What We’re Learning From the Army’s Fitbit Affair

3 minute read
| Editorial

We’ve read the alarming story about how the Army’s Fitbit users can have their location and activities revealed. What’s the takeaway?

Cyber Security

Connected Technology

This wasn’t a devious hack. It was merely a newly discovered method of looking at big data already in place. From the Washington Post article: “U.S. soldiers are revealing sensitive and dangerous information by jogging.”

The Global Heat Map, published by the GPS tracking company Strava, uses satellite information to map the locations and movements of subscribers to the company’s fitness service over a two-year period, by illuminating areas of activity.

And so, the many layers of connected internet technology, too difficult to trace, resulted in Fitbit data being transferred from the soldier to the internet to the server to a mapping service, all without a deep understanding by decision makers of how the data is handled.

I can’t say for sure, but I’m thinking that an Executive Briefing by Apple to the Army might have convinced generals that Apple’s privacy system in place would be worth the extra cost.

Morphology and Illusion

Modern electronic devices are designed to be atavistic. That is, to remind us of technology past in order to avoid alarm. Smart watches have simulated analog faces on their digital OLED displays. IoT thermostats look like thermostats of old that only talk to the house. Family robots look so very cuddly.

Just about every modern gadget we use, from light bulbs to computers has an internet connection. And yet, we have very little visibility into what data is being transmitted out of the device. Worse, if the developers were required to spell that out in detail, we’d perhaps elect not to buy the device. So the oblique reference is intentionally vague even as we consent to the EULA.

Marketing substitutes for technical awareness nowadays because the underlying technology is too overwhelming to comprehend. Here’s a great example, via Christina Warren. “Apple opens up on how it approaches security following FBI battle.” How many iPhone customers took the time to read that?

Apple’s Way: Security at a Price

One of things we’ve yet tp get our head around as consumers is the cost of security and privacy. On a recent visit to my barber, I was told that the old Samsung smartphone was finally gone. w00t! The conversation went like this:

Me: So you finally got an iPhone?

Barber: Nope. Couldn’t afford one.

Me: I think you can get an iPhone 6s at Walmart for about $300.

Barber: Too expensive. I bought a Motorola.

Me: How much did you pay?

Barber: $120

iPhone X.

Apple: security comes with a price.

And there you have it. The financial squeeze on working Americans means that they consciously make the decision to sacrifice the security of Apple’s ecosystem in favor of saving money. How did that judgment develop in our culture?

Millions of Americans make this decision all the time because the money is real and countable while the practical, technical insights into how their devices work is largely absent. We have done this to ourselves in the name of corporate profits.

The U.S. Army just may have fallen into the same kind of trap. In my experience, that happens because senior decision makers are seldom deep in all the modern technologies. A Chief Scientist can warn and make recommendations, but bureaucratic power always wins.

Fortunately, this Army and Fitbit affair is so dramatic, prompt action is being taken. Again, from the Washington Post: U.S. military reviewing its rules after fitness trackers exposed sensitive data. :

On Monday, the Defense Department launched a review to determine whether new policies are needed, according to Army Col. Robert Manning III, a Pentagon spokesman. The review will be led by Essye B. Miller, the Pentagon’s acting chief information officer.

….

Privacy experts have long warned that tech companies often make personal information — including contact lists, social media posts and location data — available by default. That means users who do not routinely read privacy notices and tweak settings can be surprised by how much information is collected by private companies, as well as how that data ultimately is used.

Experts warn about this every day. It falls on deaf ears anyway.

Backdoors

Amidst all the above, there are those in law enforcement who, without a deep understanding of security technology, continue to lobby for a hidden backdoor into our iPhones. Again, competent security experts have warned us about the dangers of such an approach.

Have we learned our lesson?

Hopeful Future?

Just possibly, this Fitbit experience will remind all concerned that the security of our smartphones is one of the defining issues of our times. Any dilution of the top-notch practices Apple employs would likely lead to another security disaster similar to the one the U.S. Army just experienced. LIkely much worse. It’s wakeup call number 1,342.

Cool, smart, technically deep, seasoned individuals can lead the way. If their guidance is heeded.

3
Leave a Reply

Please Login to comment
3 Comment threads
0 Thread replies
0 Followers
 
Most reacted comment
Hottest comment thread
3 Comment authors
Nedawhgeoduck Recent comment authors

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  Subscribe  
newest oldest most voted
Notify of
Ned
Member
Ned

I’m hopeful that much of what’s happening in the world currently is a wake up call for responsibility, starting with the person you see in the mirror each morning. AT&T’s call for an Internet Bill of Rights should have happened, through public demand, a long time ago. Along with information on how to use the internet and concepts like Net Neutrality. Currently tech companies are running a “Let’s run it up the flagpole and see who salutes mentality.” – let the uneducated customer figure it out on their own and we’ll change the product later. The “We can’t put up… Read more »

awh
Member
awh

Experts warn about this every day. We’ve trash-talked experts into irrelevance as they tell us things we don’t want to hear. On the issue of privacy and data security (the odd snafu – ahem, root password – aside) Apple is as usual looking to where the puck is going to be, but this is nothing new. 20 years ago poor Windows users suffered under a daily load of malware while Mac users largely looked on, bemused – all because somewhere along the line the siren song of ‘cheap’ won the day. So many nuggets of wisdom warn us (‘buy cheap,… Read more »

geoduck
Member
geoduck

The issue of security vs price is not a new thing. How many buy an inexpensive door lock rather than a Schlage. Get a sale
“no name” deadbolt from Home Depot rather than a good one from a locksmith. This has been going on forever, it’s just that the security is not something we can see any more.