A September's tale of (Non) Privacy

by Vikram Venkatasubramanian

No people, THAT is NOT a picture of Covid-19 under a microscope! But, there is another pandemic that rages uncontrolled and if it were a biologic one then this might be how it might look like. The pandemic, that which WE speak of, afflicts our online privacy and security - or what remains of it in a connected home.

First, let me explain what the above picture represents. We researched what websites are queried/accessed each day by a connected home over a period of 30 days in September 2021. Each circle is a unique website that was accessed by the home. The size of the circle represents how many times that website was accessed over the month of September.

So far, so good? Good, ‘coz here comes the fun part.

The green circles are websites that we browsed to or are sites that are needed to deliver the online services we are trying to access. In essence, for the most part, these are ok.

Those red circles. Man, they have a story to tell!! The red circles are websites of known trackers, ad networks, data brokers and surveillance marketers that were accessed by various devices in the connected home. In short, these are how THOSE people constantly watch you and collect your information. We will just call them the ‘Snoopy Guys’ for the rest of this article

So, what did we find in our research? For starters, this connected home made almost 1 million website queries over the course of September. Stunning, right? Next – we also found that, on average, 10% of the website queries on any given day were to the ‘Snoopy guys’.

Now, do you want to hear the spooky parts? Well, wonder what is happening when you sleep?

Well, surprise but no surprise, really(!!), our connected devices are still communicating to the internet. The first picture above shows that they communicate more than 300 times every night at 3am. That is 10,208 times in total at 3 am every night over the course of all of September. But to be honest, not all of that is bad – devices sometimes download patches/updates, perform backups or even send a ‘keep alive’ signal to any cloud service they are connected to as an essential part of their service. But I did say I would give you the spooky, didn’t I? Well, in steps the second picture above. This picture is an aggregate (over 30 days) of how many times devices in the home talked to KNOWN ‘snoopy guys’!! On average, 672 times at any given time slot between midnight and 6am! That is more than 20 times an hour on ANY given day!!

‘Snoopy Guys’ know what we browse to, ‘Snoopy Guys’ know what we watch, ‘Snoopy Guys’ know what we buy, ‘Snoopy Guys’ know where we travel, ‘Snoopy Guys’ know how we travel and the route we travel, ‘Snoopy Guys’ know what devices we have and we now know for sure that ‘Snoopy Guys’ also know when exactly we sleep every day. But who are these ‘Snoopy Guys’? Stay tuned to this channel for a lot more findings on the state of online privacy and security from Nandi Security’s research.

Terms of Use

@Copyright 2023, Nandi Security, Inc