Top security and privacy TED Talks from 2018

IoT security, insecure software, and data privacy among the top security and privacy TED talks from 2018

Ninety-five percent of the time when I watch videos about cybersecurity, hacking, privacy, or surveillance, they are videos from security conferences. In fact, some of the best out there are TED talks. While most of the great ones were made years ago (between 2008 and 2017), 2018 had several worth watching. Here's a look at some of them.

What your smart devices know (and share) about you

Kashmir Hill and Surya Mattu gave a worthy 2018 TED Talk called, “What your smart devices know (and share) about you.” Hill set up her one-bedroom apartment as a “smart home” for two months. She connected an Amazon Echo, the lights, her coffee maker, a baby monitor, her kid’s toys, a vacuum cleaner, her TV, her toothbrush, a photo frame, a sex toy, and even her bed. And Mattu was responsible for monitoring the Internet of Things (IoT) devices that were spying on Hill.

Unsurprisingly, Mattu could see a lot. For example, with unencrypted data streams, such as when someone watched Hulu on the smart TV, he could see everything. For encrypted data streams, he could see only the meta data, but even that provides information. For example, he was able to figure out what time the family wakes up in the morning because the Amazon Echo would start playing songs from Spotify between 6 a.m. and 8 a.m.

How tech companies deceive you into giving up your data and privacy

“How tech companies deceive you into giving up your data and privacy” is a somewhat related 2018 TED Talk that falls under the heading of TED Salon. In the September 2018 video, Finn Lützow-Holm delves into the internet of sh*t and data collection, explaining alarming ways tech companies trick their users and how the personal data the companies collect are used “at a scale you could never imagine.”

When technology can read minds, how will we protect our privacy?

Another privacy-related TED Salon Talk from November 2018, given by bioethicist Nita Farahany, is titled, “When technology can read minds, how will we protect our privacy?” In it, she points out that “the average person thinks thousands of thoughts each day.” Already there are sensors in vehicle’s headrests that track driver concentration, distraction and cognitive load while driving. Insurance companies pretty much love tracking when attention wanes. There will be be more “mind-reading” tech to come in the future.

Farahany said:

I worry about the ability of our laws to keep up with technological change. Take the First Amendment of the U.S. Constitution, which protects freedom of speech. Does it also protect freedom of thought? And if so, does that mean that we're free to alter our thoughts however we want? Or can the government or society tell us what we can do with our own brains? Can the NSA spy on our brains using these new mobile devices? Can the companies that collect the brain data through their applications sell this information to third parties? Right now, no laws prevent them from doing so.

How dangerous are IoT devices?

Ben Gurion University Professor Yuval Elovici, who is also head of its Cyber Security Research Center, also discusses the danger of IoT devices. In this January 2018 TEDx Talk, he takes “us through a typical day just a few years from now and make us realize the power of connectivity, for good or — for bad.”

As Elovici explains, IoT devices collect a lot of information about us that is stored in the cloud, where it will be analyzed to provide us with better services. However, if someone manages to get this data, they will be violating our privacy, plus they could use that data against us.

In one potential scenario, Elovici describes one potential scenario in which the data from your smart watch, which measures your alcohol level, could be combined with data from your smart car and then shared with law enforcement officials in their connected/smart cars, who could charge us with driving under the influence.

It’s all things to consider as we connect our devices to the internet.

How do we build trust into the IoT?

While the scope of my search was limited to the above-mentioned topics, it was surprising to find so few TED Talks of new topics — made in the last year. In fact, the hunt for many such talks made in 2018 generally fell under the scope of Tedx Talks, with the “x” indicating it was an independently organized TED event.

A University of Nevada TEDx Talk you might enjoy is “How Do We Build Trust into the Internet Of Things.” In it, Daniel Price “discusses the future of IOT technology, the network of social devices; what should we be excited about, and what should we watch out for?” Neglect your “smart” toaster, and it might post itself for sale. If your environment knows who you are, say goodbye to anonymity and hello to a mailed ticket for jaywalking. (Hello, China!) He gives serious, funny, and even scary examples of the IoT future, as well as how “IoT must have trust as its foundation.”

When cyber prevents security

I also enjoyed the TEDxTufts (Tufts University) Talk “When Cyber Prevents Security” by Winnona DeSombre, who is a threat intelligence researcher at Recorded Future. In it she discusses how failing to include strong security when developing new, internet-connected devices can be disastrous.

An example she gives are the hard-coded passwords built into routers, DVRs and other connected devices. When they all have the same unchangeable password, a hacker needs to figure out just one password to be able to get into all.

That’s what happened with the Dyn attack on Oct. 21, 2016 – a hacker got into over 100,000 devices and created a botnet that took down the internet for the northeast section of the United States and parts of Europe for an entire business day. This happened, she says, because companies were focused on pushing out the newest, hottest products the cheapest way possible and they failed to include security in the process.

How we need to remake the internet

Jaron Lanier’s April 2018 TED Talk “How we need to remake the internet” made it into a TED curator’s top 10 talks of last year. The synopsis reads, “In this visionary talk, Lanier reflects on a ‘globally tragic, astoundingly ridiculous mistake’ companies like Google and Facebook made at the foundation of digital culture — and how we can undo it. ‘We cannot have a society in which if two people wish to communicate, the only way that can happen is if it's financed by a third person who wishes to manipulate them,’ he says.”

Online privacy and the total freedom of the internet

In “Online Privacy and the Total Freedom of the Internet,” a 2018 TEDx Talk out of Bucharest, security researcher Stefan Tanase asks, “Do we want to live in a world where digital privacy is a human right or do we want to live in a world similar to George Orwell's 1984?”

Defend yourself in this digital world. No one else will do it for you

Lastly, in the TEDx Talk “Defend yourself in this digital world. No one else will do it for you,” Dutch cybersecurity expert Arjen Kamphuis says we need to keep ourselves safe — to take responsibility for our own defenses.

"We can create our own IT systems that are independent and secure. We just need to decide to commit our resources to making them," he says.

While the talk is interesting in its own right, it's made doubly so by the fact that Kamphuis went missing a few months after giving the talk. It’s worth noting that WikiLeaks tweeted several times about Kamphuis’s mysterious disappearance. Kamphuis is still missing, but friends and family members said in December 2018 they believe he is still alive — that his disappearance is voluntary. They say he did this type of thing before when dealing with a personal setback.

Copyright © 2019 IDG Communications, Inc.

Get the best of CSO ... delivered. Sign up for our FREE email newsletters!