Are we all RoboCops in the future?

7457645618_1c7dcd0523_oInternet together with small and inexpensive digital cameras have made us aware of the potential privacy concerns of sharing digital photos. The mobile phone cameras have escalated this development even further. Many people are today carrying a camera with ability to publish photos and videos on the net almost in real-time. Some people can handle that and act in a responsible way, some can’t. Defamatory pictures are constantly posted on the net, either by mistake or intentionally. But that’s not enough. Now it looks like the next revolution that will rock the privacy scene is around the corner, Google Glass.

Having a camera in your phone has lowered the threshold to take photos tremendously. It’s always with you and ready to snap. But you still have to take it out of the pocket and aim it at your object. The “victim” has a fair chance to notice that you are taking photos, especially if you are working at close distance.

Google Glass is a smartphone-like device that is integrated in a piece of headgear. You wear it all the time just like ordinary glasses. The screen is a transparent piece in your field of view that show output as an overlay layer on top of what’s in front of you. No keyboard, mouse or touchscreen. You control it by voice commands. Cool, but here comes the privacy concern. Two of the voice commands are “ok, glass, take a picture” and “ok, glass, record a video”. Yes, that’s right. It has a camera too.

Imagine a world where Google Glasses are as common as mobile phones today. You know that every time you talk to someone, you have a camera and microphone pointed at you. You have no way of knowing if it is recording or not. You have to take this into account when deciding what you say, or run the risk of having an embarrassing video on YouTube in minutes. A little bit like in the old movie RoboCop, where the metallic law enforcement officer was recording constantly and the material was good to use as evidence in court. Do we want a world like that? A world where we all are RoboCops?

We have a fairly clear and good legislation about the rules for taking photos. It is in most countries OK to take photos in public places, and people who show up there must accept to be photographed. Private places have more strict rules and there are also separate rules about publishing and commercial use of a photo. This is all fine and it applies to any device, also the Google Glass. The other side of the coin is peoples’ awareness of these laws, or actually lack thereof. In practice we have a law that very few care about, and a varying degree of common sense. People’s common sense do indeed prevent many problems, but not all. It may work fairly OK today, but will it be enough if the glasses become common?

I think that if Google Glass become a hit, then it will force us to rethink our relationship to photo privacy. Both as individuals and as a society. There will certainly be problems if 90% of the population have glasses and still walk around with only a rudimentary understanding about how the law restricts photography. Some would suffer because they broke the law unintentionally, and many would suffer because of the published content.

I hope that our final way to deal with the glasses isn’t the solution that 5 Point Cafe in Seattle came up with. They became the first to ban the Google Glass. It is just the same old primitive reaction that has followed so many new technologies. Needless to say, much fine technology would be unavailable if that was our only way to deal with new things.

But what will happen? That is no doubt an interesting question. My guess is that there will be a compromise. Camera users will gradually become more aware of what boundaries the law sets. Many people also need to redefine their privacy expectation, as we have to adopt to a world with more cameras. That might be a good thing if the fear of being recorded makes us more thoughtful and polite against others. It’s very bad if it makes it harder to mingle in a relaxed way. Many questions remain to be answered, but one thing is clear. Google Glass will definitively be a hot topic when discussing privacy.

Micke

PS. I have an app idea for the Glass. You remember the meteorite in Russia in February 2013? It was captured by numerous car cameras, as drivers in Russia commonly use constantly recording cameras as measure against fraudulent accusations. What if you had the same functionality on your head all the time? There would always be a video with the last hour of your life. Automatically on all the time and ready to get you out of tricky situations. Or to make sure you don’t miss any juicy moments…

Photo by zugaldia @ Flickr

 

More posts from this topic

Dukes malware, Russian malware, social media malware

Cyber security could decide who the most powerful person in the world will be

Everything old is new again. That's a key point our chief research officer Mikko Hyppönen keeps making when discussing the current online threat landscape. And it's especially relevant when it comes to one of the most controversial stories of the 2016 United States presidential election -- the hack of the Democratic National Committee. If it turns out that a foreign government is actually attempting to meddle a domestic election, this would not be something history has never seen before  -- even if the methodology, brazenness and scale of the meddling might feel new and ominous. F-Secure cyber security advisor Erka Koivunen points out that nation states have long been involved in "information warfare and the age-old use of misinformation, deception and false flag activities." Hacker Andrés Sepúlveda says says he traveled throughout Latin America "rigging major political campaigns." Sepúlveda claims that he "led a team of hackers that stole campaign strategies, manipulated social media to create false waves of enthusiasm and derision, and installed spyware in opposition offices, all to help [Mexican president] Peña Nieto, a right-of-center candidate, eke out a victory." And the idea that our growing reliance on information technology makes democracy uniquely vulnerable has been inspiring rumors of attempts to hack U.S. presidential elections for more than a decade, even sparking the imagination of those who believe that Anonymous may have prevented the hack of the 2012 election. Koivunen explained before that if you're involved with politics in 2016 that has international import, you have to assume you're being hacked. Hacking of high level political officials especially during a presidential election is now as predictable as the cyber attacks that inevitably pop up around every Olympics. But "hacked" is such a broad term it's important to distinguish the degrees of hacking. "Owning an election is gold; being able to influence it is silver; knowing the outcome in advance is bronze," Erka says. We have no idea if someone is trying to hack the election systems of a crucial U.S. swing state. But it seems that someone is trying to influence the 2016 election. Wikileaks, the organization that released the data from the DNC hack, has admitted that it timed this leak to do maximum damage the Democratic party nominee Hillary Clinton. And certainly every country in the world is trying to get all the intelligence they can that will help them prepare for the first new U.S. president in eight years. Certainly, the United States would be doing the same thing. What makes the DNC hack particularly newsworthy is that evidence of Russian cyber espionage -- including F-Secure Labs investigation into "The Dukes" gang -- makes is easy to accuse Russians of meddling in the election. And what's even stranger is that one of the U.S. major party candidates seems to be welcoming Russian involvement, at least as a sarcastic jest. So did the Russians hack the DNC, as some experts claim? This is why nation states love cyber attacks: attribution is very difficult to pin down. "Were the Russians in the DNC network? Sure," Mikko tweeted. "Did they plan to do this hack to support Trump? I don't think so." The goal is simply to capture as much information as possible so you can at least win a "bronze," as Erka calls it. "I think the Russians are in the network of the Republicans as well," Mikko added. "They wouldn't be doing their job if they weren't." So why did the information come out? Perhaps they saw a chance to win a "silver." Since they'd already been outed, they decided that they emails were "too good not to use." With the leap from bronze to silver the potential rewards and risks grow exponentially. So does this mean they might go for the gold? Wouldn't you, if you had the opportunity?

July 29, 2016
BY 
18528198069_eb3bf5e72f_o

Is your identity safe online? You might be surprised

You might know what a VPN (Virtual Private Network) is. But if you’re like many people out there, you probably don’t use one. You should though. And when you finish this blog post, you’ll know why.   A VPN is a private network established over the internet. That might sound complicated, so simply put, a VPN provides security for your device’s internet connection. The layer of security VPNs provide is how you make sure that data you send and receive is encrypted and safe from trackers, hackers and anyone else trying to intercept your data while it’s in transit.   Companies and schools use VPNs to let people connect to local networks from anywhere. And you can also use a VPN to stay anonymous whether you’re at home, at work or school, or using an untrusted public network. And as an added bonus, of course, a VPN also lets you change your virtual location, which can mean unrestricted access to a whole world of content.   So why is online anonymity so important? Who better to answer that than two real Freedome VPN users. And while we can assure you these guys are both real, in keeping with the theme of anonymity, let’s just call them “John” and “Doe”.   “Anonymity is important because I really see it as a human right. Like if I’m looking for things that are really personal, I have the right to stay private and keep that information private,” says John, a university student who’s been using Freedome VPN for three months and counting.   Doe, who is 29 and in the IT industry, has used VPNs before, but recently switched to F-Secure’s Freedome. For him, using a VPN isn’t just about protecting himself today: it’s an investment in the future.   “I’ve never had problems myself, but we know for a fact that there are organizations and people out there right now who are looking to get their hands on our information and identities for whatever reason. This is definitely going to be a bigger problem in the future, and I want to be prepared,” says Doe.   Both John and Doe say that most of their friends in the tech industry are using VPNs right now. But unfortunately, there are lots of people out there who aren’t.   “I really wish people were more aware of the fact that they’re potentially giving away parts of their identity and privacy every single time they go online without a VPN,” says Doe.   John agrees.   “If you think about how people are feeding more and more of their personal information into a wider and wider range of sites, services etc., it’s obvious that the potential risks to our privacy are also increasing,” he says.   John and Doe definitely know what they’re talking about and we couldn’t agree more. There’s never been a better time to take control of your online anonymity. So check out the Freedome VPN site for videos and more info. And don’t forget to tap or click to get yours! [Image by Blue Coat Photos | Flickr]

July 28, 2016
BY 

3 Tips on using iPhone Settings for Better Security

Many people feel that some platforms are more secure than others. And while there may be some truth in that, what’s far more common is that operating systems offer users security features that people choose to use, or ignore. As Micke has pointed out in the past, behavior is often more important for security than product features. So someone with an Android device that updates all the software, sets it up to keep the device and data in their control, and knows how to avoid risky behavior that hackers look for will keep their data safer than an iPhone user that’s never even looked at the settings for their device. And based on what we saw at AltConf2016 – a developer event that mirrored Apple’s last WWDC – it looks like many iPhone and iPad users are making some pretty basic security faux pas. So here’s a few tips iPhone and iPad users can use to protect their devices and data. Don’t forget to forget Wi-Fi networks Unlike Android and Windows Phone, iOS devices don’t let you see your Wi-Fi history. It might not seem like it, but periodically cleaning out your Wi-Fi history is important. We’ve shown in the past that many people configure their devices to automatically connect with Wi-Fi hotpots they’ve connected with before. This leaves them exposed to hackers spoofing Wi-Fi hotspots (which is surprisingly simple and inexpensive to do). So if you’re an “auto-connector”, you should always remember to “forget” public Wi-Fi networks that you use in the odd café, hotel, or restaurant you visit. Because iOS devices don’t let you see your network history, you can’t pick and choose old networks you want to forget. So iOS users have two options: either forget a Wi-Fi network before you leave and walk out of range, or do a periodic network reset to clean out your entire network history. Don’t name your device after yourself During AltConf2016, F-Secure set up a Wi-Fi hotspot to see whether or not people would connect to any available free Wi-Fi. And as we’ve seen in the past, people take their Wi-Fi wherever they can get it. While many people connected and disconnected frequently, it was clear that lots of those people seem to name their device’s after themselves – approximately 80% of the devices that connected included a first name as part of the device identifier. And out of that 80%, 70% of them were iOS devices (Android and OS X devices constituted the remaining 30%). Now, hackers won’t really need this information to “pwn” their victims. But little tidbits like these are great for scams that use social engineering. Fraudsters and tricksters can use something as simple as this to manipulate people as part of a larger scam. It’s tough to say why personalizing devices seems more popular among iOS users than their Android/Windows counterparts. And having unique device names helps keep them separate on, say, a family’s Wi-Fi network that can have multiple people using it at any one time. But using initials or some other way to differentiate them is a better way to personalize your device without necessarily giving tech-savvy fraudsters the opportunity to learn something they can use to scam you. Use app restrictions (they're not just for kids) Earlier in the year, F-Secure Security Advisor Sean Sullivan recommended people change their iOS settings to take advantage of the various restrictions you can use. You can check out his blog post about it here, but basically, using iOS’ restrictions can create safeguards against malicious apps or attacks that try to trick your device into sharing information without your knowledge. Attackers use apps and processes that can run without requiring direct action from users (such as cloud storage services) to steal data. It’s something often seen as part of corporate cyber attacks, so it’s especially important to do this if you use your iPhone or iPad for work. And as my colleague pointed out in this recent blog post, you should already be using two-factor authentication and strong, unique passwords. [Image by Kārlis Dambrāns | Flickr]

July 25, 2016
BY