I was a huge Google Fan but this is becoming lunacy.
I understood trading some data and privacy for great search results, maps and free quality email.
But people willingly bringing always on listening devices in to their homes (beyond what smartphones are already capable of) I just can't comprehend it.
Why would people voluntarily do this in exchange for being able to ask for weather, play a playlist, add a todo and a few other parlor tricks.
I guess I value my privacy more than others and don't like the idea of entities compiling a record of my data that they can sell and market.
Imagine how some governments could use this data to limit freedoms, crack down on their opposition.
And what about the first data breech that includes transcripts or even audio of all your household conversations/activities over the past three years matched up to your email or even address?
It just sounds like we are heading down the wrong road.
What does having a Nest thermostat get you? I'm a tech dude, I build modern software, but I live in a dumb, old fashioned house. My programmable Honeywell thermostat, which has no internet connection, does a perfectly fine job of keeping my home the right temperature. My door locks use a key, and keys have great battery life, and my smoke detectors beep instead of speaking to me. What am I missing by not having internet connected stuff?
I loved my Nest thermostat when I first bought it. I could change the set point with my phone without getting out of bed, or set the house to the right temperature before I got home. It would automatically go into energy-saving mode if nobody was home. I could track my long-term energy usage with an app on my phone.
That was all very nice, but then Nest blew it. They kept forcing firmware updates to the thermostat that I had no control over. Some of them bricked the device for a period of time; some merely changed the UI so that options on the thermostat moved around or literally disappeared. I finally got fed up and reset the thing and refused to give it my wifi password. Then Google bought Nest which made me doubly sure I'll never connect the thing again.
Now it just works as an ordinary dumb thermostat. A rather expensive dumb thermostat, but it does the job. The extra features that came from connectivity are not worth the company's disrespect for my right to control the devices in my home.
I replaced my Nest with a Sensi once Google took over. In doing so, I extensively researched the available options searching for an acceptable one that could be used without a cloud server somewhere, but those just don’t exist in any decent-looking package. Choosing the Sensi was a compromise on settling for a company not likely to go out of business or discontinue the device within the near future and whose core business doesn’t conflict with keeping any data private.
From the Sensi website: "As existing features are enhanced and new features are released, your thermostat software is kept up-to-date automatically."
No thanks. Been there, done that. With a simple device like a thermostat, I don't want the thing changing all the time. Security updates are fine but every update needs to be under my control and the device should be designed with a mechanical switch that restores the previous version of the firmware.
And really even security updates should be unnecessary if the code is written in a type-safe language with good security practices.
I don’t want my complex devices changing all the time either. Just updated my desktop to last year's macOS and it caused a cascade of changes from dependencies I wasn’t ready for. Same with the latest version of Xcode, and the auto-updated text editor that went to subscription for the features I had paid for already.
I got Sensis too. Best compromise I could find, avoided connecting to the internet until I couldn’t find another way to program them. Suppose I could disconnect them now.
A programmable keypad is nice. I have a Z-wave one which can notify my Smarthings hub which notifies me when it's locked or unlocked.
The Nest thermostat allows me to control the heat remotely.
These two things are great for rental properties. Guests often forget to lock the door, I have records of when guests or maintenance people are coming or going, I can adjust the heat to 55 when nobody is there which saves a lot of money and more importantly I can ensure the heat is not turned off (which could cause frozen pipes) which some guests do for some reason.
Outside of a rental, these things aren't as useful. But I'd still get a programmable keypad (I've been running the Yale touchscreen ones in the mountains for years). It's very handy for friends or maintenance and with a Smartthings hub you can unlock the door remotely and give no code. Or give a code and change it later. I got the one with a key backup just in case but I haven't had the touchscreen fail yet.
I do run the Nest cameras outside and they've been nice to check snow levels, bust the spa maintenance guy for not even showing up, expose a neighbor for stealing firewood and rocks, expose guests who brought an actual bus full of people, expose another guest for filming a movie, and plenty of other things that have been helpful documentation.
It's kind of crazy how far the Nest cams pick up audio and how clear it is. So be cautious of these things because they are constantly recording and it makes it easy to scrub for footage (detects and quick links to voices, dogs barking, people, etc). I only listen to the audio when it's applicable (guests are doing something they shouldn't) but I'd imagine that some homeowners are watching and listening for fun.
It sounds like you have short-term rental properties, aka unregulated hotels, or more accurately regulation-skirting residential businesses. In normal rentals, guests are called tenants, and in most places tenants have all the same privacy rights as property owners. Therefore, a landlord having access to or retaining any information about door usage or audio-video of the property would likely be illegal. Perhaps a camera pointed at the driveway and public street for security purposes, but even then only with full disclosure to the tenant. Frankly, I wouldn't rent anywhere the owner had installed his/her own cameras--if necessary for security, I'd install my own.
Of course, the same privacy rights also likely apply to short-term guests as well, but while everyone is skirting regulations, what's a bit of surveillance in addition. I mean you've basically admitted (why people can't just shut up when they break the law) that you record your guests in outside areas where they can expect privacy (sounds like the hot tub). That people make movies in places they expect privacy (shocking), and of course you don't look at any of those skinny-dipping videos wink wink. Funny how unregulated businesses attracting unregulated activities still like to have some way to regulate their guests--and do so likely illegally.
Yeah, I know, some airbnb guests can be jerks, abuse the crap out of your investment, I mean second-home you couldn't afford without hotel-income. But you don't deal with the bad apples by violating the rights of everyone else, at least unless you want to invite scrutiny and regulation into your activities.
>That people make movies in places they expect privacy
If they're doing unpermitted guerilla filmmaking on someone else's property, they're just as guilty of violating someone's privacy and doing unregulated business activity.
FWIW, when I lived in a house where the landlord installed security cameras there wasn't much we could do about it. The law was on their side for outside cameras and cameras in common areas (like a laundry room)
It's sounds like you have little experience living anywhere except highly regulated, highly populated enclaves. Many places don't have regulations against things like Airbnb.
> It sounds like you have short-term rental properties, aka unregulated hotels, or more accurately regulation-skirting residential businesses.
This is not correct. I pay transient occupancy tax just like the hotels (11% at one, 7% for another) and also have local authorities come out periodically for certifications to make sure everything is up to their standards (fire alarms, extinguishers, lighting, safety rails, notices posted outside, etc).
If I was in a city that didn't have regulations for short term rentals, then it wouldn't be a regulation-skirting business anyway. It's only skirting if the area has TOT and regulations in place and you don't abide. How did you get to this conclusion based on my post?
> I mean you've basically admitted... that you record your guests in outside areas where they can expect privacy
No I didn't. And my listings clearly state that I have cameras outside.
> That people make movies in places they expect privacy (shocking)
Why is this shocking? They were making a low budget horror film. You need a license to film a movie on someone else's property and the city has regulations and procedures for filming. Not to mention they started a large fire in the desert and I could see the fire department come out and have a conversation with them. The guest also lied to me saying they were having a little couples getaway and we even gave them a discount because we were told it would just be 2 of them.
> and of course you don't look at any of those skinny-dipping videos wink wink. Funny how unregulated businesses attracting unregulated activities still like to have some way to regulate their guests--and do so likely illegally.
I have a pool at one property but there are no video cameras overlooking the pool. Or even the back yard for that matter.
You've made a lot of assumptions.
If you don't like short term rentals because some people don't comply then that's fine but hotels have bad actors too. Plenty of hotel owners not paying their share of TOT taxes, peep holes in bathrooms, stealing property when cleaning. Ever see those service spaces between 2 rooms? Bad actors would use those for peep holes and watch guests in person.
> I mean second-home you couldn't afford without hotel-income
Actually I can afford both without hotel-income. Even if I couldn't - the cities approve of it and get income and jobs.
> But you don't deal with the bad apples by violating the rights of everyone else, at least unless you want to invite scrutiny and regulation into your activities.
I comply with regulations and also create a lot of income for people in cleaning, maintenance, upgrades. We pay a living wage to all service providers.
Honestly all this monitoring and "busting" and "exposing" people for minor infractions sounds exhausting. Personally I have other things to spend my time on than surveilling people. Frankly it's kind of bleak to imagine you sitting around keeping an eye on your surveillance cameras and graphs to make sure no one is stepping out of line.
It's only when I get reports from neighbors, my turnover crew or they make a false claim on AirBnB. The tech in the Nest cams make it so you don't have to wade through footage. It short links to events and has great detection as I mentioned.
