they’re probably patching a security flaw, because we live in the future now and it is perfectly normal for a simple clock to have backdoors that can read your bank accounts
“My dishwasher is on the internet!” - “Why is on the internet?” - “To download software updates!” - “Why does it need software updates?” - “To fix security vulnerabilities!” - “Why would it have security vulnerabilities?” -“Because it’s on the internet!”
I never connected my refrigerator to the internet. Why the fuck would I need Bixby on my refrigerator? I don’t even use the voice assistant on my phone.
Yeah, I’m absurdly suspicious of pretty much everything connected to the internet these days. I’m suspicious of any cameras, of people randomly happening to take a picture with me in the background. I’m suspicious of talking out loud around my phone…the future sucks.
Although, thankfully the pandemic has given me a seemingly never-ending excuse to wear something over my face at all times.
haha, same, every time someone asks me for a pic i have to choose between refusing by making something up (bad hair etc), going with the privacy infodump, or accepting and just regretting it for my whole life
The fuck a smart dishwasher gonna do, play Mozart while my dishes get smashed around inside then receive a text message later saying “Oi it’s me ur dishwasher I just finished the dishes” while it plays Mozart again but at max volume until you waddle your fatass over and press the ‘shut the fuck up’ button?
The companies BUILD IN backdoors so that they can steal your data.
But because the backdoor is built in, they have to constantly monitor and update the security around it so that “bad guys” (they don’t think they are the bad guys) don’t get in.
They only do security updates to prevent liability iirc.
The whole thing stinks.
Note: I’m not a software developer just an outraged bystander with tech hobbies and techy friends, it’s possible this isn’t true.
No need for backdoors when the front door is perfectly legal. The need to monitor for bad actors is still correct, though; mostly because they skimp on development costs and penetration testing. Like they say, “never attribute to malice that which is adequately explained by incompetence.” Or in this case, slashing budgets.
I hate Hanlon’s Razor with a passion. It’s just a way to introduce plausible deniability for cases that do involve malice. Not that this stuff necessarily is malicious, I just think it’s dumb to rule out maliciousness any time it could be incompetence.
If I were to rewrite Hanlon’s Razor today, I would update it as so: “Never attribute to malice that which is adequately explained by incompetence or indifference.” Because yes, it does introduce plausible deniability; but most of the most harmful things in our modern world aren’t malice, but simply big companies caring less about you than about their own precious profits, or politicians caring less about their constituents than about their kickbacks and campaigns.
But admittedly, the word “adequately” does do a lot of heavy lifting in the original and in my update, because I’d counter your (quite reasonable) objection with the corollary that if malice is evident, incompetence is no longer an adequate explanation.
In general, though, I’ve had simply too much experience in this world to believe that there’s a grand conspiratorial plan behind anything awful people do these days.
Good comment, I can agree with it. Though to address your last paragraph, I wasn’t trying to say that it’s usually maliciousness or best to assume it, I just don’t think it should be summarily dismissed.
I’d also say that there’s not much functional difference between a pattern of malice, incompetence, or indifference.
Totally true. Though you might address the various patterns differently (malice = legal action, incompetence = mandated education, indifference = financial penalty), the results of the patterns are often the same.
What would the “front door” even be in this case? What comes to my mind is the corresponding app on your phone, but that doesn’t really make sense in this context.
In this case, the “front door” would just be not hiding it. Normal, un-hidden APIs. A back door is usually something that the developer includes without informing the user, but they don’t need to be surreptitious; there’s no legal reason to pretend that they’re not collecting the data, and unless you’ve built your brand on privacy and security, there’s no business reason to do so either in the current cultural climate.
And given that the appliance needs to communicate with the app on your phone while you’re not home in the first place, there probably isn’t even a separate tracking API vs. data just being harvested as part of normal operations. So “back door” doesn’t really fit. “Broken by design” or “spyware” would be more apt, I think.
Still, I’m really not a fan of calling any spying/data harvesting a “front door” – IIRC, the term was coined by an FBI head pushing for back doors in our phones so the FBI could scan our messages. But he called it a “front door” as a way to dodge the reasons why building back doors in our security software is a terrible idea.
It’s just another step in the terrible trend of “let’s pretend that this horrible idea is ok if we just rename it” :(
I have been with a few companies as an engineer, and can at least confirm that you are right from my experience. Nobody really needs a backdoor to get massive amounts of data. The ToS for most software makes it so they can already do whatever they want with it. It’s pretty easy to get a lot of data just by having people use their services normally.
they’re probably patching a security flaw, because we live in the future now and it is perfectly normal for a simple clock to have backdoors that can read your bank accounts
“My dishwasher is on the internet!” - “Why is on the internet?” - “To download software updates!” - “Why does it need software updates?” - “To fix security vulnerabilities!” - “Why would it have security vulnerabilities?” -“Because it’s on the internet!”
