Stark reality: It may be that no digital conversation, photo can be shielded from spies
By Mae Anderson, Tali Arbel and Barbara Ortutay
AP Technology Writers
NEW YORK (AP) — So, you use messaging apps like WhatsApp or Signal or have smart TVs and PCs. Should you worry that the CIA is listening to your conversations?
The short answer is no. The long answer is maybe, though it’s still unlikely you need to be too concerned.
WikiLeaks revelations describing secret CIA hacking tools allegedly used to break into computers, mobile phones and even smart TVs could certainly have real-life implications for anyone using internet-connected technology. In particular, the WikiLeaks documents suggest the CIA has attempted to turn TVs into listening devices and to circumvent — though not crack — message apps that employ protective data scrambling.
But for people weary of a seemingly constant revelations of hacks, government spying and security worries, the news came as no surprise.
“Today’s leaks definitely concern me, but at this point I have accepted that security risks are an inherent part of our modern technology,” Andrew Marshello, a soundboard operator from Queens, New York, said by email. “Since that tech is so integrated into our society, it’s hard to take the reasonable step — cutting out smart devices, messaging apps, etc. — without sacrificing a part of social life.”
While he’s “definitely worried” about deeper implications of governmental hacking and surveillance, Marshello says he won’t cut his iPhone or modern messaging apps out of his life. But he doesn’t have a smart TV and doesn’t plan to get one, he keeps his microphone unplugged and camera covered when he’s not using his PC and he has voice recognition turned off on his phone.
He’s not alone. Last year, Facebook CEO Mark Zuckerberg was photographed with his laptop camera and microphone covered with tape. Some online called him paranoid; others suggested he was just being smart.
WHY IT MATTERS
“What everybody should be asking is whether any of this was shared with local law enforcement,” said Scott Vernick, a partner at the law firm Fox Rothschild who focuses on data privacy and security. Meaning, whether the CIA shared any of the techniques with the FBI and with other domestic law enforcement agencies that could employ them domestically.
Ed Mierzwinski, consumer program director at consumer advocacy group U.S. PIRG, said the news should alert consumers to how vulnerable internet-connected devices are.
“You shouldn’t be too concerned about the CIA hacking you unless you’re doing something illegal,” he said. “But this should be a wakeup call for the average consumer.”
He recommended changing passwords on smart TVs, cameras and other connected devices as often as you change computer passwords. “Whether it’s your refrigerator, smart lights you program from your phone or your baby monitor, the security systems in most ‘internet of things’ products are actually dumb, not smart.”
PRIVACY FATIGUE
“At this point, I am so used to reading stories about accounts getting hacked that it is to be expected,” Matt Holden, an editor and social media coordinator in Dallas, Texas, said via email. Holden worries about the safety of personal information like his social security number and financial details, but says he’s less concerned about the security of his messaging apps.
“So long as I conduct myself in a way that would mean I have nothing to hide, then I’m not worried about the government taking a look,” he said.
In a recent Pew survey , conducted in the spring of 2016 and released this January, 46 percent of respondents thought the government should be able to access encrypted communications when investigating crimes. Only 44 percent thought tech companies should be able to use encryption tools that are “unbreakable” by law enforcement. Younger people were more likely to support strong encryption, as were Democrats.
If they’re authentic, the leaked CIA documents frame one stark reality: It may be that no digital conversation, photo or other slice of life can be shielded from spies and other intruders prying into smartphones, computers or other devices connected to the internet.
Another reality: Many may not care.
“People have fatigue in this area, especially when talking about data breaches, and to a degree, hacking,” said Eva Velasquez, president of the Identity Theft Resource Center, who says it’s difficult to imagine what kind of abuses would force them to abandon their smartphones. “People love their fun toys and devices,” she said.
THE INTERNET OF SPYING THINGS
“We don’t know about the CIA role, but we do know anything with a chip in it that is connected to the Internet is vulnerable to hacking,” said Gartner security analyst Avivah Litan.
A hacking attack last October that disrupted sites such as Amazon and Netflix, for instance, originated on internet-connected devices such as home videocams.
“Basically the ‘Internet of things’ is vulnerable and has been deployed without thinking of security first,” Litan said. Anyone with reason to think someone might be spying on them “should think twice about a connected car or a connected camera.”