Tuesday, January 28, 2014

What A Bunch Of Crap

I'm sure you're all aware of the recent security breach at Target (I know Harper is). I recently found out that my wife managed to get us ensnared in that imbroglio. Despite the fact that before I retired I spent a good portion of my professional life dealing with data security issues, she thought she could deal with the situation better than I.

Either that or she didn't want to hear me say "I told you so..."

Anyway, here's the rest of the story.
If you were one of 120 million or more people who shopped at Target, Neiman Marcus or as many as a dozen other popular retail stores last month, there's a pretty good chance that your credit card or banking information was compromised by a highly organized band of Russian cyberthieves.

The frequency and sophistication of these retail data breaches have escalated to such a degree that last week the FBI sent leading US retailers a confidential report warning that point-of-sale malware similar to the type used to snare data from Target and Neiman Marcus registers is starting to pop up all over the place.
I'm a little skeptical of the numbers - 120 million or more? the population of the US is around 320 million, so according to the media over 1/3 of the people in the US were affected. But be that is it may, the basic premise remains valid.

In this digital age, we are all increasingly vulnerable to having our personal data - sensitive, private, personal data - stolen and shared.

Disturbingly, it's not just our financial data that's at risk. Information concerning the most intimate details of our private lives is widely susceptible to hijacking and disclosure.
Toto’s newest smart john, the Intelligence Toilet II, is proving that it is more than an ordinary porcelain throne by recording and analyzing important data like weight, BMI, blood pressure, and blood sugar levels.

There’s a “sample catcher” in the bowl that can obtain urine samples. Even by Japanese standards that’s impressive. Yes it has the bidet, the air dryer, and heated seat, but it’s also recording pertinent information. This information is beamed to your computer via WiFi and can help you, with the guidance of a trained physician, monitor health and provide early detection for some medical conditions. Graphs on your desktop PC will show how your glucose levels have been fluctuating, along with urine temperatures. These trends can help diabetics time insulin shots as well as give insight into hormone levels for women concerned with their menstrual cycles. Trying to have a baby? Not sure when your most likely to conceive? Ask your toilet for help.
Granted, the technology is impressive. But think about the implications. What federal agency is now in charge of monitoring and enforcing healthcare regulations?

That's right. That well-respected protector of individual rights, liberty, and compassion - the IRS.

I'm sure we have nothing to fear about turning over our most personal date to the tax gestapo.

Frighteningly, most people seem to be okay with that.

70% of people would be willing to have a smart toilet share their personal data
The results of a new survey from Intel and Penn Schoen Berland say that 70% of people in 8 countries would be willing to share data from their smart toilet if it would mean lower healthcare costs. An even higher proportion, 84%, would be willing to share their vital statistics, like blood pressure or basic lab tests, and 75% would be comfortable giving up information gathered by a health monitor they could swallow, even though that’s far more intrusive than a toilet that tweets that you’ve had enchiladas three nights running.

The same survey found that only 30% of respondents would share banking information...
If that's not enough to make you worry, think about the state of Internet security.
Hackers have long wreaked havoc on PCs via the Internet, leading to data breaches and computer crashes. Now that the rush is on to add connectivity to everything from crockpots to light bulbs, the stakes get even higher—and more personal... Antivirus software helped PCs, but you can’t simply install a software suite developed for your desktop on a smart toaster...
A number of tech companies and industry groups say that “smart” devices are hitting store shelves with little in the way of security protection. Security experts blame a number of factors for the problem: startups may put security in the backseat in their haste to get products out the door, and established companies that have traditionally operated offline—like stereo or TV manufacturers—could simply fail to realize that they need to protect against threats when it comes to Internet-connected gadgets.
Examples:
A flaw they found in an Insteon home automation product allowed me to flicker the lights in a complete stranger’s house ... The Internet was a bit more excited about another of their findings: that a “My Satis” $4,000+ ‘smart toilet’ by LIXIL was vulnerable to hacking. A hacked toilet could theoretically scream and spray you with the bidet while opening and closing its ‘mouth,’ “causing discomfort or distress to user,” according to a Trustwave security advisory.
And I thought low-flow toilets were an egregious invasion of my privacy.

I stand (...sit?) corrected...

2 comments:

Harper said...

Remember when you could drive around with your garage door opener remote and open every tenth door?

The Bluetooth and 'smart' key deadbolts scare me, and I complained about my 'smart' electricity meter until my bills showed a significant decrease after its installation. Guess that's how they lull us into complacency!

BTW, my mom got a snail mail letter from Target alerting her to the possible breach of her name and address data. This had to be from information stored when they entered her driver's license info for a return years ago - she doesn't normally shop at Target. The breach is much bigger and more invasive than they are letting on.

CenTexTim said...

The thing that worries me about those smart meters is that at some point the utilities will begin to use them to control consumption.

Too much demand? Danger of rolling blackouts? Just shut down the power to a certain number of users with smart meters.

We don't have a Target store near us. My wife went shopping before Christmas with a friend of hers and bought one item - ONE FRIGGIN' ITEM - at the damn Target store. So far no damage. We are, however, taking advantage of the one free year's worth of credit monitoring.