[HN Gopher] Amazon US customers given one week to opt out of mas...
___________________________________________________________________
Amazon US customers given one week to opt out of mass wireless
sharing
Author : haasted
Score : 367 points
Date : 2021-06-01 15:20 UTC (7 hours ago)
(HTM) web link (www.theguardian.com)
(TXT) w3m dump (www.theguardian.com)
| londons_explore wrote:
| Everyone shares the LTE network... And nobody cares. The fact you
| pay $90/month and someone else who pays just $40/month might be
| taking some of your bandwidth probably hadn't even crossed your
| mind.
|
| Yet ask people to share WiFi and suddenly its totally
| unacceptable. "This is my bandwidth, I paid for it, nobody else
| can have any!"
| josefresco wrote:
| This page on Tom's Guide has good background, a list of devices
| and instructions on how to opt out.
| https://www.tomsguide.com/reference/what-is-amazon-sidewalk
|
| Amazon App> More > Settings > Account Settings > Amazon Sidewalk
| > Disable
| dlhavema wrote:
| Looks like I don't have the update yet. I don't see this menu
| option.
| enraged_camel wrote:
| If you don't see the menu option that means none of your
| paired devices are compatible with Sidewalk.
|
| List of supported devices at the bottom:
| https://www.cnet.com/home/smart-home/amazon-sidewalk-will-
| cr...
| lsaferite wrote:
| I had the option a few days ago and now it has disappeared
| in both my phone and my wife's.
| slobiwan wrote:
| Check the Alexa app, not the Amazon app. Shows up in mine
| ch4s3 wrote:
| I'm seeing the same issue as the parent. I've check the
| alexa app under account settings and the option does not
| appear. The last version on the app store is from 2 weeks
| ago. I wonder if this is a web view and they're exposing it
| to different users at different times.
| dlhavema wrote:
| Maybe. I'm on Android "version 2.2.403931.0" and no
| option...
| slobiwan wrote:
| That must be the case. My Alexa app (iPhone) is version
| 2.2.416595.0, updated on May 20.
| smaccona wrote:
| It doesn't show up in my Alexa app (iOS), and I am running
| the latest version (I have auto-update enabled). I only see
| Recognized Voices, Guest Connect, Voice Purchasing and
| Workouts. I see online references to this setting as long
| ago as November 2020[1], so it's concerning that it's still
| missing for me.
|
| Edit: I just realized that all my Echo devices are 2nd
| generation, which apparently don't support Sidewalk[2]. I
| wonder if the menu item only shows up if you have devices
| that support it?
|
| [1] https://www.aftvnews.com/amazon-has-started-switching-
| sidewa...
|
| [2] https://www.tomsguide.com/reference/what-is-amazon-
| sidewalk
| drdec wrote:
| What does one do it they don't have the Alexa app? It seems
| counter-productive to install it just to turn this off.
| snegu wrote:
| I'm curious - is it an altruistic act to leave this functionality
| enabled? I'm all for making wifi access easier for people.
| thatguy0900 wrote:
| It's certainly altruistic to ad companies who don't want to pay
| for internet access for their devices
| Animats wrote:
| "People like you helping people like us help ourselves" -
| Processed World slogan.
| asdff wrote:
| Just run a guest network with your existing router if you want
| to provide internet to strangers.
| Retric wrote:
| It's so "smart" TV's etc can send data home even if you don't
| connect them to the internet. Longer term expect random devices
| you own to inject even more advertising into your daily life.
| dec0dedab0de wrote:
| I didn't even think of this. That is terrifying.
| philsnow wrote:
| Amazon is going to sell access to Sidewalk to e.g. TV
| manufacturers (and anybody else), making money off of your
| internet connection.
|
| Before Sidewalk, if a device manufacturer wanted to be able
| to get sensor/environmental/etc data back to the mothership,
| it had to either pair to a phone with bluetooth, use wifi
| (needs creds), or include a 2g modem with a SIM (pretty
| expensive). A customer who doesn't see a need for that device
| to have that connection just won't pair / give wifi creds,
| and the 2g modems/SIMs are expensive enough to keep them out
| of most devices.
|
| In a world where Sidewalk is a viable option, a lot more
| devices will be sending whatever information they like that
| they can sample about you out of your house. Sure, it makes
| sense to carefully read the privacy policy when you're buying
| a echo dot or ring whatever, but are you going to be so
| careful when you're buying a toaster?
|
| This episode of black mirror sucks.
| Dah00n wrote:
| The fix is GDPR like laws. Then this wouldn't matter.
| philsnow wrote:
| My only options for escaping Sidewalk are living far enough
| away from neighbors or convincing all the neighbors within
| range of my house that they shouldn't have any Sidewalk
| bridge-able devices.
|
| I would at least be interested in a way of finding out what
| sidewalk bridges are accessible from my location. Anybody
| know of a way? Is it just wifi?
| eulers_secret wrote:
| There's at least 2 other options: Disable (physically)
| modems/antennas of sidewalk-enabled devices you own, or
| do not purchase devices that are sidewalk-enabled.
|
| Sidewalk uses LoRa and a 900Mhz other signal (for garage
| door openers). With an SDR that can use that spectrum,
| you could probably determine if there are sidewalk
| endpoints around. Might be able to foxhunt them to
| certain houses.
|
| My plan is to do my best to avoid these devices (FCC IDs
| may be helpful here), and if I can't, then physically
| disable them from being able to communicate. Hopefully
| other folks do the same, and there will be information/a
| community online to help.
|
| The rest of the world is up a creek, only the 'techno-
| elite' have the privilege of privacy and being tracking-
| free. It probably doesn't amount to much, though...
| philsnow wrote:
| I had thought that there wouldn't be any labeling
| requirements for Sidewalk-enabled devices, but you bring
| up FCC IDs. I've never given them much thought, but
| that's at least one thing to look out for in the future.
|
| I'm now kind of interested to go look at the boxes for
| some of the devices I already own to get a feel for
| what's there. I expect it would probably all come down to
| a few BT / BLE / wifi chip manufacturers.
| [deleted]
| foobiekr wrote:
| It is exactly this. It just takes one idiot in the
| neighborhood to now defeat my "don't connect them to the
| network" approach to not sharing my data.
| shagie wrote:
| Various use case stories...
|
| You've got an Alexa, your neighbor has a Ring. The network goes
| out on your neighbor's house. The Ring can then use your Alexa
| provided sidewalk network to send a notification to your
| neighbor about a package or whatever.
|
| Someone makes Tile like product that can use Sidewalk to track
| its location. The sidewalk extends its range and accuracy.
|
| Right now, it really appears to be just Ring devices that can
| make use of it.
|
| This isn't a guest Wifi that arbitrary people can connect to...
| though as we saw with the Apple tags, people have quickly
| piggybacked other data on it.
|
| ---
|
| While I don't have any devices that extend the Sidewalk
| network, I've disabled it... just in case I do get one.
| bitL wrote:
| How do you know you really disabled it? What if it does the
| same as Google that was recording location data and then
| uploaded them right after you established a WiFi connection?
| What if Amazon devices would do that a few times a day
| without you noticing, and the "disable Sidewalk" button would
| just mean "do it less frequently"?
| [deleted]
| turdnagel wrote:
| I could see working on Sidewalk as kind of a dream if you have no
| morals. A mesh network you can turn on with a flip of a switch,
| with millions of devices across the world? Seems really cool, if
| you don't care about privacy or security. But if you do - and we
| should - it's a disaster.
| vincent-toups wrote:
| I'd rather go without internet than have one of these damned
| smart devices in my house. I can't believe how popular they are.
| paulcole wrote:
| I might be the only one here who doesn't care at all about
| this. I love my Echo and Amazon IOT devices and have got better
| things to do than wring my hands over what they're doing with
| my internet connection. They use hardly any bandwidth so
| whatever, not going to turn this feature off.
| UI_at_80x24 wrote:
| The threat vector at this time isn't what Amazon does with
| access to your internet. It's what John Q. Public does.
|
| 'Free Internet' (on your dime), will always lead to abuse.
| Plus, how much do you trust Amazon's security to NEVER allow
| access to other resources on your network?
| pugworthy wrote:
| > I can't believe how popular they are.
|
| I guess you could say they are about like those "new-fangled
| horseless carriages". You could argue that we sold our souls to
| the devil at the (now regulated) crossroads with them. But at
| the time (and now), they bring some real value at a cost that
| not all are aware of, or willing to pay.
| cduzz wrote:
| I have an old dot connected to my stereo to stream music. As
| they say, it is extremely convenient to be able to request some
| music and have it played.
|
| My amplifier has a switched outlet on the back that I've
| plugged the USB into; so if I turn off the amplifier the dot is
| powered off as well (presumably).
|
| And, apparently, 2nd generation dots don't "support" sidewalk
| anyhow (though of course it is a little snitch hiding in my
| living room).
|
| The "smart" TV is more of a concern as it is always on...
| wombat-man wrote:
| they were practically giving them away at times.
| sokoloff wrote:
| I have my IoT/IoS devices cordoned off onto their own network
| locally (with internet access, of course) as a matter of trying
| to protect my LAN from any exploit.
|
| However, I find the convenience of these devices to be
| extremely high: they play music, they give us convenient
| timers, they function as a whole house intercom, they tell us
| the weather and answer (often poorly) some random questions
| without going to get our phones out.
| cheeze wrote:
| The whole IoT thing just goes to show how... unique many
| people on HN are. I get it, it's a risk, etc. but IMO the
| convenience is massive. I do the same as you do, its a bit
| more work but it works fine for my use case. Use reputable
| products and segment them and the attack vector is rather
| small, IMO. I also try to not use wifi devices and instead go
| for something like zwave.
| nanidin wrote:
| Can you give any insight into the solution you're using to
| achieve this? I've got some noisy gadgets on my network that
| I want to cordon off, but I'm not sure where to begin.
| sokoloff wrote:
| Dedicated SSID(s) with that/those SSID configured as a
| guest network goes pretty far. I happen to use Ubiquiti
| gear, but most any router is likely capable of creating a
| dedicated guest SSID (or multiple). That covers wireless
| devices (which is all the IoT stuff that I have).
|
| The one aggravation I had was trying to get the Chromecasts
| to work correctly (where I wanted to be able to cast from a
| machine on the main LAN to a Chromecast on the Google IoT
| SSID). I would periodically get it working and then it
| would periodically break. I'm not even sure that it's
| working right now to be honest, mostly because a lot of the
| need for that use case (video playback) has shifted to
| FireTV sticks.
| mercora wrote:
| > I would periodically get it working and then it would
| periodically break.
|
| wait a second... it worked sometimes? without doing any
| routing trickery or something?
|
| If you did some trickery maybe the devices sometimes
| chose to speak ipv6 but could not?
| sokoloff wrote:
| Oh no, I was trying different bits of routing trickery.
| I'm pretty sure if I sat down and gave it a solid 3 hours
| straight of methodical effort, that I'd have figured it
| out once and for all. Instead, I would have 5-10 minutes
| total per attempt, try _something_ , see if it worked or
| didn't, then the next time I tried the Chromecast
| (possibly weeks later), it wouldn't always be repeatable.
| I also had the Casts being powered off the TV, so they
| got hard shutdown and cold-booted pretty often.
|
| In short, I never really cared enough to get it working
| right as the FireTV was "winning" the convenience battle
| by enough to make it not matter most of the time and I
| always had an HDMI cable for the times when I really had
| to get a screen "sharing" to work.
| Dah00n wrote:
| Did you block Google's DNS IPs? That will break
| Chromecast in strange ways.
| KeepFlying wrote:
| Maybe someday I'll write a rewrite rule to pass google
| DNS through my PiHole...maybe.
|
| All of this hardcoded DNS server BS in iot devices is a
| pain.
| urda wrote:
| You can place them in a separate VLAN for starters, and
| block traffic between anything other than the internet.
| [deleted]
| wearywanderer wrote:
| With the advent of this technology, it's no longer just your
| data that's being risked. If you have a neighbor who owns a
| sidewalk-enabled appliance and doesn't want it to connect
| online, anybody in the neighborhood with sidewalk enabled is
| now an accomplice in subverting the preferences and desires
| of that person.
|
| It's no longer enough to think _" Well I didn't give the TV
| my wifi password, so it can't spy on me."_ Now I have to
| wonder about what opt-out bullshit buried deep in settings
| menus my neighbors neglected to disable.
| mdoms wrote:
| These are such absurdly small conveniences that are all
| serviced (in very very slightly less convenient fashion) by
| other less intrusive devices.
| failwhaleshark wrote:
| 94.9% pure, organic, outrage, clickbait FUD.
|
| This feels like an "you're either with us or you're against us,
| Amazon B A D"-article.
|
| The central thesis is misleading and wrong because it's NOT
| "unlimited, direct sharing of your WiFi to whatever Amazon users
| happen to fall and scrape their knees outside your home because
| they can't skateboard," it's "likely low-rate connectivity for
| other Amazon users' devices over Bluetooth or (maybe) Zigbee
| gated through Echo devices acting as bridges that happen to use
| WiFi as a backhaul."
|
| Tile does the same thing already with their mobile app over
| Bluetooth - everyone with the app and BT on participates as a
| missing tag locator; Amazon is adding Tile into the mix (900 MHz
| BLE for Tile Pro) for another way to find tags.
|
| Is Amazon going to suddenly allow or support BitTorrent-to-eSATA
| light dimmers (or some sort of WiFi backdoor)? IDTS. Where's the
| problem (other than opt-in vs. opt-out)?
|
| PS: I worked in a radio group of a GPS manufacturer at the time
| when radio modules were in their kindergarten years. 900 MHz of
| BLE is always going to work better than 2.4 GHz for low rate data
| because of physics. 900 MHz is awesome.
| howolduis wrote:
| forcing customers into this feature with a short notice that
| the majority wouldnt even know about is the MAIN issue here.
|
| "Where's the problem (other than opt-in vs. opt-out)?"
|
| You make it sound like this is a side trivial issue, then it's
| the main issue here.
| strictnein wrote:
| > Where's the problem (other than opt-in vs. opt-out)?
|
| What's the problem, other than the major problem?
| adolph wrote:
| _When you've left something far behind, like at the beach or
| the gym, the Find My network -- hundreds of millions of iPhone,
| iPad, and Mac devices around the world -- helps track down your
| AirTag. And it's designed to protect your privacy every step of
| the way._
|
| I wonder if Apple has opt-out/in for the "Find My network?"
|
| https://www.apple.com/airtag/
| kstrauser wrote:
| Here's how you turn it on (or off):
| https://support.apple.com/en-us/HT210400
| Cthulhu_ wrote:
| So you're planning on just letting this happen on your devices;
| I get it, too much hassle, etc. No need to try and get others
| to not opt out if they choose to though, that sounds like a lot
| of effort for someone who's okay with it. Or are you paid by
| Amazon to promote it?
| Dylan16807 wrote:
| Don't.
| celsoazevedo wrote:
| The problem is that they're using my hardware, my internet
| connection and my electricity without paying me or asking for
| my permission.
| Dylan16807 wrote:
| Unless it takes significantly more power to do this, you
| definitely gave it permission to use your electricity.
| jsight wrote:
| I feel like 20 years ago we would have complimented them for
| such an ingenious solution to backup network capability for
| security related devices.
|
| I don't love the lack of consent involved, but the concerns are
| way overblown here.
| SteveNuts wrote:
| How does this work with data caps? Is Amazon going to reimburse
| me for overage charges from my ISP if my neighbors are using my
| data?
| floatingatoll wrote:
| No.
| adamredwoods wrote:
| Amazon notes this in their FAQ: it's capped at 80kbps and max
| of 500MB per month. I don't know if this includes Bluetooth
| though.
| asdff wrote:
| So they are stealing 500MB of your cap if they aren't
| compensating you.
| ikiris wrote:
| As exchange for their otherwise unpaid service from those
| devices, they're using a fraction of your potentially
| capped internet if you happen to be in a market with such
| poor competition and/or poor regulatory environment that
| your service is capped.
| prepend wrote:
| > unpaid
|
| I paid $200 (although much cheaper now) for my echo years
| ago. This isn't a free device and the services it
| provides cost me actual money to be able to use. Pretty
| funny to spin this as "you paid $200 for this device, but
| all the services on it are free."
| chasebro wrote:
| So like 90% of the US?
| Dylan16807 wrote:
| The US is full of slow internet, but it's not
| particularly plagued by capped internet.
|
| There are a bunch of 1TB caps around, but a cap like that
| would suggest that the value of 500MB is 3 to 10 cents at
| most.
|
| Just using 3 watts at idle is already enough to cost the
| average person 25 cents a month.
| vbsteven wrote:
| 500MB per ip or per device?
| switch007 wrote:
| If you're at 99.9% of your (small) cap, the Amazon device
| won't know that.
| tkinom wrote:
| Sounds like a fun project for the future Black Hack conf:
| Implement tor / torrent on top of Amazon mash network and
| break all the bandwidth limits.
| ThatPlayer wrote:
| It's probably not possible. The devices runs on LoRa
| wireless protocol, which measures bandwidth in single digit
| kilobits a second.
| foxhill wrote:
| could you imagine any orginisation just walking up to almost
| every home in the country and presuming they had the right to "a
| very small portion" of your property, unless you went through
| some steps to explicitly opt out?
|
| imagine they paid for their own infra to do this. how much would
| that cost? in this light, is sidewalk not theft?
|
| amazon, if you want to use my internet - for whichever distopic
| future plans you may have - you can pay me for it. it will not be
| cheap.
| detaro wrote:
| duplicate, please check before submitting:
| https://news.ycombinator.com/item?id=27328087
| hellisothers wrote:
| I've seen a couple other articles like this that that to "both
| sides" this by claiming Apple does it with AirTags. Seems pretty
| disingenuous, feels like comparing faxing documents to the
| internet...
| kstrauser wrote:
| I've seen this, too.
|
| Apple: Their device: "Hi, I'm an AirTag! This is my serial
| number!" Your device: "hey Apple, I was at (X, Y) when I saw
| this serial number."
|
| Amazon: Their device: "Hi, can I send traffic through your
| network?" Your device: "sure, buddy!"
|
| They're so fundamentally different that I pretty much assume a
| bad faith argument from people who say they're similar.
| beezischillin wrote:
| The other major difference is that you directly benefit from
| Find My and you can also turn it off any time you want.
| Dah00n wrote:
| It's a pretty weak argument when it fits both devices. In
| reality both are bad, one is just very bad.
| luma wrote:
| Playing devil's advocate here... aren't those same two
| things true of Sidewalk? If you purchase an Apple tag, then
| you benefit from other users who have this feature enabled.
| If you buy a device that uses Sidewalk, same situation.
| Both can be disabled.
| dv_dt wrote:
| This kind of privacy touching feature should be required to be
| opt in.
| a3n wrote:
| But not many people would bother to opt in, even if they knew
| about it, so ...
| thatguy0900 wrote:
| Well if noone who owns these devices wants to do it it
| probably shouldn't be done then, right? Or Amazon could give
| a 5$ credit or something. That would probably be enough.
| xboxnolifes wrote:
| Reality is, most people who own these devices wouldn't know
| how or be aware it's even an option, and a mass marketing
| campaign would need to go into effect to just make people
| aware of it and why they would potentially want to do it.
|
| Or they can just make it automatic.
| thatguy0900 wrote:
| If Amazon wants to release a feature that they make a
| bunch of money off of selling it to advertisers, that
| uses customer resources and doesn't benefit them, and
| many/most customers actively don't want it, then they
| need to convince people to say yes. How is people not
| wanting to do it justification for Amazon doing it? If
| they want it done they can offer credits
| a3n wrote:
| I'm not saying it's justified. It's not. But low
| likelihood of opting in would be a reason why they'd make
| it out out. See, for example, UMN vs Linux.
| mulmen wrote:
| > Users can disable Sidewalk in the settings section of the Alexa
| or Ring apps, but have until 8 June to do so. After that, if they
| have taken no action, the network will be turned on and their
| devices will become "Sidewalk Bridges".
|
| But the setting will still be available, right?
| CharlesW wrote:
| Yes. It's a scarier way to say that it's opt-out.
| titzer wrote:
| Big Brother won't be a boot on the face, forever, it will be
| private enterprise mesh network that comes wrapped in charming
| corporate market babble.
|
| "Telescreens help keep you connected with your friends and
| relatives. They monitor activity and upload anonymous usage
| statistics that help make our products even better. Telescreens
| help make society safe and secure, ensuring that you can enjoy
| your choice of government-approved home activities without a
| worry. Stay protected from roving bands of child-raping coke
| addicts! Try our new HappyFace(tm) mood-altering brain implants,
| guaranteed to put a smile on your face and stamp out that pesky
| thoughtcrime!"
| monkeynotes wrote:
| All of that sounds like a boot stomping to me. Complete
| oppression and control.
| rubyfan wrote:
| The article reads a little alarmist honestly. They have created a
| low bandwidth mesh network for mostly IOT devices. I don't get
| how this is suddenly compared with sharing internet. The later of
| which, Comcast actually did and does.
| bbatsell wrote:
| Far be it from me to defend Comcast, but it's not equivalent in
| the slightest. Comcast creates a separate network, with a
| separate IP, using their cable modem and the DOCSIS bandwidth
| available on their network. Its third-party usage does not
| count against your data cap, and any nefarious usage would not
| be associated with your own account and possibly subject you to
| civil or criminal sanctions.