None of what I wrote was minor either. If a vendor is charging me and not showing up, that's fraud. Bus full of people - over my approved capacity and I can get fined. Filming - I can get fined. Fire in the desert - big liability. Stealing firewood - theft and now my guests won't have any.
Not sure why you are fabricating a story that isn't there.
The homes serve a lot of guests and 95% of them are respectful. How does reviewing footage when they make false claims or I get a report from a neighbor make me a voyeur?
The comment specifically says: "I can adjust the heat to 55 when nobody is there which saves a lot of money and more importantly I can ensure the heat is not turned off (which could cause frozen pipes) which some guests do for some reason."
I have kids. They forget to turn off lights, mess with my thermostat, leave doors unlocked. The peace of mind of being able to remotely check/access/control all of this is great.
How did you infer how they were raising their kids or how much time they spend with their kids from that comment? To me, it sounds more like you just want to attack them.
I'm an adult, I know I forget to turn things off sometimes and it is really nice to be able to remotely check on things like if a light is on or off or something similarly as trivial.
You obviously have very little experience with children if you think spending enough time with them will cause them to not to forget to turn out the lights.
I value privacy, my nest thermostat is the only IoT device in my house that talks to the internet or can be accessed remotely without a VPN. What I find most valuable is it programs itself. Am I cold? Turn it up a bit, hot? Turn it down a bit. Suddenly I have stopped having to adjust it at all. Even as life has changed. It has some nice other features, such as preheating/cooling, telling me how long it will take to get to temp, energy savings by allowing the electrical company to shift my cooling earlier before the afternoon rush.
I bought my Nest before Google bought the company, and I will switch brands instead of buying one of the Google built devices, again over privacy considerations. Hilariously enough, we entered the name of the thermostat as HAL.
Ok, but what on this list actually requires an internet connection? I guess the integration with your power company. But aside from that?
You could put a local AI model into the Nest, and it shouldn't need to talk to the internet at all. It can keep the data locally, and be programmed to draw inferences without help from the mothership.
For some reason we've decided it's ok to gratuitously connect everything to the internet "just cause". Sort of like how data maximization has become a thing because the costs are low, so why not?
Posted elsewhere, but my A/C had a small leak and was slowly loosing efficiency. At peak heat it could not keep up, but I had no way of knowing that at work. My $99 Emerson Sensi messaged me that the cooling was not keeping up and there was a problem. I could turn off the unit remotely to prevent stress on the compressor and fixed the small leak well before I would have known without a internet enabled thermostat.
I did A/C repair in college, fixing it early more than paid for the maybe 50 extra bucks wifi cost. The thermostat itself is on an isolated wifi network,
Messaging you requires at best only enough Internet access to send a message. It doesn't require all other functionality to be Internet dependent.
Frankly, the way these IoT devices are designed to be just dumb terminals to some cloud on the other side of the world, it's just bad engineering, in service of anticonsumer business.
Perfect IoT device would include an internal scripting language (ideally standardized and easy to grasp, embedded python/js/lua etc) and API exposing all of gadgets hardware. This way user/owner/external service providers could supply their own script snippets implementing desired functionality. Aka general computing.
Imaging buying "smart light" thats actually smart enough to do what you want it to do.
How else did you expect it to message him? Or let him turn it off remotely? Sure, could put a SIM in it and do an SMS that way, but then you have to pay for service for your thermostat, rather than just using the WIFI you already have.
Good point. In my experience an air conditioner is something that you use when you're home, so turning it off remotely doesn't make any sense, but I suppose other people might AC their house while they're gone all day?
>Ok, but what on this list actually requires an internet connection
I have a somewhat irregular work schedule, and on hot days was lifechanging to be able to turn the A/C on before I got home. Similarly, if you're on vacation and go "oh shit I forgot to turn the A/C off" it's nice to be able to do that remotely. The Nest has a motion detector but it's not 100% accurate. Maybe some non internet connected thermostats also detect presence, but it's nice to be able to confirm the state of the A/C remotely. I also like being able to graph the temperature/humidity of my place over time.
That said, my next thermostat will probably be an Ecobee because I'm pissed off about a number of decisions Nest has made lately (e.g. removing access to their API)
You can control it from anywhere so if you're coming home earlier than normal or know you need to pre-cool the house because you're having a party later you can do it from your phone. Or just being able to control it from anywhere in the house, this can be done with X10 or something but that requires additional hardware to bridge between the X10 network and the internet. Most IoT devices are similar and use wifi and a central server because it's the most convenient option for configuration, with both sides hitting a central API you don't have to worry about ensuring clients discover all the devices on the home network and it's then trivial to allow control from outside the home.
How much would a localized AI cost to implement, and would you pay it for a thermostat? As a result, you're lowering your one-time capital cost by connecting to the internet instead, perhaps?
I like that I can check on the house from my phone if one travels for multiple weeks at a time. I also like warming up the house before I get home late in the evening. Granted, I've now got a VPN / firewall setup that would do this without an internet connection, but I'd still need some form of wireless connectivity to execute the changes from my mobile device.
Not much, because you're probably doing regression and I doubt this tasks needs neural nets. Well, it is definitely solvable without NNs at the very least.
No. You could do this with any model that has feedback built in. I don't think you'd even need something as complicated as Q-learning but any type of reinforcement "learning" method would work. You're basically teaching a PID that has a clock.
Just taking a guess...besides integration with the power company, an internet connection can be useful for plenty of things. Weather forecasts and aggregating local user behavior to improve predictions of how to adjust settings more accurately over time. Talk to your mobile device to know when you're getting near home to pop out of an eco mode. A heartbeat to the cloud so it can notify you when the power is out. Lots of possibilities you wouldn't get with a local-only mode.
To be fair, most of that doesn't require the internet— it would be perfectly possible to build a simple learning thermostat that was offline, or perhaps was only periodically online (eg, dumping a compact data log while it's connected to your laptop for its yearly firmware update).
I feel the same way about voice assistants. Recognition can be done locally— playing your playlists or turning the lights on and off should require no internet connection. Updating a todo list or calendar, maybe, but then it should be an API call to that service provider, indistinguishable from an action originating in any other third-party app.
My limited interaction with those was that they were pretty universally terrible and would not be acceptable today (and were bad enough to be annoying then even).
Sure, they were. But it was a Symbian, with memory measured in KB, not in GB, CPU in low MHz range, not GHz. I only wanted to point it out that even though it was bad, it was possible, and with phones today, it's not only still possible, but maybe even possible and reasonably good. All that offline, of course.
>What I find most valuable is it programs itself. Am I cold? Turn it up a bit, hot? Turn it down a bit. Suddenly I have stopped having to adjust it at all.
Is that a problem most people have? I bought my house a few years ago and haven't touched my thermostat since I originally set it up years ago
Do you live alone? And are you or do live with a girl? Because when I was single, I never touched the thermostat. Now that I am, it has to be constantly adjusted.
I have an Ecobee rather than a Nest, but I had the Nest before I moved and the one thing I note is that it having access to temperatures and weather outside the house means it can choose just to run fans to circulate the air from outside to regulate the temperature inside instead of running the heating or AC. If it knows the outside temperature is the temperature you want inside, it can just shut everything off. A dumb thermostat only knows what the inside temperature is... or more specifically, when the little coil bends to connect the electrodes, it trips the heating on until the coil bends the other way and disconnects them. If the external temperature was sufficient, your thermostat could've chosen to circulate external air into the house instead of running the heating.
Also, it knows when you're not home, so it can then just shut down everything until temperatures would cause other problems such as frozen pipes.
Additionally, you just dial it to where you're comfortable and if you get too hot or cold, adjust it again. It learns what temperature you like it at at certain times of day, it takes a week or two to really get to know you, but once it does, it just keeps the temperature comfortable and you rarely have to touch it or even look at it after that without you needing to go through a complex programming process like you do with most other thermostats.
That's pretty much what a smart thermostat gets you.
Whether or not you consider that useful or a good use case for your needs is really down to your own evaluation.
I like that my thermostat is smart enough to be able to regulate the temperature in my house without needing to kick on the AC or heating, which reduces my power consumption somewhat and is somewhat better for the environment, but is also better for my wallet.
The system in my house just has an exterior temperature sensor. You don't need an Internet connection to know the temperature outside your house, and the "outside temperature" it's getting from the Internet may be quite different than the temperature of the air outside your house anyway.
Knowing when you're home can also be done quite well without any Internet access - just see if your mobile device recently associated to the wifi.
These things can trivially be built without the privacy concerns. The business model might be a bit harder if you can't collect the data, though...
Of course, I'm not discounting these things, nor am I suggesting it can't be done other ways. I'm just saying that this is what you get with a smart thermostat that you don't get with most non-smart thermostats.
The thing I really liked about the Nest is that I just turned the dial to where I felt comfortable and it just took care of everything else for me without me needing to do anything. As long as you're brave enough to put screws in a wall and hook up a handful of wires to connectors, it took about 15 minutes of me getting it out of the box to it being installed and configured. I can't say the same about any other programmable thermostat I ever had. Seriously it wasn't an awful lot more complicated than the mercury switch thermostats I've installed.
The handful of Honeywell programmable thermostats I've installed had a disastrously bad user experience. In fact, I installed the Ecobee in my current house because I got so pissed off going through the programming cycle of the Honeywell I gave up before I got to Wednesday :'D
Nothing, in my opinion, but I do have a sort of funny story about IoT thermostats.
My SO's dad is a gadgets guy, and he travels constantly for work. He is also incredibly vigilant about bills. They're the kind of family that can't touch the thermostat until a certain time of year, weighs insurance costs into every decision they make, etc.
Anyways, when he was traveling—even in cold months—he would see the thermostat going up on his phone and panic, turning it down. His kids, who were freezing in the house, would turn it up again because winter, and several hours later the cycle would repeat. They were basically locked in a constant battle to warm their house against their miserly dad and the cloud.
Classic story I heard was of a landlord who locked the thermostat in a plastic air-flow case. The college roommates who lived at the residence learned to strap an ice pack to it. Hilarity ensued when the landlord would come by to check on the heating system.
(He’s the “PC guy” from the Apple commercials, among many other performances, and he has a podcast where he acts as a more cerebral and empathetic Judge Wapner, hearing “cases” and making rulings. The show has quite the internal lore, complete with local court rules, standing, and binding precedent.)
Im in the same boat, I find the concepts very fascinating but almost all of it is trying to solve problems that don't even exist for me.
The only thing my friends with IoT devices do are party tricks on voice command with their smart lights. Other than that, I find the so called 'problems' these devices solving are extraordinarily trivial.
My favorite part of my IoT loving friends' party tricks is that they only even seem to work about 40% of the time. Most of the gimmicks might be worth having if they worked 99.9% of the time and I didn't have to sell my soul to get them, but as is they're a half-baked solution to problems that I don't actually have.
Thank you for this information 'JCBarry. I was legitimately alarmed and confused. I searched for the word “thermostat” in the article, and I didn’t find it, but I could easily be out of date with respect to Google’s Nest and IoT branding.
It's nice that it knows when I leave and adjusts accordingly automatically. If I need to come home at a non-routine time, I can adjust from my phone so that it's comfortable when I get home. I don't see the need for most smart devices, but the Nest thermostat has actually been really useful for me.
Why does a thermostat integrate with cameras and microphones anyway? Do they have any internal one?
Anyway, I do really want a smart home lock. Just changing the shape of the keys so that they would stop puncturing my pockets when I walk would be enough of a gain. I also want a programmable bedroom light that can slowly dim on at morning.
I don't have those because the costs are much higher than the benefits. I'm sure a smart lock will lock me out of home at some point, with no way in. A smart light will also fail at the worst possible way, and I don't want to deal with it.
> also want a programmable bedroom light that can slowly dim on at morning
Oh you absolutely do, this has been by far the best (arguably only) benefit I've seen from home automation. Sunrise is now whenever is convenient. The lights slowly come on over 30 minutes and it feels like I'll wake up at some convenient time for my body during that period, rather than having my sleep interrupted by an infuriating alarm.
> A smart light will also fail at the worst possible way, and I don't want to deal with it.
I haven't had any problems with mine (v1 hues), they default to working like normal bulbs so the worst case scenario is you toggle the switch off and on and you get an illuminated lightbulb every time. Also (true of any LED light) they will continue to work even after you've shattered the glass by accident.
> changing the shape of the keys so that they would stop puncturing my pockets when I walk
Have you considered alternate solutions such as less-tight pants? ;P
> I also want a programmable bedroom light that can slowly dim on at morning.
FWIW, a lot of cheap CFL bulbs do this on their own. It's one of the reasons I hate CFLs for most uses, but I've come to appreciate that the light in my kids' room starts at about half (perceived) brightness and takes a minute or two to warm up.
I think the key part is that the bulbs come on automatically, not necessarily the ramping up of brightness.
I don't really care about brightness ramping, I just have my bedroom Hue bulbs come on at max brightness at 6500K at 5:00 every morning, switch to 2700K at noon, and 2000K (and dimmer) at 20:00.
Shameless plug: we - at Crownstone - have an open source plug or built-in switch with with wake-up functionality. I don't know if it's too smart, but if it is, I'm fine with you flashing adjusted firmware to make it dumber. :-)
I have a cheaper thermostat with wifi, a few months ago it alerted me that the temperature had been more than 5 degrees over setpoint for half an hour and something was probably broken. I was able to remotely shut off the unit and after I came home from work, sure enough the coils had iced over due to a refrigerant leak.
It was only hot enough for this to happen at the peak of the heat when I was at work. I was able to catch the problem early and fix it cheaply all for the cost of a thermostat (Emerson Sensi) about $40 more than a non wifi model.
Is there any advantage in involving you in the loop, though? Couldn't it just shutdown upon detecting the problem and turn on a warning light for you to see when you got home?
Don't forget they also have a smoke/CO2 monitor. I use that because it would be really handy to know about those being issues prior to coming home.
Of course, the next question is always "How do I confirm this?" but if it means I can catch those problems sooner, regardless of whether I'm home, I'd rather do that.
And yet, this article has me re-thinking it. Maybe removing the Nest alarm and getting Simplisafe's detector is the better move (but I need to look into theirs first).
I run OpenHAB at home (and have tried HA), but setting all this up is not in the wheelhouse of the majority of people. Doing the in-home setup is difficult enough, but safely exposing it to the internet is not something I'd ever ask a non-technical person to do.
Meanwhile, you just swap your old thermostat with the Nest, tell it how to get to your wifi, install an app on your phone, and you're done.
Yeah that's what a lot of the responses in this thread don't get or dismiss. These things could be run in a much more privacy protecting way but that comes with all sorts of configuration and setup headaches that most people don't want to deal with. And being able to access the devices from anywhere is a feature most people want even if it's only useful occasionally and a central API running all interactions means if it works while you're home it will work anywhere rather than it working while you're home then not working because something something DynDNS/NAT.
And youre over estimating the technical literacy of the average person. This is the first time I've heard of nabu casa, I just checked out their website and they're immediately talking about yaml, I've browsed every page I can see and I can't see anything about setting it up. Another labe mentionrd docker and JWT as troubleshooting steps - that's too much for 99.99999% of people to ever use.
I'm under no delusion that the average person can, or is willing, to setup something like Home Assistant.
I was answering a question posted on HN, where the assumption that the average HN user is capable of fiddling with hardware and software is usually valid.
I do have some WeMo switches on some lamps in our living room. I got them instead of fiddly-dip-switch timers before a vacation several years ago, and it turns out I like having them come on an X time automatically, and turn off at 10, when we typically go to bed. We never interact with them; it's great.
But the thermostat is dumb (but programmable). The locks are all regular locks. We have no smart speaker (dear god WHY?). The TV is dumb.
Why? Because I've spent 30 years in software, and my watchword is "don't put firmware in shit that doesn't fucking need firmware."
> What am I missing by not having internet connected stuff?
I'd say that's a question that can be asked of anything that's Internet-connected. Phones, watches, TVs, cars, etc. They probably all create a level of convenience, typically at some cost Like all costs it's up to each person to make a decision whether that cost is too great - usually these questions are really veiled value judgments on others' cost/benefit analyses.
I live in an area where I can go from heat to cool needs in a single day, and I have pets with sensitive temperature needs. So I have a thermostat I can control via the Internet.
However, it is not a Nest, and only I can control it. It's not connected to any account or cloud service. It doesn't have direct IP connectivity at all, so it can't be turned into a part of a botnet. And it works just fine without the Internet.
These kinds of devices are just slightly better than the old ones, because it's possible to programmatically control them. They would be an interesting idea, because they offer slightly better convenience than the previous devices, but they are such a huge privacy violation that they aren't worth it. Take out the privacy violating parts and they could be interesting products.
It gets you troubles. Just bought a house that had some installed. Had weird "lost connection" failures, and the "smartness" trying to learn what's the right temperature for you doesn't work. After two months, I still have to wake up in the middle of the night to manually reset the temperature to something reasonable.
If you have a predictable schedule, there are plenty of offline thermostats that let you set target temperatures for different times of day. If you don't, I can see how being able to control it remotely would be nice. (But an embedded microphone is still creepy and unnecessary.)
> But people willingly bringing always on listening devices in to their homes (beyond what smartphones are already capable of) I just can't comprehend it.
I don't get this position: my (Android) phone can already record my voice, so how does having a Google Home materially increase the privacy risk?
The GH does have access to mains power and a wifi connection, so that makes it easier to record all the time and upload a lot of data vs. a phone, but it seems like a bit of a stretch to me to think that Google would be doing something nefarious with GH and then absolutely nothing on Android. I've also noticed that when I call out to my GH, my phone will usually respond too, so it's not like my phone can't understand me, even when it's in my pocket, so the capability is definitely there.
So if you do trust Google enough to have an Android phone, then you should probably trust them just as much to have a GH. Beyond that, then it just comes down to bugs: what if GH is too sensitive and thinks you've uttered the wake word often when you haven't? Ok, then some conversations may get recorded that you didn't intend. That's certainly a concern, but "I just can't comprehend it" would seem a bit hyperbolic in that case.
> ... includes transcripts or even audio of all your household conversations/activities over the past three years
This seems to indicate to me that you believe that GH etc. are always recording and uploading every sound it hears, all day long, without regard for the wake word. If you believe this, I guess that is your prerogative, but I guess we're probably not going to have a productive discussion here.
«I don't get this position: my (Android) phone can already record my voice, so how does having a Google Home materially increase the privacy risk?»
Indeed. Maybe people don't realize that a smartphone is a much bigger privacy risk. A phone can literally record audio and video, track your position, monitor all your online activity, and upload all that without you even noticing it, even when the screen is off and locked. (This can happen when the phone is hacked or if the OS or device vendors are evil.)
I think people perceive devices like the Echo Dot or Nest Mini as more dangerouse simply because they aren't used to them. But smartphones have existed for more than a decade, so people have long accepted these.
The privacy risk is not the same and the convenience to mitigate is not there
I can leave my phone at home when I go out. In another room. Shut it off. I do all of these things quite regularly.
Do I go around and disable numerous smarthome gadgets for privacy or stick with my oh so terrible life without them? Bonus! I can avoid awkward conversations with my guests.
People buy products because we feel they help us be better. There’s little real utility towards bettering myself with a colorful, and extra power sucking, thermostat at home all the time.
Given how outdated most Android phones are, they are substantially more of a security risk than a Nest (of some sort), Alexa, or Apple smart speaker. With Google your facing someone substantially fucking up, a search warrant, or compromised account. A random compromised Android phone, just about anything or anyone and the only giveaway is going to be the battery draining faster than expected.
Have you ever seen a verified case of a smartphone operating while off? I have only seen rumors. If you are going to be that paranoid then how do you know removing batteries turns it off? Maybe there is a Secret battery for spying on people.
I blame Star Trek. Simply speaking out loud to ask the computer anytime something was needed, it seemed like magical tech. We just didn't anticipate the companies and extra consequences that would come along with it.
I would love to see a parody of Star Trek where all the tech is run by an advertising company exploiting all the crew members individually by capturing all their private data around the clock.
I think it looks comfortable in the Star Trek universe because it is implied that voice activated stuff is controlled by a super-AI. That is, the AI won't give humans access to the audio. Which in turn means we are going to have a super-AI that can restrict our rights and itself have access to vast amounts of information about us. I.e. Star Trek is a society essentially controlled by the AI, as it will be above us.
It looks comfortable in the Star Trek universe because everyone trusts Starfleet and the ship's computer.
I mean, if you don't trust the computer to look after your interests with regards to your voice interactions, why are you trusting it when it also controls life support and airlocks? ;)
But what's an AI, what's 'artificial', when does something become so if it's made by/of 'natural' things? Which reminds me of BSG, they have airlocks too.
It isn't. In fact, people there are uncomfortable about computers giving them orders (TNG S03E06). It works because in Star Trek, the society works. For instance, a ship's captain could easily access plenty of surveillance records about their whereabouts and activities, but as a matter of course, they don't. Cases where someone abuses technology for ulterior reasons are presented as negative, and protagonists do their best to thwart such misuse.
In TNG they ask the computer for someone's location every other episode, usually without hesitation. Didn't go so well for Barclay, when they walked into his cringy holodeck fantasy program.
I'd disagree with this. Frequently they look through peoples records. Whenever someone dies it is the first thing they do. They also on one hand talk about holo decks being a private space but how often do we see them walking in on peoples' sims. You could totally just shut down the sim from the outside if the person inside is not responding and that would more readily respect that person's privacy (but isn't good for entertainment nor shows that Star Fleet is also composed of "humans").
Like come on guys, there's more than personal logs. There should be more barriers before you go there. But to also be fair, it is stuff they know is going to be used in that way and it isn't just a log of everything they've said in their room. So there is a little more consent involved. I don't think you can really give consent to always listening devices.
I disagree. Given it takes place hundreds of years into our future, I'd assume speech recognition is just a "solved problem" and not something to worry about. Plus, there's also the Federation -> navy comparison. If speech recognition is mandated in Federation vessels, why would the crew worry about who's listening?
>a society essentially controlled by the AI, as it will be above us.
This is the highest probability of the realistic outcome of AGI as it will advance in capabilities so much and so rapidly that we won't be able to keep up. I personally think it will be benevolent and care for us like we do for our pets which won't necessarily be a bad thing.
I think it looks comfortable in the Star Trek universe because Star Trek portrays a society that is not run by mobsters, warlords, delusional ideologues, and sociopaths.
We are still very much savages. Clinical psychopaths and delusional narcissists run our institutions and major decisions are made on the basis of fanatical superstitious ideologies and mindless herd behavior.
In short I won't put an Internet connected microphone in my house and I'm very wary of privacy leakage in general because I don't trust the people who run our world (including both governments and corporations). I don't think this is irrational. Glancing around it seems like a decent number of world government and corporate leaders belong in prisons and mental institutions, not powerful offices.
> Star Trek portrays a society that is not run by mobsters, warlords, delusional ideologues, and sociopaths.
Interestingly, while this is certainly the background assumption of Star Trek, it is much less valid in episodes where the crew must interact with their own government.
In the short run, it gives the company three direct benefits for making the technology work (besides the "They can advertise at you better" one that people like to drumbeat on).
1) Context is nearly invisible, and is constructed from dozens to hundreds of data points. Holding state on the user (not just from direct interaction with the agent, but from other services the agent can be aware of) makes a lot more context possible. My assistant knows about my calendar, where I've been recently, and my recent emails; it can make much better educated guesses about what I mean if I say "What's travel time to Oakland?"
2) Getting the voice recognition tech itself from 90% accurate to 99.9% accurate requires awareness of the tens of thousands of real-world complicators that never show up in laboratory testing. As Google showed off by bootstrapping their voice recognition tech via Goog-411, they know how to take megabytes / gigabytes of "dirty signal" and use it to refine their algorithms against unforeseen corner cases.
3) Releasing new assistant features can be done atop existing collected data, without requiring months of lag for enough state to build up for the feature to be useful.
All of these are addressable engineering challenges if privacy were a priority. It's just that privacy is not a priority.
(1) is not that hard, just subscribe to feeds or query cloud services from the device. (2) is harder but could be done by treating the devices as a cluster or sending data up only when it can't be easily recognized and storing it only long enough to be useful in training (and storing it anonymously), and as for (3) the device could store data encrypted in the cloud and that would be fine. A new or updated device just downloads and decrypts the index to its data. There are other workable approaches.
I think the best way to change that is legislation. We need HIPAA-type liability laws applying to all privacy-sensitive data: recorded audio, recorded video, location, etc. Leak someone's location or a recording of audio from their house? That'll be $10,000 per person per incident.
That would instantly transform privacy invasion from an asset to a liability and incentivize companies to minimize data collected and when it must be collected to provide the service minimize the length of the time it is stored.
As it stands literally all economic incentives jump up and down and scream "invade the user's privacy s much as possible!" These are:
(1) Data is valuable and advertisers will pay for it or pay for data-driven ad services.
(2) Engineering privacy-invasive systems is easier than engineering privacy-respecting systems. This is a subset of "engineering insecure systems is easier than engineering secure systems" as privacy is a dimension of security.
(3) Privacy sensitive approaches usually require more compute and storage at the edge, increasing device build cost.
