Path: ...!feeds.phibee-telecom.net!news.mixmin.net!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail From: Don Y Newsgroups: sci.electronics.design Subject: Re: Re:Predictive failures Date: Tue, 16 Apr 2024 18:12:14 -0700 Organization: A noiseless patient Spider Lines: 99 Message-ID: References: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Injection-Date: Wed, 17 Apr 2024 03:12:24 +0200 (CEST) Injection-Info: dont-email.me; posting-host="2b43e3ad6cfda17a11cedcbd329c2ac9"; logging-data="1307398"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+iTiQWIEbftTNi2EefQ90U" User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:102.0) Gecko/20100101 Thunderbird/102.2.2 Cancel-Lock: sha1:HQopY15/WpP363Jfg3E+IV532YM= Content-Language: en-US In-Reply-To: Bytes: 6390 On 4/16/2024 3:19 PM, Edward Rawde wrote: > But vendors know that most people want it easy so the push towards > subscription services and products which phone home isn't going to change. Until it does. There is nothing inherent in the design of any of these products that requires another "service" to provide the ADVERTISED functionality. Our stove and refrigerator have WiFi "apps" -- that rely on a tie-in to the manufacturer's site (no charge but still, why do they need access to my stovetop?). Simple solution: router has no radio! Even if the appliances wanted to connect (ignoring their "disable WiFi access" setting), there's nothing they can connect *to*. > Most people don't know or care what their products are sending to the > vendor. I think that is a generational issue. My neighbor just bought camera and, when she realized it had to connect to their OUTBOUND wifi, she just opted to return it. So, a lost sale AND the cost of a return. Young people seem to find nothing odd about RENTING -- anything! Wanna listen to some music? You can RENT it, one song at a time! Wanna access the internet using free WiFi *inside* a business? The idea that they are leaking information never crosses their mind. They *deserve* to discover that some actuary has noted a correlation between people who shop at XYZCo and alcoholism. Or, inability to pay their debts. Or, cannabis use. Or... whatever the Big Data tells *them*. Like the driver who complained that his CAR was revealing his driving behavior through OnStar to credit agencies and their subscribers (insurance companies) were using that to determine the risk he represented. > I like to see what is connecting to what with https://www.pfsense.org/ > But I might be the only person in 100 mile radius doing so. > > I can also remote desktop from anywhere of my choice, with the rest of the > world unable to connect. > > Pretty much all of my online services are either restricted to specific IPs > (cameras, remote desktop and similar). > Or they have one or more countries and other problem IPs blocked. (web sites > and email services). But IP and MAC masquerading are trivial exercises. And, don't require a human participant to interact with the target (i.e., they can be automated). I have voice access to the services in my home. I don't rely on the CID information provided as it can be forged. But, I *do* require the *voice* match one of a few known voiceprints -- along with other conditions for access (e.g., if I am known to be HOME, then anyone calling with my voice is obviously an imposter; likewise, if someone "authorized" calls and passes the authentication procedure, they are limited in what they can do -- like, maybe close my garage door if I happened to leave it open and it is now after midnight). And, recording a phrase (uttered by that person) only works if you know what I am going to ASK you; anything that relies on your own personal knowledge can't be emulated, even by an AI! No need for apps or appliances -- you could technically use a "payphone" (if such things still existed) or an office phone in some business. I have a "cordless phone" in the car that lets me talk to the house from a range of 1/2 mile, without relying on cell phone service. I can't send video over the link -- but, I can ask "Did I remember to close the garage door?" Or, "Did I forget to turn off the tea kettle?" as I drive away. > None of that is possible when the vendor is in control because users will > want their camera pictures available anywhere. No, you just have to rely on other mechanisms for authentication. I have a friend who manages a datafarm at a large multinational bank. When he is here, he uses my internet connection -- which is "foreign" as far as the financial institution is concerned -- with no problems. But, he carries a time-varying "token" with him that ensures he has the correct credentials for any ~2 minute slice of time! I rely on biometrics, backed with "shared secrets" ("Hi Jane! How's Tom doing?" "Hmmm, I don't know anyone by the name of Tom") because I don't want to have to carry a physical key (and don't want the other folks with access to have to do so, either) And, most folks don't really need remote access to the things that are offering that access. Why do I need to check the state of my oven/stove WHEN I AM NOT AT HOME? (Why the hell would I leave it ON when the house is empty???) There are refrigerators that take a photo of the contents of the frig each time you close the door. Do I care if the photo on my phone is of the state of the refrigerator when I was last IN PROXIMITY OF IT vs. it's most recent state? Do I need to access my thermostat "online" vs. via SMS? Or voice?