Traitorware Exposes Consumer Information: "New" Security Threat Revealed by EFF

According to a post by the Electronic Frontier Foundation (EFF), there is a "new" type of security threat in town and the EFF has decided to call the threat "Traitorware."The controversial security patent filed by Apple Inc. in August of 2010, entitled "Systems and Methods of Identifying Unauthorized Users of an Electronic Device," prompted the EFF to look at the primary patent mechanism. It apparently scared the EFF so much that the organization decided it simply must warn the good "netizens" of the world about the threat to personal privacy called traitorware.

What is Traitorware?

Traitorware, put simply, is a program or device that has turned against the consumer who purchased it. Any program or device feature that the manufacturer does not make the consumer aware of is traitorware. For example, when spyware attaches itself to a download then installs itself to a browser, tracking the computer users' movements is a great example of traitorware.

When a computer user downloads a free software program that automatically installs a toolbar with the program, users are told about the toolbar and can opt out of installing it. However, if the user decides to install it, a piece of code activates after the installation-code that the user had no idea was there-and it starts tracking the user and transmitting information to a remote location. While this is usually called "adware," it is also another great example of traitorware because the software program turned against the user.

Basic Security Threats

Most people who know anything about computers or the Internet are aware of the sometimes-overwhelming prevalence of various infections such as malware, viruses, adware, spyware, rogue security threats, and Trojans that can easily and catastrophically damage their computers. While these are just a sampling of the many security threats that people and their computers can run into on the Internet, most people understand that the first line of defense against these threats is downloading and installing an anti-virus and anti-malware program, keeping it updated and scanning their computers with the program at least once a week. However, this "new" security threat exposed by the EFF can potentially cause more problems than they are intended to solve.

What If...

What if the security programs or "mechanisms," as Apple calls it, themselves are the threats? That is exactly what traitorware is, according to the report. The term Traitorware may be one people have not heard before, but Traitorware itself is not new, although it is not as well-known as other security threats-but it is just as old. In fact, it has been around just as long as malware and other viruses have and it can potentially cause the most damage and not only to a computer, but to a person and other consumer electronics as well.

Is Geotagging Traitorware?

Geotagging in itself is not traitorware, because when geotagging became popular, consumers knew that the tags would tell others where that consumer was located. That was the point of a geotag. However, many users probably had no idea that many of their devices were using geotagging without their permission; devices like camcorders and digital cameras. One good example of this phenomenon is when Mythbusters' host A dam Savage announced that a photo he took of his car transmitted his location to the world when he uploaded that photo to Twitter. After uploading the photo, he realized that the camera used to take the photo had embedded his latitude and longitude coordinates into the photo-without his permission.

So What is a Consumer to Do?

The one thing that consumers rarely do is read a product or company's service warranties, terms of service, privacy policy, and other like information. While it is entirely possible and almost positive that a manufacturer will disclose what actions that a device will take when it is used, most consumers have no idea because they never read anything. However, it is also just as likely that actions such as geotagging photos and videos are not disclosed and if not, then that consumer has a legal course of action he or she can take if warranted.

Simply put, a consumer should always read everything to help put a stop to these actions and if anything seems suspicious, ask questions of the manufacturer. A consumer can always contact the EFF for more information and to ask for help if they think they have "been had" and the products they have purchased have betrayed them. The only real way to beat traitorware is to stay informed.

Sources:
"What is Traitorware," EFF
"Sony BMG Litigation," EFF
"Sony BMG Settlement FAQ," EFF
Kate Murphy, "Web Photos that Reveal Secrets, Like Where You Live," NY Times