Let's not forget the other important issue: aligned with privacy-invasive technology is the business incentive towards turning products into services. This is what drives most of the bad engineering in IoT products - perhaps even more than the secondary revenue stream of selling users' data. When you make your device depend on the Internet for its most basic functions, you secure yourself a recurring revenue stream.
I'd like to see regulations addressing this issue directly, in addition to more strict pro-privacy regulation. For instance, I'd love to see it so that data, software and compute become independent - instead of current vertical integration. That is, I want to a) own my data, b) choose where it'll be processed, and c) have the software processing it come to the data - this way the vendor supplying software for c) won't be able to take the data and sell it or hold it for ransom.
Some significant incentives or legal controls would likely be necessary to realize that. Companies have zero incentive (beyond possibly performance if network bandwidth is an issue, and it's not) to (c), since that gives you carte blanche to steal their implementation, reverse-engineer it, and use it outside their control. I don't anticipate they'll facilitate that voluntarily.
It's also a lot easier to debug and improve software running on machines in a cloud one owns than on local heterogeneous architectures out "in the wild." Ask anyone who's done backend web development vs. frontend how fun it is to get "It don't work" bug reports from end-users with no logs and only spotty event metrics to guess what failure mode they got into and how they could get out of it (including failure modes such as "their ad blocker decided to kill half your functionality because your JavaScript's name had 'ad' in the URL").
There's a lot of incentives aligned for thin clients and fat servers.
"Just subscribe" is already asking more detail engagement from users than they want to contribute. Most users do not care enough about implementation details to want the device to not be working until and unless they tell it to.
I agree that if you want to change the model, law is the way to go. It'll hold back progress, but if that's the price we want to force people to pay, we could.
I feel like another motivation is to keep the neural net parameters, AKA the most valuable part of the speech recognition algorithm, off-device. It'd have to be huge otherwise, and could be easily duplicated then used as a starting place for a competing product.
I agree, and it's likely that's the most correct answer if people want to see the market change.
The second most correct answer is to just opt-out if you feel spied on and get to feel very smug watching people who didn't opt-out get burned by their choices. Honestly, I recommend that solution unless one encounters a situation where opt-out is impossible.
We seem to have no good solution to this. Capitalism/cowboy development: ship crap fast, break stuff, accrue regulations. Socialism/planned economy: have meetings to plan meetings to discuss requirements forever and nothing ever happens.
While both were government funded, the "cowboy" approach of ArpaNet and IP vs the OSI network protocol consortia are a great case study.
That’s not going to produce a good model. Test panels and dogfooding are both small scale and introduce biases based on who uses them. Until the gains stop coming primarily from supervised deep learning we won’t move away from the winner being whomever has the largest, most diverse dataset and compute resources.
It works in Star Trek, because as 'api says, their society is sane. United Federation of Planets is an utopia, where people don't try to abuse and profit off each other.
For a proper Star Trek comparison, imagine how comfortable Federation citizens would be with using ambient computing technology created and sold by the Ferengi, who are also known to be performing surveillance for Romulans in exchange for money.
(For non-Trekkies here, Ferengi is a species of extremely greedy and exploitative capitalists; Romulans are what you'd get if you reified the Five Eyes into a species, and put them into state of cold war with the Federation.)
I hate not having privacy but I don't understand singling Google out here. Siri is listening (both on phones and on Apple' homepod), Alexa is listening, Cortana is listening, ...
I actually am less worried about those (since I turn them off) than I do about Netflix/Amazon knowing every movie I watch. Amazon knowing every product I order. My Credit Card and Bank company knowing every business I transact with. My Mac and PC spying on what I do with them (i think that's more Windows than Mac). My PC/iPhone/Android/Rift knowing every app I run. My ISP knowing all the websites I visit or DNS lookups I make etc...
I could go on and on but I don't see how Google sticks out here.
I don't see anything in the parent comment that says this is a Google-only issue.
Also, the Netflix and Amazon examples don't seem to be in the same category, to me. Every time you interact with Netflix and Amazon, you are doing so deliberately. You are choosing exactly what to give them. You can easily pick another service.
Always-on listening devices, on the other hand, are taking data that you did not choose to give them, and other people's data as well. That's the point in the headline of this article. I would never need to tell guests "If you order something from Amazon, they'll know you ordered it," but apparently I might need to tell them to watch their mouths in my house. There's a big difference.
May I say that I love your use of GAFAM. I always thought FAANG was silly and Netflix was not like the others and was included just to make a good acronym
If I'm not mistaken FAANG is more about the Silicon Valley (and the people that might be interested in living/working there). Meanwhile GAFAM is more from the point of view of the users, also Netflix#, as a non-US online presence is pretty new, and let's face it, is only about a specific kind of entertainment - one might then add Valve/Steam as well !
It does bother me when politicians say GAFA and leave out Microsoft (but not Apple??)
#Netflix did play an important part in adding DRM to the Web specifications...
I agree with the company choices, but the spelling of the acronym worries me that it will be read or intended by some as "gay fam". Particularly since the usage as a generic insult makes semantic sense for disparaging a group of closely related companies...
(I guess it's not the only slur it has to avoid with that letter combination though.)
Yes, sure, but that wasn't what the comment I was replying to was talking about... This is about the difference between always-on listeners, including Echo, and stores where you buy things.
Echo's listen for their wake word, which is done on device and offline. It detects the wake word, and then connects to the internet. It is not actively transmitting in the background.
If you have proof of echo devices not doing this, you need to yield a source. Wireshark logs, anything.
I think we need to be looking at this from the side of biometrics. There are already privacy laws in some states which protect that kind of information about individuals. It's scary to know that if you collect a lot of what may seem like harmless information about an individual in one place, and analyze it through an algorithm or AI, then you're able to accurately predict a lot of extremely intimate details about a person. Just look at the classic example of Target predicting a teen's pregnancy before she even knew it herself, just by observing her buying habits[1].
Imagine if AI advanced to the point where a human brain could be simulated in a computer. If you collected enough data on a person, you could create a virtual clone with their exact same beliefs, opinions, intelligence, etc. Just imagine how easy it would be to exploit someone if you could simulate how they'd respond to anything with perfect accuracy. You could literally enslave people.
And while that's currently scifi, the amount of money companies like Google and Facebook are pumping into AI research means we could land somewhere pretty close to that eventually. If we're still not protecting peoples' data by then, we're all fucked.
I think allowing any company or government having an open mic/'smart' speaker, essentially bugging your own home/business is just a bad idea.
"I actually am less worried about those (since I turn them off)" - are you sure they are off, had to ask.
I'm not as worried about Netflix/Amazon knowing every movie I watch, product I order or am interested in.
I'm more worried about private conversations and communications being monitored as it applies to freedom of ideas, diverse political movements, freedom to vote and even freedom of religion.
> Nest/Google Home devices have a hardware mute button. They are off when they are off.
Can you cite where Google says that the mute switch is a hardware kill switch for the mics? I've only read where they say that it doesn't listen but never that it physically disables the mics which means it's done in software and the device could be "muted" and still able to listen.
Unless the mute switch is a physical disconnect for the microphones then it's no different than the Alexa's mute button.
And don't forget Google's Nest Secure contains/ed undisclosed microphones and not physical mute button and Google wanted you to trust that it is/was disabled.
What terms do I use to find these magical results?
If I google "Google Nest Home Mute Hardware disconnect" for example, none of the results on the first page state it is a hardware disconnect.
The support.google.com links all use vague language that never explicitly says there's a hardware disconnect. Just that the mute switch causes the microphones to be disabled.
yeah, I believe the hardware mute button does mute the mic.
That was more of a joke, are you sure they are off?
I'm sure someone has or is testing that the hardware mute button works.
I'm not against Nest/Google. I was always sporting Google T-Shirts and hats back in the day, telling everyone to use it and recommending their products.
It can't selectively listen. It processes all audio input for those key words. Once it hears the keyword, it then sends a recording of what you say next to a server.
This is not accurate. At least on the Google home the "wake word" is baked into the hardware and no audio gets through that piece of hardware until the wake word is detected.
Obviously there can be defects, but Google is not getting 100% of the audio from your home.
I highly doubt the 'wake word' is embedded in devices on a hardware level rather than software. That sounds like a terrible idea on multiple levels.
You are using 'Google' in a vague way which may be why you are confused about what my comment meant. The Google device gets 100% of audio it hears, because it can't magically hear a 'wake word' without listening to all audio. It only sends audio to a Google server after the wake word.
Aren’t “OK Google, hey Siri, hey Alexa” all processed/recognized locally? Otherwise, it would be a horrible idea to send EVERYTHING off to the internet for processing. Not even concerning privacy issues, it would just be unworkable that way.
