Hackers say they breached Russian contractor, got details on IoT hacking project for Russia spy agency

• 'Fronton' is the FSB's IoT botnet project

New app helps you identify IoT devices around you, tells you what data they collect

Researchers at Carnegie Mellon have come up with this new IoT Assistant app (available for both iOS and Android) that will supposedly inform you about what Internet-connected smart devices are around you at any point in time, and what kind of information they might be collecting.

“Because of new laws like the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), people need to be informed about what data is collected about them and they need to be given some choices over these processes,” says Professor Norman Sadeh, a CyLab faculty member in Carnegie Mellon’s Institute for Software Research and the principal investigator on the project. “We have built an infrastructure that enables owners of IoT technologies to comply with these laws, and an app that takes advantage of this infrastructure to empower people to find out about and control data collected by these technologies.”

I've downloaded the app myself, and I plan on adding my own smart home devices to their database, just to see what I can find. I don't know how well it will actually work, but I'm certainly intrigued by the idea.

New infrastructure will enhance privacy in today’s Internet of Things [Daniel Tkacik / CyLab, the Carnegie Mellon University Security and Privacy Institute] Read the rest

MIT's "Smart Diaper" alerts caregiver when it's wet

MIT researchers outfitted a baby diaper with an RFID tag that emits a wireless signal when the surrounding material gets wet. The wetness "sensor" is actually a type of hydrogel that's commonly found in diapers to absorb liquid. As the hydrogel gets wet, it swells and its conductivity increases, triggering the RFID tag. The RFID tags are printed as stickers for around 2 cents each compared to other Internet-connected diapers in development with reusable sensors that cost as much as $40/each. From MIT News:

Over time, smart diapers may help record and identify certain health problems, such as signs of constipation or incontinence. The new sensor may be especially useful for nurses working in neonatal units and caring for multiple babies at a time...

(MIT AutoID Lab researcher Pankhuri Sen) envisions that an RFID reader connected to the internet could be placed in a baby’s room to detect wet diapers, at which point it could send a notification to a caregiver’s phone or computer that a change is needed. For geriatric patients who might also benefit from smart diapers, she says small RFID readers may even be attached to assistive devices, such as canes and wheelchairs to pick up a tag’s signals.

image: MIT News (CC BY-NC-ND 3.0) Read the rest

Google 'disabling Xiaomi integrations on our devices' after Nest Hub user picked up random pics from strangers' feeds

“Among the eight or so examples initially provided to Reddit are a handful of disturbingly clear images showing a sleeping baby, a security camera's view of an enclosed porch, and a man seemingly asleep in a chair.” Read the rest

Talking with the Left Field podcast about Sidewalk Labs's plan to build a surveilling "smart city" in Toronto

We've been closely following the plan by Google sister company Sidewalk Labs to build a surveilling "smart city" in Toronto; last week, I sat down with the Out of Left Field podcast (MP3) to discuss what's going on with Sidewalk Labs, how it fits into the story of Big Tech, and what the alternatives might be. Read the rest

Critical essays (including mine) discuss Toronto's plan to let Google build a surveillance-based "smart city" along its waterfront

Sidewalk Labs is Google's sister company that sells "smart city" technology; its showcase partner is Toronto, my hometown, where it has made a creepy shitshow out of its freshman outing, from the mass resignations of its privacy advisors to the underhanded way it snuck in the right to take over most of the lakeshore without further consultations (something the company straight up lied about after they were outed). Unsurprisingly, the city, the province, the country, and the company are all being sued over the plan. Read the rest

Cop says Amazon told him they had "partnered" with 200 US police forces to sell and tap into Ring surveillance doorbells

Last week, Motherboard reported on a public record request that revealed that Amazon had struck confidential deals with local police forces to get them to promote the company's Internet of Things "Ring" doorbells, and the accompanying "Neighbors" app that produces a kind of private surveillance mesh overlooking nearby public spaces -- under the terms of the deal, cops would be able to see a map noting locations of Ring surveillance cams and request footage from their owners. Read the rest

