• @[email protected]
    link
    fedilink
    English
    541 year ago

    Yet another reason why IoT crap sucks. You don’t need to put everything on the internet. This one should be obvious.

    • @friend_of_satan
      link
      English
      24
      edit-2
      1 year ago

      The “S” in IOT is for “security”.

    • GigglyBobble
      link
      fedilink
      151 year ago

      People don’t think about that. You have to register somewhere in order to use your $12.99 cam, install some app and are good to go.

      How would a someone not interested in tech know that the footage data is stored on some online server and you are at the mercy of their itsec.

      • archomrade [he/him]
        link
        fedilink
        English
        201 year ago

        Which is why these companies that are marketing wifi and cloud-polling devices should be held responsible for the data breaches and regulated more rigorously.

        It should be cost-prohibitive to design a smart device that sends data to a centralized server, but they do it because the upside value of having the data is so attractive. They shouldn’t be allowed to hide behind a ToS agreement with mandatory arbitration when their security is inevitably breached.

        • @AlfredEinstein
          link
          English
          81 year ago

          Take it up with your congressman.

          Seriously. It sounds like you have an informed and well-reasoned opinion. They’re not 100% corrupt. And they usually only hear about tech from industry lobbyists.

          Let them hear from an intelligent constituent for a change.

          • KᑌᔕᕼIᗩ
            link
            fedilink
            English
            21 year ago

            Good luck with that, your voice is going to be drowned out by all the companies masquerading as “people” whom they really represent.

            • @AlfredEinstein
              link
              English
              21 year ago

              Taking the time to get in touch with representatives at all levels of government is just good citizenship.

              Sure, there are lobbyists. But there’s me too. We can’t expect to enjoy a civilized society unless we put in the effort.

              • archomrade [he/him]
                link
                fedilink
                English
                11 year ago

                I do it when I can, but that kind of influence just can’t be done by a handful of tech-literate terminally-online weirdos. It takes a buttload of money or a massive amount of public attention to push an issue like this forward, especially when political operatives absolutely benefit from both the data and the companies involved. The political calculus just isn’t there.

                More people need to know and care about this before any legislator is going to spend political capital on it.

              • KᑌᔕᕼIᗩ
                link
                fedilink
                English
                11 year ago

                Having done this before and being told to basically get stuffed from one of their underlings I have zero faith in it. It’s basically just another token thing that’s about as useful as “thoughts & prayers” for the most part.

                • @AlfredEinstein
                  link
                  English
                  11 year ago

                  You have to be nice. You’re selling an idea that is probably foreign to them.

                  • KᑌᔕᕼIᗩ
                    link
                    fedilink
                    English
                    11 year ago

                    I don’t mean they literally told me to get stuffed. They won’t personally take your call nor read your letter. You might get lucky and they’ll let you physically come into their office but that’s about as far as you’ll get.

      • @[email protected]
        link
        fedilink
        English
        11 year ago

        The question isn’t “how would someone know…?” the question is “do you know what a hacker does?”.

    • @books
      link
      English
      151 year ago

      Home assistant tries to keep shit local.

      • @[email protected]
        link
        fedilink
        English
        11
        edit-2
        1 year ago

        depends on the device.

        If the device dont provide local connection, there is nothing home assistant can do about it. Some device will also send data to the cloud even it is locally controlled by HA.

        • @books
          link
          English
          41 year ago

          Oh for sure. But unlike smart things or any other hub, only the data that needs a cloud connection will go through the cloud…

          • archomrade [he/him]
            link
            fedilink
            English
            1
            edit-2
            1 year ago

            Home assistant is great at what it does, but the problem is too big for HA to really fix it by itself.

            It’s the end-devices that are the biggest culprits, paired with the apps installed on your phone. It’s the reason Google was basically giving away their home-mini’s the last couple years.

            If you use a smart device that comes with - or requires - an app, it’s almost guaranteed that app collects a certain amount of data from you to be sold or utilized for user profiling.

            The problem is that everyone has half a dozen of those devices already, and swapping them all out takes time, effort, and money that most people simply don’t have.

            It’s a challenge even for the truly dedicated and privacy-minded individual to know which devices are locally hosted and which ones use local internet access or a permissive phone apps to function. Even if you DO manage to keep a clean slate, there are always companies that change their policies once they have high-adoption and force cloud integration on their users. See Phillips, Chamberlain, Microsoft, Google, Amazon…

            I love Home Assistant, but it’s a nightmare trying to cut out all the unsecured bullshit I’ve found myself with even in the past two years.

        • @[email protected]
          link
          fedilink
          English
          11 year ago

          Thanks to laziness of the device manufacturers, a lot of them either expose some data endpoints locally, or just use Zigbee which can be easily paired to be used local-only.

          Those that require Wi-Fi access can be filtered on the router to disable internet access.

    • @[email protected]
      link
      fedilink
      English
      0
      edit-2
      1 year ago

      With end to end encryption, and requiring manual key transfer (no key sync), this would not be an issue.