(This is at least true for the iPhone, Hey Siri is recognized locally before anything is sent off to the net)
Re reading your comment, I guess you mean: the sound processing goes through the local microphone no matter what, even if the audio is only forwarded on if they lead with certain keywords, right? In other words, just like how every other voice activated system has to work. The privacy implications are that the equipment could be compromised to actually put the recording in longer term storage, like a bug or something.
Officially, no, but it's not uncommon for it to misinterpret another word as the wakeword and then capture and send off 30 seconds or more of audio that was never intended for it.
regarding Siri, I think the general assumption is that the phone is triggered by hearing 'Siri' to start recording. I doubt very much that people think their phone is always recording everything and that they are therefore ok with being recorded when not using siri.
>Siri is listening (both on phones and on Apple' homepod), Alexa is listening, Cortana is listening, ...
I've disabled Siri and Cortana to the best of my ability (and I don't own any Amazon devices with a microphone). Of course I can't actually be sure that that means that they're really not listening, but it's absurd to imply that just because one owns a smart phone they must give up all hope of privacy.
I don't think anyone is suggesting that smartphone ownership means you give up all hope of privacy.
You are trusting that your efforts to disable Siri and Cortana have actually resulted in them being disabled, and that Apple and Microsoft aren't doing nefarious things to keep them enabled anyway. If you trust that, I don't think it's a stretch to trust that Apple and MS would avoid doing nefarious things with a HomePod or [whatever MS's analogous device might be]. You seem to not want to have anything around that can record you without your express permission, so sure, I get why you don't have a HomePod.
I had an Amazon Echo for a while, but decided I didn't trust Amazon, and exchanged it for a Google Home. I have an Android phone with Google Assistant enabled, and I don't see the privacy implications as materially different between the two.
I know I'm gonna be in the minority with this, but what if you really just don't care despite knowing the danger?
I have a Google Home in my bedroom, and it's extremely convenient for controlling my lights. I'm aware of the privacy concerns with such a device, but out of all the things in the world that worries me it's just not far up my list to disregard the convenience. I imagine a lot of consumers might feel this way. Now this would be a different story if something was forced upon me (like the government mandated some device, and I don't have an active choice in having it) but I'm making an active choice to buy this device and use it knowing that it could very well be recording the conversations, sex, whatever else goes on in my bedroom.
I feel like this is the only sane response. To say there is no danger is naive. To say this is existential danger is...well...have you read the news lately?
Every day we are making choices about what risks we're willing to accept. In the scheme of things, this is novel but minor.
The problem is the illusion that these devices present of being just another utility like a toaster or a TV or even a smartphone. The always on link between these listening devices and their command and control is not evident. It gives the illusion of operating locally.
> But people willingly bringing always on listening devices in to their homes (beyond what smartphones are already capable of) I just can't comprehend it.
Always-on listening doesn't seem like a huge deal. What matters is the policy of allowing Google people to listen to captured audio, even if it's for training purposes. This is skirting uncomfortably close to a dystopian surveillance society.
If you want to gather data from people, provide an incentive to voluntarily participate. For instance, on Google maps you can become a contributor and there are benefits and bonuses if you contribute enough. Yes, this group is self-selected so it's not as good as a random sample, but it's better than the dystopian alternative.
Also, while the owner of the device may have consented to recording as part of the TOS, guests certainly have not. Thus, in WA if you don't get affirmative consent from your guests on the actual recording you have committed a crime.
Always-on audio capture is a HORRIBLE idea in general. First, if it's stored - at all - then you have to ask "who else could get access to the recording besides (Google|Apple|whoever)?" Whether it's a nation-state via a search warrant, or some random script kiddie who hax0red the storage mechanism, once it's recorded you don't know WHO is going to get access, or what their intentions will be.
Secondly, even if it's not normally recorded, so long as the capability is there, you've basically bugged yourself. Now if you become a target for surveillance, all the other party has to do is arrange for (Google|Apple|whoever) to give them a real-time feed from your device and now all of your conversations are fair game.
Smart phones are bad enough, but why put more devices in your home (car, office, etc.) that make it trivial for others to monitor you?
Isn't this true with any device that has an embedded microphone? Laptops and pre-smart cell phones have had the same vulnerabilities for a very long time, no?
The general public didn't have a reason to distrust the devices. Snowden, Assange, email scandals and general overbearing decisions from tech companies black-holing things has shown the average joe there could be a problem.
Combine that with a general rise in authoritarianism and living outside of the US where these tech companies are based.. I can see the problems arising.
It's a fair point... unless a device has a hardware mute switch, it's hard to know for sure if somebody can activate it remotely for listening. But why add more attack vectors unnecessarily?
Everyone in my house finds the Echo convenient. It is not a big deal, but neither is our threat model. There is no profit to anyone in spying on our kitchen. I'm much more wary of devices that radios, GPS and cameras, but I still use those too since they are even more convenient.
> people willingly bringing always on listening devices in to their homes <...> I just can't comprehend it.
The reason is "people" lack education in technology. They can barely use a computer these days, with "using a computer" generally means being on Facebook with a browser.
There's a very significant divide in this regard that has been growing for decades. And it isn't getting any better. This is why it is nearly impossible to convince people you know to use better passwords and adopt security and privacy-conscious behaviors. I don't know if you (plural) have experienced this, I know a few people for whom sending a link via email is a challenge. They think they sent you a link and what you get is unusable. No, it isn't about age at all.
Smart phones and tablets have changed the relationship people have with computers. They make things very easy to use and require almost no technological knowledge to operate. In computers, the browser or Chromebooks do the same.
Add it all up and the idea that someone does not even remotely think that a thermostat could be recording every word being said in home doesn't even cross their minds. Going beyond that, thinking about how and where that data is stored and how it could be used it yet another level.
All this says it is the responsibility of the tech community to make sure customers understand the important aspects of the technology we provide.
> All this says it is the responsibility of the tech community to make sure customers understand the important aspects of the technology we provide.
Which is difficult as long as some peoples income depends on not making sure that customers understand.
As much as I'd like to pretend we are all morally and ethically acting grown ups, reality tells us we are not. Ultimately this needs to be regulated by law and continually enforced. It seems like regulation is slowly rolling in, but enforcement seems to still be far out.
"The reason is "people" lack education in technology"
This is a dumb statement. Lots of tech people use all of these devices. In fact smart tech people differentiate between machine listening and humans listening.
A Math, Tech person know that the probability of a human listening to my recording is close 0.000001%.
Humans, including yourself, make far worse decisions every day in your life that have much higher detrimental effect to your overall quality of life than worrying about stupid things
Yeah I’m a software engineer for GAFAM, am fully tech literate and I like my Echo Dot. I’m simply not concerned about the privacy issues. I have yet to see evidence that they are using my data in any way that I would object to.
I thought it’d be fun to go back through my two years of recordings to see if it captured any accidental conversations, and it was so boring to go through. They are entirely expected questions like “what time is it” “what’s the weather today” “set a timer” “what’s the cubs score” “when do the cubs play” “how many games back are the cubs” “how many games left are in the cubs season” “Do the cubs even have a chance at this point”
I'm also a GAFAM engineer. (Personal opinion ahead etc..)
I agree with you that nobody is listening and it isn't valuable data even if they were.. My biggest issue is that the devices are a black box. Nobody knows if they're hacked or compromised which is why hardware disabled buttons. More transparency is critical. I think I should be able to monitor all of my smart devices' activity with as much done on device as possible.
Apple and (now) Google have made strides with on-device ML lately - I hope things continue down this path.
"The results aren’t terribly surprising if you’ve ever worked a help desk. Around 5% of the U.S. population ranks at level 3, the strongest level of computer literacy. Another 26% ranks at level 2, where users can do things like “find a sustainability-related document that was sent to you by John Smith in October last year.” Those who ranked in level 2 likely aren’t developers or engineers, but they get by.
However, for the 69% of the population below level 2, complex skills are still hard to come by. 26% of people weren’t even able to use computers. The full report at the source link below shows how these numbers break down over age ranges. Regardless, the numbers give some perspective on how skilled the overall population is."
And this is about using a computer. Understanding technology in general is a very different matter. The data on this isn't difficult to discover. There have been a number of studies, for example:
The vast majority of the population is utterly ignorant when it comes to technology. Start adding areas like machine learning and AI and the chasm is massive, deep and wide.
Using tech people to claim this problem does not exists and, therefore, calling the statement "stupid", betrays a failure to understand the topic at hand.
The same is true about medical knowledge. The vast majority of the population is utterly ignorant about medical science, pharmacology, etc. Claiming this statement is "stupid" because doctors, nurses and medical practitioners do, in fact, understand the domain, is, again, missing the point. And missing reality.
The example is useful because, unlike in the general case of technology, the medical sector has a range of safeguards, rules and laws in place in order to protect consumers. Very little, if any, of that exists in technology.
You can manufacture and sell a 3D printer that can fail and burn down someone's house. There is not FDA equivalent in order to ensure some level of safety exists as a minimum. If you think FCC, UL, CE and TUV provide those safeguards, well, you are obviously not in the hardware business. This is particularly true for the utter junk that comes from China, where these certifications are given away like candy and ar sometimes falsified.
And so, you can insert a microphone and a camera into a consumer device and there really isn't anything preventing anyone from using those sensors nefariously. This is particularly true if the device's firmware and software can be updated over the 'net. Which means you can ship a device that can test out to be completely benign. Later on the same device is updated over the net to include obtrusive capabilities that compromise privacy, and nobody is there to prevent that.
> Why would people voluntarily do this in exchange for being able to ask for weather, play a playlist, add a todo and a few other parlor tricks
Because it's a lot of fun and the personal risk is basically nonexistant. It's the oldest story in the book: different personal evaluations of risk of activity.
You said it yourself: smartphones are already capable of it. So what difference does it make if you add an Alexa or Google Home? At least those aren't going everywhere with you. This is the defeatist attitude, but this tech is probably here to stay. We just need to do our best to make sure companies do the right thing.
My personal view is that the biggest issue here is the lack of user protection. I'd be a LOT less concerned about this if the appropriate legal framework protected me.
The Star Trek vision of voice as an interface is a good vision. The question is how the regulatory framework protects users in this world and keeps it from being the dystopian nightmare that our "for profit corporations get to do whatever they like as long as you agreed in an 'all or nothing' click through" seem to be headed for.
If the voice interface is implemented locally then it's not a problem. Google already has it working on the Pixel. It has some limitations but it responds faster and works offline.
> If the voice interface is implemented locally then it's not a problem.
That's not really observable or enforceable by me though. A question I ask myself all the time before I say yes to some kind of "new data tracking" is: "How do I think company_x will behave in 10 years if their profitability is plummeting?" Because I think that paints the worst case for companies that so far have been good actors.
I guess the TLDR is: That's great, but I think that the solution is legal protections for users. Right now all the power is in the hands of the collecting organization.
It's also possible for any software to have a keylogger. We don't really worry about that, because if it unexpectedly sends data, someone is likely to notice and tell everyone.
Voice interfaces today work like keyloggers by design, and we're just trusting them not to abuse all the data they're getting. It'd be a lot better if we didn't have to.
(I'm on board with legal protections too, of course.)
While the tech seems to be catching up in certain areas (if not the FTL drive), socially we're nowhere near what was depicted in Star Trek. It wasn't just post-capitalism but post-money. People no longer had to work for basic necessities. That is almost an unimaginably different setup to what humanity has always been used to. There's also a noticeable lack of crime and corruption, again something humans will have to extensively transform themselves in order to reach the goal...
Star Trek is a post scarcity society. There is no capitalism, commumism or even an economy. Every basic need is met. People join Starfleet and work as officers purely so they can better themselves and explore the stars. This is incredibly optimistic vision of the future.
We are far more likely to end up in a cyberpunk nightmare where corporations are richer than entire nations and technology is used to subjugate and control people.
The new version of Fahrenheit 451 (film w/ Michael Jordan) does a fantastic take of this. I highly recommend it unless anyone is a Fahrenheit 451 originalist.
Echo does this - only wake word phrases are sent to the internet - but it is not guaranteed by the hardware. Also your failed requests - where it recognized the wake word but not the request - are listened to by QA people. Those could easily be private conversations with an accidental wake word.
> I guess I value my privacy more than others and don't like the idea of entities compiling a record of my data that they can sell and market.
I think a lot of people don't understand how much their data is worth. It is something I frequently hear, that "my data is useless, so why hide it?" or "what are they going to do, see that I like cat photos? HA!". I think these kinds of comments are slowly diminishing as the average person is seeing 1) these tech companies are worth $1+ trillion 2) people get scared and think Facebook is always listening because they every so often hit the mark too well. But I don't think most even know the extend of the data that these companies have (e.g. they think that Google only has their email data and knows nothing about financial), let alone how that data can be used.
I don't think this is just a Google issue. Osterloh just happened to be the first one to come right out and say, yeah, maybe you should tell your guests.
Personally, I thought the bigger news (insult) was when he said, "Gosh, I haven't thought about this before in quite this way."
Give me a break. You knew it. I knew it. We all knew it. Maybe the right thing to do is have the device recognize there's an unknown voice in the room and announce that it's listening. That hasn't happened for some reason, but I highly doubt the reason is that no one ever thought of it.
> Gosh, I haven't thought about this before in quite this way
Imagine if I made a self-driving car. Imagine if, in the rain, it simply slowed down and stopped right where it was, even in the middle of the freeway.
Now imagine that when asked about whether this was dangerous and ought to be disclosed to customers, the VP of Engineering said, "Gosh, I haven't thought about this before in quite this way."
We'd all say the VP was either lying, or was dangerously incompetent and was running a dysfunctional engineering group.
I don't need to get into a long conversation about whether this is malice or incompetence: It's unacceptable either way with self-driving cars to claim to have not thought about safety, and in the case of privacy and disclosure of recordings in my home, it's unacceptable either way to claim to have not thought about it.
This company is rotten from head to toe, and so is the system of incentives that lead companies like Google and Facebook to flout all standards of responsibility.
How can someone say something like this and still have their job at 5pm PST? How can Zuck say time and time again, "Sorry, we'll do better next time, by the way, political ads can lie," and there are no serious consequences?
Exactly! He knew it, the whole company knew it and took advantage of it, and didn't disclose it publicly until questioned by a reporter.
I see parallels to the genetic testing kits: it's all fun and games until police use it to find people who committed crimes. Just wait until investigative units realize FAANGs have recordings from inside houses that they can supeona.
> I guess I value my privacy more than others and don't like the idea of entities compiling a record of my data that they can sell and market.
Because big tech/advertising companies don't sell your individual data. They sell to other entities the ability to show people like you specific content. I wouldn't use products monetized in the first way, but I'm happy with the latter approach.
Are we acknowledging a difference between the Nest device he warns about (which is sold as a surveillance device) and, say, an Amazon Echo? (Which the headline mentions as equally problematic, but the body of the article doesn't mention at all.) My understanding of the Echo is that it only records after hearing a trigger word.
> It just sounds like we are heading down the wrong road.
Humans are a lazy bunch and this feeds into these genetically coded tendencies in the worst way.
I feel like there is a growing backlash against these technologies that are getting way too invasive. Myself and a few of my friends have gone back to being as "analog" as possible. Dumb thermostats, dumb tv's, regular old key locks (you can still get some pretty secure, non-electronic locks), dumb fridges, etc, etc. The point is to disconnect as much as possible from the internet, Google, FB and Amazon. Three of my best friends now just carry Windows phones. Internet connected, very few apps, and phone service.
We are of course, a very small minority whose seen the dark side of these technologies. I don't think enough people know or understand the consequences of having these devices in their homes.
What do you mean by this? What exactly is it that you believe smart speakers capable of that smartphones are not? (Modern smartphones are just as capable of listening for and responding to hotwords as smart speakers are, fyi.)
People are afraid of dying in a terrorist attack but aren't afraid of driving their car around town. Even though the odds of them dying in a car accident are much greater than dying in a terrorist attack.
I think the same thinking allows people to overlook their phones while focusing on their smart speakers.
You are right but as you say all those things apply to your smartphone and the smartphone of every person you are in range of. Also, smartphones have cameras front and back. An Alexa in my bathroom only has a mic and speakers. The future will also be powered by cameras and microphones in public and you will be tracked. Amazon is actively selling software and hardware to enable dystopia today.
I imagine that if governments start to use Alexa, et. al. to crack down on dissenters, those whole business lines disappear as people dump them all in the trash. I think we have to depend on capitalism and whistleblowers to shout if things change. If someone wants to listen in on the sounds of my bathroom, help yourself. I personally draw the line at cameras. No camera, no Ring doorbell and my phone is usually in my pocket or in a shelf with no visual access.
The other thing that I'd point out is that a lot of people publicly shout their political and other positions voluntarily. This is great for free speech but is an even easier and richer target for government crackdowns.
As you noted, smartphones are already capable of this. Smart speakers are relatively moot from a privacy perspective, unless you keep your phone in a soundproof case.
People just don't know how valuable this data actually is. Sure it only gets value if a critical quantity is reached.
There is just a disconnect in understanding. With huge efforts they will create archives of 5% special price coupons, but how tech companies extract free money from them is beyond their comprehension.
The implications of having every deed and word quantified is perhaps too abstract a danger to understand.
> But people willingly bringing always on listening devices in to their homes
Because flying cars. The home assistant is the glimpse of future people looked forward to since first Scifi movies.
Its convenient and out of way. And people don't understand nor care about privacy.
That said I am still ranting to my brother that he is using Alexa whenever I visit his home.
I have a few echos and a google home, and I love the feeling of living in the future by controlling things with my voice.
It may be naive, but I think the device vendors have way more to lose if it turns out they are actually recording all the time, not just listening for the wake word.
It will be the wrong road if we end up at 1984, but I’m hoping for the Culture, or at least the Jetsons...
I've gotten Alexa and Google's Home for free but I refuse to set them up. Even if you believe these companies aren't going to "spy" on you, the security of these things has been proven dubious at best.
What is the worst thing you think could happen if you did set either of them up?
I'm personally not a very private person and I'm not worried about giving up some privacy for convenience. There are a few bad things I could think of like the government using out of context recordings to frame you or something like that, but the odds of that happening seem so vanishingly small, I can't worry about it.
'Don't be evil' as a company motto really seemed to make Google different in the early days - not just in terms of being hip and cool in contrast to their contemporary competitors, but in terms of recognizing that technology has a moral dimension and that the firm's long-term wellbeing lay not just in maximizing its technological power but distributing the benefits thereof as widely as possible, rather than conserving it for private advantage.
I find their news product a useful barometer of the extent to which they've abandoned that. Last Monday I sat down at my workstation and the top item - amid war, political instability, and everything else going on in the world - were articles about the Google Pixel 4. I know this wasn't a reflection of my browsing habits - I'm just not interested in phone technology at the product level, and and any online shopping/product research that I do these days happens on a separate account on a separate device, because I don't want to mix up my consumer preferences with my intellectual interests.
You would think that with all Google's brainpower the presentation and distribution of news would by now have seen massive advances, but instead it has simply magnified the worst aspect of print and Tv news. I'm beset with sports, entertainment, 'health' (mostly quackery), and 'technology (mostly consumer products) news every day, even though I used to be able to opt out of those things. If I make the mistake of looking at a sports article on my workstation or phone, I am swamped with sports articles for the next day or two, presumably because the sports market is so lucrative and Google's algorithms get tremendously excited at the possibility that I am adopting the consumer the consumer profile of a sports fan.
Likewise I am constantly being advanced second- and third-hand sources of news based on SEO and existing reach; every other story I read is a half-assed rewrite of original research done by a news outlet with a smaller brand footprint. If I'm lucky I can see that in the first paragraph or two and can click through to the original, if not it's because a big news outlet is just stealing or redoing stories without credit or attribution and I may find out about it later when I read Twitter.
I could rant on and on and on about Google's news product and about their other products and practices, but all my critiques of the firm boil down to this: google has become a company that takes bids (including from itself) on the order in which it provides leaves to consumers, while denying them sight of the trees they are plucked from.
If you've carried an Android at all, you've already had a listening device in your home for years. This device also has a ton more sensors and data it collects off you than a smart speaker could.
This might be because I’m running on a half hour of sleep but I legit thought you said you were a Google Fan as if Google makes smart ceiling fans and you were somehow talking to me.
The thing is, the majority viewpoint always wins, whether they are right or wrong. If we had a well-educated and well-informed populace, people might make better decisions. Unfortunately, this is not the case and the situation is worsened with marketing and advertising from companies choosing revenue over morals.
The thing is everyone has a cellphone, even many kids. Invite half a dozen people over and you’ll get half a dozen cellphones.
I have a couple of Amazon Echos, plus iOS devices that occasionally activate Siri for no reason.
I love them. My feeling is that I’m willing to live with it for now. Hopefully, a decade from now, voice technology is perfected and more is done on device.
There is never going to come a day when any of these companies give you more control over your devices. Why would they? Thats their entire competitive advantage.
of course I do, it's alluded to in my comment:
"(beyond what smartphones are already capable of)"
I agree, smart phones provide the same surveillance capabilities of 'smart' speakers and more.
But supposedly phones aren't always on and listening to all your audio like the 'smart' speakers.
This might just be a divide in society, some people accept surveillance as not an issue and are fine with it.
Would you place a similar 'smart' speaker device in your home if the government suddenly required it?
I just feel a surveillance state is detrimental to freedom and democracy, the freedom we have in the states is not common.
If you look back in history and even around the world today it's pretty rare. I just want to make sure we aren't setting ourselves up to weaken it or even lose it.
But it's a setting. I own an iPhone have turned off "Hey Siri". If it would still listen all the time that would be a security issue and breach of trust.
It seems 'smart' speakers wake more easily than Siri.
We hadn't been hearing news stories about FANG employees listening to/reviewing conversations intimate moments until the 'smart' speakers were deployed.
I expect this could have been going on with Siri as well though.
I'm open to using a 'smart' speaker in the future, there might not be any reason for concern.
Currently it just seems like a bad idea to add recording devices you don't control around your home.
> We hadn't been hearing news stories about FANG employees listening to/reviewing conversations intimate moments until the 'smart' speakers were deployed.
That just shows that the media didn't think those stories would sell.
Not new Android phones. Since Android 8, google no longer listens while the phone is locked. If you want to use the google assistant, you have to give your fingerprint or password first.
It's more accurate to say "after the wake word is heard or after a false positive for the wake word is heard".
Even in the presence of hardware interlocks (active when the wake word has not been detected), the accuracy of wake word detection is a really important question, as is the question of whether an adversary can modify the wake word detection code remotely.
They use the exact same hotword detection - that is all they are "always listening" for (obviously plenty of false positives that can still capture other conversations)
But saying "beyond what smartphones are already capable of" diminishes the fact that they are also always listening, and are also generally near where you are. Siri, by default, is always listening. Most people don't understand or know this. People are then amazed when they put their phone on a table and say "Hey Siri" from across the room.
No one has yet to provide an argument as to why "smart speakers are much better at invading privacy".
For example, just this year my always-on, always-near-me iPhone was subject to an attack where anyone could call me on FaceTime and gain access to my microphone. This attack vector does not exist on my Google Home.
So, why are smart speakers much better at invading privacy?
Also they aren not phones and not using wifi, not LTE/4G uplinks, making it more easy to stream audio without hitting bandwidth caps or using too much battery.
It's way much easier to notice if a phone streams audio often and unnecessarily.
Smart speakers are made to listen by design, that's their sole purpose: to listen and respond to that. Disabling the microphone takes away the core functionality and basically their purpose for being. You're left with a speaker.
For a phone the assistant is an optional side-feature and disabling it takes almost nothing away from the utility of the smartphone. You're still left with a smartphone.
No, because it's a small step from having a smart speaker - which is specifically designed to pick up someone speaking quietly from the other side of the room - to go from "requiring a wake work" to "listening to every conversation". Especially when the companies involved (Google and Amazon specifically) have direct interests in knowing what you are talking about.
Of course not, but phrasing it in this way (that phones are a separate exception) minimizes the legitimate critiques of always-listening cellphone privacy.
Apparently on this site it does. I had a conversation where I made a joke about Alexa glasses spying on us all in public instead of just in the privacy of people's homes now and got downvoted to oblivion because apparently you aren't allowed to care about privacy if you own a phone. The amount of whataboutisms on this site where people try to invalidate others opinions or critiques is incredible and makes it very difficult to have any kind of genuine discussion. I imagine it's partially because there are plenty of Google/Facebook/Amazon employees on this site so it's in their best interest to shut down any pro-privacy discussion
I understood trading some data and privacy for great search results, maps and free quality email.
But people willingly bringing always on listening devices in to their homes (beyond what smartphones are already capable of) I just can't comprehend it.
Why would people voluntarily do this in exchange for being able to ask for weather, play a playlist, add a todo and a few other parlor tricks.
I guess I value my privacy more than others and don't like the idea of entities compiling a record of my data that they can sell and market.
Imagine how some governments could use this data to limit freedoms, crack down on their opposition.
And what about the first data breech that includes transcripts or even audio of all your household conversations/activities over the past three years matched up to your email or even address?
It just sounds like we are heading down the wrong road.