The absent rear-view mirror: John McAfee and the false sense of computer privacy*

 

     In his defense, John McAfee claimed that he

 

“began a program of observation and recording of everything….I planted tiny POV [point of view] video cameras and sound recorders on myself, some of my dogs, all around my property, in my cars, on my boats, and the Studio 54 bar in Orange Walk, on trees, in bushes, --everywhere I could. The first two months were audio only."

 

    McAfee found out that the government tried recruiting "friends, neighbors, and acquaintances", but most refused to participate.

     Whatever the truth might be of the case--and we are sympathetic with McAfee's plight and will be watching the case closely--it certainly reveals one thing. Most individuals have a false sense of the implicit privacy inherent to their computer

use. 

     Nobody in their right mind would actually believe that there are hundreds of POV's laying around in Ambergris Caye or San Pedro (Belize). It is non sensical, if you simply consider the logistics of the plan. McAfee or an army of subjects would have had to have planted these POVs. Also, the would required two important things: electricity and communication. A worker would have to go around either changing their batteries--even if they were based on solar power. With regard to communication, we have a similar dilemma. Either McAfee would need hundreds of cables feeding back into his home or central external server, or would need subjects to gather the data (audio) collected by these POVs on a regular basis. In either scenario,

it would generate at some point unwanted attention, eventually pin-pointing back to McAfee. 

     The more plausible scenario is simply that McAfee, as a foremost security expert, hacked into hundreds of computers of the area and began recording audio and video without the users being aware of it. Add to that vulnerabilities in cellular networks, and you have what might be called 24-7 surveillance over a very large region by

a single individual. It's something right out of a science fiction movie, but unfortunately all to real.

    What is perhaps most curious about the case, aside from the muddier criminal-murder charges, is that such a tactic raises the question: if John McAfee can do this, how often are computers actually intruded to by outsiders without users having the smallest of clues as to these breaches of privacy? It would appear, from the

millions of computer victims that have fallen to botnets, that it is much more pervasive than we would care to imagine.

     A comparison of the 'computer use paradigm' and the 'automobile use paradigm' is very illustrative in this sense. When you get in a car, there are windows which allow one to look outside and see where one is going. There are all sorts of gauges and meters which give important information about the car: you know you fast you are going, how hot the engine is revving, as well as how 'old' the car is by its mileage". These three key gauges, found in EVERY CAR, are essential to the understanding of the well being of the car. It gives a driver a better sense of both their vehicle and their location.

     Compare this to computers, and it will be immediately obvious what is missing. Rather than reveal important information about their internal 'status'--the number of internet connections, the heat of the processor, and much less the number of cycles a hard drive has spun--most computers are actually extremely "conscientious" in hiding this information. This is a policy which obviously benefits computer manufacturers. More computers probably 'die' from overheating than from anything else, but because

users are seldom aware of the physical state of their computers, its demise appears to be a 'mysterious magical mystery'. The law does not require computer manufacturers to present this evidence clearly and obviously, in strong contrast to automobile manufacturers. Yet while a car without an odometer gauge would immediately be pulled off the road by the most novice of policemen, computers operate in this manner on a daily basis.

     But this applies not only to the physical status of the computer, but to the connections its holds. The computer, seemingly in the private confines of a home, is more often than not an 'open box': a 'peep hole' into that inner sanctum we call the home. And this is where McAfee's gaffes start to accumulate.

     

 Why are there no federal laws regulating this industry, just as there are federal laws regulating the automobile industry? One could argue that the communications infrastructure is perhaps even more important than the transportation infrastructure, as it is the actual 'nervous system' of any social body.

    McAffee video