Is your refrigerator spying on you?

Is your refrigerator spying on you?
David Choffnes, assistant professor, Jingjing Ren, doctoral candidate, and Daniel Dubois, postdoctoral research assistant, work in the Mon(IoT)r Lab in the Interdisciplinary Science and Engineering Complex. Photo by Matthew Modoono/Northeastern University. Credit: Northeastern University

Millions of American homes contain devices connected to the internet that aren't computers. Yours is likely one of them.

If you have a TV that allows you to stream shows from online sites such as Netflix or Hulu; if you have a thermostat you can control with your phone; if you have a refrigerator that notifies you when it's time to buy milk; if you have a voice-activated digital assistant such as Alexa or Siri or Cortana, then you have a that's connected to the internet, also known as a .

The ecosystem of these smart devices is being called the "." And it's supposed to make life easier. If you can set your thermostat to kick on an hour before you come home, you'll save money on heat and be cozy as soon as you walk in.

But very little is known about which data these devices are collecting, and whether they stop when you're not using them.

So, are smart devices collecting data on us while they're supposed to be off? That's what Northeastern assistant professor David Choffnes and his colleagues are studying. And the answer, so far, appears to be yes.

There is an apartment on the sixth floor of the Interdisciplinary Science and Engineering Complex. Not just any old apartment, but a totally 21st-century apartment, packed with more than 80 smart devices. The list includes a smart microwave, rice-cooker, security system, lightbulbs, TV, and refrigerator, among other devices. The room is designed to mimic a regular home, albeit an extremely well-connected version of one.

Choffnes and his colleagues invite students to use the room however they'd like—to watch TV, heat up lunch, listen to music—and they collect the streaming out of it.

"It's not enough to set up a bunch of devices on a table; we needed to create a place where people could interact with these devices the way they would in the real world," Choffnes said. "By looking at the internet traffic, we can answer: Are these devices doing what you would expect? Which servers are they contacting when they connect to the internet?"

Choffnes is working with Jingjing Ren, a doctoral candidate; and Daniel Dubois, a postdoctoral research associate, to collect the data. They started by collecting everything, in order to get a baseline understanding of "what's normal and what's not," Choffnes said.

The data being beamed across the internet by these devices is, for the most part, strictly encrypted. This means Choffnes and his team can't see exactly which information is being communicated, just where it goes and when it's sent.

"That's a good thing because it means your data is protected from would-be eavesdroppers," Choffnes said. "It's bad because it means we can't see what it is, either."

But what they can see has potentially alarming implications.

"What we've found so far is that most devices are doing some kind of activity when they're not being used," Choffnes said.

With the proliferation of smart devices, including in offices and other public spaces, Ren said, the findings could have consequences even for people who don't have them at home.

"You could be in an environment you don't control, with these devices, and you should know what you're getting into," she said.  

It will take more testing and more collection until the researchers can tell where that information is being sent, and why it's being collected in the first place, but their focus is on privacy.

"We, as the users of these devices, ought to be more aware of what they're doing and when," Choffnes said. "You should know up-front the risks of these devices as you enter your home, and our goal is to find ways to protect users who don't want their information shared across devices."

As for the researchers themselves? Almost everything in Dubois' apartment is connected to the . Choffnes and Ren are a little more old school.

"These devices certainly have their usefulness," Choffnes said, regarding smart devices. "I'm just not sure they're for me."


Explore further

New tools to get your smartphone up to speed

Citation: Is your refrigerator spying on you? (2018, September 26) retrieved 22 October 2019 from https://phys.org/news/2018-09-refrigerator-spying.html
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.
5 shares

Feedback to editors

User comments

Sep 26, 2018
I think end users should have the right to get a clear text log of communications. That would solve the 'behind their back' aspect of things. Failing that, there should be a complete description of what data is being sent to whom. This business of spying to monetize the consumer needs to be brought to heel. I'm the customer, not the product.

Oct 10, 2018
And of course, one should always be able to turn the ratware off. (Simple with Ethernet, a bit harder to guarantee with wireless if these clowns are nefarious.)

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more