The concept of open washing has been covered in brief on this site before, but another form of deceptive practices has been becoming more common in the tech world. With the increased awareness of privacy over the last year, there is a growing number of individuals looking to capitalize off this movement, some of which are looking to do so deceptively.These companies are falsely advertising devices and services designed to protect users
In the past year, a few projects have arisen on popular crowd-funding sites seeking to launch products designed to protect user’s privacy; some of which have been products that would actually do the reverse by making users more vulnerable. Anonabox and Wemagin were two notable projects that advertised themselves having traits such as custom built, open source, and secure, but they turned out to be none of these things. Rather, they are cheap off-the-shelf Chinese devices that had many security flaws and only basic functionality.
Violet Blue, the author, has some tips to avoid problems like these in the future.
- Like with our news sources online, we need to be critical shoppers with all privacy products, no matter how trusted the source.
- Search for people talking about the product, read blog posts, search out trusted voices in security — see what the chatter is on a product.
- Look for evidence that the product has been independently audited, and find out if the ‘beta testers’ are more than the inventor’s buddies.
- Look for “red flag”, false and impossible promises. For instance, if someone claims “government grade encryption” — they’re lying.
- Also avoid products that offer to “leave no trace” — this is a commonly abused claim.
- The bottom line should be, if a privacy product sounds too good to be true, then some aspect of it certainly is.