Hacker News new | past | comments | ask | show | jobs | submit login
Amazon details its low-bandwidth Sidewalk neighborhood network (techcrunch.com)
121 points by tdrnd 31 days ago | hide | past | favorite | 97 comments



Low bandwidth mesh networking is super interesting but I would prefer not to have it supplied by Buy'n'Large.


Amazon is my gross secret. I find much of what they do disgusting, but I still have Amazon Prime, still shop Amazon a fair bit. As abhorrent as it is, it's also just too convenient.

That's why I also own shares in the company. They are just too damned sticky and too damned good at so many things.

It reminds me of that scene from Clerks II. It's the most disgusting company I've ever seen... but I can't make myself move away.


People are so lazy.

Anything you can buy on Amazon can be bought somewhere else online. Usually you can buy products directly from a companies website and cut out all the middle men.

And its not even much effort to do so. Finding an alternative place to buy a product takes just a single Google search


> People are so lazy.

Why yes, this is why I'm invested in Amazon.

> Anything you can buy on Amazon can be bought somewhere else online.

The problem with other sites is often (still!) I have to deal with annoying setup. Then once I create an account, I end up with yet another damned weekly newsletter[1]. Then I opt out, but I still get changing terms of service emails for the next 100 years.

There are some sites where I don't have these issues, but it is common enough that it makes me averse to signing up for new sites.

It is almost a perfect prisoner's dilemma. If every single site on the net stopped doing this, I'd be more likely to use more sites and they would all benefit. But individually, sites find it more profitable to spam/ newsletter the hell out of their users by default.

Also, often I get thing cheaper on Amazon then on the third party seller's own site. Just recently I was shopping for bike parts and recognized the seller's name and went directly to their site. The product was the same price, but on Amazon I get a 5% rebate plus I use smile.amazon.com so a few pennies goes to the charity of my choice as well... plus I didn't have to deal with setting up and account and dodging an email newsletter.

So yes, lazy, plus tired of the gamble of dealing with user-hostile sites.

[1] I know most sites let you avoid the newsletter sign up, but too often they use dark patterns or opt in by default.


Of course I can, but then I need to create several different accounts on different sites to place different orders when I can just order everything in one order on Amazon.


Most sites have guest checkouts today...


maybe true for US, but not other countries.

In my country, Amazon operates surprisingly well, and the local companies have a long way to go till they catch up.

The only exception is MercadoLibre, they upped their game considerable after Amazon entered the market.


Who else has an install base like Amazon in their Alexas and Rings? No TinyCorp could just decide to roll out a service like this. One of the few upsides of having giant companies is seeing the work of their equally big R&D departments


> Who else has an install base like Amazon in their Alexas and Rings?

a company like Arris that sells DOCSIS3/3.1 cablemodems and GPON end user CPEs to big ISPs like Shaw, Comcast, Charter, Wave/RCN, etc. The main problem with that concept is that if a manufacturer of residential CPEs such as Arris made a unilateral decision to incorporate the tech into their cablemodems and other devices, their $BIGISP customers might not be pleased about it and would buy elsewhere.


Comcast already shares your internet connection with others if you rent your wifi router from them.


yes, one of the reasons why I recommend anyone with a comcast connection go buy their own modem and run it as a dumb L2 bridge, into a separate user owned router. For technical people who know what they're doing I'm really not a fan of the idea of the modem also being a router and wifi AP.


You can imagine that instead of always being sent to Amazon the network could just pop out regular IP on the other end which would be routed to the service of the origin device's choice. Of course this does add more complexity such as abuse prevention but it would make the protocol attractive even if it was designed by Amazon.


Literally any major router brand?


That would require the capability to reliably and automatically push firmware updates out to existing devices, not something that I'd traditionally associate with home router manufacturers.

Also, at least in my experience, most private households just use the (usually horrible) ISP supplied CPE.


Which typically are by one of the major router brands, and do typically have mechanisms for ISP-controlled updates.


> Who else has an install base like Amazon in their Alexas and Rings?

https://starry.com/ and https://volkfi.com/ are doing their bits.


Volkfi don't exactly inspire confidence. :/


Ha, they truly are that corporation from wall-e. When blue origin eventually begins offering space cruise vacations it will really seal the deal.


I'm surprised more hobbyists haven't developed public mesh networks. There are so many wireless routers and devices that this seems like a great opportunity. I would think makerspaces would be all over this idea.

https://www.nycmesh.net/blog/how/


Back in the dark ages, there were hobbyists who would order alarm circuits ($6/month) and pay for the DSL equipment on each side. This let them connect to the internet back as it was in 1992 or so.

The problem with this was that you had to know somebody who would be willing to be the other side of your connection. That obviously didn't scale very well.

Portland tried having a [free WiFi](https://www.oregonlive.com/breakingnews/2008/06/portlands_wi...) setup with antennas mounted on streetlights. The goal was to have 95% of the city covered but most people needed a signal booster to reach the antennas and very few people did that. My guess is that even if they did that the bandwidth would have been really slow.

There have been a couple of attempts to do a mesh network in Portland with hobbyists but it's really hard. People have moved from computers to phones, tablets, and dedicated devices like Rokus or smart TVs.

A tech support manager I worked with said "these people don't want to be taught how to catch a fish. They want us to catch the fish, cook it, and serve it with a smile."

Some people are OK with amateur performance - there's no internet because Betty went away for the weekend and isn't there to re-boot the router - but most people aren't.


The free WiFi in NYC seemed to work pretty well, and there is NYC Mesh[1].

[1] https://www.nycmesh.net/


Building and running a network that is useful (fast and reliable enough) for home internet use is a full time job, and is hard work. This is why most hacker space mesh networks have not achieved anything close to this. NYC mesh is the one notable exception, but this is because it is someone’s full time job, and it is run in a pretty professional manner, like a small wireless ISP.

The alternative, a network that is not fast and reliable enough for home internet use, is another option. But in that case, what IS it useful for? These efforts usually just end up turning into weekly hack nights / hangouts for the mesh group, since there’s no real point in putting up hardware.

A third hurdle is that if you put together 12 random nerds in a hacker space, the odds that any of them can see any of the other nerds houses from their house is basically zero. Since wireless internet radios require line of sight, it’s very hard to even create the first link in the network in this scenario. Getting critical mass to form any kind of network in a neighborhood requires door to door sales, something that most mesh networking nerds are very bad at.


You lay out some really good challenges for establishing a decent public net

1) Maintenance. What are the challenges of maintaining? Hardware? Balancing network? Software integration?

2) Speed. What are the barriers for making fast and affordable?

3) Distance. What are the hurdles for last mile?

This has been telecom's unicorn for a long time. Fiber, wireless, satellite, cable where all promised to deliver. I think there is something with mesh networks and free software that can break this barrier. I don't know exactly what it would be but it still seems like a possibility to me.


Infrastructure is another issue. There's a lot of it between me and my nearest hacker space and while it would be possible to bridge it with guerilla relay transmitters that means deploying a lot of quasi-illegal radio units that are going to need battery changes and the cost could mount quickly. I feel like $10/unit is the magic price point for potential orphan hardware.

I think there's a strong argument to be made in California for having community-operated communications infrastructure in case of earthquake or disaster but it's got to be completely turnkey, with something people can just take home, plug in, and forget about.


A lot of people have tried - getting enough people to do it to support 1) any mesh network 2) your mesh network, specifically is hard


Well, there’s always Helium I suppose...if they haven’t pivoted again by now.


I am checking their homepage. It does not seem like they are doing something else? Still its a network to low bandwidth network to connect devices ?


Helium started out as a local IOT play but realized that nobody wanted their custom radio stuff. So now they're doing mesh-something-with-blockchain.



It specifies that it will accept L1 connections from: LoRa, FSK, or BLE. So this is basically L2/3. Great, but is it an open-source license-free standard that anybody can put on a (e.g.) RPi, or is it just their way of dominating the IoT? Is there an IEEE for secure stateless mesh routing? I would be shocked to hear that AMZN is the first to figure this out.


This isn't mesh routing, but rather pretty much what e.g. LoraWAN does (devices send data to gateways that forward it to "the cloud" that forwards it to applications). Nothing revolutionary from a technical or protocol POV.


So this is basically yet another reason to not let Amazon echo/Alexa on your network.


From a technical and privacy standpoint, is there a huge difference to the Apple U1 device network - with the limited amount of information that’s been made public?

I’m coming from a position of limited knowledge on both platforms, so curious.


Amazon's Ring device and how they work with police raises a lot of questions about what these devices will report, to whom, and etc:

https://www.vox.com/recode/2019/10/8/20903536/amazon-ring-do...

