So, Wikileaks releases its CIA documents and the one thing that everyone loses their minds over is learning that their TVs can be used as eavesdropping devices. Really? Where have you all been for the last 5 years? This isn’t even news. Check out an article I wrote on spying devices some years back, When Appliances Attack, and you’ll see what I mean.
Our main concern should be whether or not we, the average citizen, should worry about the government spying on us. These leaks demonstrated the vast array of tools that the CIA has to spy on everyone. Can they install malware that will turn your TV or other connected devices into eavesdropping devices or worse? Yes, they can, but, according to the law, they cannot do so without a court order based on probable cause. That said, law enforcement could, in the course of their investigations, stumble across one of your devices. Yes, they could gather data from that device by accident, but it would not, in this case, be admissible in court.
It didn’t help the surge in paranoia when FBI director, James Comey, was widely quoted as saying, “There is no such thing as absolute privacy in America; there is no place outside of judicial reach.” And “Even our communications with our spouses, with our clergy members, with our attorneys are not absolutely private in America.” Furthermore, he claimed that “Even our memories are not absolutely private in America.”
All of this has been quoted out of context to make it appear as if the government has some supreme right to spy on anyone it has a whim to spy on. In fact, what Comey was saying was that the right to privacy disappears for those who participate in criminal behavior. Thus, “absolute privacy”, privacy for all, no matter what, does not exist. You may make the argument that the concept of probable cause can be stretched too far, but, legally, the government cannot spy on you without good reason.
But what about spying done by those outside of law enforcement? What are the chances that these bad agents are spying on you? Well, that depends largely on your profile and how you define ‘spying’. If you appear to have something that would pique the interest of certain parties, you will decidedly increase your risk. What are these factors? According to one source, if you
have an important, responsible, or secretive job,
have to attend confidential interviews or meetings,
are a scientist/politician/journalist/attorney/judge/police officer/local government official,
have a jealous partner or spouse who believes you are having an affair,
are getting divorced,
are a suspected activist,
are interested in conspiracies and frequent certain websites,
have a neighbor who hates you,
were arrested for, but never convicted of, a terrorist-related crime,
have a friend, neighbor, or relative who is under suspicion,
have recently made a substantial insurance claim,
are very wealthy,
are a celebrity, or
are the victim of a stalker
your chances of being spied on increase.
Yeah, there are a lot of good reasons to be paranoid and, for the most part, you can assume you are being spied on. Why? Because if you use Google, Facebook, Yahoo, or many other websites, you have given them the right to spy on you. Didn’t you read the privacy statement when you checked the ‘Accept’ box? Sure, few people do. Basically, you’ve given these sites the freedom to build a profile of you by watching you while you browse the internet and do other online activities. Yes, both Google and Yahoo can legally read your emails because you told them they could. They are trying to ‘enhance your online browsing experience’ by targeting you with ads that you will, hopefully, find more interesting. They learned what you are interested in by reading your email. But what if you joked about being a terrorist? Hmm, that’s when problems could begin. The government can always compel these companies to hand over your emails. They can also read your emails without you ever knowing about it. You can stop some of this spying by adjusting your privacy settings on Google and Yahoo, but you’ll never be completely free.
Smartphones are perfectly made to spy on you. They have GPS information, cameras, and microphones. With the proper spyware, (which can be downloaded for free) all of these can be turned on remotely by those who are interested in your behavior. They can film you, listen to you and your calls, and see where you are and where you’ve been. They can harvest your passwords, take over your email, and send messages to all of your contacts. In short, they can pretend to be you.
How do you know if your phone has been compromised? Well, if the spies use good malware, you may never know. However, if your battery appears to be running low faster than it used to, it may be an indication that your phone is doing something that you haven’t given it permission to do. If you’re not sure, you can download an app that will give you a record of your battery activity.
Sometimes spyware will turn your phone on without you being anywhere near it. Be suspicious if you see this happening. Snowden supposedly put his phone in a microwave oven or refrigerator to stop it from being accessed by unwanted agents or sending out radio signals. He has since designed a special case to prevent such behavior. Of course, the best prevention is to take out the phone’s batteries when the phone is not in use.
If you hear a strange background noise or clicking sounds while you’re speaking on your phone, your call might be being monitored. And, of course, look at your monthly phone bill to see if anything unusual has been going on. Also, keep in mind that the NSA can listen to any call you make to a location or receive from a location outside of the US.
Chances are your TV is not being used as a spying device. Yes, it can be hacked into to listen to you or, for those sets with built in cameras, watch you. The current CIA leak focused on malware called, Weeping Angel, which targets certain Samsung smart TVs. The malware can make it appear as if your TV is turned off when, in fact, it is not. It is secretly listening to you. This malware specifically targets Samsung TVs from 2012 (UNES8000F, E8000GF plasma, and UNES7550F) and 2013 (UNF8000 series, F8500 plasma, UNF7500 series, and UNF7000 series). You can tell if your TV has been compromised by looking behind it and seeing if a blue LED is on while the TV is supposed to be off. Unless you are a particularly high profile target, I wouldn’t worry much about this. It is far more likely that your smart TV could become part of a botnet rather than an eavesdropping device, though I’m not sure this will necessarily give you much more psychological comfort.
Just remember that anything that is connected to the internet has the potential to be compromised. Your refrigerator won’t be watching what you eat because it doesn’t, at least for now, have a camera. It can, however, read your Gmail. What? How is that possible? Well, it’s not possible for all refrigerators, but one developed by Samsung linked the device to a user’s Gmail Calendar so as to put this information on the refrigerator’s display. In so doing, it compromised the user’s Gmail account. Using a man-in-the-middle technique, hackers were able to lurk in the calendar and capture the owner’s username and password, thus, gaining full control of the user’s account. This is a somewhat unique attack method which has probably never been used to any great extent. Most compromised connected refrigerators are used to send non-edible spam. Just remember that what is true of refrigerators is true for all your connected devices. But, as the old saying goes, if you can’t trust your refrigerator, what can you trust?