Pioneering research has discovered how smart devices talk to Android apps and each other to share data that allows them to know who enters a home, when, and how much they earn
The best solution IMO is don't let your smart devices have access to the internet. Put them on a VLAN, block them at the firewall, whatever method you prefer. Accessing your home network remotely is one thing, but your air conditioner doesn't need to INITIATE a connection to the outside world.
That's what I did 🙃 Unfortunately, some devices do not work at all without a connection to the manufacturer's cloud, this also needs to be taken into account.
A long while ago, my first foray into smart home stuff was a Phillips Hue system. I used to use it exclusively offline, but I got deeper into smart home stuff and wanted to add some integration into my system. I don’t remember what anymore, but it meant setting up a Hue developer account, so I signed up. Gave them my email address. Stopped using the integration, moved, reset the hub, used it offline for years.
This February I logged into the hub for some reason. I think an accessory wasn’t working and Hue user docs said to log in or some such nonsense.
Five days ago, I got an email from Amazon. They told me that one of the batteries in a Hue switch was running low, and they helpfully provided me with a link to buy new ones. Their page for the device indicated that they were being updated with its battery percentage every 4-8 hours - and that I had authorized Alexa access to my Hue system in February.
I checked the Hue app, and it indicated no apps or services connected to my account.
Logged into the Hue website, dug into my settings, and there were a dozen app’s and services that had been “authorized” to access my account - none that showed up in the app.
Every smart device that has been on my network - devices that I never integrated with Hue (on purpose!) were all happily showing very recent access times to my data. Systems I don’t have accounts to anymore. I revoked access, of course.
Three days ago Amazon emailed me to let me know a different device needed a battery, and showed that Hue had shared the battery level of the device with them that day - 2 days after I revoked access.
Yeah… all their products are getting trashed, reflashed, or used with zigbee hubs I’ve built.
I honestly still don't get, what exactly all this is for.
Why are companies pumping more and more money into advertising? What do they expect us to do? Most people can't spend more money and if you have to increase prices because of your overblown ad budget, they're even less likely to do so.
And what exactly are they thinking they're getting from companies like Google and Meta? The amount of ads I get that are actually relevant and not super-obvious is miniscule. Ad tech does not work even remotely as well as advertised.
You'd be surprised the amount of times I've heard someone say they got something after seeing a targeted ad. I personally just zone out until the ad's done. It's hard to believe people actually pay attention, and then go so far as clicking the ad and buying the product.
That's because you're not a typical consumer. Average consumer those ads target is a mindless capitalist zombie with the sole goal of owning more stuff. Especially in US (but not only) people are trained by their capitalist master that 'you are what you own' and spending money is a way of living there. I'm sure you see it everywhere. People go absolutely crazy over brands like Marvel or Star Wars and spend thousands of dollars on useless gadgets. People go crazy over snickers and buy hundredths of pairs. People go crazy over phones and and take credit just to own the latests model. And the ads are there to program those people into wanting more and more things.
I, too, am curious if there's an advertising bubble.
I hope so.
I've noticed something about my wife, though.
She's not a "mindless capitalist zombie with the sole goal of owning more stuff", but she does pay attention to advertising a lot.
We need more diapers?
Well, it just so happens there's some new startup app that's advertising a free first month, so if she signs up for that up, we could get free diapers, and we'd only have to keep the membership for another two months, and they have deals on peanut butter, and we'd get access to their free streaming service and they have Disney, so it's probably worth it overall.
And so it goes, with a million of these deals.
The thing is, each "deal" is so complicated that it's extremely difficult to know which ones we're actually saving money on.
The cynical would say "you're never saving money: everything's rigged", but that's clearly not true.
Some of these deals clearly do work out for us (and some of them cause the startup to immediately go bankrupt).
But most of them aren't clearly better or worse for us: we'd have to spend several hours going through hypothetical scenarios to do the full CBA, which we don't do.
I do wonder, on balance, how much it's costing us.
I also wonder how many of these deals are specifically (personally) targeted at my wife because they know what she needs and what her habits are.
Security risk is the bigger concern IMHO. These devices are often a security weak point for networks. Putting them on their own wifi network and then isolating that network is critical.
How can you ensure this is done? There are so many devices that need to connect to the internet and some that require access to other network devices to function.
You basically need to employ network engineering level security - very tight firewall rules, use NAT where it's available (IPv6 removes NAT, which ipv6 apologists will tell you is a good thing - they're wrong, as it removes per-service level control and moves it out to per-device/per-NIC), and punch very specific holes to grant access where needed.