Via email from Chris M. we have an example of how difficult complete privacy is:
Surveillance Via Smart Toothbrush – Schneier on Security
a marital affair was discovered because the cheater was recorded using his smart toothbrush at home when he was supposed to be at work.
Paul worked with a client who became suspicious of her husband after noticing unusual times he’d brush his teeth. She had installed a smart electric toothbrush app to help encourage their kids to brush properly but the app also tracked every session for the whole family.
“Over time, the client noticed their partner’s brushing history was being logged at odd times, times when they were supposedly at work,” Paul explained. At first, it didn’t seem like much, brushing late in the morning on Fridays didn’t raise immediate red flags.
“And in that time he had started an affair with a work colleague and used to have her over the family home on a Friday when the wife and kids were out of the house,” he added.
I no longer work in the Cyber Threat Intelligence group at work, but when I was on the team our analysists would sometimes track down bad guys over the course of months of collecting “breadcrumbs”. The bad guys would post things that in of themselves were essentially useless. But cumulatively they added up to positive identification and location of perpetrators who had defraud the company and/or our customers of millions and some cases of tens of millions of dollars.
One example I participated in was as follows. The analysts noticed large numbers of nearly identical messages would be posted on multiple Telegraph channels by a criminal claiming ability to defraud our company and his willingness, for a price, to teach others how to do the same thing. I wrote a program that would find all the users names associated with publishing these nearly identical messages. It turned out that occasionally the same message would be posted by two different users names within a few seconds of each other in different channels. One user would post the message in one or two channels. The other user would post it in 20 channels. The one channel posting username would “drop off the radar” at the same time as the new username posting in 20 channels appeared. It was, almost for certain, the same person changing their username over time.
Hence, we could track the same person over a year or more even though he changed his username every few weeks. This allowed us to find a lot more breadcrumbs to narrow the search.
These perps would drop social hints such they were at a party, but they had to leave soon because it was 2:00 AM. By comparing the stated time to the UTC timestamp in the channel, we could determine the time zone they are in. They would post a picture holding something in their hand proving they had defrauded the company. Now we know their skin color and perhaps the color of their watch. When searching social media posts for information about the party we could use the skin and watch color to tie the fraudster username to a social media account. If the electronic object they posted had a clock on it and it is outside, from the shadows we can get an approximation of the latitude they were at. If they would post the social handle of their girlfriend, now we have more breadcrumbs to collect. The girlfriend would post a picture of a scenic site. Now we can do reverse images searches to find that landscape or better yet, a famous building. Now we have their residence or vacation location within a few dozen miles. Or that identical picture would show up in a social media account. Bingo!
The smallest things add up.
People have concerns about electronics in their homes and vehicles spying on them. Yes, this is a concern. These things can be firehoses of information and the smallest things add up.
But keep in mind that it is possible to create an Internet of Things (IoT) enabled house without leaking information to everyone. It is more work than using Amazon’s Alexia or Google Nest, and you probably have to be a geek of some sort to push through some of the issues. * But you can completely isolate a “Smart Home” from the Internet and still use it for monitoring and controlling your home. You would have to be home to access the data or change the programming, but you can do some amazing things. Or you can pay a few dollars a month and access it via https (encrypted) connections from anywhere you have Internet service.
Because I am away from my underground bunker most of the time, at least for now, I chose to pay a few dollars to access it remotely.
I have hundreds of sensors in my underground bunker. Walking through you probably would only see dozen or so at most. But that thermometer also has a humidity sensor in it. That makes twice as many sensors as you first thought and the measurements they report give you more information than you might guess. I could tell what room a contractor was working in because the humidity and temperature would rise if they spent more than a few minutes in a room. When a contractor would paint, then the humidity would go way up. I set up leak alarms (the alert would be on my phone, not in the room) based on high humidity and once the painting done by the contractor set off the leak detection logic.
For people who can’t imagine why they would want their house instrumented, I know two homes that were severely damaged due to leaks. One summer home was completely destroyed because it sat for months with the basement overflowing with water. Brother Doug’s home had the tubing to the toilet rust out and spew water for several hours in an upstairs bathroom. That destroyed drywall on the main floor and basement and flooring on the upstairs floor and main floor. A few years later a second flood was caused by squirrels nesting in the drain leading water from around the basement. A heavy rainstorm put about two inches of water in the basement and even though Brother Doug was in the house he did not notice for over a day because he did not go into the basement. With leak sensors and/or high humidity alarms he and his wife would have saved thousands of dollars and many hours of time.
I use temperature sensors to optimize the use of a geothermal heat pump, the buffer tank, the hybrid water heater, and secondary electrical resistance heating in my underground bunker. With remote access, the outside door light can automatically be turned on when you are driving home in the dark and get within 100 yards of the door. That probably isn’t that much interest to city dwellers, but when there are no streetlights, a little extra light getting into the house can be quite welcome. Motion sensors and door opening sensors can be used to detect someone moving around in your home when you are not there, they can send an alert to your phone.
If you don’t mind being spied on by your appliances** you could get alerts if you left a refrigerator or freezer door open. You can get an alert the drier has completed its job, and you should get your clothes out before they wrinkle. You don’t remember if you turned off the oven and you are a block away from your house on the way to work? The app for your oven can tell you whether you need to return home or continue to work without worrying about it. You can open the garage door remotely and watch on a webcam as FedEx delivers a large package. And/or you could get an alert if someone else opened the door when you did not expect it.
Barb is pretty vehement about not wanting her house to spy on her. But after brother Doug’s second house flood, she put something like ten leak sensors in various places around her house. Operated by five-year batteries they can be discretely placed in out of the way places and provide peace of mind without significant information being leaked. There is a remaining battery life sensor and a binary “wet”/”dry” sensor. Even if they were hacked or the manufacture collected usage data what do you care about that information being obtained by others?
Yes, the smallest details can add up to useful knowledge for an adversary if someone is willing to spend the time. But a lot of life is about tradeoffs. And for me I was able to get good enough privacy and significantly improved quality of life improvement and improved remote security of my underground bunker by creating a “Smart Home.” Your mileage will vary.
* Check out Home Assistant if you are interested in going down this path.
** GE appliances require you to connect them to the Internet and use their app to utilize the “smart features”, other appliances may vary.