Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Privacy Worries For 'Smart' Smoke Alarms

Soulskill posted about 4 months ago | from the remember-when-we-just-had-to-worry-about-our-devices-catching-fire dept.

Privacy 90

Advocatus Diaboli sends this excerpt from an article about the data collection capabilities of the Nest Protect 'smart' smoke alarms, and how they could become a privacy concern: Consider that each Protect is packed full of sensors, some of which are capable of much more than they're doing right now: From heat and light sensors to motion sensors and ultrasonic wave sensors. This simple little device could scrape an incredible amount of data about your life if Nest asked it to: From when you get home, to when you go to bed, to your daily routine, to when you cook dinner. Now imagine how a device like that would interlock with another that you keep on your wrist, like the forthcoming Android Wear. Together, they would create a seamless mesh of connectivity where every detail of what you do and where you go is recorded into a living, breathing algorithm based on your life.

Neither Nest nor Google has stated any intention to turn Nest's hardware into more than it is right now. Protect is an alarm, the Thermostat is a thermostat. But as Google ramps up its vision to connect every aspect of our world, from Android Wear to its acquisition of a company that specializes in high-res, near-instantaneous satellite imagery of Earth, it's easier than ever to see why it would cough up billions for a company that has installed hundreds of thousands of Wi-Fi connected devices in the homes of Google users."

Sorry! There are no comments related to the filter you selected.

Google wants to pattern your lifestyle... (1, Insightful)

Anonymous Coward | about 4 months ago | (#47258509)

It's just not stupid enough to come right out and say it though. Having all of this information will make AT BEST their ads more effective because they can advertise food when you are hungary and sleeping pills when you are restless....at worst their data will be used against you in cases being built against you.

There is no reason this device needs to store or transmit ANY of the data it uses to smoke detect.

Re:Google wants to pattern your lifestyle... (1)

umghhh (965931) | about 4 months ago | (#47258563)

I do not thin that legit ads are a problem but neither you nor I can distinguish legit ads from malicious ones which devise needs where there is none and doing some other stuff nobody wants except their authors or police department that now can detect that you rolled a conical object and now a sweet smelling cloud is being dispersed by air condition - augment this with automatic sentencing or even better preemptive sentencing as after all system will know you wanted to commit a terrible crime even before you do. I think there is huge potential there!

Re:Google wants to pattern your lifestyle... (-1)

Anonymous Coward | about 4 months ago | (#47258787)

Punctuation, learn it and use it. Since I smell a dirty sock puppet you will probably do neither.

Re:Google wants to pattern your lifestyle... (0)

Anonymous Coward | about 4 months ago | (#47260095)

Pattern my lifestyle? I want their smoke alarm to tell me if I'm on fire.

If it doesn't have this feature then I'm not buying it.

Re:Google wants to pattern your lifestyle... (1)

NeverVotedBush (1041088) | about 4 months ago | (#47263161)

Google is a surveillance company. That's what they do. That's how they make their money.

I had bought a Nest and two Protects before the sale was announced but I won't buy any more. If it gets discovered that they are harvesting any information from them, I will remove them immediately.

It was a good idea but adding the surveillance and data harvesting aspects makes it something I won't have in my home. Right now they are on probation but it won't take much for me to pull them.

Does this remove the need for obscurity? (-1)

Anonymous Coward | about 4 months ago | (#47258511)

With monitoring technology like this becoming so prevalent, one will have to ask oneself, is there really any point to obscuring one's genitals?

In the days of yore, it was common for one to cover his or her genitals because it was the decent thing to do. But if monitoring devices could potentially see through any clothes that you're wearing, is there any point to wearing clothes while at home?

If some multinational corporation can see your genitals, even while you're wearing clothes, does it still make sense to hide them?

Re:Does this remove the need for obscurity? (1)

Anonymous Coward | about 4 months ago | (#47258539)

Well, I can't see your genitals and I don't want to.

Re:Does this remove the need for obscurity? (1)

SuricouRaven (1897204) | about 4 months ago | (#47258593)

Clothing is an important social signal. It serves to indicate class and social groupings.

Even if everyone had a minaturised terahertz-wave scanner implanted in their eye, clothing would still be worn for that purpose. Besides, it provides protection from sun overexposure and low temperature. It's also very handy for obscuring the physical signs of sexual arousal, which would otherwise lead to some serious social awkwardness. Especially for teenage males, who tend to have it going up and down like a yo-yo while hormones run riot.

Re:Does this remove the need for obscurity? (0)

Anonymous Coward | about 4 months ago | (#47258649)

As the pro-pantopticon people like to say, society just needs to learn to not make a big deal over that sort of stuff and then everything will be peachy-keen.

Re:Does this remove the need for obscurity? (1)

Anrego (830717) | about 4 months ago | (#47258717)

Clothing doesn't just provide obscurity.

It provides warm, and soaks up sweat. Imagine wearing the same shirt for say.. a month. That's probably what will happen to your couch, and it's a lot harder to throw the sofa into the washing machine every day.

Re:Does this remove the need for obscurity? (1)

queBurro (1499731) | about 4 months ago | (#47261499)

also... think about the excitement of christmas morning, with the anticipation of all those wrapped presents versus the disappointment of christmas afternoon when you've found out what you've actually got

Re:Does this remove the need for obscurity? (2)

Anrego (830717) | about 4 months ago | (#47261767)

It's a sad moment of realization that I actually like getting cloths for Christmas now. Mainly because I suck at picking stuff out myself and hate shopping for cloths in general.

Having a job, a fiance, hell owning a house (or well a gradually increasing piece of one) doesn't make you an adult. When someone gifts you a tonne of socks (sister works at a Marks Work Warehouse and gets some ridiculous employee discounts) and you think "awesome, I really needed these", I think that's the moment one realizes they are an adult.

It's too late. (0)

jtownatpunk.net (245670) | about 4 months ago | (#47258553)

If you don't want to be tracked, you need to dump your cell phone immediately. It collections location information and has both audio and video recording (in two directions) capabilities. Worrying about a "smart" thermostat, smoke detector, or watch is silly. We're way past that.

Re:It's too late. (2, Interesting)

Anonymous Coward | about 4 months ago | (#47258603)

Bull. Privacy is not an either-or-proposition.
It is a spectrum and every new data-stalker device we accept in our lives pushes us further into the black.

Re:It's too late. (1)

mbone (558574) | about 4 months ago | (#47258687)

What, you don't turn your phone off and put it inside a metal box from time to time?

Seriously, what is wrong with you?

Re:It's too late. (0)

Anonymous Coward | about 4 months ago | (#47259063)

I don't have a cell phone, and only carry one from work on my rotation. Problem solved.

Re:It's too late. (0)

Anonymous Coward | about 4 months ago | (#47259161)

I do. Well, not a metal box. But I have it switched off some days. I also don't bring it wherever I go. Why would I?

Re:It's too late. (2)

tysonedwards (969693) | about 4 months ago | (#47258735)

Your average smart phone knows where it is, the exact position in 3D space, what devices are nearby, whether it is being held versus on a table or in a pocket, whether you are laying down, sitting, walking, jogging, running, biking or driving, whether you are indoors or outdoors, what the temperature is, what the atmospheric pressure is, what the relative humidity is, UV levels, air quality levels, the tone of your voice to determine whether you are happy, sad, angry, ..., and in many cases what your heart rate is when using it by looking at your face.

And more sensors are being added with each revision to make them better able to be everything for you.

There are even sensors out now that will build live 3D models of whatever the phone sees, letting it know what is in it's surroundings.

Your phone already knows the things that your thermostat *can* know, except it does a better job because in our hyper-connected, instant gratification culture it has become the 8th deadly sin to be anywhere without your cell phone for 5 minutes.

While it is good to be considerate about what could happen should all of these existing systems that we already have in our homes and are adding daily get linked together into one gigantic monitoring system, it is an exercise in futility considering that we knowingly don't care because next year we can play Kinectimals on our phone and have our ePet interact with the world by jumping up on the couch or hiding behind the counter.

Re:It's too late. (1)

Anonymous Coward | about 4 months ago | (#47258777)

> it is an exercise in futility considering that we knowingly don't care

No, "we" only don't care because of ignorance. The average smart phone user has never thought through the implications of all the sensor data on their phones. The average smart phone user doesn't pay any attention to that stuff in exactly the same way that the average driver does not pay attention to stuff like oil pressure and ignition timing, most don't even think about RPMs despite it being right their on the dash. Same thing with phone users. Hell, the average smart phone user doesn't even know that turning their phone "off" doesn't really turn it off, all this stuff is 10x more arcane than that.

So loudly complaining about this stuff, including writing articles about it, is in fact the exact opposite of an exercise in futility - awareness is the first step towards change.

Re:It's too late. (0)

Anonymous Coward | about 4 months ago | (#47258945)

Before awareness is buy in.

You have to convince people that they should care. The problem with arguing privacy is that those implications are fairly abstract to the average person, most centering on dysutopian futures where the thought police drag them down to work in the acid mines based on their twitter comments or real world but very unlikely scenarios where a criminal uses your posts to find out when you arn't home and robs your house.

This convinces no one. To continue with your analogy, it's like trying to convince someone that by checking and adjusting their ignition timing every month they'll see a slight increase in power and increase the lifespan of their engine by hours.

We assume non-technical types don't care about privacy because they don't get it or understand it. A lot of people understand that they are tracked, some assume they are tracked more than they actually are, but they've made a legitimate decision that the value added to their lifestyle is worth more than any argument against that has been made.

We don't need to make aware, we need to convince.

Re:It's too late. (4, Funny)

Lumpy (12016) | about 4 months ago | (#47258851)

Dave from the NSA here, can you please move the change from the pocket with your cellphone to the other pocket? It's getting hard to hear what you are saying when you walk.

Also please go stand over next to that tall brunette to your left, her cellphone sucks and we cant get a good recording of her discussion about what her boyfriend did to her last night.

Thanks!

AI (1)

RichardDeVries (961583) | about 4 months ago | (#47258555)

a living, breathing algorithm

Wow.

Property (and Privacy) Rights (1)

orospakr (715849) | about 4 months ago | (#47258571)

This is why proper privacy and property rights must properly legally extend to data hosted in cloud services.

The private companies that offer cloud-based services are not what worry me. There are a lot of sound economic reasons (see: the devops movement) for why this kind of product architecture (where a physical product, coupled with always-on connectivity and a remote cloud-hosted service) makes a whole lot of sense. There are a lot of market incentives for these companies to clearly delineate what they will and will not use the data (and sensors) for. Moreover, there can be a large degree of diversity between the various single-function cloud services one uses (even if Nest was recently acquired by Google). People care about their privacy, but they also balance it against the utility these kinds of products offer. I have a Nest Protect, and I'm comfortable trusting it a lot more than a regular standalone. Thus, they *consent* to the introduction of such technology into their lives, with the entirely reasonable expectation of benefit.

Another great example is the Tesla Model S, which is so dependent on cloud-services that it comes with a bundled 3G modem and data plan.

However, governments see the concentrated user data in data-centers on their soil as entirely too delicious to ignore. Not only does the immediately visible claim of increased security ("we could have caught the terrorists!") tend to outweigh the more general argument for individual property and privacy rights in the political sphere, but institutional incentives on the part of powerful government agencies and their contractors to grow their mandate mean that they'll heavily lobby for such intrusions.

I think most of us geeks grew up terrified of the very idea of the Orwellian Telescreen. However, it's not the technology that's evil (many of us have plenty of devices with a camera integrated with a display), but the threat of its use without consent.

Re:Property (and Privacy) Rights (1)

Ungrounded Lightning (62228) | about 4 months ago | (#47259023)

I think most of us geeks grew up terrified of the very idea of the Orwellian Telescreen. However, it's not the technology that's evil (many of us have plenty of devices with a camera integrated with a display), but the threat of its use without consent.

My latest laptop came with a built-in, user-facing camera.

I immediately put a piece of opaque electrica tape over it - even before swapping out the hard disk for a fresh one and installing Linux.

The tape isn't coming off until I have a removable shutter to take its place.

Re:Property (and Privacy) Rights (1)

Electricity Likes Me (1098643) | about 4 months ago | (#47259073)

The Orwellian telescreen was coupled to a rather effective police state where it was considered normal for them to summarily torture and execute people.

Do you really think the problem in 1984 was the telescreens?

Re:Property (and Privacy) Rights (0)

Anonymous Coward | about 4 months ago | (#47262683)

One of the reasons they were a "rather effective" Police State was the fact that could (and did ) monitor everyone*. Through the telescreens.

*well, the outer party at least.

Re:Property (and Privacy) Rights (1)

Ungrounded Lightning (62228) | about 4 months ago | (#47267455)

Do you really think the problem in 1984 was the telescreens?

Telescreens are "an enabling technology". I see no reason to leave them, and thus any hypothetical government-or-other spy, enabled in my personal space.

The Cloud is Ruining Home Automation (1)

Anonymous Coward | about 4 months ago | (#47258575)

I am so pissed off about the way the home automation market is developing. Every single one of these products tries its hardest to make sure it is fully connected to the internet when what it really ought to be doing is the opposite - trying to minimize internet dependence. It is a goatscx sized security hole, not just in terms of being co-opted by a third party but also as this article points out - spying on you by the very company you bought the devices from.

Some of stuff coming out is freakin awesome with the potential to do things like have the lights "follow" you around the house so you never have to turn them on or off, same with HVAC and the locks on the doors. But dammit, I just can't feel safe buying them because I have absolutely no fucking control over them also stalking me in my own home. Plus there is the near certain chance that at least some of them will just stop working if the manufacturer goes bankrupt or just loses interest in maintaining the cloud infrastructure that the devices depend on. Its like an unacknowledged DRM for the basic infrastructure of your house.

Re:The Cloud is Ruining Home Automation (0)

orospakr (715849) | about 4 months ago | (#47258631)

An update pipeline, backed by a company with a good development methodology, is the best insurance against long-standing unplugged security holes. Look at all of the terrible, abandoned consumer routers full of security holes, for instance.

That said, before many folks are willing to such companies and their products into our homes, they need to earn our trust.

You *do* have ultimate control. You can elect to not buy the product, go with a competitor, or use an entirely different class of product entirely.

Re:The Cloud is Ruining Home Automation (0)

Anonymous Coward | about 4 months ago | (#47258685)

> An update pipeline, backed by a company with a good development methodology, is the best insurance against long-standing unplugged security holes.

No, a policy of restricting network access to the barest possible minimum for the function of the device is the best possible insurance because complexity is what enables security holes in the first place. Your example of routers is a terrible one because none of them are designed with the a goal of minimizing the command inputs they accept over the internet. UPNP is a freaking giant security hole and it is designed that way.

> You *do* have ultimate control. You can elect to not buy the product,

What a cop-out thing to say. You should be ashamed of trying to pull the equivalent of "if you don't like it here, move to another country." That's a tactic designed to shut up people you disagree with and is completely unacceptable rhetoric.

Re:The Cloud is Ruining Home Automation (-1)

Anonymous Coward | about 4 months ago | (#47259563)

The real annoying aspect of the modern day privacy rights advocates is they all believe their life and actions are so important and noteworthy that someone actually gives a shit about what they do or say. The world is drowning in electronic data of one type or another and by the time it could all be definitely categorized, sorted, and analyzed for any meaningful purpose on an individual basis you would most likely have died of old age. The best anyone can do know with the amount of data is use statistical analysis to spot trends and probabilities to make educated guesses. Just like polls taken today that sample 100 people and then extrapolate and apply their findings to 350 million people. If you want to keep your electronic fingerprint as light as possible use a disposable cell phone, stop posting your life story on online social sites along with the accompanying photographic slideshow, use Tor or any the other methods that can provide some level of anonymous web surfing, encrypt your e-mail using any of the available encryption programs floating around, use strong passwords and change those passwords frequently, don't purchase anything with sensor based technology in your house or car that provides for network connectivity, disable your camera on your PC (black tape will do the trick) , never click on any ads served up online (although you should already have your browser security configured so you never even see the ads in the first place), and never ever use a credit card for any online purchases. Maybe some of these ideas could help ease your privacy phobia but BEWARE. If someone really wants to target you specifically they already have more than enough information to do the job such as your tax returns, SSN, drivers licenses, personal property records, marriage licenses, and a whole host of other sources of personal information that was available before anyone ever uttered a single word about an Internet. Privacy is not about forming political action groups to scream and yell about the lack of privacy it is a personal decision where you take responsibility for yourself and your actions. You have more than enough ways to protect your own privacy you just need to apply them instead of expecting someone else to come up with the magic fix to solve all your privacy concerns. Personal responsibility has all but disappeared in favor of blaming the inadequacies or problems of your life on someone else.

Re:The Cloud is Ruining Home Automation (1, Informative)

Lumpy (12016) | about 4 months ago | (#47258837)

Odd, I work in the real home automation market and none of the Crestron, Control4, AMX or Vantage stuff is going that route. Only the very very low end self install stuff is "cloud based".

Maybe if you bought real home automation gear you would find that what you don't like is not in the real stuff, it is only present in the low end toy stuff.

