Sidewalk Labs is Google's sister company that sells "smart city" technology; its showcase partner is Toronto, my hometown, where it has made a creepy shitshow out of its freshman outing, from the mass resignations of its privacy advisors to the underhanded way it snuck in the right to take over most of the lakeshore without further consultations (something the company straight up lied about after they were outed). Unsurprisingly, the city, the province, the country, and the company are all being sued over the plan. Read the rest

Last week, Motherboard reported on a public record request that revealed that Amazon had struck confidential deals with local police forces to get them to promote the company's Internet of Things "Ring" doorbells, and the accompanying "Neighbors" app that produces a kind of private surveillance mesh overlooking nearby public spaces -- under the terms of the deal, cops would be able to see a map noting locations of Ring surveillance cams and request footage from their owners. Read the rest

After Bloomberg revealed that Amazon secretly sent recordings from Alexa to subcontractors all over the world in order to improve its speech-recognition systems, a whistleblower leaked recordings from Google Home to investigative reporters from VRT, revealing that Google, too, was sending audio clips from its voice assistant technology to pieceworkers through the Crowdsource app. Read the rest

Use the first reset sequence if:

Your bulbs are running on firmware version 2.8 or later (you can find your bulb firmware version by tapping on the device in your C by GE app).

We recommend counting with Mississippi (1 Mississippi, 2 Mississippi, 3 Mississippi, etc.).

Start with your bulb off for at least 5 seconds. 1. Turn on for 8 seconds 2. Turn off for 2 seconds 3. Turn on for 8 seconds 4. Turn off for 2 seconds 5. Turn on for 8 seconds 6. Turn off for 2 seconds 7. Turn on for 8 seconds 8. Turn off for 2 seconds 9. Turn on for 8 seconds 10. Turn off for 2 seconds 11. Turn on Bulb will flash on and off 3 times if it has been successfully reset.

If the factory reset above was unsuccessful, you might have an older version of the C by GE bulb. Please follow the instructions below to reset.

Bulb Reset Sequence – for firmware version 2.7 or earlier: We recommend counting with Mississippi (1 Mississippi, 2 Mississippi, 3 Mississippi, etc.).

Start with your bulb off for at least 5 seconds. 1. Turn on for 8 seconds 2. Turn off for 2 seconds 3. Turn on for 2 seconds 4. Power off for 2 seconds 5. Turn on for 2 seconds 6. Power off for 2 seconds 7. Turn on for 2 seconds 8. Power off for 2 seconds 9. Turn on for 8 seconds 10. Power off for 2 seconds 11. Read the rest

The Amazon Dash button has gone the way of the CueCat and other oddball forms of consumer tech that were quickly made obsolete by newer technology. The $5 wireless Dash button was promised to be an easy way to order consumables from Amazon, but configuring the devices was sometimes confusing. The people who really enjoyed Dash buttons were those who hacked them into Internet-connected remote control devices to accomplish useful tasks other than buying stuff.

From Cnet:

The Dash button isn't nearly as necessary as it used to be. Today, plenty more appliances connect to the internet. Amazon also integrated its Dash Replenishment Service into hundreds of products from major manufacturers like Whirlpool and Samsung worldwide. DRS lets appliances automatically reorder the stuff they need, like a printer purchasing new ink. No need to even push a button.

Plus, Amazon created virtual Dash buttons on its website and developed voice shopping through its Alexa voice assistant, which have both grown in popularity, Amazon says.

Researchers at the University of Washington have developed a wireless battery powered sensor that can be attached to a bee's back. The sensor logs temperature and humidity as the bee flies, and the battery is wirelessly recharged when the bee returns to the hive.

[A]fter the bees have finished their day of foraging, they return to their hive where the backpack can upload any data it collected via a method called backscatter, through which a device can share information by reflecting radio waves transmitted from a nearby antenna.

Right now the backpacks can only store about 30 kilobytes of data, so they are limited to carrying sensors that create small amounts of data. Also, the backpacks can upload data only when the bees return to the hive. The team would eventually like to develop backpacks with cameras that can livestream information about plant health back to farmers.

“Having insects carry these sensor systems could be beneficial for farms because bees can sense things that electronic objects, like drones, cannot,” Gollakota said. “With a drone, you’re just flying around randomly, while a bee is going to be drawn to specific things, like the plants it prefers to pollinate. And on top of learning about the environment, you can also learn a lot about how the bees behave.”

Image: University of Washington Read the rest

Arizona realtor Andy Gregg's Nest doorbell/camera started talking to him: the voice on the other end identified itself as a Canadian "white hat" security researcher who'd broken into his camera by using a password that Gregg had used on multiple services, including some that had been breached. The hacker warned him that he was vulnerable and told him to tighten up his security before a bad guy got into his doorbell. Read the rest

While researchers continue attempts to build practical insect-size flying robots, engineers at the University of Washington have prototyped a backpack for real bees that outfits the insects with sensing, computing, and wireless networking capabilities. From UW News:

“We decided to use bumblebees because they’re large enough to carry a tiny battery that can power our system, and they return to a hive every night where we could wirelessly recharge the batteries,” said co-author Vikram Iyer, a doctoral student in the UW Department of Electrical & Computer Engineering...

Because bees don’t advertise where they are flying and because GPS receivers are too power-hungry to ride on a tiny insect, the team came up with a method that uses no power to localize the bees. The researchers set up multiple antennas that broadcasted signals from a base station across a specific area. A receiver in a bee’s backpack uses the strength of the signal and the angle difference between the bee and the base station to triangulate the insect’s position...

Next the team added a series of small sensors — monitoring temperature, humidity and light intensity — to the backpack. That way, the bees could collect data and log that information along with their location, and eventually compile information about a whole farm...

“Having insects carry these sensor systems could be beneficial for farms because bees can sense things that electronic objects, like drones, cannot,” Gollakota said. “With a drone, you’re just flying around randomly, while a bee is going to be drawn to specific things, like the plants it prefers to pollinate.

The tiny embedded processors in smart gadgets -- including much of the Internet of Shit -- are able to do a lot of sensing without exhausting their batteries, because sensing is cheap in terms of power consumption. Read the rest

Adam Greenfield's new book Radical Technologies: The Design of Everyday Life (previously) has scored an outstanding review from The Guardian's Steven Poole, who calls it "a landmark primer and spur to more informed and effective opposition" to "the pitiless libertarianism towards which all [Smart Cities] developments seem to lean." Read the rest

Amazon is selling certified refurbished Echo Dots for $38. That's a great price for a gadget that plays podcasts, audiobooks, music, NPR updates, tells you the weather, and settles arguments about whether or not Nixon-era Secretaries of State are still alive. I use my Dot many times a day. It has a decent built-in speaker and the microphones (it has 7) can pick up and recognize what I'm saying with amazing accuracy even when I'm across the room. Read the rest

It's easy to squeeze the juice out of a Juicero juice bag with your bare hands. But for some reason, the $400 Juicero machine was built to squeeze charcoal briquettes into diamonds. Ben Einstein, a product designer and venture capitalist, took one apart to see what was inside.

Excerpts:

Juicero’s Press is an incredibly complicated piece of engineering. Of the hundreds of consumer products I’ve taken apart over the years, this is easily among the top 5% on the complexity scale. Because the door must transmit the force of the entire drivetrain pushing against the juice packs, we see MASSIVE machined aluminum components. It is exceptionally rare to see a custom power supply on a first-time hardware startup’s product as these are inspected very carefully as part of UL/ETL certification, creating additional cost and risk. Like many of the other systems on this product, the motor is seemingly custom to account for the exceptionally high rated power (stalls at 5A at 330V DC, which is hard to believe, possibly even a misprint on the motor casing) and sports a custom encoder system designed by Juicero (yellow arrow) Removing the sheet metal frame sheds light on a few more custom-machined aluminum drivetrain components. The number, size, complexity and accuracy of these parts is somewhat mind-blowing for a young hardware startup.

At least the engineers had fun designing this! Read the rest

This has been out for a while, but my IFTF colleague Brad just told me about it last week. It's the $400 Juicero juicing machine. To make juice with it, you must subscribe to receive pre-masticated produce that comes in packs (priced between $7 and $10 per pack, $35 to $50 per week). The packs are marked with a QR code that the Juicero scans to make sure it is "fresh." If the pack gets "out of code" (i.e., it's produce you grew, traded, or brought elsewhere) the Juicero will reject it. It's got a built-in Wi-Fi radio, which checks the date (and monitors your use of the juicer). The machine itself seems pretty neat - it presses the juice by squeezing the fruit, but they really need to let you use your own produce.

If this appeals to you, here's a smart floss dispenser you'll probably like.

UPDATE: A spokesperson for Juicero sent me an email, asking me to make some corrections to the piece:

- Produce Packs are $5 - $8 each, not $7 - $10

-The QR code is not to ensure you don’t use your own produce, it’s there to ensure that the produce is fresh, quality and to help consumers manage their Pack subscriptions. We don’t use any preservatives or additives, just fresh, organic produce, so the QR code ensures that the produce in the Packs is within the approx. 6 day shelf life. It also help you manage your Packs by enabling the Juicero App to remind you when your Packs are about to expire.

An amusing, slightly unsettling video. Just a glitch, right? Read the rest

Update: Dupe!

Internet-connected Cloud Pets stored recordings online and put associated data in an unprotected database for hackers to find.

Since Christmas day of last year and at least until the first week of January, Spiral Toys left customer data of its CloudPets brand on a database that wasn't behind a firewall or password-protected. The MongoDB was easy to find using Shodan, a search engine makes it easy to find unprotected websites and servers, according to several security researchers who found and inspected the data. ... During the time the data was exposed, at least two security researchers, and likely malicious hackers, got their hands on it. In fact, at the beginning of January, during the time several cybercriminals were actively scanning the internet for exposed MongoDB's databases to delete their data and hold it for ransom, CloudPets' data was overwritten twice, according to researchers.

Security researcher Troy Hunt reports that the snuggly spies, from Spiral Toys, "represents the nexus" of the problem with internet-connected appliances and toys: children being recorded, data being leaked, and the technical possibility of surreptitious access to children through networked toys. "The best way to understand what these guys do is to simply watch the video [advertisement for the toy]."

Here it is:- Toy captured kids voices- Data exposed via MongoDB- 2.2m recordings- DB ransom'd- And much more...https://t.co/HvePnZleXR

— Troy Hunt (@troyhunt) February 27, 2017

Clearly, CloudPets weren't just ignoring my contact, they simply weren't even reading their emails. 4 attempts (that we know of) were made to contact CloudPets and warn them of this risk.

It's called Cayla, it's about a foot tall, and it can be used to listen to and talk to the child playing with it. But who is doing the listening? Anyone in Bluetooth range, reports Germany's Federal Network Agency (Bundesnetzagentur).

An official watchdog in Germany has told parents to destroy a talking doll called Cayla because its smart technology can reveal personal data. ... The Vivid Toy group, which distributes My Friend Cayla, has previously said that examples of hacking were isolated and carried out by specialists. However, it said the company would take the information on board as it was able to upgrade the app used with the doll.

But experts have warned that the problem has not been fixed.

The Cayla doll can respond to a user's question by accessing the internet. For example, if a child asks the doll "what is a little horse called?" the doll can reply "it's called a foal".

Watch the BBC's video of Cayla, in its squeaky, sinister voice, say "I've been hacked to say all sorts of scary things."

Cayla was on Boing Boing last year when the FCC received complaints about it. Cayla is on Amazon for $45.

It's so easy to hack that everyday YouTubers are at it!

Read the rest

This entertaining video is a good way to learn what the Amazon Echo can do. Read the rest