Hacker News new | past | comments | ask | show | jobs | submit login

Actually, it doubles your area of risk. Now you have 2 companies to worry about per device.

It's an open source project. There's no company to trust.

Users without the skills to verify the code isn't nefarious have to trust good samaritan developers instead.

> Users without the skills to verify the code isn't nefarious have to trust good samaritan developers instead.

I trust that amongst thousands of people with different incentives at least one will raise their voice if something is not right. At least more so than I trust a corporation with, in this case, the the wrong incentives to self-regulate to my expectations.

I've always wondered how much OS code gets audited or if everyone just assumes someone else will do it (bystander effect)

Nothing is 100% guaranteed, but with an open source project, given enough users, its far less likely for someone to be able to bury nefarious stuff without many eyes looking at it and at least one person sounding an alert.

Yeah but really this isn't true. Popular open source that has tens of thousands of eyes on it still gets compromised all the time (see: npm). Even the Linux kernel has had rogue git commits injected into it.

The probem with npm isn't that open source doesn't help, its that the eyes get spread out thin when you have thousands of modules - so nobody is looking at the changes that happen in their lots of small dependencies.

Which is not to say that thats not a valid approach - but for it to work we need better tools to handle lots of git repos at once (for example, the ability to get notified about any new code on github that affects your project would be pretty cool, especially if its coming from people or organisations you haven't explicitly marked as trusted yet)

I would like to see someone try and sneak rogue commits into Linux. It would be quite the feat.

> the Linux kernel has had rogue git commits injected into it

What? Who "injected" what and when?

I'm also interested to know more about this.

Users without skills can still hire a developer of their choice to do the verification, if they're really paranoid.

Do you think being an open source project makes it more secure somehow? It doesn't.

This is code you can inspect running on hardware that you own and control. It's trivial to ensure it's secure at that point. Unlike when it belongs to a company.

I'm tired of explaining why this isn't a valid argument for security. Being able to compile your code means _nothing_.

As is tradition, just read "reflections on trusting trust":


It doesn't have to connect to the internet to do what it does. The scenario you seem to be suggesting is that the Project Alias developers would be conspiring with Google by compromising Project Alias to NOT disrupt Google's listening and then Google would be listening in on you using their network access. This by definition does not double the area of risk.

If you can be confident that Project Alias does not have network access, then the worst possible scenario, even if the developers are literally Satan, is that Google Home would be doing exactly what it does without Project Alias attached.

I say to Project Alias "Call my friend Chris".

Project Alias whispers to my Amazon Echo "Call Secret Project Alias Man in the Middle"

Project Alias requires no network connection to do nefarious things.

What, you think the rasberry pie is a internet connected listening device too? Why did you connect it to ethernet then?

He's not talking about a rasberry pi in general, he's talking about Project Alias, the device featured in this article, and the first step in the instructions is connecting the Pi to your Wifi so you can download the software.

So yeah, this project turns the raspberry pi into an internet connected listening device.

Also says in the same instructable that once the device is trained that there's no need to have the device connected anymore. It also doesn't need to be connected to the internet - you just need to be able to get to it via a browser with a microphone - I was able to train the device with no connection to the internet.

Great point. What happened with good old physical connections via USB cables?

It's probably the same reason that people started installing listening devices in their homes in the first place -- convenience. Few people want to walk around and plug in a cable to update/reconfigure their devices.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact