Latest in Gear

Image credit:

How home assistants ruined us, an explanation

It’s the rise -- and revenge -- of the machines.
Violet Blue, @violetblue
December 31, 2019
371 Shares
Share
Tweet
Share
Illustration by Koren Shadmi for Engadget

Sponsored Links

Our situation became clear when my friend ran through Trader Joe's screaming "ALEXA WHAT TIME IS IT?" This wasn't a cringey mockumentary comedy segment. It's the way we live now. I'm certain San Francisco's sea of terrified Postmates and Prime delivery runners parted for her, trampling an Instacart personal shopper already wallowing in the misfortune of crawling along the baked goods aisle, feeling blindly under tortillas for lost earbuds. Everyone wondering if they should yell at Google or Siri to call 911. Several cameras are trained on everyone, of course, to memorialize and broadcast these special moments forever.

Understandably, everyone is doing their introspection right now; their year- and decade-end summaries of what was most dreadful in tech, and what lead to this mess we're all in. I can assure you that one of the key factors is what we have come to call The Internet of Shit and how we've embraced it.

This was the decade technology broke us. The products saturating our lives are released in the worst, most broken, untested, and often dangerously flawed forms imaginable. Think Skynet, but a dumbass. Terminator, controlled by Shitnet. We've seen the films, we know the dystopian warnings. It enslaved us as a species anyway. We cannot escape. Because Siri can't understand our pleas to unlock the door, the getaway vehicle won't start until it reboots, you can't even run away because your shoes are bricked from a bad update.

Just five years ago, Amazon told people it would be really cool if they could kindly put microphones in their homes with its release of the Echo (Alexa, 2014). This was after Samsung fired the starting gun to stick chips in everything with its SmartThings platform (2012). Google and Apple had already tricked us into carrying and depending upon their tracking and surveillance devices perversely called "smartphones." So naturally, both companies joined the connected home data collection gold rush with Google Home (2016) and Apple HomePod (2018).

Of course, each has its own standards and none will work with each other (yet). Some won't even work with themselves.

Anyway, the gold rush to stick a chip in everything and put spyware in people's homes coincided with a lot of things, but namely increased awareness around surveillance, digital privacy, hacking, security, and the looming threat of a data-harvesting-advertising IoT apocalypse. A lot of people wondered how secure and private all these smart things were. Turns out, not at all! "The problems researchers identified were the kinds of things we in the security industry were writing about 10 or 15 years ago," app security company Veracode cautioned in 2013. "A lack of basic authentication requirements to access administrative interfaces, open ports that leave the devices discoverable to internet scans, no privilege separation for user accounts and hard-coded passwords."

Like a drunk, dementia-addled billionaire bull in a china shop, each of the major players unfailingly rushed every dumb smart thing into our lives, consequences be damned.

They spied on us. This April, news came out that Amazon Alexa is "trained" by humans who listen to audio from users' homes and offices without their knowledge. No one knew this — nor did users realize that all the home assistants do this. The story continued this month in "Silicon Valley Is Listening to Your Most Intimate Moments" — one reporter working on the story commented that "The contractors listening to voices were all horrified, and saw an obvious violation," while "the companies were all surprised by the discomfort."

They tricked us. In February, users found out the hard way that Google slipped a microphone into its Nest Guard product. The company told press it "forgot" to tell people who bought the device and installed it in their homes. Can you imagine being one of the most powerful companies in the world with elite-educated staff, and forgetting something this serious? Nope, I can't either. Who do they think they are, Facebook? Well, woe to those who put a Nest Guard in their bedrooms thinking it was safe for truly private "no microphone" spaces.

They sold us broken things. It took The New York Attorney General's office filing suit in 2017 to force smart lock maker Safetech to secure their locks by adding encryption, among other startlingly basic things. In August this year, June smart ovens were discovered to be preheating to over 400 degrees, sometimes overnight and with food inside them. Users were told it would be months before a fix. "Like all things with software in them," we warned in 2015, "a dev somewhere probably meant to send it for a code audit, or eliminate the hard-coded password, or file a patch, or tell comms that customers urgently need to update the firmware on their smart toilet. But ultimately they were distracted by the chance to eat a dozen tacos for $2." Hopefully no one's home burns down in the meantime.

They took our data without consent. In 2017, Vizio settled charges admitting it put spyware on 11 million of its smart TVs to track people's viewing histories and sell the data to advertisers. LG had been caught doing the same thing in 2013, and in 2015 Samsung pinky-sweared that its smart TV's were not listening to you through its microphones. Regardless, this month the FBI issued a public warning about TV's spying on us, urging people to use caution.

They forced ads and DRM down our throats. Last month, developer Wes Bos was extremely annoyed that he had to opt out of an intrusive advertisement for McDonald's via the operating system of a TV he paid over a thousand dollars for. Keurig angered everyone in 2015 when its smart coffee machines came with software that blocks the use of older Keurig pods and pods made by competitors. (People are still finding ways to get around the DRM'd machines.)

Worst of all, they blamed us for what they had done. It's difficult to know where to begin with Amazon's Ring doorbell and camera system, whose problems are so voluminous and cringey we have to breathe into a paper bag every time we even think about it. The Ring product's close relationship with law enforcement is messy and scary, including the use of facial recognition and the pile of data exposed by vulns in its Neighbors app.

ring doorbell

Meanwhile, Ring (like Nest) is susceptible to credential-stuffing attacks, where hackers use black market tools to scrape usernames and passwords exposed in breaches and try them on new accounts, taking over if you re-used a compromised password. That's where the recent spate of in-home camera attacks came from, and now Amazon/Ring face a lawsuit over these hacks. (Oh, also: until recently, Ring's app was sending user credentials unencrypted.)

Ring's response has been to blame us. It published a blame-the-user blog post earlier this month, following a November set of congressional questions in which Ring said it was users' fault if a Ring camera violates their privacy.

And you know what? It's easy to believe Big Tech when they say it's all our fault, despite being obvious bullshit. In our cursed timeline where everything feels like a practical-effects, 1980s cyberpunk TV show, we chose to add these demonic toys into our lives. Do you even know your best friend's phone number? How crippled would your apartment be without WiFi? They rushed their products to market — yet we rushed to bring them home.

If Big Tech's framing of the situation feels wrong, that's because it is. We wouldn't be in this mess if it wasn't for the broken and codependent relationship between Big Tech and its enablers — not to mention that our situation of constant, invasive surveillance via products with half-assed security is absolutely, 100 percent by design.

The failings here are not ours. It is not our fault if everything the companies do to us is the same; nonconsensual, lazy, ignorant of history and blind to abuses, flagrant in their disregard and obvious in their pretenses. "We take your privacy and/or security seriously" is the purest fiction this era of tech has produced.

Perhaps we can't avoid the monsters these bloodsuckers created, but that does not mean we should ever stop fighting them.

Images: Daniel Cooper / Engadget (Ring doorbell video)

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
371 Shares
Share
Tweet
Share

Popular on Engadget

The 2020 Engadget Holiday Gift Guide

The 2020 Engadget Holiday Gift Guide

View
The best Cyber Week tech deals you can still get today

The best Cyber Week tech deals you can still get today

View
Amazon’s free news app on Fire TV now features local stations

Amazon’s free news app on Fire TV now features local stations

View
Razer Tomahawk modular gaming PC is now available for $2,400

Razer Tomahawk modular gaming PC is now available for $2,400

View
Destiny 2's next-gen upgrade requires downloading the game again

Destiny 2's next-gen upgrade requires downloading the game again

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr