Stories
Slash Boxes
Comments

SoylentNews is people

posted by azrael on Saturday June 21 2014, @03:12PM   Printer-friendly
from the all-eyes-on-me dept.

Full Disclosure: I bought a Dropcam. I use it when we are traveling away from home.

Now "Nest", a Google owned company, is buying Dropcam for half a billion dollars and change.

Nest insists they have no plans to share anything with Google. But as a wholly owned subsidiary, that promise is worth about as much as the electrons used to transmit it to my screen. It's like my car promising it has no intention of going to the beer store.

I was willing to (mostly) trust Dropcam, because they don't have a big advertising tie in, and no real way to make money spying on me. Still, I keep it unplugged most of the time, (which causes me to forget to plug it in occasionally when I leave home). But I really don't trust Nest/Google to honor their promise of not using any part of the Dropcam system for purposes other than what I agreed to.

Further, if Google's backing causes Dropcam to becomes a "big item", there will be far more people, (and government agencies) trying to hack into it. There are already a couple of articles on the net about hacking the devices.

Someone on the Dropcam forum asked Dropcam for a local only option and the thread garnered a couple hundred "Me Too" votes in short order, but other than a vague hint at a future capability, the company promised nothing.

So, I'm in the position of liking Dropcam a whole lot less after this announcement, and I may have to walk away from my investment. Or maybe I should ask for my money back, since selling the company violated their own Privacy Policy ("We neither rent nor sell your Personal Information to anyone.") when they agreed to sell the entire company.

So what is the SN verdict? Was it a foolish purchase in the first place? Can Google/Nest be trusted to keep their hands off my in-house video? What should I replace it with?

Related Stories

Google/Nest Announces New "Smart Home" API 27 comments

Nest has officially announced a new developer program and API (reference) that will allow other companies' smart devices to communicate with Nest's Protect smoke alarm and Learning Thermostat. Among the companies that Nest is partnering with for this initial publicity push are IFTTT, Jawbone, LIFX, Logitech, Mercedes-Benz, Whirlpool, Chamberlain, and Google itself. The latter two companies will release Nest-compatible features this fall, while the others are all available today.

The API lacks the ability to set Home or Away status and no ability to set a boundary of upper and lower rather than a single temperature. For developers perspective, it can be described as pretty meh. No behavior pattern learning is exposed in the API. The API exposes temperature and heat, cool, and fan status. And possibly the ability to set setpoints. It enables you tell if someone is home, and when they set the time for when they were coming back. Add dropcam and the lesson to the perils of cloud based devices to get the larger picture. For developers a few 8-bit microcontrollers with RS-485 transceivers + cheap wall mounted tablet will easily get you the same functions without the cloud or radio link dependence.

This is an API for a Google-hosted service that is in total control of your "smart home" device(s).

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 5, Insightful) by snick on Saturday June 21 2014, @03:29PM

    by snick (1408) on Saturday June 21 2014, @03:29PM (#58426)

    What is Google's interest in dropcam? Do you see them branching out into home security as a core business? Or maybe they want it for something else ...
    My read of the whole Nest thing is that Google is desperately interested in knowing when people are home and when they aren't. I have no idea what they want to do with this information, but they seem determined to acquire it, so they must have something in mind.

    • (Score: 4, Insightful) by AsteroidMining on Saturday June 21 2014, @04:03PM

      by AsteroidMining (3556) on Saturday June 21 2014, @04:03PM (#58437)

      Generally in business, whenever you have to ask "why" the answer is "money."

      With Google, however, whenever you have to ask "why" the answer is "finding out more about their users so they can sell more targeted ads to
      their customers."

      You can be sure they are thinking of things like, you get up from the TV and go into the kitchen, and your refrigerator / phone / Google glass tries to sell you beer. Or, you get ready to go out, and your Google X tries to convince you to buy more milk.

      • (Score: 3, Insightful) by Anonymous Coward on Saturday June 21 2014, @04:22PM

        by Anonymous Coward on Saturday June 21 2014, @04:22PM (#58440)

        > You can be sure they are thinking of things like, you get up from the TV and go into the kitchen, and your refrigerator / phone / Google glass tries to sell you beer. Or, you get ready to go out, and your Google X tries to convince you to buy more milk.

