The Latest in Creepy Spyware

The Nest home alarm system shipped with a secret microphone, which -- according to the company -- was only an accidental secret:

On Tuesday, a Google spokesperson told Business Insider the company had made an "error."

"The on-device microphone was never intended to be a secret and should have been listed in the tech specs," the spokesperson said. "That was an error on our part."

Where are the consumer protection agencies? They should be all over this.

And while they're figuring out which laws Google broke, they should also look at American Airlines. Turns out that some of their seats have built-in cameras:

American Airlines spokesperson Ross Feinstein confirmed to BuzzFeed News that cameras are present on some of the airlines' in-flight entertainment systems, but said "they have never been activated, and American is not considering using them." Feinstein added, "Cameras are a standard feature on many in-flight entertainment systems used by multiple airlines. Manufacturers of those systems have included cameras for possible future uses, such as hand gestures to control in-flight entertainment."

That makes it all okay, doesn't it?

Actually, I kind of understand the airline seat camera thing. My guess is that whoever designed the in-flight entertainment system just specced a standard tablet computer, and they all came with unnecessary features like cameras. This is how we end up with refrigerators with Internet connectivity and Roombas with microphones. It's cheaper to leave the functionality in than it is to remove it.

Still, we need better disclosure laws.

Posted on March 4, 2019 at 6:04 AM • 33 Comments

Comments

Michael JosemMarch 4, 2019 6:48 AM

I think you've misunderstood the Roomba with microphones blog post.

That guy is not saying that a Roomba has a microphone (there is no evidence it does).

Rather, he has used a microphone to listen to the sound made by the Roomba.

David RudlingMarch 4, 2019 8:25 AM

@Bruce

"It's cheaper to leave the functionality in than it is to remove it."

The Ariane 5 launcher software included some old Ariane 4 software on the above grounds.

I draw your attention to this classic software engineering example of bad practice causing a $500 million dollar disaster. Re-read the inquiry report.

https://esamultimedia.esa.int/docs/esa-x-1819eng.pdf

David RudlingMarch 4, 2019 8:36 AM

@Bruce

Oops. The final sentence seems to have dropped off my last post.

It said that if the Ariane 5 is regarded as an extreme IOT device then such bad practice already has old (1996) examples coming close to your IOT "press here to kill everyone" thesis.

Owen ZahariasMarch 4, 2019 8:56 AM

Similarities to the Tesla Model 3 Cabin Camera: "Model 3 is equipped with a camera in the cabin. The camera is not currently active, but might be used in potential future features which could be added to Model 3 with software releases."

Source: https://www.tesla.com/content/dam/tesla/Ownership/Own/Model%203%20Owners%20Manual.pdf

While Tesla clearly calls this out in the user manual the camera itself is extremely unobtrusive. Users who have not done an exhaustive review of the manual may be unaware of its existence.

NotAnonymousEnoughMarch 4, 2019 10:24 AM

Am I the only one who puts Black Vinyl Electrical Tape over the camera on my laptop (and tablet)? And cuts the microphone out?

You worry about the Nest. I'll worry about the laptop (and tablet) I carry everywhere & use constantly with the in-your-face camera & shitty Windows security. You worry about Google. I'll worry about all the antivirus software packed on my laptop that constantly needs updating and never seems adequate and the never ending hordes of malware authors.

I bet that seatback camera could have been disabled with nail polish or paint...

Hey, if there's a microphone on the Nest (or whatever), and I leave my TV or Radio on all day so the house looks like someone's home, and they eavesdrop on that garbage.... Well, I guess it depends on the channel/station. I could get some really interesting advertisements. Or a visit from homeland security.

I wonder if I talk in my sleep. That dream I had last night... Uh Oh!

