Sponsored

Amazon just started sharing your internet connection with your neighbors

69mach1-395

Well-Known Member
Joined
Dec 4, 2014
Threads
34
Messages
1,784
Reaction score
773
Location
central nm, usa
Vehicle(s)
2016 RR GT/CS
Exactly why I won't bug my house with any of these items...
 

mindo389

Well-Known Member
Joined
Nov 28, 2019
Threads
9
Messages
351
Reaction score
448
Location
Louisiana
First Name
Charles
Vehicle(s)
2015 Mustang GT 5.0 50th AY Appearance Pkg.
Vehicle Showcase
1
So is George Orwell a prophet? (Animal Farm & 1984 books)
 

Seven

HPDE for me
Joined
Jul 24, 2014
Threads
24
Messages
117
Reaction score
59
Location
Charlotte NC
Vehicle(s)
18 F150 Platinum Diesel FX4 / '16 Audi S3 Viper Green APR Stage 3+ / '19 GT350R / 17 Camaro SS 1LE 575whp all motor (sold) / '15 C7Z 650whp (sold)
As someone who actually works in software, The title is mis-leading and the comments regarding security in this article are anecdotal at best and fear-mongering at worst.

Sharing bandwidth in the way stated in the article doesn't mean someone who would nefariously get access to a neighbor's smart light bulb would then have access to your wifi network. Hell, hacking into a neighbor's IoT device wouldn't even give access to much of the neighbors network. IoT devices are very specialized and the specialization itself is the security.
IE your smart bulbs do very specific things and that's ALL they do, so someone could hack into your bulbs but likely the worst they could do is annoy you by changing the light color or turning them off/on again - not exactly enough for identity theft, and definitely not worth a hacker's time.

That said, I'm much more concerned with what devices I have in my home because of who has access to the DATA than access to my home. IE why I don't use Ring but instead use Arlo, as Arlo doesn't sell customer data to 3rd parties (at least for now). It's also why I recommend anyone with a Roku Product to get a pi-hole device or similar.

Anyway, I personally don't buy amazon Alexa/Ring/Echo products because I don't like what they do with data gathered from me (or how much data they gather), I don't mind using smart bulbs or smart sockets though.
 
Last edited:

Sponsored

Shadow277

Well-Known Member
Joined
Nov 17, 2019
Threads
133
Messages
1,285
Reaction score
425
Location
Arizona
Vehicle(s)
2016 Mustang GT 2012 Corolla

Seven

HPDE for me
Joined
Jul 24, 2014
Threads
24
Messages
117
Reaction score
59
Location
Charlotte NC
Vehicle(s)
18 F150 Platinum Diesel FX4 / '16 Audi S3 Viper Green APR Stage 3+ / '19 GT350R / 17 Camaro SS 1LE 575whp all motor (sold) / '15 C7Z 650whp (sold)
Yup. Nothing to fear people. Just like Vizio NEVER planted microphones in their TVs to spy on us. They just donated 2.2 Million to Uncle Sam cuz they love him.

https://www.cnet.com/how-to/disable-vizio-smart-tv-spying/
That is hardware (microphone) from a chinese company and a regular internet connection.
Has literally nothing to do with how IoT works or even really to do with the technology involved in Sidewalk. (Which I actually explained in my post and you chose to omit in your quote)

That said, if you're worried about the type of stuff Vizio did, at least pay attention to where your hardware is coming from. (software too, looking at you Tik Tok)

Also - a Pi-Hole that I mentioned before would also have eliminated the issue with Vizio TVs, just saying.
 

jacknifetoaswan

Well-Known Member
Joined
Jan 6, 2016
Threads
63
Messages
1,527
Reaction score
827
Location
Charleston, SC
Vehicle(s)
2016 Race Red Mustang GT Premium Performance Pack
Anyway, I personally don't buy amazon Alexa/Ring/Echo products because I don't like what they do with data gathered from me (or how much data they gather), I don't mind using smart bulbs or smart sockets though.
Yeah, absolutely. My wife bought an Alexa when they first came out. We used it at first, but when I started to see traffic while it was not in use, I refused to let it on my network. It's been sitting in my office closet for 2+ years.

Now, I do use Google Home devices, and I'm ok with allowing Google access to my data. It's all stored in their servers, anyway, from passwords to credit card numbers. It's the devil you know, honestly.

Anecdotally, I attended a couple things with a College of Charleston professor that's doing research into IoT, and while they're all a little "chatty", she was unable to uncover data being sent to Amazon or Google from the devices, outside of their designated use cases - e.g., when a user says the hot word, the microphone activates and sends a data stream to a server to be processed, and a response returned.

JR
 

Shadow277

Well-Known Member
Joined
Nov 17, 2019
Threads
133
Messages
1,285
Reaction score
425
Location
Arizona
Vehicle(s)
2016 Mustang GT 2012 Corolla
That is hardware (microphone) from a chinese company and a regular internet connection.
Has literally nothing to do with how IoT works or even really to do with the technology involved in Sidewalk. (Which I actually explained in my post and you chose to omit in your quote)

That said, if you're worried about the type of stuff Vizio did, at least pay attention to where your hardware is coming from. (software too, looking at you Tik Tok)

Also - a Pi-Hole that I mentioned before would also have eliminated the issue with Vizio TVs, just saying.
You mean figuratively, not literally. Anyways, my point is that big businesses will not stop trying to spy on us regardless of their intent. Data mining, creating "personal" ads, it doesn't matter. They can and will do it.

I didn't omit anything. I just hit reply.
 

shogun32

Well-Known Member
Joined
Feb 8, 2019
Threads
92
Messages
16,223
Reaction score
14,019
Location
Northern VA
First Name
Matt
Vehicle(s)
'19 GT/PP, '23 GB Mach1, '12 Audi S5 (v8+6mt)
Vehicle Showcase
2
So is George Orwell a prophet? (Animal Farm & 1984 books)
No, he wrote a HOWTO manual without intending to. Or put another way, documenting the ever-present evil in human nature that lusts for power and subjugation.
 

Sponsored

Adamone92

Well-Known Member
Joined
Apr 30, 2020
Threads
33
Messages
1,385
Reaction score
960
Location
California
First Name
Adam
Vehicle(s)
2022 Mustang GT PP Premium
As someone who actually works in software, The title is mis-leading and the comments regarding security in this article are anecdotal at best and fear-mongering at worst.

Sharing bandwidth in the way stated in the article doesn't mean someone who would nefariously get access to a neighbor's smart light bulb would then have access to your wifi network. Hell, hacking into a neighbor's IoT device wouldn't even give access to much of the neighbors network. IoT devices are very specialized and the specialization itself is the security.
IE your smart bulbs do very specific things and that's ALL they do, so someone could hack into your bulbs but likely the worst they could do is annoy you by changing the light color or turning them off/on again - not exactly enough for identity theft, and definitely not worth a hacker's time.

That said, I'm much more concerned with what devices I have in my home because of who has access to the DATA than access to my home. IE why I don't use Ring but instead use Arlo, as Arlo doesn't sell customer data to 3rd parties (at least for now). It's also why I recommend anyone with a Roku Product to get a pi-hole device or similar.

Anyway, I personally don't buy amazon Alexa/Ring/Echo products because I don't like what they do with data gathered from me (or how much data they gather), I don't mind using smart bulbs or smart sockets though.
software can be pretty broad

since its a common theme in this thread and the idea behind your post, aka hacking. How much experience do you have in cybersecurity? are you a certified ethical hacker, or a hacker in any regard? Do you know the methods hackers use to exploit systems and historically some of the methods that have been used? people have gotten into systems and networks using way less as an avenue vs what you are speaking about, and you are saying its not possible with even the avenue you are speaking to.

in some of my cybersecurity courses for the military, CEH included, we were shown examples of where hackers have used something as simple as a fan to hack into a computer that was off, and get admin access to it; all being within a faraday cage. there are even more robust examples than that. Entire power grids have been exploited in ways people didn't expect, so you don't think a home network that is 99% likely to have an owner that knows nothing about it, cant be exposed by any of these devices? But saying someone cant use an IoT devices, or hell, even a wifi or Bluetooth connected light that is actually connected to something and using it to get into a system (similar to how the simple fan used waves to get into the computer system) isn't completely true. NOW, if someone can do that and they are targeting you for whatever reason, it really doesn't matter because they will get in either way; and you have bigger issues anyways.

