[ad_1]
The worst part about waking up can be the Chinese spying on your coffee cup.
American researcher Christopher Balding said he has uncovered evidence that China is collecting data collected through smart coffee machines manufactured in the communist country and sent to America.
Mr. Balding’s report at New Kite Data Labs said the problems with internet-connected coffee machines are part of a broader data collection effort aimed at internet of things (IoT) devices with low security and unclear data policies.
IoT devices include a variety of home appliances, from robotic vacuum cleaners to thermostats that use machine learning to keep people comfortable in the summer heat.
“China is really collecting data on anything and everything,” said Mr Balding. “As a manufacturing hub of the world, they can apply this capability to any device that goes anywhere in the world.”
Mr. Balding described the problematic coffee machines as products manufactured by Kalerm in Jiangsu, China. According to New Kite Data Labs’ report, the machines collect product information, payment data, and customer information including location and time data.
Taken together, this data provides insight into a user’s name, relative location, and usage patterns. The data may include financial information such as payment type and routing information typically used by machines in commercial environments.
For example, a coffee machine at a breakfast buffet in a hotel can receive payment from individuals, unlike the company’s home coffee machines.
Mr. Balding said he was undecided about how the research firm obtained the information, as he didn’t want China to prevent him from learning more about data collection inside the communist country.
The New Kite Data Labs report clarified the data collection it observed on China-based consumers, but noted that the products were sold widely in the US and Europe, and distribution was likely the same data leaked from machines in China. Bought from machines in America.
“While we can’t say that this company collects data on non-Chinese users, all the evidence suggests that its machines can and do collect data about users outside of Mainland China and store the data in China,” the report said. “Data is collected at the operating point from the software embedded in the coffee machine.”
New Kite Data Labs has not disclosed evidence showing that the Chinese government is using data collected by Kalerm.
However, China’s military-civilian fusion policies force companies to cooperate with the communist government, which means data stored in China falls into the hands of the government.
Kalerm did not respond to requests for comment.
Smart coffee machines aren’t the only vulnerable internet-connected devices that put Americans at risk of collecting confidential data. Other IoT devices can connect to smartphones or have built-in cameras and microphones to detect and respond to voice commands; this provides more data for a manufacturer to collect.
For example, some robotic vacuums use microphones to respond to users’ commands, and the vacuums can be controlled by apps available on a variety of devices via Apple and Google’s app stores.
Last year, cybersecurity firm Mandiant said ThroughTek uncovered a vulnerability in baby monitors and video doorbells that use the Tin network, which would give hackers the potential to access live video and audio.
ThroughTek said he was briefing customers at the time about the defect and telling them how to address it.
The Cybersecurity and Infrastructure Security Agency issued a warning about the flaw last August, and a cyber official stated that the vulnerability resides in a software development kit designed to encrypt data transferred from one point to another and used heavily on IoT devices.
China is not the only country interested in the data generated by IoT devices worldwide.
Former National Security Agency contractor Edward Snowden has expressed concern about owning a blender to make milkshakes after he fled the US to Russia.
According to author Barton Gellman’s 2020 book “The Dark Mirror,” who revealed the specific details of the NSA’s global surveillance in 2013, Mr. Snowden worries that the blender’s electronic signature could reveal its location to the US government and others.
Mr. Balding noted that China is moving from a different position in collecting all possible data and then determining how it will be used.
“Most countries of significant size are probably interested in such devices – make zero mistakes about it,” said Mr Balding. “I think what makes China unique is the breadth and depth of data collection efforts.”
[ad_2]
Source link