“Every Keystroke on Every Device Is LOGGED Somewhere”: The Unsettling Truth About the Internet
By Sandra D. Lane
This isn’t supposition, or assumption, or even an opinion. It’s a fact.
If you have the minimum of a standard smartphone and/or leave your house at any time, what you say, what you type, what you do, is being listened to, recorded, monitored, and analyzed by software, technology, people, or all of the above. Cameras in the phone, virtual assistants, GPS (Global Positioning System) tracking, traffic cameras, store cameras, other people’s phones, cameras and recording devices, dash cams, body cams, and even satellite and drone cameras, all watch, listen, and monitor what we do. And that’s just the tip of the iceberg.
Electronic anything is monitored and recorded. Every keystroke on a phone, every letter and number on a tablet, every ad clicked on a laptop or notebook, every site visited on any computer device, every subject entered on every single search engine ever created, is logged and held forever waiting for someone to request that information. Or to hack it. Even DuckDuckGo (which has been quietly added as a search engine option for Google).
If you haven’t already been alerted, let me do so now: Welcome to the end of the Information Age, or what Brian Bi, a former software engineer at Google, calls “the Age of Reckoning”.
As computer use grows in popularity, so does hacking and spying.
First, let’s go back to 1822 when Charles Babbage began developing the first automatic computing machine, and by 1837 proposed what was to be the concept of the first general-purpose computer but it was Charles’ son, Henry Babbage, who was later able to complete a part of his father’s ideas by making a machine that could perform basic calculations. The first programmable computer was created in Germany during the 1930s by German engineer Konrad Zuse, who went on to later construct the first digital computer. Some thirty years later, computer hackers came on the scene.
These hackers were rumored to be MIT students who were curious about the massive machines locked behind glass in temperature-controlled rooms, and the hacks themselves were more like shortcuts, like life hacks, that helped complete computer programming tasks more quickly. One of those hacks actually went on to become UNIX (originally UNICS), a computer operating system. But most hacks weren’t for the betterment of anything, and as the use of computers became more popular, so did hacking.
Fast forward to today and you find computers everywhere and in just about everything. And not just in phones, but in watches, cars, televisions, streaming devices like Firesticks and Apple TV, remote controls, Crockpots, stoves, refrigerators, washers & dryers, coffee pots, game systems, kids’ toys – and the list goes on. And we’re not even getting close to discussing augmented reality machines. Many of all of the above connect, sometimes seamlessly and quietly, and some wirelessly, to the internet. Or the Cloud. Or both.
It is nearly impossible to keep your life private if you use computers.
Of course, the original goal of computers wasn’t to steal your information or identity, and neither was that the goal of the internet. It wasn’t to blackmail you or prey on young kids or teenagers. The idea of computer technology was first conceptualized to make life easier in some way. But now there’s a hacker every 39 seconds, only 43% of that is directed towards the government, retail, and technology (like your local DMV, or Amazon and Walmart,), 447 million consumer records containing sensitive personal information were stolen in 2018 by hackers (that’s about half a billion), and most companies take up to six months to detect even a large data breach – which means you could already be affected while reading this through online businesses, creditors, social media, and the like. When was the last time you used your credit card online, sent a text to your son or daughter, clicked on an online ad, sent an email?
“No one is safe. At all. To be even semi-safe online, you would have to be completely alone. No one would be able to claim you as a person.” says Scott Hutter, a 25-year Computer Software Engineer, known online as Xlar54, told me in an interview for The Organic Prepper. Hutter came on the scene when the internet exploded for the general public, and has seen the various ways of hacking, phishing, and scamming, and has watched the activity grow rapidly over time.
“You get on social media one day post ‘Happy Birthday’, or ‘Happy Mother’s Day Mom!’, or ‘She’s so cute; can’t wait until she’s old enough to drive’, and guess what; you just became someone’s friend, son, aunt/uncle, or mother/father. And all that can be ascertained by human beings who just pay attention.”
There are various reasons hackers seek our personal information.
This means we can be associated with others, or are associated with others, and so on, but most of us already understand that what we put on social media can be dangerous if we’re not extremely careful. But why would anyone ever want to hack our accounts, our computers, our phones, tablets, home security systems, wireless thermostats…? We are just little peons that pay taxes. Hutter says they do it for practice and money.
“China, Russia; they hire a bunch of teenagers just to hack whoever they can. It’s like a big net cast out there to see who/what they can get into. They get in, steal identities, bank accounts, social media accounts, or into businesses and plant malware, viruses, commit cyber extortion… And you can make good money as a hacker, especially if you’re good at it. Hence those who hack for practice. And it’s easy to do, as certain attempts can become automated.”
According to Hutter, who’s spent years working in-depth with Smart Home Devices like the Amazon and Google Smart Home Devices as well as decades with a multitude of programming languages, the easiest way to get in is through passwords. If a hacker can get a password from you, they can eventually make their way into everything you have.
“My advice to anybody is to never, ever, ever, ever, use the same password for anything. Specifically, your email, online accounts such as banking, social media., etc.” Xlar54 stresses. “Once they get into your email, if they’re any good, you won’t know it because they know that you’ll change your passwords on everything and lock them out again. What they’re looking for is more passwords and login usernames, so they’ll slip in, get what they need, then slip out. Most people don’t know they’ve been hacked until their accounts are stolen or, worse, identities are stolen or money is missing. And hackers are actively attempting to get into your devices. Robocalls are nothing compared to how much people are attempting to hack your machines.”
Your phone and computers are treasure troves of data for hackers and spies.
If you think of your smartphone, it probably has the ability to fetch your email, access social media, has Apple Pay or Google Pay (“Wallet”), has your name, pictures of family and friends, maybe even your medical records, lists of meds you take, contacts with their email addresses – it’s a gold mine of information. That’s why stealing phones is big business. Because all the information a hacker needs can be found on your phone. All they have to do is hack into it.
So, what about all the firewalls and virus detection software you have? Believe it or not, it’s all hackable. Consider this: research conducted on behalf of IBM found that out of 3,600 security and IT professionals around the world, 77% did not have an adequate cybersecurity incident response plan. Those are IT professionals we’re talking about here. And I thought I was doing good with a subscription to a firewall and virus detection software. But certainly, my modem and router are safe, right, keeping people from getting into my ‘internet space’, as I like to call it?
Not exactly. Modems and routers use passwords as well. These are usually pretty secure as they use 128-bit encryption, but can still be hacked. Some people buy their own modems/routers, and some obtain them from the company that supplies their internet access. Regardless, they use passwords. Passwords can be discovered. What about wireless? Passwords. What about Virtual Private Networks (VPN)? Almost, and it can be much safer, but you still have to have the passwords. And you have to make sure the VPN is reliable and not a phishing attempt or scam all on its own.
Speaking of passwords, you can use an application like LastPass to create and store passwords for everything you use. The app has strong encryption and uses multifactor authentication to protect your passwords. You can use LastPass on all of your devices.
Be sure to create a secure master password for your LastPass account using the following criteria:
- the longer your password, the better – make it more than six characters
- use a combination of characters – alpha (upper and lower case), numeric, and symbols
- change your password frequently
Keep your LastPass master password safe – if anyone gains access to it, they will be able to view your LastPass vault.
Even strong passwords don’t guarantee your data is safe.
Furthermore, passwords or not, somebody somewhere is keeping logs. Of everything. Why? Again, it doesn’t have to be for nefarious reasons. If the system goes down, they need logs to help explain why so they can fix it. Remember, this isn’t just pertaining to your internet service, but everything that uses the internet.
Let’s look at the internet as it’s been called; the Information Highway. That’s exactly what it is – a way to get information from point A to point B, and so on. Let’s put a truck on it (bear with me here), fill it with fuel, put cargo in it, and put a driver in the seat. The driver takes the cargo from point A to point B. Great. It works so well, let’s put 50 trucks on there and do the same thing only this time let’s have them go from point A to point B, exchange cargo for new cargo, and go back to point A.
That works perfectly until somebody has a flat tire. The people who run that highway have to know why the driver had a flat, fix the flat, and get the driver back up and running. Fantastic. Until three drivers lose their way and get lost. Again, keeping logs of how and why helps the people who run the highway fix problems and make it better,
Hopefully, you see where I’m going with this analogy. Logs/records of what happens are important and needed to continue providing the service. Imagine though, if you will, a driver who does have bad intentions and decides to muck everything up by stealing some of the cargo, or maybe taking a really long lunch break, or decides to add something to the cargo that’s not supposed to be in there. Any or all of that can mess up the entire system, and even hurt others depending on the cargo and the means used to fiddle with it.
