undefined | Better HN

0 pointsdns_snek2y ago0 comments

Too many. I've consulted with friends who installed "smart" security cameras and other IoT devices. I really spelled it out, saying that there's a very real possibility that one day they'll find out someone's been listening in on all of their private conversations (audio) or watching them through their own cameras.

Responses typically range from "I'm not that interesting" to "I really don't care". I think it's too abstract of a threat for most people to take seriously before it happens to them.

0 comments

fullstop2y ago

Where do you charge your cell phone?

I totally agree with you, but then I put my phone on a qi charger on my nightstand and go to sleep. It's a device with both quality cameras and microphones, so I feel a little hypocritical given that there is a non-zero chance that someone could be listening or watching through my phone.

dns_snekOP2y ago

That's a possibility, but that would require an exploit and smartphones are far more secure and actively updated. I just keep on top of security patches and hope that's enough.

With IoT there often aren't any security patches and your audio & video are just being live streamed to the OEM's cloud waiting for someone to listen in, it doesn't even require a security exploit.

It's easily abused by employees, it even happened at Tesla where they watched their customers through the onboard cameras, taking screenshots of them walking around naked, and sharing them on company Slack channel for laughs.

That's why I find it so mind boggling, the company could incidentally hire a pervert and now you find yourself being watched in your own home by someone who knows your home address. I find this scary because it doesn't require a security exploit, just a deranged mind and those are dime a dozen.

fullstop2y ago

So your issue is with the quality of the firmware on the devices and not the fact that it is a camera in a private place which is connected to the internet?

I agree with everything you're saying, but you may be overstating security patches. Until recently, most Android phones only had a few years of security updates.

I guess what I'm getting at is that if I truly believed in keeping Internet connected cameras outside of private areas I wouldn't have a smart phone at all.

The problem with Teslas wasn't the firmware on the cameras, but rather the infrastructure behind it. Ideally the data would be encrypted on servers and decrypted locally when needed. This doesn't pair nicely with services that perform analytics on video streams, of course, but it's a better option for privacy.

At the end of the day I share your concerns, and I want only devices which are controlled locally. I have been making efforts to make this a reality.

1 more reply

j / k navigate · click thread line to collapse

0 comments

fullstop2y ago

Where do you charge your cell phone?

dns_snekOP2y ago

That's a possibility, but that would require an exploit and smartphones are far more secure and actively updated. I just keep on top of security patches and hope that's enough.

With IoT there often aren't any security patches and your audio & video are just being live streamed to the OEM's cloud waiting for someone to listen in, it doesn't even require a security exploit.

fullstop2y ago

So your issue is with the quality of the firmware on the devices and not the fact that it is a camera in a private place which is connected to the internet?

I agree with everything you're saying, but you may be overstating security patches. Until recently, most Android phones only had a few years of security updates.

I guess what I'm getting at is that if I truly believed in keeping Internet connected cameras outside of private areas I wouldn't have a smart phone at all.

At the end of the day I share your concerns, and I want only devices which are controlled locally. I have been making efforts to make this a reality.

1 more reply

j / k navigate · click thread line to collapse