The back door

This news got to me this morning. It is yesterday’s news and it is by no means anything ground breaking like the US and UK actions on the Middle East at present. Yet what happens now will have a long term consequence and even as global legislation is trying to stay away from this issue for now, the question becomes: ‘Should this be allowed?’

The Guardian (at https://www.theguardian.com/technology/2016/dec/28/amazon-refuses-to-let-police-access-suspects-echo-recordings), gives us the following premise ‘Company has declined to provide audio recorded by smart speaker system at house where man died, according to a report‘, the company in question is Amazon.

It is the following quote that brings the issue to the surface: “But firms often retain a “back door” for their own use – to automatically scan emails for key terms used to target advertising, for example – and that can complicate claims that law enforcement access would uniquely invade a user’s privacy. Amazon’s internal approach to user data will likely prove integral to its ability to resist the warrant“, in this it is important to set the term ‘alleged‘, because there is no data available to state that this is actually happening in this specific case. You see, when we see ‘a “back door” for their own use’ and ‘used to target advertising‘, so how is that firm NOT invading a person’s privacy? More important if that Meta data is saved by Amazon to create a fingerprint profile, how are they not invading ones privacy? In that regard the ‘Amazon has refused to hand over data from an Echo smart speaker‘ especially in light of ‘an industry that considers privacy a prime selling point‘ is like watching the pot calling the kettle black. In this there is an issue, especially whether the police should be given access to all data. There is off course, especially in the US the 4^th amendment, which officially reads: “The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized”

Which sounds all good and fine, yet in this case as James Andrew Bates has been charged with the murder of a man found dead in his hot tub in November 2015, we need to worry on how Amazon can sell to its customers that they are instrumental in protecting a person incriminating data, possibly guilty of nothing less than manslaughter. In all this, the Alexa speakers could be seen as a factor to his proclaimed innocence, so as the legal team of the accused is making all kinds of statements, we should worry whether the voices collected are a real issue or not, you see we do not know, more important, what data is Amazon actually collecting? What is stated and what is happening are two very different things. In addition to this ‘the device is also occasionally accidentally activated, through similar sounds‘, which is an additional path in all of this. You see, we knew that this was a factor as the Xbox One had a similar issue in the very beginning, I do not know whether this was ever fixed, but the link to all this is not just the audio file, the fact that the police got other data, in this case from a water meter, stating that ‘a flow of 140 gallons between 1am and 3am‘ was recorded. Here is part of the issue seen. You see, I get that this data is recorded, yet next year as 5G kicks off, we will see an integral set of systems all getting more and more complex and more and more complete. The Amazon and Google systems are at the forefront of all this. By 2019 the average household will have a minimum of 10 devices linked to 5G systems, all that data collected, some open, some not so open and it is that part that is the worry, not just for privacy reasons mind you. A large group of people will get more and more access to your way of life. In addition, there will be an option to influence your way of life, which is a side nobody signed up for. Not unlike the inaccurate systems we see at present at the Australian Centrelink, we will see a shift in data quality by bad designers and even worse coders, we will end up getting categorised into groups we were never part of and as such we will get information pushed onto us that we might not want, we will not need and as those markers shift we will be denied access to information we actually needed. In this last part there is a small exercise you can try on yourself. Let’s say that you can only access the last 10 email messages a day for a few days, now take notice, yet do not read the other messages sent to you, so on average I get 35 messages a day. Consider that I miss out on 25 messages a day. How long until you notice that you missed out on essential information? Now, the number 10 was chosen at mere random, just to make a point, now consider the amount of mail you have at present and see what happens when 10 devices are added to your house profile. The refrigerator, your smart TV, your smart recorder, your game console, your laptop/tablet/PC, your 5 smart devices. How much additional information will you get? How much time will you lose? Because as advertisement is set to your personality, you will be more and more inclined to read those messages that were automatically sent to you. That is just a mere matter of fact. More important, no matter how good the Google Home presentation was (it was actually really good, and here is another review https://www.youtube.com/watch?v=7hKRPMpxRuc), the reviewer touches on the issues we need to ask ourselves. I think more important, we need to be aware of them. You see, the sketch we see here https://www.youtube.com/watch?v=yVBIeEglehw. Now this is good for a laugh, yet what did the parrot remember and what will your speakers save on cloud servers (read: remember for all to hear for all eternity). It is one thing when it is a murder investigation, it is quite another when it is marketing collected data you were not so comfortable with. In addition, what happens to the connected devices when the data is all combined? The dangers of fueling crime (because the cloud tags you as being in another country, or the collected data shows that the water meter shows no usage of hot water for 2 days, when those are not weekend days, there is every option that the criminals now know that there is a decent chance that you will remains out of the house for 3 days or more. The more devices we attach, the greater the danger of security becomes. It is for that reason I noticed the flaw in the Google Pixel and the Google Pixel XL. It is not an issue now, but it will likely become one in 2018, meaning you might still have that device.

In all this there is no proper legislation, this is not merely a Common Law or Civil Law issue, the global nations at large, none of them have proper legislation in this regard and 5G is less than a year away, which will trigger a tsunami of these issues as we imbue ourselves with the options of laziness of tomorrow. In addition, as we will be more and more relying on RFID option in our daily life, we will see a different cloud of data evolve. It will be a new version of Pokémon Go, only now, we the people become the Pokémon. The big issue is not just the collection of data, it is in addition the security that these new ‘innovations’ are also likely to lack, we will see a cloud of data bundling and with each addition we will also grow the flaws of security. Now, this is speculation from my side, yet history has proven me right again and again. In the end it will be a short sighted head of marketing forcing a deadline that will result in a needed app that suddenly sets all our personal data open to the people on the internet, after which we get carefully phrased denials, apologies and a half-baked ‘promise’ that it will be fixed as soon as possible. In that time our personal data remains on the open internet and we will lose days to get passwords changed and settings checked on all the connected devices. In all this there will be a lack of legislation, especially as ‘intent’ is still a factor, as we see ‘the plaintiff must prove the additional element that the defendant acted with the specific intent to perform‘, yet in all this ‘intent’ can never be proven and the loss will be ours and ours alone. In all this the need to set factors on ‘negligence’ and there is the issue we see, you see ‘people should exercise reasonable care when they act by taking account of the potential harm that they might foreseeably cause to other people‘, which at this point can never be proven in cases of privacy loss due to broadcasted data. The firms will ‘always’ be taking account of potential harm. The issue is that in many cases there is never any foreseeable cause, just the consequence. In this data gatherers and IP creators need to isolate data more and more and this takes smaller independent creators equally out of the farm, which is not that just. In all this legislation will fail the consumer and time is running out for the people who want to move forward. 5G will bring a massive amount of innovation and technology forward, yet in this greed driven world, it will also bring forward the utter idiots who want to make their cash quick and in that case there are too many options for them to remain unaccountable.

The back door in programs and apps is a real problem (not the only one in this case) and those who need to ask all the serious questions currently aren’t doing anything of the sort. In that, it does not matter whether Amazon Echo actually has a back door (not established), too many apps do have that and in some cases hardware does too. DSL gateways with a backdoor to port 32764 is one noted version, an issue that was at some point concealed yet never fixed. Some get one added via a free plug-in (read: Joomla), Interbase versions 4 through to 6. Some of these back doors were intentionally added, some were hacks and some were zero day exploits. All have consequences to your life when you get to 5G, and these are the easy to spot kind. Once you get to a situation where the security is circumvented by linked apps, for example Facebook and Facebook Messenger. Once we start getting apps like that and the combination introduces a back door, there is every chance that this weakness would not be found until millions of records have been obtained by those finding the linked weakness. In all this organised crime remains a growing concern, because they will ignore whatever legislation is in place and just transfer the data to a hidden server, or better, sell all that fresh and juicy data on the deep web or Darknet.

There is no easy solution and you should realise that most developers have indeed the best intentions, yet for a growing group of those needing a fast fix on income, the user ends up with less security, even less safety and no option to seek compensation, whilst those connected to it get to have all the freedoms and at present end up not getting convicted in any way, which has to change and it has to change rather fast because time is running short.