Soon, possibly even later today, you will read a story about some terrifying thing a big-name corporation is doing with your devices or your data. The story will sound convincing, name-check the right jargon, and even link to some intriguing evidence. You will be appropriately terrified.
Remember when we found out Samsung TVs were recording all our living-room conversations, Microsoft’s Windows 10 was sharing everyone’s WiFi passwords, and Facebook would make commercial use of our data unless we posted the correct privacy notice to our profiles?
Do you also remember when all of these claims fell apart a few days later, once people returned to their senses?
Techno-panic stories nearly always splinter on closer inspection. You can’t stop them from running across the Internet, but you can avoid having them fill you with pointless anxiety. The cure is almost always a liberal application of critical judgment.
Don’t believe everything you read, no. 347 in a series
The problem usually starts when different sites try to jump on a tantalizing report of some massive privacy violation or security risk. That’s when the tech-news universe becomes a giant game of Telephone.
If the first post to break the news uses conditional verbs like “may” or “could” to convey uncertainty, you can bet those qualifiers will become unconditional declarations in the fifth or tenth iteration of the story. Subtlety is almost always the first casualty of the race to rewrite.
The solution here is usually easy: Follow the links in the story to the original source, so you can measure how solid the claim probably is. (Provided, of course, the news source you’re reading provides said links; many do not.)
In the case of Samsung’s allegedly spying TVs, for example, the original source was a tweet by an Electronic Frontier Foundation staffer who called out a line in a Samsung privacy policy. He hadn’t inspected the hardware in question, but you wouldn’t know that from breathless third-hand reports.
And that’s the other problem: The Internet rewards speed above all else. Getting the story right usually involves independent reporting, which requires more time. So avoiding panic also means withholding judgement until all the facts are in.
By then, of course, the poorly reported and largely inaccurate rewrite has hit Facebook and been shared by all of your friends. I like Facebook, but I have never seen a more efficient mechanism for spreading urban myths.
Do believe the documentation you read
Or you could just skip the rushed rewrites on Facebook and read the documentation. That’s where the Windows 10 WiFi-sharing scare, as seen under headlines like “Windows 10 will share your Wi-Fi key with your friends’ friends,” fell apart—because by default Windows 10 does no such thing.
Related: Windows 10′s Wi-Fi Sense: What’s Really Going On
Microsoft’s explanation is clear enough about the layers of permission that are required before you can share your Wi-Fi log on. (You must select a network and re-type its password to share it with friends, and Facebook sharing requires a second confirmation.) But anybody could verify this for themselves by simply trying it out.
Samsung’s manual also stated pretty clearly that the microphone on its smart TVs stays off until you activate it yourself. A security researcherlater confirmed that—although he did find that some voice commands transcribed during those periods of listening were sent unencrypted to the company that provides Samsung’s voice-recognition technology, Nuance.
Related: No, Your TV Doesn’t Care What You Say
Horrifying? Depends. You know what else goes over the Web unencrypted? The vast majority of the news stories you read, which can reveal far more about your tastes and opinions than voice commands to a TV. (This is one of those bits of context about digital life that I wish more people realized.)
Legalese and other foreign languages
Ever read a privacy policy? Then you know just how unintelligible that document is to those of us who did not graduate from law school.
You’d think that after the last 350 rounds of privacy-scare stories started with badly-written “ToS” and privacy-policy documents, “how to write terms of service without looking like a jerk” would be first-year material in law schools. Apparently, it’s not.
No comments:
Post a Comment