• LemmyIsFantastic@lemmy.world
    link
    fedilink
    arrow-up
    51
    arrow-down
    9
    ·
    edit-2
    1 year ago

    Nah, I have a bunch of stuff and couldn’t care less. If someone wants in my home they’ll take out a window. Nobody is zero daying their way past a lock 🤣

    • lseif@sopuli.xyz
      link
      fedilink
      arrow-up
      33
      arrow-down
      1
      ·
      1 year ago

      “im not actually too worried about my privacy and data being misused, im worried about everyone’s being misused, and that it’s being normalized”

      • CaptKoala@lemmy.ml
        link
        fedilink
        English
        arrow-up
        4
        ·
        1 year ago

        And folks wonder why I’m in a constant state of existential dread, we all know it won’t stop there if the corpocunts have anything to say about it.

      • milicent_bystandr
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        One of the most draining things about trying to look after privacy is the number of ways other people’s choices undermine that.

        I don’t mean to dump on other people for those choices … usually… but it’s hard that the conveniences they take compromise the privacy that I like and that some others need more.

    • Cosmic Cleric@lemmy.world
      link
      fedilink
      English
      arrow-up
      8
      ·
      1 year ago

      Nobody is zero daying their way past a lock 🤣

      It would be a cheap way of creating onlyfans content though.

        • Cosmic Cleric@lemmy.world
          link
          fedilink
          English
          arrow-up
          4
          ·
          edit-2
          1 year ago

          If I found out my convulsing into my partner would make money idk do it in a heart beat 🤣

          Who said you’d get the money though. That fine print you always agree to would say any content from the security cameras would be owned by them.

    • dlok@lemmy.world
      link
      fedilink
      arrow-up
      12
      arrow-down
      9
      ·
      1 year ago

      And what’s the worst an internet connected thermostat could do, discomfort you to death? If someone got into my Google account past 2fa etc id have bigger worries.

      • TheWiz
        link
        fedilink
        arrow-up
        21
        ·
        1 year ago

        For me it’s more the privacy aspect. IOT devices tend to be network weak points. Things like Alexa constantly listening. I could see myself self hosting home assistant maybe in the future but not of the things smart devices enable are really a value add for me personally.

        • Cosmic Cleric@lemmy.world
          link
          fedilink
          English
          arrow-up
          8
          arrow-down
          3
          ·
          edit-2
          1 year ago

          You don’t need home devices to lose your privacy like that. Your phone’s themselves are constantly listening in.

          Was talking to the wife in the car one time about buying a new pair of tennis shoes, and when I got home that evening and watched YouTube videos and such, I was getting so many tennis shoe ads it was actually quite spooky.

          • TheWiz
            link
            fedilink
            arrow-up
            6
            ·
            1 year ago

            Oh definitely, I go to a lot of effort to try and mitigate it (graphene OS, no Facebook, social media, pihole for network wide ad blocking, simplelogin for email aliasing, no smart devices) but there’s always plenty of invasive apps/services even you’re privacy conscious.

        • LemmyIsFantastic@lemmy.world
          link
          fedilink
          arrow-up
          3
          arrow-down
          8
          ·
          1 year ago

          Jesus Christ “always listing”.

          No they aren’t. Not in any sense that even explained in common sense language to normal people.

          They are listening to what amounts to be a key pair(s) voice imprint. That’s done at a hardware level. And despite it be career making and be worth millions nobody has reported any large scale beach of trust in many years.

          The major players have an excellent track record of being secure.

          • milicent_bystandr
            link
            fedilink
            arrow-up
            3
            ·
            1 year ago

            The major players have an excellent track record of being secure.

            Facebook doesn’t.

                • LemmyIsFantastic@lemmy.world
                  link
                  fedilink
                  arrow-up
                  1
                  arrow-down
                  1
                  ·
                  edit-2
                  1 year ago

                  First, the attacker needs to be within wireless proximity of the device, and listen to MAC addresses with prefixes associated with Google. After that, they can send deauth packets, to disconnect the device from the network and trigger the setup mode. In the setup mode, they request device info, and use that information to link their account to the device and - voila! - they can now spy on the device owners over the internet, and can move away from the WiFi.

                  Congrats, you found a single instance. It was patched via the security program. It relied on physical proximity.

                  Then you link another scenario where an utterly insignificant portion of users data was shared with partners.

                  It’s grasping at straws and both those incidents are unrelated to always on recording. None of that shit you linked is related in the least bit. It’s slippery slope bullshit you’re trying to pull.