I never connected my refrigerator to the internet. Why the fuck would I need Bixby on my refrigerator? I don’t even use the voice assistant on my phone.
Yeah, I’m absurdly suspicious of pretty much everything connected to the internet these days. I’m suspicious of any cameras, of people randomly happening to take a picture with me in the background. I’m suspicious of talking out loud around my phone…the future sucks.
Although, thankfully the pandemic has given me a seemingly never-ending excuse to wear something over my face at all times.
haha, same, every time someone asks me for a pic i have to choose between refusing by making something up (bad hair etc), going with the privacy infodump, or accepting and just regretting it for my whole life
deleted by creator
The fuck a smart dishwasher gonna do, play Mozart while my dishes get smashed around inside then receive a text message later saying “Oi it’s me ur dishwasher I just finished the dishes” while it plays Mozart again but at max volume until you waddle your fatass over and press the ‘shut the fuck up’ button?
Don’t forget lightbulbs.
https://support.sengled.com/hc/article_attachments/360041314774/mceclip3.png
Great plot for hackers 2.
The companies BUILD IN backdoors so that they can steal your data.
But because the backdoor is built in, they have to constantly monitor and update the security around it so that “bad guys” (they don’t think they are the bad guys) don’t get in.
They only do security updates to prevent liability iirc.
The whole thing stinks.
Note: I’m not a software developer just an outraged bystander with tech hobbies and techy friends, it’s possible this isn’t true.
No need for backdoors when the front door is perfectly legal. The need to monitor for bad actors is still correct, though; mostly because they skimp on development costs and penetration testing. Like they say, “never attribute to malice that which is adequately explained by incompetence.” Or in this case, slashing budgets.
I hate Hanlon’s Razor with a passion. It’s just a way to introduce plausible deniability for cases that do involve malice. Not that this stuff necessarily is malicious, I just think it’s dumb to rule out maliciousness any time it could be incompetence.
If I were to rewrite Hanlon’s Razor today, I would update it as so: “Never attribute to malice that which is adequately explained by incompetence or indifference.” Because yes, it does introduce plausible deniability; but most of the most harmful things in our modern world aren’t malice, but simply big companies caring less about you than about their own precious profits, or politicians caring less about their constituents than about their kickbacks and campaigns.
But admittedly, the word “adequately” does do a lot of heavy lifting in the original and in my update, because I’d counter your (quite reasonable) objection with the corollary that if malice is evident, incompetence is no longer an adequate explanation.
In general, though, I’ve had simply too much experience in this world to believe that there’s a grand conspiratorial plan behind anything awful people do these days.
Good comment, I can agree with it. Though to address your last paragraph, I wasn’t trying to say that it’s usually maliciousness or best to assume it, I just don’t think it should be summarily dismissed.
I’d also say that there’s not much functional difference between a pattern of malice, incompetence, or indifference.
Totally true. Though you might address the various patterns differently (malice = legal action, incompetence = mandated education, indifference = financial penalty), the results of the patterns are often the same.
Right, it’s just a front door lol. I never considered that was a thing.
What would the “front door” even be in this case? What comes to my mind is the corresponding app on your phone, but that doesn’t really make sense in this context.
In this case, the “front door” would just be not hiding it. Normal, un-hidden APIs. A back door is usually something that the developer includes without informing the user, but they don’t need to be surreptitious; there’s no legal reason to pretend that they’re not collecting the data, and unless you’ve built your brand on privacy and security, there’s no business reason to do so either in the current cultural climate.
And given that the appliance needs to communicate with the app on your phone while you’re not home in the first place, there probably isn’t even a separate tracking API vs. data just being harvested as part of normal operations. So “back door” doesn’t really fit. “Broken by design” or “spyware” would be more apt, I think.
Still, I’m really not a fan of calling any spying/data harvesting a “front door” – IIRC, the term was coined by an FBI head pushing for back doors in our phones so the FBI could scan our messages. But he called it a “front door” as a way to dodge the reasons why building back doors in our security software is a terrible idea.
It’s just another step in the terrible trend of “let’s pretend that this horrible idea is ok if we just rename it” :(
It’s difficult to monetise data if you source it illegally (except in China maybe). Nobody reads the ToS anyway so it’s not like you need a backdoor.
I have been with a few companies as an engineer, and can at least confirm that you are right from my experience. Nobody really needs a backdoor to get massive amounts of data. The ToS for most software makes it so they can already do whatever they want with it. It’s pretty easy to get a lot of data just by having people use their services normally.
Why steal what’s being given away freely.
Megaman Battle Network was prophetic. You’re just living daily life and then a terrorist kills your child by hacking the AC.
Thank you. I forgot about that game. I had meant to play it for some time.