
I stayed in a hotel with Android lightswitches and it was as bad as you'd think - pjc50
http://mjg59.dreamwidth.org/40505.html
======
ChuckMcM
So sad. I find the mechanics here really challenging to overcome. The hotel
management no doubt wants "really cool tech" for their hotel to show they are
up to date etc. And they send out an RFQ which someone bids on, really
cheaply. Knowing that by only doing the things the hotel asks for, they can
throw something together quickly and cheaply for a big payday.

This is _exactly_ the mechanism that gets people in trouble going to China for
manufacturing. They say "I want you to build widgets" and they get a good
price quote, and say "Wow, this is awesome!" because they have in their mind
that "making things in China is cheap" but in reality its that if you cut a
lot of corners you can make things really cheap, and since the contract
doesn't say you _can 't_ cut corners, it is all "perfectly" legal. But the
manufacturer knows what the buyer doesn't, and exploits that information
asymmetry to make money at the buyer's expense without the buyer having any
true recourse.

The hotel in question could have said in the RFQ, "System will be impervious
to network traffic snooping and at no time will systems or a guest supplied
computer be able to access the controls in another room."

Had they said that, the price quotes would have gone up and had the system the
author speaks of been delivered, the Hotel could recover the costs of
installing it from the vendor. But they hotel didn't even know they _needed to
ask_ for that since they no doubt would assume, "nobody would make something
that shoddy would they?"

I learned about this when I saw one of the rules in a NetApp hardware contract
that said "Manufacturer will install all components shown on the schematic on
the final units in their designated locations." That seemed really odd. I
learned that before that clause had been part of the standard contract, there
had been a manufacturer who decided unilaterally that half of the noise
suppression capacitors in the schematic were "unneeded." Units from that
manufacturer started failing in odd ways in the lab.

~~~
Jean-Philipe
I agree with you on all your points, except:

> This is exactly the mechanism that gets people in trouble going to China for
> manufacturing.

I keep hearing about the "cheap Chinese tech", even though nowadays a lot of
high-quality gadgets are really Chinese. Even Apple's products are mostly from
China. And it's not even for the cheap prices, it's because the entire
production chain is there[1]

The mistake is not going to China, it's going to China just in order to save
money - or anywhere, for that matter. I get that your point is not actually
about China, but saving money on the wrong things.

I'd just appreciate if we could stop using "Chinese" as a synonym for "cheap".

[1]
[http://www.heraldtribune.com/article/20120123/ARTICLE/301239...](http://www.heraldtribune.com/article/20120123/ARTICLE/301239999)

~~~
geon
The practice of unethical corner cutting seems somewhat rampant in China,
though. And isn't there a reason why cheap tools that easily break are said to
be made of "chineesium"?

~~~
anexprogrammer
But it is rampant in whichever location has the whole supply chain.

It was rampant in the US when there was the manufacturing workshop of the
world, and rampant in the UK when they were before them.

~~~
geon
That's interesting. What causes the correlation?

~~~
anexprogrammer
The full history of commerce. :p I'd suggest looking at the history of food
and drug regulation and testing, or weights and measures regulation if you
want more. The early years of both UK and US food and pharmaceutical
regulation is terrifying!

TL;DR Immature locations cut more corners. More regulation, experience and
reputation helps. Consumers are naive. Manufacturers want you to buy the same
things many times over your life.

In all markets, There's always going to be someone willing to cut corners to
secure a place in a market, or make a fast buck in a mature market. Or maybe
it's a new market that can't yet have matured. That's only part of the
problem.

As markets mature regulation increases and companies tend to trade more on
reputation (not always deserved of course. eg Beats headphones). Now there's
an opportunity to trade on the good reputation of wherever (Proudly Made in
America! / Britain! / Japan!), whilst selling you cheap crap. That's the other
half of the problem. The meaningless label to tell the consumer it's made
wherever they currrently believe is good.

In the early 80s most things Japanese were crap. Hifi sounded awful, but had
lots of LEDs. Bolts, tools and vehicles were made of soft cheese. Their
stainless steel rusted (I kid you not)! Honda made cam chains of special
stretchy metal and probably accidentally invented cheese strings. Now Denon
make very nice hifi, Teng make very nice tools and their cars are pretty
reliable.

Why pay £50 for a Snap On or Britool[1] spanner when there's an almost
identically packaged one, made in the same place, for £3 or £40? Only one will
last longer than you in daily use. One risks breaking on first use.

So, it would be more accurate to say "isn't there a reason cheap tools break",
"cheap materials break", "consumers naively expect $100 quality for $3.99" or
"dishonest people are dishonest" than blame a specific locality.

The ONLY thing that has changed is all manufacturers adding built in
obsolescence whenever possible. Now even the premium item is made to last
"just long enough" (to get away with), but that doesn't make any one location
especially good or bad at making stuff.

The only thing geography introduces is the further away it's made, the harder
it is to audit your supply chain. Racism and nationalism has no relevance
however.

[1] They're no longer British, or often made in Sheffield, they're just
another meaningless brand of Stanley trading on 100 years of reputation.
You're actually better served buying Teng these days.

------
stestagg
When I stayed there, it was just as soul destroying to use these things as you
might imagine.

The implementation felt like they'd asked a VB6 dabbler to implement it in
Java. Then stuck it in the cheapest 600mhz tablet they could find.

The UI was purely a button grid with distorted graphics, and dodgy typography.
Button presses took about 1/2 a second to respond, and every 5th press caused
the app to crash (adding a good 30 s to the experience).

My room had 4 tablets* in, and all of them behaved exactly the same way.

* the idea of a tablet to control the room is neat if it could be moved around. Like a remote-control. But for security (and using Ethernet) they were all fixed down. Making them far more useless than plain switches

~~~
x0x0
Light switches that can fucking crash!

Now I'm living in the future.

I keep waiting for this iot/we put a chip in it/etc to produce results _that
are an improvement_...

~~~
dcposch
[https://twitter.com/internetofshit](https://twitter.com/internetofshit)

Edit:

Here are the greatest hits.
[http://favstar.fm/users/internetofshit](http://favstar.fm/users/internetofshit)

By the way, it seems like extreme product fail on Twitter's part that I have
to go to a sketchy third party site to get the top tweets for an account.

~~~
esolyt
> By the way, it seems like extreme product fail

Not necessarily. They just decided not to have this specific feature. It is a
product design decision.

~~~
dcposch
Of course they decided not to have it. It's not like they aren't capable of
implementing simple features. I just think it's a dumb decision.

For _many_ Twitter accounts, the top tweets are a lot more interesting than
the latest tweets, especially if you've just discovered the account for the
first time.

------
thoughtsimple
I'm amused by the use of Modbus. I worked on Modbus networking back in the
1980's at Modicon (a company that disappeared long ago that created the
"standard"). Using a protocol invented before the internet to control devices
on a semi-public network is insane.

The original Modbus was designed to communicate with factory devices
controlled by logic controllers over serial and eventually over a custom token
ring network. Modbus got moved to TCP at some point when I stopped paying
attention. Modicon rejected TCP when I was there because the OSI model 7 layer
network stack was going to be the next big thing.

~~~
pjkundert
I think if people actually knew the true extent of the _debacle_ that
industrial control protocols are, they would pass out. If you ever want
nightmares, check out EtherNet/IP CIP protocol...

Of course, there are no security provisions whatsoever. If you can get a
device on the LAN, you're golden. Every device, fully open to monitoring and
control of every attached piece of equipment.

In the new world of inexpensive, battery powered LoRaWan to Ethernet bridges
with tens of kilometers range, I can't even begin to imagine the industrial
carnage we're heading for. A sufficiently funded attacker could find ways to
implant remote monitoring _and_ _control_ in virtually every facility, where
they can get a minimum-wage cleaning staff member hired. That means -- pretty
much every facility (short of military, perhaps).

Exciting times.

~~~
kogepathic
I recently went to a LoRaWan workshop funded by my megacorp (a utility
company). It felt like paying someone to try and sell you their stuff.

Anyway, what the LoRa did emphasize is that both the network layer and
application layer are encrypted with different keys using AES. This means
someone would have to compromise both layers to actually control the devices.

Buuut, given that both encryption keys are stored on the device, I bet someone
will just walk up with a chip clip and read the keys right out of EEPROM and
then the pretty lights will start.

Or they'll just hack the application servers. I've seen some really god awful
pieces of software in use.

A vendor once told me "it's so easy to admin our device over the internet.
Just go to 192.168..." And of course due to corporate politics we still bought
that piece of shit.

~~~
dzhiurgis
> read the keys right out of EEPROM

Usually keys are stored in a part that is not accessible directly, think of
SIM and bank cards. Actually lots of LoRaWan use SIM cards.

------
eloff
Turning lights on at 3 a.m. is a nuisance. Knowing when lights go on and off
can tell you when the people are not in their room - which could help if you
wanted to break in and steal their stuff. Overall quite disconcerting how lax
they are with security.

~~~
Kliment
I think the implication was that some asshole can obtain photos of you
sleeping by opening the curtains and switching on the lights in the middle of
the night. A nuisance, sure, but also a massive violation of privacy.

~~~
forgetsusername
> _the implication was that some asshole can obtain photos of you sleeping by
> opening the curtains and switching on the lights in the middle of the
> night._

So, somebody is going to set up shop across the way, in what is probably
another commercial building, commit a couple of crimes, all to take a picture
of some random, likely unidentifiable person sleeping in a hotel bed?

Personally, I'm not very worried about that.

I mean, it's not like there aren't easier attack vectors for creeping on
people in hotel rooms if you were so inclined.

~~~
na85
How about setting up shop next door to get pics of $random_politician getting
a blowjob for blackmail material?

~~~
protomyth
Or taking a shot at the clearly surprised and now well lit individual.

~~~
throweway
That would be hard to swallow

------
radarsat1
Maybe it's worse: If these are really off the shelf tablets, presumably the
camera can be turned on remotely. Though I'm sure the hotel would have put a
piece of black tape over it, right?

~~~
GotAnyMegadeth
And the microphone

~~~
gberger
And the GPS

~~~
chippy
Except they a) know where the room is anyhow and b) GPS doesn't tend to work
very well indoors

~~~
marcospri
And the Joke Sensor

~~~
cdelsolar
And my axe!

~~~
cdelsolar
The downvotes were worth it.

------
patcheudor
"Jesus Molina talked about doing this kind of thing a couple of years ago, so
it's not some kind of one-off - instead, hotels are happily deploying systems
with no meaningful security, and the outcome of sending a constant stream of
"Set room lights to full" and "Open curtain" commands at 3AM seems fairly
predictable."

Which takes us to this: "Any sufficiently advanced technology controlled by a
miscreant is indistinguishable from a possessed object in a Stephen King
Novel."

[http://thefutureisastephenkingnovel.com/assets/player/Keynot...](http://thefutureisastephenkingnovel.com/assets/player/KeynoteDHTMLPlayer.html#2)

~~~
logfromblammo
I can't wait until Random Q. Hacker can flood the lobby with blood from the
elevators.

And if you wonder why the blood reservoir has to be connected to both the
elevator shafts and to the Internet, I ask you this: who would want a _dumb_
blood reservoir in their hotel? I mean, _obviously_ you have to have one, but
wouldn't you rather be able to query tank levels from your phone and
automatically order refills online? Nobody wants to be the unlucky employee
that has to go up there with a dipstick at midnight during a thunderstorm,
right?

------
binarymax
I feel like I'm missing out on a huge bulk of money simply because when I have
ideas of "Internet of Things", I cant get over the security obstacles and
cancel the ideas. If only I just didn't care (or didnt know) and just
implemented whatever the heck brought in money from oblivious customers.

~~~
dcexqm
Under pressure in an interview, yesterday, I found myself saying "'The
Internet of Things' is short for 'The Internet of Things you don't need,
sending surveillance data you don't want, to people you don't know.'"

~~~
amelius
> to people you don't know

What is worse, your data being sent to people you _know_ or to people you _don
't know_?

~~~
reitanqild
I argue to people that I'd rather have my photos on Googles servers than on
the friendly local Dropbox clone.

Why? Because I know Google has systems in place to detect sysadmins browsing
in data unrelated to their job and I know they have fired people over it even
if was tought to have been done with good intentions.

Edit: as for tracking I wish they would up their game and stop providing ads
for <insert eastern country here>-dating.<tld-of-the-day>

I wish they would take into consideration that I am happily married with more
than 3kids, belongs to a subset of the population that has way less than 10%
divorce rate and I might even be in the market for a new car at some point.

In fact I would even tell them if they asked.

------
westi
This is the unfortunate outcome of a bunch of factors.

OEMs moving to XXX over TCP protocols which have zero security by default and
documenting this in the datasheets.

VAR installers switching to the newer products because CAT5 cable is cheaper
and easier to pull than what they used to use.

The previous solution was just as insecure but harder to hack because you
needed more specialised equipment.

I'm not sure how we are going to fix this without getting the OEM industry and
the industry bodies behind xxx over TCP to understand that they need to bake a
security model in.

~~~
westi
Also, for the particular case of MODBUS over TCP, MODBUS itself doesn't have
any security aspect (by design) it is a very simple byte read/write protocol
really.

[http://www.modbus.org/docs/Modbus_Application_Protocol_V1_1b...](http://www.modbus.org/docs/Modbus_Application_Protocol_V1_1b3.pdf)

~~~
thoughtsimple
Just read over their FAQ. They claim that Modbus over TCP is an internet
protocol. No where do they even mention security. I wonder how many devices
are sitting on IPv4 addresses that are completely controllable over the net
without a shred of security. Lovely.

~~~
westi
Previously: [https://blog.shodan.io/dont-be-
clever/](https://blog.shodan.io/dont-be-clever/)

> For example, you might know that Shodan crawls the Internet for industrial
> control systems (ICS). One of the most popular protocols in ICS is called
> Modbus that runs on port 502. At the moment, there are about 17,000 devices
> listening to Modbus on the default port. It turns out there are also 700
> devices listening on port 503, again a one-off sort of situation.

Probably over 20k by now

~~~
thoughtsimple
Thanks. Exactly as bad as I expected.

------
Spooky23
Technology for technology's sake is a real shitshow and a big problem.

I was in my friend's Honda Pilot the other day, which has the new trendy big
screen interface to replace the radio. I'm sure it is insecure junk, but more
importantly it is a nightmare for humans.

I have a BS in CS, have developed some enterprise apps, run major complex tech
programs successfully, and could program my dad's VCR in the early 80s. And...
It took me nearly 10 minutes to figure out how to turn off the radio on the
weird touchscreen.

To turn the radio on requires 4 clicks, and the key button is on the corner of
the screen, where it is least responsive to touch. I would probably be safer
driving with my knees and texting with two hands than controlling that radios.

------
baconizer
KNX, being one of the most sophisticated and proven building intelligent
protocol, widely adopted in Europe.

If anyone interested, cross scan its default IP interface port 3671 and, say
German telecom ISP IP range (and there is CSV available on www), with
efficient penetration test tool like masscan, challenge it with 0x0205, look
for 0x0206 on response.

Thousands of home and factories and commercial buildings welcome you with real
time datagrams on all their switches/appliances/presences/sensors/cams/...
Bonus point: writable!

------
pbnjay
The title is implying that Android is the culprit here, and not just a
horrible design and implementation.

~~~
diminish
yes i was also misled by the title. You read again, android in the text as
well as in the title as if something to do with the android OS is responsible
especially taking into account that the guy is a security developer at CoreOS.

* "I stayed in a hotel with Android lightswitches and it was as bad as you'd think "

Another title would be:

* "CoreOS security developer stays in a hotel, and hacks the light switches to.."

------
tedsuo
All that internet, and the android tablets are still just sitting on the wall
where the light switches used to be. What's the cost in hardware and
electricity to move from light switches to android tablets for an entire
hotel?

~~~
coldpie
Look, the sales guy gave the president a _really_ nice lunch.

------
nickysielicki
I feel like the only thing that can fix this type of mentality is a line of
products targeted towards annoying nerdy 13 year old boys-- the type of boy
that a lot of us were. We need to make it easy for them to abuse security
lapses in IoT products. When I was in middle school, I brought a universal
remote to class and turned on the television set. Yeah, _I know,_ I was a
badass. But these kids will do much more.

The problem is that when a software engineer goes to the front desk of a hotel
and complains about the security of the brand new Android-Powered Hi-Tech
system that they just put in, the person working the desk thinks, "Haha wow!
That nerd was a real Sheldon Cooper, like on the television!" and they don't
care at all. If you live in a bubble where programming and computer work is
black magic, well then of course it is completely inevitable that someone so
nerdy and so smart would be able to hack everything on the planet. So they
don't really think there's anything to be done.

When it's a group of annoying little 15 year olds that sneak out in the middle
of the night to wake up all of your guests, it's a lot bigger of a deal.

~~~
wpietri
Not sure why this is getting downvoted. This is a big part of what happened
with internet security over the years.

Back at the dawn of time, less than a billion seconds from epoch, it was
considered rude to exploit obvious security holes. People would actually track
down casual hackers and get them in trouble. But once script kiddies came on
the scene, it became a lost cause. Once it could be any 14-year-old idiot on
the planet scanning your ports and exploiting your old, unpatched software, it
became clear that tacit agreements and social pressure weren't enough. The
burden of security began to shift to people who created the software.

------
mataug
This whole IoT craze is turning into a nightmare. People are building all
kinds of devices in complete ignorance of Security.

~~~
r3bl
Just let them. The sooner people realize that buying a cheap $35 smart watch,
or embedding the cheapest Android tablets into walls, or turning off your
heating completely after the battery in your smart thermostat dies... the
sooner we'll be in a place where the security of IoT is actually considered,
not only as important, but as crucial. Then, we can have nice things.

~~~
foobarian
Maybe we'll end up with a standard certification equivalent to UL or the green
padlock next to the URL. Probably about 5 years in the future.

------
abledon
I liked how the article gave the commands used to set up the correct
networking config with the bridge.

Can anyone recommend a good reference / tutorial for learning basic network-fu
in unix ?

------
FireBeyond
Yeah, wow. Twelve years ago, I worked for a firm that built DVOD (digital
video on demand) systems for hotels across Australia and UAE.

Even then, and with the limited 'damage' that could be done, each and every
single room got its own VLAN. That was certainly a little ugly to manage at
times, especially in a 1200 room hotel, but yes.

VLANs.

Authentication.

Something.

Anything.

------
tezza
Isn't this just a modern day equivalent of Phone Phreaking ?

There used to be party lines in villages where the whole village could listen
in to anyone's phone call.

Never mind the operator could also have a sticky beak.

Now if they can change your sound system to play Kanye West... that truly is a
problem worth worrying about.

------
goodcanadian
This is why I don't understand the "Internet of Things." A light switch is a
pretty effective solution to the problem; there seems little advantage to
networking it. Ditto for a toaster, refrigerator, et cetera, et cetera.

Now get off my lawn!

~~~
zanny
You want to have your lights come on at a certain time.

You want to add motion detection to lights turning on.

You want to attach light sensors to have variable intensity bulbs be brighter
or dimmer depending on ambient lighting conditions.

You want your lights to turn on inside your garage when the garage door opens.

You want your front hallway light to come on when your door is opened.

You want to be able to check all the lights in your house at a glance to make
sure you did not accidentally leave any on.

You want to have all your lights auto-off when your kids should be in bed.

And of course, most importantly:

You want to turn your house into a rave party, or an epileptic seizure
inducing disaster, and I don't think there is actually a difference there.

Your networked toaster might have online profiles for how to optimally toast
bread, bagels, rolls, etc based on the type of bread and they would be
available on a per-toaster basis. Rather than just odd balling how you want
your toast done, you could buy a toaster that has profiles with high ratings
that will toast your bread to your exact desire with your given model of
toaster.

For your fridge, it could have isolated temperature and humidity per
compartment, give alerts when different foods are low in quantity / going bad,
track the expiration dates of all your food, and have the same lighting
features as your house lights.

There are plenty of applications of "smart" devices. The problem with the IoT
is that once you put software in a device you need to be responsible for it,
and I don't believe there is actually a single hardware manufacturer on Earth
right now who is legitimately responsible for their hardware and respectful of
their users (particularly their software freedoms in relation to that
hardware).

~~~
goodcanadian
None of these things sound like killer applications, and few of them require
any kind of computational power let alone networking. There are much simpler
ways of accomplishing the same things. That is my point; IoT proponents are
adding unnecessary complexity for dubious gains. Some examples:

 _You want to have your lights come on at a certain time._

I can get a timer at a hardware store.

 _You want to add motion detection to lights turning on._

I can get a motion sensor switch at a hardware store.

 _You want your lights to turn on inside your garage when the garage door
opens._

Yep. That happens with most existing garage door openers.

 _You want your front hallway light to come on when your door is opened._

I've never seen this implemented, but it could be done in a multitude of ways
such as the motion sensor or a simple contact switch on the door itself.

~~~
gregmac
I've long been interested in "home automation" stuff, so I'll give you a quick
example of what I have at my house now that can't be done with timers/motion
sensors from the hardware store.

There's keypad in the entrance to the kitchen, with buttons labelled "Bright"
"Dim" and "All off". If you press Bright, all of the lights (sink, under-
cabinet, range hood, and island) turn on 100%. Dim sets just the under-cabinet
lights are on at 50% and island is 10%. Without this keypad, you have to walk
to 3 different switches on opposite sides of the room.

There's also a keypad by the front door. It has an 'all off' button which is
great when we're leaving, and as we also walk by it on the way upstairs, handy
when we're going to bed.

The front door keypad also has a "Garage" button. It lights up red if the
garage door is open (as we can't see the door from anywhere inside the house).
Press it and it'll toggle the door to open/close.

That stuff is just simple scenes, but I also have some more complex things..

The outside lights go to 20% from dusk until midnight, then turn off after
midnight. On top of that, at any time between sunset and sunrise, if the
garage door is open, or if the outside motion detector sees motion they go to
100%, and once the door is shut or no motion is seen for a few minutes, they
return to previous level.

At sunset, if none of the lights in the house are on, one of the lights in the
kitchen and one of the lights in the living room turn on (to make it look like
someone is home).

At ~midnight, if only the one kitchen light and living room light are on (and
nothing else has been adjusted, indicating someone is home), turn the lights
off.

At sunrise, turn off all lights. (This used to be 3am until we had a baby,
then it was annoying because, well, crying baby + preparing bottle + 3am +
lights suddenly turning off = ..not good).

At some point I will also set up a motion sensor in the front hall (or maybe a
door open sensor), so if the outside motion is triggered followed by the
inside motion (or door opening), the inside front hall light turns on. A bit
tricky, since I don't want to happen if I'm just walking around the house (or
leaving).

Is any of this game-changing? Not really. It's interesting to me, it's not
overly expensive (especially as I have built this up over time), and it's a
nice albeit minor quality-of-life thing.

Btw, I _can_ control this from a PC/phone, although I basically never do (the
keypad/switch on the wall is always going to be faster). I could also set it
up to work via internet, but I don't, because 1) there's an attack vector and
extra security to worry about, 2) adjusting the lights while I'm not home is
pointless, 3) I believe a key to home automation is the _automation_ part. If
I have to control it manually, it's by definition not automated.

~~~
goodcanadian
Thank you. Genuinely interesting, and in my opinion, one of the few examples
of the technology done right.

I would point out that the three different switches on opposites sides of the
kitchen sounds more like an issue of poor switch placement (admittedly, a
common problem) than anything crying out for automation, but the ability to
control sets of lights with one button is intriguing.

I think the take-away is this:

 _> Is any of this game-changing? Not really. It's interesting to me, it's not
overly expensive (especially as I have built this up over time), and it's a
nice albeit minor quality-of-life thing._

Which I contrast with: "Let's hook my toaster up to the internet because:
Internet of Things!" which seems to be the prevailing attitude.

------
liveoneggs
prepare to be arrested for various violations as a punishment for pointing out
these obvious and dangerous flaws.

~~~
watty
I mean he did unplug network equipment and MiTM, if this isn't illegal it
probably should be. I see ethernet cables all the time in things like
hospitals and hotels, should anyone be able to simply unplug them and put
their laptops in the middle?

~~~
matthewmacleod
Yes, anybody should be able to do that with no legal consequences. If you
don't want to give people access to your network, don't provide them with a
fucking port and cable explicitly designed for doing so.

~~~
watty
Come on now, you really think people should be able to unplug cables anywhere
they go? This could have major consequences at a hospital.

Edit: Completely agree Ska, no excuse for making it this easy. I'm just
pointing out that just because it's easy to pick a lock or unplug some wires
to MiTM doesn't mean it should be legal.

~~~
ska
People shouldn't unplug equipment in a hospital without express permission,
sure - they shouldn't do it in your home either.

If your security model relies on this, though, you have failed. Period.

It is maybe a little fuzzier in a hotel (should I be able to stream content to
the TV from my device instead of paying you extra for a movie?) but similar
applies.

------
marcoperaza
My favorite example of this is the evolution of volume controls in cars. These
days you have all sorts of fancy and inferior alternatives that leave you
wishing for a plain old-school volume knob. The worst are the purely virtual
volume settings with up and down buttons on a touch screen. Or only a bit
better, physical knobs that spin endlessly and just send up and down
operations to a digital volume level. Reasons why the old school knob is
better:

* It maintains its position across power cycles. It can even be adjusted when the car is off. So you can lower the volume knob before you turn the car on and blast loud rock into your grandmother's ears.

* It does not require you to look at a touch screen to find the volume buttons. Tactile feedback is enough. You can operate it while maintaining the other 99% of your attention on the road.

* It physically stops at the lowest and highest possible volumes. Again, no need to look at some display.

Even better would be a physical slider instead of a knob. That would let you
feel out the exact position of the volume without looking. The downside would
be the limited space on a car stereo dashboard. But please, a touch screen is
the worst and most dangerous interface while driving.

The same goes for radio presets. In a car with physical buttons for the
presets, I can switch between my favorite stations without having to look. Try
doing that with a touchscreen. How is this progress?

Maybe it's just a symptom of an industry that's often more about selling
status symbols than selling functional products.

------
JustSomeNobody
I don't see what this gains the hotel. You get an increase in
complaints/request about not being able to turn on/off lights, etc. Standard
light switches are dirt cheap and last years and everyone from age 2 up knows
how to use them.

Is this solely to look "fancy"? If so, then at least get the tech right
otherwise you look incompetent.

~~~
wpietri
Hotels are under substantial competitive pressure to seem fancy. Fancy hotels
can charge a lot more. Looking good is often more important than ease of use,
as is demonstrated by every hotel alarm clock I've ever tried to set.

It's also partly our fault. Computer-y stuff has had poor usability for years.
A standard tech response to bad user experience has been to tell people that
they're doing it wrong, that they just need to learn a particular trick and it
will all be great. So people often assume that when something is hard to use,
it's probably their fault. Which means that a buyer of stuff like this can
have a bad experience and wave it away thinking that the tech is just fine.
After all, why would somebody sell a computer-controlled lighting system that
is in practice worse in every way than regular switches?

------
TheOtherHobbes
Perhaps the hotel was getting ahead of UK gov requirements for network
backdoors.

------
dheera
Great, now make a drone or self-driving robot to randomly run around the
country messing with peoples' insecure lights. It'll be one huge party.

------
matthewmacleod
This is absolutely fucking preposterous.

The 'Internet of Things' or whatever you want to call it – controllable
peripherals, ubiquitous connections, stuff like that – is a pretty cool
concept. I want to be easily able to do things like ask 'when will my laundry
be finished?', or have my central heating come on when I start heading home.
Not because it's massively beneficial, but because it removes some minor
annoyances.

The technology is there, and has been for a while. But the proliferation of
mindless, unforgiveable security flaws, pervasive surveillance, proprietary
cloud-based networks, shitty software and bad UX generally – it's really mad.
It really makes it difficult to want to use any of these devices.

I'd love some kind of proper, non-half-baked-and-riddled-with-holes solution
for home automation, but I reckon I'd probably have to build it myself.

~~~
zodPod
Well, one major problem that I see is that, we aren't required to learn about
any of this stuff before we buy it and most of the people who's job it is to
set this up would gladly do it for less than someone who knows what they're
doing even though they know nothing about it. The entire world is set up
incorrectly for something like IoT. We try to get as cheap as we possibly can
with everything and we try to skimp on any labor cost but set everything up
fancy as hell. That's always going to leave you with security holes because
security doesn't make money. Not unless someone starts getting punished for
the bullshit security they are putting into these things.

------
ryandrake
Hotel name and address was not mentioned. As long as people complain but fail
to name-and-shame, these practices will continue.

~~~
mjg59
I'm generally unenthusiastic about naming and shaming hotels that I'm still
staying in.

------
Lanari
If you found that you could do the same thing on a classic installation people
will be like. So what? and an electrician wouldn't even be excited to try it.

But since hacking is cool, we like this stuff.

Weird thing also is that using WiFi years ago was basically giving your data,
when SSL websites where so rare. And we didn't even cared for it...

------
frogpelt
Every once in a while invention is the mother of necessity.

But do we really need our lights to do all kinds of funky things and be
controlled from around the globe?

Don't we really just need our lights when we're in the room? And don't we just
need to them to be on/off or at most dimmable?

Help me here.

~~~
mark-r
I could see a hotel system that turns off the lights at some predetermined
time if the room is not rented, in case they were accidentally left on. That
might save them some electricity, but it's hard to see it saving enough to pay
for the system.

------
saint-loup
I work in a flagship building in France, known for its environmental
compliance and automation features. It's quite nice, but there's a web app to
toggle the lights, the blinds and whatnot. And guess what, the logins to other
floors are trivial to guess.

------
devishard
This is a great example of more technology making things worse. I don't mean
badly done technology, I mean that even if this were working and secure, a
light switch would be cheaper, more durable, easier to repair, and easier to
use.

------
Kristine1975
And here I thought the video game Gunpoint (where you rewire switches, lights
and doors among other things) was unrealistic.

Although I'm a bit disappointed mjg59 didn't play Blinkenlights with the rooms
on his floor.

~~~
verst
I was thinking the same thing :)

For those unfamiliar: [http://blinkenlights.net/](http://blinkenlights.net/)

------
pyabo
In a competition it's possible to wake up your competitor. I mean if you are
going to play a tennis or football match the next day, you can bother your
competitor to have an advantage.

------
ilvnvtoomuch
Last week's episode, Ask This Old House, had something similar. They swapped a
normal front door lock/handle with a Bluetooth (or WiFi) controlled unit. The
phone could be used with an optional WiFi extender. My head swirled with so
many scenarios where things could be bad.

1) Leave the phone in the home, you'll never be able to get in! 2) Wireshark
the WiFi 3) Hijack the signal

I'm sure the dark side is waiting for us all to adopt IoT in our homes. I
prefer my mechanical locks, thank you.

------
ksk
I think one part of the reason is "good" developers almost never apply for
jobs to work on such projects. These projects are not cool or cutting edge,
and you won't learn anything new. Also the reason why a lot of outsourcing,
which is boring, and tedious 'business software' type work ends up being of
average to below average quality.

It happens elsewhere too. Like how poor people get public defenders who are
overworked, underpaid and not as good as private lawyers.

------
ochoseis
I surprised no one's mentioned Brillo[0] or Weave[1] from Google. They're
trying to solve this problem in an open, standardized way.

[0] Brillo - Embedded Android -
[https://developers.google.com/brillo/](https://developers.google.com/brillo/)

[1] Weave - Communications -
[https://developers.google.com/weave/](https://developers.google.com/weave/)

------
bencollier49
Why on earth are they using Modbus? Is there already some sort of industry
standard (on Modbus) for remotely controlling hotel peripherals?

~~~
runholm
Modbus has been installed in hotels for years and years. They are probably
using it because many hotels already have infrastructure in place for it.

------
swasheck
> My coworker asks whether you can control the channels. Can you set all of
> your neighbours' TVs to pay-per-view while they're out?

Hahahahahahah! "Asking for a friend."

But really, folks are talking about the nuisance of waking people up in the
middle of the night and that's true. However, controlling channels could be a
more significant nuisance.

------
jjp
Having stayed at a similar (same) hotel don't even get me started on the guest
experience. It took longer to familiarise myself with all the controls in the
room than a normal stay in the hotel. Also really appreciated the slight glow
all the tablets gave off at night...well they did until they got covered with
cushions and gaffer tape!

Jarrod

------
zmmmmm
In the hotel's defence, I'm sure he could also go toconventional hotels and
chop a hole in the wall and start messing with the wiring to achieve
approximately similar "security breaches". The broken implementation is more
concerning to me than the security aspects.

------
jameshart
I wonder if a more fruitful attack target than the lights in other rooms might
be the android switches themselves. Even cheap commodity android tablets
contain cameras or at least microphones. There's almost certainly a remote
update interface on them of some sort.

------
talles
Are physical light switches even a problem to be solved?

Seriously, I fail to see the ROI of such endeavor.

------
justinclift
Don't suppose those tablets had any kind of microphone or image sensor/webcam
built into them? If they're using cheap generic android tablets, they probably
do.

Should be fairly simple to setup remote blackmail-material-collection. :(

------
webXL
What's up with all the hotel hacking today? First towels [1], now light
switches??

[1]
[https://news.ycombinator.com/item?id=11265849](https://news.ycombinator.com/item?id=11265849)

------
mortenjorck
There’s nothing inherently wrong with a touchscreen, IoT light switch. But the
main problem here, apart from using an insecure legacy protocol, is the use of
a general-purpose OS like Android instead of an embedded OS.

It’s not just this light switch – Android refrigerators, Android ovens,
Android washing machines are all using a wildly inappropriate operating system
for single-purpose devices. The problem is likely that it’s a lot easier to
develop for Android than it is for a proper embedded OS: It’s faster, the
commodity hardware is easy to procure, licensing fees are minimal to none, and
it’s easier to hire developers.

The first company to bring to market a more IoT-appropriate, yet accessible
combination of operating system and SoC reference designs stands to become a
massive player when IoT goes mass-market.

~~~
marcosdumay
Yes, there is. Touchscreens lack tactile feedback, and for stuff that one must
manipulate on the dark (like a light switch), that's a very important flaw.

------
clapinton
Write a script to rhythmically open and close the curtains, as well as turn
the lights on and off for the whole floor. Then call OK Go and tell them to
bring a drone because you got their next clip idea.

------
thrillgore
Does anyone have a mirror? It looks like it's been taken down for me.

~~~
dewey
[http://archive.is/vSFf9](http://archive.is/vSFf9)

------
JJJollyjim
I wonder if, with MITM devices set up on a few consecutive floors, you could
make massive pixelart animations on the outside of the building by turning
lights on and off...

------
elif
eh, It doesn't scare me because they have the name, credit card, and exclusive
control over the lock on the attacker's door. You'd have to commit so many
counts of fraud and hacking in order to attempt getting away with it, that the
reward just doesn't seem there to me.

------
justaaron
why on earth are the 2 largest and highest valued technological companies in
human history repurposing mainframe multi-user computer operating systems from
the 1970's (extended even further with sandboxed app containers!) for mobile
phones!?

