INF529: Security and Privacy

In Informatics

The Internet of Things

Prof. Clifford Neuman

Lecture 1210 April 2020Online via Webex

Course Outline

• What data is out there and how is it used

• Technical means of protection

• Identification, Authentication, Audit

• The right of or expectation of privacy

• Social Networks and the social contract – February 21st

• Criminal law, National Security, and Privacy – March 6th

• Big data – Privacy Considerations – March 13th

• International law, Jurisdiction, Privacy Regulations

• Privacy Regulation (civil) and also Healthcare – April 3rd

• The Internet of Things – April 10th

• Technology – April 17th

• Other Topics – April 24th

• The future – What can we do – may 1st

April 17th Presentations

Privacy Technologies

• Jordan Smallwood – Privacy in Developed vs

Undeveloped Countries

• Neekita Salvankar - Geospacial Data and Privacy

• Kriti Jain - Blockchain and Data Privacy

• Dimple Gajra - Privacy in the Chrome Browser

• Vraj Patel - privacy-focused browsing

• Aakarsh Sharma - A Framework for Improving Data

Privacy and Security of Public Cloud-based Enterprise

Resource Planning Systems - Privacy in Cloud

Computing

April 24th Presentations

Elections and Politics

• Jon Melloy - Elections

• Carlin Cherry - Security of Political data and its

monetization

May 1st Presentations

Biometrics and related technologies

• Vaidhyanathan S - Privacy Concerns for Biometrics

• Yi-Ting Lin - Privacy of Facial Recognition

• Haotian Mai - Access and use of DNA database by

government agencies especially for criminal

investigation.

April 10th Presentations

Internet of Things • Marco Gomez - Doorbells, Refrigerators, and Voice Video

• Douglas Platt - Privacy of Digital Voice Assistants

• Jaynee Shah – Consumer Wearables and Connected Vehicles

• Fudha Alabdulrazaq -Amazon Alexa Privacy Concerns

• MaryLiza Walker – IoT and Privacy: A Business Perspective

• Khalid Mansory – Privacy Implications of Autonomous Vehicles …

• Mohhamed Abatain – … and Aerial Drones

Door Bells

Voice Video

Refrigerators

Marco Gomez

INF 529 Spring

10 Apr 2020

Sensors vs. Apps

Sensors –

A device which detects or measures a physical

property and records, indicates, or otherwise

responds to it.

Apps –

A type of software that does a certain task.

Application Software is the type of software which

runs as per user request.

Sensors vs. Apps

Class Discussion in D2L –

Sensor Questions Midterm 2017

Each Doorbell is a sensor that collects/displays a live

video and voice stream and transmit voice to its

speaker if equipped. The app processes the

collection.

Each Refrigerator is a sensor that will collect voice

and/or video. It’ll collect data from connected

devices such as doorbell, lighting, smart plugs, etc.

Its app will process that collection.

Common Mistakes Made by Common Users

Users’ Lack of Knowledge in Cybersecurity –

-Use of IoT devices require a secure connection. Common users do not

know how create the secure connection let alone create individual VLANs

on their system.

-Use of the quick start guide being anxious to connect their new device

--> at a minimum change the password provided in literature (defaults).

-Use of cloud storage --> Users could choose local storage.

-Use of encryption for the phone app to access devices.

-Failed activation of encryption on the IoT device.

-Use of 2 factor authentication --> Luckily more OEMs are offering users

this feature. However, Ring has “enabled” 2 Factor, still the user has to

choose to use it.

-Use of a VPN to access home network from users phone.

Door BellsSensors –

Video, Voice, Photo Capture

Apps –

Eufy Security, Arlo, Ring Always Home, Nest Aware to

link to a phone

Data Collected –

-Subscription information; Payment account

information, device type, network connections, visiting

family members and friends, location

Privacy –

-Ring has a Neighbors App. It allows sharing of your

video to who you choose.

-Can be requested by law enforcement. Will they use

facial recognition?

-With the exception of Eufy, all require use of

subscription based cloud storage/access.

-128 and 256 encryption is available.

-Some record 24/7 some begin recording upon sensor

capture.

RefrigeratorsSensors –

Camera, Voice and Video, Microphone

Apps –

Family Hub and ThinQ. Both with apps for calendar,

food planning and shopping, music and TV access,

photo album. Smart Things app on Samsung phones.

Bixby Samsung Assistant.

Adjacent Connections –

Smart Things Network; light bulbs, robot vacuums,

alarms, Alexa, Google Voice Assistant, Door Bells,

security cameras, TVs, indoor family cameras

Data Collected –

-User account information, App account information,

device type, network connections and connected

devices, location, calendar/events, order history

Privacy –

-Microphone and Camera remote activation.

-Contacts are linked.

-Photos are linked and saved.

-Misuse by children.

Privacy Concerns-If unauthorized access is gained to any IoT because of lack of security, access can

be gained to personal computers on the network exposing all personal data.

-Linking the door bell with your fridge.

> If the fridge is hacked the calendar is lost and your vacation can be

available to the hacker.

> Access to photos, videos and worse the camera.

> Access to security systems if there is one.

-The refrigerators are always listening.

>Advertisements will be presented.

>Accidental activation; children may activate without knowledge.

-Privacy policies for each of these companies are the same as every major

companies. Extensive, hard to truly know how your data is used and exactly what

is collected. Giving blind consent for them to use

-Once Ring video or photos are shared with neighbors it can be shared by them

with others that may not have your permission.

-Each vendor has a Third Party agreement within their User Agreement allowing

some information to be shared with them.

ReferencesDesire 2 Learn –

INF 529 Class Discussion: Sensor Questions - Midterm 2017

https://www.fingent.com/blog/iot-implementation-common-mistakes-and-strategies-to-tackle-them

https://ktar.com/story/2898083/heres-how-to-create-a-separate-network-for-smart-home-devices/

https://us.norton.com/internetsecurity-iot-smart-home-security-core.html

https://www.eufylife.com/products/variant/video-doorbell/T82001J1

https://www.eufylife.com/security-app-download

https://www.eufylife.com/privacy-policy

https://www.arlo.com/en-us/support/products/arlovideodoorbell.aspx

https://www.arlo.com/en-us/about/privacy-policy/

https://shop.ring.com/pages/doorbell-cameras

https://store.ring.com/neighbors

https://shop.ring.com/pages/privacy

https://store.google.com/us/product/nest_hello_doorbell

https://policies.google.com/privacy

https://store.google.com/magazine/google_nest_privacy

Referenceshttps://www.samsung.com/us/explore/family-hub-refrigerator/overview/

https://www.samsung.com/us/home-appliances/refrigerators/

https://www.samsung.com/global/galaxy/apps/bixby/

https://www.samsung.com/us/smart-home/

https://www.samsung.com/us/explore/family-hub-refrigerator/apps/

https://www.samsung.com/us/account/privacy-policy/

https://www.lg.com/us/discover/thinq/refrigerators

https://www.lg.com/us/lg-thinq

https://www.lg.com/global/lg-thinq

https://www.lg.com/us/lg-thinq/app

https://www.lg.com/us/discover/thinq

https://www.lg.com/us/support/smart-thinq-google-assistant-voice-control

https://www.lg.com/us/support/smart-thinq-alexa-voice-control

https://play.google.com/store/apps/details?id=com.lgeha.nuts&hl=en_US

https://www.lg.com/us/privacy

Privacy of Digital Voice AssistantsDoug Platt

INF 529

Overview

• Introduction to Digital Assistants

• Privacy Policies

• Common Concerns

• Privacy Rating Comparison

• Tradeoffs Between Provided Services and Privacy

• Precautions That Can Be Taken

• Example of Google Data Export

Digital Assistants

What are Digital Assistants, and how do they work?

1. Passive/Active Listening

2. Voice Recognition3. Natural Language

Processing4. Information

Retrieval5. Information

Output6. Continuous

Improvement

[1]

Privacy Policies

Siri

• What does it collect?

• How is that data used?

• When is it shared?

Google Assistant

• What does it collect?

• How is that data used?

• When is it shared?

Amazon Alexa

• What does it collect?

• How is that data used?

• When is it shared?

Common Concerns

Common Concerns

• Are devices always listening?

• Human review of recordings

• What kind of impact do these have on children?

• Malicious voice apps/skills

• Account Security

Privacy Comparisons

Comparison of Products

[2]

Comparison of Products

[2]

[2]

Tradeoffs Between Services and Privacy

Tradeoffs

• Improved Services

• Targeted Ads

• Growing prominence of Digital Assistants

Precautions

How Can You Protect Yourself?

• Turn off the microphone

• Adjust the Privacy Settings

• Make sure devices are configured securely

• Familiarize yourself with the privacy policy of your assistant

• Unplug

Google Data Export

Conclusion

References• [1] https://learn.g2.com/voice-assistant

• [2] https://www.commonsense.org/education/articles/compare-the-privacy-practices-of-the-most-popular-smart-speakers-with-virtual-assistants

• [3] https://policies.google.com/privacy

• [4] https://support.apple.com/en-us/HT210657

• [5] https://www.apple.com/legal/privacy/en-ww/

• [6] https://www.amazon.com/gp/help/customer/display.html?nodeId=GVP69FUJ48X9DK8V

• [7] https://www.amazon.com/gp/help/customer/display.html/ref=kinw_myk_alxa_prvcy_ntce_us?nodeId=201909010

• [8] https://www.consumerwatchdog.org/privacy-technology/how-google-and-amazon-are-spying-you

• [9] https://symantec-blogs.broadcom.com/blogs/threat-intelligence/security-voice-activated-smart-speakers

SECURITY AND PRIVACY ISSUESCONSUMER WEARABLES

& CONNECTED VEHICLES

Jaynee Shah

Wearables – Introduction

• A device that can be worn on the body or kept around the body

• Examples: smart watches, wristbands, glasses, head-mounted displays, ear-phones, earrings, headbands,necklaces, chest straps, wearable belts, armbands, calf wearables, ankle wearables, foot wearables, clip-onclothing, backpack, etc.

• Used for fitness tracking, mobile health, entertainment, calendar management, quickly responding totexts and emails, and other routine activities

• Wearable device components

• Sensors, microprocessor/microcontroller, embedded storage media, communication interface, output devices

• Categories: consumer wearables and special-purpose wearables

• Special-purpose – body-worn cameras and physiological sensor devices used by law enforcement and military

• Many consumer wearables are sold with subscriptions to cloud based services – stores data, performsanalysis, provides feedback to users

• The consumer wearables use an application on a mobile phone that aggregates data along withlocation information

Wearables – Market and Stats

• 41301 patents were filed for wearable electronics between 2010 and May 2015, and is increasing at40% rate annually

• Global market value of wearable technology in 2015 was $24.2 billion, 75% of that was consumerwearables such as smart watches and wristbands

• One in every six persons were using a wearable device in 2017

• In mid 2018, there were more than 400 wearables on the market and more than 300 companiesmanufacturing these devices

• With current trends and projected growth in wearables, global market value is expected to be at $150billion by 2026

Wearables – What data can be gathered?

• Time, duration and proximity of the user activity

• Heart rate, steps, pulse, sleep patterns

• Demographics data

• Who people are, what they do, who they know, how healthy they are, what movements they make,how well they feel

• User’s emotional state, raised excitement or stress levels, poor sleep, and a combination of otherbehaviors

• If the user is routinely late for work, largely immobile when at the office, spent a little or a lot of timewith colleagues – based on this info, an employer can determine whether this behavior is due to lowmorale or dissatisfaction with the job

• Messages, services, and marketing advertisements are delivered based on customer’s activity, location,mood, etc.

Privacy Issues with Wearables and Possible Solutions

1. Bystanders Privacy

• Life-logging is a form of blogging wherein people called life-loggers, captures videos, photos or audiorecordings as they go on about doing their daily chores and post them online

• Wearables with built-in cameras such as a Google Glass or a head-mounted device, can recordbystanders and their activities without their consent

• This raises privacy concerns for innocent bystanders and can lead to embarrassment or harm

• Per FTC’s Fair Information Practice Principles (FIPPs), the data of consumers who do not use wearablesbut whose data are collected by others’ wearables are not protected

Privacy Issues with Wearables and Possible Solutions

1. Bystanders Privacy – Proposed Solutions:

• Acquire explicit consent to record people in public

• Special tags on clothes or using gestures that can be recognized by the wearable device and the deviceto stop/remove recording of the bystander

• Some researchers have suggested the use of FacePET (Facial Privacy Enhancing Technology) device that is wornby the bystander and provides or protects consent explicitly

• Using deep-learning and image processing algorithms to remove or obfuscate the sensitive content

• Deep convolution neural networks to remove sensitive images of people, objects and locations (such asbedroom, bathroom, etc.)

• Using deep learning approaches to visually blur or distort the images – can be applied to photos and videosboth

• If there can be a way to do real-time processing on the wearable device itself rather than sending therecording, audio or video somewhere and then using a software to do the processing – can mitigate orreduce the threat to the bystander privacy as well as user privacy

Privacy Issues with Wearables and Possible Solutions

2. Context Privacy

• Continuous collection of data by wearables, e.g. when the user is sleeping

• Some wearables with voice-activated assistants can continuously track speech and non-speech soundsabout the wearer and the device’s surroundings

• Wearables can collect data that the user doesn’t want to share with cloud service providers

Proposed solutions:

• Consumer wearables should provide an option to the user where the user can decide whether to allowdata collection and upload or not, as well as whether sensing should or should not take place

• Kind of virtual walls approach where the user can define the context where data collection should notbe performed

• Users to be able to impose conditions on compartmentalization of data – to avoid or reduce inferencesthat can be made from the data

Privacy Issues with Wearables and Possible Solutions

3. External Data-Sharing Privacy

• The cloud providers that collect data from the consumer wearables, can share with the third partieswithout explicit consent from the user

• For the health-related data that was collected by a provider, the cloud providers do not need to followHIPAA and HITECH

• These laws however apply to the wearables that’s developed to enhance peoples’ health and are partof a medical healthcare system (e.g. mHealth), but not to the consumer wearables heath data

Privacy Issues with Wearables and Possible Solutions

3. External Data-Sharing Privacy – Proposed Solutions:

• Anonymization of micro-data as well as summarized/aggregated data

• Microdata – k-anonymity, l-diversity, t-closeness

• Summarized/Aggregated data – differential privacy

• The above-mentioned solutions can still suffer from similarity or homogeneity attacks that can revealan individual’s identity

• Re-identification and Linkage – Re-identification of de-identified data isn’t hard

• Behavioral inferences still can be made even if the user’s activity data is in aggregated form – due tounique individual behavioral attributes

• A solution to this can be the use of an anonymous user ID

• Does not reveal information about the actual user

• The user has two user IDs for different contexts – thus the user's real identity is only known to the specificapplication acting on the user’s behalf but unknown to the rest of the world

Other Privacy Concerns with Wearables

• Consumers unawareness of how the personal data is collected and used by the companies

• Vague or unclear privacy policies, and companies’ inability to update or notify the users on privacypolicy changes

• One of the research has suggested to use blockchain technology for privacy policies

• Data could be used for a different purpose tomorrow than today – for example, health purposes today,and to price health or life insurance or to determine user’s suitability for credit or employmenttomorrow

• Company acquisitions may reduce a customer’s confidence on how the data might be used

• Self-tracking can become an obsession, can do more harm than good, and can result in a sense ofhelplessness and stress

• More studies on human behavior need to be performed so that people can maintain a healthy balancebetween self-tracking and exercising

• Many times, it isn’t apparently visible that someone is using a wearable device in public

• The wearable devices should include certain audio/visual cues such as a red blinking light to let others knowthat the device is capable of recording

Connected Vehicles – Introduction

• Connected Vehicle – the vehicle exchanges data with the infrastructure and other vehicles

• Automated Vehicle – the vehicle is undertaking tasks of driving and the driver is becoming an observer and, at higherlevels of automation, a passenger

• Connected and Automated – not the same concept, but they go hand in hand. A connected vehicle represents an earlystage of an autonomous vehicle

• A vehicle equipped with technologies (sensors) that allow it to send and receive information

• Allows vehicles to communicate and interact with each other, with traffic signals, with infrastructure elements, andwith other road users

• Connections of a “Connected Vehicle” – Vehicle-to-Vehicle (V2V), Vehicle-to-Infrastructure (V2I), Infrastructure-to-Vehicle (I2V), Vehicle-to-Pedestrian (V2P), Vehicle-to-Home (V2H), Vehicle-to-Network (V2N), Vehicle-to-Service(V2S), Vehicle-to-Device (V2D)

• Allows consumers to play music, use smartphone applications via a dashboard screen, navigate, contact roadsideassistance, use voice commands to control settings, receive parking assistance, diagnose car troubles, and a varietyof other tasks

• Relies on consumer’s personal information to function properly or perform optimally

• Connected vehicles provide increased safety, convenience and entertainment, as well as significant societal benefitssuch as reducing congestion and pollution in urban areas

Connected Vehicles – Market and Stats

• Virtually every car you buy today is internet-connected to some degree

• By the end of the year, there is expected to be a quarter of billion connected cars worldwide

• In 2022, 100% of the vehicles sold in China, Europe, and the United States will have at least someelement of integrated connectivity

• By 2025, 60% of the passenger vehicles in circulation all over the world will be connected

• Autonomous Vehicles will generate $7 trillion annual revenue stream by 2050

• Depending on the manufacturer, a connected car may generate up to 25 gigabytes of data per hourfrom at least 200 sensors within the vehicle

• Widespread adoption of AVs could lead to a 90% reduction in vehicle crashes

Connected Vehicles – Key Attack Gateways

• Electronic Control Unit (ECU)

• ECUs are embedded systems that control one or more systems or subsystems within a vehicle and areconnected via an internal network

• ECUs control systems such as engine, transmissions, steering, brakes, airbag, infotainment, lighting, advanceddriver assistance system (ADAS), etc.

• Vehicles have more than 100 ECUs onboard today

• The malicious actors can gain access to the ECUs remotely and then get into the whole network from there

• On-board Diagnostics (OBD) Port

• The port was originally designed to be used for diagnosing vehicle issues

• Often used for enabling Wi-Fi, tracking a teen’s driving habits, or enabling an insurance company to track usage

• Also provides an opportunity to hackers to cut off the brakes, manipulate the windshield wipers, disable thetransmission or lock you inside the car

• The port has been used by thieves to steal the cars in the past

Connected Vehicles –Security Vulnerabilities, Threats, and Concerns

• Longer the code, there are more opportunities for bugs, mistakes, and software vulnerabilities

• The software for different components are being written by different developers, and installed bydifferent suppliers, resulting in not one source having the knowledge of or control over everything

• Increasing number of smartphone apps that interface with connected cars increase the attack surface

• More connected components, features, and apps mean a need for constant updates – adversariescould infect the routine updates and install malicious code instead

• Denial-of-service (DoS) and main-in-the-middle (MitM) attacks are possible as well as remote accessand controls can be obtained

• More attacks as more vehicles become connected and vehicular vulnerabilities grow

A Few Hacking Incidents of Connected Vehicles

• Charlie Miller and Chris Valasek

• In 2015, they hacked Jeep Cherokee’s computer brain through its Uconnect infotainment system, rewrote the firmwareto plant their malicious code

• They cut the engine while the car was in motion on a highway, disabled brakes, basically killing the transmission andbrakes

• They did this from 10 miles away whilst sitting on their sofa and used just a computer and mobile phone to access theJeep’s on-board systems via its Wireless Internet connection

• They have also demonstrated many times how to hack Ford and Toyota cars comprising its safety and sync systems togain access to safety features, brakes, cruise control, steering, parking assist, remote keyless entry system, etc.

• Tesla hacked by Chinese hackers in 2017

• Tesla Model X

• Found a way to turn on the brakes remotely, open or close the doors and trunk, blink lights in time to music streamedfrom the car’s radio

• Used Wi-Fi and cellular connection

• Tesla however quickly released an update to fix it

Privacy Issues with Connected Vehicles

• Lengthy, confusing and unclear privacy policies from automakers

• Connected vehicles stakeholders need to be more transparent with consumers about collection, use,and sharing of their personal information

• Raised concerns around whether an explicit consent was obtained to collect a certain type of data

• The key privacy issues for the data collected about vehicle journeys and movements of vehicles are thelength of the time the data is kept, who has access to it, and whether the consumer has right to opt-out

• Collection, use, storage and sharing of children’s data is often not considered as they need to be toadhere to specific laws and regulations

• There are concerns around liabilities for Autonomous Vehicles accidents

• Fleet operator/service providers? Vehicle manufacturers? Technology companies/software manufacturers?Local government’s responsibility for maintaining the infrastructure? Driver?

• The liability between automaker, technology company and vehicle owner or operator should be defined

Privacy Issues with Connected Vehicles

• No consistent data formats or standards across different automotive manufacturers (OEMs)

• Some companies provide platforms such as Otonomo that aggregate data from different OEMs and process them tomake the data more usable and valuable

• More the data is shared with third parties, privacy concerns increase

• Default WiFi passwords

• A hacker named L&M hacked into GPS tracking tools and gained access to some vehicle’s internal systems from there

• He was able to monitor the vehicles as they drove and switch off the engines of thousands of vehicles in India, SouthAfrica, Philippines, and Morocco

• The tracking devices of these vehicles had the same default passwords of ‘123456’

• If the car is connected to your smart home hub, this linking creates vulnerabilities

• If someone can compromise the weakest component of the smart devices that connect to the smart hub, can get intothe car’s system from there

• With increasing use of biometrics data collection from connected vehicles’ drivers, privacy becomes even moreimportant

• Some car manufacturers use eye tracking to determine if a driver is attentive when cruise control is in use, while othershave begun using facial recognition

Laws and Regulations for Connected Vehicles

• Most of the underlying connected vehicle data is considered personal, hence GDPR/CCPA applies

• In some cases where the data is de-identified or aggregated, different privacy obligations apply, and are notcovered by personal data protection laws

• CCPA specifically address personal vehicle data

• No US federal legislation yet for use of personal data collected from connected vehicles

• The National Highway Traffic Safety Administration (NHTSA) within the Department of Transportation(DOT) has provided guidance around automated vehicles technologies

• Jan 2020 – AV 4.0, Ensuring American Leadership in Automated Vehicle Technologies: Automated Vehicles 4.0

• Oct 2018 – AV 3.0, Preparing for the Future of Transportation: Automated Vehicles 3.0

• Sep 2017 – AV 2.0, Automated Driving Systems: A Vision for Safety 2.0

• Sep 2016 – Federal Automated Vehicles Policy

• NHTSA works closely with FTC on issues related to consumer privacy in connected and automatedvehicles

• State Laws – some states have passed legislations, some have executive orders

Privacy of Connected Vehicles – OEM Responsibilities

• Provide full context of how the consumers’ collected data will be used

• If the data is shared with a third party for a service that depends on the connected vehicle data, design aninterconnected system that seamlessly transmits and records consent-related information across OEMs andthird-party service providers

• This interconnected system needs to provide real-time insight into each customer’s consent status

• OEM basically functions here as identity and access management provider

• The drivers at any point should be able to see what data they are sharing and have an option of opting out

• The drivers should have the option of downloading the data any time, or have OEMs and third-party providersdelete their data based on ‘right to be forgotten’ of different privacy legislations

• Different levels of sharing options

• For example, for safety-critical data

• For V2V communications where data is needed to eliminate or reduce many car accidents, if the governmentin future decide that the data must be collected and shared with public agencies and third party providers suchas smart city software, it would be easier if the OEMs already had different sharing levels implemented

Privacy of Connected Vehicles – OEM Responsibilities

• Clearly written privacy policies

• The information to be delivered to consumers in transparent, effective and engaging ways, such as via OEM’s websites,videos, at dealership, or via paper handouts

• Collect only the minimal data that’s needed for every situation

• Do not collect personally identifiable information if not necessary for the business purpose

• For example, a roadside assistance app only needs information about a vehicle’s location and similar data, but not thetrip origination point or length

• De-identify or aggregate data by removing or blurring certain information, so that only essential data points remain

• The car data needs to be secured end-to-end

• The privacy protections need to be considered at each stage of system design, development, and implementation

• Need to recognize that children’s data pose special risks and COPPA (Children’s Online Privacy Protection Rule) aswell as other appropriate laws need to be followed

• In case of a breach or an incident, there should be appropriate channels of communication to notify the affectedconsumers

Privacy of Connected Vehicles – OEM Responsibilities

• A change in vehicle ownership

• The previous owner’s connected car app can unlock doors even after the owner changed

• Communicating or detecting a change in ownership and having a way to facilitate the deletion of data between users,both on vehicles and for in-vehicle apps are needed

• Maybe use of different driver profiles?

• For rental cars and car sharing, OEMs can probably provide a standard “wipe” function to the infotainment system tofacilitate clean transitions from renter to renter

• Data lifecycle strategy

• Policies and procedures for data retention and end-of-life data, also need to adhere to legal requirements

• Discard raw user level data when the use case is based on aggregated data

• For Security of connected vehicles

• Provide multi-layered protection for connected vehicle components

• Defend against externally-facing potential gateways

• Ensure vendors and suppliers follow strong security practices

• Provide timely updates for identified problems and issues

References

• P. Datta, A. S. Namin and M. Chatterjee, "A Survey of Privacy Concerns in Wearable Devices," 2018 IEEE International Conference on Big Data (Big Data), Seattle, WA, USA, 2018, pp. 4549-4553.

https://ieeexplore-ieee-org.libproxy2.usc.edu/document/8622110

https://www.researchgate.net/publication/329591176_A_Survey_of_Privacy_Concerns_in_Wearable_Devices

• A. J. Perez and S. Zeadally, "Privacy Issues and Solutions for Consumer Wearables," in IT Professional, vol. 20, no. 4, pp. 46-56, Jul./Aug. 2018.

https://ieeexplore-ieee-org.libproxy1.usc.edu/stamp/stamp.jsp?tp=&arnumber=7950844

• K. Britton, “IoT Big Data: Consumer Wearables, Data Privacy and Security”, published in Landslide, Vol. 8, No. 2, November/December 2015, by the American Bar Association.

https://www.americanbar.org/groups/intellectual_property_law/publications/landslide/2015-16/november-december/IoT-Big-Data-Consumer-Wearables-Data-Privacy-Security/

• “A Privacy Playbook for Connected Car Data”, a White Paper by Otonomo.

https://fpf.org/wp-content/uploads/2020/01/OtonomoPrivacyPaper.pdf

• “Driving Away With Your Data - Privacy and Connected Vehicles”, a White Paper by Booz Allen Hamilton

https://iapp.org/media/pdf/resource_center/Privacy_and_Connected_Vehicles.pdf

References

• J. Joy, and M. Gerla, “Internet of Vehicles and Autonomous Connected Car - Privacy and Security Issues”, July 2017.

https://escholarship.org/uc/item/7rp5604s

• "Autonomous Vehicles: Navigating the legal and regulatory issues of a driverless world", MCCA Global TEC Forum, April 2018.

https://www.mcca.com/wp-content/uploads/2018/04/Autonomous-Vehicles.pdf

• J. Yoo, "Security for Connected/Autonomous Car", Sep 2017.

https://www.itu.int/en/ITU-T/Workshops-and-Seminars/201708/Documents/S3-Yoo.pdf

• "The Connected Vehicle in Catalonia", Catalonia Trade and Investment, May 2019.

http://catalonia.com/.content/documents/2019/Connected_vehicle_Catalonia.pdf

• "Autonomous Vehicles | Self-Driving Vehicles Enacted Legislation", National Conference of State Legislatures, Feb 2020.

https://www.ncsl.org/research/transportation/autonomous-vehicles-self-driving-vehicles-enacted-legislation.aspx

Amazon Alexa Privacy Concerns

INF 529 - Fudha Alabdulrazaq

What We'll Discuss

TOPIC OUTLINE

What is Alexa?

Data Collected By Alexa

Alexa Voice Recordings

Amazon Employees and Contractors

Alexa and Law Enforcement

How to make Alexa Private

Final Thoughts

Before we beginWHAT IS AMAZON ALEXA?

• Alexa is Amazon’s cloud-based voice service available

on hundreds of millions of devices from Amazon and

third-party device manufacturers

• When you ask Alexa a question, what you’re doing is

communicating with a cloud-based service

• Amazon has designed the Alexa Voice Service (AVS)

to mimic real conversations, but you’re actually using

intuitive voice commands to get this service to

perform specific tasks

What data does Amazon's Alexa collect by default?

• Use of Alexa

• Alexa Interactions

• Device type

• Name

• Features

• Status

• Network connectivity

• Location

• Contacts

• Amazon claims that Alexa stores all the voice

recordings only after you use the wake word "Alexa"

• Unlike Apple and Google, Amazon does not run

software directly on the device and store data

locally. They transfer the recordings of your voice

commands to their servers

• Amazon says that they do not use voice recordings

for targeted advertising purposes, but instead are

used to improve the efficiency of the device and the

user's experience

Alexa Voice Recordings

• Amazon has said consistently that the Echo speakers only listen in and record after you use

the wake word, usually "Alexa".

• However, this wasn't the case when a couple in Portland had their audio recording sent to

one of their contacts randomly.

• This woman felt like her privacy was invaded when her conversation with her husband was

sent to her husband's employee.

• In a statement, Amazon said that the Echo must have misheard the wake word, misheard a

request to send a message, misheard a name in its contacts list and then misheard a

confirmation to send the message, all during a conversation about hardwood floors.

• An Amazon employee noted that auditors each transcribe as many as 100 recordings a

day when Alexa receives no wake command or is triggered by accident.

Is Alexa Always Listening?

• Amazon makes all recent recordings available for listening in the companion Alexa app

for iOS and Android.

• To find your recordings, open the app, click the menu on the left side, select Settings

and scroll down to History. You can read your phrases, play back the original recording

and delete them.

• However, in a statement made by Amazon in 2019, they admitted that they don't always

delete the stored recordings — even after a user chooses to wipe the audio files from

their account.

• While Amazon does delete the voice recordings, the equivalent text transcripts of the

recordings are not always deleted.

Does Alexa Actually Delete Your Recordings?

Amazon Workers Are Listening to your Alexa Conversations

• Amazon reportedly pays employees and, at

times, external contractors from all over the

world to listen to recordings to improve

accuracy

• Occasionally the listeners pick up things Echo

owners likely would rather stay private

• A contractor that was hired in 2014 did not

even know what she was working with

• She was led to believe that she'd been listening

to paid testers who’d volunteered their vocal

patterns in exchange for a few bucks

Does Amazon Share Data With Law Enforcement?

• Amazon says that the police must prove the state has

a compelling need for the information and that the

material can't be obtained elsewhere.

• Arkansas police recently demanded that Amazon

turn over information collected from a murder

suspect's Echo.

• Amazon's attorneys contend that the First

Amendment's free speech protection applies to

information gathered and sent by the device

• However, Ring, which is owned by Amazon, has a

high-profile relationship with police that

involves handing over user data

- Saying the wake word by mistake

- Someone saying the wake word to

purposely trigger the device

Other Cases When Privacy Can Be Breached

- The device picking up the wake word

from TV/radio/background

- Everyday words in other languages that

sound like the wake word

HOW TO KEEP ALEXA AS PRIVATE AS POSSIBLE

Delete voice

recordings

regularly, mostly

ones that contain

sensitive

information

DELETE

RECORDIN

GSTurn off Help

Develop New

Features to

prevent

employees from

listening to your

recordings

OPT OUT

turn on start and

end of

request sounds to

prevent

accidental

recordings

AUDIBLE

ALERTS

Use the mute

button whenever

you are not using

your Alexa device

MUTE

BUTTON

ARE THE FEATURES PROVIDED BY HOME ASSISTANTS L IKE ALEXA WORTH BREACHING

OUR PRIVACY?

PONDER ON THIS

HOW PEOPLE USE AMAZON'S VIRTUAL

ASSISTANT- As we can see from the

graph, the majority of

tasks that Alexa is

performing only

provides additional

convenience.

- Most are basic tasks

that can be done on a

smart phone

Thanks!ANY QUESTIONS?

• Carr, Austin. "Bloomberg - Are You A Robot?". Bloomberg.Com, 2020,

https://www.bloomberg.com/news/features/2019-12-11/silicon-valley-got-millions-to-let-siri-and-alexa-listen-

in. Accessed 7 Apr 2020.

• Dastin, Jeffrey. "Oregon Family Finds Amazon's Alexa Has A Mind Of Her Own". U.S., 2020,

https://www.reuters.com/article/us-amazon-com-alexa/oregon-family-finds-amazons-alexa-has-a-mind-of-her-

own-idUSKCN1IQ05B. Accessed 7 Apr 2020.

• Sauer, Gerald, and Julian Chokkattu. "A Murder Case Tests Alexa's Devotion To Your Privacy". WIRED, 2020,

https://www.wired.com/2017/02/murder-case-tests-alexas-devotion-privacy/. Accessed 7 Apr 2020.

• Newman, Lily. "How To Tighten Your Amazon Echo And Google Home Privacy". Wired, 2020,

https://www.wired.com/story/alexa-google-assistant-echo-smart-speaker-privacy-controls/. Accessed 7 Apr

2020.

• "Amazon Echo’S Privacy Issues Go Way Beyond Voice Recordings". The Conversation, 2020,

https://theconversation.com/amazon-echos-privacy-issues-go-way-beyond-voice-recordings-130016. Accessed 7

Apr 2020.

• "Amazon Confirms It Holds On To Alexa Data Even If You Delete Audio Files". The Verge, 2020,

https://www.theverge.com/2019/7/3/20681423/amazon-alexa-echo-chris-coons-data-transcripts-recording-

privacy. Accessed 7 Apr 2020.

Credits:

IOT & Privacy: Business

Perspective

MaryLiza Walker

AGENDA• Background: IOT and Privacy

• Benefits of IOT devices in businesses

• Goal of Privacy

• Impacts and Recommendations

• Ways Privacy can be leveraged in IOT

• 7 Foundational Principle for Privacy by Design

• Things to keep in mind with Privacy by Design

Background

Benefits from using IOT devices in the workplace

GOAL OF PRIVACY

Impacts and Recommendations

Ways Privacy can be leveraged in IOT devices

7 Foundational Principles

◦Proactive not Reactive

◦Privacy as the Default Setting

◦Privacy Embedded into Design

◦Full Functionality

◦End-to End Security

◦Visibility and Transparency

◦Respect for User Privacy

Things to keep in mind when doing Privacy by Design

REFERENCEShttps://www.gartner.com/document/3637817?ref=TypeAheadSearch

https://www.cnet.com/news/samsungs-warning-our-smart-tvs-record-your-living-

room-chatter/

https://www.ftc.gov/news-events/press-releases/2017/02/vizio-pay-22-million-ftc-

state-new-jersey-settle-charges-it

https://www.ipc.on.ca/wp-content/uploads/Resources/7foundationalprinciples.pdf

https://www.gartner.com/document/3877564?ref=algobottomrec&refval=3637817

https://ieeexplore.ieee.org/document/7163223?reload=true

https://www.oracle.com/internet-of-things/what-is-iot.html

https://iapp.org/news/a/top-10-operational-impacts-of-the-gdpr-part-8-

pseudonymization/

Privacy Implications of

Autonomous Vehicles and

Aerial Drones

04/10/2020

Khalid Mansory

Mohammed Ababtain

85

Outline

▪ What are Autonomous Vehicles?

▪ Data Collection by AVs

▪ Car Data Monetization

▪ Security Threats

▪ AVs and the expectation of privacy

▪ What are Aerial Drones ?

▪ Uses of aerial drones

▪ Government Use of aerial Drones

▪ Privacy issues

▪ Current rules and regulations

▪ IOT privacy in Saudi Arabia

86

What are Autonomous Vehicles ?

Automation Levels :

An autonomous car is a vehicle capable of sensing its environment and operating without human involvement. A human passenger is not required to take control of the vehicle at any time, nor is a human passenger required to be present in the vehicle at all.

Potential Benefits:

▪ Reduce traffic congestion▪ Less Pollution (CO2 emission)▪ Easier Parking▪ Enhance transportation access▪ Lower transportation cost▪ Urban Development▪ Personal benefits

87

Data Collection by AVs

What data can be collected by AVs?

Use: Sensors, Actuators, Algorithms, AI, Machine learning …etc → execute software

How are AVs different than some other privacy invasive technologies ?

• Mobility• Connected networks

Estimates show the average autonomous vehicle will generate up to 25GB/hour. (L2)

Higher autonomy vehicles can reach up to 32TB/Day.

Ethical Obligation ?

88

Car Data Monetization

Higher Autonomy vehicles can reach up to 32TB/Day.

Car-generated data can become a USD 450-750 billion market by the year 2030.

From Business Perspective:

▪ High brand Exposure (controlled environment)▪ Efficient targeted Ads (Higher sales)▪ Customer Feedback▪ Cross-selling chances

89

Car Data Monetization

The market is already changing !

▪ Mobility credit

▪ Higher Exposure

90

Security Threats

Survey for car manufacturers showed that they are aware of the cybersecurity threats, but less than half are prepared for the threat; suppliers’ preparedness is even worse.

Security challenges for AVs:

▪ Increasing Complexity

▪ High Integration

▪ Supplier Vulnerability

91

AVs technology and the expectation of privacy

Q: Comfortability with AV capability

Effort to opt out?

People differentiate between primary and secondary data uses

2017 Study at CMU:Privacy Perceptions of Networked Autonomous Vehicles

92

Rules and Regulations

Generally, there is no federal law regarding self-driving cars.

The laws surrounding self-driving cars vary enormously by state, with 29 states having passed legislation.

The National Highway Traffic Safety Administration (NHTSA)

▪ vehicle-to-vehicle (V2V) communications

For information privacy and data security regulations (Secondary Data Use):

FTC → Protect consumer personal and sensitive information and prevent unreasonable

data security practices.

Industry self-regulation

93

https://www.synopsys.com/automotive/what-is-autonomous-car.html

https://www.tuxera.com/blog/autonomous-cars-300-tb-of-data-per-year/

https://blocksandfiles.com/2020/01/17/connected-car-data-storage-estimates-vary-widely/

https://www.usenix.org/sites/default/files/conference/protected-files/soups2017_slides_bloom.pdf

https://scholarship.law.edu/cgi/viewcontent.cgi?article=1024&context=jlt

https://www.mcca.com/wp-content/uploads/2018/04/Autonomous-Vehicles.pdf

https://www.nytimes.com/2019/03/28/business/autonomous-cars-technology-privacy.html

https://www.cyberdefensemagazine.com/privacy-and-security/

https://www.vox.com/future-perfect/2020/2/14/21063487/self-driving-cars-autonomous-vehicles-waymo-cruise-

uber?__c=1

References

Aerial Drones

94

Mohammed Ababtain

95

What are Arial Drones ?

• A "drone," or "unmanned aircraft," is an aerial vehicle used without a human pilot onboard.

• Drones are equipped with different state of the art technology such as infrared cameras, GPS

and laser.

• Constantly evolving as new innovation and big investment.

• Come in a wide variety of sizes i.e. used in military purposes.

96

Uses of Arial Drones

• Delivery

• Inspections

• Healthcare

• Agriculture

• Emergency Response

• Weather forecasting

• Construction planning

• Personal Transportation

• Special events (Wedding, Real estate)

97

Government Uses of Arial Drones

• Search and rescue

• Aerospace

• Military

• Reconnaissance

• Offensive Attacks

• Collect Evidence

• Surveillance

December 2019 Study at Alexandria, VA:71% of American people have privacy concerns about drones.

Public Trust

98

Privacy Issues

• The US Supreme Court has held that individuals do not generally have Fourth Amendment

rights with respect to aerial surveillance because of the ability that anyone might have to

observe what could be viewed from the air.

• Discrimination

• Abuse by authorities

• Effects on society freedom of speech

99

California v. Ciraolo (1986)

The police had received a tip that Dante Ciraolo was growing marijuana in his backyard, but high fences prevented them from viewing his backyard from the street. The police borrowed a plane, flew it over the backyard and easily spotted marijuana plants growing there. Ciraolo argued that his Fourth Amendment rights were violated because the government did not get a warrant. The Court rejected this argument, explaining that there was no intrusion into his privacy because “[a]ny member of the public flying in this airspace who glanced down could have seen everything that these officers observed.”

100

Florida v. Riley (1989)

The police had received a tip that Michael Riley was growing marijuana in a greenhouse on the property surrounding his home. The interior of the greenhouse was not visible from the ground outside the property, and the greenhouse had a ceiling, though two panels in the ceiling were missing. A police officer flew over the greenhouse and spotted marijuana through the openings in the roof. While no reasoning commanded a majority of the Court, four justices concluded that its decision in Ciraolo applied because Riley had left part of the greenhouse open to public view, and so the search was constitutional.

101

Dow Chemical Co. v. United States, (1986)

The Environmental Protection Agency employed a commercial aerial photographer to use a precision aerial mapping camera to take photographs of a chemical plant. The Court found no violation, in part because the camera the EPA used was a “conventional, albeit precise, commercial camera commonly used in mapmaking,” and “the photographs here are not so revealing of intimate details as to raise constitutional concerns.” However, the Court suggested that the use of more sophisticated, intrusive surveillance might justify a different result. It wrote, “surveillance of private property by using highly sophisticated surveillance equipment not generally available to the public, such as satellite technology, might be constitutionally proscribed absent a warrant.”

102

Is it ok to shoot a drone flies over your

private property?

103

Current law and regulations

• General rule: No expectation of privacy in activities

conducted in the open

• Domestic use of drones has been held back by the Federal

Aviation Administration (FAA), which is responsible for the

safety of the nation’s airspace

• California forbids the use of drones to record another person

without their consent.

104

Recommendations

• Usage restrictions

• Image retention restrictions

• Public notice

• Auditing

105

IOT privacy in Saudi Arabia

• Similarly, no specific privacy rules for IOT technologies.

• What is “Reasonable” ?

• E.g. Saudi Arabia cyber-crime law prohibits misusing portable phone (or similar) to take

pictures of strangers in public, punishable by imprisonment for up to one year and a

500,000 Saudi riyal (135,000 USD) fine.

106

https://www.aclu.org/files/assets/protectingprivacyfromaerialsurveillance.pdf

https://www.dronezon.com/learn-about-drones-quadcopters/what-is-drone-technology-or-how-does-drone-technology-work/

https://epic.org/privacy/drones/

https://www.cbinsights.com/research/drone-impact-society-uav/

https://www.brookings.edu/research/drones-and-aerial-surveillance-considerations-for-legislatures/

https://www.powerdms.com/blog/law-enforcement-drone-policy/

https://www.popularmechanics.com/flight/drones/how-to/a16756/how-to-shoot-down-a-drone/

https://uavcoach.com/drone-laws-california/

https://www.thenational.ae/world/gcc/drones-in-saudi-arabia-laws-and-regulations-1.723778

https://www.southampton.ac.uk/news/2016/07/drone-technology.page

References

Thanks

Tying it all Together - IoT

• Devices

– We carry

– At our home

– At work and “on the road”

– In our vehicles

• Privacy

– What data they collect or possess

• Security

– How that data is protected

• Attacks enabled

– Further implications

Internet of Things (IoT)

• IoT Includes devices and software embedded with sensors, and network connectivity for integration and to enable data collection/exchange.

• Network connected “smart” objects can be sensed and controlled remotely.

• In some cases a hub serves as a “master” device, but more and more frequently, this hub resides in the cloud.

• There are more than 500 million internet connected devices in U.S. homes alone and it is estimated that approximately 50 billion objects will have IoT capability by 2020.

IoT on our Person

• On our person

– Smartphone

– Laptop/Tablets

– FitBit or activity Tracker

– Smart Watch

– Insulin Pumps

– Pacemakers

– Google Glass

• Or in our homes

Issues

• How we connect

– And how we authenticate/authorize

• Data Collection or Manipulation– Sensor or PLC (programmable Logic Controller)

• General Purpose Computing or Specialized

• How to Update / Reprogram

• Risks and Consequences

US warns of cyberattacks targeting medical devices – RT 14 June 2013

• The FDA is warning that implanted medical devices, such as pacemakers and defibrillators, are

often connected to networks that are vulnerable to cyber attacks that could shut down or

manipulate the machinery.

• Hackers with malicious intentions could introduce malware into the equipment, thereby gaining

access to configure settings in medical devices or hospital networks, the Food and Drug

Administration said in a warning sent to hospitals, medical device manufacturers, user facilities,

and biomedical engineers.

• “Over the past year, we’ve become increasingly aware of cyber security vulnerabilities in incidents

that have been reported to us,” William Maisel, deputy director for science at the FDA’s Center for

Devices and Radiological Health, told Reuters. “Hundreds of medical devices have been affected,

involving dozens of manufacturers.”

• Maisel noted that most of the infections were most likely unintentional, but that they demonstrate

a very real possibility that hackers could intentionally inflict damage upon them.

• The FDA report identified 300 medical devices that are at risk of crippling cyber attacks, including

insulin pumps, implantable cardioverter defibrillators, anesthesia devices, drug infusion pumps,

ventilators, and pacemakers. Some of these devices can even be remotely accessed through the

Internet, the FDA report said.

Good Practices / Isolation

• For manipulators

• How we connect

– Pairing with local controller

– Security of Controller then becomes issue

• Local Governor – No override to unsafe states

• Problems arise from conflict between always on

access and need to protect.

• Push data from device, rather than pull/poll.

– But that creates power/efficiency issues

Accessible Telemetry

• GP Devices (smartphones, tablets laptops)

– More vulnerable to malware and other

compromise

– If compromised can collect event more data

than we have configured them to collect.

• Telemetry:

– Audio, Video, Location, Vibration

Camera Access

• Disable Your Laptop's Built-in Webcam to Protect Your

Privacy – Mark Wilson – Lifehacker – 6/27/14• Windows: Webcams offer a window

into your home, and they've been

known to targets for malware. If you

have a built-in camera, here's how

disable it and protect yourself.

• Malware can take over webcams,

so there is potential for your camera

to spy on you. You can easily

disable an external webcam just by unplugging it, but things are a little

different for integrated cameras.

• The simple solution is to just pop a piece of tape over the lens, but this is not

ideal. Sticky residue is left behind, and there is a risk that your improved

privacy shield could fall off. You could turn to third party software, but you can

also disable a webcam from within Device Manager.

Turning Devices Off

• How the NSA can 'turn on' your phone remotely –

CNN Money June 6 2014 - Jose Pagliery

• Even if you power off your cell phone, the U.S. government can turn it back on.

• That's what ex-spy Edward Snowden revealed in last week's interview with NBC's

Brian Williams. It sounds like sorcery. Can someone truly bring your phone back to life

without touching it?

• No. But government spies can get your phone to play dead.

• It's a crafty hack. You press the button. The device buzzes. You see the usual power-

off animation. The screen goes black. But it'll secretly stay on -- microphone listening

and camera recording.

Monitoring Vibration

• iPhone Accelerometer Could Spy on Computer

Keystrokes – Olivia Salon - Wired UK – 10/19/11• The accelerometers in many smartphones could be used to decipher what you

type into your PC keyboard — including passwords and e-mail content —

according to computer scientists at Georgia Tech.

• The technique depends on the person typing at their computer with their mobile

phone on the desk nearby. The vibrations created by typing onto the computer

keyboard can be detected by the accelerometer of the phone and translated by

a program into readable sentences with as much as 80 percent accuracy.

• The technique involves working through probability by detecting pairs of

keystrokes, rather than individual keys. It models “keyboard events” in pairs and

then works out whether the pair of keys pressed is on the left or the right side of

the keyboard and whether they are close together or far apart on the QWERTY

keyboard. Once it has worked this out, it compares the results to a preloaded

dictionary where each word has been broken down in the same way.

Back to Internet of Things

• At Home

– HVAC (Climate Control)

– Internet Web Cameras

– Television and Entertainment Devices

– Alarm Systems

– Doors and Locks

– Routers and Wifi

– SAN (Storage Area Networks) network disks

– Coffee Makers, Toasters, Refrigerators

– Home Automation, Lights, etc

– Garage Door Openers

IoT Devices

Ho

m

e

Pe

rso

na

l

Work or On-the-

Go

Vehicles

Slide by Veronica Molina

IOT in Home Security Systems

Slide by Veronica Molina

What is the role of IOT here ?

• Embedded devices withminimum CPU, memory andpower resources and able toconnect to internet.

• Ability of devices to performactions and not just sense thesurroundings.

• Ability to integrate into existingelectronic systems at home suchas smart phone, computer andother devices.

Slide by Veronica Molina

What are the attack surfaces ?

• Insecure web interfaces - Cross site scripting, SQL injection, session management etc.

• Insufficient Authentication / Authorization - Multifactor authentication, secure password

recovery mechanism.

• Insecure network services - Open ports, Buffer overflow, Denial-of-Service.

• Lack of data encryption - Unencrypted services via local or internet. SSL/TLS

implementation

• Insecure mobile interfaces - Account lock-out, Unencrypted data transfer over network.

• Insufficient security configurations - Granular access control, strong passwords.

• Insecure software / firmware - Updateable software / firmware, Encrypted update files,

Update file integrity verification.

• Privacy concern - End to end data encryption, Avoid collection of unnecessary user data,

Secure storage of PII information.

Slide by Veronica Molina

Standards (or lack of any)

• By default no set rules/standards in designing

architecture

• Developments from past year

https://www.forbes.com/sites/aarontilley/2016/07/27/two-

major-internet-of-things-standards-groups-strike-

alliance/#1b42c1cd4520

• This year, US Department of Commerce finally took note

of the issue that IoT standards cannot be left to market.

www.zdnet.com/article/iot-standards-cannot-be-left-to-

the-market-us-department-of-commerce/

123

Slide by Apurv Tiwari

How can I protect myself ?

• As we have seen, its not just the deviceor the network or clients contributing tovulnerabilities.

• There are many attack surfaces involvedand each of them need to be evaluatedand secured.

• Understand the security aspectsconsidered by the service provider andthe response time to discoveredvulnerabilities and frequency of updatesto device software or firmware.

Slide by Veronica Molina

Major Issues Many Home IoT Devices

• Many of these devices are general purpose

– GP interface is hidden, and user only sees application running on top

of Linux or other platform.

– Many IoT devices are not updated/patched regularly to address new

vulnerabilities that are discovered. Or updates occur automatically

without permission of owner.

– Many devices enable inbound access through your Firewall.

– IoT Device is full fleged device on your home network, and if

compromised from outside, allows attacker node inside your firewall to

attack observe other activity.

– Many users leave their devices with the default passwords or access

controls.

– May devices enable “open access” to users within local network

segement. (open or hacked wifi and other IoT devices can be an issue)

How easy is it to hack a home network?

Mark Ward - BBC News – 25 February 2016My home is under attack - Right now, skilled adversaries are probing its defences seeking a

way in. They are swift, relentless and smart. No weakness will escape their notice. But I am

not without defences. I've tried to harden the most vulnerable devices to stop them being

compromised and I've set up warning systems that should alert me if the attackers get inside.

In the end, all that effort was for nothing because the attackers found so many ways to get at

me and my home network. And, they said, even if the technology had defeated them, the

weakest link of all - me - would probably have let them in.

Swiss cheese - I found out just how severely compromised my home network was in a very

creepy fashion. I was on the phone when the web-connected camera sitting on the window sill

next to me started moving. The lens crept round until it pointed right at me. I knew that the

attackers were on the other end watching what I was doing, and potentially, listening to the

conversation. It is a gadget my children and I have used to see if any wildlife passes through

our garden and one which many people have for home security or as an alternative baby

monitor. I was lucky that I knew my attackers who, at that moment, were sitting in my living

room waiting to show me how straightforward it was to subvert these domestic devices. The

picture they took of me via the camera was evidence enough.

Inferences from Home Sensors

• Your daily Routine

– When you leave, get home, what is the best time

to burglarize your house.

• What television programs you watch.

– No more “Nielson families” – your TV or set top

box collects this data and sends it to your

provider.

• Power consumption can tell a lot about your activities

too.

At Work and “On the Road”

• We pair with devices all the time

– For printing, beaming data

– NFC for payment

• Attaching to WiFi Hotspots

– We broadcast the SSID’s with which we usually

connect.

– Evil twin or Rogue free WiFi

• Whenever we attach, it creates a path for malware

infection, or for data to be collected by “peer”.

– E.g. contact list on bluetooh connected audio in

rental car.

