Adonis Diaries

Goldmine for Big Brother: New generation of smart household devices (part 2)

Posted on: February 18, 2016

Computer programmer John Matherly’s search engine Shodan indexes thousands of completely unsecured web-connected devices.

Domestically, “homegrown extremists” are the greatest terrorist threat, rather than Islamic State or al-Qaida attacks planned from overseas

 Goldmine for Big Brother, New generation of smart household devices Admits Top US Spy

DNI James Clappers acknowledges “intelligence services might use the [web-connected home devices] for identification, surveillance, monitoring, location tracking, and targeting for recruitment.”

dni.jpg 

Director of National Intelligence James Clapper listens at center to testimony given by Director of the Defense Intelligence Agency, Lt. Gen. Vincent Stewart, far right, during the House Intelligence Committee hearing on Capitol Hill, Sept. 10, 2015.

In a piece at The Register—titled “We’re going to use your toothbrush to snoop on you, says US spy bosstech-security journalist Kieran McCarthy reports Clapper’s acknowledgement that the Internet of Things (IoT) is a “potential goldmine for surveillance” echoes “a similar conclusion reached by academics last week.”

The testimony on Tuesday, McCarthy adds,  follows “repeated warnings over the poor security standards included in smart-home products, even the most well-resourced and well-known. Recently, the Ring doorbell and the Nest thermostat were discovered to have security vulnerabilities that could provide an attacker with your Wi-Fi password – and so access to your home network.

The US intelligence chief has acknowledged for the first time that agencies might use a new generation of smart household devices to increase their surveillance capabilities.

As increasing numbers of devices connect to the internet and to one another, the so-called internet of things promises consumers increased convenience – the remotely operated thermostat from Google-owned Nest is a leading example.

But as home computing migrates away from the laptop, the tablet and the smartphone, experts warn that the security features on the coming wave of automobiles, dishwashers and alarm systems lag far behind

In an appearance at a Washington thinktank last month, the director of the National Security Agency, Adm Michael Rogers, said that it was time to consider making the home devices “more defensible”, but did not address the opportunities that increased numbers and even categories of connected devices provide to his surveillance agency.

However, James Clapper, the US director of national intelligence, was more direct in testimony submitted to the Senate on Tuesday as part of an assessment of threats facing the United States.

“In the future, intelligence services might use the [internet of things] for identification, surveillance, monitoring, location tracking, and targeting for recruitment, or to gain access to networks or user credentials,” Clapper said.

Clapper did not specifically name any intelligence agency as involved in household-device surveillance. But security experts examining the internet of things take as a given that the US and other surveillance services will intercept the signals the newly networked devices emit, much as they do with those from cellphones.

Amateurs are already interested in easily compromised hardware; computer programmer John Matherly’s search engine Shodan indexes thousands of completely unsecured web-connected devices.

Online threats again topped the intelligence chief’s list of “worldwide threats” the US faces, with the mutating threat of low-intensity terrorism quickly following.

While Clapper has for years used the equivocal term “evolving” when asked about the scope of the threat, he said Tuesday that Sunni violent extremism “has more groups, members, and safe havens than at any other point in history”.

The Islamic State topped the threat index, but Clapper also warned that the US-backed Saudi war in Yemen was redounding to the benefit of al-Qaida’s local affiliate.

Domestically, “homegrown extremists” are the greatest terrorist threat, rather than Islamic State or al-Qaida attacks planned from overseas.

Clapper cited the San Bernardino and Chattanooga shootings as examples of lethal operations emanating from self-starting extremists “without direct guidance from [Isis] leadership”.

US intelligence officials did not foresee Isis suffering significant setbacks in 2016 despite a war in Syria and Iraq that the Pentagon has pledged to escalate.

The chief of defense intelligence, Marine Lt Gen Vincent Stewart, said the jihadist army would “probably retain Sunni Arab urban centers” in 2016, even as military leaders pledged to wrest the key cities of Raqqa and Mosul from it.

Contradicting the US defense secretary, Ashton Carter, Stewart said he was “less optimistic in the near term about Mosul”, saying the US and Iraqi government would “certainly not” retake it in 2016.

The negative outlook comes as Carter traveled on Tuesday to meet with his fellow defense chiefs in Brussels for a discussion on increasing their contributions against Isis.

On the Iran nuclear deal, Clapper said intelligence agencies were in a “distrust and verify mode”, but added: “We have no evidence thus far that they’re moving toward violation.”

Clapper’s admission about the surveillance potential for networked home devices is rare for a US official. But in an overlooked 2012 speech, the then CIA director David Petraeus called the surveillance implications of the internet of things “transformational … particularly to their effect on clandestine tradecraft”.

During testimony to both the Senate armed services committee and the intelligence panel, Clapper cited Russia, China, Iran, North Korea and the Islamic State as bolstering their online espionage, disinformation, theft, propaganda and data-destruction capabilities.

He warned that the US’s ability to correctly attribute the culprits of those actions would probably diminish with “improving offensive tradecraft, the use of proxies, and the creation of cover organizations”.

Clapper suggested that US adversaries had overtaken its online capabilities: “Russia and China continue to have the most sophisticated cyber programs.”

The White House’s new cyber-security initiative, unveiled on Tuesday, pledged increased security for nontraditional networked home devices. It tasked the Department of Homeland Security to “test and certify networked devices within the ‘Internet of Things’.” It did not discuss any tension between the US’s twin cybersecurity and surveillance priorities.

Connected household devices are a potential treasure trove to intelligence agencies seeking unobtrusive ways to listen and watch a target, according to a study that Harvard’s Berkman Center for Internet and Society released last week.

The study found that the signals explosion represented by the internet of things would overwhelm any privacy benefits by users of commercial encryption – even as Clapper in his testimony again alleged that the growth of encryption was having a “negative effect on intelligence gathering”.

The report’s authors cited a 2001 case in which the FBI had sought to compel a company that makes emergency communications hardware for automobiles – similar by description to OnStar, though the company was not named – to assist agents in Nevada in listening in on conversations in a client’s car.

In February 2015, news reports revealed that microphones on Samsung “smart” televisions were “always on” so as to receive any audio that it could interpret as an instruction.

“Law enforcement or intelligence agencies may start to seek orders compelling Samsung, Google, Mattel, Nest or vendors of other networked devices to push an update or flip a digital switch to intercept the ambient communications of a target,” the authors wrote.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

adonis49

adonis49

adonis49

February 2016
M T W T F S S
1234567
891011121314
15161718192021
22232425262728
29  

Blog Stats

  • 1,418,799 hits

Enter your email address to subscribe to this blog and receive notifications of new posts by email.adonisbouh@gmail.com

Join 771 other followers

%d bloggers like this: