[HN Gopher] Ring Doorbell App Packed with Third-Party Trackers
___________________________________________________________________
Ring Doorbell App Packed with Third-Party Trackers
Author : panarky
Score : 268 points
Date : 2020-01-28 01:19 UTC (21 hours ago)
(HTM) web link (www.eff.org)
(TXT) w3m dump (www.eff.org)
| esseeayen wrote:
| There goes the argument "if you're not paying for the product
| then you are the product" because ring and associated services
| aren't cheap.
| ardy42 wrote:
| > There goes the argument "if you're not paying for the product
| then you are the product" because ring and associated services
| aren't cheap.
|
| Not really. If you aren't paying for the product, then you
| _certainly_ are the product. If you are paying for the product,
| then you _may_ still be the product, but you also _may_ not. It
| all boils down in that case to how trustworthy and greedy the
| vendor is.
| Barrin92 wrote:
| I think the OP's point is that the latter is so common
| nowadays that it makes more sense to not give the benefit of
| the doubt and assume that paying for something gives you
| privacy and makes vendors less data-hungry, and I think
| that's probably becoming good advice.
| jhhh wrote:
| You could buy a TV worth several thousand dollars and they'll
| still show you advertisements. Also in Samsung's case they'll
| take screenshots of what you're watching to find out what you
| like. There's always money in the advertising revenue stream.
| choward wrote:
| Are you talking about smart TVs? Because ads only show up on
| real TVs if you tell them to. It's the cable you plugged into
| it or the ads at the beginning of the movie you just paid
| money for. It's not the TV. The TV is dumb as hell. It only
| shows you what you tell it to show you.
| Nextgrid wrote:
| This has IMO been gone for ages.
|
| I remember buying a PS4 and _still_ had to opt-out of data
| collection and then change like 20 settings on their bullshit
| social network I don 't even want to use.
|
| Windows 10 is paid and yet it has ads and insane data
| collection.
| WWLink wrote:
| The car entertainment systems that have LTE connections tend to
| also phone home a lot lol.
| [deleted]
| [deleted]
| bborud wrote:
| I hope they do Audible next. I'd really like to know whether or
| not the extreme sluggishness of the app is due to what I suspect:
| badly designed activity tracking that implemented by developers
| who don't know how to do this asynchronously.
| code4tee wrote:
| Other product companies take note: the tide is turning on all
| this "tracking" nonsense. Clean up your house now or find
| yourself shamed into submission later.
|
| Consumers increasingly don't care that "the lawyers said it was
| OK because it's on page 73 subsection C line 4 of the use
| agreement For the product." Privacy is the new black.
| ryanmarsh wrote:
| _the tide is turning on all this "tracking" nonsense_
|
| It absolutely is not. There is no evidence of this. Also, why
| do I keep seeing privacy stories about only one of the video
| doorbell vendors?
| zionic wrote:
| Honestly what we need is an equifax-style hack at the
| NSA/Facebook/Google to absolutely shock people into reality
| about privacy.
|
| Imagine being able to type in anyone's name and see their
| entire search history for the last 10 years. It would be total
| chaos. We'd have a constitutional amendment enforcing digital
| privacy within a few months.
| jason0597 wrote:
| I'm already thinking of doing any "sensitive" searches (i.e.
| stuff i would rather google not know, e.g. my mental health
| state) on google through chrome's incognito mode, but then I
| think about it more and I realise that if I do a search on
| incognito mode, the browser probably knows and marks it as an
| extra special search and hence becomes even more "sensitive"
| (and reports back to Google)
| kdtsh wrote:
| If you're worried about Google knowing, you shouldn't use
| Google's browser. While they might not mark searches like
| that, we don't know what Chrome does when we tell it to
| search for something we're sensitive about.
| panarky wrote:
| Why fear super secret conspiracies like this? What we
| already know for a fact is horrible enough.
| als0 wrote:
| I want to believe you but it seems that no matter what
| happens to Facebook they seem to consistently emerge
| unscathed.
| CraigJPerry wrote:
| Equifax. The Uber God mode. Cambridge analytica.
|
| Any one of these on its own should be enough but i'm not
| convinced the average person on the street could tell you
| what the deal was with any of these scandals.
| caconym_ wrote:
| Yeah, I wish they did, but nobody gives a shit in any way that
| actually matters (i.e. one that might change their purchasing
| decisions).
| api wrote:
| Absolutely this... if it doesn't affect buying decisions it
| doesn't matter. Whining about it without changing behavior is
| a waste of time.
|
| From what I've seen the most important factors in customer
| use and purchasing behavior are user experience, user
| experience, user experience, user experience, and user
| experience, in that order. Did I mention user experience?
|
| I've even been a little shocked in the B2B market by how
| rarely corporate customers ask about privacy or security.
| Only the most seriously security-conscious customers have
| ever asked my company about e.g. what kind of crypto we use,
| and these are people dealing with financial or national
| security data. Everyone else seems to not even care.
| baxtr wrote:
| Ahh... I so much wish that this was true. However, there is
| just too much money involved and consumers don't seem to care,
| at least the "silent majority". This won't end anytime soon
| MadWombat wrote:
| How is the view from your ivory tower? Most consumers don't
| care and are not even aware of these issues.
| novok wrote:
| It's more of a 'too complex to understand' issue than a care
| issue. If you spelled out what these trackers really track, a
| lot of people wouldn't be comfortable with it. Since it's
| tracking is hidden, people are not worried about what they
| are not aware of.
| qroshan wrote:
| The probability of your data being seen by another human
| and attributed to you is 0.00000001%. You have better
| chance of winning lotteries than this. Only ultra losers
| whose time is worthless or Ultra Rich who have lots to lose
| due to a data breach care about privacy. It's just
| manufactured outrage because everything else is comfortable
| to them (it's usually white dudes because they don't face
| real persecution in life and they have to manufacture this
| so that they can claim to be a victim)
| time0ut wrote:
| I think the average person cares a lot about privacy, but
| simply don't know about all the ways their privacy can be
| violated.
|
| Anyone can be hurt by a data breach. Look at those
| exposed in the Ashley Madison breach.
| smallgovt wrote:
| I disagree. I think most people just want to view cat memes
| and connect with their friends online. If the cost of that
| is their privacy, so be it.
|
| At the end of the day, I think privacy loss will have to
| have a materially negative impact on people's lives before
| they start to care enough to change their behavior. Right
| now, the only material negative impact requires what I
| would characterize as fear mongering.
| AmericanChopper wrote:
| Reminds me of that video where Jamie Oliver showed a
| group of kids the rather disgusting process for making
| chicken nuggets, and all the children were appropriately
| disgusted, but when he asked the kids afterwards who
| wanted to eat some of the chicken nuggets, they all
| wanted to eat the nuggets.
| clSTophEjUdRanu wrote:
| This industry is poised to be regulated. Reap rewards while
| you can.
| [deleted]
| tasssko wrote:
| Can you wipe the ring firmware and repurpose it?
| ogre_codes wrote:
| It's frustrating that Amazon is trying to hard to win the prize
| for being the creepiest tech giant. I generally like Amazon and
| much of my online shopping is through them, but this makes me
| more inclined to try alternatives.
|
| I've already mostly dropped Facebook and Google, it'll be harder
| for me to ween myself off of Amazon.
| sliken wrote:
| For those that want to avoid such sillyness, Reolink sells
| relatively cheap cameras. Rated for out doors, power over
| ethernet, $50-$60 per camera, and includes a microphone.
|
| They can easily be connected to zone minder, or any software that
| can take a rtsp:// URL. Even handles motion detection for
| specific areas of camera, so you can include the driveway but
| exclude the sidewalk. You can have it email or upload videos...
| without access to any reolink related cloud.
|
| So you could easily put them in production with zero network
| access and let something you control notify you with images or
| video clips for any activity.
|
| There's numerous cheap products, but the reolink seems to be one
| of the better ones that play well with others and doesn't require
| any WAN network access.
|
| Ubiquiti and Axis also have some very nice products, but
| generally are more expensive.
| ogn3rd wrote:
| Wyze cams now have an RTSP firmware as well and cost about $25
| for stationary, and $40 for PTZ.
| m-watson wrote:
| I was looking into Wyze right about the time the server leak
| happened [0] so I moved on. But they do have good prices.
|
| [0] https://www.theverge.com/2019/12/30/21042974/wyze-server-
| bre...
| iak8god wrote:
| I've been using Wyze to keep tabs on a new pet while I'm
| not at home. It is very convenient, but I was pretty
| worried about privacy, even before that came out.
|
| At $25 to replace, it's probably worth risking bricking it
| to try out alternative firmware:
| https://github.com/openipcamera/openipc-firmware
| perryh2 wrote:
| This repo seems unmaintained. This project is more
| active: https://github.com/EliasKotlyar/Xiaomi-Dafang-
| Hacks
| Jsharm wrote:
| Having thrown countless hours into zoneminder I had to give up.
| It's just too buggy. Does anyone have any other alternatives
| they've got to work? Open Source or otherwise
| sliken wrote:
| Try shinobi or motioneye if you want open source.
|
| There's quite a few solutions in this space: free, freemium,
| and commercial.
| shifto wrote:
| I don't recommend Shinobi after using it for a few months.
| It's far from finished, can't do most basic stuff and the
| interface is horrible.
| bonestamp2 wrote:
| I saw a commercial software solution a number of months ago
| that used some kind of machine learning or AI to reduce
| false positives on motion detection but now I can't find
| it. Are you familiar with any software that does this?
| blakes wrote:
| Look into Milestone XProtect, super solid, have a free
| version.
| hanklazard wrote:
| Another option is from Amcrest and is built as a doorbell. I
| got it because it doesn't require a cloud connection to
| function and plugs in easily to Home Assistant. Easy install
| with existing wiring and uses WiFi for data.
|
| Note: one disappointment was that the app automatically reached
| out to an Amcrest server by default (I assume) on the
| assumption that everyone wants access to their home doorbell
| cam from outside the network ... I could not find a setting in
| the app so just took care of it the usual way--blocked it with
| the firewall. Regardless, it still works in this config.
| pmlnr wrote:
| All I want is an outdoor rated rpi camera case with built-in
| power supply - motioneyeos will take care of the rest.
| mdorazio wrote:
| Not sure what you mean by built-in power supply. A battery?
| Or just a weatherproofed jack to connect a cable?
| pmlnr wrote:
| An in-case mains AC/DC converter.
| Relys wrote:
| Just 3d print a case and use silicone to waterproof all
| electronics and case.
|
| Maybe even use an esp32 cam board instead of a whole
| raspberry pi:
|
| https://randomnerdtutorials.com/esp32-cam-video-streaming-
| we...
|
| https://www.thingiverse.com/thing:3996434
| pdonis wrote:
| _> power over ethernet_
|
| This is a non-starter for me since none of the places I would
| want to put a camera have an Ethernet jack available.
| jetrink wrote:
| It's not a requirement, just an option. They can also run off
| of a wall wart or solar panel, with data over WiFi or LTE.
| pdonis wrote:
| _> They can also run off of a wall wart or solar panel_
|
| Which is still a nonstarter for me, since none of the
| locations I would want to put a camera have an electrical
| jack handy, and many of them don't get enough sunlight to
| make a solar panel a viable option.
| henryfjordan wrote:
| So what do you want? Batteries?
| pdonis wrote:
| _> So what do you want? Batteries?_
|
| Yes.
| zorpner wrote:
| Some of the Arlo gear is battery-powered. I use a couple
| of their LTE cameras in areas without any other means of
| connection.
| oh_sigh wrote:
| Then you don't want a PoE camera. PoE cameras are great if
| you want to hardwire them somewhere and want to run just one
| cable.
| vvanders wrote:
| I like the Ubiquiti cameras because unifi handles the webrtc
| handshake so you can run your cameras local and see them from
| anywhere while keeping data on-prem.
|
| It's a little annoying Protect doesn't have a software install
| but the legacy unifi video still work fine. I put in ~5 cameras
| over the last few weeks and been really happy with them.
| bozoUser wrote:
| How does Ring compare with Nest in terms of the privacy issues
| noted in the article ?
| snowwolf wrote:
| I wonder why Ring is being specifically called out for this
| practice. This combination of "trackers" are very common in the
| app ecosystem as they perform much the same analytics functions
| used on the web ecosystem (e.g. Branch offers ad campaign
| attribution - did this user sign up from an ad campaign and which
| one so I can work out ad ROI). I'd hazard a guess that analysis
| of the apps on your phone (Android and iOS) would result in well
| over 50% of them using some combination of these services.
|
| What's more interesting is that it could be argued these fall
| under the intent of the EU cookie directive (even though in a lot
| of cases they don't actually use cookies). The only app I have
| seen asking for cookie like consent is Airbnb (who use all of
| these same services and more)
| TeeWEE wrote:
| Indeed. What i thought. There is nothing weird with an app
| doing this. Just because its a doorbell app doesnt make it
| different?
| arexxbifs wrote:
| I think several companies are routinely called out for
| nefarious privacy invasions. Ring is extra interesting because
| of the hypocrisy in claiming they're in the home security
| business, while actually gathering and selling information that
| can be be directly counter-productive in that effort (such as
| when a customer is likely to be home or not).
| snowwolf wrote:
| The thing is they aren't actually selling that data. All the
| services mentioned are paid services that ring are paying to
| use. And ironically they sprang up to fill a need because
| Google and Apple made it almost impossible to do app install
| attribution to protect people's privacy. So we now get more
| invasive tracking to work around that.
| WWLink wrote:
| The data is none of your damn business. Or Ring's business.
| Or anyone else's business except my own!
| blaser-waffle wrote:
| > The thing is they aren't actually selling that data.
|
| Says who, the company itself? Why install trackers if
| you're not going to use them?
| snowwolf wrote:
| They aren't trackers in that respect. Read up on the
| companies in question. They basically provide analytics
| to mobile apps so they can better understand their
| customers to allow them to improve the experience of the
| app.
|
| It's the equivalent of Google Analytics.
|
| Now how those companies then use the data they collect as
| part of providing analytics is another question (and why
| lots of people prefer to block Google Analytics for
| example)
| JohnFen wrote:
| OK, not technically trackers, but certainly spyware.
| WWLink wrote:
| Bingo! Spyware. Let's call it what it really is.
| JohnFen wrote:
| > This combination of "trackers" are very common in the app
| ecosystem
|
| True. This is why I have to firewall off all apps so that they
| can't communicate out without my permission. This is also the
| primary reason why I'm leaving the smartphone ecosystem
| entirely.
|
| The invasiveness of apps is intolerable to me, getting worse,
| and getting increasingly hard to mitigate.
| WWLink wrote:
| Word! I never really installed much on my smartphone to begin
| with. If you ask me, a lot of services and app developers
| have this horrible sense of entitlement to all kinds of
| information about their users. It creeps me out.
| classified wrote:
| This rampant surveillance economy will continue to fester until
| it bites some influential people where it really hurts. Until
| then nobody will be safe.
| chopin wrote:
| There will be safeguards for influential people but not for us.
| amriksohata wrote:
| Makes you wonder why Facebook needs that data? To link who comes
| home to FB location and people's profiles? I'm sure they pay them
| for this but then you read what happened after the NSA leak in
| recent times where the NSA had put intentional backdoors in with
| companies
| sys_64738 wrote:
| Don't install any apps on your Android telephone.
| rapnie wrote:
| Or if you do at least check them for trackers before install:
|
| https://exodus-privacy.eu.org/en/
| rapnie wrote:
| The analysis of the Ring app found 11 trackers and 30
| permissions needed: https://reports.exodus-
| privacy.eu.org/en/reports/com.ringapp...
| jrepinc wrote:
| Or better, but still not perfect advice: Do no install any
| closed-source app on your telephone/computer of any brand.
| ta999999171 wrote:
| www.f-droid.org
| sjmulder wrote:
| A blatant violation of European privacy law. I hope an ICO picks
| this up (I've filed a notice with mine).
| TeeWEE wrote:
| Most apps that you have installed track information, ip,
| carrier etc. Its called analytics. Its naive to think this app
| does it for evil purposes.
|
| Note: Maybe all apps shouldnt be tracking this. But this is
| currently how analytics in apps work.
| bogomipz wrote:
| Wow what a great irony - a device that's designed to help your
| surveil your own property is being used to surveil the people
| that bought the device and by extension put their trust in it and
| the company.
|
| It's one thing to have a business model where it's understood
| that a service is free in exchange for user data but what we are
| seeing increasingly is this greed where its not enough to sell a
| good or service for cash because that would be leaving money on
| the table. These companies seem to have an expectation and
| entitlement that your data is part of the business model despite
| not disclosing that to their customers.
| bdcravens wrote:
| So how many developers here use Google Analytics, Intercom,
| Segment, error logging like BugSnag or Sentry, etc?
|
| Wait until the BBC finds out how many of us are giving Amazon
| user data. (I mean, it's s3 and RDS, but that clarification would
| be overly pedantic)
| [deleted]
| henryfjordan wrote:
| There's a big difference between Google Analytics and Sentry.
| Putting those in the same list is so reductive that it
| undermines your argument.
|
| Tracking everything you can about your users so advertisers can
| better target you is evil.
|
| Capturing all the local variables during some unexpected
| Exception (that might happen to include some user data) for the
| purpose of debugging is not even remotely evil.
|
| User-data is totally fine to have, it's what you _do_ with it
| that matters
| worble wrote:
| >user-data is totally fine to have, it's what you _do_ with
| it that matters
|
| Unless the user explicitly opts into having that data
| recorded, it isn't ok to stockpile it, regardless if the
| intent behind it.
|
| The path to hell is paved with good intentions.
| henryfjordan wrote:
| I disagree. By interacting with a web server, you are
| inherently sharing some data with the operator like your ip
| address (so you can get a response back) or any request
| headers you choose to set (User-agent for mobile vs desktop
| sites, for instance). Nobody is forcing you to make
| requests to any particular site, and nobody is forcing to
| you include all this info. If you don't want your data
| spread around, don't do all that spreading.
|
| I agree that using user-data outside of some agreement is
| bad (and illegal under the GDPR), but I believe that an
| implicit agreement exists between web-server provider and
| user that their data will be used for the mechanical
| operation of the website, including logging stack-traces.
| Otherwise TCP/IP wouldn't work.
| Nextgrid wrote:
| The difference is that Amazon isn't an advertising company and
| has little incentive going through user data on their systems.
| In addition, the data isn't in a standardised format so they
| would have to spend considerable efforts parsing the data
| first.
|
| Facebook and Google on the other hand make their money from
| stalking people and developers are giving them data in a nice
| standardised format.
| mandliya wrote:
| This is a fair point. However isn't amazon investing very
| heavily in advertising and supposed to compete Facebook and
| google.
| https://www.forbes.com/sites/kirimasters/2019/07/26/whats-
| dr...
| duxup wrote:
| Is there a difference here between "an advertising company"
| and "does a lot of advertising"?
|
| Amazon is very much the latter and that would seem to provide
| plenty of incentive to do dig through data / recognize the
| value / use it as they wish.
|
| I'm sure they do plenty of analytics on data from their own
| platforms and that considerable effort could easily be
| extended to include any other data that they have access to.
| d1zzy wrote:
| > Facebook and Google on the other hand make their money from
| stalking people and developers are giving them data in a nice
| standardised format.
|
| Do we know that the privacy policy/terms of service for these
| services allow Google/Facebook to use the data in the way
| that the BBC article seems worried about?
|
| And before you say that "it doesn't matter what the ToS
| says", it does very much matter, breaking a ToS would paint a
| very big target no these companies, there are tons of lawyers
| out there that would love to catch companies at this, easy
| money.
| Nextgrid wrote:
| Facebook claimed 2FA phone numbers would not be used for
| advertising. They eventually broke that claim.
|
| There are thousands of companies breaking the GDPR
| (Facebook and Google included) and yet I have yet to see
| the tons of lawyers going after the easy money. Companies
| keep doing it because they know the regulation isn't
| enforced.
| edmundsauto wrote:
| It's interesting, given the reputation of ambulance
| chasers, that attorneys are deciding to ignore easy
| money. Why do you think this is?
| PeterisP wrote:
| There's no easy money for lawyers in GDPR - the big
| financial 'teeth' of GDPR are in the form of fines
| enforced by regulators to the state, not (as often in
| USA) in the form of huge civil lawsuits from which
| private law firms could get a share.
| bdcravens wrote:
| > Facebook and Google on the other hand make their money from
| stalking people and developers
|
| Yet React and Angular are quite popular
| Nextgrid wrote:
| I fail to see the correlation. You can be an asshole on one
| side and still make a great product on the other side.
| Ensorceled wrote:
| You actually quoted the part about tracking developers.
| bduerst wrote:
| Amazon _is_ an advertising company, and has been doubling
| down on that market despite users not being happy with it:
|
| https://apnews.com/a5ad925b06b7454ea746764399e1a096
| jb775 wrote:
| Amazon is working their way towards vertical integration
| across as many industries as possible. Since effective
| advertising is critical for some of those integration steps,
| Amazon is 100% incentivized to hoard and process user data.
| Nextgrid wrote:
| AWS is the only thing that keeps Amazon alive; if they lose
| their clients' trust they will go down the drain in no time
| so there's no way they'll risk it.
| maximente wrote:
| i have no doubt that if you have a ballooning SaaS
| business hosted on AWS there is a capture team lead
| investigating what your tool does and whether or not it
| is worth amazon creating a team to re-implement in order
| to crush you.
|
| they definitely do this for physical goods so i'm not
| naive enough to think they aren't talented enough to do
| it digitally.
| jtdc wrote:
| But Amazon is an advertising company, capturing 9% of the
| digital ad market in 2019.
| Nextgrid wrote:
| Their main cash cow is AWS. There's no way they'll
| sacrifice it for a short-term gain on the advertising side.
|
| Google and Facebook _only_ have advertising; they have
| nothing to lose by being unethical and /or breaking privacy
| laws like they do with the GDPR.
| Karunamon wrote:
| How would they be "sacrificing it"? Where are people
| going to move to? AWS is the industry standard for public
| clouds, Azure's feature set is worse, and GCP is
| basically an also-ran.
| panpanna wrote:
| I would love to see some financial documents leaked from these
| companies.
|
| Let's say Apple pre installs Google+ on all its phones. Then I
| want to know how much apple got paid for this, i.e. how many
| cents is a users privacy worth to them. And how much money did
| Google make by using this data, i.e. how much was the data really
| worth.
|
| Because until we have such data, companies can always hide behind
| phrases such as "... share with partners ... to provide relevant
| services" and all that nonsense.
| Joeri wrote:
| Does that really matter? Let's say they get a hundred dollars
| per service, does that make it better or worse, or maybe it
| doesn't change anything?
|
| Having said that, I've always wondered the same for TV ads.
| Let's say I wanted the option to pay extra to never see ads,
| how much would that be? Why doesn't the market give me that
| option?
| axelonet wrote:
| This all is a side effect of the paranoia built by the
| corporation's. Why would you even want to look at the door when
| you are 1000's of miles away from your home. I understand pet and
| baby monitors but this information being on the web for anyone is
| just bonkers. We are in an age where Technology is advancing at a
| pace where we don't understand what we need to do with IoT
| devices.
| Polylactic_acid wrote:
| My grandma used a similar product to send video of a break in
| attempt to relatives so they could pass it on to the police
| while she was in another city.
|
| But I get your point. A lot of this IoT stuff is mostly
| pointless and serves only to make people feel like they are
| living in the future.
| Johnny555 wrote:
| Aside from the obvious use of monitoring my door while I'm
| away, it's also useful to knowing when a package is delivered
| unexpectedly when I'm away from home so I can ask a friend or
| family member to pick it up so it's not sitting on my front
| porch for a week or two.
| ta999999171 wrote:
| > package is delivered unexpectedly
|
| I...huh? How?
|
| Are you a darknet dropshipper? (Nothing wrong with that, just
| can't imagine what carrier doesn't give you a tracking number
| that you can get alerts on delivery/check status of.)
| scarejunba wrote:
| All those Chinese products with free shipping were like
| that. They'd show up one day randomly. Also, I buy most of
| my stuff online so there's always something in flight.
| Books, toothpaste, whatever.
| systemtest wrote:
| I use 17track for that. It's an app that I drop all my
| AliExpress/Amazon/eBay tracking codes in and I will get a
| push notification that the package has been delivered.
| Don't need a camera monitoring my neighbours front door
| for that.