In Our Vehicles

• Our vehicles are part of the IoT

– OBDII

– Wifi Hotspots

– Entertainment systems

– Blue tooth connectivity to our cellphones

• Discussed earlier

– Navigation

• Is your car Spying on You

– NBC LA – November 15 2015

• Consider multi-step attacks

– Cellphone malware – Entertainment - OBDII

Mid-term Exam Discussion – Q1

Expectations of Privacy (30 points)

Although intended by US courts to apply to governments’ access to business records, the “third party doctrine” is actually a very accurate statement of what happens to our data today when we provide the data to third parties. Although privacy regulations and communicated privacy policies may tell us otherwise, there is always the danger (and expectation) that our data will get out if we provide it to third parties. In this question I am concerned with out actual expectation of privacy, specifically with respect to whom our information may be provided (including for government and commercial purposes) and how it may be used.

a) List some data (or actions that you might take) that leave you with zero expectations of privacy with respect to the data you have provided. For some of the examples of this “non-private” data, can you think of examples of ways that we expect the data should not be used.|(10 points)

b) Explain some of the changes to technology that have resulted in the disclosure of data that is ‘non-private’ (i.e. in plain view) having a significant impact on our privacy when combined with similar data. (10 points)

c) Provide several examples (possibly from current events) where data that has been entrusted to a third party (and which is not in plain view) has been used in unexpected ways, violating the user’s privacy expectations. (10 points)

Mid-term Exam Discussion – Q2

The most common manner by which adversaries steal our personal data is through impersonation. When our data is stored on our local device, or on the servers of social media and cloud services, the data is supposed to be accessed only by authorized users. If an adversary can pose as a different user for the purpose of making requests, then they can use the privileges associated with the identity that has been impersonated. (30 points)

a) List some of the ways that an adversary is able to make request posing as a different user. There are at least two significantly different ways that this can be accomplished. (10 points)

b) What are some of the approaches by which you can mitigate the impact of such impersonation activities? (by mitigate, I specifically do NOT mean prevent the impersonation from occurring, what I mean is that you should take steps to ensure the least resulting impact when impersonation does occur). (10 points)

c) What are the three main approaches that computer systems can use to confirm identity (authentication). What are the tradeoffs between the different approaches and what steps can a system designer or an end user take to improve the effectiveness of the authentication process? (20 points)

Mid-term Exam Discussion – Q3

One definition of privacy discussed in class is that privacy is the right to be let alone. By its nature, social media is intrusive. In this question I want you to discuss some of the ways that social media is problematic for our security and privacy.

a) When we use social media, we voluntarily provide information to that reveals our most sensitive characteristics: our likes and dislikes, who our friends are (i.e. our social network itself), our daily schedule, planned travels, the food we eat, etc. Discuss some of the ways that this data is used (i.e. for the purposes that we choose to use these sites) and mis-used (how the sites use this data in ways that are not necessary to the benefit of the end-user, including ways that the user is “monetized”). (10 points)

b) Discuss some ways that social media may be used to control us, i.e. how can it more effectively influence our actions and our speech than other media? Consider how it can also affect the actions and speech of those that are not actively using such social media platforms. Specifically consider the incentives and disincentives provided through the social media platform itself. (10 points)

c) Social media platforms touch many of our devices and our social media “timelines” are often integrated with our other internet connected activities. How does this integration with our “timeline” affect the privacy of the data associated with our other activities? (10 points)

Backup Slides

This WeekThe Dark Web

• Readings:– Time Magazine The Secret Web: Where Drugs, Porn

and Murder Live Online November 11, 2013.

– It’s About To Get Even Easier to Hide on the Dark Web,

Wired 1/28/2017.

– https://www.vice.com/en_us/article/ezv85m/problem-the-

government-still-doesnt-understand-the-dark-web

– US government funds controversial Dark Web effort

Anonymization

• For internet communication (email, web traffic) even if contents are

protected, traffic analysis is still possible, providing information about

what sites one visits, or information to the site about your identity.

• Tools are available that will hide your addresses

– Proxies

– Networks of Proxies – Onion Routing and TOR

Anonymizer and similar services

• Some are VPN based

and hide IP addressed.

• Some of proxy based,

where you configure

your web browser.

• Need the proxy to hide

cookies and header

information provided by

browser.

• You trust the provider

to hide your details.

• Systems like TOR do

better because you

don’t depend on a

single provider.

TOR

• Originally developed by US Navy to protect Internet

communications

• The problem:

• Internet packets have two parts – header and

payload

• Even if payload is encrypted, header is not

• Header lists originator and destination nodes – all

nodes along the way can read this information

• Why might this be a problem:

• Law enforcement may not want it known they are visiting a site

• General privacy protection.

TOR

TOR

• Continued development and improvement

with US funding (Dept of State)

• SAFER project:

• Develop improvements or similar

technologies that are less vulnerable to

persistent attempts to track users, e.g.

dissidents, etc.

TOR

From Engadget, 7/28/2014Russia offers a $110,000 bounty if you can crack TorCountries that have less-than-stellar records when it comes to dissenting voices must really, really hate Tor. Coincidentally, Russia's Interior Ministry has put out a bounty of around $110,000 to groups who can crack the US Navy-designed privacy network. After the country's vicious crackdown on dissenting voices back in 2012, protestors who hadn't escaped or been jailed began using anonymous internet communication as their first line of defense against the Kremlin. If you're considering taking part in the challenge (and earning yourself a tidy stack of cash to quell your conscious), be warned -- the bounty is only open to organizations that already have security

clearance to work for the Russian government.

TOR - Fundamentals

• Origin node accesses list of TOR nodes and creates

the packet:

• Starts by creating a packet consisting of payload and

header – header contains desired destination node

and final TOR node in zigzag route

• Now treats the above packet as a payload and creates

a header with origin and destination consisting of two

TOR nodes

• This is repeated until final packet contains a header with original source node and first TOR node identified

• …Hence the term “Onion Routing”

TOR - Fundamentals

TOR – Fundamentals

Source cybersolutons.ga and yourdictionary.com

TOR - Fundamentals

Source Node

Destination Node

T

T

T

T

T

TOR - Fundamentals

• List of TOR nodes periodically changes

• Zigzag route is periodically changed

• Not totally fool proof:

• If non-TOR browser opened within TOR browser,

security measures are void – basically going back

to “direct routing”

• Someone monitoring source and destination node

may note synchronization of packets being

sent/received.

• …to avoid: increase TOR traffic

Deep Web – TOR (These are old addresses)

• TOR (https://www.torproject.org/about/overview.html.en)

• http://deepweblinks.org/ - Lists sites in deep web

• http://ybp4oezfhk24hxmb.onion/ - lists a hitman website

• http://xfnwyig7olypdq5r.onion/ - lists a USA Passport site

• http://jv7aqstbyhd5hqki.onion/ - a hackers site

• http://2ogmrlfzdthnwkez.onion/ - rent-a-hacker

• http://www.infosniper.net/

TorSearch - http://kbhpodhnfxl3clb4.onion/

http://deepweblinks.org/

http://2ogmrlfzdthnwkez.onion/ - use inside TOR

http://ybp4oezfhk24hxmb.onion/ - use inside TOR

http://xfnwyig7olypdq5r.onion/ - use inside TOR

http://jv7aqstbyhd5hqki.onion/ - use inside TOR

This WeekThe Dark Web

• Readings:– Time Magazine The Secret Web: Where Drugs, Porn

and Murder Live Online November 11, 2013.

– It’s About To Get Even Easier to Hide on the Dark Web,

Wired 1/28/2017.

– https://www.vice.com/en_us/article/ezv85m/problem-the-

government-still-doesnt-understand-the-dark-web

– US government funds controversial Dark Web effort

Discussion

• Readings:– Society deserves privacy, but at what cost.

– Who defines “good use”

– Dark v. Deep Web

– How to control the dark web (technically)