Surveillance by Keystrokes – Giving Permission to Snoop

By now, we’re all pretty used to doing a Google or Amazon search, then having ads pop up about the item you searched for.

Take that a step further: Have you walked into a business but didn’t buy anything? Then next time you check Facebook, an ad for that business appears on your feed?

Happened to me for the first time about a year ago. I went into an independent bookstore in Whitefish, Montana to make sure they still had copies of my book in stock. I left without purchasing anything.

When I got home, I happened to check Facebook. An ad popped up for that same bookstore. How did FB know I’d been there? I hadn’t Googled it. No credit card transaction had been processed to connect me to that store.

However, the smartphone in my pocket knew I’d been there.

The amount of data recorded by that device creeps me out…especially when I didn’t knowingly put the information into it.

Recently I made airline reservations on my laptop. When I opened the calendar on my smartphone to enter the flight times and numbers, they were already there. What the…? I purposely haven’t synced the laptop and smartphone to talk to each other.

Yes, it was convenient but it bothered me. What uncomfortable magic suddenly connected the two devices? It hadn’t occurred several months earlier when I last bought tickets from Delta, nor with American Airlines where I’d booked flights a week before. What had changed?

Somewhere hidden in terms and conditions, apparently a new provision allowed access to my phone. By whom? Google? Delta? The phone manufacturer?

If anyone more techie than I am (which means 99% of the population) can explain this, I’m all ears.

Stealth “permissions” sneak past us whenever we check that box: “I agree to the terms and conditions.” When you download a game, an app, or make a purchase, do you read all 47 pages of underlying legalese? Probably not. Additionally, since terms are often subject to unilateral change by the company without notice, what good does it do to read them?

We have traded privacy for convenience, one app at a time.

Smart devices invade our homes. Alexa eavesdrops 24/7 on conversations. In some instances, she has been known to broadcast private conversations to third parties, as happened to this Portland, OR family who learned their discussion about hardwood flooring had been shared with a person on their contact list.

https://www.kiro7.com/news/local/woman-says-her-amazon-device-recorded-private-conversation-sent-it-out-to-random-contact/755507974

Nicolaes Maes

So…in the privacy of your bedroom, what if you complain to your spouse about your rotten boss? Suppose the oh-so-helpful Alexa sees fit to send that conversation to that boss because s/he happens to be on your contact list. Ouch.

Never mind what else Alexa might overhear in your bedroom!

Lately my husband and I have been listening to a Michigan attorney named Steve Lehto on You Tube. He delivers short, entertaining podcasts about legal issues, specializing in vehicle warranties and lemon laws. Sometimes he goes off on an unrelated topic that catches his interest. This video addresses stealth permissions on smartphone apps.

Steve reveals that when you buy or lease an Android smartphone, it comes preloaded with certain apps including one that keeps track of keystrokes on the phone’s keyboard. Sounds innocuous, right?

Until you realize every text message, every bank PIN, and every credit card number you type is recorded. A record of those keystrokes may be available to whoever pays for that information.

Steve didn’t mention iPhones but it’s not a great leap to imagine they share similar apps.

Older devices like Blackberries have mechanical keyboards rather than electronic. You tap a key and a contact switch causes the letter to appear on the screen.

But smartphone keyboards are different. They record keystrokes electronically (known as “keylogging”) with no mechanical switch. Somewhere in cyberspace, someone is keeping track and storing every keystroke.

I don’t bank or pay bills online because hackers gallop miles ahead of safeguards. Security patches close the breach only after the horse is long gone out the barn door.

http://Embed from Getty Images

However, I do text. And that’s how the keystroke app slapped me in the face.

Last summer, an old friend visited us in Montana and left behind his small, well-worn Bible. A few weeks ago, he died in San Diego. At the time of his death we were away from our Montana home, on vacation in Florida, meaning we had to fly from Tampa to San Diego for the funeral.

We wanted to take his Bible to the memorial so I texted our neighbor in Montana and asked him to look for it among the books stacked on our coffee table. I described it as a small, turquoise Bible. The neighbor found it and mailed it to us. All good.

Shortly afterward, an ad popped up on my Facebook feed…

Amazon ad on my Facebook feed

…for a pocket Bible in turquoise.

Hmmm.

That unusual combination of keywords could only have come from the text I typed on my smartphone. Android recorded my private text message and passed it on to Facebook who passed it on to Amazon. Now I’m angry.

If you’re arrested on suspicion of a crime, the Fourth Amendment to the Constitution requires law enforcement to obtain a search warrant to dump the contents of your phone. The same rules obviously don’t apply to Facebook, Android, Apple, Google, Amazon, etc. because we give up those rights simply by using these convenient devices.

Keylogging apps are sold for legitimate purposes, like checking your minor children’s exploration of internet sites, or to see if they’re texting pals to sneak off to a forbidden kegger.

However, such apps are a hacker’s dream because passwords, bank PINs, credit card numbers, and other sensitive private information can become available to cybercriminals.

It’s like installing a deadbolt on your door then handing out keys to random people on the street.

Crime writers can imagine endless plots arising out of technology scenarios.

My thriller, Instrument of the Devil, was set in 2011 as smartphones first exploded in popularity. In the story, a terrorist hacks into the protagonist’s smartphone. He employs what was then secret technology to eavesdrop on her every word and track her physical location while he sets her up to take the fall for his crime—a cyberattack on the electric grid.

In 2019, those formerly covert apps are widely in use by anyone. They are everyday tools that allow tech giants to mine ever more intimate information about us.

As an author, I’m normally delighted when someone reads what I’ve written. However, as a human being, I resent this invasion into my personal communications.

A wise lawyer once told me, “Don’t put in writing anything you wouldn’t want to be read in open court.” I remember his advice now when I text because…

…Someone is always watching and listening.

 

Your turn, TKZers. Have you experienced creep-out moments due to technology? What nefarious plots can you imagine where smart devices play a role?

 

Instrument of the Devil is on sale for only 99 cents during January.

Fixing the Tool

A computer is at its core a tool. For a writer, it can be the mother ship of tools. It can be a research tool, a production tool, and a communications tool, among other things. If it suddenly goes wobbly, it can be a real problem that leads to other problems such as expense, downtime, and inconvenience. There is a way around it, if your mind is clear and your hand is steady and your heart is brave: you can, in many circumstances, fix it yourself.
I am the IT guy in our house. We — my wife, my daughter, and my bad self — each have our own computer. It goes without saying of course that we all share our respective machines with our cat (those of you who are owned by cats know exactly what I mean). My daughter, just to complicate matters and enable me to broaden my scope of knowledge, has an iMac. Since I spend the most time on a computer of anyone in the house it has fallen to me to be the fixer of all things technological. To that end, I have established the “three-minute rule” of computer aggression: if you can’t get the computer to do what you want it to do in three minutes, stop doing what you are doing and come and get me. Don’t sit there for three hours hitting the “Print” button because you’re going to get a surprise when your printer decides to start printing, yes indeed. You’ll see exactly how many times you hit the print button (“Thirty-two copies of the lyrics to the new One Direction single, huh?”) in due time.
How did I acquire my expertise, you might ask? I don’t have any. I have simply become good at looking things up and following directions. I am able as a result to resolve most resolvable computer problems with three things which you probably have as well: 1) internet access; 2) a computer or smart phone that works; and 3) the ability to follow simple directions. I started doing my own troubleshooting due to a combination of circumstances. For one, I don’t like strangers coming over, which precludes people in golf shirts driving up in vans to help me out. For another, I am somewhat tight-fisted when it comes to spending money to repair things that I should be able to repair myself. And for a third, I don’t like My Precious out of my sight for more a few minutes, which removes the possibility of my laptop spending the night with someone else.
I am totally serious.  I discovered this latent skill when, a few years ago (when all three of us, including my poor, deprived daughter, had PCs), I awoke one morning and discovered that all of our computers were displaying the “blue screen of death.” I figured out the problem was — a Windows update that had been automatically sent to all three computers did not get along with something that was already on them — but that didn’t help me with the main problem, which was how to repair each and all of the computers in the house. Fortunately, I had a smart phone. I did a search for “how to restore service to a computer displaying the blue screen of doom” and got the answer — do a “system restore” — and instructions for doing it. I had all of the computers working in a half-hour.

I will confess that doing this makes me feel useful.  I was having a delightful breakfast with some people at Bouchercon a few weeks ago when one very nice lady’s iPad froze up. I don’t own an iPad, but I fearlessly asked her to pass me her temporarily useless tool. I took out my phone, googled “How do you unfreeze an iPad?” got the answer, and…well, unfroze her iPad by pushing two buttons. A friend called me a few weeks ago because her daughter had a paper due the next day and couldn’t access Internet Explorer. Problem solved. But there is nothing special about me. There are folks who will attempt to fix their dishwasher utilizing a Google search (yeah, I did that too) but won’t even attempt to jump start their computers in the same manner. If you are going to do this, it helps to be as exact as possible when making your query. Googling “why did my pc just pass a sandcastle?” for example, will not be as effective a query as “why is my Lenovo B570 with Windows 7 displaying everything upside down?” It might be important to get an answer and use it five minutes ago, however, whether you are downloading pictures off of Tumblr or reading Facebook news posts or just wrapping up twenty more pages of a manuscript, when, God forbid, your computer freezes.  If you can frame a descriptive question halfway decently and follow directions a step at a time, Enterprise-style (boldly going where you haven’t gone before) you can very often help yourself. Some folks even post YouTube videos showing how certain procedures, such as installing new memory cards, are performed.  Most of the time the helpful people who post this information will give you an idea as to how difficult the task may be. Sometimes it is as easy as pressing F5, or restarting the computer; sometimes it involves more than that.
Which brings us to our question(s) of the day: When you have a computer problem that doesn’t involve smoke rising from the side vents, what do you do? Do you try to fix it yourself? Do you call a friend? Do you take it into a shop? Or throw it out the window?