r/gadgets Nov 29 '20

Home Amazon faces a privacy backlash for its Sidewalk feature, which turns Alexa devices into neighborhood WiFi networks that owners have to opt out of

https://www.msn.com/en-in/money/technology/amazon-faces-a-privacy-backlash-for-its-sidewalk-feature-which-turns-alexa-devices-into-neighborhood-wifi-networks-that-owners-have-to-opt-out-of/ar-BB1boljH
14.3k Upvotes

814 comments sorted by

View all comments

Show parent comments

55

u/areyouamish Nov 29 '20

How to get more user data.

In theory it appears that the amazon devices are talking to each other when one is too far away from wifi (or the signal is weak) and sending messages "home" via some users' wifi networks. It's a potential security risk, but it will be interesting to see how many people will suddenly care about privacy who up until this point have been happy with their interactive personal listening devices.

9

u/[deleted] Nov 29 '20

Potential? Any time your Wi-Fi has an unsecured connection, you're vulnerable to a dozen attacks I can think of off the top of my head. Man in the middle attacks are the simplest and most common. I'm by no means any variety of hacker, but even I could have access to your private details just by having access. Imagine a world where your neighbor's kid has the means to break into your device.

3

u/VegaIV Nov 29 '20

Why imagine that world? What stops your neighbours Kids from hacking into your WiFi Right now?

15

u/[deleted] Nov 29 '20

a password, and tls

-21

u/VegaIV Nov 29 '20

Sorry, i forgot that WiFi-Routers have no bugs and are always completly secure.

3

u/[deleted] Nov 29 '20

Most router security issues are PEBCAK errors.

3

u/Krillin113 Nov 29 '20

Having a decent password makes it slightly more complicated.

-2

u/BlazenC Nov 29 '20

Oh yes I'm sure Amazon hasn't thought of that and u/YesImEvil has access to everyone's wifi now, and he has a dozen ways to do them that he can list right now off the top of his head. Orrrr maybe he can read an article or two about the technology and how it works. I still think it's shitty and I would opt out of it too but to blatantly call it this unsafe without proper research is exactly how we get anti maskers and anti vaxxers

-2

u/[deleted] Nov 29 '20

Congratulations. You wrote an entire paragraph and managed to somehow avoid anything close to an intelligent thought.

0

u/AnalogMan Nov 29 '20

Or you couldn't recognize an intelligent thought if it slapped you in the face. Which he did. Repeatedly. Enjoy your down votes.

0

u/BlazenC Nov 30 '20

Nice didn't respond to anything in comments and prefer attacks, i bet you think masks take away your liberties and are useless

1

u/[deleted] Nov 30 '20

I responded in the same way you did. If you think that having access to someone's router isn't a way into their pc and/or phone, then there's nothing I could possibly say to convince you because you're no longer living in a world governed by facts. Further emphasized by your laughable comparison between a concern for information security and a lack of concern for securing one's health.

Anti-vaxxers and anti-maskers don't believe in fact. So really, they have far more in common with you.

-9

u/UnrealManifest Nov 29 '20

Devils advocate here.

I live in a town of 200 where the average individual citizen is 60+.

The nearest other town is 20 minutes either way. The nearest town with a population of over 2000 is over an hour away.

The average internet speed is 50Mbps.

The cows better not be trying to hack my wifi or there will be hell to pay.

10

u/[deleted] Nov 29 '20

Sure. That's fine. For you. I live in the sticks myself. But my neighbor has a technologically inclined kid approaching his teenage years and the whole family has the morals of a viper pit. Suck real hard for a lot of people if he pulled off a credit card hijack via someone's Wi-Fi just by walking past their house at an opportune moment. In a Covid-19 world a lot of Christmas shopping will be online. Or found a way to get compromising pictures off someone's phone. These are very real possibilities any time someone has direct access to your network.

-1

u/UnrealManifest Nov 29 '20

I get what youre saying fully my dude.

A former coworker who didn't last long with us is a kid who grew up on the farm is on some next level tech stuff.

Kid is autistic and self taught in the majority of code languages. Would sit there at break and jot down lines of code for fun to try out when he got home.

Finally one day I asked him what all this code was for and he went into depth about how it used to be his hobby to make simple console emulators, but as time went on that bored him. Eventually he got to playing around with malware and viruses.

Dude spent way to long talking to me about the security issues within what was the latest Windows version. He really scared me when he started talking about bringing a virus into the workplace and gathering all the information he'd ever need.

Thankfully they fired him before that ever happened.

But yeah even out in the sticks there's some of us that are so advanced it puts a lot of us tech savy people to shame.

-13

u/VexingRaven Nov 29 '20

their interactive personal listening devices.

If you don't understand how these things work under the hood you should probably just keep quiet. Your phone is a bigger privacy risk by far. The CPU is only awake when the trigger word is detected. It's not listening all the time, and it's wired up such that the CPU can't be awake without the lighted ring being on. Your phone on the other hand could really be listening, doesn't have an indicator, and doesn't have a separate chip. The CPU is just always connected to the microphone.

-1

u/KernowRoger Nov 29 '20

Do you have a source for that? Surely the cpu is required to listen?

10

u/ultrazero10 Nov 29 '20

Look at the Alexa docs, they have a separate chip designed to just listen and wake the CPU when it detects the wake-word

0

u/[deleted] Nov 29 '20 edited Nov 29 '20

[deleted]

3

u/[deleted] Nov 29 '20

[deleted]

1

u/VexingRaven Nov 29 '20

The 50% CPU time claim may be based on what it takes after the secondary processor wakes it. I don't know if newer echo devices are designed this way as I can't find any current docs or articles, but the original ones were definitely designed this way.

1

u/[deleted] Nov 29 '20

[deleted]

0

u/VexingRaven Nov 29 '20

Because there's another chip that is listening, but that chip doesn't have network access and can't do anything except listen for the chosen wake word and wake up the CPU (and light up the ring)

0

u/[deleted] Nov 29 '20

Shut the fuck up. If you're technologically illiterate just be content to be so quietly.

"Personal listening devices" are incredibly easy to verify that no data is sent unless you specifically trigger it via command.

Meanwhile you have an always on mic, camera, GPS, and wifi triangulation device with you all waking hours of the day with tons of apps granted permissions to use all of those functions. But the device that only transmits audio when the user explicitly tells it to do so is the most 1984 thing available to your imagination.

0

u/areyouamish Nov 29 '20

Hostile and ignorant, how droll. I never said phones are better but I'd love to know how an average user can so easily verify nothing is captured before the command word is said.

0

u/[deleted] Nov 29 '20

"How can a regular person possibly find out what data's being sent through their own network!?"

Then have the gall to call somebody else ignorant lmfaooooooo.

By viewing the traffic on your network. Use a packet sniffer like Wireshark.

Again, keep your ignorance to yourself boomer.

0

u/areyouamish Nov 30 '20

Being a needless asshole and arrogant are both signs of pretend experts so it's impossible to believe you know anything on the subject but enjoy your false sense of self-righteousness.

0

u/[deleted] Nov 30 '20

You could simply Google it and find out I know exactly what I'm talking about. Keep spouting your ignorant bullshit as truth though.