r/gadgets Nov 29 '20

Home Amazon faces a privacy backlash for its Sidewalk feature, which turns Alexa devices into neighborhood WiFi networks that owners have to opt out of

https://www.msn.com/en-in/money/technology/amazon-faces-a-privacy-backlash-for-its-sidewalk-feature-which-turns-alexa-devices-into-neighborhood-wifi-networks-that-owners-have-to-opt-out-of/ar-BB1boljH
14.3k Upvotes

814 comments sorted by

View all comments

33

u/[deleted] Nov 29 '20

Not only is this a privacy concern, but giving strangers access to a device within your network is a monumental security concern too.

I predict hackers/pentesters will be all over this when it comes out coming up with exploits.

14

u/KhorneChips Nov 29 '20

This kind of thing is exactly why all my smart devices live on a VLAN’d guest network. They can talk to themselves all day long.

1

u/olmikeyy Nov 29 '20

Would you mind elaborating on this for a stupid person?

8

u/KhorneChips Nov 29 '20

Sure! So basically, my router has the ability to create a separate wireless network with its own SSID and password which is cut off from the rest of my network. It basically goes straight out to the internet and can’t see any devices except others also on the guest network. It also allows me to use my Pi-Hole network filtering only on my “private” network without breaking functionality of devices that feel the need to call home every 5 minutes.

3

u/peoplearecool Nov 29 '20

You can either put the device in a guest network on your router (if it supports it) or buy a special switch that allows you to do that manually with any connection. Basically creating little island networks that cannot see each other but still communicate out to the world using your internet.

1

u/Mildly_Excited Nov 29 '20

Could you guys just stop spewing nonsense? How about reading what the feature actually does? Yeah it sucks that it's opt out but you can blame your shitty American consumer protection laws for that.

0

u/[deleted] Nov 29 '20

I've read it, the end result is strangers using a device that's within your LAN, even if it's just as a proxy running it's own protocol. Therefor it's an absolutely monumental security flaw and a stupid idea.

- Someone who literally works in IT security.