Like Amazon, Google sends voice assistant recordings to contractors for transcription, including recordings made inadvertently

After Bloomberg revealed that Amazon secretly sent recordings from Alexa to subcontractors all over the world in order to improve its speech-recognition systems, a whistleblower leaked recordings from Google Home to investigative reporters from VRT, revealing that Google, too, was sending audio clips from its voice assistant technology to pieceworkers through the Crowdsource app. Read the rest

Unintentionally funny video instructions for factory resetting GE light bulbs

Use the first reset sequence if:

Your bulbs are running on firmware version 2.8 or later (you can find your bulb firmware version by tapping on the device in your C by GE app).

We recommend counting with Mississippi (1 Mississippi, 2 Mississippi, 3 Mississippi, etc.).

Start with your bulb off for at least 5 seconds. 1. Turn on for 8 seconds 2. Turn off for 2 seconds 3. Turn on for 8 seconds 4. Turn off for 2 seconds 5. Turn on for 8 seconds 6. Turn off for 2 seconds 7. Turn on for 8 seconds 8. Turn off for 2 seconds 9. Turn on for 8 seconds 10. Turn off for 2 seconds 11. Turn on Bulb will flash on and off 3 times if it has been successfully reset.

If the factory reset above was unsuccessful, you might have an older version of the C by GE bulb. Please follow the instructions below to reset.

Bulb Reset Sequence – for firmware version 2.7 or earlier: We recommend counting with Mississippi (1 Mississippi, 2 Mississippi, 3 Mississippi, etc.).

Start with your bulb off for at least 5 seconds. 1. Turn on for 8 seconds 2. Turn off for 2 seconds 3. Turn on for 2 seconds 4. Power off for 2 seconds 5. Turn on for 2 seconds 6. Power off for 2 seconds 7. Turn on for 2 seconds 8. Power off for 2 seconds 9. Turn on for 8 seconds 10. Power off for 2 seconds 11. Read the rest

Amazon cancels Dash buttons

The Amazon Dash button has gone the way of the CueCat and other oddball forms of consumer tech that were quickly made obsolete by newer technology. The $5 wireless Dash button was promised to be an easy way to order consumables from Amazon, but configuring the devices was sometimes confusing. The people who really enjoyed Dash buttons were those who hacked them into Internet-connected remote control devices to accomplish useful tasks other than buying stuff.

From Cnet:

The Dash button isn't nearly as necessary as it used to be. Today, plenty more appliances connect to the internet. Amazon also integrated its Dash Replenishment Service into hundreds of products from major manufacturers like Whirlpool and Samsung worldwide. DRS lets appliances automatically reorder the stuff they need, like a printer purchasing new ink. No need to even push a button.

Plus, Amazon created virtual Dash buttons on its website and developed voice shopping through its Alexa voice assistant, which have both grown in popularity, Amazon says.

Read the rest

Scientists equip bees with tiny environmental sensors

Researchers at the University of Washington have developed a wireless battery powered sensor that can be attached to a bee's back. The sensor logs temperature and humidity as the bee flies, and the battery is wirelessly recharged when the bee returns to the hive.

[A]fter the bees have finished their day of foraging, they return to their hive where the backpack can upload any data it collected via a method called backscatter, through which a device can share information by reflecting radio waves transmitted from a nearby antenna.

Right now the backpacks can only store about 30 kilobytes of data, so they are limited to carrying sensors that create small amounts of data. Also, the backpacks can upload data only when the bees return to the hive. The team would eventually like to develop backpacks with cameras that can livestream information about plant health back to farmers.

“Having insects carry these sensor systems could be beneficial for farms because bees can sense things that electronic objects, like drones, cannot,” Gollakota said. “With a drone, you’re just flying around randomly, while a bee is going to be drawn to specific things, like the plants it prefers to pollinate. And on top of learning about the environment, you can also learn a lot about how the bees behave.”

Image: University of Washington Read the rest

Arizona realtor surprised to find Canadian "white hat" hacker talking to him through his smart doorbell

Arizona realtor Andy Gregg's Nest doorbell/camera started talking to him: the voice on the other end identified itself as a Canadian "white hat" security researcher who'd broken into his camera by using a password that Gregg had used on multiple services, including some that had been breached. The hacker warned him that he was vulnerable and told him to tighten up his security before a bad guy got into his doorbell. Read the rest

Bees wearing wireless sensors create a "living Internet of Things platform"

While researchers continue attempts to build practical insect-size flying robots, engineers at the University of Washington have prototyped a backpack for real bees that outfits the insects with sensing, computing, and wireless networking capabilities. From UW News:

“We decided to use bumblebees because they’re large enough to carry a tiny battery that can power our system, and they return to a hive every night where we could wirelessly recharge the batteries,” said co-author Vikram Iyer, a doctoral student in the UW Department of Electrical & Computer Engineering...

Because bees don’t advertise where they are flying and because GPS receivers are too power-hungry to ride on a tiny insect, the team came up with a method that uses no power to localize the bees. The researchers set up multiple antennas that broadcasted signals from a base station across a specific area. A receiver in a bee’s backpack uses the strength of the signal and the angle difference between the bee and the base station to triangulate the insect’s position...

Next the team added a series of small sensors — monitoring temperature, humidity and light intensity — to the backpack. That way, the bees could collect data and log that information along with their location, and eventually compile information about a whole farm...

“Having insects carry these sensor systems could be beneficial for farms because bees can sense things that electronic objects, like drones, cannot,” Gollakota said. “With a drone, you’re just flying around randomly, while a bee is going to be drawn to specific things, like the plants it prefers to pollinate.

Read the rest

Machine learning may be most useful in tiny, embedded, offline processors

The tiny embedded processors in smart gadgets -- including much of the Internet of Shit -- are able to do a lot of sensing without exhausting their batteries, because sensing is cheap in terms of power consumption. Read the rest

An important, lyrical, critical book about the future of "Smart Cities"

Adam Greenfield's new book Radical Technologies: The Design of Everyday Life (previously) has scored an outstanding review from The Guardian's Steven Poole, who calls it "a landmark primer and spur to more informed and effective opposition" to "the pitiless libertarianism towards which all [Smart Cities] developments seem to lean." Read the rest

Good deal on an Echo Dot: $38

Amazon is selling certified refurbished Echo Dots for $38. That's a great price for a gadget that plays podcasts, audiobooks, music, NPR updates, tells you the weather, and settles arguments about whether or not Nixon-era Secretaries of State are still alive. I use my Dot many times a day. It has a decent built-in speaker and the microphones (it has 7) can pick up and recognize what I'm saying with amazing accuracy even when I'm across the room. Read the rest

The Juicero is an impressive piece of over engineered hardware

It's easy to squeeze the juice out of a Juicero juice bag with your bare hands. But for some reason, the $400 Juicero machine was built to squeeze charcoal briquettes into diamonds. Ben Einstein, a product designer and venture capitalist, took one apart to see what was inside.

Excerpts:

Juicero’s Press is an incredibly complicated piece of engineering. Of the hundreds of consumer products I’ve taken apart over the years, this is easily among the top 5% on the complexity scale. Because the door must transmit the force of the entire drivetrain pushing against the juice packs, we see MASSIVE machined aluminum components. It is exceptionally rare to see a custom power supply on a first-time hardware startup’s product as these are inspected very carefully as part of UL/ETL certification, creating additional cost and risk. Like many of the other systems on this product, the motor is seemingly custom to account for the exceptionally high rated power (stalls at 5A at 330V DC, which is hard to believe, possibly even a misprint on the motor casing) and sports a custom encoder system designed by Juicero (yellow arrow) Removing the sheet metal frame sheds light on a few more custom-machined aluminum drivetrain components. The number, size, complexity and accuracy of these parts is somewhat mind-blowing for a young hardware startup.

At least the engineers had fun designing this! Read the rest

More posts