| detaro wrote:
| Devices can only talk to specific Amazon APIs (which then
| hand the request to manufacturer APIs) with Sidewalk, they
| don't get to arbitrarily use your internet connection either.
| throwaway3699 wrote:
| Here in the UK, BT does the same thing and nobody seems to
| complain. If you're a BT customer you can use your own data
| through somebody else's router. Maybe actually giving something
| in return is the answer for Amazon?
| r00fus wrote:
| Does this include echo-capable devices like car entertainment
| systems?
| floatingatoll wrote:
| No. The "Sidewalk Bridge" devices that will share your internet
| to the Sidewalk are, as of today:
|
| > _Ring Floodlight Cam (2019), Ring Spotlight Cam Wired (2019),
| Ring Spotlight Cam Mount (2019), Echo (3rd gen and newer), Echo
| Dot (3rd gen and newer), Echo Dot for Kids (3rd gen and newer),
| Echo Dot with Clock (3rd gen and newer), Echo Plus (all
| generations), Echo Show (all models and generations), Echo
| Spot, Echo Studio, Echo Input, Echo Flex._
|
| -- https://www.amazon.com/Amazon-Sidewalk/b?node=21328123011
| gertrunde wrote:
| This link is also helpful:
|
| https://www.cnet.com/home/smart-home/amazon-sidewalk-will-
| cr...
|
| It's interesting that only a few devices, mostly the newer
| ones, are capable of using LoRa. All the older ones are just
| BLE (i.e. technically <100m range, but in real world
| conditions probably 10-30m max).
| aatharuv wrote:
| Thanks. I was wondering why the sidewalk didn't show up on my
| Alexa app (I have an unsupported device, luckily.)
| bernardv wrote:
| Another disaster waiting to happen. Time to cap the Amazon's and
| Googles at the knees.
| jkaplan wrote:
| Can someone elaborate on the privacy concerns (e.g. with Amazon
| "becoming a pseudo-ISP")? It seems like most (if not all) of the
| network use would be Amazon devices anyway, which is data they
| already have. Additionally, as far as I know, Amazon isn't really
| in the business of selling ads or customer data, so they seem
| like they'd be _relatively_ trustworthy (compared with, say
| Google, who literally sell routers.) Is the concern just the
| threat that they _could_ abuse this data? Is it just general
| "big company getting even bigger / having more data is bad"
| sentiment? Genuinely curious.
|
| (The security concerns make sense to me -- most people and
| businesses assume their home network is closed, and this
| theoretically opens an attack vector. Asking specifically about
| privacy.)
| philsnow wrote:
| So the opt-out period is only only one week, and I presumably
| won't be able to opt out later?
|
| I don't own any of these devices, but if I want to have the
| option to buy one later but not have it be a sidewalk bridge, I
| guess I have to download the Alexa app and... oh in order to opt
| out, I have to log in to the Alexa app with my Amazon account,
| and in order to log in, I have to agree to: -
| Alexa Terms of Use - Amazon Conditions of Use -
| Amazon Privacy Notice - Children's Privacy Disclosure
| - Amazon Prime Terms - Amazon Music Terms of Use -
| Kindle Store Terms of Use - Audible Service Conditions of
| Use - Amazon Dash Replenishment Terms of Use - Amazon
| Kids+ Terms & Conditions (F/K/A FreeTime Unlimited) -
| Amazon PHotos Terms of Use - Amazon Device Terms of
| Use - IMDb Legal Information - Amazon Video
| Terms of Use
|
| (all are links to legelese documents)
|
| ... I'll just commit today to never buying any of those sidewalk
| devices in the future.
| lucasmullens wrote:
| >in order to opt out, I have to log in to the Alexa app with my
| Amazon account, and in order to log in, I have to agree to:
|
| If you already have an Alexa device running on your network,
| you've already agreed to all those terms. That concern seems
| fairly unrelated.
|
| Also I wouldn't assume you can't opt-out later. Pretty sure you
| can, actually.
| philsnow wrote:
| > If you already have an Alexa device running on your network
|
| I don't, which is why I was installing the Alexa app on my
| phone.
|
| > I wouldn't assume you can't opt-out later
|
| ah, I was thrown by the headline "given one week to opt out".
| eloeffler wrote:
| This is such a great plot beginning for a new Skynet story :)
| unyttigfjelltol wrote:
| That Skynet is funnelling data & connections into a network it
| constructed out of junk electronics it sold under the guise of
| other functionality, and thus is removing the ability of humans
| to airgap other Skynet devices? Seems like we're in the middle
| of the book to me.
| eloeffler wrote:
| I'll wait for the movie on streaming :D
| bcrosby95 wrote:
| So I gotta install their piece of shit apps to opt out of this
| when all I use my Alexa for is a kitchen timer? Figures.
| kokanator wrote:
| Here is the white paper from Amazon
|
| https://www.amazon.com/gp/help/customer/display.html?nodeId=...
| Kye wrote:
| I used to get annoyed every time Amazon would push an OS update
| to my old Kindle fire only to patch a root exploit I could use to
| install an up to date Android, but it's probably for the best
| that they lost me as a customer with their hostile practices.
| shiado wrote:
| What will happen is some high profile company that has a few
| Amazon devices on their network will have these devices exploited
| to gain network access and get hit with some ransomware/data
| theft/etc... and then there will be a big legal battle between
| Amazon and the hacked company and this whole idea will be shut
| down and consumers will get a $10 class action settlement for
| each device.
| mercora wrote:
| this is not different for any other internet connected device
| on your network. although i doubt its about connectivity to the
| internet but about connectivity to some backend _over_ the
| internet. I think it is quite common to assume these risks to
| be your own problem as is mitigating them. I mean i would
| probably like it if there is some responsibility for
| manufactures to make sure it does not happen but i doubt we are
| even close to something like that.
| billh wrote:
| >consumers will get a $10 class action settlement for each
| device.
|
| Worse, it would likely be settled in the same way the
| Ticketmaster case was settled ... with a 10% off coupon for a
| Prime membership.
| twiddling wrote:
| $10? Ha. How about another year of credit monitoring!
| dv_dt wrote:
| More likely, telecom will think, this is against our
| residential TOS and we can use that to get a slice of the
| Amazon's mesh revenue. Especially because most of the telecoms
| offer side access to wireless routers of their customer for
| other customers of theirs too. Maybe this is a play by Amazon
| to be in a better position in this set of future negotiations -
| one which the average consumer is really a bystander for all
| the input they have.
| shoto_io wrote:
| I would assume that Amazon has looked into this problem from a
| legal risk perspective before doing this.
|
| Generally, when it comes to risks, you can do 4 things:
|
| ARAT
|
| (a) Accept the risk
|
| (b) Reduce the risk
|
| (c) Avoid the risk
|
| (d) Transfer the risk (e.g. buy insurance)
|
| I guess they do a mix of (a) and (b), since they have deep
| pockets.
| buildbuildbuild wrote:
| This could be somewhat mitigated by VPN tunneling all traffic
| through Amazon's edge, not sure of their implementation here
| but I highly doubt that Amazon overlooked this threat model.
|
| The exploit attack vector mentioned is already a risk to any
| device connected to a sensitive network. VLAN your consumer
| devices, conference room screens, at minimum.
| mikem170 wrote:
| I'm more worried about this amazon mesh network being used
| for access by other internet devices.
|
| For example, it's not easy to get a dumb TV. If I had one I
| wouldn't want it online. It appears that Amazon would sell
| access to the TV manufacturer so that it could spy on me via
| my neighbours Amazon Sidewalk device.
|
| To me this is new threat vector. I don't take kindly to
| corporations spying on me.
| rudyfink wrote:
| Maybe not? Most consumer arbitration agreements these days ban
| asserting class claims. This has been on the rise since 2011: h
| ttps://en.wikipedia.org/wiki/AT%26T_Mobility_LLC_v._Concepc....
|
| In my opinion, this legal change is a huge sleeper story that
| is behind a number of changes in how customers are getting
| treated. Since customers can no longer economically avail
| themselves of the courts to protect themselves en-masse,
| certain companies find it in their interest to exploit that
| asymmetry for profit.
|
| In other words, a company could always impose a harm on all of
| its customers for its profit. But, now, if that that company
| imposes a class ban through arbitration, those customers
| cannot, collectively, seek recourse for that harm.
| csharptwdec19 wrote:
| It's amazing to watch companies admit they abuse this
| pattern.
|
| A couple years ago I got into it with Comcast over an
| Identity fraud issue. When I threatened to take them to court
| for harrassment (I'd sent them more than what was needed to
| prove I never resided at the address in question) they tried
| to throw the 'binding arbitration' clause out there... When I
| told them I never was or would be a customer of theirs and
| thus wasn't held to their arbitration, they didn't quite know
| what to say next.
| 1123581321 wrote:
| Was this a conversation with their legal department?
| zdragnar wrote:
| Is that really enforceable? Maybe. I suspect that customers
| are better off not going through class claims anyway, as few
| of them actually yield amounts close to the harm done, and
| lawyers walk away with absurd amounts.
|
| "Collective" is merely a tool for not clogging courtrooms;
| there really isn't any other benefit to consumers here.
| giantg2 wrote:
| Civil and criminal court systems are very overwhelming and
| just broken in general in my opinion.
| [deleted]
| adrr wrote:
| Depends who clicked the agreement and what the company bylaws
| of who can agree to terms. Some low level IT person will not
| have the authority to bind the company into an agreement and
| the injured party is the company.
|
| https://www.binadox.com/blog/clickwrap-held-unenforceable-
| na...
| alpha_squared wrote:
| Another story on the front page right now[0] from the WSJ[1]
| seems to imply that arbitration clauses fall apart when faced
| with a mountain of arbitration demands (75k+). Amazon is now
| seeking to remove its own arbitration clause for customers so
| that these can be consolidated into a class action lawsuit.
|
| [0] https://news.ycombinator.com/item?id=27356550
|
| [1] https://www.wsj.com/articles/amazon-
| faced-75-000-arbitration...
| tzs wrote:
| Something like that happened to Doordash a little over a
| year ago [1] [2]. Workers wanted to start a class action,
| Doordash used their arbitration clause to stop that. Over
| 5000 workers then asked for arbitration, which would have
| cost Doordash around $10 million in arbitration fees.
|
| Doordash then tried to get a judge to make it a class
| action. The judge felt that this Doordash was in this mess
| due to their own hypocrisy and declined their request.
|
| [1] https://www.theverge.com/2020/2/12/21135474/doordash-
| workers...
|
| [2] https://www.courthousenews.com/doordash-ordered-to-
| pay-12m-t...
| jquery wrote:
| absolutely brilliant
| [deleted]
| [deleted]
| kergonath wrote:
| > Most consumer arbitration agreements these days ban
| asserting class claims.
|
| This really ought to be illegal.
| setr wrote:
| I believe there was a successful recent strategy for dealing
| with this clause by submitting a new lawsuit for each harmed
| user, to overwhelm everything (courts, company lawyers, etc).
| thathndude wrote:
| Some attorneys are starting to specialize in consumer
| arbitration. The attorneys will eventually find a way to put
| the squeeze on these companies as they try to change the
| rules.
| wnevets wrote:
| The Security Now podcast has a great episode [1] about why this
| isn't as scary as the headlines make it out to be. I'm actually
| quite disappointed at the sheer amount of fearmongering
| surrounding this technology here on HN of all places. For some
| reason I expected HN to be better than the general tech press
| when it came to these things.
|
| [1] https://twit.tv/shows/security-now/episodes/796
| thepasswordis wrote:
| It's not "scary". It's my fucking network hardware, the power
| comes from my house, the data comes from my house.
|
| I pay for all of this stuff. Amazon wants to resell it without
| asking me. NO.
| slownews45 wrote:
| It's very unlikely that you have title to amazon's software.
| You may have a license to use their device and the related
| software subject to their terms, but that is VERY different
| than classical ownership.
|
| All the megacorps have gone this direction.
|
| Amazon is going to give you a constantly improving Alexa
| system and ecosystem and in return you are going to let them
| use sidewalk in most cases.
| howolduis wrote:
| this is the equivalent of saying: "in return of living in a
| well-maintained nice neighborhood, you should not password-
| lock your wifi"
| slownews45 wrote:
| Traffic over sidewalk will egress to internet from Amazon
| AS numbers.
|
| You need to be careful about open wifi which despite the
| claims is different - traffic will egress as you - so if
| someone jumps on and does some stupid stuff, you can
| create a fair bit of pain for yourself.
|
| Most folks experience free improvements to echo after
| purchase. That is part of the value people see in these
| devices. The network effects get stronger with time. All
| of the use of these systems requires agreements to TOS
| that mean you really don't own / control the device,
| amazon does. Worst cast, when the megacorps close your
| accounts, you can actually lose access to lots of stuff
| that it feels like you "own". All your photos, all your
| email, maybe media content, books etc.
| duxup wrote:
| Care to summarize? (I'll be honest I'm not going to listen)
|
| Most of the articles I've seen that argue that it 'isn't scary'
| are along the lines of.
|
| - It's not a lot of bandwidth.
|
| - It seems pretty secure.
|
| For me the concern is that if either of those become not the
| case, intentionally or not... that's a very bad thing.
| ww520 wrote:
| It's not just the security. It's the blatant "utilization" of
| the consumers' devices, bandwidth, and electricity.
|
| What's next? How about, hey, we'll mine bitcoin while your Echo
| is idle.
| dec0dedab0de wrote:
| It's bad enough when internet providers do it with the rented
| modem/router/AP/VOIP combo devices, and then it's only the
| power they're stealing.
| teachingassist wrote:
| I don't particularly find it "scary", but it is monopolistic
| practice.
|
| Amazon are using their devices to get a lead on the
| competition, and in a way which consumers are unlikely to think
| is fair.
|
| If a company approaches me wanting to put infrastructure in my
| house (that only benefits them and may incur charges to me),
| they should normally expect to pay rent.
| aorth wrote:
| I think it's definitely scary. How is this even legal? In
| what world is it OK for Amazon to co-opt _my_ internet
| connection and share it with random passers-by? Even if it 's
| only 80kbps and 500MB/month (as another commenter pointed
| out), this will be just the beginning if they get their way.
| It will set a precedent for them and others. And they _know_
| that most people won 't notice or care enough to turn it off!
| This is just disgusting arrogance from Amazon.
| teachingassist wrote:
| There once was a time when I was happy to share my wi-fi
| with my neighbours.
|
| Everyone pays for their own household now, only because of
| general corporate scaremongering and specific lobbying to
| claim that the owner is liable for misuse.
|
| I remain surprised there isn't a bigger movement and open
| source infrastructure for sharing connections locally.
|
| If I was able to share a few connections with my apartment-
| neighbours, that would be cheaper and more reliable than my
| current setup.
| VRay wrote:
| That's a good point
|
| Personally, I'd be happy to share my connection with
| another human being
|
| This isn't really the same thing though, it's Amazon
| treating all its customers like a harvestable resource,
| and reselling that resource as a value-add for their
| other products
| kstrauser wrote:
| Really? I think it's worse than most headlines make it out to
| be. I wrote up some thoughts at
| https://honeypot.net/post/tripping-on-cracked-sidewalk/ , but
| the TLDR is you're allowing unknown parties to bridge their
| network with yours. That's one single mistake in the protocol
| or implementation away from all sorts of horrid failure modes.
| bobthechef wrote:
| Incidentally, how do people working at Amazon and other FAANGs
| justify their cooperation or even direct role in BigTech's onward
| march toward total control and saturation and its use of abusive
| and coercive practices? I'm sure many of them frequent HN. I'm
| sure many on HN would like to hear what they have to say.
| InitialLastName wrote:
| 1) It's green and smells like paper
|
| 2) [This is also true of military-industrial work] they get to
| solve all the best problems
| gertrunde wrote:
| Is this massively different from the way Apple tags are tracked
| by Apple devices that are not the tag owners devices?
| [deleted]
| azinman2 wrote:
| It seems to be. It can use up to 500mb/month of data, and is
| more than just for tracking something with tiny payloads of
| anonymized data.
|
| But it doesn't seem to be sharing your internet like a lot of
| people seem to claim. I guess the fear is that there's some
| security vulnerability that makes that more possible?
| kstrauser wrote:
| From their FAQ: https://www.amazon.com/Amazon-
| Sidewalk/b?ie=UTF8&node=213281...
|
| > When Sidewalk is on, your Bridge can share a low-bandwidth
| connection with Sidewalk-enabled devices, like sensors and
| smart lights that are installed in locations around and
| outside your home where wifi may not be available. Amazon
| Sidewalk does not support high-bandwidth connections like a
| wifi or cellular network would, so you would still use those
| connections for streaming movies, posting on social media or
| sending email.
|
| It does share your Internet connection. By default, an Alexa
| device in my house would be negotiating a connection sharing
| arrangement with my neighbor's. If/when a vulnerability is
| found in these devices, an attacker on my neighbor's network
| will have connectivity to a node on my network. Now imagine
| the case where a small business has a vulnerable Alexa on
| their network to play some music in the office. Anyone who
| could get a hacked Alexa within 900MHz range of that office
| would have access to that office, open file shares, etc.
| methodin wrote:
| Anyone know what happens if you don't have a device that supports
| Sidewalk (I have a really old Alexa) but want to opt out for the
| future? I don't see the Sidewalk option on the Alexa app.
| remarkEon wrote:
| Article doesn't mention it, but this is how you opt-out (there
| are others but this one has screenshots).
|
| https://www.tomsguide.com/reference/what-is-amazon-sidewalk
|
| Added to my list for the next time I'm on the phone with my
| parents, for our (weekly at this point) how-to sessions on
| "stopping the industry I work in from spying on you". I really,
| really wish product managers would understand the kind of
| ecosystem they're building, and the kind of customer blow-back
| they will enable by optimizing for $$$ under the guise of "making
| things easier".
|
| Side question: what problem does Amazon thinks this solves? Bad
| connectivity experiences for Ring users?
|
| Edit: changed the link to a better guide linked elsewhere in the
| thread
| nanidin wrote:
| Every time this Sidewalk concern style story crops up (which it
| has several times over the last 6-12 months), I have rechecked
| that Sidewalk is disabled. So far I have not found it set to
| anything except for disabled. I hope Amazon isn't doing a
| gradual roll out to enable, as if I find it enabled at any
| point in the future, I am done with Amazon devices in my home.
|
| As far as I'm concerned based on Amazon Logistics performance
| in my area and the impact to the quality of other delivery
| carriers in my area, Amazon is not afraid to engage in a race
| to the bottom in the name of market share and profits. Opting
| me in to Sidewalk will be the straw that breaks the camel's
| back and sends me to anyone else except for Amazon when
| shopping.
| remarkEon wrote:
| I bought my mom an Echo for Christmas last year for the
| kitchen, since she likes making lists and setting timers for
| baking and her hands are starting to show their age (she's
| 63, 'bout that time I guess). Really grating that what was at
| one time a helpful device for older folks is now
| retroactively being turned into yet another internet
| surveillance device.
| philwelch wrote:
| With all due respect, it's a microphone connected to the
| internet that you are meant to install in your home. How
| are you surprised to see it used as a surveillance device?
| teknopaul wrote:
| no no no, you should not expect people to behave badly.
|
| I agree with the sentiment that it is a crying shame this
| technology could be used to help people for whom
| keyboards become complicated but instead it's used to
| trick them.
| philwelch wrote:
| > no no no, you should not expect people to behave badly
|
| Should you not?
|
| There's a bit of a spectrum of that. On one end of the
| spectrum, we all leave our front doors unlocked and our
| car keys in our parked cars in case someone is stranded
| and needs to borrow our car. Most of us don't do that,
| but that's what a truly high trust society looks like.
|
| I think it's prudent to expect any large tech company to
| violate our privacy to exactly the degree they are
| physically capable of. It doesn't mean we should morally
| approve of them living down to our low expectations of
| them, any more than we should morally approve of burglars
| and car thieves exploiting the naivety of people who
| think they don't need to lock up their homes and
| vehicles.
|
| And yes, it is a crying shame that we live in a low-trust
| world.
| ryanianian wrote:
| > retroactively being turned into yet another internet
| surveillance device.
|
| Oh, and an ad-delivery mechanism. Ask Alexa to set a timer,
| and sometimes she'll rebut with "while you wait why not try
| Amazon Music!" It's absolutely infuriating.
|
| I emailed jeff@amazon.com (VIP support team) and they
| confirmed it could not be disabled by normal means. They
| disabled it on their end but then had to do it again when
| somehow it got unset.
|
| The "start with the customer and work backward" mantra that
| used to be strong in the company is now completely ignored
| for Alexa it seems. The first domino has fallen. I suspect
| we'll see many more fall as a result.
| philsnow wrote:
| > what problem does Amazon thinks this solves? Bad connectivity
| experiences for Ring users?
|
| I wrote my guess elsewhere in this thread:
| https://news.ycombinator.com/item?id=27358758
|
| tl;dr Amazon will resell access to Sidewalk to device
| manufacturers, allowing them to cost-effectively bridge the
| "telemetry gap".
| stingrae wrote:
| 100% this. as a device maker, sidewalk is a potential game
| changer for low power connectivity and finally a path to
| lorawan finding wide spread adoption
| Taniwha wrote:
| except that, unlike ble, lora lives on bands that are not
| the same world wide - there is no region 3 ISM band - here
| in NZ the US ISM band is right in the middle of one of my
| cell phone company's bands
| stingrae wrote:
| this is true but in practice it's not a big deal.
