https://www.bbc.com/news/technology-47800000

"It was introduced at the manufacture stage but the path by which it came to be there is unknown and the fact that it looks like an exploit that is linked to the NSA doesn't mean anything," Prof Woodward said.

"It could be organised crime gangs, which are increasingly interfering with the supply chain, or it could be someone playing geo-politics to discredit Huawei.

"There is no evidence that the company has done anything malicious or any evidence they were under pressure from the state."

The question remains, however, according to Prof Woodward: "How did the software engineering processes allow this on?

 

I don’t feel I can rely on Google to concern themselves with my privacy. Their entire business model is based on collecting information. Their corporate roots involve the NSA. They are motivated to push the use of information about people and places to the maximal profit potential, not to protect privacy or consider ethical impact. They even removed “don’t be evil” from their mission.

Amazon is second to Google in untrustworthiness in my estimation. They also depend on data collection and mining for their profit. The difference being that Amazon is highly focused on selling hard and digital goods which narrows the focus of their intrusion somewhat.

Microsoft feels more neutral to me. They don’t seem as invasive. Surely they are collecting and acting on data, but it’s not their business model. They sell software and hardware and want to increase their user base for those products. I don’t use very much of their stuff at all, so not as much of a concern.

Apple is my favorite among what I would say are all dubious actors at best. They have privacy as an actual selling point, express reasonable policies, and have resisted various government demands for access to data very vigorously. They have the lead for me, though that’s probably not saying much.

China, is for me, the biggest threat. Not just one company but the fact that state and enterprise being effectively welded together means anything coming to the US from China could be part of a state surveillance apparatus and the Chinese government is actively building such a network. I don’t rally think China is, at bottom, any more evil than the US security apparatus is willing to be, but they must respond in some way to public outrage while China has little concern with that.

 

https://www.theblaze.com/news/amazon-admits-listening-in-on-conversations-via-alexa

Amazon has admitted to employing thousands of people worldwide who are tasked with listening in on private conversations through its Echo line of speakers using the Alexa digital assistant, and the workers are revealing what they've heard.

 

https://www.theblaze.com/news/amazon-admits-listening-in-on-conversations-via-alexa

I don't know why someone would want to have that in their house. I won't even have a remote on a thermostat because they require you have a web account just to control it. Why do I need a web account?

 

We use Echos, and we've opted out of the "service improvement program". I also regularly delete the recordings made by the device.

The Echo has a lot of functionality for us, and interfaces with a lot of home automation.

 

I don't know why someone would want to have that in their house. I won't even have a remote on a thermostat because they require you have a web account just to control it. Why do I need a web account?

Much like you we have no real need for home automation. It, myself, my wife and the two dogs. I figure if I can get Biscuit to fetch me a beer that's all I need. I can see where in some homes and families home automation would be a nice to have but just can't see where we need it.

It would be nice to know if the sump pump is sumping during heavy rains or if the refrigerator or freezer decide to throw up I guess but beyond that beats me. So in conclusion I can see where it might work for some but I have no real practical use for it for us.

Ron

 

I had a vacation home almost 200 miles away in halfway up New Hampshire. It was shut down (no electricity, water and heat) for the winter typically. But we decided to keep it open one winter My daughters’s wedding was in the same town and we went up to plan the event.

My heating system was on the web. I got alerts when it could not be contacted which implied a power failure I didn’t want to deal with burst pipes. And it had the added advantage that we could pump up the heat before leaving to go there. So we arrived in a toasty home. And in the unlikely event that someone left the heat on, I could protect my pocketbook.

I needed a web account, so that my system was protected (reasonably). The remote control software is on the manufacturers servers. Hence, it required an account to authenticate.

Note: When I got divorced, my wife got the house. She didn’t take me off the account. That was very tempting, but I behaved.

 

I had a vacation home almost 200 miles away in halfway up New Hampshire. It was shut down (no electricity, water and heat) for the winter typically. But we decided to keep it open one winter My daughters’s wedding was in the same town and we went up to plan the event.

My heating system was on the web. I got alerts when it could not be contacted which implied a power failure I didn’t want to deal with burst pipes. And it had the added advantage that we could pump up the heat before leaving to go there. So we arrived in a toasty home. And in the unlikely event that someone left the heat on, I could protect my pocketbook.

I needed a web account, so that my system was protected (reasonably). The remote control software is on the manufacturers servers. Hence, it required an account to authenticate.

Note: When I got divorced, my wife got the house. She didn’t take me off the account. That was very tempting, but I behaved.

There is a good example of where remote monitoring is worth having. My sister has a cabin in West Virginia and lives in Columbus, Ohio. She has a considerable investment a few hundred miles away from her home and keeps an eye on everything from the comfort of her home. Djsfantasi has an investment and likes keeping an eye on things. When my sister gets a warning text and email something is wrong she has people there to call so in her case remote monitoring is worth whatever she pays for it. I like it because I have a nice cabin at my disposal.

So in some cases home monitoring or home automation is a great thing to have while in my own case not so much. We do own a plot of empty land in a place called Lake LBJ Texas which we pay property taxes on and maintenance fees twice a year. Maybe I should put a web cam on it so I can watch tumble weeds blow around. WE inherited it so when we are gone the kids or grand kids can worry about it.

Ron

 

When my sister gets a warning text and email something is wrong she has people there to call so in her case remote monitoring is worth whatever she pays for it.

In my case, I too had someone to call. Two trusted neighbors had keys, so they could give maintenance people access.

 

We use Echos, and we've opted out of the "service improvement program". I also regularly delete the recordings made by the device.

The Echo has a lot of functionality for us, and interfaces with a lot of home automation.

The problem with opting out is that you have no guarantee that they will actually honor the request. The same with deleting the recordings -- the best you can do is delete the recordings you know about. I'm definitely on the paranoid side, but I also tend to believe that if someone physically has the ability to monitor you, then sooner or later someone will come with with a reason why it just makes sense to monitor you, regardless of what the agreements might say or what the laws might say or anything else might say.

 

The problem with opting out is that you have no guarantee that they will actually honor the request. The same with deleting the recordings -- the best you can do is delete the recordings you know about. I'm definitely on the paranoid side, but I also tend to believe that if someone physically has the ability to monitor you, then sooner or later someone will come with with a reason why it just makes sense to monitor you, regardless of what the agreements might say or what the laws might say or anything else might say.

Of course. But I judge that it is not in their commercial interest to violate the terms they present. They depend on the fact that you are opted in by default, and that people will not opt out.

They can simply do what the agreement says, and violating that agreement is quite risky when they don't have to do it, and they don't.

So, I calculate the risk is not very great they will not honor the opt-out or store my data when I have chosen to delete it.

 

Of course. But I judge that it is not in their commercial interest to violate the terms they present. They depend on the fact that you are opted in by default, and that people will not opt out.

They can simply do what the agreement says, and violating that agreement is quite risky when they don't have to do it, and they don't.

So, I calculate the risk is not very great they will not honor the opt-out or store my data when I have chosen to delete it.

And yet I can't even begin to count the number of times I have been contacted by some company for marketing purposes despite going out of my way to make it extremely clear that they were NOT authorized to use my information in any such way and having them swear up and down that they never do that sort of thing -- only to have them do it. Given that those companies have always lost my business forever the moment they did that (just as I told them would happen if they ever did do it), I'm not so keen to assume that these companies make well thought through decisions when it comes to what's in their commercial interest -- or perhaps they do and their assessment of it is simply different than yours or mine would be. They weigh the risks of violating the agreement -- in light of the actual consequences they expect to pay if caught -- against what they perceive as the benefits of dong so and their calculus simply has different weights than I would assign.

But I agree that the odds are, for now, in your favor -- and we all have to take certain risks all the time, it's just a part of the era we live in. But there have been numerous instances where information was gathered expressly against the agreements entered into, so it's just something that I always assume is going to be the case and, as a result, choose to deny access to as much information as I can (and, where I can't physically deny access, opting out of everything I can as strongly as I can).

 

I am certainly referring specifically to Amazon, at this time.

 

https://arstechnica.com/tech-policy...opping-by-iot-devices-defanged-by-tech-lobby/

On April 10, the Illinois State Senate passed the "Keep Internet Devices Safe Act," a bill that would ban Internet device manufacturers from collecting audio from Internet-connected devices without disclosing it to consumers. But the bill was substantially neutered after a fierce lobbying effort by an industry association backed by Amazon and Google.
...
The lobbyists also complained that the bill would allow for "company terms of service agreements to be void and unenforceable even if a failure to disclose [recording] is accidental."

As amended, the bill lacks any specific enforcement provisions—instead it states only that the attorney general "shall have exclusive authority to enforce this Act." That means that individual consumers won't have the right to launch class action lawsuits on their own behalf if the bill is passed by Illinois' House of Representatives.

 

https://www.cnet.com/news/facebook-unintentionally-uploaded-email-contacts-from-1-5m-users/

Facebook "unintentionally" harvested the email contacts of about 1.5 million of its users during the past three years.

 

No one can stop them. They're protecting America's morality. The will make a bigot list.

You will get a morality rating.......like China.

 

https://www.zdnet.com/article/frenc...-im-app-to-replace-whatsapp-and-telegram-use/

The French government has developed its own end-to-end encrypted instant messenger (IM) app to replace government employee use of Telegram, WhatsApp, and other third-party IM clients.

https://thehackernews.com/2019/04/france-Tchap-secure-messenger.html

A white-hat hacker found a way to get into the French government's newly launched, secure encrypted messaging app that otherwise can only be accessed by officials and politicians with email accounts associated with the government identities.

Once installed the app surrenders and your phone then bursts into flames.

 

https://www.iflscience.com/technolo...ut-airport-tech-is-creeping-out-the-internet/

​

 

https://www.iflscience.com/technolo...ut-airport-tech-is-creeping-out-the-internet/

View attachment 176025​

Do vampires show up on digital cameras?

 

Of things to come...

https://www.nec.com/en/press/201904/global_20190418_01.html

From the release:

"NEC is promoting its "Social Solutions Business" on a global scale to create social value in the form of safety, security, efficiency and equality. Leveraging the results of these activities, the company aims to contribute to the resolution of global health issues and expand its business by providing biometric solutions to Kenya and other emerging countries"

How very humanitarian...