Hacker News new | past | comments | ask | show | jobs | submit login

They should feel more comfortable than an equivalent system built by a company that is looking to profit off of your data - and additionally, you can give the guest stronger guarantees that when you say that the system is "off", it actually is.



>> Even if you build it, knowing guest may never feel completely comfortable visiting your house.

> They should feel more comfortable than an equivalent system built by a company that is looking to profit off of your data - and additionally, you can give the guest stronger guarantees that when you say that the system is "off", it actually is.

They won't, because they'll be concerned the person that implemented it is a creeper. When regular people think "cameras installed in the room," they think this: https://www.bustle.com/p/airbnb-host-was-caught-with-a-hidde...

Distrust of a person is more more immediate in visceral. Distrust of a company is more distant and esoteric. The former usually trumps the latter.


The chance that a random implementer has a security vulnerability is much higher than that Jeff Bezos is listening to me watch TV. A private system is more vulnerable to target attack and an Amazon system is more vulnerable to mass surveillance.


You are on the right track, but I don't think you are quite right. Amazon like systems are more vulnerable to mass surveillance.

Your vulnerability isn't a targeted attack: you are not valuable enough to be worth the effort to figure out your system. As an attacker on your system I'd have to figure out how to break in, and then how to use the hardware you have. You are more valuable as part of a botnet - attacks that already exist. (if you are a politician then maybe, but that person is also vulnerable to a targeted attack on their amazon system - probably more so because the target is easier to figure out).


And what exactly does this "vulnerability" mean in real terms? Let's be honest. No one cares what conversations are going on in your house _unless_ you're someone specifically targeted. There's little use in mopping up data with no goal.


If I'm using a dragnet to grab every conversation and filter it for things I personally care about, your conversation could make you someone I want to specifically target.

As a random example: let's say that I want to kill someone who lives in your neighborhood. I could analyze your conversations, comings and goings to figure out when and how to kill that person, and blame it on you. I could on a continual basis run numbers on everyone emitting data in your neighborhood, until someone had arrived at a point where their friends would testify against them on the basis of conversations with the potential patsy, that patsy had no alibi, and tailor the murder on the basis of the means that the patsy had available to them at the time.

I could also just be trying to figure out if you were a homosexual, or muslim.


If mopping up everybody's conversations is cheap enough Russia/Iran/China/(insert your favorite large evil) does. If you happen to run of political office 15 years from now having all your conversations available to analyze will be useful. If they don't like you, you might find some out of context snippet of "private conversation" all over social media killing your campaign. (or alternatively the blackmail threat if you don't X)

That is they will target everybody because they know in a few years that will include somebody who they currently think is a nobody.

Of course as AI gets better and cheaper they may eventually listen to everything to see what who can be targeted automatically for what.


Economic espionage is a mainstay of intelligence agencies, so you don't even need to play the potential politician scenario out.

Just working for a company that an agency is surveilling is enough to make you worth targeting.


It depends on what future you want to live in. I prefer one, where this is not okay.


Why not just program it in Rust if you want to guarantee that the system doesn't have any security vulnerabilities?


A secure language does not protect you from insecure design. I could very easily build a system in Rust with gaping security holes, purposefully or accidentally.


Nice troll


That's true - and I suppose that some people are much more concerned about the former threat than the latter.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: