So far in our series on staying safe in the digital age, we’ve looked at the risks of keyless cars and online banking.
But what about the gadgets and gizmos that you use in your home every day? Ours is a fast and furious world, so having a tirelessly obliging personal assistant can surely only make life a bit easier.
It’s little wonder then that Alexa – the digital voice assistant created by Amazon – has proved popular with thousands of customers.
An Alexa-enabled device, which usually takes the form of a loudspeaker in your kitchen or living room, can play music, make calls, answer questions or check your calendar. You only have to say the word.
Mattel stopped plans to release an artificially intelligent baby monitor after parents raised serious concerns about the privacy of the device
Indeed, according to a report this year by YouGov, smart speaker ownership in Britain has doubled since last autumn, with around 58 per cent of purchasers using the devices to answer general questions.
But could this useful piece of artificial intelligence actually be spying on you, too? Certainly, concerns have been raised over whether a new generation of household devices have significant surveillance capabilities.
Since releasing its Alexa personal assistant home speaker device, the Amazon Echo, the company has been dogged by claims it listens to and records users’ conversations.
Only recently, a team of security experts from China’s Tencent corporation were able to make the smart speaker listen in on and record any conversations that happened around it.
Perhaps it’s no surprise, then, that last year Mattel shelved plans to release an artificially intelligent baby monitor – known as the Aristotle and dubbed the ‘Amazon Echo for kids’ – after parents raised serious privacy concerns regarding the device.
Experts have also warned that smart baby monitors could be targeted by hackers.
Alexa is the digital voice assistant created by Amazon for their home speaker device, Amazon Echo, and has proved very popular
These connect to the web and allow parents to see and hear their children remotely.
But consumer magazine Which? has previously reported that hackers search the internet for unsecured baby monitor cameras and then exploit them.
‘They may do this for criminal gain, or just for kicks,’ the consumer group warned.
Baby monitors and wireless security cameras are often sent out with generic passwords. These may be easily guessed by cyber criminals who want to take control of the devices to spy on your home. Some crooks may be familiar with the security codes different manufacturers use.
Not all devices will prompt you to change the password, but make sure you read through the gadget’s instructions and find out how to set it to something more secure. If you cannot figure out how to do this from the manual, contact the manufacturer for advice.
Experts have advised gadget owners to change their password to something secure and check their account activity regularly so any unusual voice requests can be easily spotted
An investigation by Which? last year looked at 15 different smart gadgets used around the home and found that eight of these were vulnerable to hackers, including cuddly toys.
Meanwhile, a recent study from Consumer Reports has found that millions of popular smart TVs made by the likes of Samsung could be accessed by unsophisticated hackers.
Their research also outlines which television manufacturers can easily spy on you and your family if you purchase their products.
‘It’s difficult enough making traditional computers secure,’ says David Emm, principal security researcher at data firm Kaspersky Lab.
Is your Google Home device listening in to your conversations without you knowing?
‘But things are more problematic with smart devices, where lack of standardisation leaves developers free to ignore security, or consider it as an afterthought.’ A follow-up investigation by Which? in June looked at 19 smart gadgets including TVs, printers and even toothbrushes to see how much data manufacturers were collecting from them.
It found a ‘staggering level of corporate surveillance’ of customers and their homes.
So are devices such as Alexa, Google Home or even your TV always listening in? Although smart personal assistants don’t constantly record audio in your home, says Simon Migliano of technology review website Top10VPN, they are always listening out for the specific word that will cause them to spring into action.
‘There are now a number of well-documented incidents where these speakers have been inadvertently activated by the likes of news reports, cynically tailored TV adverts and offhand remarks that sound like vocal cues to “wake up”,’ he says.
‘Top-end devices – from the likes of Google and Amazon – encrypt all recordings, but less sophisticated equipment from toy brands pay far less attention to privacy settings.’ However, research carried out by top10vpn.com did find that various smart toys – from internet-connected educational dinosaur toys to smart-tracking watches for children – don’t always use encryption and so can be hijacked by savvy hackers to listen in to conversations or see what the children do.
So how can you protect yourself from that unwanted eavesdropper? When not using your device, you can put it on mute.
THINK TWICE ABOUT PRICEY DEVICES
Beware rogue traders who cold call in a bid to sell you costly gadgets to protect yourself and your home.
Money Mail has had numerous letters from people who have been targeted by pushy salesmen offloading devices to block nuisance calls. Many of these readers were registered with the Telephone Preference Service and so the sales calls were illegal.
Some who bought the call blockers found they didn’t work or were available for a fraction of the cost online. Other customers complained they were flogged burglar alarms with pricey monthly contracts by high-pressure salesmen.
Meanwhile, Amazon and eBay recently removed dozens of carbon monoxide alarms from sale after a study by Which? found that they failed to detect the deadly gas.
When looking for gadgets to protect your home, seek those with good reviews from groups such as Which? and never feel pressured into buying from telephone or doorstep salesman.
There should be a button that allows you to do this, advises Martin Quaife, a senior consultant at private security specialists Blackstone Consultancy.
‘And don’t connect lots of accounts with sensitive data such as your bank details to Alexa,’ he says. ‘On more than a few occasions, daisychaining multiple accounts together like this has ended in tears for the user, with goods ordered by accident, for example.’ Mr Quaife also points out the importance of erasing old recordings. ‘If you use an Amazon Echo device, you’re likely to have an Amazon account,’ he says.
‘If you go on Amazon’s website and look under ‘Manage my device’ there’s a handy dashboard where you can delete individual queries or clear the entire search history.’ However, it is important to note that erasing recordings may degrade the quality of the service, as the device may struggle to recall exactly how you speak. It usually ‘learns’ to understand your commands by storing data.
Research has found that millions of smart TVs could be accessed by unsophisticated hackers
Nick Shaw, vice president and general manager of security firm Norton, says that when setting up a smart speaker at home, you should be careful about which accounts you connect to your voice assistant.
‘Maybe even create a new account if you don’t need to use the calendar or address book,’ he advises. Where available, lock the voice assistant down to your personal voice pattern. And don’t ask the voice assistant to remember sensitive information such as passwords or credit card numbers.
Graeme Rowe, of Pindrop, experts in voice security and authentication, suggests reviewing account activity regularly. ‘The devices keep a record of all commands sent to it, so it is easy to spot irregular requests if they happen,’ he says.
‘And don’t give the device access to your contacts. This will help stop any messages or information being sent accidentally outside of your home.’ Mr Rowe also suggests changing the so-called ‘wake word’ for the device.
David Emm, of Kaspersky Lab, says: ‘We take it for granted that everyday objects such as smoke alarms, clothing, home furnishings and children’s toys are safe to use, but there’s no equivalent for our digital devices.’