Linus Tech Tips and Privacy

[Badger2077]

Hi, new to the community but basically made an account for this. I'm a big fan of Linus, and he's part of my inspiration for choosing to work in IT. I do only watch the main channel and some other bits, so if some of this stuff has been covered on other channels I apologise.

 

There is one topic I think Linus might be neglecting to some extent, and that's privacy. I don't know if it's down to demographic or just keeping the tone of the videos light, but I'd love to see more of Linus talking about privacy concerns with the devices he shows on his channel. 

 

Especially all the Chinese tech he's showing, Linus has a great platform to educate users on some of these issues - he already talked about PIA in a great video and their reasons for choosing them. Why not have videos debunking and confirming myths around what data the smart home stuff can collect? Or even a video on making smart home automation for the privacy concious (if thats even possible?). Especially when we have plenty of evidence of Chinese hardware and software being potentially problematic (Huawei, ZTE, Lenovo and more). Not just Chinese stuff either, what about things like intel ME and and AMD PSP? How many users get brand new PC's or intel chips, unaware they can be compromised really easily physically?

 

There's just such a wealth of great content that can be done on this stuff, that not only informs users - which the channel is generally really great at - but also just could be really interesting for the channel to dive into.

 

Sorry if this topic is in the wrong place, just wanted to share my 2 cents and see what other people thought of this.

 

Again, big fan and no ill will is meant so I hope it doesn't come off that way. I know it's content I'd love to see, and I really think people ought to be more aware of this stuff when they spend so much on some of these products.

 

 

[LukeSavenije]

sounds like a good idea for a video imo. I kinda know what's the problem with those devices, but a clarification from him would be nice

[GOTSpectrum]

I really hope this gets passed up the chain as it would be great as a side series, maybe like once every 2 weeks they so some security thing, could easy get sponsors for it too. 

[Sauron]

20 minutes ago, Badger2077 said:

Why not have videos debunking and confirming myths around what data the smart home stuff can collect?

They don't have the means or know-how to do that. Realistically you'd need some pretty hardcore packet sniffing and filtering to figure out what goes where and even then you couldn't know for sure what every bit of data is. Debugging the devices themselves is also a no-go since the source is usually closed and they'd have to reverse engineer the whole device, impractical even for specialized firms.

20 minutes ago, Badger2077 said:

Especially when we have plenty of evidence of Chinese hardware and software being potentially problematic (Huawei, ZTE, Lenovo and more).

Not any more than stuff from anywhere else to be honest, the idea that China is somehow a worse offender in this is mostly propaganda.

20 minutes ago, Badger2077 said:

Not just Chinese stuff either, what about things like intel ME and and AMD PSP? How many users get brand new PC's or intel chips, unaware they can be compromised really easily physically?

Aware or not, there's nothing you can do about it in 99% of cases.

16 minutes ago, Ben Quigley said:

I really hope this gets passed up the chain

There is no chain really, if you want to get their attention you can try tagging them:

@James

@LinusTech

 

or just hope they come across this, but that's relatively rare.

[Badger2077]

I'm aware most of the research on this requires a lot of specialist knowledge, but what's great about cybersecurity is there are already tons of companies and individuals out there publishing research on the regular and putting it in a nice clear format, just like F-Secure did in my link in the original post.

 

What I'm suggesting is Linus just incorporate some of the findings and potential concerns to users in their videos. They needn't go into incredible detail, people do that already - but why not let users know that if they buy xCPU or device that there are some flaws they need to be aware of? A lot of this stuff can be just as simple as, well if you're buying a CPU with intel AMT you need to change the default password, and it's pretty trivial to do so compared to say de-lidding a CPU.

 

The IOT stuff is tricky, but there are ways you can at least mitigate it, for instance making your own open source IOT stuff with raspberry pi's etc. The great thing about that is because you made it as a little project you are at least aware of what the issues are, whereas like you say we have no idea with some of the mainstream products. Heck even just saying, well we have no clue what this device will do with your data is a start.

 

It's something that I certainly consider when buying products, although sometimes shiny new gizmo X makes me figure thats the price I pay for convenience of the product. The problem is, a lot of users don't even know they're paying that price.