mstdn.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A general-purpose Mastodon server with a 500 character limit. All languages are welcome.

Administered by:

Server stats:

17K
active users

I remember trying to buy a TV that does not have "smart" functionality a few years ago. It was a chore. Today it seems impossible.

And not just TVs: ovens; refrigerators; dishwashers — all have "smart" options. In fact, it seems that more and more the available non-smart models are only the simpler ones, less performant in ways that are not related to any smart functionality missing.

My non-smart TV was available only with lower resolutions than "smart" models of the same brand.

1/🧵

This really annoys me. I am too well aware of security implications of smart devices.

I do not want to have to manage regular software updates for whatever number of appliances I have at home, or risk somebody using them in a botnet (or worse).

And no, I don't trust their "disable WiFi" menu options either. Seen this setting get enabled without my consent too many times.

I *could* put them on a special VLAN, but 99% of people can't. That's a problem, and not just for them.

2/🧵

In 2016 a router-based Mirai botnet took down Dyn, one of the biggest online infrastructure companies, and many well known websites with it:
coar.risc.anl.gov/mirai-attack

Mirai mainly targeted home routers.

As early as 2018 there were already botnets that… used CCTV cameras. But of course the predominant media narrative was "hackers attack" instead of "vendors put us at risk":
vice.com/en/article/9a355p/hac

But I digress.

With all this in mind, I started thinking of how could this be solved?

3/🧵

So here's my (silly?) idea: a regulatory requirement for / smart-appliance vendors to provide either:

a). similarly-priced models physically without the smart functionality but with other performance metrics on-par with their smart models;

or

b). a reliable, verifiable, physical way of disabling smart functionality in their smart-devices.

I want to be able to buy a damn refrigerator without worrying about it joining a botnet! Just ain't cool.

I wonder if this makes any sense!

4/🧵/end

Just to clarify, my silly idea of a regulation would leave the choice between a). or b). to the manufacturer. I think it's fine to provide them with that choice.

A lot of responses to this ☝️ thread focus on how "one can simply not connect the smart appliance to the WiFi" or "you can just disable its WiFi."

It's my experience that such software settings tend to not be respected. A firmware update might "accidentally" enable WiFi. The appliance might automagically connect to open networks.

But is it just me? A poll! 📊

Have you experienced a "smart" appliance changing its network-related settings (WiFi on/off, etc) without your knowledge?

:boost_ok:

Hey fediverse, there seems to be a general understanding there are "smart" devices (Smart Tvs etc) that will not allow you to use them unless you connect them to the Internet so that they can call home. As in, they won't even function as a dumb HDMI screen.

However, I cannot find any source on this online. Anyone has a specific link, brand name, model, example of this? I am pretty sure this is true, just want to have a specific example.

Thanks! :boost_ok:

Michał "rysiek" Woźniak · 🇺🇦

Okay, I got my shit together and blogged about this thing.

I want a fridge that won't join a botnet
rys.io/en/164.html

> I could put such devices on a special VLAN, or behind a Pi Hole, but 99% of people can’t. Plus, it’s work. Plus, most importantly, you can bet that “smart” devices will start coming with SIM cards and 4g/5g modems very soon — cars already do. Why does my fridge need Internet connectivity in the first place?

Songs on the Security of Networks · I want a fridge that won't join a botnetI remember trying to buy a TV that does not have “smart” functionality a few years ago. It was a chore. Today it seems nigh-impossible. By the way, we need a nice way of referring to non-smart devices

Normalize using the word "Safe" as the opposite of "Smart" in the context ot / home appliances.

"I got myself a nice new Safe TV." 👍

@rysiek

Just waiting for the first terms of service which make it illegal to disconnect your fridge from the internet. Seriously think that will happen at some point, at least in theory.

@rysiek how else do they know how much milk to push?

@rysiek yo dog I heard you like internet so now there’s internet all over the place

@gretared *in*ternet. Because it's *in* your fridge, house, TV, toothbrush, and toaster.

@rysiek dammit! Now I am imagining a new job where instead of fighting rats and roaches, the exterminator goes around putting pi holes everywhere.

@rysiek I just want my internet-enabled fridge to have a cold booting option.

@rysiek To be honest, Having a fridge that is part of a botnet is in a way super cool... Me 25 years ago would had been amazed by that idea.

It's also cursed though.

@rysiek

> we need a nice way of referring to non-smart devices. I propose: “safe”.

@rysiek So big brother can monitor you and your family. The kitchen is the heart of the home.

@rysiek these TVs are safe, they have antivirus lmao

@ygalanter they are not. A Safe TV does not have any "smart" functionality. 🙂

@rysiek yeah I know I was kidding. I don't want my TV to have capability to be effing infected.

@rysiek when I was shopping for a replacement TV - only smart ones where available at the time. So I got one, but never connected it to the network and use it as a display only.

@rysiek I'd been thinking "privacy refrigerator" but maybe I can upgrade to "safe"

@rysiek I bought a cheapo 4k "TV" (it was basically a monitor) in 2017. Some rebranded Chinese(?) thing, labeled Bolva, PC registered it as V____, I forget exactly now. Anyway when it died last year I went looking and I sure didn't find anything labeled "TV" that wasn't "smart". I refuse to buy one. Ended up getting a 32" ViewSonic 4k gaming monitor for 750$, half price open box. I note, with considerable dismay, that smart monitors are becoming a thing. I no like.

@blackknight95857669 @rysiek I once had to trouble shoot a display issue. Ended up recommending they reboot the monitor. User looked at me in dismay. “I’ve already switched it off and on”. “Try unplugging it from the wall and counting to 10” I suggested. And magically it started working.

@dplattsf

Yeah no this one was definitely dead, lol. Once I had replaced it I took it apart and tinkered around and found at least one blown resistor. It really was cheap, 43" "4k" (it just barely qualified, next to no settings of any kind, no HDR etc, 4k res with max 30fps) for 275$ new. Even if I had the space/tools, wouldn't have been worth repairing it. Plus it was oversized for the living space I currently occupy. 32" is fine when you literally can't get farther than 6 ft away from it 🤣

@rysiek I feel like both words are always going to be lies with respect to consumer IoT.

@rysiek

"I got myself a new Smart Safe that I can unlock via WIFI or BT with my phone"

@rysiek

Smart TVs can also be safe. I only connect internet to mine when i want to use it to watch sonething streamed online.

The TV is the only smart home appliance i own.

@rysiek They make "smart" safes now. I gather that this thread is a safe space to discuss a safe safe?

@rysiek share! What brand what we’re the eventual trade offs?

@rysiek i thought 5G was invented that every device can be easily online and connected forever, without the customer beeing able to mess with it

@kavuskazian @crazy_pony yes, I will build a faraday cage for my fridge, that is definitely a reasonable solution. 🙄

@rysiek @kavuskazian That would not even work under any practical circumstances, think about a cage where any hole or slit would need to be <5mm so almost welded shut

@rysiek
This sort of thing is why I only get smart devices that will run locally, such as with OpenHAB.

I think we should also popularize the choice is between the "safe" model or the "autonomous internet of shit" model.

Great names!

@rysiek

@rysiek @dlakelan the only valid reason for an appliance to have an Internet connection is for preventive maintenance; another, related, would be to feed a causal #DigitalTwin for product improvement. However, current appliance don’t seem to have the sensors to support this #IoT capability, but just send useless scheduled alerts “your range needs cleaning” every Friday at whatever time you first hooked it up. That doesn’t justify the vulnerabilities.

@jadp you can also do "smart reminders" without internet access right? we had digital alarm clocks without internet since forever.

@unixb0y absolutely, and if we aren’t home, I don’t really care that my oven should have its weekly cleaning

@rysiek Let's just sum this up, "I want a fridge that won't join a botnet". Bang, done. End of story.

@rysiek Nice blog!
For a "TV" you can buy a "monitor", there are plenty of 'safe' models in many sizes/qualities/ price ranges.

5G is indeed going to be a disaster without proper regulation, especially in combination with "soft-SIM".
#InternetOfShit #privacy #5G #SoftSIM #SmartTV

@AstaMcCarthy

> For a "TV" you can buy a "monitor", there are plenty of 'safe' models in many sizes/qualities/ price ranges.

Large form displays that are not TVs tend to be way more expensive.

@rysiek They are cheaper, unless you don't count the data you also pay with.

@rysiek @AstaMcCarthy I just did a quick search using 55" (no particular reason I chose this size) and the price difference is correct, the monitors cost more - sometimes a whole lot more

And also, most of the monitors at this size are touting their "smart capabilities" as a feature 🤦🏻‍♀️

@AstaMcCarthy @rysiek Only real solution here is opening them up and soldering a 50Ω resistor between base of antenna trace and ground.

@AstaMcCarthy @rysiek But this still leaves local seizure of device with whatever it recorded on internal storage as a threat. It's likely to become more and more popular as police become further militarized and fash.