Petnet is a $300 internet-of-things pet food bowl. Its network went down and stayed down for a week, leaving some pets to go hungry. The BBC reports that owners are livid and that it's not the first trouble Petnet's had maintaining service.
Petnet has two Twitter accounts. The official one has not tweeted since 30 August 2019 but the support account issued four tweets between 14 and 21 February about the problems experienced. In its first tweet it said a "system outage" was affecting second generation devices and asked customers not to switch off their feeder even if it appeared to be offline. ... On 21 February it said smartfeeders were "returning online" and a "system reset" was in progress.
Researchers at Carnegie Mellon have come up with this new IoT Assistant app (available for both iOS and Android) that will supposedly inform you about what Internet-connected smart devices are around you at any point in time, and what kind of information they might be collecting.
“Because of new laws like the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), people need to be informed about what data is collected about them and they need to be given some choices over these processes,” says Professor Norman Sadeh, a CyLab faculty member in Carnegie Mellon’s Institute for Software Research and the principal investigator on the project. “We have built an infrastructure that enables owners of IoT technologies to comply with these laws, and an app that takes advantage of this infrastructure to empower people to find out about and control data collected by these technologies.”
I've downloaded the app myself, and I plan on adding my own smart home devices to their database, just to see what I can find. I don't know how well it will actually work, but I'm certainly intrigued by the idea.
New infrastructure will enhance privacy in today’s Internet of Things [Daniel Tkacik / CyLab, the Carnegie Mellon University Security and Privacy Institute] Read the rest
@ShaneMorris: "My fridge has an RFID chip in the water filter, which means the generic water filter I ordered for $19 doesn't work. My fridge will literally not dispense ice, or water. I have to pay @generalelectric $55 for a water filter from them." Read the rest
The editors of Guardian Cities (previously) saw my Toronto Life blurb about how a "smart city" could be focused on enabling its residents, rather than tracking and manipulating them, and asked me to write a longer piece on the theme: The case for ... cities where you're the sensor, not the thing being sensed is the result. Read the rest
Nulledcast is a realtime podcast streamed on a Discord channel for the hacking forum Nulled: the hosts break into Ring and Nest cameras in realtime, blare sirens at the owners, then torment them with insults and racist slurs, livestreaming their responses to hundreds of listeners. Read the rest
We've been closely following the plan by Google sister company Sidewalk Labs to build a surveilling "smart city" in Toronto; last week, I sat down with the Out of Left Field podcast (MP3) to discuss what's going on with Sidewalk Labs, how it fits into the story of Big Tech, and what the alternatives might be. Read the rest
An Australian woman's creepy, violent ex-boyfriend hacked her phone using stalkerware, then used that, along with her car's VIN number, to hack the remote control app for her car (possibly Landrover's Incontrol app), which allowed him to track her location, stop and start her car, and adjust the car's temperature. Read the rest
Nest is a home automation company that Google bought in 2014, turned into an independent unit of Alphabet, then re-merged with Google again in 2018 (demonstrating that the "whole independent companies under Alphabet" thing was just a flag of convenience for tax purposes); the company has always focused on "ease of use" over security and internecine warfare between different dukes and lords of Google meant that it was never properly integrated with Google's security team, which is why, over and over again, people who own Nest cameras discover strangers staring at them from their unblinking camera eyes, sometimes shouting obscenities. Read the rest
The Cyber Independent Testing Lab is a security measurement company founded by Mudge Zadko (previously), late of the Cult of the Dead Cow and l0pht Heavy Industries and the NSA's Tailored Access Operations Group; it has a unique method for assessing the security of devices derived from methods developed by Mudge at the NSA. Read the rest
You know what's great about putting wifi-enabled, Turing-complete computers into things like lightbulbs? Not. A. Single. Fucking. Thing. Read the rest
One of the most obvious facts I've learned in covering the unfolding scandal of the secret deals between Amazon's Ring surveillance doorbell group and hundreds of US police departments is that Amazon loooooves to play word-games. Read the rest
Last week at Defcon, a security researcher named Smea presented their findings on vulnerabilities in the Lovesense Hush, an internet-of-things buttplug that has already been shown to have critical privacy vulnerabilities. Read the rest