In a nutshell, yes, your smart home is spying on you!
You may already know that your mobile smartphone is spying on you. That Apps such as Facebook, Google, Instagram and Deliveroo are all mining your personal and private data for their own monetary benefit.
However, smartphones are just one piece of technology that most people own and are already aware, come with inherent security and privacy issues.
Did you also know that a huge number of other devices that most people have around their homes and businesses are sending massive amounts of personal data back to data aggregators without their knowledge?
Joining the smartphones in your homes are a growing number of tech items that include both the obvious and obscure, all receiving thousands of DNS requests every single day:
- Laptops and PCs
- Doorbells with cameras
- Smart speaker devices such as Echo and Alexa
- Even smart toilets!
Who is spying on me?
The main culprits have long been known to be harvesting customer data and information to help them build your profile.
Facebook, Amazon, Google and Twitter are probably the largest and most well-known organisations that indulge in this type of information harvesting. They feel they need this data to help target their advertising (and third-party organisations’) specifically to meet your apparent interests.
However, as this data is inherently personal and no express permission has been given to harvest this information, many believe the activity to be a brash invasion of their privacy.
Have you recently thought about how many of these companies you deal with on a daily basis? Chances are, your data is being harvested while you are reading this article!
What’s happening with my data?
These smart devices are loaded with the manufacturer’s software as well as a host of third-party apps. These devices will receive thousands of DNS Requests (Domain Name System Request) from the developers and others, turning the DNS requests into a return of data files allowing the manufacturers to gather information on the user.
DNS was originally developed over 35 years ago and has been a major factor of the Internet, helping to enable easier browsing of the web, removing the need to remember a complex numerical internet address.
Since its inception, DNS has never had security and privacy in mind and, even now, remains one of the few protocols to have not been updated to make data more private and secure.
With DNS in mind, essentially, each of your smart devices, in particular your mobile phone, are ripe for data harvesting by these apps and software without your express permission.
The information gathered via DNS queries can begin to create a profile of the user including factors such as geographic location and the browsing habits of that individual or household. Naturally this poses a huge privacy problem if your data is being requested thousands of times a day by numerous companies.
The profiles that can be built are able to be retained indefinitely, without you or your business being able to have them deleted. This then poses further privacy issues in to the future.
It is also worth noting that there have been some very high-profile data hacks of large organisations, where huge amounts of data have been stolen.
Consider then, if your data has been harvested using one of your home or business devices and the organisation that took it is then hacked, your information has now been placed in the hands of more unscrupulous people, further putting your digital profile at risk.
Thousands means thousands!
Our mobile security team wanted to find out just how many DNS requests accumulated over the course of 24 hrs. They ran a Pi-hole Software test on a home network with a number of connected devices, admittedly, it was a high-tech home network, but the statistics were startling.
Using Pi-hole, the test ran for 24 hours. Based on settings configured to limit the non-necessary tracking data, Pi-hole Internet tracker blocked over 12000 DNS queries.
Why is this so scary? Well, a large portion of the traffic is from the likes of Facebook, Google, Amazon and every other large corporate wanting your private data.
The vast majority of spying takes place on your mobile phone, tablet devices and yes, even your own TV is calling home hundreds of times every day.
For example, that Amazon Doorbell that helps you to know where the delivery driver put your parcel also helps itself to your data. It even knows when your friend visited and what they purchased on Amazon a few days before.
This is not the only example of data collected from an Amazon Doorbell being used. It was discovered that embedded coding within doorbell software allowed data to be shared with third party marketers.
To further highlight how smartphones are a major target for this type of data, is that some of the apps used, for example Amazon’s Doorbell, have embedded trackers which then send that data to analytics and other companies, again for marketing purposes.
What can you do about DNS Privacy?
It is clear, that, with so many products around the house and business leaking this amount of private information, there is not going to be a single, clear-cut method of being able to prevent your data reaching the hands of others.
In some aspects, it will be down to the individual user or business to make informed choices as to the nature of the technology they wish to use. This could mean a change in the way you wish to engage with the technology available to you, for example, not allowing products like Alexa or Edge in the building.
There is also the more radical option of removing all social media apps from your Smartphone completely.
Your solution may be to create a DNS Sinkhole around your network of devices. A DNS Sinkhole is technology that returns fake DNS responses to the initial request thus not delivering the true information they seek.
Secure and Private Smartphones
Smartphones have been identified as one of the highest providers of DNS data, yet it is one that is easily resolved.
Changing your handset to the Blackphone PRIVY will provide the secure communication you need whilst ensuring that no additional data will be sent to others’ requests.
The combination of the hardware and software security designed into the Blackphone PRIVY, along with apps such as the Silent Phone messaging app, removes the risk of your data being sent to third parties that are then able to begin building your profile as a user.
If you would like to learn more about how the Blackphone PRIVY can help protect your private information from DNS Requests and other potential security risks, then please give our team a call and they’ll be happy to discuss your specific requirements.