                  Astroturfing 🤣🤣🤣 good lord I wish I could get paid arguing with uninformed privacy zealots.

                  • Calavera
                    link
                    fedilink
                    arrow-up
                    1
                    ·
                    1 year ago

                    So much so for your “excellent track record of being secure.” right? Specially this taking almost a year to be patched. Now image the exploits that were found not by researchers, but malicious parts…

                    I mean, if you were a paid astroturfer I could understand, because people have to make ends meet right. But doing that for free? What a dystopian world we live in

      • bitwolf@lemmy.one
        link
        fedilink
        arrow-up
        21
        arrow-down
        1
        ·
        1 year ago

        The issue is that the thermostat can be used as a jump box into your network.

        That’s when/where all the nefarious things happen.

        • frezik@midwest.social
          link
          fedilink
          arrow-up
          7
          arrow-down
          1
          ·
          1 year ago

          This is why I like boarderless security, and did even before all these smart devices came around. Every device should be responsible for its own security. It meant your laptop is still protected when you’re on some random wifi network. Networks shouldn’t be built like eggs; hard on the outside, soft on the inside.

          It does take more technical skill to setup, though.

        • groucho@lemmy.sdf.org
          link
          fedilink
          English
          arrow-up
          5
          ·
          1 year ago

          Or they could just dime out the heat/AC and give you a huge energy bill. Or kill the furnace in the winter, while you’re on vacation, and let your pipes burst.

          • RGB3x3@lemmy.world
            link
            fedilink
            English
            arrow-up
            2
            ·
            edit-2
            1 year ago

            Nobody is doing that. A hacker doesn’t cause chaos just for the fun of it. They have nothing to gain by playing with your thermostat when they can spend less man-power exploiting corporations for money and data.

              • RGB3x3@lemmy.world
                link
                fedilink
                English
                arrow-up
                1
                ·
                1 year ago

                Yeah, but:

                The downside, though, is that installing the ransomware, currently, requires the hackers to either have physical access to the thermostat or trick the victim into loading malicious files on the device on his own.

                And if a hacker is in your home, they’re not a hacker. They’re just a burglar.

        • greenskye
          link
          fedilink
          English
          arrow-up
          3
          arrow-down
          1
          ·
          1 year ago

          Realistically speaking who targets an individual house in the hopes of accessing something important and usable when companies lose millions of customer financial and personal information basically every month?

            • RGB3x3@lemmy.world
              link
              fedilink
              English
              arrow-up
              1
              ·
              1 year ago

              To do what though? People are worried about their internal network being compromised, but the average person has basically nothing worth stealing on their home network given the insane amount of work it takes to compromise it.

              The fears of your internal home network being compromised are way overblown.

              • Nahdahar@lemmy.world
                link
                fedilink
                arrow-up
                1
                ·
                1 year ago

                A main example that comes to mind is nanny cam or iot security cam ransoms for example. They don’t target specific individuals at first, they exploit a mass vulnerability, gather sensitive footage then blackmail. Another example, while not directly affecting IoT users’ lives was the Mirai botnet attack.

                • greenskye
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  1 year ago

                  This implies looking at hundreds of thousands of nanny cams, for probably lots of hours before you end up with any footage thts worthy of ‘blackmail’. And I’d bet many homes would literally never have anything blackmail worthy even happen on camera. Oh no, they saw me naked!?! What am I going to do if my coworkers found out I walk around naked in my own home. I’d just tell them to take a hike and release my naked footage if they really wanted to.

              • milicent_bystandr
                link
                fedilink
                arrow-up
                1
                ·
                1 year ago

                It’s not just damage to your home network, it’s using that as part of botnets do do other crime. And it’s collecting data on you for sleazy purposes, that then gets leaked (sometimes) to those who want to use it for crime.

                the insane amount of work it takes to compromise it.

                Really?

                The great thing about software is once you develop an insane trick to get into one child’s internet-connected doll (oh yes, there’s that too) you can roll it out to try ten million dolls across the world.

      • Obi@sopuli.xyz
        link
        fedilink
        arrow-up
        13
        arrow-down
        1
        ·
        1 year ago

        I think that example is probably the most serious one. If you live in regions that go to -40c you most definitely don’t want your thermostat to just stop heating the house.

    • AlexWIWA@lemmy.ml
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      These iot software are usually minimum viable products with weak security. A zero day for them is fast simpler than trying to get a zero day in windows.

      For example, I had a friend that worked at one of these companies, that recently lost a lot of money, and while he was there they had their master keys in the git repo on GitHub. At this point they were well past a billion dollar valuation.