My roommate has a phone. I didn't think much of it until he said "Ok Google" while cooking.
What am I supposed to say here? I don't like microphones being always on either, but it's his phone and his home too. I can't escape the millions of cameras around the city or the constant internet trackers. We should have had regulated this stuff decades ago.
i mean, is it any different than having any other conversation that potentially involves interpersonal conflict?
if it's important to you and you're willing to burn social capital on it, just politely ask that he not use it when [your boundaries here].
if you come to an impasse, then there's not much to be done other than part ways. i'd imagine this is similar to any other incompatible roommate situations, e.g. someone whose recent significant other recently started coming over and has annoying habits.
I think the idea is that, rather than fight hundreds of small battles like this every day, we should collectively agree (through democratic political means) what's acceptable without explicit permission.
Well if you care about it so much, contribute either money or code and create ecosystem with the same level of layman UX. It's difficult to get legislation when you cannot demonstrate alternatives that do not severely reduce convenience. This is a forum of overpaid software engineers. Distributed neural network training isn't science fiction anymore. Go ship or pay others to do so.
Brave and DuckDuckGo built entire businesses on the premise of privacy. Many an arrogant reader here HN have no qualms claiming that they can replicate Facebook in a weekend.
Go forth and walk the talk. Yet another Mastodon client is cool, but do you know what's cooler? A production quality OCR competitive with Google Cloud Vision API, voice transcription on par with AWS Transcribe, or personal assistants with the ubiquity of Siri.
Rather than working to devise "voice transcription on par with AWS", maybe we can also decide that some things are not necessary and should remain in the scifi realm. The novelty of yelling "Ok google navigate to...." wore off fairly quickly especially when I could just as easily type it. I use the "set an alarm for.." more often though. But really, imagine all the infrastructure required just so people can set alarms and timers with their voices!!!
I care about it enough to contact my local representative (my MP because I'm in the UK) and he agrees with me that there should be explicit legislation to control the use of these technologies. The EU's GPDR is a step in that direction when it comes to things like automated decision-making. Open source is not a solution here, and to suggest otherwise seems like it misses the wood for the trees. Besides which, I hardly think that restricting the use of cameras on doorbells (which is what this sub-thread is about) is "severely reducing convenience."
Do I have the freedom not to be filmed by your doorbell and have it sent to the police without even your permission to be processed and stored for however long they want and possibly used against me at a later date for something that isn't even a crime now?
If you're walking by my house, you're in public, and you have no expectation of privacy. (Actually, that's not true -- my house isn't visible from the street, so if you're on my cameras, you're definitely on my property.)
If you're visiting me, you're on my property, ditto.
Any attempts to "fix" this will only make the world worse in the end. The people you empower to enforce your opinions about privacy in (semi-)public places will begin by exempting themselves from whatever well-intentioned rules you have in mind.
(Shrug) If Google can film public areas, then so can I.
See, that's kind of the whole idea behind public areas. You aren't entitled to any expectation of privacy there. That's why they're called public areas, and not private areas.
I have zero objections to you recording your porch or driveway or whatever 24/7. Just don’t send it to amazon or google where they face match me and use their clever algorithms to extract money out of me at a store or something. Keep the video to yourself.
I hear you, certainly. I have cameras on my front porch, but you don't need to worry about the footage ending up in the hands of the police unless you actually commit a crime against me or my neighbors. And you don't need to worry about it being sent to Amazon in any event, because that's not going to happen, ever.
But I don't know how to give you the guarantees you're asking for without harming my rights, and ultimately yours.
The distinction between could could and should? Or the distinction between private and public? Because all are debated on a regular basis, vary by jurisdiction/country, and are not black and white. Take the issues surrounding filming police officers in public is an example.
Take the issues surrounding filming police officers in public is an example.
Right, and that's a good example of what I was talking about in my earlier reply, with regard to any attempt at "fixing" the Ring situation leaving us in a worse place than where we are now.
Currently, in the US, you have the right to put up a doorbell camera and record anything that happens on your property or in public areas adjacent to it. This is a GOOD thing. Rest assured, any restrictions on public/private recording will serve the police, and no one else.
The problem is that this is not your data alone. These devices are cloud hosted and subject to subpoena (at best). Indeed any restrictions on these recordings will serve the police.