Impossibly StupidMarch 4, 2019 10:30 AM

I'm going to again call for individual accountability, despite this blog having deleted my past post on that topic. That's ironic to me, given that Bruce constantly calls for laws and regulations, as though they're enough to address the issue. Companies break laws and ignore regulations all the time, and the result is usually little more than a fine that is a cost-of-doing-business drop in the bucket for these hundred billion dollar sociopaths.

These "errors" don't just magically, passively happen. People performed those actions, possibly with malicious intent. If Google (or any other similar privacy-eroding company) wants to get back our trust, they would transparently expose their internal communications that demonstrate where in the process the documentation of the microphone went missing. I want to know if anybody there was an O-ring hero who went to the mat trying to do the right thing. I want to know what the company has done to change the process so that such "errors" don't happen in the future.

It also speaks volumes on their lack of understanding when companies say that they aren't using the extra included sensors. The whole problem with IoT devices is that security doesn't appear to be a priority, so it's really just a question of when someone will abuse the existence of those sensors.

Seattle SipperMarch 4, 2019 10:37 AM

Although I believe this is true:

My guess is that whoever designed the in-flight entertainment system just specced a standard tablet computer, and they all came with unnecessary features like cameras.

I suggest there's more to the situation. In a prior life, we ordered a large number of PC systems and we were able to specify changes at trivial or no cost. Deletions were particularly easy and often came with a cost savings. We could de-spec the USB ports and allow only PS/2 connections for keyboard and mouse (this was a while ago). With automated pick-and-place, it's trivial to skip items - don't install a camera, save $5; don't install a USB connector, save $1; and so on. I've repaired enough phones and laptops (thanks, ifixit!) to know that it's easy to leave out such things. In particular, cameras usually come as modules on flex-cables so they can be positioned more easily. If the firmware is well-designed, the corresponding diagnostic simply fails and is ignored, and the software just doesn't load or initialize the driver.

That said, the engineer must be aware enough to de-spec the feature in the first place.

albertMarch 4, 2019 11:56 AM

"It came with the computer" isn't an excuse, and the makers are actually telling us about "possible future uses".

The problem, dear Bruce, is not in our hardware, but in ourselves.

The problem is not that you have a camera (or microphone), the problem is that only a software change is required to activate it, and only an Internet connection is required to accomplish that.

It's hard for me to believe that those IFE cameras weren't intentionally included in those computers.

@Impossibly Stupid,

I've never heard of the O-ring guy. Thanks for the link. I do remember Richard Feynman and his testimony to the Rogers Commission....

. .. . .. --- ....

pnathanMarch 4, 2019 12:15 PM

Google said that they had a mic in for potentially setting up a glassbreak detection.

This is a pretty believable reason to have a mic, to be honest. Glassbreak sensors are audio based and are something that the Nest Security system is considered to lack vs other offerings such as ADT.

As to why it wasn't *mentioned* in the tech specs originally... that's an excellent question. My guess is they didn't want to take the heat of having a mic but no glassbreak algorithm.

EugeneMarch 4, 2019 2:17 PM

So if you live in a 2-party state, what does this mean for class action lawsuits?

vas pupMarch 4, 2019 2:23 PM

@NotAnonymousEnough • March 4, 2019 10:24 AM
Not only you taped camera on computer.
Same are/were doing former FBI Director and CEO of Facebook.
You see the level on interference by those examples being caught by media.

@Clive posted in the past you have to disable speaker as well on your PC because microphone and speaker could be transferred into each other functionality by wizards remotely by affecting software related and utilizing Internet connection.

In this case (not so often) I agree with @Albert absolutely.

I guess the concern should be not only about data collection device (camera, microphone, etc.) being installed, but about full disclosure by manufacturer their:
1-existence 2-functionality 3-user ability to disable those functions when USER decided by mandatory part of the specs of kill switch/hardware, not software installed for such purpose. That should be required by Law. When camera exists, then there is always possibility of utilization by folks other than manufacturer. In order to make manufacturers to comply,
as respectful blogger @Impossible Stupid point out:
"Companies break laws and ignore regulations all the time, and the result is usually little more than a fine that is a cost-of-doing-business drop in the bucket for these hundred billion dollar sociopaths."
fines should be like waterfall or flood, not drop in the bucket as EU successfully doing. Then 'sociopaths' mind set could be changed in the right direction. Fine should calculated per item with 'error', not per 'error' itself working as huge multiplier.
Yeah, Big Brother could be cut out of spying on you as well, so when necessary BB have to utilize other available techniques and brains of their folks. That is the price.

My concern is with IoT device: Comcast/Xfinity cable box capability of monitoring your room including voice activate remote control. Even when box is supposedly be off, it is basically in sleep mode as any computer permanently attached to the network and power. That is clear example of potential usage without your knowledge,


JeffMarch 4, 2019 2:26 PM

@Michael Josef. Some Roombas have a microphone to listen for debris as it works. Supposeldly helps determine cleaning thoroughness or trash status.

Rach ElMarch 4, 2019 2:46 PM

There's a thing known as compassion fatigue, usually connected to world events or those working for an NGO

I'm sure many here have a security fatigue feeling for too long now.

I would enjoy seeing Mr Schneier to be more strident and less apologetic in his reasoning - apoplectic would be more appropriate. I mean, if Mr Schneier doesn't go mental who will? He's fighting for all of us

To be 'fair' there's not much of interest a camera is going to be observing especially on a long haul flight - just a passenger sleeping or watching a screen!

The sticky stuff that one uses to adhere posters to a wall is great though,better than post it notes or sticky tape. non destructive (to the surface it adheres) reusable, easy to travel with and very versatile for phone camera, computer screen camera etc.

as for the Tesla, why one needs a camera inside the cabin is beyond me

1984March 4, 2019 2:49 PM

If American Airlines in-flight entertainment systems have camera's then they likely have microphones as well.

As has already been said here it is not so much a question about whether the Airline has a plan to use them. But knowing NSA it would not surprise me if *someone somewhere* will have a plan (if they already don't).

And foreign countries with more totalitarian tendencies might start providing requirements that they are given access to a feed from those cameras, for "security" reasons of course.

Could be that such deals are already in place and we will only hear about it years from now. Probably in some speech where some CEO "apologizes" for making such a deal in the first place.

There is this other thing that a rather large segment of people in western countries have developed an intolerance against those who are not the same race/type/religion/lack-of-religion/etc. This part is similar to the intolerance that was present in early 1900's and, with politicians fighting for their share in office, could likely lead to a similar outcome.

Add modern surveillance technology to how people's mentality has been developing and you can get a worse outcome than back in 1930's.

Debora Weber-WulffMarch 4, 2019 3:25 PM

@ImpossiblyStupid, indeed, thanks for that O-Ring link. I've taught exactly that example from Tufte many times. Very interesting to learn more about what really happened and what data they had available.

In Germany, there is a legal mandate for all homes to have fire alarm systems installed in all houses and apartments by next year. Many of the popular systems "inform" a central box on the outside that they are still working. The specs I have been able to get my hands on state that there are only outgoing connections that ping the central box every five minutes. Once a month someone comes and checks the central box to make sure all of the alarms are "alive". So there is a lot of concern about these devices, especially what kind of "extras" might be installed that lie dormant until woken up.

And then there are these fire alarms with cameras installed used for a bit more nefarious purposes: https://www.abcactionnews.com/news/region-sarasota-manatee/longboat-key/police-airbnb-unit-rigged-with-hidden-cameras I can't come up with a good use case for why any company would sell a fire alarm with a built in camera, but maybe my imagination is getting rusty.

bttbMarch 4, 2019 4:04 PM

@concerned

1) If you don't want to support Surveillance Capitalism here (be a raw material for Google), here is another link.

You posted: https://www.you[tub]e.com/watch?v=2s4Y-uZG5zk ; edited
original: https://theintercept.com/2019/03/01/surveillance-capitalism-book-shoshana-zuboff-naomi-klein/ ; afaik the source document

2) A Duck Duck search on 'Nest microphone security' (Or something like that) may yield multiple media hits. At the same time, however, this story somehow flew under the radar, at least for me, until recently. Articles about "Nest Security home-security hidden microphones" date from around 20 February 2019.

I assume that I am not the only person that missed the story back then.

With Google and Facebook the "big two" problems vacuuming up our stuff and Facebook being sh!t on a lot recently I think Google may deserve to be sh!t on more (not Facebook less). Zuboff, iirc, says something like it might take 10 to 20 years for democracies to turn this thing around. I might add, if democracies, not democracy theater, are still around. Of course, education of the voters may be very important. Perhaps only big actors like the EU and USA government can force change. China, perhaps, may have a different motivation.


GodelMarch 4, 2019 5:32 PM

@Debora Weber-Wulff, I can think of plenty of legitimate uses for a concealed camera in normal security applications in businesses or in the lobby of large apartment buildings, but hidden in someone's bedroom is not one of them.

Frank WilhoitMarch 4, 2019 5:41 PM

We don't "need better disclosure laws". Well, maybe we do; but they're no use without what we have lost and would first have to get back, which is the ability to enforce any laws whatsoever.

thejusmeMarch 4, 2019 5:56 PM

As a former in-flight entertainment design engineer at a major US aircraft manufacturer (hmm...) I can say with certainty that very few things that are built into an aircraft are anywhere near COTS. Specifically, IFE systems are hugely custom built by 3rd party manufacturers (usually Thales or Panasonic). To be very clear and specific about this: every single component in an IFE system is there for a reason. If there is a camera or microphone in an IFE system it is very much because the airlines wanted it there; it will never be the case in an aircraft that something is there just because it is usually built into a similar COTS device. Not saying there is any nefarious purpose behind having a camera or microphone in IFE, just that it's not there 'just because' or by accident.

Sed Contra March 4, 2019 6:14 PM

On the other hand, somewhere in the Khazad-dûm shadowy depths of the EULA or its equivalent attached to all these cases, there is a clause saying you give them your data, audio, images etc. etc. up to and including your copyright and your soul. Even the Daniel Webster 3000, next millennium’s AI lawyer bot, will not be able to get you released from the Balrog of Tech.

Impossibly StupidMarch 4, 2019 6:23 PM

@Rach El

To be 'fair' there's not much of interest a camera is going to be observing especially on a long haul flight - just a passenger sleeping or watching a screen!

You're only imagining the most benign scenarios. How long before you record a cheating couple kissing? Knowing who flies first class could be useful information to criminals when it comes to picking targets. What if terrorists were to use it to help identify Air Marshals? Big data can lead to big problems.

as for the Tesla, why one needs a camera inside the cabin is beyond me

It could detect a sleeping/distracted driver, and/or verify they really have their hands on the wheel while in auto-pilot. The legitimate uses are not the issue, though. The problem is that the damage from abuse can exceed the benefits. Even just the question of who benefits can be an ethical nightmare. What most thinking people are unhappy about is that the panopticon isn't really being put in place to help them, but rather to help corporate/government/criminal interests.

HermanMarch 5, 2019 4:38 AM

The cameras are meant for in flight video phone functions. The INMARSAT Swift internet service is quite capable of slow scan video with 1 to 10 frames per second.

However, passengers are unwilling to pay for expensive internet streaming, so it will indeed never be used.

bttbMarch 5, 2019 8:41 AM

@Impossibly Stupid

"What most thinking people are unhappy about is that the panopticon isn't really being put in place to help them, but rather to help corporate/government/criminal interests."

+1

bttbMarch 5, 2019 8:43 AM

As Google, Facebook, etc., Comcast, Charter, AT&T, Sprint, TMobile, etc., slurp up raw material data from us, legally from our consent to Terms of Service (TOS), in the United States of Amnesia (USA), the government, of course, appears to be able to legally purchase our data from these vendors.

Does that mean the above is legal, as-is, and therefor the government requires little to no oversight?

Who's going to Term the Termers? Sorry if I made up a word; similar to Watch the Watchers

AJWMMarch 5, 2019 10:58 AM

@NotAnonymousEnough

"Am I the only one who puts Black Vinyl Electrical Tape over the camera on my laptop"

Probably not, but you may not be paranoid enough. Some black plastics will happily transmit near IR images which the camera may be sensitive to. (I discovered this accidentally when I realized I'd left the lens cap on a night vision scope and it only dimmed the image a bit).

I use a thin metal sliding shield designed for the purpose (got a pack of 5 from Amazon for a couple of bucks). But test your tape, it might be ok.

WilburnMarch 5, 2019 6:51 PM

We don't "need better disclosure laws". Well, maybe we do; but they're no use without ... the ability to enforce any laws whatsoever.

No, they're of no use when there's no alternative. Camera disclosures have become like the prop-65 (toxic substance) disclosures of California. I see "video surveillance in use" everywhere I go—the bus, almost all stores, airports of course, my own apartment building... what difference will it make if every airline has to add another sentence to their fine print?

The only way to avoid this would be to move to the countryside and grow my own food and build my own stuff. Of course, I'd have to get along without a modern car or truck, with all the data they're collecting now.

PaulMarch 6, 2019 2:54 AM

@Wilburn,

believe it or not, not being part of seen data is itself a data set. in sports, it's commonly called the 'no look pass.'

DavidMarch 7, 2019 7:43 PM

That seat back camera must still weigh something and saving grammes per seat matters to airlines in operational costs over the lease.

FaustusMarch 8, 2019 3:21 PM

@ David Rudling

Thanks for the Ariadne 5 failure investigation document.

Few white papers make such gripping reading. It is also a model of limpid technical prose.

Wesley ParishMarch 9, 2019 2:25 AM

I don't know if people here can remember that far back, but there was a big stink sometime round 96-98 about productivity with PCs on every desktop not being nearly as high as people had expected (naively). I sat in on a local corporate computer society thingee discussing this, and listened to about an hour of lamentations on this very topic. None of them could imagine why: I eventually asked in frustration, "Has nobody here ever read 'The Man Who Mistook His Wife for a Hat'?"

Predictably nobody had.

And my reason for asking that?

The brain allocates circuitry to functions according to its importance. And spare circuitry has a tendency to get used in ways for which it was not originally allocated.

@Bruce, I'm sure you can catch my drift. The PCs they were putting on desktops were overloaded for their duties, with much unneeded functionality, like Solitaire, which inevitably gets used ... and the security implications of unnecessary attack surface, which needless to say, also got heavily used.

It would be interesting to be a fly-on-the-wall in some NSA or FSB or CIA or MOSSAD or suchlike secret service and listen to their tech staff discuss the usefulness of such tools for their purposes. Ditto the unofficial parasitical organizations aiming to prey on us, and listen to their ideas on how to use such extended functionality ...

Driveby IdealogueMarch 10, 2019 9:25 PM

My guess is that whoever designed the in-flight entertainment system just specced a standard tablet computer, and they all came with unnecessary features like cameras. This is how we end up with refrigerators with Internet connectivity

Citation requested/needed on the fridge anecdote. I'm skeptical. Seems doubtful. Seems much more likely 'innovators' pushed the functionality possible with internet connection, rather than features added after the design specifications were drafted just because they discovered their cheapest part also had networking support that wasn't significantly cheaper alternately source without. Hyping internet connected refrigerators seems from my vague memory like it was a totally viable career path 10-20 years ago. There was an aweful lot of hyping going on. A lot of hyping.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.