Why We Did This – Facebook’s New Product: You.
In a number of confidential strategy sessions with the Acreto Advisory team, led by Bob Flores, former CTO of the CIA, we set out to identify a number of potential mid to long-term threats that we should monitor. In studying the challenges that come with securing and adopting IoT technologies, and based on the complexities of how they operate and the dependency model that is established sociologically, we realized that Facebook, Google, and other similar tech giants are starved for data points.
“It used to be that analysis of large amounts of data was limited to the biological capacity of the person. Computers didn’t used to have the processing power nor the algorithm and data sciences that they do today. Now, that’s not the case. The fact of the matter is that all these social media companies are data-starved. The more data points they have, the more they can absorb. There is no overload capacity for these social giants.”Babak Pasdar, CEO and CTO of Acreto
Given recent events, and since we had one of the foremost experts in data collection in the world with us, when conversation turned to Facebook, we honed in on their data collection platform, where they are now and where they are heading in the future. We uncovered enough in that meeting to warrant a deeper dive into the Facebook machine. We studied the company, their practices, their history, their technology and even the psychology of its management team. We uncovered a lot of information and the more we uncovered, it made us want dig more. Through extensive research exploring investments, patents, acquisitions, market positioning and even management’s comments, we uncovered data that we thought was concerning.
Pasdar explains, “We first became professionally interested in Facebook when we realized they have pinned their strategic future on IoTs. Where once Facebook’s information sources were limited to a handful of devices like computers and phones, with IoT integration they can collect much more granular data from hundreds if not thousands of sources.”
Part of what makes addressing this challenge difficult is that the social media companies have features and functions that people want, and that they have built social environments that have become 21st century meeting grounds. These platforms are where the global community meets. All of the data points that IoT devices represent are a factor that can be difficult to overcome because there are these functionalities that may be highly desired or necessary for the social media perspective as it relates to people and our attitude towards ‘connecting’ with others. It’s really an all or nothing thing to have these features.
What we’re doing, first and foremost, is identifying the problem. We are also offering organizations and consumers a balanced choice so that they can share the information they want to share, they can utilize the services of the platform in the granular way they desire to share or engage, and they are empowered and able to not give away the data that they want to protect or keep private.
Facebook has proven it can be a kingmaker. Despite the company’s public relations lines, it’s clear that every party and every politician, for any seat, will engage in Facebook hacking. We define Facebook hacking as utilizing publicly available resources, along with coercion and manipulation of people, technologies and process to gain advantages. Advantages that can be for a cause, God, pocket book, or country. Facebook hacking is not just limited to politicians, but also extends to adversaries including those who wish physical and economic harm upon others. The stage has been set for compromising and manipulating entire communities.
When thinking about securing IoT devices, we think like hackers do. How do we break it or steal it? How do we manipulate it or prevent it from functioning? How do we destroy it? These are the questions we can ask.
Hacking is not direct or simple. Many times, hacking involves a complex orchestration of multiple components that typically has many permutations. When thinking through this, we realized first, how integral IoT devices are to social media, and second, the impact they have on privacy and on how we live our lives.
If Facebook and Google can know as much about you as they do today with just a handful of devices such as your computer, your phone, or your watch, picture how much they would know about you and how they could manipulate you – and how they could manipulate societies, economies, or even democracies – when they have thousands of highly granular data points for each individual they track.
Facebook’s reach is astounding. The organization collects a constant stream of data from one-third of the world’s population, and have their roots nestled in half of the world’s web sites.
In Acreto’s Facebook Dossier, the team makes the case for Facebook as spyware and a personal information trafficker. Along with the dossier, Acreto is announcing new technology specifically designed to protect and prevent direct and indirect data leaks to Facebook and other data collection platforms such as Google, among others.
Facebook’s New Product: You.
Overall, the dossier explains how Facebook is intrusive for users and non-users alike. Most notably of recent events, the Cambridge Analytica scandal revealed a vast, deeply intrusive analytics manipulation with Facebook at its core. The extraordinary amount of private data collected from Facebook was used to target conservatives during the 2016 US presidential election. The information gathered from multiple testimonies to US and European legislators and regulators shed light on Facebook’s IoT strategy and sets the stage for intrusion of privacy of historic proportions. Nothing is more illuminating about Facebook’s strategy of data collection than their recent acquisition of Onavo, dubbed a “mobile data analytics company”, but in actuality, a ‘man-in-the-middle’ masquerade to collect, store and analyze all user communications for Facebook’s use, benefit, and profit.
Facebook came, Facebook saw… and Facebook continues to conquer: this time, your IoT devices.
“Cambridge Analytica is the canary in the coal mine to a new Cold War emerging online. Soon the so-called ‘Internet of Things’ will become the norm in American households. Algorithms will soon be driving our cars and organising our lives. This is not just about technology today, we have to seriously consider the implications for tomorrow. To put it bluntly, we risk walking into the future blind and unprepared.”Christopher Wiley, Cambridge Analytica whistleblower
Cambridge Analytica and its parent company, SCL Elections, used a suite of political psyops tools in more than 200 elections around the planet. The vast majority of the targets were third world and underdeveloped countries, many without the resources or knowledge to defend themselves. These efforts were in preparation for their biggest effort to date: The US 2016 Presidential Elections. As we have rounded the corner for the 2018 mid-term elections, Facebook and their capabilities loom large, especially when there is no buy-in from the topmost echelon of political leadership.
Your data is no longer your own. Facebook wants it all and they want it now to weaponize their most valuable product — The User.
To read more about Russian nation state hacking of the US Elections and how cyberattacks come together, check out a two-part collaboration between Acreto CEO, Babak Pasdar, and former CTO of the CIA, Bob Flores, here.
Learn more or read online by visiting our web site: Acreto.io — On Twitter: @acretoio and if you haven’t done so, sign up for the Acreto IoT Security podcast. You can get it from Apple – Google or your favorite podcast app.
About Acreto IoT Security
Acreto IoT Security delivers advanced security for IoT Ecosystems, from the cloud. IoTs are slated to grow to 50 Billion by 2021. Acreto’s Ecosystem security protects all Clouds, users, applications, and purpose-built IoTs that are unable to defend themselves in-the-wild. The Acreto platform offers simplicity and agility, and is guaranteed to protect IoTs for their entire 8-20 year lifespan. The company is founded and led by an experienced management team, with multiple successful cloud security innovations. Learn more by visiting Acreto IoT Security on the web at acreto.io or on Twitter @acretoio.