Makes you wonder that even if you choose not to share with police, if your amazon devices will help someone else's device do so...


> Makes you wonder that even if you choose not to share with police

This is a false choice, because police don't need your permission to obtain video evidence on Amazon's servers if they have a warrant or court order. They don't even have to notify you if they look at it or use it as evidence, either.

Most of the time law enforcement just asks providers nicely for the data they want access to, and providers comply. No warrant is even needed in that scenario.


Yep. In the US you generally have no standing to resist a warrant for your data that you handed over to a third party.

Don't use cloud based cameras.

Products like ring could easily be designed so that your data would be protected-- e.g. encrypt on the device, all storage is encrypted.. you give a password to any client to view it that amazon never sees. Yet even though its straightforward to do so this is not available in any commercial product that I'm aware of. I don't think that's an accident: These products exists to spread monitoring, -- mostly for marketing purposes, the fact that they can be abused by authorities for dragnet surveillance without (adequate) due process is just a "bonus".


> mostly for marketing purposes, the fact that they can be abused by authorities for dragnet surveillance without (adequate) due process is just a "bonus".

It's not just a bonus, it's a selling point. Not for normal consumers, but for law enforcement, and Amazon would like to keep the police surveillance use case secret[1].

From The Secret Scripts Amazon Gives to Cops to Promote Ring Surveillance Cameras[2]:

> Documents obtained by Motherboard reveal that Ring provides 46 standardized comments that cops can post on social media, and several documents with scripted responses to possible questions from the public.

[1] https://www.cnet.com/news/amazon-ring-wants-police-to-keep-t...

[2] https://www.vice.com/en_us/article/wjwea4/revealed-the-secre...


Amazon can protect you too. They don't care who they are protecting as long as they get paid, see:

https://nypost.com/2020/09/24/amazons-new-dashcam-gadget-all...


There is a big advantage of cloud based cameras and that is that the data is off premises and can't be just taken away on an SD card. Of course you could send video to your own server but that is beyond the capabilities of most users.


I use 'rclone' and 'motion' to push video and images to my google drive account. If I wanted to, I could easily encrypt it first. I think it's superior to most cloud video providers. I don't think most LE agencies would think to check something like Google Drive for active video feeds.

I also delete anything over 3 days(thanks rclone) and use a script which detects the presence of either my wife's or my phone on our LAN so the cameras auto-start when we're not home.


That's cool but accessible to about 0.1% of the population.


It’s not any harder than using an ftp account with curlftpfs as a Dropbox replacement!


So a standard HN solution then


My understanding is that police have been asking the owners for the video. It would seem that direct access to Amazon beyond finding out who has the video isn't entirely open.

If they can get a warrant then yeah it's moot, but that's not always the case.


This is law enforcement just asking nicely for the video. They do this before getting a warrant because it is less work. If you don't comply, they'll just go to a judge and order Amazon to release it.


They should be universally told to pound sand without a warrant. You don’t give the armed representatives of the state everything they ask for just because they’re being polite; make them go through the proper procedures with oversight.


Probably when you know that your neighbor was burglarized or attacked, etc., you don’t want to impede the investigation. That’s worse than not taking care of your weeds or garbage in your yard in terms of getting along with neighbors.


“Don’t impede the investigation” is second only to “think of the children” for the erosion of our rights. Those who will abuse their powers will always have a great excuse for it, which is why we must be vigilant.

And of course the neighbor can freely hand over their own data to the cops if they want to; the cops should need a warrant to get that video from Amazon directly.


There's both. Amazon has a feature for law enforcement to ask the owner nicely, but since these things upload to the cloud they can also get a warrant to get it from Amazon directly.

https://www.govtech.com/security/Amazons-Ring-Video-Camera-A... (warrant part right the end)


A system that requires warrants would be superior, even warrants are often rubber stamped. Just giving whatever law enforcement wants, even audio recorded in your own home, without even a shred of oversight is the literal definition of a police state.


>Makes you wonder that even if you choose not to share with police, if your amazon devices will help someone else's device do so...

It's safe to assume whoever's buying a ring doorbell probably has internet access as well so it's a moot point.


I'm guessing those devices will happily use the sidewalk network as a backup as well, you still might be sharing.


What’s everyone’s hot take on allowing eero routers within your network?