Data that you have deleted isn’t entirely safe, either.
Same goes for the internet. Normally packets of data are exchanged in an encrypted manner between machines and devices, getting your information where you want it to go and providing you with information back. In reality, though, the internet has a whole lot of working parts that can’t always be monitored. That’s what continues to make it so volatile and possibly dangerous.
And yes, it’s absolutely true that everything ever put on the internet stays on the internet. If you believe that just because you can’t find something it’s not there anymore – think again.
“The FBI, CIA, NSA, even expert hackers, are capable of retrieving deleted information from all hard drive and back up systems.”, says Hutter.
AI is always listening, too.
Alright, so what about all the Smart Home Devices? From the news, we already know that they’re little evil robots that are always listening in, sometimes even recording. Again with the logs. Turns out they’re also always recording, at the very least, for a limited time after their “wake word” is used.
Artificial Intelligence (AI), which is what a smart device technically is, has two types of learning; Attended and Unattended. It is very difficult for an AI to learn Unattended (meaning on its own) and it takes a long, long time to do so. In order to enhance and speed up the learning process, Attended is the preferred way for AIs to learn. To understand Attended, imagine 10-20 people sitting in a room wearing headphones/earbuds and their only job is to monitor (or Attend) varying smart device communications to make sure the AI is ‘behaving’ correctly and therefore learning the correct responses. (Remember, this is all logged.) Now, if you will, recall the driver of the truck on the Information Highway who had bad intentions. Amazon/Google probably doesn’t have any nefarious reasons to listen in on your conversations, but some in the moving parts of the system did…just like that imaginary driver we spoke of. (For anyone who uses Amazon Smart Devices, there is a way you can delete the recordings that were made from your devices by going to your “Alexa Privacy Settings” on your Amazon account. Except – it is not truly deleted.)
There are things you can do to safeguard your private information.
It occurred to me while writing this article that, with all the insanity and doubt regarding the safety, or lack thereof, of the internet and smart devices, why would any IT professional, let alone people like us, ever get on the web? And how do any of us live and work safely in an ever-growing internet-dependent world? As an IT professional himself, Hutter/Xlar54 explains that it doesn’t have to be that frightening, and has some sound advice.
“I use Microsoft’s Firewall that comes with Windows, and Avast free version as protection from viruses. Even with virus protection and a firewall, I only download from reputable sources, like Microsoft, Apple, etc., I never download pirated software, or run it. By doing that I prevent 90% of the need for a virus scanner. I also make sure to always have the latest updates to all my software, and try to only run open-source software so I can see what the program is doing, if anything. It’s important to remember to make strong passwords; upper case, lower case, numbers, symbols – combining them make good strong passwords.”
While we can’t all read or understand ‘open-source’ programs/applications, we can certainly do the rest. And it turns out that Cat Ellis also has a lot of good information in her article “The Prepper’s Guide to Cybersecurity”.
Technology is ever-changing, and that alone can make it overwhelming. If you have put off learning how to protect your computer, however, I urge you to change that ASAP. Preppers get a lot of information and products from the internet, so you’ll want to make sure to practice good cybersecurity so you don’t give away too much of your own information. (source)
Xlar54 warns about staying away from browsers like TOR and websites like 4Chan and says to only download software directly from the vendors’ sites if you’re going to download at all, stay away from chatrooms, porn sites, and anything that advertises something for free.
There’s no doubt about it; the internet can be very scary even though we think we’re nowhere near it. Anything that accesses the internet is hackable. Hopefully now though, armed with some information and knowledge, we can walk with a little more confidence and the realization that we’re vulnerable only if we are unaware. Now that we’re aware, we can be on guard.
What do you think?
Are you concerned about the privacy of your personal information? Are there things you do to protect it? Please share your thoughts and ideas in the comments.
Sandra is a published artist, photographer, fellow prepper, and animal advocate.
About the Author
Sandra is a published artist, photographer, fellow prepper, and animal advocate.