        No, google is not thinking that. Google isn't stupid, they know that such overt tactics simply won't fly. The idea of in-your-face advertising in your own home is a red herring.

        What google is really looking for is information to better profile you so that whenever they show you an ad, it will be the ad that is most likely to induce you to spend money. It is not about plastering your life with ads, it is about making the ads that you do see the most effective possible ads.

        They like to say it is about showing you ads for stuff you are interested in, but that is just one facet of the whole. It is about figuring out what kind of advertising styles you are most susceptible to, for example teen boys would see ads with girls in skimpy bikinis, young mothers will see ads with babies that look like their own babies, neo-nazis will see ads with skinheads, homebodies will see ads with people in their homes and outdoorsy people will see ads set in scenic locations, etc. It is all about figuring out how they can best play you.

        • (Score: 3, Insightful) by buswolley on Saturday June 21 2014, @06:00PM

          by buswolley (848) on Saturday June 21 2014, @06:00PM (#58470)

          In some ways I think Google is thinking these days beyond delivering relevant and effective ads. They are thinking about global information domination. Information has more value than for merely selling other products.

          --
          subicular junctures
          • (Score: 2) by Tork on Saturday June 21 2014, @08:08PM

            by Tork (3914) Subscriber Badge on Saturday June 21 2014, @08:08PM (#58504)
            And you lot want to stick their phones in your pockets.
            --
            🏳️‍🌈 Proud Ally 🏳️‍🌈
            • (Score: 0) by Anonymous Coward on Sunday June 22 2014, @03:10AM

              by Anonymous Coward on Sunday June 22 2014, @03:10AM (#58579)

              No. We only wanted Android because it was the least closed one of all the [viable] options at the time.

              Now we want Jolla.

              • (Score: 2) by Tork on Sunday June 22 2014, @03:31AM

                by Tork (3914) Subscriber Badge on Sunday June 22 2014, @03:31AM (#58584)
                That's true. Nerd hipsterism took a funny turn. "I'm cool because I have the same not-iPhone as a bunch of other ppl!"
                --
                🏳️‍🌈 Proud Ally 🏳️‍🌈
          • (Score: 4, Insightful) by MajorTom on Saturday June 21 2014, @09:37PM

            by MajorTom (2246) on Saturday June 21 2014, @09:37PM (#58525)
            This is exactly what they want.  They want to know as much as possible about every person they can get access to.  They are claiming 92% to 94% accuracy on opening box office performance of a movie based on searches alone.  Imagine if they could start adding meaning full analysis on each person doing a search. 

            With an extensive profile on each person imagine who else would be interested in that information and predictions in a number of categories, employers, insurance companies, the government to name a few.  For things like:
            • Who is most likely to cheat on their taxes?
            • Whose life style is likely to kill them at an early age?
            • Who is likely to be a slacker or a work-a-holic at work?
            • How likely is it that a particular female will get pregnant in the next X number of years?

            This are just the tip of the Google iceberg.

            • (Score: 2) by Marand on Saturday June 21 2014, @11:15PM

              by Marand (1081) on Saturday June 21 2014, @11:15PM (#58547) Journal

              Where's the +1 Creepy mod when you really need it?

      • (Score: 2, Insightful) by Anonymous Coward on Saturday June 21 2014, @04:31PM

        by Anonymous Coward on Saturday June 21 2014, @04:31PM (#58442)

        Truly is the "stalker economy".

        • (Score: 1) by MajorTom on Saturday June 21 2014, @08:30PM

          by MajorTom (2246) on Saturday June 21 2014, @08:30PM (#58510)

          Isn't there laws against stalking? Oh ya of course, not if you are a corporation!

  • (Score: 3, Insightful) by Dunbal on Saturday June 21 2014, @03:30PM

    by Dunbal (3515) on Saturday June 21 2014, @03:30PM (#58427)

    What do you mean, allow? Do you own a cell phone with a camera? How about a web cam? Yeah yeah, call me paranoid. I've heard it before. And I was proved right. I'm willing to bet some corps are already peeking at your camera(s) and microphones without bothering to tell you.

    • (Score: 2) by AsteroidMining on Saturday June 21 2014, @03:56PM

      by AsteroidMining (3556) on Saturday June 21 2014, @03:56PM (#58436)

      Buy a roll of masking tape, and put some over every camera you are not using (or that doesn't have a storage container*). Audio recording is a bit tougher to deal with, but video you can take care of.

      I used to be involved in the installation of high quality video conferencing / telepresence, which involves multiple cameras. Many of these units went into corporate executive suites and the like. Most companies did not worry about having cameras in a conference room (as opposed to encryption of the video signal, which they did worry about). AOL, however, did. They physically blocked each camera when they were not in use. This used to amuse me as they had a French-style beret that they put over a web cam in the rear of the installation, and we would have to ask them to take the beret off when we needed to use the cam. Low tech, but it did the job.

      * I keep my cell phone in a pocket, so I don't worry too much about its camera, at least as long as it is put away.

      • (Score: -1, Offtopic) by Anonymous Coward on Saturday June 21 2014, @04:13PM

        by Anonymous Coward on Saturday June 21 2014, @04:13PM (#58439)

        You also need to be a little more discrete around your home camera, and one way you can do this on the sly is to play the game Smiles.

        How do you play "Smiles," you ask? Simple. To play smiles, you need a group of your friends, a long banquet-table with a long draped tablecloth, and an Asian prostitute.

        Here's the rules - You and your buddies set yourselves at the table, have a beer, and start talking. The prostitute will crawl under the table and start blowing one of you at random. If the guy being blown squirms, grunts, or smiles; and he gets called on it, then he loses and has to get the next round of beers for all at the table, and the prostitute starts blowing another buddy at random, and the next round begins.

        The whole "under the table with long tablecloth thing" will keep your fun obscured from the camera. Hence, the game's relevance to this discussion. It was a game actually invented by American sailors and played overseas in countries like Thailand and the Philippines.

      • (Score: 2) by cafebabe on Saturday June 21 2014, @10:18PM

        by cafebabe (894) on Saturday June 21 2014, @10:18PM (#58534) Journal

        Audio recording is a bit tougher to deal with

        I leave my audio input mis-configured so the internal condenser microphone isn't the default sound input. That isn't perfect but it deters amateurs.

        --
        1702845791×2
  • (Score: 2, Interesting) by crAckZ on Saturday June 21 2014, @03:35PM

    by crAckZ (3501) on Saturday June 21 2014, @03:35PM (#58428) Journal

    I can't do links because I am mobile but what about a DIY option? I built my own dvr, got the cameras and had my own login to stream real time and take screen caps. I think there is software out there as well that is open source. It might not be as cheap or as easy but I got a sense of satisfaction knowing I made it and "big company" didn't have access.:..not directly anyways.

    • (Score: 2) by Nerdfest on Saturday June 21 2014, @03:53PM

      by Nerdfest (80) on Saturday June 21 2014, @03:53PM (#58433)

      I'm confused as to why you can't do links wile mobile. On Android phones at least, it's trivial.

      • (Score: 1) by crAckZ on Saturday June 21 2014, @04:53PM

        by crAckZ (3501) on Saturday June 21 2014, @04:53PM (#58451) Journal

        My bookmarks are on my desktop and I don't want to guess at names and links and possibly give the wrong information. I am not going to search an wade through forums at this moment. If people need this information ASAP there is always ahref=http://google.com/rel=url2html-9697 [soylentnews.org]http://google.com/ >

    • (Score: 2) by everdred on Monday June 23 2014, @08:14PM

      by everdred (110) on Monday June 23 2014, @08:14PM (#59126) Journal

      > what about a DIY option?

      I made one of these once with Motion [wikipedia.org]. It worked pretty well.

  • (Score: 2) by AsteroidMining on Saturday June 21 2014, @03:43PM

    by AsteroidMining (3556) on Saturday June 21 2014, @03:43PM (#58432)

    No

  • (Score: 5, Insightful) by Foobar Bazbot on Saturday June 21 2014, @04:52PM

    by Foobar Bazbot (37) on Saturday June 21 2014, @04:52PM (#58449) Journal

    So, I'm in the position of liking Dropcam a whole lot less after this announcement, and I may have to walk away from my investment. Or maybe I should ask for my money back, since selling the company violated their own Privacy Policy ("We neither rent nor sell your Personal Information to anyone.") when they agreed to sell the entire company.

    IANAL, but I don't think that constitutes a violation. The "We" there is the company, not the present owners, and one set of owners selling the company to another set of owners isn't the same as the company selling information on its users.

    I'm not saying your concern about the company being sold to unscrupulous owners is unreasonable, merely that the quoted clause never forbade that, and thus shouldn't ever have reassured you as much as it did. (And fat chance of any company putting in restrictions that would apply like "If the company is ever sold to new owners, you will be given 30 days notice and in that time may request complete deletion of all your Personal Information, and a pro-rated refund for any amount you've paid ahead on your subscription."; this would make the company less valuable)

    So what is the SN verdict? Was it a foolish purchase in the first place? Can Google/Nest be trusted to keep their hands off my in-house video? What should I replace it with?

    Given your apparent priorities, I'm inclined to say it was a foolish purchase in the first place. AFAICS, the whole selling point of dropcam is the cloud-based service, and for someone who values privacy as much as you appear to, and has the technical skills to set up your own, locally-hosted alternative (as you appear to), that seems like a bad deal. Moreover, as exemplified here, buying hardware that's tied to one service provider puts you in a bind if something (e.g. buyout) ever encourages you to change service providers.

    For my use only, an IP cam with some sort of recording software (I've made a gawk script to make timelapses from http multipart/x-mixed-replace mjpeg cameras, but I'd go with something off-the-shelf for video; zoneminder looks featureful, though it appears complex enough I haven't yet played with it), and accessing it on the road with ddns and ssh gets me a large subset of Dropcam's features very easily (and some that, AFAICT, they don't have, like playing timeshifted video at increased speed), and with key-based authentication, pretty damn secure. I get the impression your Dropcam is similarly for your use only, and that you're capable enough to be able to use such a roll-your-own solution. In this case, Dropcam seems like not much convenience for a substantial privacy risk.

    To me, Dropcam or a Dropcam-like service seems great for stuff you want to share with less capable users, and don't mind all that much if the whole world gets it, e.g. we talked about getting a Dropcam this spring so some overseas relatives could watch this year's mama hens and their chicks as they grow. Telling them to send us their ssh public key, so we can set them up on our ssh gateway, then they can throw up an ssh tunnel to such-and-such IP address and port for live video, or use sshfs to mount some directory to browse archived recordings, will not end well. And that still doesn't get more-or-less seamless time-shifted playback, with quick seeking anywhere, like Dropcam has; to me, jumping amongst hourly video files is no problem, but for them, it's one more hurdle in an a gantlet (metaphor synergy!) that quickly becomes way more trouble than live video of cute chickies is worth. Dropcam would make it simple, and if others got to see it, it's no real problem; it's not even particularly interesting for Big Data to get it, because the chicken maternity ward is in the shop, where lights are on all day, not in the house, where lighting leaks information about our comings and goings. If the Dropcam cloud service were offered as a standalone product working with a variety of generic IP cameras, or if Dropcam cameras were configurable as generic IP cameras, I think we'd have gone that route. (As it is, we just take a few pictures and email them every week.)

  • (Score: 1, Interesting) by Anonymous Coward on Saturday June 21 2014, @04:54PM

    by Anonymous Coward on Saturday June 21 2014, @04:54PM (#58452)

    > Was it a foolish purchase in the first place?

    I am sorry to say it, but yes it was a foolish purchase. I looked into dropcam myself about 6 months ago and decided not to purchase one explicitly because they were 100% dependent on the cloud. However you can be forgiven for making that mistake because the entire home automation industry is enamored with baking in a dependency on the cloud.

    They don't want to just sell you a product with a one-time profit, they want to turn people into long-term revenue streams and the cloud is perfect for that. Companies that respect their customers make cloud-use optional and rely on providing a valuable service to earn the ongoing revenue, companies that do not have that respect focus more on making it as hard as possible to use their products stand-alone.

    Unfortunately, the later seems to be dominating the home automation marketplace right now, there are very few choices for whiz-bang new devices that don't lock you into unnecessary cloud dependency. As usual, RMS was prescient. [gnu.org]

  • (Score: 2) by Theophrastus on Saturday June 21 2014, @04:57PM

    by Theophrastus (4044) on Saturday June 21 2014, @04:57PM (#58453)

    I was willing to (mostly) trust Dropcam, because they don't have a big advertising tie in, and no real way to make money spying on me

    there are a huge number of ways to define 'trust' and you really have to be more precise about it given our current, and advancing, monitor society. if you have a live image of your household activities then you may 'trust' that someone has, or soon will, work out a means to monetize what information can be got there. if you're of a social subset who has, possibly unwittingly, failed to be utterly boring in all current active parameters as far as government surveillance is concerned, then probably your video feed is being analyzed to some degree.

    so where does your 'trust' issue kick in? will they be using the information to steal electronically money from you? ...probably not. will they post nude pictures of your family? ...almost certainly not (it's too likely to be traced). will they (eventually) track your behavior and use it to sell something to someone ...almost certainly. it comes down to what are you trusting them not to do?

  • (Score: 3, Insightful) by Subsentient on Saturday June 21 2014, @05:00PM

    by Subsentient (1111) on Saturday June 21 2014, @05:00PM (#58454) Homepage Journal

    HAL-9000 waves hi.

    --
    "It is no measure of health to be well adjusted to a profoundly sick society." -Jiddu Krishnamurti
  • (Score: 5, Informative) by kaszz on Saturday June 21 2014, @05:54PM

    by kaszz (4211) on Saturday June 21 2014, @05:54PM (#58468) Journal

    These cameras are neither cheap nor trustworthy. They transmit video over WiFi that has a less than stellar security record. Require you to trust their cloud service with your WiFi password and video. Any agency may request video and access to your WiFi.. Unless it's leaked for all to see before that.

    Do yourself a service and use wired cameras with your own storage setup. This also reduces the risk to hit ISP transfer limits.

    Some technical data:
    Connection: USB (for setup)
    Power: DC 5V 2A
    WiFi security: 802.11b/g/n with WPA
    Internet link crypto: AES-256
    Price: 150 USD (4x zoom)
    MCU: Ambarella-A5 (ARMv6) + external flash and sdram (Ambarella also used in GoPro cameras)

    Some neat links:
      * Reversing the Dropcam Part 1: Wireless and network communications [includesecurity.com]
      * Reversing the Dropcam Part 2: Rooting your Dropcam [includesecurity.com]

    So it's possible to root and reflash it with something that can make use of your USB connection. Or as a second choice, your local WiFi.

  • (Score: 2) by kaszz on Sunday June 22 2014, @02:33AM

    by kaszz (4211) on Sunday June 22 2014, @02:33AM (#58572) Journal

    Take a big lesson on what happens to cloud based devices here:
    D-Link SecureSpot DSD-150: The death of an idea? [goughlui.com]
    (released in 2006, dead by 2011)

  • (Score: 1) by MostCynical on Sunday June 22 2014, @02:47AM

    by MostCynical (2589) on Sunday June 22 2014, @02:47AM (#58573) Journal

    Free user data with every company sold!

    --
    "I guess once you start doubting, there's no end to it." -Batou, Ghost in the Shell: Stand Alone Complex
  • (Score: 0) by Anonymous Coward on Monday June 23 2014, @01:40PM

    by Anonymous Coward on Monday June 23 2014, @01:40PM (#58986)

    Nest insists they have no plans to share anything with Google.

    Why would you trust them? What have they done so far to earn your trust?

    But as a wholly owned subsidiary, that promise is worth about as much as the electrons used to transmit it to my screen.

    So you don't trust them.

    no real way to make money spying on me.

    There have been countless stories over the years (no just Snowden revelations) that prove many companies make lots of money spying on people, and it has nothing to do with advertising.

    Still, I keep it unplugged most of the time, (which causes me to forget to plug it in occasionally when I leave home).

    So you don't use the product as they promised you could due to you not trusting them?

    But I really don't trust Nest/Google to honor their promise of not using any part of the Dropcam system for purposes other than what I agreed to.

    So you're stating again you don't trust them.

    I won't go on, but you clearly don't trust them, so your question is more along the lines of "Should I use a video camera in my private areas from a company I do not trust?". I say "no". Remember there are zero consequences to companies that fuck their customers over re:privacy.

    What do you replace it with? Nothing. We don't live in a world where you can trust a company with this kind of power.