Yes, if you’re worried about it using (from the article) 80kbps of your bandwidth.

Otherwise no.


Think you might be mistakenly mixed up device to cloud speed vs device to device speed.

I think it states 500mb cap for device to device comms. That's a decent pipe for comms.


To quote the whitepaper [1] itself:

The maximum bandwidth of a Sidewalk Bridge to the Sidewalk server is 80Kbps, which is about 1/40th of the bandwidth used to stream a typical high definition video. Today, total monthly data used by Sidewalk enabled- devices, per customer, is capped at 500MB, which is equivalent to streaming about 10 minutes of high definition video.

My reading is that there are two caps that both apply to the same, device-to-cloud data usage:

- 80 kbps instantaneously per bridge device (e.g. Echo)

- 500 MB per month "per customer" (not sure if this is different from per bridge)

This seems reasonably consistent. At 80kbps, 500 MB would take about 14 hours to transfer, which is much less than a month, but I think the expectation is that bridges rarely max out the 80kbps.

[1] https://m.media-amazon.com/images/G/01/sidewalk/privacy_secu...


I worked with a casion who uses BLE to track you throughout their properties that is similar to this idea. The BLE along with their own data (w/l and how much) plus their app (https://www2.mgmresorts.com/app/) gave them every detail they needed to keep you playing slots. Headed for the front doors, boom free credit, headed to the elevators, free buffet, sitting by the pool for too long, new tables are opening, you get the idea. And of course since they own half the casions in vegas they can track you as you go to other casinos. Want to do fun stuff? Who is in your room with you? how long? where in your room? How long does it take you to get ready before heading to the show? What time did you go to bed / get up? What did you have for dinner, who did you have dinner with? Who did you chat with in the lobby and for how long? Where did they go after your chat? Where did you go? On and on. Not that they collect and use that data (see how I said collect and use?) but they could. They are only interested in your spending your money and could really care less who and how you have sex with or if you met up with a local coke dealer in the lobby, but cops might, it's all too much IMO.

Alot of you are devs, let your mind run wild with the data you could collect and sell, and then tell me if anything amzaon released yesterday isn't creppy.


But everything you described needs the app to be installed. No app, no problem.


If the people who install the application are not aware of how invasive the tracking is, I believe that would be the problem.


I'm sure it's clearly stated in the terms of service that they sat down to read before starting their vacation. /s


LoRa is super interesting and this is an absolutely logical step for Amazon and for Google Home. Providing ubiquitous gateways for IoT devices could enable an entirely new markets. Not everyone wants to spend $150 for a LoRaWAN gateway, nor do they see the value in doing so. Devices that come pre-configured with LoRa and can connect to a network through an Echo / Nest / Home device will function right out of the box. The marginal cost of adding something like LoRa or BLE to existing Internet connections is essentially zero.


> could enable an entirely new markets.

You mean entirely new ways to get our data?

Why do you think Google home devices are sold at a loss?


> The marginal cost of adding something like LoRa or BLE to existing Internet connections is essentially zero.

It is so painful to watch Comcast fail a completely captive customer base in IoT. It would be so easy for them to become the centerpiece of a wide array of independent companies developing devices. Instead they hand the customers to Gooplezon for zero benefit.

Comcast, you ignored my job application to do this for you years ago. That’s okay; I will consult for you for free, and you will become the good guys in this market.


Comcast. Good Guys in this market.

Divide by zero error.


If you'd ever worked for a giant ISP you wouldn't be begging to work for Comcast.


Are there legal implications on an ISP subscriber if illegal activity is conducted via their network? I would very much mind sharing a ‘small fraction of bandwidth’ while having arbitrarily large legal exposure.


My guess is that the legal exposure would be minimal because you'll only be able to connect to whitelisted endpoints (basically whoever partners up with AMZN).


Even if legally you're in the clear, you'd still run the risk of getting all you electronics confiscated until the police figure out that you were just sharing your bandwidth, no?


Piratebox [1] over lora? Is this the future of piracy?

[1] https://piratebox.cc/


Max 500MB per device per spec. Also 80kbpsmax , so, probably not.


You could share revolutionary texts like the Constitution, Bill of Rights and Das Kapital at least.


Based on my reading of the article all traffic is sent to amazon. So presumably you won't get in trouble for trickling a small encrypted channel of data to Amazon.

