Przejdź do głównej zawartości
I remember trying to buy a TV that does not have "smart" functionality a few years ago. It was a chore. Today it seems impossible.

And not just TVs: ovens; refrigerators; dishwashers — all have "smart" options. In fact, it seems that more and more the available non-smart models are only the simpler ones, less performant in ways that are not related to any smart functionality missing.

My non-smart TV was available only with lower resolutions than "smart" models of the same brand.

#IoT

1/🧵
#iot
Ten wpis został zedytowany (1 rok temu)

3 użytkowników udostępniło to dalej

Michał "rysiek" Woźniak · 🇺🇦
This really annoys me. I am too well aware of security implications of smart devices.

I do not want to have to manage regular software updates for whatever number of appliances I have at home, or risk somebody using them in a botnet (or worse).

And no, I don't trust their "disable WiFi" menu options either. Seen this setting get enabled without my consent too many times.

I *could* put them on a special VLAN, but 99% of people can't. That's a problem, and not just for them.

#IoT

2/🧵
#iot

MBudostępnił to.

ocdtrekkie
Even if Wi-Fi is enabled, smart TVs can't connect to the Internet unless someone actually keys in their Wi-Fi password, no?
Michał "rysiek" Woźniak · 🇺🇦
@ocdtrekkie can't find the source right now, but there was at least one case of a major ISP, I think in the USA, that deployed home WiFi routers that created a special secret WiFi networks that were not controlled by their users. They were there for other customers of the company to have WiFi away from home, so to speak.

So yeah, people should not trust their routers either.
@ocdtrekkie
ocdtrekkie
Yes, that's Comcast. However, it's not secret, and you can shut it off. (And you can also buy your own modem instead of renting, which is generally preferable to save money anyhow.)

It actually provides a direct service to Comcast customers: I can connect to the xfinitywifi network on someone else's router if I am a Comcast customer, and the usage gets billed/associated to me, not the place I am.

Also a TV wouldn't be able to arbitrarily route over it either, because of captive portal.
Ed Davies
British Telecomm do that with their standard routers. It's not a particularly secret network, it announces its SSID, etc.

@ocdtrekkie
@ocdtrekkie
Michał "rysiek" Woźniak · 🇺🇦
@edavies oh, this is useful info. Any link about this?

@ocdtrekkie
@ocdtrekkie @Ed Davies
Ed Davies
https://www.btwifi.co.uk/

I forget the SSID but it's something obvious like BT-WiFi. My neighbours have a BT router which advertises this SSID as well as their own SSID but their router's off now - presumably because they've gone to bed.

I'm not sure but I seem to remember that the owner gets priority on most of the bandwidth so doesn't really lose out much by it.

@ocdtrekkie
@ocdtrekkie
Qyv (;* has moved *;) 🍍
@edavies @ocdtrekkie So do Virginmedia, though you can supposedly opt out of it. I've not noticed an extra SSID, and have opted out of it, but who knows whether the router actually takes any notice of my choice.
@ocdtrekkie @Ed Davies
robryk
UPC does something like that in Switzerland too. They allow the customer to enable/disable the feature: the incentive is that if you enable it, _you_ can use that wireless network on others' routers (there's no noticeable latency in flipping the setting, but I guess people usually don't want to bother flipping it back and forth whenever they travel).
robryk
https://www.upc.ch/en/support/internet/wi-free/

(to see that it's about using people's APs, look at the "will it affect my internet connection" question, to see that it's available-for-those-who-make-their-APs-available, look at the "how do I disable it" question)

Wi-Free - Get online with free WiFi | UPC

Free wifi in 500,000 locations. Become a UPC customer and benefit from the largest wifi network of Switzerland. Get connected with UPC Wi-Free.
www.upc.ch
zero323
@robryk @ocdtrekkie

Same thing in Poland (https://www.upc.pl/internet/poznaj/wi-free/) Interestingly enough, it appears that there is no straightforward way to opt-out anymore.

Furthermore, it seems like it disregards WiFi settings on the device (not that you can depend on the config in place anyway).

Hotspoty wifi UPC Wi-Free

UPC Wi-Free to darmowy dostęp do nielimitowanego Internetu UPC poza domem, dzięki sieci 800 tys. hotspotów. Logujesz się raz, a jesteś podłączony do internetu cały czas!
www.upc.pl
@robryk @ocdtrekkie
MiKlo:~/citizen4.eu$💙💛
@zero323 @robryk @ocdtrekkie @Michał "rysiek" Woźniak · 🇺🇦 A few years ago (when I was still using UPC) the opt-out looked like this, I requested at installation to set their router as a bridge and let all traffic through to my router (with #openwrt of course).
#openwrt @robryk @zero323 @ocdtrekkie @Michał "rysiek" Woźniak · 🇺🇦
zero323
@miklo @robryk @ocdtrekkie So, long story short. It is still possible to opt-out through their support (we'll see if it stays down for good).

Regarding bridge mode ‒ no luck here. Got caught in a loop LOL. When the device was in IPv4 mode, support claimed that they have to switch to IPv6 to make it possible. After switching to IPv6, they decided that it has to be IPv4. And then back again. It goes without saying, that the option was disabled either way.
@MiKlo:~/citizen4.eu$💙💛 @robryk @ocdtrekkie
Mark Wyner :vm:
@ocdtrekkie this is true. The company is Comcast. They set up their routers to connect to a universal broadband wifi network. So you could basically log into your Comcast account anywhere you could connect to one of their routers. The only way around it was to use your own router, but most people don’t know anything about that. Even though I’d never use Comcast and use another ISP, I own my own router and have it on lockdown for this reason.
@ocdtrekkie
Mark
@ocdtrekkie
Many ISPs (and off the shelf routers) here in NZ offer this as a mesh networking "feature".
It saves money for the ISP and adds hazard for their customers.
@ocdtrekkie
M. Hamzah Khan
BT Does this here in the UK.

Always thought this was extremely dodgy, especially since it's opt out, rather than opt in.
RedstoneLP2
@ocdtrekkie
here in Germany multiple ISPs do this. really annoying
@ocdtrekkie
Octavia con Amore
@ocdtrekkie Comcast? I know they have something like that, though it's not so secret.
@ocdtrekkie
Max Headroom
XFinity does this. You can opt out, but it's on by default.
Michał "rysiek" Woźniak · 🇺🇦
In 2016 a router-based Mirai botnet took down Dyn, one of the biggest online infrastructure companies, and many well known websites with it:
https://coar.risc.anl.gov/mirai-attack-dyn-internet-infrastructure/

Mirai mainly targeted home routers.

As early as 2018 there were already botnets that… used CCTV cameras. But of course the predominant media narrative was "hackers attack" instead of "vendors put us at risk":
https://www.vice.com/en/article/9a355p/hackers-are-using-cctv-cameras-to-create-botnet-swarms

But I digress.

With all this in mind, I started thinking of how could this be solved?

#IoT

3/🧵

Hackers Are Using CCTV Cameras to Create Botnet Swarms

Change. Your. Default. Login.
John Wenz (VICE)
#iot
Michał "rysiek" Woźniak · 🇺🇦
So here's my (silly?) idea: a regulatory requirement for #IoT / smart-appliance vendors to provide either:

a). similarly-priced models physically without the smart functionality but with other performance metrics on-par with their smart models;

or

b). a reliable, verifiable, physical way of disabling smart functionality in their smart-devices.

I want to be able to buy a damn refrigerator without worrying about it joining a botnet! Just ain't cool.

I wonder if this makes any sense!

4/🧵/end
#iot
Ten wpis został zedytowany (1 rok temu)

MBudostępnił to.

Exhaust_Fumes
makes perfect sense! I bought a new toaster a month ago and was completely unsettled by the number of "smart" toasters even.
Courtney Herber, PhD
@VCP - reminds me of @pluralistic 's Unauthorized Bread. Fantastic read, if you're so inclined.
@Cory Doctorow @Exhaust_Fumes
Derek Caelin 🌱
@court @VCP @pluralistic

That buying a disconnected appliance is now a very small act of rebellion... 😑
@Cory Doctorow @Courtney Herber, PhD @Exhaust_Fumes
marcink
Option B would be nice.
Somewhat related: hw manufacturers don't use physical, hard wired switches nowhere nearly enough. I loved the physical switch to disable wifi in old thinkpads. Or the physical shutter over cameras in some laptops. There should be way more of these, literally disconnecting power from stuff like microphones, GPS, or accelerometers.
Michał "rysiek" Woźniak · 🇺🇦
Just to clarify, my silly idea of a regulation would leave the choice between a). or b). to the manufacturer. I think it's fine to provide them with that choice.
xpac
Luckily most of them can be run in mode b) by just not connecting them to the network, but maybe you wanna use some basic functionality but skip, most of the bullshit... Gets harder and harder
Michał "rysiek" Woźniak · 🇺🇦
@xpac I don't trust those devices to actually not connect. Some Smart TVs actively seek open WiFi networks and auto-connect when they find one. Some ISPs run public access points on people's home routers.
@xpac
xpac
*sigh* these idiots... In 🇧🇴 we have a stupid law that helds you responsible, if somebody does something illegal over your Wifi, so open Wifis outside companies are pretty much non-existant, although the same stuff like Comcast exists, but it needs a login after the connect, so I don't worry about that. Still, they really shouldn't so this...
MB
 
MB  
Consumers’ rights to privacy should be guaranteed by manufacturers’ of smart-tools, including the right to customise / disable the “smart” function, as well as the right to disconnect products they bought from IT networks.
Ben Aveling
1. Ppl would still buy the ‘smart’ versions.
2. There’s already a lot of vulnerable IoT devices out there and they have a very long life.
3. It’s not technically hard for your ISP to know you have a compromised IoT device, but legally, it’s far from clear they have the authority to do anything about it.
Michał "rysiek" Woźniak · 🇺🇦
@BenAveling

1. Many, if most, perhaps. That's okay, as long as choice actually exists.

2. That's a related but separate problem. As an analogy: we can ban plastics even if there's already plenty of them in the environment.

3. It's not the ISP that should be doing something about this, it's the vendor. The ISP could alert the owner, regulation could allow the owner to sue the vendor. This could help also solve 2.
@Ben Aveling
JLab8
I had to return a thermostat because the model I needed (due to my equipment setup) had Alexa built in, and unlike their previous models, there weren't any obvious wires to snip to "fix" it once it was opened up. Had to switch to another brand completely.
Merijn 👨‍💻:mastodon:
I worried about this too, since I wasn't able to find a good 4k "dumb" TV a few years back. But i feel safe with it now because I deleted our WiFi credentials from the TV. It has played nice so far.
MadMcAugh
I like your thinking, but I prefer the "consumers should be able to disable all smart functionality" option. Otherwise, you're dependent on retailers choosing to take on the burden of stocking both the smart and non-smart versions of every device. And if they can sell almost as many items by just stocking the smart version...
Kevin Karhan :verified:
I think A& B should be mandated.

#SelfRegulation obviously doesn't work out as can be seen on the Windows "N", "K" & "KN" versions...

https://mstdn.social/@kkarhan/109709989982596496

Kevin Karhan :verified:

2023-01-18 11:33:15


I think vendors should be forced to allow their products to be used in a "stupid" config and 100% offline as well as being legally obligated to support their products and have that time as mansatory warranty (see #France) and being forced to #OpenSource it's schematics, firmware and parts when they #EoL it.

#selfregulation
Michał "rysiek" Woźniak · 🇺🇦
A lot of responses to this ☝️ thread focus on how "one can simply not connect the smart appliance to the WiFi" or "you can just disable its WiFi."

It's my experience that such software settings tend to not be respected. A firmware update might "accidentally" enable WiFi. The appliance might automagically connect to open networks.

But is it just me? A poll! 📊

Have you experienced a "smart" appliance changing its network-related settings (WiFi on/off, etc) without your knowledge?

:boost_ok:

  • yes, I have (43%, 66 votes)
  • no, not even once (56%, 87 votes)
153 voters. Poll end: 1 rok temu

Ten wpis został zedytowany (1 rok temu)
Lucire
All the time! Happened just last week.
Michał "rysiek" Woźniak · 🇺🇦
@lucire care to share more? What kind of appliance? What was the context (firmware upgrade? power outage? just randomly? etc)?

Obviously fine if you'd rather not. :blobcathappypaws:
@Lucire
Lucire
I’m not a technologist so I don’t even know what you call them, but one of the wifi things disconnected itself and reconnected itself. Random, not during an upgrade, not during an outage.
Not a range extender, not a transmitter—the name escapes me at the moment.
XorOwl 🎃
this made me realize i have surprisingly little iot in my life.
Oblomov
you forgot the “I managed to avoid getting a smart appliance so far”
Kaila
Thankfully, we are far enough away from the neighbors that I can see all visible networks and verify that they all use some sort of authentication. At the moment, none of our "smart" appliances/objects have the ability to connect to a network without needing a password but that could change if the neighbors do.
Sebastian Krzyszkowiak
I'm still in a happy position that the only "IoT" appliances I have around are those I made by myself; let's keep it that way for as long as possible 🤞
Leszek
No, I fixed the appliance with a battery drill when it arrived. It never enabled wifi since then.
Martin Hamilton
Don't forget the computer inside the computer, either! I was intrigued to find that the 5G modem in my OpenWrt based router is actually a tiny Linux box. It's truly penguins all the way down...
Screenshot of product page for Qualcomm 315 5G IoT modem. There's a stylised picture of the chip on a circuit board, and the text below reads... "Qualcomm 315 5G IoT modem specifications: CPU – Cortex-A7 core running Linux Cellular connectivity 5G Technology – 3GPP Rel.15 5G NR Peak speeds – Download: 1.54 Gbps; upload: 330 Mbps" ...etc
Sabrina Web :privacypride:
I'm lucky I have no smart appliances in my house, not even one. And I'm lucky I have a husband who supports my idea of "let's not buy anything smart or connected"
Merc
"A firmware update might "accidentally" enable WiFi"

Ok, but it's standard practice that even technologically unsophisticated people have passwords for their WiFi setups. Unless it contains software to crack the password, it won't be able to get online.

I'd love to have the option for a dumb TV, but if you never let your TV onto your network, the damage it can do is limited.
VE7FIM
And with things like sidewalk, you don't even have a choice (or won't even know).
Mark Crocker
it's not even an option to turn many things off.

In my #Subaru Impreza, I can never activate STARLINK and it won't connect, but there's no way to turn off the cell radio, so it pings towers wherever I go.

I _can_ turn off the Wi-Fi, but not the Bluetooth.

So I can't vote on the poll because there's no option for "they won't let me turn it off" 😡
#subaru
Nate Gaylinn
Besides security, I think folks don't fully appreciate the privacy cost of smart appliances. You're basically inviting corporations into your home to record _everything they can_ about your home life. Data about your interests and lifestyle are absolutely being pumped into enormous integrated databases used for ads targeting, personalized pricing, political propaganda, etc.
katzenberger
Become the parent of your smart TV.

As in: parental control, on your router.
Alan Miller :verified_paw:
re: connecting to open networks, how hard would it be for a manufacturer to partner with Comcast/Xfinity for devices to connect to their large Hotspot network?
Andrew
never seen that. If something did do that I would immediately take a knife to its motherboard to disconnect the antenna.
sparseMatrix ✅✅✅ 📻
I’m thinking of my phone, actually; many of the things I prefer having set to ‘off’, google prefers having ‘on’. So, most of those have to be turned off again after each android update.
Michał "rysiek" Woźniak · 🇺🇦
@sparseMatrix yeah, and don't get me started on iOS devices and Bluetooth. 🙄
@sparseMatrix ✅✅✅ 📻
Peter
those results are way too close.

I was really hoping for more of an 85/15 split towards 'no never'.

Not that I'm surprised.
Rich Felker
I know this isn't layperson friendly or what you're looking for, but shorting antenna to ground is probably the most reliable general solution at present.
Tim @toolbear#🪧@ Taylor
Related: I disabled Bluetooth on my iPhone, but when I opened my AirPods case it popped open the battery charge dialog on my phone anyway. So clearly it's communicating over BTLE against my express intent.
Ville Wilson
@toolbear Two things seem to be going on in that case. The airpods and the iphone communicate separately over NFMI for pairing and battery status. Also, turning bluetooth in control center on iPhone doesn’t really turn bluetooth off, it just disconnects all bluetooth devices. To truly turn it off, you’d need to go to settings and turn it off. However, Apple is really bad at communicating this.
@Tim @toolbear#🪧@ Taylor
Nick Foster
I get what you’re saying about software settings, but if you never connect it at all, it doesn’t have the password to connect, right?
Michał "rysiek" Woźniak · 🇺🇦
@nickfoster plenty of open networks around. I would prefer not to have to depend on "sure hope nobody creates an open wifi around here" to protect my privacy.
@Nick Foster
secureisd
You could just not connect it to Wifi?
Michał "rysiek" Woźniak · 🇺🇦
@secureisd if you browse through this thread you will find about a dozen toots suggesting this.

And about a dozen responses of mine pointing out that open WiFi networks exist, some smart appliances automagically connect to them, and I simply do not consider it reasonable to base my privacy on "hope there's no open WiFi around."
@secureisd
Konrad Dzwinel
@secureisd That's a good point I haven't considered. Plus, at some point, IoT will start shipping with cell network connectivity (cars alrady do).
@secureisd
Krister Renaud
I never add any credentials to the smart devices so I don't care if their WiFi is 100% disabled or not. If a neighbour hacks my tumble dryer, fridge, TV, or other device they still can't access anything.
Michał "rysiek" Woźniak · 🇺🇦
Hey #IoT #InfoSec fediverse, there seems to be a general understanding there are "smart" devices (Smart Tvs etc) that will not allow you to use them unless you connect them to the Internet so that they can call home. As in, they won't even function as a dumb HDMI screen.

However, I cannot find any source on this online. Anyone has a specific link, brand name, model, example of this? I am pretty sure this is true, just want to have a specific example.

Thanks! :boost_ok:
#infosec #iot
Ten wpis został zedytowany (1 rok temu)
river needs jungle, i'm afraid
Water leak detector: could alarm itself or on your phone, but refuses to do anything without connection to some, I don't even know which, companies. https://leakbot.io/

Home - LeakBot

{:en}The smart water leak alarm that spots hidden leaks before they become big problems.{:da}The smart water leak alarm that spots hidden leaks before they become big problems.{:}
LeakBot
HcInfosec
well most of cheap smart device here in the Netherlands
Michał "rysiek" Woźniak · 🇺🇦
@HcInfosec do you happen to have any specific brand/model or a link to a write-up about this?
@HcInfosec
HcInfosec
This one
Lsc-light.com
Smart socket
stereo griever
not the same thing but some TVs running Android TV require to accept Google Terms of Service to use the TV in any way
https://www.sony.co.uk/electronics/support/articles/00114157
DigitalStefan
@selfisekai I had to reset my LG TV settings, yesterday.

I find I’m unable to install the YouTube app unless I accept several terms, including consent to marketing and tracking, plus creating an account with LG.

I don’t know if that was always the case (only purchased last July).

Vexing, because LG’s WebOS is generally excellent to use, even if their SoC is so underpowered the UI gets a bit laggy from time to time (maybe only on their low end TVs?)
@stereo griever
stereo griever
Tado thermostats (most pushed brand on coolblue) requires wi-fi and manufacturer account.

>You have to connect the device to your home WiFi network. The device will always stay connected to your home network.
>For some smart thermostats, you have to make a user account with the manufacturer. You can't use device or the accompanying app without this account. This means that you have to share some personal information with the manufacturer.

https://www.coolblue.nl/en/product/877354/tado-smart-radiator-thermostat-starter-duo-pack.html#product-specifications
Ville Wilson
It may not fit the conditions completely, but most of the Xiaomi home appliances won’t work properly unless you install a xiaomi app on the phone and register a xiaomi account, allowing access to your contacts, numbers and plenty of private info. This includes xiaomi air purifiers, robot vacuum cleaners, air humidifiers etc. For example robot vacuum can be turned on but for it to map the room or create floor plan, you need the phone app with all of its permits.
karafuto
@villewilson yeah, my xiaomi scooter forced me to register and install an app, otherwise the scooter would beep every 10 seconds and it wouldn't be able to ride full speed. I uninstalled the app almost immediately and thankfully the scooter works fine like that
@Ville Wilson
Michał "rysiek" Woźniak · 🇺🇦
Okay, I got my shit together and blogged about this thing.

I want a fridge that won't join a botnet
https://rys.io/en/164.html

> I could put such devices on a special VLAN, or behind a Pi Hole, but 99% of people can’t. Plus, it’s work. Plus, most importantly, you can bet that “smart” devices will start coming with SIM cards and 4g/5g modems very soon — cars already do. Why does my fridge need Internet connectivity in the first place?

#IoT

I want a fridge that won't join a botnet

I remember trying to buy a TV that does not have “smart” functionality a few years ago. It was a chore. Today it seems nigh-impossible. By the way, we need a nice way of referring to non-smart devices
Songs on the Security of Networks
#iot
Ten wpis został zedytowany (1 rok temu)
FediThing has moved!
Just waiting for the first terms of service which make it illegal to disconnect your fridge from the internet.
What About Bob?
how else do they know how much milk to push?
Gretchen Anderson
yo dog I heard you like internet so now there’s internet all over the place
Michał "rysiek" Woźniak · 🇺🇦
@gretared *in*ternet. Because it's *in* your fridge, house, TV, toothbrush, and toaster.
@Gretchen Anderson
Gretchen Anderson
dammit! Now I am imagining a new job where instead of fighting rats and roaches, the exterminator goes around putting pi holes everywhere.
Ville Wilson
I just want my internet-enabled fridge to have a cold booting option.
Buy nothing new
yet another reason to buy second hand
Esi Jóhannes G.
To be honest, Having a fridge that is part of a botnet is in a way super cool... Me 25 years ago would had been amazed by that idea.

It's also cursed though.
phryk 🏴
> we need a nice way of referring to non-smart devices. I propose: “safe”.
Ashton Kutcher go "BURN!"
Democracy Marie Proia
So big brother can monitor you and your family. The kitchen is the heart of the home.
zero323
It's worth pointing out that even if disabled or isolated, each of these "smart" components, as well as the supporting infrastructure, requires real resources, often coming at high environmental and human cost.
Michał "rysiek" Woźniak · 🇺🇦
Normalize using the word "Safe" as the opposite of "Smart" in the context ot #IoT / home appliances.

"I got myself a nice new Safe TV." 👍

#InfoSec
#infosec #iot
Comfortably Numb
these TVs are safe, they have antivirus lmao
Samsung TV with Antivirus settings
Michał "rysiek" Woźniak · 🇺🇦
@ygalanter they are not. A Safe TV does not have any "smart" functionality. 🙂
@Comfortably Numb
Comfortably Numb
yeah I know I was kidding. I don't want my TV to have capability to be effing infected.
gra
I'd been thinking "privacy refrigerator" but maybe I can upgrade to "safe"
blackknight95857669
I bought a cheapo 4k "TV" (it was basically a monitor) in 2017. Some rebranded Chinese(?) thing, labeled Bolva, PC registered it as V____, I forget exactly now. Anyway when it died last year I went looking and I sure didn't find anything labeled "TV" that wasn't "smart". I refuse to buy one. Ended up getting a 32" ViewSonic 4k gaming monitor for 750$, half price open box. I note, with considerable dismay, that smart monitors are becoming a thing. I no like.
Laurence Raphael Brothers
I feel like both words are always going to be lies with respect to consumer IoT.
SpaceLifeForm
"I got myself a new Smart Safe that I can unlock via WIFI or BT with my phone"
sobkas
PC display instead of TV
Aroha Groves
Smart TVs can also be safe. I only connect internet to mine when i want to use it to watch sonething streamed online.

The TV is the only smart home appliance i own.
Andres Salomon
They make "smart" safes now. I gather that this thread is a safe space to discuss a safe safe?
Francis 🏴‍☠️ Gulotta
share! What brand what we’re the eventual trade offs?
Crazy Pony
i thought 5G was invented that every device can be easily online and connected forever, without the customer beeing able to mess with it
Michał "rysiek" Woźniak · 🇺🇦
@kavuskazian @crazy_pony yes, I will build a faraday cage for my fridge, that is definitely a reasonable solution. 🙄
@Crazy Pony @kavuskazian
Crazy Pony
@kavuskazian That would not even work under any practical circumstances, think about a cage where any hole or slit would need to be <5mm so almost welded shut
@kavuskazian
kavuskazian
This sort of thing is why I only get smart devices that will run locally, such as with OpenHAB.
Ted Dunning
I think we should also popularize the choice is between the "safe" model or the "autonomous internet of shit" model.

Great names!

@rysiek
@Michał "rysiek" Woźniak · 🇺🇦
Joseph A di Paolantonio
@dlakelan the only valid reason for an appliance to have an Internet connection is for preventive maintenance; another, related, would be to feed a causal #DigitalTwin for product improvement. However, current appliance don’t seem to have the sensors to support this #IoT capability, but just send useless scheduled alerts “your range needs cleaning” every Friday at whatever time you first hooked it up. That doesn’t justify the vulnerabilities.
#iot #digitaltwin @Daniel Lakeland
Roadskater, Ph.D.
Let's just sum this up, "I want a fridge that won't join a botnet". Bang, done. End of story.
Asta McCarthy
Nice blog!
For a "TV" you can buy a "monitor", there are plenty of 'safe' models in many sizes/qualities/ price ranges.

5G is indeed going to be a disaster without proper regulation, especially in combination with "soft-SIM".
#InternetOfShit #privacy #5G #SoftSIM #SmartTV
#privacy #5g #internetofshit #softsim #smarttv
Michał "rysiek" Woźniak · 🇺🇦
@AstaMcCarthy

> For a "TV" you can buy a "monitor", there are plenty of 'safe' models in many sizes/qualities/ price ranges.

Large form displays that are not TVs tend to be way more expensive.
@Asta McCarthy
Asta McCarthy
They are cheaper, unless you don't count the data you also pay with.
LisPi
@AstaMcCarthy Do you have some general numbers about this? It would be handy to be able to point at when I discuss this very topic.
@Asta McCarthy
Michał "rysiek" Woźniak · 🇺🇦
@lispi314 @AstaMcCarthy well, prices of TVs and displays are available online.
@Asta McCarthy @LisPi
LisPi
@AstaMcCarthy I meant more in the sense of actual numbers regarding post-sale & sale profits.
@Asta McCarthy
Blitzen
@AstaMcCarthy I just did a quick search using 55" (no particular reason I chose this size) and the price difference is correct, the monitors cost more - sometimes a whole lot more

And also, most of the monitors at this size are touting their "smart capabilities" as a feature 🤦🏻‍♀️
@Asta McCarthy
Jaap-Henk Hoepman (@xot)
there was a predecessor to the Nest thermostat that stopped working after Google bought the company and disconnected the central server. The name escapes me now by this was an infamous case
me·ta·phil, der
welcome to the internet of shit #internetOfShit
@internetofshit https://nitter.net/internetofshit
#internetofshit @Internet of Shit
Michał "rysiek" Woźniak · 🇺🇦
@metaphil oh I am well aware, but @internetofshit has not posted anything on fedi for a while, so… 🤷‍♀️
@me·ta·phil, der @Internet of Shit
me·ta·phil, der
yes, really sad that they seem to have lost interest in fedi completely even after taking the effort of setting up their own instance (which is still running mastodon v3.5.3 🤔)
Crazy Pony
the more recent Irobot Roomba automatic vacuum cleaners are one example. If you keep them offline for a while they stop running
Crazy Pony
i try to find them back, it was a big discussion somewhere 5 years ago
Gytis Repečka
Automatically connecting to open WiFi seems totally crazy 🫣 I bet such setups don't even check downloaded firmware checksums before installing 😆
sxpert
disbling wifi consists replacing the wifi antenna with a 50Ω resistor to ground
💙💛:~/eu/pl/priv$:idle:
And what, did you check it ? Because I am just checking and an external wifi-dongle with dummy load 50Ω works quite well some 3m from the router...
external wifi-dongle with artificial load
Ten wpis został zedytowany (1 rok temu)
Jake 🏳️‍🌈
@miklo
Which is good to 500 MHz and who knows what the impedence is at 2.4 or 5 GHz (depending on your wifi flavor). Although odd that you'd be receiving anything but then again RF is sometimes not going to do what you expect.
@sxpert @rysiek
@💙💛:~/eu/pl/priv$:idle: @Michał "rysiek" Woźniak · 🇺🇦 @sxpert
💙💛:~/eu/pl/priv$:idle:
Well that's why (among other things) this dummy load radiates something because it is neither impedance matched at 2.4Ghz nor shielded. Exactly like this proposed 50Ω resistor will act.
Ten wpis został zedytowany (1 rok temu)
Jake 🏳️‍🌈
@miklo @sxpert Ha, gotcha. I just completely missed the point you were trying to make. I'm not very good at subtlety most of the time :)
@💙💛:~/eu/pl/priv$:idle: @sxpert
Chris
I'm seeing this thread off a boosted comment but my experience is not with a smart device (we only have smart heating) but with a satellite tv decoder box

Our Sky Q box would frequently connect to the neighbours Sky router instead of our non-Sky router despite having no credentials

It first happened during the installers visit & I was told that it is quite common.

I did tell my neighbour who didn't worry about it

Ended up wiring it into my router & disabled Wifi in the engineer menu
Mateo del Sol
Had a similar issue with getting a new TV a few years back. I don't even want to think about other appliances possibly having some ridiculous connectivity.
My connection's got MAC filtering anyway, but like you said most people aren't taking that kind of time to configure their networks to restrict access.
I just want some electronics without extra shit. (if someone made a "dumb appliance" company right now, they'd be minted)
CelloMom On Cars
c). Wrap your appliance in aluminum foil?
😂

d). Offer to pay more for the not-smart version?

Companies force you to buy the "features". "It comes standard!" (but not free). They do this by making the basic version really crappy.

I just bought a printer with a cable. Manufacturer claims it has no WiFi. But maybe one day I'll wrap it in aluminum foil anyway.
robryk
What do you mean exactly by smart functionality? Anything that involves (bidirectional?) conversation with an external service? (For example, is a VCRs purely local ability to pause recording over commercials a smart functionality?)
Michał "rysiek" Woźniak · 🇺🇦
@robryk good question. I would actually be tempted to say: "hey manufacturers, you've been using the term smart for years now, so… this applies to whatever you say or have said is 'smart'".

But yeah, networking would be a good stand-in here.
@robryk
robryk
The first thing would probably backfire in interesting ways, given things like washing machines that have an advertised "smart" feature that they use less water by weighing the laundry. (It would either get bundled with the not-beneficial-for-consumer smarts or would lead to interpretation woes around "well, but _this is exactly the feature_ that causes the water usage metric to be lower.)
Michał "rysiek" Woźniak · 🇺🇦
@robryk sure, I never said any of this is easy.

I still like the "focus on networking" idea.
@robryk
robryk
The networking approach also helps with a different problem: things becoming obsolete due to the producer-operated infrastructure turning down. If something can operate without external communications, it doesn't have a hard dependency on such infrastructure.
mathew
I've just not given my TV the WiFi password, because Android TV is absolute garbage.
Michał "rysiek" Woźniak · 🇺🇦
@mathew there are smart TVs that automatically connect to any open network they find. So you not giving it a password might not help much.
@mathew
DeeAnn Little
yep. I'm actually doing this on purpose with my Android TV, letting it connect to the strongest open network which is also part of the Freifunk access point my neighbors and my household maintain (but I know most people don't have a setup like that).

@mathew
For my second smart TV I actually picked Android so I have a better idea what it's doing and what I can set. It's kinda klunky, but since I have no idea what my other TV does (LG, "not" networked) I'm somewhat more comfortable.
@mathew
dragfyre
"I want to be able to buy a damn refrigerator without worrying about it joining a botnet! Just ain't cool."

Quote of the year right here, folks
Michał "rysiek" Woźniak · 🇺🇦
@dragfyre haha, thank you! The year is young and there are plenty of great people writing great things out there, but I really appreciate you saying that. :blobblush:
@dragfyre
ShampooSkeletor
I agree. If I simply never provide my “smart tv” with my wifi credentials and also turn off wifi in it’s software, doesn’t that address the issue?
Michał "rysiek" Woźniak · 🇺🇦
@wincing I've had appliances magically "re-enable WiFi" without my consent or action. There are smart TVs that automagically connect to open WiFi networks they find.

No, you cannot trust software settings.
@ShampooSkeletor
ShampooSkeletor
that’s wild. Haven’t experienced that myself and it joining open networks isn’t an issue for me, due to my housing situation. Totally agree a hard switch or non smart option should be available. Tried to avoid a smart TV for years but recently needed a new one, and saw no other options.
Dawson
I want smart tvs to have their “smarts” be a removable HDMI stick like anfire stick or whatever, that way when they get too slow in 2 years I don’t have to throw out a perfectly good TV

Realistically I’ll just get a reciever and disengage the wifi, but still annoying af
Michał "rysiek" Woźniak · 🇺🇦
@bcoffy I do not trust any software-based settings like disabling the WiFi.
@Dawson
Dawson
I get that. I think they’d have a hard time connecting to wifi without a password. Personally my Roku TV is connected to my network but I pi-hole’d the hell out of all the telemetry domains they use
Barry Goldman
@redsage maybe the future is ALWAYS horror?

one day i will no longer be able to buy a car. definitely don't want a computer operating system in my car.
@Autumn the Red Sage
MiKlo:~/citizen4.eu$💙💛
@Michał "rysiek" Woźniak · 🇺🇦 Ad. b) - which can only be guaranteed by either a hardware switch for wifi module or an #opensource OS on the device.
#opensource @Michał "rysiek" Woźniak · 🇺🇦
jaroslav nahorny 🔪
well, even if the fridge has the ability, you don't have to connect it to the network, or am I missing something?
Austin Tate
oh..that is just FAR too sensible a suggestion to appeal to the data hoovering folks.
Only Ohm
@tinebeest
Surely if you
1. Don't plug it into an ethernet socket; and
2. Don't give it the password to connect to the WiFi,
then it can't join a botnet. Unless, I suppose, your next-door neighbour has non-password-protected WiFi.
@tinebeest
Arne Babenhauserheide
the botnet for DDoS is the harmless option.

Imagine a large number fridges turning themselves on and off in sync to tear down the electric grid.
DigitalStefan
I tend to agree with your sentiment and suggestions here.

But... I think the idea of "just disable WiFi" is perfectly fine. Even if something in the TV causes this setting to be switched back on without consent, how is it getting on your network without a password?

It can't unless it has truly heinous "automatically hack your network" stuff in the default firmware, which would get found out *very* quickly I'm sure!
Ted Mielczarek
a physical "WiFi interlock" on devices would be amazing, TBH. For TVs though, even without network access the manufacturers have turned the default UX into awful garbage. ☹️
Michał "rysiek" Woźniak · 🇺🇦
@tedmielczarek oh if you are saying that whoever decides to deploy those smart TV menus should be criminally responsible, I'm with you! :blobcatwink:
@Ted Mielczarek
Chris Hubbs (he/him)
I blocked my Smart TV via a VLAN... it proceeds to continuously flash a light on the front of the device to signal me that it doesn't have an internet connection. My options are apparently give it what it wants or... electrical tape to cover up the light.
GiacomoSansoni
That would be a good idea and I'd support it, but have you tried bringing up the topic to the assembly of a consumers' cooperative (if there's one such a thing where you live)?
Ward Mundy :mastodon:
Don't give the fridge your Wi-Fi credentials. Problem solved.
Tim @toolbear#🪧@ Taylor
I just want the biggest, flattest display I can afford in my living room. What I ended up with was a shitty Android device gradually rots until it's routinely interrupting my HDMI viewing with dialog boxes about some unused-by-me service that Google or Sony decided should run in the background.

Our industry was never great, but has become so bad that it has almost completely eroded my love of gadgets.
http :verified:
How would these devices connect to the Internet in the first place? For Wi-Fi you need to provide a password and mobile is too expensive, so not built in nowadays.
Jérémie Zimmermann🎶💗🧀🧉
cannot help but think of a next step, for when some will be tired to wait after legislators to do their job uncorrupted, or for manufacturers to stop produceling data-collecting-crap.. or for those who don't want to wait...

collecting information/manuals of where to drill, as safely as possible, to kill those chips, interrupt those "smart" circuits, etc?

#smart #surveillance #drillbits
#surveillance #smart #drillbits
Michał "rysiek" Woźniak · 🇺🇦
@jz oh we should absolutely be doing that, no question about it!

But again, that's a solution for the hackers who can implement it, along with VLANs, Pi Holes, etc.

I want a solution for my Mom. It'll take longer, and it will be more difficult to get, but I want the conversation started at least.
@Jérémie Zimmermann🎶💗🧀🧉
Kaila
@jz Agreed! Connection shouldn't be a condition of use nor should disconnection void any warranty (as hacking definitely would).
@Jérémie Zimmermann🎶💗🧀🧉
Jérémie Zimmermann🎶💗🧀🧉
nono i am talking of one *physical hole*, with a drill, as small and non-destructive as possible, then patched down with pretty smooth-looking silicon or something.. To surgically kill the beast.

Just to know the very precise centimeter+millimeter position where to drill, and the exact depth... again: surgical.

Doable by anyone. One could hire a handyperson, if proper instructions are available.

Would au contraire take that power away from the exclusive hands of computers hackers.
Michał "rysiek" Woźniak · 🇺🇦
@jz I understood perfectly what you were saying, but I stand by my statement that that is only a solution for hacky types that would be comfortable with implementing it.

For most people, this is scary beyond belief. Not only is this drilling holes in their "precious" electronics, but also it means loss of warranty, and other "unimaginable" consequences. Not to mention, if a device is being paid for in installments, it might be outright illegal.

I am not saying any of this is okay, of course!
@Jérémie Zimmermann🎶💗🧀🧉
Michał "rysiek" Woźniak · 🇺🇦
@jz so while I strongly agree with you we should totally be doing this and normalizing this, we also need to get a proper long-term solution for people, who do not feel comfortable with anyone wielding a drill anywhere near their home electronics, but would still be very interested in protecting their basic privacy.

And flipping a physical switch would be well within their comfort zones.
@Jérémie Zimmermann🎶💗🧀🧉
Jérémie Zimmermann🎶💗🧀🧉
One way is not incompatible with the other.

Sure, some could go and talk to whoever elected as whatever and ask them to do their job countering interests of mega-corps for the sake of human rights, interoperability, etc. As one who has done that, I wish luck to anyone willing to.

Yet at the same time we could revive a culture of owning one's things, like it's still the case with bikes and used to be with cars, that ppl do hack them and/or have ppl in their vicinity to do it for them.
Ruven Pomerance
my microwave has Wi-Fi. I honestly can’t figure out what I would do with that function. I literally have to be in front of the thing at the beginning and end of the process to put the food in and take it out and eat it. What is going to do? Eat it for me?
Killick
@pomerance - You might enjoy "Unauthorized Bread" by Cory Doctorow. It's a story about "smart" devices that don't work without phoning home, but they are the only appliances poor folks can afford. https://us.macmillan.com/books/9781250223166/unauthorizedbread
@pluralistic

Book details - Macmillan

*The first novella from Radicalized*Unauthorized Bread is a tale of immigration, the toxicity of economic and technological stratification, and the young and...
Macmillan
@Cory Doctorow @Ruven Pomerance
Barry Goldman
nuclear strike, if i recall, solves it. wipes out silicon chips?
Kevin Karhan :verified:
I think vendors should be forced to allow their products to be used in a "stupid" config and 100% offline as well as being legally obligated to support their products and have that time as mansatory warranty (see #France) and being forced to #OpenSource it's schematics, firmware and parts when they #EoL it.
#opensource #france #eol
Tim Panton
I agree with the sentiment , I bought a 'safe' TV - and paid extra over the 'smart' model.

However there are devices that _have_ to connect to serve their core purpose - Routers and CCTV cameras are good examples.

What we need is for them to be able to connect safely, work well within a local network and if it makes sense be accessed securely from outside a local network.

This is entirely do-able and legislation is starting to demand it.
Kaila
Our new thermostat started displaying a message that we could only clear by logging in via wifi. Problem? We had/have wifi turned off. Thankfully, in our case, a breaker flip reset it but it could have been a very expensive support call for what I consider an annoying "feature".

I am all for physically disabling wifi being a requirement.
Elda King
I think beyond the obvious, well discussed security problems it might be worth it to talk about how smart features can just be a nuisance, reduce reliability, create new incompatibilities and other drawbacks.

The complexity of the system creates many more points of failure, both in software or hardware. Not to mention planned obsolescence - just stop releasing updates any time and wait for things to break. And who would dream of a standardized ecosystem, so that you could get any app without depending on the manufacturer? Then you get into the intricacies of "which version of this protocol does it support, can I stream from my phone or not". And codecs, will it play x265 files from a USB stick? Obviously it won't allow you to just open a browser session to stream from a random site, you must use an app from the app store - if it exists.

It's not even that people are sacrificing security for convenience. Often enough they are sacrificing security _and_ convenience.
Shine McShine
Never forget what "smart" stands for:

S.M.A.R.T. = Smart Machines Are Ransomware Targets
Dave3307 🥑
If you never sign it in to your network shouldn’t be a problem? Unless the initial setup forces you to?
Michał "rysiek" Woźniak · 🇺🇦
@Dave3307 I've disabled WiFi on appliances only to notice it magically got re-enabled again a few months later.

Software settings are not trustworthy.
@Dave3307 🥑
Dave3307 🥑
I must not understand. If a device is not connected to a network how can hackers gain access? Even if WiFi is “on” it still needs to connect to something, no?
Michał "rysiek" Woźniak · 🇺🇦
@Dave3307 first of all, the word you're looking for here is "cybercriminals" or "attackers". Hackers made the software you're using to post this, so maybe let's not conflate them with common thieves that happen to use computers.

Second, there are devices that automatically connect to any available open WiFi. There are devices (for example: new cars) that have SIM cards and 4g modems built-in. And then there are systems like these:
https://en.wikipedia.org/wiki/Amazon_Sidewalk

Hardware switch or bust.
@Dave3307 🥑
MarlijnG
makes me wonder now if I need to figure out whether the never touched bluetooth setting on my electric toothbrush is off by default 🙃
Debbie Goldsmith 🏳️‍⚧️🏳️‍🌈
I change the wifi password to one that’s incorrect. That, or set up my phone as a hotspot with a unique password, connect to that, then change the hotspot password on the phone.
Dźwiedziu
“Regular software updates [in IoT]” xD xD xD
Kevin Karhan :verified:
+9001%
I want stupid.electronics!
M. Hamzah Khan
Even forgetting the security issues, in my experience the in-built "smart" features always suck and are underpowered.

Most people I know use an add-on device (HTPC/Chromecast/Android TV Box or something) for a better experience.

I'd much rather have a dumb TV, that does that well, and get an addon device that does that well.
Fish Id Wardrobe
I've luckily not had to experience this issue – our TV and white goods are all old – but when it comes, I'm thinking of buying a second Wifi Access Point, and not connecting it to the internet.
Michał "rysiek" Woźniak · 🇺🇦
@fishidwardrobe cars already come with simcards, why not appliances soon?

Amazon Sidewalk stuff creates networks using consumer devices without their owners having control.

I've had appliances that just randomly re-enabled WiFi without my knowledge.

What makes you think your choice of not connecting it to the Internet will be respected?

Hardware switch or bust.
@Fish Id Wardrobe
Fish Id Wardrobe
Oh, a hardware switch is *much* better. I'm just saying – if it insists on the wifi password, it's getting the password to the WAP with no internet.
Ben Gillam :bongoCat:
for myself I don’t worry about the smart stuff, specifically because I can VLAN it with my OTT home setup. BecauseICan (tm)

I’m hoping some day soon ISPs get on board and send out routers with the functionality to at least have an iot VLAN function built in and make people understand. Shouldn’t have to be this way but seems less effort than getting the millions of iot vendors to not make horrible smart implementations.
vruz
I can see a new market niche opening: Faraday cages for smart TVs.
Kevix (he/him) :debian:
I needed a non smart tv because it would make my tech averse moms life easier. Bestbuy didnt have them in stock, had to shop online.
Esi Jóhannes G.
** /me looks at his ancient non smart second hand TV that he inherited from his late uncle. **

I will treasure this TV and keep it running as long as possible. Heck, it even has Component inputs. Perfect for my OG xboxes.
Michał "rysiek" Woźniak · 🇺🇦
@walterscott wow, that level of misogyny is an insta-block here.

*plonk*
Woozle Hypertwin
@doot
To me, this just shows that the manufacturers view "smart" functionality primarily as a means of extracting additional revenue from the user, rather than as a value-added feature. They're telling on themselves.
Shaun Dyer
My washer and dryer are both smart for some reason. I’ll never connect them to the internet but it was hard to find a dumb one.
Michał "rysiek" Woźniak · 🇺🇦
@Kaiman666 funny you should mention that…
https://samcurry.net/web-hackers-vs-the-auto-industry/

Web Hackers vs. The Auto Industry: Critical Vulnerabilities in Ferrari, BMW, Rolls Royce, Porsche, and More | Sam Curry

During the fall of 2022, a few friends and I took a road trip from Chicago, IL to Washington, DC to attend a cybersecurity conference and (try) to take a break from our usual computer work.
https://samcurry.net/author/samwcyo/#author (Sam Curry)
@𝕶𝖆𝖎𝖒𝖆𝖓
mittfh
In the UK at least, viewing figures for live TV are on the decline while catchup TV and streaming services are on the rise - with some predicting traditional broadcast TV may no longer exist in a decade or two.

