Hacker News new | past | comments | ask | show | jobs | submit login

I get that privacy is important, but I'm struggling to understand why I'm supposed to care about a company logging data on the temperature of the beef I'm cooking. If they want to badly enough to secretly add telemetry code and not tell me? Great, have fun. Enjoy. I'll not lose any sleep over it.

In other words - the backlash over excessive data storage and retention is very much good thing, but let's be careful to try keep things in perspective a bit. Otherwise we run the risk of people not taking us seriously when it actually matters.






> I get that privacy is important, but I'm struggling to understand why I'm supposed to care about a company logging data on the temperature of the beef I'm cooking. If they want to badly enough to secretly add telemetry code and not tell me? Great, have fun. Enjoy. I'll not lose any sleep over it.

as we learn time and time again with this kind of thing, the scary things don't come from the data and metrics that they want, the scary things come as a form of collateral damage that occurs when the company does whatever they have to do in order to harvest the metrics that they're interested in.

Here's a devils' advocate leap that isn't too far from the realities of IoT devices: Company X's telemetry function is broken, allowing arbitrary remote code execution. The IoT device receives a command that causes property or personal damage -- or it becomes a node in a much larger destructive network.

These things happen when features get packed in faster than the security can follow.

Yeah, yeah, the Weber product is just a thermometer. It can still be a node in a malicious network, given attacker incentive.

This is a poor example -- it's an interface that accepted and expected inputs -- but I think it serves as a good example of IoT doing security wrong.

https://www.wired.com/story/snoo-smart-bassinet-vulnerabilit...


An example: I decided to build a simple temperature monitor to see what I could do about energy use. Simply put, it's the easiest way to tell when the heating system is kicking in and for how long when you're dealing with decades old technology. What I discovered was interesting. In addition to telling me the expected, it showed things like: when I went to bed at night, when I got up in the morning, and even when I got up in the middle of the night and for how long. The times weren't exact, but it provided pretty good estimates for an indirect measurement using a very crude instrument.

Now imagine what could be inferred from your meat grilling data.

I am not saying that that people go around doing nefarious things with your meat grilling data. In fact, there is a very good chance that it is not even being collected. Yet we live in a world that is hungry for data of virtually any type and in any form, which makes both data collection and nefariousness a possibility when that data is being handled by an Internet connected device. Personally, I find that possibility creepy - even if no harm is being done.


Would you feel comfortable with a health insurance company buying that dataset and charging higher premiums for those who habitually undercook their meat?

They cannot charge you more for being morbidly obese, or riding motorcycles, out preexisting conditions, or anything at all but maybe smoking, so I’m not too worried about doneness.

Or who eat meat "too often".

I guess grilling vegetables is off the table, then?

The problem is that if the majority of people who use grill thermometers are using it for meat (probably true), and the health insurance's actuarial tables show that eating meat is associated with higher payouts, your premiums will go up. This isn'tat court of law. Even if you really did use it for grilling vegetables they won't care. As long as they're right in aggregate they'll continue doing it.

Why would you want them to know this? Do you not think of privacy as being a desirable default in your life? You might be thinking of just some random logs getting stored somewhere, but I think of a person being able to access those logs. Do you want me, Joe Schmoe, to be looking over your shoulder every time you grill? You might not notice, but surely you'd be creeped out to learn that some guy has been peeping through binoculars at your thermometer whenever you're in the backyard. It's not just the temperature data either - it's the fact that they know what you're physically doing at a certain time and location.

My grill spying on me strikes me as being equal parts unintentional self-satire, and terrifying dystopia.



Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: