The EFF must feel totally hopeless at this point. People are buying microphones with internet connections and sticking them in their homes. They're making the choice to buy "smart" IoT shit that spies on them. They're at a point of defending a major company selling that stuff, because they didn't instantly roll over when approached by law enforcement.
It's like... PETA complimenting a butcher on a clean kill. I don't blame them though... who knew the great battle over privacy would be lost before it even started, because people want their toaster to go online?
> who knew the great battle over privacy would be lost before it even started, because people want their toaster to go online?
I really despise this sentiment, it's quite defeatist and comes across as the "resistance is futile" talking point from the "privacy is dead" camp
What we need is some kind of spousal privilege [1] or secrecy of correspondence [2] for the internet age, ie, for IoT things. Surreptitious recordings from phones, messaging apps, "amazon echo"s, xbone cameras, etc, should be impermissible in court (or some variation on this theme). We struck a balance in the past, we can do it again.
It's easy to accuse people of "defeatism", or "alarmism", when really you just don't like the simple truth. Your idea is nice, but unless you're capable of producing a workable roadmap and seeing it enacted, who really cares? Everyone has "good ideas" and many people have good intentions, but if you can't produce results that differ from the next guy it just doesn't matter.
Unless you're Churchill rallying a nation to fight, you're in no position to accuse anyone of defeatism for pointing out the reality we live in.
My point was more along the lines of "lets stop repeating the 'give up' mantra" and move forward to "lets explore how we might rectify the situation". But alas you are also right, I did not present a shovel ready legal pathway to success.
I'm not suggesting that anyone give up, I was suggesting that the EFF must feel despair in the context of their efforts. I would argue that there is more need than ever to fight, but that fight hasn't really materialized yet. Outside of places like HN, so few people appreciate that there even is a fight, and fewer care.
That may change, but until it does, the best you can do is educate people.
> who knew the great battle over privacy would be lost before it even started, because people want their toaster to go online?
I think the issue is there are no good alternatives for the typical consumer. There needs to be a push back on companies to provide these sorts of smart home/tv/music technologies for the public in a distributed manner, i.e. components not needing to connect back to a company server but instead a local one. Sure, the average HN reader can probably set something up like that, but until a solution without tons of coding and assemblage comes along, we will be stuck in this status quo. EFF could be a starting point to rally people behind creating a market demand and supporting companies in a quest for privacy-minded solutions.
What does the typical consumer actually get out of a networked refrigerator, or a smart TV (which tend to be almost universally inferior to even inexpensive add-ons to make them 'smart')? The IoT seems to be based on virtually pure marketing spin and manufactured demand, with a really predictable resulting mega botnet.
> What does the typical consumer actually get out of a networked refrigerator, or a smart TV...
So many things. Just because you can't figure out how to use a feature, doesn't mean it's not useful. Maybe I need to see how many eggs I have left, or what temperature a corner of the fridge is, or have a way to tell when my milk is going bad?
IoT is bringing in some potentially cool stuff, but being dependent on an on-line "service", and being closed and proprietary is making it worthless.
>Maybe I need to see how many eggs I have left, or what temperature a corner of the fridge is, or have a way to tell when my milk is going bad?
And for the ability to do that without just... you know... opening the damned fridge you're willing to buy into the IoT. That's an insane tradeoff, for benefits the typical consumer would laugh at you for buying into.
Surely it would be useful to check fridge contents remotely while at the supermarket. Is it worth the (present) sacrifice of privacy and security? Imagine a fridge that is both secure and private... would you dismiss the feature then?
No, in that case it would be a fun, and potentially useful feature. That said, the use is extremely minimal, since it's really only a backup for poor planning. If you check the fridge before you shop (when making a list for example) you avoid all of this.
The truth is though, if you want a really secure fridge, it either needs to be much more expensive or... you know... just a fridge.
I haven't used a road atlas in 15 years and I stopped printing directions out 10 years ago, even for cross-country trips, because my phone is so reliable. Heck, I rarely even look up the address of where I'm going until I'm walking out the door. Is that a "backup for poor planning" or a paradigm shift?
"Extremely minimal" is debatable. You could make the same argument for GPS / phone map apps. Yes, of course you could have consulted a map before you left the house. The fact that we no longer have to is the benefit that technology has afforded us. Remote fridge viewing is in the same category.
Lets be real... GPS is a highly versatile tech that can keep time, coordinate global markets, makes Uber possible, enables GPS directions and let us not forget... also fairly useful in military applications.
A camera in your fridge, is a camera in your fridge. It serves one purpose, and it's the one you achieve by necessity every time you get anything from the fridge.
I think there's no way a camera in the fridge could do the job it needs to do (seeing through several shelves and inside drawers; not getting frosted over). I think we'd have to move to rfids on food packaging; akin to bar codes. This could help with the pantry as well.