I agree on limiting usage of these items btw. the visio thing is crazy because even the military used visio products for a while. not anymore lol
 
Last edited:

Doug33w

Member
Joined
Oct 7, 2020
Threads
0
Messages
7
Reaction score
16
Location
Sykesville, MD
First Name
Doug
Vehicle(s)
2020 Ford Mustang Shelby GT 350
I agree with Seven, if you're willing to use Amazon devices Sidewalk does not present a grave threat to you & it's not openly sharing your internet connection. According to Amazon Sidewalk enabled devices are low bandwidth devices & are capped at a max of of 500mb/month. With having said that with most of these Amazon devices you are product. Amazon is selling your data to 3rd parties.

Poorly made and maintained IoT devices most certainly pose a threat to governments, industry, and end users. Manufacturers and legislation is slow to deal with the reality of these new devices. If you're concerned about suspicious IoT devices it is wise to place them on another wireless network such as a guest network. This allows the devices to function but helps prevent them from interacting with more sensitive devices on your network (phones, computers, tablets, etc).

Additionally, it is worthwhile to think about your home router & the vulnerabilities that exist in those devices. Many home routers are not automatically updated when vulnerabilities are discovered or the vendors are slow to provide updates for them.

https://www.infosecurity-magazine.com/news/80-of-soho-routers-contain-vulnerabilities/
 

shogun32

Well-Known Member
Joined
Feb 8, 2019
Threads
92
Messages
16,223
Reaction score
14,019
Location
Northern VA
First Name
Matt
Vehicle(s)
'19 GT/PP, '23 GB Mach1, '12 Audi S5 (v8+6mt)
Vehicle Showcase
2
to hack into a computer that was off, and get admin access to it; all being within a faraday cage
a computer (servers) that is plugged in is never really 'off'. The 'management' chip piggy-backs on the primary ethernet and is always awake. These services usually have just appalling security though Intel in particular is asserting they are doing a much better job of it. Still, I'm sure there's still plenty of sever OEMs who ship highly insecure hardware/firmware that is intercepted by certain 3-letter agencies depending on destination and 'enhanced' for national "interests".
 

Adamone92

Well-Known Member
Joined
Apr 30, 2020
Threads
33
Messages
1,385
Reaction score
960
Location
California
First Name
Adam
Vehicle(s)
2022 Mustang GT PP Premium
a computer (servers) that is plugged in is never really 'off'. The 'management' chip piggy-backs on the primary ethernet and is always awake. These services usually have just appalling security though Intel in particular is asserting they are doing a much better job of it. Still, I'm sure there's still plenty of sever OEMs who ship highly insecure hardware/firmware that is intercepted by certain 3-letter agencies depending on destination and 'enhanced' for national "interests".
I know. it was a simple way of typing it out so A) I didn't have to go TOO in to detail about the entire setup as they ran multiple different tests, each getting more and more secure and B) I don't remember 100% every step and test they ran. its been a few years since some of those classes.

but yes, good point.
 

Adamone92

Well-Known Member
Joined
Apr 30, 2020
Threads
33
Messages
1,385
Reaction score
960
Location
California
First Name
Adam
Vehicle(s)
2022 Mustang GT PP Premium
:cwl:
Air-gapped PoC hacks are both fascinating and hilarious. Rarely practical though. I remember one that used a microphone to read the hardrive by listening to the platter sounds 🤣.

The most common "hack" isn't on any system, it's on the user's. Particularly when they buy a device, use automatic setup, and keep everything on the defaults.
my dad and grandmom found that out recently. Although, my dad may have been going into some websites he shouldn't have been. :cwl: :cwl:
Sponsored

 
 








Top