|Security In A Digital Age|
Posted on January 6, 2020
Cast your mind back a few decades. It was 2000 AD, and wifi was all the rage.
It was more expensive than the standard wire coming out of the wall, so just about all of the early adopters were people with money. A couple of computer geeks I knew at the time, guys that were really savvy about all this internet stuff, decided to make a play for the brass ring.
Their idea was to load up one of their cars with computer equipment, and drive around the swanky neighborhoods. If they detected a wifi signal, they would park on the street in front of the house and listen in. Almost always, they would get loads of personal information with virtually no effort on their part. Not only would the majority of wifi customers never bother to change their default passwords, a fair number would have no encryption at all!
So my buddies would record all this. Bank account numbers, bank balances, loan and mortgage information, credit card info, retail purchase history, a list personal friends and relatives, phone numbers, addresses, employment history. You name it, if it was on the computer they could get to it.
Armed with these sensitive and personal facts, the two would ring the doorbell and introduce themselves.
They would explain that they were internet security experts, and that the people living in the house really needed their services. Why, look at all the info they sucked from the ether just by parking in the street!
So they demonstrated that the residents of a wifi equipped house needed to guard against unauthorized access, and that the financial or personal damage could be immense. What kind of reaction do you think they received?
Just about every time, the homeowners would become enraged that they had peeked inside of their very private affairs. Doors would be slammed in their faces.
Why would they do that? My friends were pointing out that all of their potential customers were freakin’ IDIOTS for not changing their passwords, or even dumber than an idiot by not bothering with data security at all. I have little doubt that the people who became so upset by being shown that anyone could empty their bank accounts at will did nothing to change this situation. They probably figured that it wasn’t their fault for ignoring the most basic data security protocols, it was the fault of these jerks at their door for looking at their private information!
As you might imagine, my two amigos did not manage to start a data security business and get rich. Instead they eventually decided to give up out of frustration. Too bad, as I was going to ask them for a job if they had managed to succeed.
People haven’t gotten any smarter since then. Every so often I come across news of a website that offers live webcam streams from inside private homes. This should not be surprise to anyone, as I can routinely find private webcam streams when browsing for official traffic and weather cameras to see what the weather is like when I’m traveling. You don’t need to be a hacker if a Google search hands you a view from inside someone’s house.
I’m going on and on about all of this due to this news article. It seems that Amazon and company named Ring are subject to a class action lawsuit from a disgruntled customer. The lawsuit claims that Amazon and Ring did not do their due diligence in securing doorbell webcams from hackers. Kids are being harassed, possibly stalked, and someone has to pay!
What does the company that sells the devices has to say? “… Ring couldn’t help it if people reused passwords with sites and services it can’t control. “
In other words change the password from the default when you first hook a device up to the internet, and use different passwords for each device.
What do I think about all of this? I can’t say with any authority who dropped the ball on keeping hackers at bay in this instance, but past experience indicates to me that it probably wasn’t the company.