Re:The Cloud is Ruining Home Automation (1)

aXis100 (690904) | about 4 months ago | (#47259133)

The problem is it can be up to an order of magnitude different in price.

There's not a lot of good reason for home automationto be that expensive, the technology has been capable for a while. The trouble has always been user base and and making it user friendly enough for a muggle to install. That's where the big tech companies have an advantage and are making some cheap, attractive devices.

Unfortunately the way this is going will set up two distinct camps - subsidised cheap devices that are cloud connected and leak privay data, or expensive self contained ones. It would be nice if there was a middle gound.

Re:The Cloud is Ruining Home Automation (0)

Anonymous Coward | about 4 months ago | (#47263765)

"There's not a lot of good reason for home automationto be that expensive"

Where did you get your CS degree? How about your EE degree? You must have PHD level degrees in electronics and programming to know a lot more than the industry leaders do.

Re:The Cloud is Ruining Home Automation (0)

Anonymous Coward | about 4 months ago | (#47259135)

> Maybe if you bought real home automation gear

Where "real" actually means hugely over-priced luxury items for 1%'ers. I am a 1%'er and even I can hear the arrogance dripping off your words.

Re:The Cloud is Ruining Home Automation (1)

Polo (30659) | about 4 months ago | (#47259569)

Do not overlook the fact that other companies will undercut you in price, just to "deal themselves in" in some fashion. Probably under the guise of "use your iphone to flush your home toilet while you're on vacation!"

Re:The Cloud is Ruining Home Automation (1)

jxander (2605655) | about 4 months ago | (#47258863)

I'm just upset that you missed an obvious opportunity to say "The cloud is raining on home automation"

Re:The Cloud is Ruining Home Automation (1)

sjames (1099) | about 4 months ago | (#47259207)

Mod parent up!

That is exactly the problem. A smoke detector's primary job is to make a loud noise when there is smoke or CO. I see no reason it should talk to the cloud for that, ever.

Even where client/server makes sense, I want a server under my exclusive control. Personally, I won't touch any of the stuff unless/until it has a published API. Part of that is because device makers tend to make crappy interfaces and part is because sooner or later it will be necessary to integrate components from multiple vendors in ways they never imagined.

Re:The Cloud is Ruining Home Automation (0)

Anonymous Coward | about 4 months ago | (#47259391)

The ruination of good ideas predates the cloud. It's totally possible to implement in vehicle communication and navigation systems without it being a total privacy violation--but that's not how most of them are built. It's possible to have properly encrypted government ID that doesn't visually broadcast your home address to everybody you show it to or electronically broadcast it to people with card readers--but they don't do it that way. It's possible to build reasonably anonymous electronic toll collecting infrastructure for roads--but they don't build it that way. They could have provided rudimentary encryption between tire pressure monitoring systems and your car, thus preventing another method of tracking you, but they haven't.

The cloud just makes lazy, stupid engineering even easier to do. It's almost like somebody wants it that way...

Re:The Cloud is Ruining Home Automation (1)

pedrop357 (681672) | about 4 months ago | (#47262845)

It's why I eschew Nest and the similar offerings from other companies for something like this:
http://www.temperaturemanager.... [temperaturemanager.com]

It costs more but doesn't need internet connectivity to customize settings.

The fact that my (free, won in a drawing) Plantronics BT earpiece needs internet connectivity to change its settings is the dumbest thing in the world. An app is still downloaded to my PC, but I need an internet connected browser to make the changes.

porn adds sent @ 5:30 PM every day.... (0)

Anonymous Coward | about 4 months ago | (#47258577)

as nest gathers that your jerk off every day at that time

How Do We Deal With It (1)

Anrego (830717) | about 4 months ago | (#47258601)

Most us hate this stuff, but it's the way everything is heading. Much like social networking, it's going to become increasingly difficult to live a "normal" life while abstaining.

So with "just don't use them" off the table, how do we at least make this more secure. My first thought would be to approach it the same way we approach it when wanting to connect two computers we can't trust and provide a limited subset of functionality. Things like well defined IDLs that define a precise message set, and gateways that are trusted which verify that only conformant data passes. In other words, let the nest have a billion sensors, but the only message your infrastructure will allow it to send out is: houseOnFire=.

Obviously completely impractical for even a geek audience. So I'm at a loss.. any other brilliant ideas?

Re:How Do We Deal With It (1)

Anrego (830717) | about 4 months ago | (#47258621)

* houseOnFire=<yes|no>

Random thought: slashdot obviously filters html to a limited subset of allowed tags. Why not warn the user that "you've got some invalid html there bro!" I know this is my fault for not previewing, but still, this seems trivial and I can't be the only one that makes this mistake occasionally.

Re:How Do We Deal With It (0)

Anonymous Coward | about 4 months ago | (#47258707)

Back when I still used my account on slashdot I really wanted an option to force a preview before a submission, the way it is for us ACs. Seems totally backwards that only ACs get that level of error-checking.

Re:How Do We Deal With It (1)

gstoddart (321705) | about 4 months ago | (#47264337)

Ummm ... in the "Allowed HTML" below the entry box for comments, there is a list of, well, allowed HTML. All not allowed HTML is going to fail.

Armed with that, and the very powerful preview button you mention, you too can avoid broken tags.

Or do you expect some pre-preview to give you a preview before the preview so you'd know what would have been in the preview if you actually used preview instead of just pressing submit?

Re:How Do We Deal With It (1)

Anrego (830717) | about 4 months ago | (#47264553)

It's not about broken tags.

It's about instinctively typing <some required parameter> when describing the syntax of something and having it unintentionally treated as an (invalid) HTML tag, causing it to be disappeared.

My point was that some kind of warning might be more helpful than just silently deleting the content.

Re:How Do We Deal With It (1)

gstoddart (321705) | about 4 months ago | (#47264609)

There is a warning, it's the preview button.

Do you want something which gives you annoying warning messages as you type?

Because, quite frankly, that would suck as bad as Beta.

It gets silently dropped because of, well, Little Bobby Drop Tables. :-P

Re:How Do We Deal With It (1)

Anrego (830717) | about 4 months ago | (#47265293)

Do you want something which gives you annoying warning messages as you type?

Or after I hit submit.

There is no case where a user is going to want a tag (or an accidentally created tag) deleted. It's always something the user does not want. There is no valid reason for a user to intentionally enter something in the assumption that it will be removed for them prior to being posted. Warning the user that invalid tags have been removed from their post (or would be removed from their post) seems reasonable.

It gets silently dropped because of, well, Little Bobby Drop Tables. :-P

This I could at least understand as a cultural thing. A fun gotcha left that way intentionally.

Because, quite frankly, that would suck as bad as Beta.

If they actually added new features like this to beta, rather than just making a shittier and less functional wrapper around what we've currently got, it might give beta a reason to exist.

Re:How Do We Deal With It (0)

Anonymous Coward | about 4 months ago | (#47258627)

We need to make fake clouds. Trick the device into talking to our own systems instead of the manufacturers. Unfortunately that's a shit ton of reverse-engineering work and probably device hacking to get your own SSL certs installed.

RMS was 100% right about how the cloud steals our freedom.

Re:How Do We Deal With It (0)

Anonymous Coward | about 4 months ago | (#47258691)

RMS was 100% right about how the cloud steals our freedom.

This is mostly obvious. RMS has had some great insights, I'll give him that, but a lot of what he says (especially these days) is really obvious even to the only group that listens to him.

What is needed are actual viable alternatives and solutions. As parent says, this stuff is here. People want it. You arn't going to convince them they they don't want it by raving about freedom.

RMS is completely detached from reality at this point. All he can do is sit on the sidelines and rave about how everything is evil and we are all evil for using it, which isn't helping anyone out.

Re:How Do We Deal With It (0)

Anonymous Coward | about 4 months ago | (#47258723)

> This is mostly obvious.

You keep using that word. I do not think it means what you think it means.

Fitting perhaps for a j random RMS flamer.

Sensors - for quakes? (1)

SimonInOz (579741) | about 4 months ago | (#47258839)

There are quite a lot of sensors, and processing power in a Nest gadget. It includes a motion sensor, and that data could be extracted to a database, giving us an absolute plethora of sensors spread across homes (ok, mainly rich homes, and certainly a lot in California).
Such a wealth of data would surely be brilliant for earthquake monitoring.

Re:Sensors - for quakes? (1)

Anrego (830717) | about 4 months ago | (#47258987)

In my completely impractical approach, it would be up to the user (or whoever controls the gateway) to decide what data the device can send.

So you also have an IDL that describes the fields, potential values, and update rates for your earthquake monitoring, that a user can either allow or deny.

Obviously it starts to become easier to slip in data covertly, but this idea is impractical anyway, so what the heck!

You really do highlight the problem though. There is a great amount of legitimate useful purpose for this kind of stuff, but there is really no easy way to control that data once it's gone.

Re:How Do We Deal With It (0)

Anonymous Coward | about 4 months ago | (#47259329)

It's not impractical, you're just approaching it wrong. I'm not interested in filtering their messages, I'm interested in preventing them entirely. If I buy a "smart refrigerator" because there are no other kinds, it won't be connected to my network. Ever. Thermostats last a long, long time and if they stop making anything but "smart" thermostats, older models will be obtainable for decades--cheaply too. Smoke detectors are decades old technology now, and while they don't last forever, there's going to be somebody making traditional units for quite a while. All these debates about smart appliances have gotten me to be a little less lazy too: I've reprogrammed my router to disallow outbound connectivity from any device other than my computer to places they have no business talking to.

As to your other premise, I used to be annoyed at abstaining from social networking because it meant I didn't know what my friends are up to. The I figured out the solution to that problem and got smarter, less narcissistic friends. Problem solved.

Re:How Do We Deal With It (0)

Anonymous Coward | about 4 months ago | (#47259655)

The problem with stopping the endemic erosion of privacy or at least security is that it doesn't work on an individual basis.

Sure, you can live without social media, and sure, you can cripple or not buy all these various "smart" devices, and you can be ultra smug about it and use words like "sheeple", but if others don't follow (and if the current situation is any indication, they won't) then privacy as an expectation erodes away, and this effects us all.

Some aspects of privacy are within our grasp, but for others we rely on law and social expectation.

Crossing your arms defiantly and exclaiming "pff, I just won't use it" is a short term solution at best.

Re:How Do We Deal With It (1)

tlhIngan (30335) | about 4 months ago | (#47260559)

Most us hate this stuff, but it's the way everything is heading. Much like social networking, it's going to become increasingly difficult to live a "normal" life while abstaining.

So with "just don't use them" off the table, how do we at least make this more secure. My first thought would be to approach it the same way we approach it when wanting to connect two computers we can't trust and provide a limited subset of functionality. Things like well defined IDLs that define a precise message set, and gateways that are trusted which verify that only conformant data passes. In other words, let the nest have a billion sensors, but the only message your infrastructure will allow it to send out is: houseOnFire=.

Obviously completely impractical for even a geek audience. So I'm at a loss.. any other brilliant ideas?

Easy, avoid the Google Protect and Google Thermostat. Sorry, but Google's hiding behind a bunch of shell companies probably in order to hide their true reach. After all, the ads you see are served by "DoubleClick", not Google despite DoubleClick being owned by Google.

Likewise, Google is hiding their home automation and spying behind Nest, because just like Google doesn't want to be known for noisy popups and popunders and malware ads, Google doesn't want people to realize they're invading your home and effectively spying on you. And don't forget the unified Google privacy policy where basically everything Google knows about you can be shared with everything else Google. (And hidden in there is information from DoubleClick and the Nest products you own),

Just like how I wanted a Nest thermostat until the moment Google bought them, or an Oculus Rift until Facebook bought them, I'll simply be shopping elsewhere.

(And a thermostat has a lot of information on you - occupancy, temperature settings, etc. Temperature settings are particularly fun - imagine what kind of stuff Google can sell you if they find you keep the temperature cooler than the average in summer, and warmer than average in winter. And the kind of busybodies who would find particular glee in knowing who are the "anti green".

Privacy worries (1)

Anonymous Coward | about 4 months ago | (#47258681)

"Don't be evil."

More products I don't want (1)

mbone (558574) | about 4 months ago | (#47258705)

I don't know why anyone would even consider having such products inside their house.

Yet Another Cartoon Comes to Life (1)

saccade.com (771661) | about 4 months ago | (#47258747)

This cartoon [condenaststore.com] is rapidly becoming reality. What? Could you speak closer to the lampshade, please?

homes of Google users (0)

Anonymous Coward | about 4 months ago | (#47258809)

No, not the homes of Google users, the homes of everyone so that Google knows what everyone is doing be they Google, Apple, Microsoft "users"

What I want next is a White list based email server that is secure and can be run easily at home so that:
a) I can kill off my gmail/hotmail/etc accounts - I can simply use my own secure server
b) White listed so that there is zero spam
c) Secure (from hackers) and uses encrypted transfer protocols (government snooping)

The less companies "know" about you the better

Re: homes of Google users (1)

Chriscypher (409959) | about 4 months ago | (#47259411)

OSx server is a ~$20 upgrade to OSx, which offers ever-decreasing (yeah, simplicity?) UI based tools to run your own mail, web, chat, calendar &etc server. You'll need a static ip and a dyndns.com backup MX account. Setup secure services. Enjoy your privacy.

Re: homes of Google users (0)

Anonymous Coward | about 4 months ago | (#47260219)

OSX mail server does not run a white list.

Given (most ?) people would get mail from about 20-30 people max it would make more sense to filter the 5% of mail in rather than wasting time trying to filter the 95% out.

If email became filtered on white lists, spam would die over night.
Make it optional for those who want to get everything
Hell it could be improved by using the whitelist to verify the MX records so spoofed headers would fail too.

email should be treated like your front door, only people you know get to come in and even fewer are given a key to your home.
Web cam on the door, and door to door sales droids can knock as long and as hard as they like, they door will not open.

Re:homes of Google users (0)

Anonymous Coward | about 4 months ago | (#47260073)

I believe your whitelist of incoming communications is the way to go.

Telemarketers made my landline next to unusable and made it very risky to take a telemarketer's call. Many telemarketers have studied aggressive social engineering techniques and I am not prepared to deal with them. Simply answering the phone was getting too risky. Telemarketers were even spoofing my bank, calling themselves "Card Services", which is also the same name my bank uses for the VISA card. Now, if my phone does not recognize their callerID, it still rings for them, but doesn't make a sound for me.

Does anyone know if telephones will still send the analog carrier between rings? That is if my end is ringing but still on-hook, can they still send tones to me? I would like to build a box that if someone was blocked, but they injected the correct sequence of tones via a touchtone pad while my end was ringing, my end could see those tones and let me know its a call I should answer? ( back in the 60's, there were little hacker boxes that worked on this principle, but I do not know if those techniques still work.)

My life became so much simpler after I stopped talking to every Tom, Dick, and Harry calling me on the phone.

I do the same with the email. If not recognized, it goes straight to an "unverified sender" folder and is archived. I have several gigabytes of crap in it I have never seen. I do not do business by email, as I log directly onto their server to communicate with them. I do not do any business with IRS or any governmental agency through email. Even the IRS loses emails! How in the hell can they hold anyone else responsible for paying attention to their emailbox when they drop the ball themselves? [slashdot.org]

I have an extremely simple little filter that scans the email subject for one character string. If it finds it, I see it. If its not there, its spam.

I Love articles written by the clueless.... (3, Informative)

Lumpy (12016) | about 4 months ago | (#47258825)

listen, Life is NOT a movie, a hacker cant reconfigure the temperature sensor into a "FLIR heat sensor" to give them ANY information other than how hot it is on the ceiling in the hallway where you mounted it. That Passive IR sensor cant be magically turned into an HD IR camera, it's a single specific function sensor that can detect if smoke has entered the chamber, you cant turn it into a spy camera. Then you have a CO sensor that is specifically designed for it's task, again cant be reconfigured as a direction Co2 and other gas sensors to detect if you have been smoking crack in the bathroom again.

the ONLY data that someone can glean from this is local mounted temperature, alarm state and CO2 levels. Nothing else. even if you left for a 4 week vacation in your Paris apartment you cant even hope to get data if the house is unoccupied unless you set the thermostat to very low and it was the dead of winter.

https://www.sparkfun.com/news/... [sparkfun.com] 6 seconds on google turned this up. It even has links to the sensors data sheets.
https://www.ifixit.com/Teardow... [ifixit.com] for the ifixit teardown

Please, if you write an article, Know something about the subject, spend DAYS researching it before you publish the information. This is why "bloggers" have zero respect and are mostly ridiculed.

Re:I Love articles written by the clueless.... (1)

plover (150551) | about 4 months ago | (#47258963)

No, the IR sensor can't be used as a camera. However, the unintended uses for the ill-minded are still plentiful. An IR sensor majes a dandy occupancy sensor, and determines when you are home or not. A power meter can reveal energy use rising as the lights come on at 6, peaking when you make the morning's tea or coffee, going down as you shut off a few lights, and then two short spikes when your garage door opens and closes as you leave. A Honeywell thermostat may even have your vacation return date programmed into it. Such patterns and data (while not exactly the same for everyone) can be analyzed to figure out when your house is most likely to be empty. Robmyhouse.com would benefit.

Re:I Love articles written by the clueless.... (0)

Anonymous Coward | about 4 months ago | (#47259005)

And you did not read anything from his links and did exactly what the Article writer did. Please Tell me HOW the IR sensor in that can be reconfigured to work as an occupancy sensor, What software makes the Infrared opaque chamber magically turn transparent? Because if you read how IR based fire alarms work, they cant see outside the chamber or they will not work.

You are doing exactly what Lumpy mentioned is wrong with the article.

Re:I Love articles written by the clueless.... (0)

Anonymous Coward | about 4 months ago | (#47259255)

You mean the links that were also in TFA?

> What software makes the Infrared opaque chamber magically turn transparent?

Big deal, the thing has a motion sensor on it explicitly to detect human body motion, don't need a "FLIR heat sensor" or a "HD IR camera" when you've got that. Guys like you are all the same, begging to be owned by hackers because you prefer the smug superiority that comes from a lack of imagination while the hackers spend days, weeks, months looking for ways to exploit the non-obvious. Do us all a favor and never, ever try to do any sort of security.

Re:I Love articles written by the clueless.... (0)

Anonymous Coward | about 4 months ago | (#47261937)

So... using a motion sensor to detect motion is now somehow "non-obvious" and exploitable? Argument failure detected.

If it has a motion sensor, it can detect motion and thus room occupancy. Note that: room occupancy. I don't know where your thermostat is in your house, but in mine, it's in the dining room on the first floor. Which gets zero traffic. Most of the time, that motion sensor isn't going to know either jack or shit about my house's occupancy status.

Do us all a favor and shove your arrogant, incorrect bullshit far enough up your ass that it never comes back out to disgrace this world again.

Re:I Love articles written by the clueless.... (0)

Anonymous Coward | about 4 months ago | (#47259167)

And that is only passive hacking.

Imagine while you are on that vacation someone decides to turn your HVAC on full-blast until it burns out the equipment or at least runs your electric bill through the roof. They even do you the kindness of tweaking the remote monitoring to lie about it in case you check in remotely to make sure everything is ok.

Re: I Love articles written by the clueless.... (0)

Anonymous Coward | about 4 months ago | (#47259049)

Also clueless is the idea that the info from extensive sensors cannot be directly used against you or combined with info from other sources and then used against you. All the info they collect is not for your benefit, it is for theirs.

Re:I Love posts written by the clueless.... (0)

Anonymous Coward | about 4 months ago | (#47259183)

> listen, Life is NOT a movie, a hacker cant reconfigure the temperature sensor into a "FLIR heat sensor" ... That Passive IR sensor cant be magically turned into an HD IR camera,

Funny, the article didn't even hint about that sort of thing. Did you even read it? Or do you just prefer to do your mental masturbation in public?

Please, if you write a post, Know something about the subject, at least RTFA before you hit submit. This is why "slashdottirs" have zero respect and are mostly ridiculed.

Re:I Love articles written by the clueless.... (0)

Anonymous Coward | about 4 months ago | (#47259221)

Actually, your zeal to criticize doesn't seem to correlate with your correctness. The article is right. The advantage of the Nest is that it tracks your location. It learns to maintain comfort when you are near, and conserve energy when you are away. The smoke alarms advertise a nightlight feature, that illuminates dark hallways only when someone walks by.

These devices track your motion in your home. They use the passive IR sensor and light sensor to know when someone is within range, and a connected home will know if you are home or away. They are designed to only work when able to transmit this data to outside your home. Does this mean the devices track you? Yes, yes it does. This is why third parties buy customer data from Nest: http://yro.slashdot.org/story/... [slashdot.org]

While I like the functionality of such devices, it is this very "smart" connectedness which deters me from investing in them. What if I don't want companies selling data about my habits within my home? What if I don't want a database to exist which lists a large part of my whereabouts? These are "privacy worries", and the article is correct to bring up this issue, to inform consumers and guide techie geeks.

How about an order of clues, all around?

Re:I Love articles written by the clueless.... (4, Informative)

Polo (30659) | about 4 months ago | (#47259643)

wrong.

nest thermostat can detect you, and actively tries to determine if you are home.

The nest protect can ALSO detect you, and well enough that you can do the "nest wave" underneath it to silence an alarm.

They also communicate back and forth so that the thermostat can turn off the furnace if there's a fire, and the thermostat can go into "away" mode when nobody is home.

The protect has two ultrasonic sensors, an occupancy sensor, a light sensor and a variety of smoke/heat sensors:

Nest protect sensors [nest.com]

I can't find a simple summary for the thermostat, but it has occupancy, temperature and humidity sensors at least.

Re:I Love articles written by the clueless.... (0)

Anonymous Coward | about 4 months ago | (#47261599)

WRONG.

It has a motion sensor. Two actually, if you count the proximity sensors that light up the screen. These are less capable than the ones found in alarm systems due to the small aperture through which they can sense.

Re:I Love articles written by the clueless.... (1)

Lumpy (12016) | about 4 months ago | (#47263789)

Is that why my nest thermostat is so bad at detecting if we are home that I returned it? Please use a source other than the manufacturer because your link is full of marketing fluff.

I Love articles written by the clueless.... (0)

Anonymous Coward | about 4 months ago | (#47260091)

Bloggers my shilling friend are highly respected by their audiences. You're talking about NEST in 2014. We're talking about NEST in 201X
when this little motherfucker will have

chemical sensors for illegal substances (smoking crack in the bathroom, cooking meth in the kitchen)
microphone for ratting you and your friends out
motion sensors
high definition camera
tamper circuit (so you can't open it and snuff out the chemical sensor or plug up the mike or camera)

and if it can't connect to google for a day or two .. someone comes knocking on your door and wants to know
"What's wrong?" (THX1138 quote for those who have seen the movie)

Google Serving Ads thru Thermostat? (1)

jimbrooking (1909170) | about 4 months ago | (#47258827)

I thought I'd seen that somewhere. Here's a source: http://marketingland.com/googl... [marketingland.com] I won't be installing one of those nifty little gadgets anytime soon. It isn't enough that the cost of a Nest Protect is exorbitant, they need to make still more money by selling ads to display on it? Evil, or just a corporation doing what it does?

Re:Google Serving Ads thru Thermostat? (0)

Anonymous Coward | about 4 months ago | (#47259409)

No, they won't put ads on your thermnostat, it is too small and that would be too annoying.

But they will use your thermostat data (along with any other data they can get their hands on) to figure out what kinds of ads you are most susceptible to so that they can maximize the response rate for the people who pay them to send you ads on your phone, on your tv, on your browser, in the mail, even the billboards on your route to work (obviously targeted in aggregate not just customized for 1 person, at least not usually).

stuff like this will never happen. (1)

NemoinSpace (1118137) | about 4 months ago | (#47258887)

This company gave you the best search engine. Then they made android. You guys like that stuff. Lot's of haters. Google is one of the good guys. (I start on Monday!)

privacy and future presidential elections (1)

doug141 (863552) | about 4 months ago | (#47259091)

I wonder what the first presidential election will be like when candidates are from the facebook generation. Companies like google, facebook, maybe snapchat will have dirt on all the candidates. Google alone will have every search the candidates ever did. Viable candidates will be only those people who are uncommonly boring, or influential enough to squelch the dirt, or trade it for favors. Imagine the power google wields... in part because they gave away their operation system, which doubles as an information vacuum.

Re:privacy and future presidential elections (0)

Anonymous Coward | about 4 months ago | (#47262569)

It will be just like it is now, except there will be a longer line of interests who are blackmailing the candidates.

This was a few years ago, but is still relevant. (0)

Anonymous Coward | about 4 months ago | (#47259119)

The "smart" appliances, of which this smoke alarm is just the latest incarnation, just feed into privacy violations like this: https://www.aclu.org/ordering-pizza

This post is not accurate (1)

Polo (30659) | about 4 months ago | (#47259515)

Protect is an alarm, the Thermostat is a thermostat.

This is actually not true/accurate, they are tied in together.

For example, if the nest protect detects a fire, the nest thermostat will shut off the heater.

I believe the nest protect is also used as an occupancy sensor for the auto-away function of the nest thermostat.

Re:This post is not accurate (0)

Anonymous Coward | about 4 months ago | (#47263607)

Which is why I'm considering putting them into a beach house I'm building, which I'll be renting a lot of the time. It will be nice to have the system detect when renters are there without them doing anything, and also that I'll be able to shut stuff way down remotely while I know no one is there.
And, the fact that they look cool helps since it's a modern house. And I don't care if google knows when the house is occupied. Half of it's glass, a crook will easily be able to check it out and break in if they want.

Google wants to test traffic. (0)

Anonymous Coward | about 4 months ago | (#47259871)

Google wants to test traffic by alerting that you have smoke in the your kitchen and then seeing how fast you drive to get home because you just don't trust that Nest protect to work properly to call the fire department.

Ah the internet of things... (0)

Anonymous Coward | about 4 months ago | (#47260343)

Truely a hacker's dream. At the risk of sounding like some old fogey, I'd like to say that I have no use for a smoke alarm that connects to the internet. None. It's not a feature I could ever use in any way at all. I fail to see any use in it. Some have pointed out that the risks here are being overblown, but I would like to to a cost/benefit analysis.

Costs:
More expensive
Slight (minimal) security risk
More points of failure

Benefits:
None

How is this shit even a thing? Who does this help? Why do people pay for this stuff?

Applications (1)

Animats (122034) | about 4 months ago | (#47260643)

Coming soon, the rapist app that finds hot women near you who are alone at home right now. The data is available.

Knock on the door (1)

RubberDogBone (851604) | about 4 months ago | (#47260807)

Knock on the door.

So, Mister..... Steve, is it? Steve. We, understand, you've been having a rough week. You've burnt the toast now three days in a row, and that's not like normal people. So tell me, Steve? Is there anything, a load on your mind perhaps, that you'd like to share and unburden yourself and return a life of making proper toast?

No?

Well then, Steven, you'd be wise to stop burning the, uh, toast. We wouldn't want you to get burned. Would not do at all.

Not so Smart (0)

Anonymous Coward | about 4 months ago | (#47261989)

A smart person will eventually figure out that everything with the word "smart" in the title, smart phones, smart watches, smart power meters, and now smart thermostats and smart smoke alarms are all spying on them. Don't worry, as soon as enough people figure this out the manufacturers will just remove the word "smart" from the devices name. Problem solved.

Need to change the paradigm (1)

EMG at MU (1194965) | about 4 months ago | (#47262925)

Smart devices are cool, the data they collect going to advertising companies and the NSA isn't.

It is obvious the paradigm should be changed. People love facebook, so why can't we make a distributed facebook where each member has a little roku type device sitting in their home on their network that stores all of their data? Each person that member connects with gets a key that is associated with contact so that you can form secure networks of friends and share data. Then as the owner of your data you can opt into sharing a limited set of that data with advertisers but only if they pay you to mine your data. That would be a positive paradigm shift.

I wouldn't mind having smart devices in my home, I just don't want them communicating to the public internet. They can communicate with a server in my home and I can control what the software on this server does. Smart devices don't have to all connect to the public internet, and we don't have to allow every smart device manufacturer to mine our data. Eventually there will be open source automation software for servers and open source software for the smart devices so we can control what they do (like tomato or ddwrt for home wifi routers).
Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?