Recorded phone calls without consent in some states is still inadmissible as evidence in court. Surely at least that law would protect the person in the other end of the lens.
Those laws are just further examples where the powerful have shielded themselves at our expense. Corrupt cops and public officials have more to hide than you and I do, so they have more to fear from being recorded.
It is different. The reason it is different is that when things like always on microphones are legal it implies that they are safe. My roommate isn't technically savvy. He works as a project manager of in construction. He's a great guy, but we didn't talk about always on mics when we first met and frereubu is right that fighting battles like this isn't the way to do it. Legislation should solve this problem.
Legislation does absolutely nothing when the people aren't involved. When people are not involved, it almost always gets usurped to remove rights and privilege from the common person.
Thus you and your roommate should be talking about these things. To remain silent is to remain complicit.
There are quite a few reasons. First of all the recordings made by voice assistants aren't connected to your identity (or at least most people don't expect it to). Uploading it yourself for the world to hear links it to you in the minds of most people.
Second of all most people expect that the recordings made by voice assistants aren't going to be shared beyond the walls of Amazon/Google. A few random contractors you won't ever meet hearing you feels different than the entire world including people you know hearing it.
Lastly, Amazon/Google has a good reason to listen to the recordings: improve the technology so it works better for everyone including you. Random strangers have no good reason to listen to recordings of you, only bad reasons.
It really bugs how most people here seem to go "oh if you like using voice assistants why don't you just share everything with the whole world?" Privacy is a spectrum, not a binary choice. Somebody can be comfortable with Amazon/Google using the audio and not be comfortable with a live audio stream accessable to everyone on the internet.
Why should his desire to not have voice assistants in the house trump his roommate's desire to utilize the technology they paid for and want to use? These are both subjective opinions and neither one is better than the other.
However I do agree that 3pt14159 should talk to his roommate about it if it bugs him so that they can come to an understanding.
> Why should his desire to not have voice assistants in the house trump his roommate's desire to utilize the technology they paid for and want to use?
One thing is about security and privacy (important), while the other is about convenience (trivial).
That the roommate didn't even consider the security and privacy of other people is Not Ok. It seems fairly common in this early stage of voice assistants, so having a discussion about it may resolve things.
I have had first hand experience (several times) with ads being shown immediately after a conversation that were spooky at best and tin foil hat inducing at worst...
I tried it in a restaurant once with a conversation with the word “hottub” about 30 times. Two of the three of us at the table got hottub ads on google minutes later. I’m looking forward to the documentary in 20 something years about the things these companies are doing.
Law and regulation are always lagged behind of new technology. I think there is going to be a pivotal moment (maybe the introduction of GDPR was already) when we start to go after our privacy. My apartment is also free of Google, Amazon, Facebook microphones. Unless there is a vendor that gives me a device that stores data a way that only I can access there is no way I am going to buy any of these devices.
Yeah it's dystopian as hell. What an incredible amount of waste, too. The storage, the engineering hours that go into it, the electricity and bandwidth...all to track you a little better so you can be sold more shit.
Yea... if there is real value in something I adopt it. But only if it actually decreases a life complication. Many times the overhead involved isn’t worth the gain (to me at least)
I revisit the idea of a NAS at least once a year... each time I come to the conclusion it is more hardware to configure and keep up to date and just not worth it (being the fun of it)
I can't share this sentiment that it's all to track and sell you shit. It probably started out as a good idea, a virtual assistant that can tell you stuff by you just asking it with natural speech. But since this is capitalism, sadly someone asked "But how can we make money out of this?".
More and more I feel the whole system is designed to make people feel isolated and paranoid. And products like these are part of that cycle. People buy this stuff because they are afraid. But it doesn't help it does the opposite.
I do actually... but I also don’t have much need for them.
I have two web cameras in the kids‘ rooms, but they are fully fire walled and have zero external access. But now that they aren’t infants... do we need them?
I do backup our pictures and documents to an external provider, but the backups are encrypted and not browsable per say.
I have no need for a fridge that orders groceries or a thermostat I can control from the office...etc.
Ironically, I write software for a living and love computers... I just value privacy more than most I guess.
Wow...that Mozilla page that rates a bunch of products by how creepy they are [1] is very confusing. The first time I looked at it, I got the impression that it was telling me that Ring, for example, is rated "Not creepy!" when in fact it rates it "Very creepy!".
There are two ways it can mislead.
1. It appears that the items are sorted by creepiness, but in the table of products there is no indication of how creepy the product is. Instead, they have an indicator above the table that starts out "Not creepy!" and as you scroll down through the table that indicator goes through various levels of creepiness.
So let's say you are wondering about Ring--you are ready to buy but first want to see what Mozilla says. You go to the page, see "Not creepy!" and an array of products. As you scroll through the products looking for Ring, the only indication that the creepiness level is changing is that indicator at the top. If you don't notice that it changes, it is easy to assume the whole array is the "Not creepy!" section. Then you hit Ring, think it is "Not creepy!", and head over to Amazon to buy one.
I only noticed that this was not how it works because I scrolled to the end of the page, didn't see another array for the more creepy products, and only then realized what is going on.
2. Changing the filter settings does not change the creepiness indicator. If it is showing "Not creepy!" products, and you go change the filter settings to only show more creepy products, it shows those products, but still says "Not creepy!". It only updated the "Not creepy!" to whatever the creepiness level is for the shown products when you next scroll.
This page would work a lot better if it simply had separate sections for "Not creepy!", "A little creepy!", and so on.
> Wemo says it encrypts all communication between the app, cloud and device and takes privacy and security "seriously."
Consider
1) the multiple security breaches that pop up every week, usually following quite dumb holes (unprotected elastic search, unencrypted reset commands, etc.). I have 0 trust in how these companies store my data.
2) the relative longevity (lack thereof) of these companies that still function on investors money, which means that best case scenario your device is now a brick, worst case your data now belongs to a company the likes of Google that doesn't care (or are planly hostile) for your privacy.
My wife reaaaally wanted cameras in our house, I took ubiquity and didn't connect it to their "cloud", that's the only thing I somewhat trust
Beware. I assume that you are referring to Ubiquiti Networks. A few weeks ago, the company was caught sending telemetry on their UniFi wireless routers.
Oh I haven't given up at all. My cell phone service expires Dec 10 never to be renewed.
The massive amount of data your phone collects about you is quite relevant. Thanks for the downvotes which have now
throttled my new account, and given me a bit of a bad impression of the community here.
Can you explain what you mean by "your handle betrays you?"
You're new here. I suggest you read the rules of you haven't (it's to get an idea for how comments are handled and expectations). Comments tend to get downvoted if they do not add to the conversation. I'd give it a bit of time to learn how HN works before making up your mind. I get downvoted all the time, but if you're posting comments of value you can expect your karma to increase over time.
> "Customers have to consent to allow Ring to share the doorbell footage with law enforcement, but "once they have access, they can save it indefinitely," says Rebecca Ricks, a Mozilla researcher who worked on the report."
Sure, but once the bits exit a closed network, how do you have any idea where they go?
Even if encrypted, there is no way to prevent the recording of data for some future brute-force attack.
I'm confused about the issue with Ring here. The primary complaint seems to be that users can share data with police if they want and that police can then save that data. Ultimately that's product agnostic; someone could easily take footage from any camera and show it to police voluntarily, and users could always be compelled to hand over footage of a crime with a warrant. People have zero control over how neighbors use their personal cameras and I don't see why that should impact personal buying decisions, even if you decide to never share data with police. What's the problem?
That's not my point. If we want to talk about the societal impact of mass security camera adoption, fine, but that has little to do with picking a Ring camera for personal use specifically. The only thing that differentiates this from other security camera products is that it's marginally more convenient for police to get access to data if the user wants to submit it. The advice in the article is silly because it doesn't say "don't get a camera because it's helping to create a police state", it's saying "just don't get this one camera".
My minor kids' photos in some company's database, tagged with neighborhood data which points to where they live, correlated with what characters they like based on costumes, correlated with their age based on their height and so and so forth..
Now if the said company can connect my kids' photos with their identity based on some other database, it will have a lot more info on them to sell ads and for other nefarious purposes.
Just one scenario I can think of... There may be others.
Do you actually believe this is happening? No offense, but what you’re describing sounds like a paranoid fantasy. Moreover, I’m sure your kids value candy more than privacy.
Also your kids have probably been caught on video hundreds of times at convenience stores, streets, wherever. If you actually wanted to avoid them being on camera at all, you would have to lock them in your house and things would turn out like the movie Dogtooth.
It’s not possible to completely protect your privacy unless you make some very hard and costly choices like moving into a cabin in the woods or living a completely isolationist life without internet or contact with the outside world. Unless you want to make these sacrifices for a very dubious benefit, it would probably be better to just worry about something else.
Personal and social information of 1.2B people discovered in data leak
Fourth paragraph of the story:
For a very low price, data enrichment companies allow you to take a single piece of information on a person (such as a name or email address), and expand (or enrich) that user profile to include hundreds of additional new data points of information. As seen with the Exactis data breach, collected information on a single person can include information such as household sizes, finances and income, political and religious preferences, and even a person’s preferred social activities.
Each time a company chooses to “enrich” a user profile, they are also agreeing to provide what they know about the person to the enriching organization (thereby increasing the validity of the organization’s future results). Despite efforts from social media organizations like Facebook, the resulting data continues to be compounded, creating a situation with no oversight that ultimately allows all of a person’s social and personal information to be easily downloaded.
Extrapolate present AI, facial-recognition, location tracking (cell phones), voice-recognition, and integrated databases. You're already 99% of the way there.
The issue is not necessarily whether this is happening now, but whether this is feasible in practical terms. If it is, then you need to have a very strong sense of trust that this capability won't ever be used against you in the future. There are many examples throughout history where this trust was eventually abused. In the last few days 1.2 billion text records of "enriched" data about people was found in a publicly-accessible Elasticsearch instance. How long do you think it will be before those records contain facial recognition?
What I'm describing is a rather simple system. If I had access to Rings database and Google's database, I can personally create that system and I'm a very ordinary engineer.
Regarding the rest of the comment: I'm just trying to avoid what I can and delay it as long as I can to find a healthy balance. Else why worry about privacy at all.
There's a vast difference between CCTV for security that's generally overwritten once a week and data that's stored without consent of even the owner of the device specifically to profit off of your behavior. We are well past time that this information needs to be protected and regulated because this is our information about us and we have no control over how it's being used.
Edit: you've broken the guidelines quite a bit, I'm afraid. Would you mind reviewing them and taking the spirit of this site more to heart? We're hoping for thoughtful conversation here, a little different than internet default.
Pi-hole is great, but it's not going to help if the designed purpose of the device is to send data to external servers, or if the device bypasses the network's DNS server, especially with the advent of DoH.
The right way to do this is set up a VLAN that can't get out to the Internet and is segregated from your own devices except via inbound connections from a Firewall. I've done this with cheap Chinese IP Cams and much other IOT garbage that has either been reverse engineered and/or presents some form of local network access.
It depends on the device and whether they use your network's DNS server or their own. In my experience Roku devices are easily blocked with a pi hole, for example.
In my experience with Roku TVs and the Pi Hole, this only works when the Pi Hole is set as the DHCP server. Otherwise, the TVs will only show up on the admin panel sporadically (meaning that blocking the requests that TVs make is not happening). Once I used the Pi Hole as the DHCP server, every request that the TVs make show up.
I recently bought a house and it came with a Ring doorbell. I dont care for it. I would of never bought one. I do have additional Wyze cams though for my blind spots and the back of the house. I definitely dont ever want to see activity back there.
The Wyze cams app is somewhat similar to the Ring app you can see videos people share with Wyze but thing is they have to email those videos in. Wyze says they End-to-End encrypt videos they upload to their cloud. If you dont trust them you can buy surveilance SD cards and use those instead. For $20 a pop though they are great. I only use them facing outside my house. I only put one facing the inside when out of town.
My alternative was going to be Raspberry Pi Zero W's and EyeMotionOS if anybody is interested in alternatives. Only reason I didnt get those is cause I couldnt decide on the camera to get and also I had a suspicious person (realize now they were likely just lost) stop partially on my driveway. So I bought a bunch of Wyze cams.
Another neat thing about thr Wyze cams is they shove an AI into a $20 camera to detect people. Their video on the matter can be seen on YouTube. It is impressive.
How do you route power to those Wyze cams though? And just so you know, they send their video to the cloud as well. I wouldn't be surprised if they send it to China in fact.
They take power from a usb plug. You can flash the camera and use it as a plain streaming 1080p camera ( you can't return it to being a Wyze cam after that though ).
That'd also remove person detection and force you to record everything though. Hardly desirable. I only want it to record when there's something worth recording.
>Speaking of Amazon, one of the longest-running and popular tech products, the Kindle e-reader, got called out in the report for not having a lock-screen. Anyone can pick up a Kindle and get right into it.
I don’t understand the issue here, and it frankly feels like a manufactured outrage from a minority group of activists. If customers voluntarily release a segment of video to law enforcement, so what? That’s their right. People do so in the interest of preventing crime. I don’t have any cameras myself but I completely sympathize with neighbors who have Ring cameras given the huge uptick in property crime here in the last five years. I’m all for amazon building in facial recognition that works across their network of Ring customers and their cameras.
As for the indefinite retention - what do you think happens if you were to give the police evidence that helps nab a criminal in a non-IoT world? They store it and retain it. Why would this be any different?
You don't need a Ring, you can set up your own IP cams and there is plenty of software out there. While I don't think it is necessary for everyone I've caught tons of stuff on video, including neighbors snooping in my back yard, cops walking around the property, neighborhood cats using the yard as a toilet, the county inspector doing a tax inspection, and more than one person walking up to the camera, seeing it, and then turning around. This was in an average neighborhood in northern California so YMMV if you live in a different area.
Yes, I have full ONVIF camera coverage of my property with local storage and s3 as a backup. If something happens including theft of my NAS i am covered. I don’t want to be afraid. I do the best I can. I accept 20/20 hindsight.
Fear mongering? Property crime is up in many cities. That’s real. The fear mongering is from those attacking Internet-connected cameras and creating a fake outrage when people are just exercising their constitutional rights to record video and exchange information. The entire notion that voluntary disclosure of information will lead to a dystopia is not just the slippery slope fallacy but also ACTUAL fear mongering in action.
And yes it is proper to suspect door to door salesman. Many are criminals casing homes and pretending they are someone else with an alibi. Having them on the radar is appropriate.
I don't know how to say this any nicer than this: I'm sorry you live in such fear. It isn’t normal and you should figure out why and work to fix it.
I live in one of the most densely populated areas of the country. I've been here for a decade. Not only have I never seen so much as mere property crime (and it is "mere"), I don't have any reason to fear it. T the contrary--I have a greater reason to fear the unregulated panopticon the fearful wish to impose upon me.
Your attitude makes society worse and you should rethink it.
You are accusing me of living in fear and yet you’re painting a picture of a “panopticon” that is itself fear based and hypothetical, whereas my fear has real crimes and statistics behind it. We retain police forces because deterring crime and catching criminals is important. Making the job of the police easier helps society get better, not worse.
Your position seems to be that we should be ok with criminals being free and out at large, potentially victimizing others too. Have you ever been the victim of a crime? Like an assault or burglary? If someone gets raped do you tell them “it isn’t normal to be fearful and you should work on fixing that?” This seems like textbook victim-shaming to me. Helping solve crime is not the same as a dystopia.
See, the thing is--I'm reasonable. If you want to run your own security system, stored locally, and provide that data to and only to the police when and only when a crime occurs? Fine. We can deal with that as a society and as communities. But the thing is, even that is horseshit. It's not "helping solve crime". Even with a photo ID, the police in most jurisdictions are not going to go out of their way to do anything about property crime. (Nor, really, should they, unless somebody's actually harmed.)
Privately managed, secure, local and unshared recordings are fine. Ring and other scumshit "security" peddlers? It's a gimmick for data-slurping corporate-interest assholes to get additional on-the-ground data about people for whom there was no attempt to acquire permission, let alone any moral right to do it. That's why these things exist. Don't fall for the fucking okeydoke.
What does skin color have to with this? That seems like reckless alarmism. Humans are in the loop to validate facial recognition matches. It’s a first pass filter.
Ring cameras aren’t grainy. These are new, 1080p cameras, many with night vision capability. And again, if a human is in the loop then you are talking about a problem that is orthogonal to cameras - would a police officer jump to conclusions based on a poor, grainy match on non-IoT cameras or on photographs? Maybe on rare occasion, but the vast majority of the time, they wouldn’t.
None of this crappy IOT stuff will enter my home.