But with all Smart devices, there should be code to prevent anything piggybacking off their connection, and at router level, recognition of Smart devices when initially paired and limit communication to specific protocols - anything unusual gets blocked.
Michał "rysiek" Woźniak · 🇺🇦
@markusl ah that's also something I pondered; others proposed some solutions here already.

Namely:

1. "use before date" clearly marked on the packaging

2. automated security updates, responsibility for applying them should rest on the vendor, and they have to be provided in a timely manner until the "use before date"

3. after the "use before date" cut-off, vendor can either provide critical security updates, or has to release the code as FLOSS so that they can be created independently.
@MarkusL
DerSchulze
I cherish my dumb TV, which is already Full HD after all. But yes, I also deliberately bought the TV without smart functions back then.
Qyv (;* has moved *;) 🍍
We've got a 'smart' TV, our son's old one, but fortunately, Samsung didn't include the WiFi bit internally, and required owners to pay extra for a dongle.

Son had it plugged directly into his hub, hence no dongle, whereas here our hub is too far away to do this.

Consequently, nice big screen TV, without all the #InternetOfTat shit. So, win/win (:*
#InternetOfTat
Adrian Cochrane
I seem to have better luck in New Zealand, but not on TVs!

Oh well, I enjoy my projector... Except for how late the sun is setting this time of year...
FreebirdFrolic
damn eh!
All the easier to spy on us! Seriously!
kurtseifried (he/him)
So the trick is: buy the cheapest or second cheapest TV you can at Costco. 1-year money back "we don't care" policy. I got a Roku-based device. When I turn on my AppleTV, it turns on the TV which shows its interface with a 5-second count down to flip to the AppleTV. I assume this is to remind me/trick me into using the Roku interface. Which tried really hard to get my credit card # from me during setup.
Michał "rysiek" Woźniak · 🇺🇦
@kurtseifried the trick is: nobody should have to find hacky work-arounds to this kind of crap.
@kurtseifried (he/him)
kurtseifried (he/him)
the alternative would be expensive TVs which many people would claim “yeah I’d pay for privacy” but in reality no, no they wouldn’t.
Michael Sorg
looking for cheap TVs for traveling production setups (production setups, commentary monitors) that get beat up and tend to break. Started looking at cheap monitors instead. Kind of sucks when we have to run to a Walmart and the cheapest tv has Roku that acts weird to JUST use in input. Continual problem with one client’s cage display tvs during mma.
Satadru Pramanik
I just want all of my devices with clocks to have NTP support so I never have to set a clock again.
Jim Parsons
The #1 job of any device or service with the word "smart" in front of it? – make its manufacture and 3rd party #data broker partners smart about you & your family...

#BigTech
#BigData
#Surveillance
#SurveillanceCapitalism
#Privacy
#privacy #surveillancecapitalism #surveillance #data #bigtech #bigdata
aoctavio
@briankrebs Same experience last year. Once you get to a certain size and features all TVs are smart with terrible software to boot. My solution was to research and buy a TV with the features I wanted making sure I could skip even connecting it to the internet and turning off the intrusive features. I'm happy with the result. If I wanted a firmware update (most just update the software I don't use) I could do it with a thumb drive.
@BrianKrebs
Officially Jessica!
as annoying as the forced smart appliance model is, what is worse is smart appliances that fail to provide any use. For example, my LG refrigerator has Wi-Fi and an app … but no means to set or read temperatures. It is a glorified notification app for the filters which are hard coded to 3 month intervals. 🙄
joseph
I will hold onto my dumb tv until it dies. I don’t need another surveillance device in my house.
Lou Katz
Beware! 'Smart' devices all come with Terms & Conditions'
⌬ Codified ⌬
Yes p***es me off too. What I'd like to see is a bigger push into open hardware/software and I don't mind paying extra. I think that would solve your problem better.
Michał "rysiek" Woźniak · 🇺🇦
@Codified as much as I love FLOSS and open hardware, that would still not solve my problem.

I don't want to have to update my fridge and toaster on a regular basis so that they don't join a botnet. And even FLOSS code needs updates.
@⌬ Codified ⌬
Peter Murray
A few years ago, the advice I'd heard was to search for a "conference room monitor" to get a TV without all of the "smart" (e.g. privacy-busting) functionality. I don't know if that is still the case.
Azura Claire
I work in the appliance industry, it feels like everything is wifi connected. Seriously, when has anyone needed to start their dryer from work?!?!
Carnildo
My television is an old Linux computer with a tuner card. It's only as smart as I want it to be.
Gregory P. Smith (he/him) :python: 🚲🦝 :donor:
Nothing is smart if you never connect it to a network (or connect it to an untouchable network). Reviews tend to cover which things function reasonably without connectivity.
Michał "rysiek" Woźniak · 🇺🇦
@gpshead and you trust these software settings to be respected?

I had appliances that re-enabled WiFi without my consent before.
@Gregory P. Smith (he/him) :python: 🚲🦝 :donor:
Gregory P. Smith (he/him) :python: 🚲🦝 :donor:
Regardless you can buy non-ass network-less TVs. They're called Commercial Displays. Not "TVs". And are often tuned for non living room environments. They cost oodles more because they aren't subsidized by expected viewing data & ad placement revenue for the manufacturer.
Michał "rysiek" Woźniak · 🇺🇦
@gpshead they are twice as expensive, or more, because the screen is built to be on all the time.
@Gregory P. Smith (he/him) :python: 🚲🦝 :donor:
Timothy Jasionowski
All smart TVs are dumb if you never connect them to/block them from a network. Co-opt their alternative monetization schemes!
Michał "rysiek" Woźniak · 🇺🇦
@timoj I don't trust software settings to respect my preferences. This has to be a hardware switch.
@Timothy Jasionowski
Timothy Jasionowski
There doesn’t *have* to be anything. The whole reason these things are so cheap now is that they monetize the consumption data you’re trying to stop them from collecting and willing users who choose cheap over privacy is practically the entire market for TVs now. They want you to work for it. Either airgap, prove it is so promiscuous in its mission to phone home with your data that it would willfully violate the CCPA or GDPR to do it and sue, or buy something old/a monitor.
Michał "rysiek" Woźniak · 🇺🇦
@timoj or, you could read the thread till the end and see that I have a specific thing that I propose.
@Timothy Jasionowski
Timothy Jasionowski
I read the thread. The former isn’t commercially reasonable, as the data subsidizes the set, and the latter—a regulatory regime that protects you from unbridled personal data collection and allows you to buy a state of the art TV for next to nothing without sacrificing your privacy or security if you simply decline everything and airgap—already exists. Life is full of compromises.
ItsTeeEllCee
I recently paid $350 to have my non-smart 48" plasma TV I bought in 2005ish repaired. I was thrilled to find someone to do it, he thought I was crazy. I know it's a power pig, but it doesn't talk to me and I like it that way.
Voron
Orwell’s 1984 was prescient, but it’s not really the big bad government, it’s the Corporate fiefdoms run by the same Economic Royalists who pull the strings of politicians and horse trade them amongst other ultra rich folks
1984 is here but it’s a bunch of wholly own subsidiaries bringing to us, not one big government brother
WowSuchCyber
@briankrebs yep the best way is to buy screens designed for public places display, they generally are stripped down of all these features and some have a nice recessed spot to place your AppleTV/Streamer/Rpi
@BrianKrebs
OpenComputeDesign
I hate smart TVs (and indeed, most smart devices). The UIs of digital TVs already sucked more than enough to please even the most die hard masochist.
Mike Garuccio
@briankrebs tvs at least get real benefit from connectivity, and at least some of the vendors seem to be on top of updates for a few years, which is arguably a typical lifespan. But the kitchen appliances are almost always worthless features and there’s 0 chance they get supported for the decade+ expected of a fridge or oven.
@BrianKrebs
leah & nybbles & bytes, oh my!
checking out washer/dryers before Christmas, i was surprised to discover that only the very cheapest didn't have smart functionality. and the very cheapest name brand (Candy) did, and expected to be WiFi connected so i could control it from my mobile phone

because obviously, it's vital that the entire internet knows when i'm doing my laundry
Pyry
Won't smart TVs become "stupid" if they are not connected to the network? Or do they refuse to work without a network?
Pavel
another option is to pay extra for "professional" tv which won't have any smart nonsense, but can get pretty expensive
Damon L. Wakes
TVs have always struck me as a really odd device to make "smart" anyway. What I want from a TV is a really big screen. Anything I want to see on that screen can be displayed over HDMI, which can also be used to control the TV. Any functionality beyond that is just another point of failure for my big screen!
Kevin Karhan :verified:
+9001%

I just don't buy any TV but Monitors instead.

And yes, I too jate that #InternetOfShit stuff.
I want my home to be stupid!
#internetofshit
Michał "rysiek" Woźniak · 🇺🇦
@jrdepriest that's not the point. The unnecessary compute power remains, the buggy code remains, potential security issues all remain.

I want an appliance that I don't have to worry will join a botnet!
@J. R. DePriest :verified_trans: :donor: :Moopsy: :EA DATA. SF:
Michał "rysiek" Woźniak · 🇺🇦
@eric not in every smart TV. In more and more appliances WiFi card is baked into the mainboard.

@zero323
@zero323 @Eric Shields | 🅜assTransitKrow
Michał "rysiek" Woźniak · 🇺🇦
@adam

> I don't think that making exclusively smart devices should be a crime.

I did not say that.
@Adam
Michał "rysiek" Woźniak · 🇺🇦
@adam

> I don't agree that we should punish people who want to make tech that they enjoy, or force them to make additional things against their will.

I was very clearly talking about appliance vendors, not random hobbyist hackers hacking something up with a Pi for their own use.
@Adam
Michał "rysiek" Woźniak · 🇺🇦
@adam

> I'd rather see dependable/reliable/safe/secure tech become popular.

🤣 Good one!

Find me a way to force vendors to make safe and secure smart devices, and we can talk.
@Adam
Michał "rysiek" Woźniak · 🇺🇦
@fisherstudio that's a start but it's still only for the hacky types.

I want my non-tech-savvy parents not to have to worry about this.
@Fisher
Michał "rysiek" Woźniak · 🇺🇦
@tiburoncito the proliferation of smart TVs makes a great case for regulating that market.
Adam Dalliance
I don't own a television any more. They are too hostile. Better to just have a projector or a computer monitor attached to a FOSS computer.
AlisonW ♿🏳️‍🌈
cf Televisions still on sale, indeed new models, which are labelled "HD Ready" when HD broadcasts have been available for over a decade.
lj·rk
I know, this was not the point of your thread but in my quest to find a non smart TV I found the Philips Momentum "Gaming Monitor" which basically is a TV without any TV receiving tech but with a remote.

It looks like a TV ("designed for XBox") and behaves like one. I got the 43" version for 100€ used in almost new condition.
Charlotte
I get it for TVs -- after all, watching TV over the internet is a huge chunk of the TV market these days -- but I am baffled and annoyed at "smart" kitchen appliances. Nobody needs that nonsense, and at the very least there should be easily available options without it. I don't even want to buy a "smart" one and then disable that functionality, I just want a dumb microwave. It's a microwave, for **** sake!
ZephyrXero
There are still a few projectors without smarts. BenQ does a cool thing where they ship an optional Android TV dongle that is not installed yet. Best of both worlds
throAU
I just bought a smart tv and it only gets contrnt via hdmi from some other device.
CyberSecJames
I share your pain, and am not looking forward to my next TV purchase.
I'll have to do some research to see if the "smart" functions can be disabled... Perhaps with a pair of clippers, or a soldering iron
MiKlo:~/citizen4.eu$💙💛
@Jasey DePriest (she / her) :donor: :EA DATA. SF: @Michał "rysiek" Woźniak · 🇺🇦 There is no such thing as a 'market' for custom OSes for home networking hardware just a community working hard to reverse engineer the hardware and create FOSS software. Only a few manufacturers officially support FOSS OS in their routers.
@Michał "rysiek" Woźniak · 🇺🇦 @J. R. DePriest :verified_trans: :donor: :Moopsy: :EA DATA. SF:
Luke Diaz
There is no reason for a fridge to have WiFi. It feels like letting a spy in the house.
Hannes Hauswedell
Same for me. We went with an Android TV in the end, because there was no high-end TV that wasn't smart.

I have spent considerable time in making it work without having to provide a Google account, but I still cut its power when I am not using it.

TBH, there are some things I like about having AndroidTV, but I would much prefer an external device operated and installed by myself.
steeph 🎆 ٩(˘◡˘)۶
The weird thing is: Those "smart" features (whatever features this label stands for) usually mean many drawbacks in exchange for minor benefits that are only useful in corner cases.

I don't have anything against the internet of things. I like for example that all my hygrometers are accessible via LAN (and WAN if I want to). But, as an example from the opposite side, the assumption that wanting a TV/large monitor in the living room includes wanting to have a microphone listening to what's going on in that living room and talking to Google, Amazon, idk whom, is absurd.

I wish I could buy a dumb 65" monitor for a reasonable price. I don't want software to mess with the colors, chang
joncamfield
@m0rpk a smart boiler????!?! There is … everything wrong with that. Product lifespan. Failure states. Whyyyyyyy
@Richard
Richard
@DigitalStefan @joncamfield It’s not quite that bad. Ethel can still control the heating locally. She just can’t switch it on or off when away from home, and risks some future software change b0rking everything from afar. Nor can she stop her boiler being pwned and co-opted into a botnet / used as a jumping off point to steal all her data (except that Ethel’s thermostat is now on a separate vlan thanks to her son…)
@joncamfield @DigitalStefan
DigitalStefan
@joncamfield @m0rpk Good grief. So, us-west-1 goes down and Ethel can't have hot water?!

I would be finding that plumber and having a chat.
@joncamfield @Richard
Michał "rysiek" Woźniak · 🇺🇦
@m0rpk yeah, I had a close call myself, my parents almost got a cloud-enabled boiler too. Intervened in the nick of time.

@DigitalStefan @joncamfield
@joncamfield @DigitalStefan @Richard
Michał "rysiek" Woźniak · 🇺🇦
oh wow, so sorry to hear that, but I have to say this is such an interesting case of technology failing its user!

Thank you so much for sharing.

@sparseMatrix
@sparseMatrix ✅✅✅ 📻
Ten wpis został zedytowany (1 rok temu)
MyPartOfReality
The new "smart" stuff I've purchased isn't even smart. Major non functions and total fails. HDMI reliability problems abound in the new versions. Trying multiple brands of fastest HDMI cables make no difference. The power control over HDMI has to be disabled because it does the opposite of what should happen most of the time. Software problems abound One product glitching out when changing audio tracks. Another failing to deliver 2 channels sound from simple 2 channel source.
Michał "rysiek" Woźniak · 🇺🇦
@linuxexperten thank you, as a cybersecurity expert with over a decade of experience I was clearly not aware of that.

I also appreciate you reading the whole thread before responding, this raises the quality of discourse here immensely.

Please, if you have any additional advice, I am eager to hear it.
ares
your "smart" tv isn't smart anymore if you refuse to connect it to the internet
Michał "rysiek" Woźniak · 🇺🇦
@ares I don't trust it not to connect to open WiFi by itself. Do you?

Also, cars already come with 4g modems and SIM cards, wanna bet TVs are somewhere down the line also?
@ares
MiKlo:~/citizen4.eu$💙💛
@Michał "rysiek" Woźniak · 🇺🇦 @ares
The real problem with #IoT is internet connectivity that:
- has global reach
- does not require any user authentication to connect (as in #wifi)
- is not user-controlled (cannot be switched off or checked to see if it is sending/receiving anything)

Currently, the #ecall system in cars fulfils all the above conditions and, unfortunately, is generally required by law in the EU.
#iot #wifi #ecall @Michał "rysiek" Woźniak · 🇺🇦 @ares

4 użytkowników udostępniło to dalej

Michał "rysiek" Woźniak · 🇺🇦
@miklo @ares yup. I expect Smart TV manufacturers to start rolling out 4g modems and device SIM cards in the next few years. Can't have those pesky Pi Holes block off that sweet sweet data revenue stream!
@MiKlo:~/citizen4.eu$💙💛 @ares
MiKlo:~/citizen4.eu$💙💛
@Michał "rysiek" Woźniak · 🇺🇦 @ares If the unit cost of mass production of complete modules for 4g/5g communication already today does not exceed a few dollars, and the cost of data transmission over the life of the device can be included in its price, what will stop manufacturers from fitting communication (i.e. usage/user tracking) into every possible device that has some sort of power supply: white goods, hairdryer, toothbrush, etc.? Nothing will stop them except a strong law that would prohibit this .
@Michał "rysiek" Woźniak · 🇺🇦 @ares

2 użytkowników udostępniło to dalej

Urusan
@miklo @ares This is it major goal of 5G.

The limitation that was the bottleneck with 4G was simultaneous connections per tower. If the 4G network were used in this way, the price per connection would soar as the network became overloaded.

With 5G, this is a minor issue, with each tower being able to handle an absurd number of connections.
@MiKlo:~/citizen4.eu$💙💛 @ares
Daniel Schildt
@urusan @miklo 5G technologies are designed to use multiple transport channels. Besides of traditional 5G towers, cable modems and *DSL devices are a part of the overall infrastructure, as those reduce the capacity issues in urban environments. First stage is mainly focused on phones using WiFi as much as possible (for individual customers themselves), but telco ISPs are also making those devices part of the mobile data infrastructure.
@MiKlo:~/citizen4.eu$💙💛 @Urusan
Daniel Schildt
@miklo @ares Mesh networks of home devices are already happening. Besides of Amazon's home devices creating open mesh network with any compatible device (across the walls to street and neighbours), there are similar in electricity measurement systems, solar panels, etc.
@MiKlo:~/citizen4.eu$💙💛 @ares
Walter van Holst
@autiomaa @miklo @ares Yeah, and wifi-p in automotive probably is similarly problematic (even though I prefer that over UMTS-based connectivity).
@MiKlo:~/citizen4.eu$💙💛 @Daniel Schildt @ares
Daniel Schildt
@whvholst @miklo @ares Funny part recently in the news was that most car tires have RFID tags that allow fingerprinting cars on the street. No need to use camera when industrial RFID reader is enough... 😓
@MiKlo:~/citizen4.eu$💙💛 @Walter van Holst @ares
pettter
@autiomaa @whvholst @miklo @ares My decision/laziness to not get a car (or, as of yet, even a driving license) is vindicated once again.
@MiKlo:~/citizen4.eu$💙💛 @Daniel Schildt @Walter van Holst @ares
Adam Ierymenko
@autiomaa @miklo @ares I wonder if you could hijack any of these networks to create a pirate mesh for tiny messages like texts?
@MiKlo:~/citizen4.eu$💙💛 @Daniel Schildt @ares
Walter van Holst
@miklo @ares ecall should only kick in after a sufficiently violent deceleration, and is in that sense "off" by default. But you're probably not wrong by being concerned about it.
@MiKlo:~/citizen4.eu$💙💛 @ares
Michał "rysiek" Woźniak · 🇺🇦
@whvholst @miklo @ares no, but these are SIM cards in cars that keep them connected all the time and exposed to these kinds of shenanigans.
@MiKlo:~/citizen4.eu$💙💛 @Walter van Holst @ares
Michał "rysiek" Woźniak · 🇺🇦
@stoponerr oh this is useful, thanks! Trying to find some write-up about this online.
Francis 🏴‍☠️ Gulotta
of you pay more and get “display monitors” for kiosks and advertising, it’s a tv with very few features. These things are being made but since they’re not subsidized by ads and monitoring they’re usually more money.
Michał "rysiek" Woźniak · 🇺🇦
@samgai that would focus the issue on the presumed mysterious "hackers" that in the predominant media narrative hypothetically go around and "hack" all Internet-connected devices they can find.

Instead, "Safe" focuses the narrative on the fact that "smart" devices are simply unsafe, and on the manufacturers' / vendors' responsibility for that unacceptable state of affairs.

So, "Safe".
@‏lol‏ ‏fedifriend (cat aspect)
Claudius Link
@stoponerr
The KAMTRON WiFi IP Remote Control Security Camera can't be used without internet connection and accessing their online service
Earthshine
@prasincs This is my approach as well, with the notable exception of AndroidTV, assuming:
1. The smart TV software does not get in the way of any basic functionality, and does not require extra steps to switch to a regular input on startup
2. allows installing third party apps like jellyfin, steam, and has USB peripheral support for kb/m and game controllers
3. supports Audio Return Channel so I can play things on the TV while taking advantage of the receiver

This effectively removes the need for me to connect and manage a media PC in the living room.
@Prasanna Gautam
Ville Wilson
https://arstechnica.com/gadgets/2023/01/half-of-smart-appliances-remain-disconnected-from-internet-makers-lament/

Appliance makers sad that 50% of customers won’t connect smart appliances

Did users change their Wi-Fi password, or did they see the nature of IoT privacy?
Ars Technica
Kaila
@villewilson I love it when companies assume "oh, customers don't understand value" instead of stepping into our shoes and trying to understand us. I'm one of those guilty ones - have a Lennox "smart" thermostat that will never be given a wifi password. It's programmable without it and I don't need the connected features enough to outweigh the risk
@Ville Wilson
sxpert
Look ma, no smart bullshit 🤣

https://cvp.com/product/postium_obm-w550_monitor
Michał "rysiek" Woźniak · 🇺🇦
@sxpert @villewilson this is several times more expensive than any "Smart TV" with similar parameters.

So no,that's not a solution.
@Ville Wilson @sxpert
sxpert
the data hoarding by the “smarts” in the tv is probably worth the price difference
Michał "rysiek" Woźniak · 🇺🇦
I see non-Smart (aka "Safe") TVs for fraction of the price of computer monitors. For example:
https://www.ceneo.pl/94023747#tab=spec

This is 55" but it costs ~300GBP. So a full order of magnitude less than what you linked.

My point is: we should not expect or force people to pay 10× more just for the privilege of not having their device spying on them.

Telewizor Manta 55LUN120D 55 cali - Opinie i ceny na Ceneo.pl

Manta 55LUN120D od 1599,00 zł ✅ Sprawdź lub napisz opinię ✅ Przekątna 55 cali, Matryca LED, Odświeżanie 50 Hz, Nie posiada, Tuner DVB-C, DVB-T2, Rodzaj ekranu Prosty. Porównaj ceny w 2 sklepach.
Ceneo.pl
Ten wpis został zedytowany (1 rok temu)
sxpert
those stores don't deliver outside poland, this is rather useless
Michał "rysiek" Woźniak · 🇺🇦
@sxpert @villewilson the point is the over 10× price difference. I'm sure if you look for them you can find some non-Smart TVs in the UK for way less than the monitors you linked to.

And even if not, it's not because non-Smart displays need to cost that much, or that Smart TVs get so much cheaper because of the data hoarding stuff, as the Polish example proves.
@Ville Wilson @sxpert
sxpert
or the devices are priced according to particular markets...
Michał "rysiek" Woźniak · 🇺🇦
@sxpert @villewilson I found non-Smart TVs in Poland, Iceland and Germany. They are reliably cheaper than computer monitors in the same markets.

You are free to do the research in UK, frankly I can't be bothered to do so. 🤷‍♀️

But from experience in three different markets, the point stands. And I doubt UK is *that* exceptional here to make the 10× difference inevitable.
@Ville Wilson @sxpert
sxpert
ps: I am in fr, not uk ;)
Michał "rysiek" Woźniak · 🇺🇦
@sxpert @villewilson sorry, I based this on the link you sent and prices in GBP.
@Ville Wilson @sxpert
Jocelynephiliac :reclaimer:
@villewilson I tried to connect them, the UX is so bad I couldn’t make it work. My range has been broadcasting an SSID for over a year and I can’t turn it off!! My washer and dryer are supposed to be smart, but the buttons the manual says to use don’t exist. I got the refrigerator online, but the screen stopped accepting input last month and I don’t feel like calling samsung to get it fixed.
@Ville Wilson
Krupo
@villewilson telling quote:

"Whirlpool told the Journal that customers "have the opportunity to opt in or opt out" of sharing data with the company. LG doesn't offer that option, but Kim told the Journal that "all data is anonymized.""
@Ville Wilson
Alex Chaffee
@villewilson
no shade on the author but he failed to directly note the sleight-of-hand in this corporate lament:

“The challenge is that a consumer doesn’t see the true value that manufacturers see in terms of how that data can help them in the long run. So they don’t really care for spending time to just connect it,”

yeah that’s because the “them” it’s helping isnt actually them! it helps the corp sell a future product to a different consumer, there is no “true” value to be seen here
@Ville Wilson
Parade du Grotesque 💀
@kuba_
I am with you 1000% on this one.

I'll soon be the owner of a smart TV. The old non smart TV died a couple of months back.

That "smart" TV will either be non connected or firewalled to heck and back. I am lucky, in the sense that I control my internet access, and not my ISP, so the house firewall is under my control.
Michał "rysiek" Woźniak · 🇺🇦
@ParadeGrotesque @kuba_ there are still some Safe (i.e. non-Smart) TV options available. For example, you can find some on the Polish site Ceneo:
https://www.ceneo.pl/Telewizory/Smart_TV:Nie_posiada.htm

Be careful, some are mis-categorized. So always check in the specs before you buy. But for example Manta makes TVs without any smart functionality, like this one:
https://www.ceneo.pl/94023747#tab=spec

Telewizory - Nie posiada - Ceneo.pl

Telewizory - Nie posiada - porównanie cen telewizorów i sprzętu TV w sklepach internetowych. Polecamy PHILIPS 43PFS5505, Samsung UE32T4002, Selecline 32S201T2, PHILIPS 24PHS4304, Philips 75PUS8807/12
Ceneo.pl
@Parade du Grotesque 💀
Arkadiusz Wieczorek
it's better to buy new great TV and just not plug an ethernet cable

@ParadeGrotesque @kuba_
@Parade du Grotesque 💀
Michał "rysiek" Woźniak · 🇺🇦
@arek they come with WiFi, and I ain't trusting them not to try to connect to some open networks. Or have 4g/5g soon.

@ParadeGrotesque @kuba_
@Parade du Grotesque 💀 @Arkadiusz Wieczorek
Parade du Grotesque 💀
@arek @kuba_

Yup, 4g/5g is the next logical step.

The TV I bought has an Ethernet port, and wifi will be left unconfigured. I think "smart" functions do not include scanning for wifi and cracking WPA codes if an Ethernet cable is plugged in... 😅

Since the TV will be connected directly to the house router/firewall, it won't be able to connect to the Internet.
@Arkadiusz Wieczorek
Jakub Synowiec
It’s mind-boggling how much effort you have to put to make the TV “dumb” nowadays. To not call home. Or how hard it’s to opt out from tracking and disable ACR on some brands. And how easy is to accidentally opt in back by simply using the TV.