It smacks of deliberate incompetence to sell hardware.

iOT on top of this just smacks, again, of deliberate incompetence, to either
sell hardware or raise the attack vector profile (the NSA loves you!)

why on earth is there still no reasonable competition to either android or
ios?

~~~
bryanlarsen
There's nothing in the article about Android, it's only in the title.

------
api
A lot of consumer IoT feels forced. It feels like I am supposed to want these
things. What am I? A luddite? It's The Future(tm)! Of course I should want a
less reliable, more expensive, shorter life span, more complex
security/privacy nightmare in place of a completely reliable long-lived
inexpensive device.

Complexity is costly in many, many ways. There is zero justification for
adding it to anything unless the payoff is some multiple of the complexity
cost being added. I just don't see it here.

For any new tech, I always ask "what super power will this give me?" For much
of IoT I can't answer that question. There are a few nice-to-haves but nothing
compelling, no must-haves or genuine wows. Then you add in all the
unbelievably creepy security and privacy implications and any lukewarm
interest goes away. I can't shake the obviously crazy idea that some of this
stuff is being pushed because certain people (advertisers, intelligence
agencies) want as many sensors out there watching us as possible. Imagine
every light switch, thermostat, etc. with an Internet connection and then
think about the meta-data correlation capabilities with mobile sensor and
location data and other Internet traffic.

We're really talking about a total surveillance society where literally every
single thing you do is stored in a database somewhere. Anyone able to
correlate your phone's approximate location and/or your web browsing history
with, say, light switch data really will know every single time you use the
bathroom and for exactly how long.

Do you stop moving and kneel every day at the correct time? Then you're
praying to Mecca-- you're a Muslim. Do you leave the lights on late? That
might say something about your personality profile. Do you work with the
lights off? That says something else. Is there ambient sound but no light and
are a male and a female present? They might be having sex. Two men in the
bedroom? Gay sex! And that's just the easy low-hanging fruit I can imagine.
Throw some theory-agnostic deep learning at it and I can imagine unbelievably
spooky stuff that makes this look tame:

[http://nypost.com/2013/10/29/facebook-knows-when-youre-
going...](http://nypost.com/2013/10/29/facebook-knows-when-youre-going-to-
break-up/)

Edit:

But mostly I think the driver is tech industry wishful thinking. Everyone is
looking for the next catapult capable of tossing unicorns to billion dollar
valuations in 1-2 years.

Mobile has IMHO been a bit of a disappointment. It's been big but not quite as
big as everyone predicted. It's failed to displace desktop or achieve
"convergence," and the limitations of the UI and the walled garden model have
kept "serious" apps off mobile platforms for the most part. The collapse of
app stores as a commercial software sales platform with prices spiraling down
to $0 and clutter making new apps un-discoverable has further destroyed any
incentive to push the boundaries of the platform beyond a "portable dumb
terminal."

It's also been an architectural disappointment. It was supposed to be a clean
slate where we could escape some of the cruft and bloat of desktop, but we're
doing iOS and Android around here and the development experience on both is as
bad or worse than Windows, Linux/Qt/GTK, and the web. It's not the promised
land by any stretch. We took a lot of bad ideas with us from desktop and then
added walled gardens and more resource constraints. Woohoo!

So now everyone's hoping IoT will be the next unicorn flinger. I'm skeptical
so far. The Blackberry and the iPhone had immediate killer apps: maps,
portable chat/email, portable books, music, and movies, etc. Those are real
benefits that are worth the cost and the downsides. They're "super powers."
Where's the super power in an internet connected light switch?

~~~
barrygeorge001
I work in the Hotel industry making Apps for reservations and in room
entertainment and engagement. Some of your statements make sense but, form the
hotels perspective, some of the reasoning for implementing this stuff has
little to nothing to do with making the experience better for the guest. We
use the data we get from things like the lights, temperature, and other
information to find ways to save money and find how to better set up
properties for profit. Its a numbers game. We hope that we can use the same
tech to drive user engagement and keep them within the apps so they become
lifetime guests and book with us for subsequent stays. It is a marketing and
management effort. All about the ability to save money while driving
engagement.

------
Kenji
People forget how reliable and secure things like hard-wired physical light
switches and other natural interfaces (like paper books, etc.) are. There
seems to be a vast ignorance about topics like reliability, interfaces,
usability and design. Just because it's digital, it doesn't mean it's better -
I'd argue for the contrary in many cases. I don't want to upgrade the firmware
of lightbulbs, I just don't. Despite my affinity for them, I have more than
enough computers surrounding me in my everyday life.

~~~
mturmon
Everything you said, and also that the old analog devices are future proof.

For a trendy metropolitan hotel, with a design refresh cycle of 10 years at
the most, the future might not matter. But people are wanting to put these
devices in homes with a refresh cycle that should be more like 30 to 50 years.
Big difference.

------
smegel
What has this got to do with Android?

~~~
josteink
> What has this got to do with Android?

Not much. But Android _is_ pluggable, Linux based, and easy to put an OTG
Ethernet adapter into to divert supposedly "secure" wifi traffic.

I really think "Android" and the "as bad as you think" meme is just used here
to grab attention to something which is definitely worthy of it:

About IoT and what terrible things people are doing with it.

How long did it take for the web to mature? Do we have to wait that long for
IoT to settle as well?

------
wahsd
Sorry, fanboys, but anything Android is always "as bad as you'd think"

------
JimmaDaRustla
Correction, he stayed in a SHITTY hotel. Not much else to report here.

------
z3t4
Or you could just kick the door in - and turn the lights on. Then write
"HACKED" on the wall with a spray painter. (sarcasm)

