
I signed up to write apps for my Amazon Echo, Amazon sent me an NDA - Sidnicious
I ordered an Amazon Echo as soon as it was announced. Privacy concerns aside, a device like this could be the perfect UI for a smart home. My main interest in the Echo was (and remains) developing for it. Could I ask it about the status of my backups? Turn on lights and air conditioning? Use it to verbally send email while cooking? The possibilities were enticing.<p>I signed up for the beta API here:<p>https:&#x2F;&#x2F;developer.amazon.com&#x2F;public&#x2F;solutions&#x2F;devices&#x2F;echo<p>This week I got the below email. It promises access, but only if I agree to an NDA. I was planning to do all of my development on GitHub, permissively licensed (or public domain), and of course I&#x27;d want to get feedback and ideas from friends and other developers. It also makes me question how friendly the Echo will be to hackers and open development in the future — do I really want to invest my time in it?<p>I understand that NDAs have their place, but I don&#x27;t think this is one. I have experience developing for Apple devices, where any information relating to prerelease OSs is covered by NDA, and it&#x27;s easy to find questions on Stack Overflow where someone asks an innocent question and is immediately shot down by another developer: &quot;This API is embargoed.&quot; I don&#x27;t want to encourage that spirit in the developer community.<p>Have any other developers signed up and gotten this email? If you were in this situation, would you fight it?<p>The email and NDA: https:&#x2F;&#x2F;gist.github.com&#x2F;Sidnicious&#x2F;c0483c73653b3c2c619f
======
supergeek133
This is typical for a high-importance API that a company starts as private or
closed.

Generally these are big B2B partnerships.

They might go public eventually with it, but until then most people will
probably experience this.

Source: Have run (and do currently help run) a couple of private API programs
for large companies.

EDIT: Part of the reason they are doing it is because their API might be crap
right now, or rife with potential security/use case holes. They don't want
open apps out there either yet. Basically they are trying to control the
experience.

------
nooneelse
Warning, dirty, dirty, quick hack idea ahead... to use it for voice interface
alone with all thinking and actions done by some other computer or machine(s).
Encode commands for the other computer as sound files which that computer can
listen for. Using just a few, easy to bandpass-filter tones in the sound
files, one can encode a great many commands that are easy for the actual
automation machine(s) to distinguish. (One bit of beauty here to this hack is
that, it doesn't even have to be a single automation computer hooked to
everything, little embedded systems throughout the house can each listen for
just the commands they need to worry about.)

Then one says "Echo, play 'Start my heating'". The Echo plays what it thinks
is a short song named 'Start my heating' by that band "My Hacked Home
Controls" which you seem to like so much, which goes "beep beep boop whisle
click", and the other machine(s) hears that easy to interpret command and does
what you want. If you need information back, have the(a) machine put that
information into a "Results" sound file and add/overwrite it to the
command/music library which the Echo can see and play from, then tell the Echo
to play that file for you to hear. You say, "Echo play 'Backups Status'" and
it plays the voice you assigned to your backup monitor telling you whatever.

Basically, the Echo becomes a translation droid between you and the
computer(s) that you have deeper/more control of. And as a bonus, depending on
how you encode the commands into sounds, you might be able to learn some of
the more common whistle sequences from your translation droid, and just do
them yourself.

~~~
supergeek133
You just turned it into the Rube Goldberg version of Home Automation.
Hahahaha.

------
olivierduval
On the Echo page: "If you are interested in being part of a limited-
participation ___beta ahead of the SDK 's public release_ __, please provide
your contact information. "

I don't see any problem here: RIGHT NOW they're not ready to show anything
PUBLICLY (and to be bound to an unstable API for example) but when everything
will be completly cooked, they'll make it public

The NDA is just a way to ensure that the API wont become a de-facto liability
and wont be made public by good souls... ;)

~~~
supergeek133
The one thing that fellow big companies never get is that people find it
anyway (see, Snapchat)

~~~
halviti
I don't think they care so much about people finding it, as they do all of the
people who will try to build their own businesses around the API and then try
to sue when the API changes.

~~~
supergeek133
That's also true.

------
skywhopper
I don't think it's worth a fight. Either you are willing to agree to Amazon's
terms for access or not. I agree that NDAs are usually dumb, and this one is
as well, but I also doubt that access to this developer program is worth the
effort it would take to change the practice.

My guess is that Amazon realizes the capabilities of this device are toeing
the line of acceptability to most people, and they are taking whatever steps
they can to avoid bad press (such as an app developer revealing how much they
can eavesdrop, or what security or lack-thereof exists).

------
andrewguenther
Disclaimer: I'm an AWS employee

"If you are interested in being part of a limited-participation beta ahead of
the SDK's public release"

It says right there that the SDK is going to go public. Can you blame them for
wanting to slowly ramp up their API capacity and not have a sea of devs
whining every time their early beta API changes? Why must everything be evil?

~~~
chc
That's a valid concern, but what does a non-disclosure agreement have to do
with that? If they don't want people to use their API, can't they just not
authorize them to use the API? I don't see how a full NDA is necessary for
that.

~~~
andrewguenther
Maybe so the initial impressions of an incomplete API won't make others think
that it isn't a platform worth developing for? I really don't know the answer,
but I could see it from a "brand image" perspective. You don't want people
spouting all over the internet how much v0.0.01-alpha of your API is
absolutely terrible and turning other developers off to your platform in the
future.

------
jbob2000
You're an exception. They don't want people hacking around with it making apps
for themselves and friends. They want proper shops making apps for a
marketplace, with a specific business directive and opportunity for
monetization.

I know that sucks, but if you want something more open, perhaps there is
something you can do with a Raspberry Pi w/ some kind of voice module?

~~~
jordigh
> I know that sucks, but if you want something more open,

Raspberry Pi isn't all that "open", either, but I suppose at least it doesn't
have an NDA. See the Issues section here:

[https://wiki.debian.org/RaspberryPi](https://wiki.debian.org/RaspberryPi)

~~~
TD-Linux
This page is rather out of date since the release of the VideoCore IV
documentation and open source driver work for it. I would consider it an order
of magnitude more open than the Echo.

------
moron4hire
What I think a lot of people don't realize is just how easy speech recognition
is these days. By that I mean, to create an application that has as good of
voice recognition capability as, say, Google Now, is not that much harder than
setting up any other event-driven input system. I'm sure the actual
recognition of speech is quite difficult. But there are a fair number of APIs
available that make it easy to _use_ in your applications.

Almost every programming language has a canonical API that is extremely simple
to set up. In .NET and Google Chrome, it's even first-party, and I only
mention those because they happen to be the ones I've used.

And text-to-speech is no different. You can get to "good enough" so easily
that I'm somewhat perplexed why more people don't do it.

I just think there is a perception that adding a speech recognition feature to
your app is "hard". It's difficult to design a good speech-based user
experience (I've found longer phrases work better than single-words, and it's
good to try to match on homophones as well), but actually integrating the code
is not that tough.

So I would encourage you to ignore Amazon. Seriously, you could make this in a
weekend in a Google Chrome browser on an Android device that you plug a nice
microphone into.

~~~
SyncTheory13
I was thinking about making my own as well! I haven't done any research but
you'd need a smartphone dock, a good microphone/speaker (wireless
microphones/speakers around the house?!?). Better yet, mount a tablet on the
wall somewhere convenient/attractive (living room, next to thermostat, etc.)
and wire everything behind it.

Change Android settings to always listen when screen is on, then keep screen
always on (dims when not active). Voice-controlled App support galore! Google
Now! Develop whatever you need/want!

The Echo is a neat idea put into action, but it can be hacked together in a
much better way, very easily.

~~~
moron4hire
I've thought about doing it, but I don't already have the devices in my home
that are capable of being automated and I've got enough money dumped into
projects that required bits like this that I never finished as it is.

I would, however, be interested in trying to create a room simulator. I did
work on living space automation for a while, a few years ago (specifically for
hotels, not homes). One of the most difficult parts of designing good user
experiences was the lack of ability to rapidly test, due to the need to setup
a ton of devices, associate them together, maybe even flash them with new
ROMs. You could get in two, maybe three tests as day, if you were really
cooking. I wanted to be able to test as fast as I could compile code, you
know, like I had gotten used to in every other software project I had ever
worked on. But electrical engineers work with primitive tools and seem to like
it.

------
TimSchumann
Correct me if I'm wrong, but isn't every single early access or developer
agreement from Apple just as restrictive in wording?

I'd say sign it and start developing.

Either the product will reach critical mass and the NDA will be much more
loosely enforced, or it will fail and the NDA won't matter. With big companies
you'll always have to sign something like this to get into their walled
garden. Try not to let it get in your way.

~~~
sjdev
As of this last year's WWDC I think Apple is finally backing down on that.
None of the presentations carried the usual alert to not share what you have
seen in there and they have started (slowly) opening new OS X and iOS betas to
the public.

------
captn3m0
I'd probably think about returning the device, if I were you. Keeping an API
closed is their decision, and they can build proper authentication around it
if they want to, but keeping all knowledge of the API behind bars is a bit
excessive.

~~~
supergeek133
Not in the short term. They want to limit exposure, and probably collect
feedback and make changes before throwing it out to everyone.

There are version guarantee considerations to make.

Also, having told my current company this, people will find the API and expose
it anyway.

------
PSeitz
I don't think this is too bad until the official release. Amazon probably
doesn't want public discussions about unfinished products.

------
pnathan
Unsurprising. Personally, I won't have an Echo in my home, and I wouldn't
really feel comfortable around one in someone else's - I wouldn't sign up for
the dev program or the NDA for same. :)

------
bhuga
This NDA has no expiration, neither date nor conditions. You're arguably bound
by it after the API is public. Yuck.

~~~
keithgabryelski
that's not how NDAs work publicly available information can be talked about.
you may be held to any constraints in the NDA associated with disparaging
comments -- but about the actual information -- public is public

~~~
bhuga
To be fair, the agreement is clear that it only applies to 'confidential
information' as opposed to reviews or things you create (and as opposed to
feedback "provided to Amazon", which they own).

But 'confidential information' is not defined in the agreement, and without
expiration, I'd still be nervous. Perhaps I overworry.

------
echosmith
Once the SDK is publicly available, putting your code on Github should be
fine. I work for the Echo team and we want to engage hackers and open source
and create a community around the product. But right now the API is a work in
progress and we don't want to build too much hype around it until we are
confident that we've got it down right.

------
pingswept
I wouldn't fight it, but I wouldn't sign it either. I won't develop for a
platform with that level of restriction.

------
SimpleXYZ
I can't wait to get my Echo. All I want is for the wake up word to be
"computer". Is that so much to ask?

~~~
daveloyall
That is not too much to ask. I support you!

------
taylorbuley
This is how they rolled out the Kindle SDK. That app platform was a flop, but
I'm sure there were a number of contributing factors.

------
djim
sign the nda and don't disclose your work until the api is made public. this
is really not a big deal.