| Companies don't usually do a single sku for the whole
| world especially with the certification requirements.
| Taniwha wrote:
| I (pre-covid) visit the US a lot and often bring stuff
| back. I'm used to turning off/switching the US-DECT/etc
| when required but in this case Amazon has snuck extra
| functionality into my home without my knowledge.
|
| Of course when the radio inspector comes knocking on my
| door because Amazon has loaded the wrong firmware into my
| box (without my knowledge) it's me who's breaking the
| law, not Amazon
| duped wrote:
| I don't like the idea of my neighbors piggybacking off my
| data and power hookups. Why aren't device manufactures
| figuring out how to make things that don't require
| something like sidewalk to exist?
|
| It's not that difficult to run cable and use power over
| ethernet.
| stingrae wrote:
| the key use case for sidewalk is away from your home.
| Ethernet doesn't fix this. Presently cellular is the only
| real solution.
| wearywanderer wrote:
| No bones about it, this is Amazon's response to
|
| > _If you don 't want your smart tv to spy on you, then don't
| give it your wifi password._
| twoWhlsGud wrote:
| "the street finds its own uses for things" (Gibson) is
| rapidly becoming "the wall street finds its own uses for
| things"
| teknopaul wrote:
| How's does it stand legally stealing people's Internet
| connection and selling it to people who don't have the
| password.
| prepend wrote:
| Legally, every Amazon device user agreed to a TOS that
| lets Amazon do whatever they want and change at any time.
|
| So we're kind of lucky they at least announced it as they
| could have just turned it on and opted everyone in.
| criley2 wrote:
| It's the same thing Apple is doing. They want every device to
| be a part of a low-power BLE network for Apple AirTags or
| Amazon Echo Tiles or whatever they are. They want a huge
| network so that these small low power devices can use everyones
| devices to connect to the internet.
|
| For what it's worth, the only way to Opt-Out from Apple's broad
| network like this is to disable all "Find My" network tracking,
| so you'll never be able to remote control your own phone using
| its standard radios if you wish to disable the tag network
| stuff.
| caylus wrote:
| > the only way to Opt-Out from Apple's broad network like
| this is to disable all "Find My" network tracking,
|
| Not true. I just checked on my own phone, and the toggles for
| "Find My iPhone" and "Find My network" are separate.
| Disabling the latter only warns you you can't locate your
| phone "even if it's offline", i.e. if the "standard radio" is
| off.
| Scoundreller wrote:
| To be honest, I find these ad hoc mobile mesh networks
| fascinating.
|
| With cheap flash, we could do a lot of high-latency high-
| bandwidth data transport with just existing movements.
|
| We could eliminate telecoms overnight but we just don't have
| the organization to do it. Like, every house used to have a
| VHF/UHF receiving tower on it.
| drivingmenuts wrote:
| Does it not also introduce the possibility of introducing
| possible vulnerabilities by sharing connections? I
| generally have a pretty good idea of what I'm doing on a
| network, but now my neighbor might be up to no good on my
| network and that seems like it would be a potentially big
| problem.
| Scoundreller wrote:
| Depends how it's structured. At best, you're like a TOR
| relay and have no real idea of what's going in or out.
|
| But if you act like an exit node, you could be screwed if
| you live in a place where an IP is enough to be found
| guilty and nobody runs a public wifi. But you can always
| tunnel your outside traffic out over TOR.
| dasudasu wrote:
| There are tons of cellular network antennas hidden atop
| buildings in regular urban environments. Thankfully, in the
| current paradigm, telcos pay rent to put down these
| antennas and occupy the space.
| FredPret wrote:
| A content "delivery" network running on human movements.
| Now that'd be an interesting routing problem.
| Scoundreller wrote:
| Not just human movements, but any movements. In Northern
| Canada, we have tons of fly-in communities that
| exclusively use satellite internet.
|
| And few good opportunities for caching either.
|
| Would be cool to have a seamless system where you put in
| your Netflix request and a couple days later, the shows
| arrive because the aircraft has a Pi loaded with SD cards
| on it and boots at ground level.
| bellyfullofbac wrote:
| Hah. Well, humans have easily predictable movement
| patterns right? Home, work, grocery store.
|
| Imagine wanting to move data from city A to city B, so
| they'd decide to do a Tinder match of a girl from City B
| to this guy from City A, so he'd visit her a lot and be
| the data conduit...
| debo_ wrote:
| This is a terrific idea for a short story.
| a4isms wrote:
| The idea of a mesh network is not what concerns most people.
| It's the idea that devices from Amazon connect to it
| automatically and can do whatever they want with it.
|
| The canonical anti-example is this: You buy a smart TV, but
| don't give it your WiFi password. No problem, it connects to
| any Amazon device whether in your house or next door, and now
| it can sell information about what you watch, how many people
| its camera can see are in the room, words you say aloud in
| its presence, &c.
|
| At the engineering level, Apple's mesh looks like Amazon's
| mesh in exactly the same way that at the engineering level,
| an iPhone looks a lot like a high-end Android phone. What's
| different between them is what Amazon uses its mesh network
| _for_ , just as what's different between an iPhone and an
| Android phone is what Google uses its access to your devices
| for.
|
| Apple obstructs adtech and tracking. Google builds its
| business on adtech and tracking. Apple uses its mesh network
| to find items. People fear that Amazon will use its mesh
| network to spy on you in the name of revenue.
| bootaccount wrote:
| Amazon's Ad business is a monster that is growing faster
| and faster [1] so they'll want to track and absorb as much
| data as possible. FireTV is one of the noisiest devices in
| my home, second only to Roku, constantly phoning home.
|
| Selling access to a mesh network to other providers will
| become an additional source of recurring revenue from what
| would have otherwise been one time revenue source (hardware
| sale).
|
| It will be no different than Amazon competing w/ FedEx and
| UPS using it's delivery engine
|
| [1] https://www.cnbc.com/2021/04/29/amazons-ads-business-
| nears-7...
| deanCommie wrote:
| > People fear that Amazon will use its mesh network to spy
| on you in the name of revenue.
|
| Amazon's track record with privacy and security is much
| more Apple-esque than Google-esque
| aplorbust wrote:
| Do the parents understand that spying on people is how the
| industry makes money? Surely, "the industry" would not spy on
| people without a "business" reason. There seeems to be a belief
| by every participant in "the industry" that they must learn
| things about users and they should not always have to ask
| permission to gather such information.
|
| Sometimes people on HN try to analogise to something like a
| retail industry where a customer can be observed through their
| purchases. However there is a major difference. The purchase.
| That is the ultimate goal of the retailer attained. A purchase.
| Users of "free" products and services generally do not make
| purchases. They are not fulfilling the goal of a business: to
| make money. Thus, the company must find paying customers
| somewhere else.
|
| Particularly amusing is the oft-used "justification" of [we spy
| on you] "to make our ["free"] products and services better."
| Sometimes participants in "the industry" suggest they are
| trying to make products and services better for users. Other
| times it less clear exactly who the improvements are
| (purportedly) intended to benefit. Of course the ultimate goal,
| because this "industry" of spying is considered by them as a
| "business", is to make things better for paying customers. If
| they fail to collect information from users, they do not make
| money and the "business" fails. Even non-profits supported by
| deals with advertising companies feel compelled to conduct
| "telemetry". Not learning about users is deemed unacceptable.
|
| "Spy or die".
| deanCommie wrote:
| "extend the low-bandwidth working range of devices to help find
| pets or valuables with Tile trackers, and help devices stay
| online even if they are outside the range of their home wifi"
|
| Seems like a genuine customer problem. If you want to set up
| smart lights through your back yard, or a smart sensor at the
| edge of your driver, they might not have WiFi connectivity to
| the rest of your house.
|
| Hence the Sidewalk metaphor - a mesh network allows the devices
| to hop access from one another.
|
| There is also a pretty detailed Privacy/Security Whitepaper and
| it's important to point out this before any alarmist "Amazon is
| spying on you!" pearl clutching: https://m.media-
| amazon.com/images/G/01/sidewalk/final_privac...
| hermitdev wrote:
| > Seems like a genuine customer problem. If you want to set
| up smart lights through your back yard, or a smart sensor at
| the edge of your driver, they might not have WiFi
| connectivity to the rest of your house.
|
| That sounds like a "you" problem, not a "me" problem. If
| "you" are setting up smart devices where "you" don't have
| connectivity, "you" should provide the connectivity, not
| "me". (Note: I don't have a problem with devices piggy
| backing on/extending their owner's network).
|
| TFA mentions possible issues with FTC and TOS violations with
| customers' ISPs. But what about overages? Who's liable for
| those? Is there going to be a metered breakdown of network
| usage? Will AMZN cover costs of overages due to neighbor
| usage? What about potential liability issues? Infosec issues?
|
| This just sounds like a too easy setup for a class action
| lawsuit.
| barbazoo wrote:
| I agree. And what, you're gonna rely on some neighbor's
| AMZN device proxying the internet for you? I hope the
| availability of that "smart" sensor or whatever isn't too
| important.
| Spivak wrote:
| Can Apple devices use your mobile data to participate in
| the FindMy network? This seems like a weird line to draw.
| amelius wrote:
| Can't we have a strong consumer organization which can actually
| enforce that companies are not building stuff that works
| against the consumer?
| giantg2 wrote:
| Ew, no thank you. Another reason to buy 'dumb' devices or
| homebrew your own solution.
| system2 wrote:
| That's it. I am unplugging all amazon devices now.
| derekp7 wrote:
| Question -- I'm assuming most ISPs have something in their terms
| that prohibit a customer from sharing the connection. So with
| Amazon inducing a violation of customer terms of service, I
| wonder if ISPs will go after the customers, or go directly after
| Amazon for triggering the violations?
| Aissen wrote:
| If the traffic is tunnelled, then customers aren't really
| sharing their IP address, and undetectable at the network
| level. What remains is a purely legal question.
| warmfuzzykitten wrote:
| This is a terrific example of a permission that should be opt in.
| surround wrote:
| A thread from last year describing this tactic:
| https://news.ycombinator.com/item?id=22798118
|
| Stack overflow's TOS has a binding arbitration clause, [1]
| despite overwhelming user feedback to the contrary. [2] Y
| Combinator's TOS has an arbitration clause. [3] This also applies
| to Hacker News.
|
| [1] https://stackoverflow.com/legal/terms-of-service/public
|
| [2] https://meta.stackexchange.com/a/309756
|
| [3] https://www.ycombinator.com/legal/
| monkeynotes wrote:
| Why the dickens isn't this opt-in? Now we live in a world where a
| corp can sit on your own home network and do business using your
| bandwidth without you explicitly agreeing. Not to mention the
| potential for security issues.
| local_dev wrote:
| We all know the answer to this. It absolutely should be opt-in,
| but they know that around 96% of people will never opt-in. See:
| iOS 14.5 privacy changes.
| kergonath wrote:
| Making something opt-out because you know that people would
| not opt in voluntarily is a class of evil on its own. It is
| simply fraud and deception.
| Dah00n wrote:
| Like Apple Amazon will change to OPT-IN when it is in their
| own interest and likely only after killing off some
| competitors. So maybe in a few years time..
| williesleg wrote:
| I'm sure they all do that under the covers.
| toddh wrote:
| This option does not exist on my alexa app. So...
| atkailash wrote:
| Somewhat confusingly (intentionally I'm sure) it's not a device
| setting but an Account Setting in the app
| noobermin wrote:
| I'm honestly surprised this is legal at all.
| thatguy0900 wrote:
| Has anyone ever tried to do something like it to see? Maybe it
| won't be
| siavosh wrote:
| Doesn't this break the terms of service for most ISPs? I remember
| during the last crypto-craze, there were attempts to monetize
| this resharing with tokens of some sort and the ISP's put an end
| to that real quick with legal threats against anyone reselling
| their internet. Even if this is free Amazon sharing, I'm sure
| some business is being built off of it?
| topspin wrote:
| > Doesn't this break the terms of service for most ISPs?
|
| Probably.
|
| Amazon is operating on the premise that it's easier to ask
| forgiveness than obtain permission.
| atomicnumber3 wrote:
| I just disabled Sidewalk on mine a few days ago. This feels like
| it could be part of the plot of one of RMS's short stories a-la
| Right to Read. Jeez. What a joke. Not a ha-ha joke, you know what
| I mean.
|
| That said, part of me (a very small part, mind you. Infinitesimal
| even.) wonders if in some weird way this will be good for the
| internet? Suddenly, thanks to Amazon, an IP address is no longer
| a person and you can point to Sidewalk as a concrete example that
| isn't just owner negligence.
|
| Mind you that's a very thin silver lining for such an absurdly
| large can of worms, but I digress.
| Buttons840 wrote:
| Establishing that precedent can't hurt mesh networks.
| atkailash wrote:
| Mesh networks would be great. But should be opt in
| sys_64738 wrote:
| T1000: Hey Alexa, you're Terminated.
| kiseleon wrote:
| I noticed this option in my settings months ago and disabled it
| then.
| jnet wrote:
| I had disabled it as well, but just checked and it was re-
| enabled.
| batmaniam wrote:
| > Users can disable Sidewalk in the settings section of the Alexa
| or Ring apps, but have until 8 June to do so. After that, if they
| have taken no action, the network will be turned on and their
| devices will become "Sidewalk Bridges".
|
| Wait so what if a user buys Alexa after June 8? Are they
| automatically enrolled into this mass wireless sharing program
| with no way out?
| forengi wrote:
| If you buy a Helium hotspot you can get paid crypto (HNT token)
| to provide the same service Amazon is extracting from your Alexa
| for free
| landonxjames wrote:
| I was worried that my Eero routers were going to get roped into
| this, but thankfully the CEO confirmed on Reddit[0] that there
| are currently no plans to involve their products in Sidewalk.
|
| [0]https://www.reddit.com/r/eero/comments/nnvs20/amazon_sidewal..
| .
| wearywanderer wrote:
| No plans... at least until Amazon offers them a big enough
| bribe.
| 1123581321 wrote:
| Amazon owns them. If you knew that, apologies, it wasn't
| clear to me.
|
| Regardless, Sidewalk doesn't make much sense for Eero since
| it provides the traditional Internet access points for the
| IoT devices that make up the Sidewalk mesh.
___________________________________________________________________
(page generated 2021-06-01 23:01 UTC)