for use by hackers if the device gets compromised.
To make matters worse, most smart home devices rely on remote servers to work. Having some of the functionality rendered by remote servers allows the manufacturers to pull some cost and complexity out of the device itself, but also gives them the ability to monitor how you use their products. Why controlling your smart light-bulbs would need to pass through servers in China is a head-scratcher. In fact, a recent study of popular household smart home devices discovered that 72 of 81 devices have at least one destination other than the manufacturer. 56% of the US devices and 83.8% of the UK devices contact destinations outside their region and all devices expose information to eavesdroppers. Most of the communication is encrypted so we can only guess at what the devices are reporting.
Some devices present the option to disable specific sensors, but that may be a losing battle. The Sun reported that if you’re concerned about Alexa spying on you, there’s no point in turning if off because it’s entirely possible that there are multiple devices in your home that are also spying on you. That sounds a little paranoid, but as we keep adding devices to our networks it becomes more plausible. Devices added to the network tend to stay there even after the novelty of their function has worn off. This is part of the reason why connected devices are so inexpensive. The margin of the sale is low for the manufacturer, but it becomes more profitable as they sell information collected about you over time.
It’s prudent to police what devices are on your network and remove devices that you’re no longer using. But as more and more appliances and devices become connected (i.e. “smart”), it’s also prudent to keep the network off when you don’t need it; this brings some balance to our use of the devices, and their use of us.
March 5, 2020