As an information security professional, one becomes keenly aware just how much surveillance capitalism has infested our lives. Every app and every piece of gear is constantly phoning home in little ways. Myriad companies, from big FAANGs and credit agencies to little metrics startups collectively have exabytes of data on all of us, collected in little dribs and drab, across every app, on every device, at every moment of every day.

Also, in pursuit of “safety”, we’ve invited surveillance into our homes in the form of cameras and open mics managed by corporatations who are rarely held to account for privacy violations in the US, thanks to our almost complete lack of privacy legislation. Combined with our increased tolerance for so much more government surveillance since 9/11 has created a perfect storm for abuse where police agencies partner with companies like Amazon to gain access to Ring cameras to create a “Shadow IT” surveillance network funded by consumers.

I was even one of those consumers. Back in 2016, I installed a Gen 1 Ring doorbell from before the Amazon acquisition. We were having a huge problem with package theft at the time, so it made sense to get notification of when someone approached the door so we could grab packages before they were stolen. It was convenient for a while, but actually got annoying after a time. Tech inertia set in and I finally got around to replacing it today. Dialing back the tech and optimizing for design, I found this great doorbell from Modish Metal Art in Alberta, Canada.

Sitka Spruce Doorbell

I also added another layer of ambient privacy protection this weekend by standing up both AdGuardHome and a PiHole to mess around with network wide DNS filtering. We run browser based ad blockers, but I’m curious to see how well the DNS filtering works for the Smart TV and other embedded devices. It was simple enough to stand up a container for each of them and point our internal DNS servers to them as forwarders to handle external recursion.

Nothing like seeing the top blocked hosts belonging to one’s former and current employers.

Blocked Domains list

Is it hypocritical of me to get paid by surveillance capitalists while also blocking as much surveillance as possible? Maybe, but we’ve all seen how some companies play fast and loose with people’s data. Thankfully, my current employer is more mindful of protecting people’s data than any company I’ve ever worked for before.