Basically with the fixed Amazon endpoint it bypasses direct illegal activity and general network abuse. Of course this means that everything goes through Amazon and that if someone gets your IP from Amazon you still might have some difficulty.


I think the security white paper addresses this silently by making the claim that the devices can’t be tracked due to a combination of encryption and periodic re-addressing. I’m skeptical of the security guarantees, but it’s a good step.


Why does this link to techcrunch instead of the actual source / whitepaper?

https://m.media-amazon.com/images/G/01/sidewalk/privacy_secu...


Perhaps the submitter was reading TechCrunch and not randomly browsing Amazon's press releases or wherever you might find that.


> The maximum bandwidth a device can use is capped at 500MB

Per day? Per month? Per year? For the device's lifetime?


Yeah, it's weird how they stated that. It sounds like it's for the lifetime of the device, which means a device could theoretically use up it's allotment in under two hours...


> Sidewalk, which is somewhat akin to a mesh network that, with the right amount of access points, could easily cover a whole neighborhood, is now getting closer to launch

Doesn’t that make it the very definition of a mesh network?


Nah, it's just a bunch of access points all wired to the internet, so all nodes are essentially 2 steps away from each other (node -> internet -> node) akin to a star topology.


Thank you! Was fuzzy on this


Further creepy ingress masquerading as helpfulness by the tech giants.


I really want development in low-bandwidth network to accelerate, not because I want to switch ON my garden lights outside my WiFi range but I think it could deliver network access to remote location for education and communication.

Education has come to a standstill for marginalised communities in several parts of the world, online education has become a norm as access to devices/Internet has been taken for granted, but it is causing irreversible harm to those who were already at the receiving end of the inequality.

Obviously low-bandwidth network isn't going to deliver Zoom classes, but I think a combination of broadcasting educational content through traditional free-to-air television/radio and low-power computer on a low-bandwidth network for text communication with the educator can help deliver remote education for the underprivileged[1].

[1] https://needgap.com/problems/149-remote-education-for-underp...


Not enough bandwidth for video. So their various camera devices can't do much with it. Not even their new home security drone.[1]

[1] https://youtu.be/I71IBh3qHX0


Can take compressed monochrome pictures, or low FPS video. 80 kilobytes a second plus tailor-made compression, plus 1 channel instead of 3 like RGB, can do a lot, actually.


Side note: Is it me or has Amazon been announcing a lot of things lately? I think the fact that Amazon is beginning to rule the fabric of the world and is controlled by the richest man in the world makes me slightly uneasy. I can't really place it right now but something tells me a decade from now this is going to be a big problem and they were just left unchecked to proliferate throughout the world until we became entirely dependent on them. Dictators and surveillance states often start in very non-obvious ways and most tend to not even see the issue when the exist within it. If the world is consumed by Amazon, what then?


Hedge against that by buying their shares. Sometimes I think the big caps are just call options on future corpo-governments.


Yeah, imagine if they were to improve our life even more!


And this is the unfortunate dichotomy. We are thankful to our abusers. We often don't even understand how they are using us for their own benefits but we are grateful to them. Something is awry but because we are reaping the benefits now we're blind to it.


It is not abusing, it is trading. The world is not zero-sum.


And that attitude is exactly why it's scary.


If you track the user ID along a route of IoT IDs (which they're totally not doing), factoring in the path taken and time between stops, you could probably find out which stores the user had been (window) shopping at.

For a massive e-commerce platform, it would be great info to digitally retarget the physically-abandoned shopping carts.


What are you on, you lunatic? Free WIFI free WIFI /s

That is sarcastic but definitely not a straw-man. I had those conversations and its quite sad to see how shortsighted people get when you attach free to something.

People are going mad over wearing mask since its a tool of control. But expose a mass surveillance system and noone bat an eye. Implement free grid wifi that will be able to track you across city and you are the next jesus.

They will probably try to fingerprint you even if you are not connected.



Sidewalk for my own devices? Great! Sidewalk for my neighbors devices? Nope. Wait, it’s all or nothing? Seems like a privacy issue.


I wonder if this could be used for Corona contact tracing?


> Amazon expects that users won’t mind sharing a small fraction of their bandwidth with their neighbors.

Very interested to see how this will be protected against exploits.


seems that Xfinity already does something similar, where by default, anyone can connect to your network as a guest (if they are an Xfinity customer themselves)




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: