I totally agree with you, but then I put my phone on a qi charger on my nightstand and go to sleep. It's a device with both quality cameras and microphones, so I feel a little hypocritical given that there is a non-zero chance that someone could be listening or watching through my phone.
That's a possibility, but that would require an exploit and smartphones are far more secure and actively updated. I just keep on top of security patches and hope that's enough.
With IoT there often aren't any security patches and your audio & video are just being live streamed to the OEM's cloud waiting for someone to listen in, it doesn't even require a security exploit.
It's easily abused by employees, it even happened at Tesla where they watched their customers through the onboard cameras, taking screenshots of them walking around naked, and sharing them on company Slack channel for laughs.
That's why I find it so mind boggling, the company could incidentally hire a pervert and now you find yourself being watched in your own home by someone who knows your home address. I find this scary because it doesn't require a security exploit, just a deranged mind and those are dime a dozen.
So your issue is with the quality of the firmware on the devices and not the fact that it is a camera in a private place which is connected to the internet?
I agree with everything you're saying, but you may be overstating security patches. Until recently, most Android phones only had a few years of security updates.
I guess what I'm getting at is that if I truly believed in keeping Internet connected cameras outside of private areas I wouldn't have a smart phone at all.
The problem with Teslas wasn't the firmware on the cameras, but rather the infrastructure behind it. Ideally the data would be encrypted on servers and decrypted locally when needed. This doesn't pair nicely with services that perform analytics on video streams, of course, but it's a better option for privacy.
At the end of the day I share your concerns, and I want only devices which are controlled locally. I have been making efforts to make this a reality.
> So your issue is with the quality of the firmware on the devices and not the fact that it is a camera in a private place which is connected to the internet?
I'm just making a distinction between "connected to the internet" and "streaming private data to the cloud 24/7".
Most of us use a smartphone under the assumption that nobody else has access to it, and that it's not going to send all of our data to some cloud. If someone gains that kind of access to my device, I'll have bigger problems to worry about than someone listening to my conversations, like locking down bank accounts, investment accounts and changing dozens of passwords.
> Until recently, most Android phones only had a few years of security updates.
Tell me about it, I begrudgingly buy a new device when the old one runs out of security updates. I'm not a fan of Samsung or Pixel line (which now offer longer support) so I was planning to switch to an iPhone after my current Android device is made obsolete, but I changed my mind with Apple's latest EU meltdown.
I totally agree with you, but then I put my phone on a qi charger on my nightstand and go to sleep. It's a device with both quality cameras and microphones, so I feel a little hypocritical given that there is a non-zero chance that someone could be listening or watching through my phone.