Not sure it can help with food from your butcher or {cheese, fish}monger.
For unlabeled foods one can imagine "smart" bins capable of weighing their contents and communicating that measurement via bluetooth to the "smart" refrigerator.
How about if I'm already at the store? I can't check then. Things happen, and I don't always plan ahead with groceries. I feel like this shouldn't be a difficult concept...
And no, I'm not willing to buy into the IoT. Your talking about two different things. I'd love that on my network. Where I can control everything and use APIs to check myself. I'd never install something that had to go to the public internet.
I appreciate your condescension, but just because you don't have a use for something, or can't see how it can be done safely and well, doesn't mean nobody does.
Requires machine vision (or you telling it every time you take out an egg), doesn't have much to do with IoT (unless you want to see that from your TV or phone, that i guess you do).
> what temperature a corner of the fridge is
So many things to say, with the most prominent being that your fridge would have to have a ton of sensors. Again, not much to do with IoT (can even be analog, unless you want to check it on your office computer, ofc).
> have a way to tell when my milk is going bad
This is a lot harder then one might think. Did you buy fresh milk ? Pasteurized milk ? When did you open it ? What kind of bacteria live in your mouth/kitchen ? How long was it open ?
One could put a sensor for a specific gas in the milk package but even that has problems as the thin layer of milk on the side of the package will go sour faster but the milk itself will be fine.
Ofc, the fridge could guess. But you won't know anything for sure until you open the fridge and check. And the extra complexity means not just higher cost but also lower reliability.
> IoT is bringing in some potentially cool stuff, ..
Yes. I intend to, someday, plug a RPI to the TV and lights and put speech recognition on it. Star Trek FTW. But it is no problem living without it all. For a better living i recommend moving to a wooden house (or just putting wood on the inside of rooms), as it is a much better feeling then titanium white painted minerals.
no it doesn't. rfid, weight, a camera, can easily do this.
> the most prominent being that your fridge would have to have a ton of sensors
Sensors? in a refrigerator? the horror! How could we ever accomplish such a tremendous feat?!? /sarcasm
> This is a lot harder then one might think.
Sure, but it doesn't mean it's not possible. Just because something is hard doesn't mean we shouldn't do it. I'd argue the opposite.
> But it is no problem living without it all.
And it's no problem living without a cell phone, or central heating, or indoor plumbing, but we don't see many people running to that lifestyle very often.
Just because you don't want something, has no bearing on whether other people want it or not.
I don't know anything about you, but I do know that I know a somewhat fair amount about electronics and mechanics. I'l just respond to the first one.
> no it doesn't. rfid, weight, a camera, can easily do this.
Dirt, egg-white, temperature variations. Rfid on eggs ? I get my eggs from the market. A nice lady has chickens that lay those eggs. I get 50 of them at once, that is much more then it fits in the egg drawer. (bdw lasers are better then cameras) The best solution i can think of are actually weight sensors (your idea). But even that has immense problems in that all eggs are not equal. Meaning that the whole.. what you call the little cup they sit in.. would have to be weighted. Meaning either separate cups or rubber cups, bout of which are a reliability problem.
>And it's no problem living without a cell phone, or central heating, or indoor plumbing, but we don't see many people running to that lifestyle very often.
Hyperbole. But anyway, have you tried living in a forest ? Just because you think it's bad doesn't mean it is. (see that, i can hyperbole too)
>Just because you don't want something, has no bearing on whether other people want it or not.
I didn't say i don't want it. I explained that it is too much trouble for almost no benefit. Some such things are great. I can think of a dozen things that can be done with electronics that are nice, kind-of useful and, most importantly, actually liable (fairly cheap, reliable and fairly easy to do). An egg-counting refrigerator is not one of them.
Mind you that i love electronics. (my desk is littered with it) Would even be doing it instead of programming if it wasn't so expensive.
Well keep in mind it's often not a choice for consumers with some appliances. For example try to buy a non-Smart TV right now that is > 28" from a store; most models are going to have IoT features, web and microphone mostly, always on whether you like it or not.
It's not that people don't understand the implications of the IoT [1], but they often find the choice of do without more costly than do with IoT.
[1] I'll grant most probably won't understand how a lightbulb lets some script kiddie make the network shitty for a few hours or days, but even then if the people understood the why/how they wouldn't really get it in full.
In theory your future 'smart-grid' aggregator will give you a lower electricity tariff if you meet your 'flexible demand targets', by letting them control the cooling of your fridge. They will cool it deeper when there is an energy surplus, so they can switch it off for a while when demand on the grid is high.
The EFF is more concerned with the legal side of things. They do more than their fair share trying to inform people of what's going on but that can only go so far, it's a fact that most people do not give a hoot. The important fight is keeping laws around the stuff as sane as possible.
Right, but those people who don't give a hoot elect the politicians who write the laws. They're focusing on the one aspect of the problem they can possibly approach, but it's ultimately like a circular shoving match... utterly hopeless.
The EFF can't pressure lawmakers if they can't rally people to apply that pressure. When most people just shrug and buy an IoT toaster, it's not hard to see how this goes.
I think some of the big tech companies get it, or at least the the value of having "us" on their side, and have some influence on law makers. It might help that those people vote too, since if someone goes around saying they want legal taps into toaster, the people with the toasters might start thinking about how that's kind of scary.
Even if you don't buy the latest Google or Amazon or Microsoft or Facebook HomeSpy, the ability to get away from other devices is ... difficult at best.
And not just PocketSpys and MobileAdDeliveryTablets.
I've recently been through the experience of replacing a major home appliance for a friend. One which need not intrinsically be electronically controlled. But is. With intrinsic BlueTooth connectivity (and quite possibly WiFi, I've been afraid to ask).
After units #1 and #2 arrived DOA, with electronic faults, I went through the exercise of looking for a device without integrated electronics. So far as I can tell, they simply do not exist. Perhaps if you were willing to buy a used model from the 1990s or prior -- and even in the 90s, there were electronics, they just weren't connected to anything else.
After unit #3 arrived with exterior physical damage matching a previous shipment (and directly over a very insufficiently armoured printed circuit board), and having failed to identify an alternative, we had all three boards replaced (at manufacturer cost). That's $300 in parts, or 20% of the cost of the unit, plus labour. I'm wondering how that breaks down on a per-unit basis, though our experience suggests "poorly".
I've no confidence that the electronics are suitably protected from environmental or other damage over the life of this appliance, which I estimate will be substantially less than the 20+ years of its far more robust 1960s ancestors. Which did the fundamental job very much as well.
This, I'll add, was an experience with an expensive and major purchase, based on physical characteristics. The amount of debugging and security proofing going into the $10 - $100 price-point light-bulbs, thermostats, toasters, humidifiers, security (hah!) cameras, etc., can be at most a very small fraction of that retail figure.
I'm less than enthused.
And feel that exceedingly strict legal protections will have to be imposed on manufacturers and/or retailers.
Because I take the battery out and put the whole thing in a padded box when I'm not using it, and in general when I am using it I'm aware that the possibility exists that I'm not actually private.
Edit: Just to be clear, I don't do this because I think my life is so interesting that anyone who could snoop, would snoop. I do however believe that there's value in having a consistent set of behaviors and standards around these issues, in the same way that we do with sanitation. There is the added bonus that should you ever find the need to keep a secret, you won't give the change away with a change in your behavior.
While I'm glad Amazon pushed back, it did set some precedents and isn't exactly a victory.
They eventually handed over the data (at the owner's consent), which does two things: 1) confirms they do have data and the ability to turn it over 2) makes anyone who doesn't hand over the data seems guilty (hey, if you have nothing to hide...)
> 1) confirms they do have data and the ability to turn it over
Not necessarily. We don't know what they handed over. For all we know right now, it literally could be a single request to start a timer or check the weather.
The use of the data seems dubious assuming that Alexa has to hear the trigger word before sending data to Amazon. Judging by the traffic on my network, I'd say that's the case. I don't see a persistent stream coming from my Alexa device beyond periodic pings.
According to police records, a city utility billing and collections manager told detectives that, on the night of Collins's death, 140 gallons of water were used at Bates's home between 1 and 3 a.m., an amount of water usage that exceeded all other periods there since October 2013.
“In comparison, while all four [men] were together earlier that evening, they never used more than 10 gallons of water in an hour,” police reports said. “The amount of water used between 0100-0300 hours was consistent with spraying down the back patio area, which may have resulted in the wet concrete patterns observed on the morning of November 22nd.”
The utility department's source? Each home in Bentonville was on a smart meter, police were told, to measure and record the exact consumption of electricity and water every hour. -Washington Post
I absolutely support EFF, but it must be said that privacy and decentralization can be in conflict with Free software. Namely, by flooding the world with GPL and liberally-licensed web software, it becomes a commodity item, making "the cloud" possible in the first place, and enslaving people.
Ehh, not really, the cloud is similarly possible without free software. Indeed much of the big name cloud provider's backend software would be in-house anyway. Windows VMs exist too.
I guess your point is closer to 'free software makes the cloud cheaper', which in turn makes it easier to ensnare people..
It's like... PETA complimenting a butcher on a clean kill. I don't blame them though... who knew the great battle over privacy would be lost before it even started, because people want their toaster to go online?