The Computer Thread

Amazon devices will soon automatically share your Internet with neighbors: Amazon's experiment wireless mesh networking turns users into guinea pigs.

So just to make clear, Amazon is going to turn on a service which will open up all Amazon devices in the US for network sharing outside your own home, extending to the street and neighbours. This will be opt-out, meaning it will be on by default.

And yet another reason that the "internet of things" is pure post-digestive equine proceeds^note horseshit.

It's a cracker's dream and an IT nightmare if one of these devices gets hooked into a network. I suspect that many businesses will ask their employees to never bring any Amazon devices to work and turn off any they have if they work from home rather than deal with this headache.

Edited by TairaMai on May 31st 2021 at 11:16:14 AM

The IoT as a concept has a lot of promise, but then anyone who will actually make these devices is, y'know. Not to mention all the security problems.

I'm not sure why anyone would bring a personal Amazon device to an office. Can you imagine saying, "Alexa, play me some music," and thirty Echo devices all piping up at once?

That said, I'm not seeing the reason for this sudden panic. From my reading of the design of Amazon Sidewalk (the brand name for this technology), it's not capable of exposing networks directly; your neighbor can't hack through your Ring device to read your files or anything crazy like that.

Obviously many people will have privacy concerns, and from discussions over in the Privacy thread that group constitutes a large majority of us, but I feel like we're ultimately going to have to learn to deal with this stuff rather than arbitrarily shutting it off.

Edited by Fighteer on Jun 1st 2021 at 7:12:21 AM

I would never do it, but I would love to take advantage of it.

You can change the name Alexa responds to. But the issue here is that most IT departments would want to avoid any exposure by just saying that any Amazon device is verboten in the office network or the VPN for those working at home.

Amazon had to fix a vulnerability in their Ring devices. And that's what they know about.

So, no, I'm still not getting any "internet of things" devices or Alex/Google/Siri crap.

My apartment is like a horror movie for Zoomers:

Edited by TairaMai on Jun 1st 2021 at 1:07:16 PM

Thankfully, I do not own any Amazon devices.

I reject DVDs because the visual quality is bad.

Oh, God we're the Technologically Blind Elders!

Never mind the Zoomers, even 30-somethings seem to believe that no one buys DV Ds and C Ds any more. Never mind that both seem to be doing just fine, even if they're not sold in brick stores any more.

I, too, am avoiding having any devices in my home that are always on and listening to everything I say, simply out of principle.

There's a linguistic theory that early Europeans started calling bears "the brown one" or "honey eater" because they believed that calling them by their true name would summon them. Our descendants will probably learn to find similar ways to obliquely refer to household chores, just to avoid accidentally awakening the ever-listening Alexa from her slumber.

Yeah, I can't say I'm a fan of those either. I don't even like keeping my webcam plugged in.

I keep my webcam aimed up when not in use so someone hypothetically hacking it can only get a picture of the inside of the upper shelf of my desk. We have several Amazon devices but not any smart doorbells or security cameras. Honestly, if you maintain proper authentication these things are reasonably safe. My wife is the techno-Luddite of the household and she's not worried about it.

The overwhelming majority (99.999 percent) of people do not have to worry about zero-day attacks or targeted hacking campaigns because there's no money it in for the hackers. Just maintain basic safe practices and you'll be fine; this includes not seeking out illegal or unethical online content. Enable your firewalls, update your firmware, run an antivirus, etc.

The big money targets are companies. That's where security efforts need to be focused and where they are currently lacking to a frankly alarming degree.

Edited by Fighteer on Jun 2nd 2021 at 8:28:35 AM

I just don't plug my webcam in until I need it. I have enough wires going around as it is and it's distracting, even before any potential privacy concerns come into the picture.

The problem with a lot of connected things is that they still are security risks and the companies act like their privacy stealing antics are no big deal.

Microsoft livestream to show off what's next for Windows on June 24th at 11 am EDT.

There are different categories of risk and it's important not to conflate them.

A security risk could allow intrusion into a system by unauthorized parties. IoT devices have been shown to pose many such risks, especially as they get infrequent (if any) updates to correct exploits found in their software. There are ways to mitigate the risks, such as setting up mesh networks with the ability to identify/block compromised devices and never fully trust any of their components.

For example, your home network should not be capable of being exposed to someone who has hacked an Amazon device operating in mesh mode.

A privacy risk could allow collection of data about you in ways that you may not desire or permit. Security risks may create privacy risks as well, but most such risks come from intentional data collection by software vendors. There are many ways to mitigate privacy risks: do not use devices or software that collect such data; opt out of data collection; use operating systems that enforce strict data collection rules on apps; and so on.

Ultimately it is your choice whether to use any website, software, or device that could pose such risks.

Edited by Fighteer on Jun 2nd 2021 at 4:52:54 AM

Largest collection of passwords ever has been leaked online ...Goes without saying, if you haven't changed your passwords yet, um, you should get right on that.

Be nice if they said which passwords had been leaked,as it is its amazingly vague

There's a link to a site where you can check if you look at the last paragraph.

Note that many password managers, including Google Chrome's, will notify you if your stored passwords are involved in any exposures.

Yeah, my Chrome passwords page says I have eight compromised. All for places I can't get into to change them anyway. Argh.

I should also note that, for any sites that allow it, activating two-factor authentication can keep your account safe even if the password is compromised.

And ideally it should be a discrete device since there's been cases of phones being spoofed to get past 2FA apps.