| sliken wrote:
| Heh, so never had a friend or family ship you something?
| JohnFen wrote:
| Not without them telling me in advance, no.
| horomeme wrote:
| Honestly I would be pretty annoyed if I was your friend
| or family member.
| umvi wrote:
| I'm guessing you don't buy stuff off of AliExpress much?
| Sometimes the shipping window is like 1 month or bigger,
| you just never know when it will finally reach your house.
| Johnny555 wrote:
| Family sometimes send me packages unannounced, not all
| shippers (especially international) give real-time tracking
| numbers, not everyone in our household keeps perfect track
| of their inbound shipments, and sometimes delivery agents
| just make a mistake - one time I came home from work to a
| big screen TV on my porch. It was supposed to go to
| neighbor, but that's something I wouldn't want on my porch
| for a week - even if I don't care if it's stolen, it's like
| a big "No one is home here!" sign.
| WWLink wrote:
| I bought a cheap ring doorbell for our vacation house and
| indeed, it's a piece of junk. The picture quality is atrocious
| lol.
|
| However, it and the other cameras I have (including an actually
| decent one in the entryway) almost eliminated the random door-
| to-door solicitors and people leaving flyers all over my front
| door!
|
| It's also really funny because people hate cameras. I've seen
| someone cover their face before pushing the doorbell button and
| then walk away because they felt too afraid to be seen on
| camera.
|
| OTOH, the ring app is really, really terrible. Woof! If you
| install it and leave it on defaults, it'll notify you about
| anything your neighbors post. And boy the things they post lol.
| Kid riding their bike by? SUSPICIOUS! EVERYONE KEEP AN EYE OUT!
| Random dog?
| SlowRobotAhead wrote:
| I had a ring for one week. After about 24hrs of ridiculous setup,
| constant notifications when I left the house or anything happened
| inside the detection zone even shadows, and realizing I didn't
| coming home to look into a camera that was constantly uploading
| to someone's computer I'll never be allowed to access - I put
| that POS back in the box and returned it.
|
| Nice idea in theory, exploitive data mine in practice. I hate it.
| otachack wrote:
| Sounds like you didn't configure it to what you wanted. You can
| turn off the motion detection and just listen for door bell
| presses instead. Mine runs off the battery instead of hooking
| to a power line so I had to disable most of the features so
| that the battery would last longer than a month.
|
| If you are remotely concerned about handing data to a 3rd party
| then I would just not use this doorbell. You can probably find
| a "dumber" one or construct one yourself. I might end up doing
| it, too, tbh.
| SlowRobotAhead wrote:
| Well, despite the implication I'm just "didn't do it right" I
| adjusted every possible feature in the app. The whole thing
| is garbage.
|
| I won't apologize for Ring being a bad product while this and
| every other related article supports that they take ownership
| and share your data without your approval.
| rudedogg wrote:
| Having the same issue with the motion detection. It's so bad..
| it's been a few years since I used it, but I think the motion
| zones UI on my cheap Foscam security camera was way better. It
| blows my mind that they cost so much, the company has so much
| money, and it works so poorly.
|
| Mine was a gift otherwise I'd have returned it too.
| ActorNightly wrote:
| Ring doesn't upload data unless you pay for a cloud storage
| account.
|
| You could argue that the doorbell transmits the video/audio
| over the internet, but that transport is encrypted to the Ring
| app, and its deleted off of AWS after its viewed on the App.
|
| If you really want privacy, you should also return your
| cellphone and go back to using a flip phone.
| Rooster61 wrote:
| > and its deleted off of AWS after its viewed on the App
|
| How do you know this? And how are you sure that information
| isn't shared before being deleted?
|
| Also, it's not only about privacy (although I do think people
| should care a bit more about it than they do on average).
| Data stored and sold makes money that is dependent on you to
| produce, yet you get no compensation for it. Many people have
| a problem with that, including myself.
| ActorNightly wrote:
| > How do you know this? And how are you sure that
| information isn't shared before being deleted?
|
| Ring states it on their website.
| https://shop.ring.com/pages/privacy
|
| I mean, nobody REALLY knows, but if that's the standard you
| are going to use, then you pretty much have to assume that
| any company can and will spy on you, and apply the same
| critique to them.
|
| Based on reports and news, Amazon has been perhaps the best
| out of the big companies when dealing with privacy, as they
| are fairly transparent on the data they collect for what
| use, and had not had any major cases of leaks despite them
| perhaps having the best data set of peoples behavior with
| shopping history which is the most relevant to advertisers.
|
| Being that Ring uses AWS for back end, as can be verified
| through network traffic inspection, I personally don't see
| any red flags with them saying they delete the data.
|
| >Data stored and sold makes money that is dependent on you
| to produce, yet you get no compensation for it.
|
| This is HORRIBLY wrong. Gmail, youtube, reddit and most
| everything that is free on the web and on mobile is your
| compensation for your data. Yes, companies make profit, but
| they still spend that advertising revenue on hosting and
| maintaining that service, and recouping the initial
| investment they put into building the thing.
| Rooster61 wrote:
| > I mean, nobody REALLY knows, but if that's the standard
| you are going to use, then you pretty much have to assume
| that any company can and will spy on you, and apply the
| same critique to them.
|
| That is the standard I use and I do apply the same
| critique to every company.
|
| > Gmail, youtube, reddit and most everything that is free
| on the web and on mobile is your compensation for your
| data.
|
| First off, I don't use all of those services. According
| to your logic, you and every other person who has data in
| their system and is not using a service is owed cold hard
| cash. Secondly, the value that I get out of using them is
| not commensurate with the profit they are making. These
| companies are making EXORBITANT amounts of money off of
| peoples data. It is in no way acceptable compensation.
| Third, I can't opt out of them using the data, even if I
| stop using a service or if I never used their service at
| all.
| mojuba wrote:
| > If you really want privacy, you should also return your
| cellphone and go back to using a flip phone.
|
| Or how about an iPhone with minimal or no 3rd party apps?
|
| Which is practically impossible unfortunately because in
| order operate in the modern world you need at least a few 3rd
| party messenger apps, your bank's app and maybe a few more.
| Theoretically, however, I can have a phone free from social
| platforms and 3rd party analytics platforms like MixPanel or
| AppsFlyer, with regard to whom I have absolute zero trust.
| JadeNB wrote:
| > Which is practically impossible unfortunately because in
| order operate in the modern world you need at least a few
| 3rd party messenger apps, your bank's app and maybe a few
| more.
|
| I think that this may be true for _convenient_ operation,
| but not for operating period. I have none of these apps on
| my phone and, in fact, don 't regularly use my phone for
| anything but receiving calls and listening to audiobooks.
| (Oh, and alarms, and probably some other stuff I'm
| forgetting; but not otherwise for interacting with the
| outside world.)
| mojuba wrote:
| I've tried that. All things aside, in business if there's
| even one important person you deal with (your investor?)
| you will have to install at least one of the messengers
| they use. It's a question of the balance of power. And
| you'd likely end up having more than one VIP in your
| contact list anyway, unless you live a totally isolated
| life.
| JadeNB wrote:
| That's a good point--in academia, we're a lot more
| tolerant of technologically backwards folk like me.
| bdcravens wrote:
| You don't think Apple gathers analytics?
| mojuba wrote:
| It does, but letting one known company gather it is
| better than letting 10 obscure ones, and I mean
| especially the analytics platforms I mentioned that most
| apps use today. We don't know exactly how they use the
| data, who would end up acquiring these companies, etc.
| ActorNightly wrote:
| I have a home lab set up, where i have a second router that
| is behind a older laptop with ip forwarding set up so I can
| inspect the WAN traffic that devices send out.
|
| If you ever take a brand new iPhone and connect it to wifi
| and inspect the traffic in this manner, you will see all
| the crap it sends to apple servers.
|
| On the other hand, I also have a custom rooted android
| phone, with no google apps and minimal 3d party apps (use
| the mobile browser for most stuff). If you inspect it in
| the same manner as above, the only requests it makes when
| it turns on is to the ntp time server, which I could
| probably kill with a firewall if I cared enough, making it
| 100% silent until I use an app.
|
| If you want privacy, you get it yourself.
| HighPlainsDrftr wrote:
| Out of curiosity, what are you using for a custom ROM?
| sneak wrote:
| Nanoleaf light panels also phone home (to Nanoleaf) constantly,
| from the hardware itself.
| aembleton wrote:
| Loads of Android apps do this. If you are running Android >=9
| then you can block the trackers by changing your DNS settings to
| use one from https://nextdns.io/
|
| Instructions on changing DNS settings
| https://joyofandroid.com/how-to-change-dns-on-android/
| ActorNightly wrote:
| There is a big difference between saying Ring Doorbell leaks user
| data, and Ring App leaks user data.
|
| Even though BBC purposefully puts the wrong thing in the title
| for clicks, I would hope that HN users would pay more attention
| to detail.
|
| In other news, smartphones spy on you.
| supercanuck wrote:
| This is pedantic. The Ring Doorbell doesn't function without
| the App.
| bdcravens wrote:
| You can have the app installed without owning a doorbell
| (using the Ring Security system, for example)
| _jal wrote:
| "No, you see? It is the remote control that explodes when you
| push the button. Not the TV! That's entirely different!"
| damq wrote:
| If hypothetically this analogy was even close to accurate,
| it would be entirely different because the remote is
| usually an order of magnitude less expensive than the TV.
| derwiki wrote:
| I have ring doorbell/cams and use the web site, not the app.
| TheCoelacanth wrote:
| Unless the website is missing those trackers, that's a
| distinction without a difference.
| ActorNightly wrote:
| " Ring doorbell 'gives Facebook and Google user data"
|
| I hope I really don't have to explain the implication in this
| statement of how the doorbell sits there, records/listens,
| and then sends out data to FB/Google.
|
| Versus saying that a smartphone app collects tracking
| analytics, like pretty much every other major app out there.
| sillysaurusx wrote:
| Little story for you.
|
| When I made the GPT-2 Chess notebook (sigh... do I link to it and
| risk seeming like I'm plugging my stuff, or let people google for
| it? Whatever:
| https://colab.research.google.com/drive/12hlppt1f2N0L9Orp8YC...)
| one of the first questions a reporter asked me was "How many
| people played it?"
|
| I had to be like "I have no idea. A few thousand at least, based
| on bandwidth bills."
|
| Then they started asking if I was tracking the games. "Nope. I
| don't like apps that track data, so I didn't want to make one
| here."
|
| And at the end of it, I was like... this is stupid. I should have
| tracked clicks and tracked the games.
|
| We should have a clear distinction between "user data" and "data
| that common people might reasonably care about being tracked."
| The headlines are a strange game of telephone. Every app tracks
| data. That's what most apps are for.
| bmgxyz wrote:
| > And at the end of it, I was like... this is stupid. I should
| have tracked clicks and tracked the games.
|
| Why do you feel this way? I agree with your positions at the
| beginning ("I don't like apps that track data, so I didn't want
| to make one here.") and the end ("Every app tracks data. That's
| what most apps are for."), but I don't see why that would cause
| you to want to have tracked games and interaction data on your
| own project.
|
| Perhaps if I'd ever built something that got popular I'd know
| the feeling better.
| sliken wrote:
| Well generally I think anyone who creates something is
| interested in some feedback on how well it's going.
|
| A developer might react differently if 10 people used their
| software or 10,000. Or even if 10 people used the program
| 1000 times vs 10,000 people using it once.
|
| Not to mention that it's hard to iterate on something and
| make clear improvements if you can't tell how the software is
| being used. Sure you can read forums, tickets, issues, etc.
| But if your settings allow 1000 different configurations and
| 99% of your users use one of 5 different configurations that
| can be a very useful thing to know.
| sillysaurusx wrote:
| Hm. Well, being able to answer basic questions like "How many
| people played it?" and "Can you use the human inputs to help
| improve the engine?" would be nice.
|
| Can't use the human inputs to improve anything if the data
| doesn't exist.
|
| Lichess tracks all games, for example, and I don't think they
| ask for permission. Is that a bad thing? I was forced to
| conclude it's probably fine, but perhaps an argument could be
| made.
| boboguitar wrote:
| The user data for Google is just crashlytics. Saved a few people
| a click.
| rapnie wrote:
| But besides Google there is more than just crashlytics (and
| Firebase Analytics). It contains 11 trackers in total, and
| requires 30 permissions:
|
| https://reports.exodus-privacy.eu.org/en/reports/com.ringapp...
| izacus wrote:
| Yeah, that's shady. But Google and Facebook are the only ones
| highlighted in the title.
| julianozen wrote:
| Is facebook just for auth?
| givinguflac wrote:
| it states it shares with Facebook regardless of you having an
| account with fb
| julianozen wrote:
| I think this is part of the SDK initialization which is
| needed regardless of auth (unfortunately)
| reaperducer wrote:
| _The user data for Google is just crashlytics_
|
| Is there an opt-out? Or, more importantly, was there an
| explicit opt-in?
|
| Data from crashes on my device is still my data, not Google's.
| Google can pop up an alert telling me things went pear-shaped,
| and then _ask_ to send it back to the devs for analysis.
| izacus wrote:
| Every single app on your phone will use such service (Android
| or iOS,).
|
| You're not wrong about ownership of data. But highlighting
| Ring and Google in this manner is some seriously biased and
| dishonest reporting.
| UweSchmidt wrote:
| Highlighting Ring makes sense as it represents a new
| dimension in terms of data collection and data risk.
| Highlighting Google and Facebook makes sense as they are
| the major data collectors who take great liberties in using
| the data to help undermining democracy and manipulate
| individuals through hyper targeted advertisements.
| amiantos wrote:
| iOS crash reporting and analytics are built in, but
| requires explicit user opt-in. It's not a requirement that
| an iOS app use Crashlytics or similar to get this sort of
| data, so saying "every single app will use such service" is
| not exactly truthful. And, besides, saying that "everyone
| does it" is not an excuse for the behavior.
| 7777fps wrote:
| Well maybe Ring shouldn't have bundled so many third party
| trackers.
|
| If it really were just crash reporting, this would have
| probably gone unreported on.
| UweSchmidt wrote:
| Worth noting that "crash reporting" is very much worth
| reporting on and paying attention to, as transmitting a
| lot of sensitive data in crash reports could be
| beneficial to fixing bugs (but obviously not beneficial
| to the indiviual's rights).
| bradly wrote:
| Crash reporting can be important, but there isn't a
| requirement to use an advertising company to facilitate
| it.
| avree wrote:
| This sort of pedantic hand-wringing is tiring. Google
| sells many things, one of which is advertising. Firebase
| Crashlytics may be free, but it's made available by
| Google in the hopes that developers pay for Firebase's
| full suite of paid offerings--it's not to populate
| additional user data to their ad or search algorithms.
| bradly wrote:
| > it's not to populate additional user data to their ad
| or search algorithms.
|
| How do you know this?
|
| Is it "pedantic hand-wringing" to not want my DNA
| analyzed by an advertising company as well?
| Kalium wrote:
| This may be an excessively optimistic read. A person has
| to know a reasonable amount about software systems and
| common development practices to decide crash reporting
| isn't worth writing about.
|
| The bar to deciding that Google is getting user's data
| somehow and this is newsworthy is lower, and requires no
| grasp of underlying details. Technology journalists are
| often journalists first, and technologists second if at
| all. I don't blame them, it's the nature of the job.
| jrumbut wrote:
| This is a company already trusted with extremely sensitive
| information and who have suffered a stream of stories
| suggesting they may not be fulfilling that trust in the way
| a reasonable customer might expect, all the while while
| charging users enough of a price that the service isn't
| obviously ad/data sale supported.
|
| The bar should be a lot higher for them, it's not some free
| tic-tac-toe app.
| [deleted]
| [deleted]
| bosswipe wrote:
| The crash data is needed for debugging. It's debatable if
| it's your data, it's the developer's misbehaving code. An app
| can be architected so more of the code runs on the server
| than on the client, if an action you took on the client
| causes a crash on ny server I'm not going to ask you for
| permission to look at my crash logs.
| pdonis wrote:
| _> The crash data is needed for debugging._
|
| Not by me. I'm not going to debug the app; I'm just going
| to kill it and restart it. If the developer of the app
| wants my data to help _his_ debugging, he needs to ask.
|
| _> if an action you took on the client causes a crash on
| my server I 'm not going to ask you for permission to look
| at my crash logs._
|
| Of course not, but your crash logs aren't coming from my
| phone. If you want to look at data from _my_ phone, you
| need to ask.
| [deleted]
| kingosticks wrote:
| Are many Ring units sold outside of the US? I see them advertised
| as a way to combat this "porch pirate" thing. But to me, as
| someone living in the UK, the idea of a delivery person leaving a
| package on my doorstep for someone to steal is mad. If I'm not in
| I expect another delivery attempt or for the package to be taken
| to the secure local* depot where I can pick it up. If they decide
| to leave it outside my door and it gets stolen, I fully expect
| (and will get) another one delivered at no cost to me, other than
| the time penalty. Why is this even a thing? Is this a new thing
| that Amazon created with their delivery strategy and now you also
| get to buy the solution from them?!
|
| And if it's just a security camera watching my property/car, then
| a dumb one sounds fine and cheaper. Not to mention it'll actually
| look like a security camera which is arguably more valuable as a
| deterrent.
|
| * rarely that local.
| JohnFen wrote:
| Most delivery companies in my part of the US allow you to
| specify what will happen if you're not there when they attempt
| delivery. You usually have options like "try again later",
| "deliver to my neighbor", "let me pick it up", and "leave it on
| my doorstep".
|
| Most people prefer to have it left on their doorstep because
| the other options are a bit of a hassle.
| starvingbear wrote:
| Crassus!
| orion_uranus wrote:
| I don't really understand it either. Just seems like a way to
| preserve costs. Only thing that would come to mind is that the
| US is less densely populated compared to Europe, making
| delivering them to neighbors/local depot a lot more time
| consuming
| m-watson wrote:
| I don't know if the density part is really relevant. One the
| whole, they are comparable. Country to US it varies, and
| States (US) to other countries it varies even more [0]. I
| have lived in several very densely populated cities and they
| all still do porch drop off. I think this may just fall down
| to a cultural difference than anything else.
|
| [0] https://www.lesswrong.com/posts/Hifamb4LTgQooDBYj/worth-
| reme...
| Lio wrote:
| Personally I don't even want a smart TV with a camera or an
| Alexa in my house but a friend was just proudly telling me
| about his new Ring doorbell and I know one neighbour with one.
| (both in the UK).
| xxs wrote:
| Indeed, pretty much for most Europe would be: not signed -> not
| delivered. Either they call before hand (if the delivery
| company has the phone number or they can fetch it), have
| another attempt to deliver, or leave the parcel in a self
| servicing pick up area, dropping a note in the mailbox with the
| code to open.
| thewebcount wrote:
| So they don't leave it on your doorstep, but they put the
| code in your box? That sounds even better for thieves! Get
| the code from the box, go to the self-service area, type in
| the code, and walk away without any suspicion, since that's
| what everyone else there does!
| pbhjpbhj wrote:
| In UK, and most of Europe AFAIK, the "mailbox" is a hole
| that goes through to inside the house. The thief would
| probably have to break in to the house to get the code.
| Porch pirates are specifically avoiding breaking-and-
| entering.
| bmilleare wrote:
| The benefit of something like Ring is that criminals will know
| what they are and that somebody has very likely just been
| alerted to their presence.
|
| I speak from experience when I say they tend not to care about
| traditional 'dumb' cameras as, generally, nobody is going to be
| watching them until after the act.
| tw04 wrote:
| So do you just always have someone at home? Or do your packages
| always go to the secure local depot?
|
| Neither is really a great option in the US because:
|
| most families have both adults working.
|
| Other than a handful of cities, people are so spread out that
| having enough secure depot's in the right locations would be
| astronomically expensive.
| viceroyalbean wrote:
| In Sweden most packages are delivered to third party
| businesses that sign agreements with the delivery companies.
| Places like gas stations, convenience stores and grocery
| stores.
|
| Nowadays there are companies that offer evening time home
| delivery so that you can always be there.
| umvi wrote:
| So basically like Amazon locker
| Noos wrote:
| we have this here in the USA too. UPS has what's called
| "access points" where things can be delivered, or are
| dropped off if they can't get you. Some packages are
| signature required, so if no signing, it gets sent there.
| Convenience stores, etc.
|
| It's just mostly people aren't used to doing that and are
| hard to change. People often just send packages to work or
| a friends house instead. With access points, they can and
| will return a package to sender beyond a certain time.
| JohnFen wrote:
| > People often just send packages to work or a friends
| house instead.
|
| I'd say that about half of the packages that get
| delivered where I work are for individuals getting their
| personal stuff.
| aembleton wrote:
| The options then are
|
| -send it to your workplace if it is allowed
|
| -send it to an amazon locker and pick it up on the way home.
|
| If you have it sent to your house and you're not in, a lot of
| the time it gets dropped off at a neighbours house. I've
| taken in a few parcels when I've been working from home.
| JohnFen wrote:
| > send it to an amazon locker and pick it up on the way
| home.
|
| That's not always a realistic option. I'd have to go pretty
| far out of my way to get to the nearest Amazon locker. And
| it only works if your packages are coming from Amazon.
| kingosticks wrote:
| All of that. Additionally, Royal Mail stuff goes to the
| local sorting office which for most people is pretty close
| by. Services like "Click and Collect" let you deliver your
| parcels to local shops. Amazon don't want to support that
| because it's a cost they cannot control.
|
| It is true that the local depot for other parcel service
| (DPD etc) can be quite far away, but those services usually
| offer a a number of repeat delivery attempts or an option
| to leave with a neighbour.
|
| The number of working adults in a household is irrelevant
| to delivering parcels securely.
| HenryBemis wrote:
| In the UK most building have a "porter" so most deliveries go
| straight to him/her, he/she signs and then drops off the
| packages INTO the flats (yes some keep keys of all flats). In
| the USA you have something similar, building manager(?).
| dylan604 wrote:
| That only works in metropolitan areas. In the suburbs, it's
| single family houses.
| atomi wrote:
| > enough secure depot's
|
| ...like a Post Office?
| close04 wrote:
| If only post offices were used they'd become a huge
| bottleneck in many cities due to queuing and also packages
| get delivered by many other private companies. So lockers
| (Amazon locker, DHL locker) or designated drop off
| locations that can be a regular store or kiosk also pick up
| the slack.
| tw04 wrote:
| You solved it! Except the post office won't accept Fedex or
| UPS packages, and if you try to have a package delivered to
| one, UPS and Fedex will refuse the shipment.
|
| https://www.quora.com/Will-FedEx-deliver-my-package-to-my-
| lo...
| js2 wrote:
| You can redirect FedEx packages to any local Walgreens up
| to midnight before the delivery day. UPS has something
| similar with CVS. For me this is even more convenient
| than USPS due to more locations and longer hours. It
| works even for signature-required packages.
|
| https://www.walgreens.com/topic/promotion/fedex.jsp
|
| https://www.cvs.com/content/ups?linkId=77387667
| tw04 wrote:
| That's cool and something I didn't know about, but I'd
| still argue it does nothing to solve porch pirates in 90%
| of the country. CVS and Walgreens are non-existent in
| rural America outside of large towns/cities.
| greglindahl wrote:
| Most people in the US live near a large town or city. The
| coverage metric that's interesting is people, not area.
|
| When I last lived in a rural area, the UPS guy would
| leave packages inside my unlocked car.
| boring_twenties wrote:
| > secure local* depot where I can pick it up.
|
| This was such a terrible experience the 2 times in my life that
| I've been forced to do it, that I still remember both of them
| vividly almost 15 years later. You can be sure I'll never do
| that again regardless of the purchase or price. There is
| nothing for sale anywhere on this earth that would be worth it.
|
| > If they decide to leave it outside my door and it gets
| stolen, I fully expect (and will get) another one delivered at
| no cost to me, other than the time penalty.
|
| That's exactly what happened the one and only time I've had a
| package stolen from my porch. It was an external hard drive
| worth around $100. Amazon sent me a new one immediately. I even
| tried getting the serial number out of them (at the request of
| the police) and they were like "haha, no. Here's free one day
| shipping on your replacement, and we consider this matter
| closed."
| zeveb wrote:
| > But to me, as someone living in the UK, the idea of a
| delivery person leaving a package on my doorstep for someone to
| steal is mad.
|
| I think it's true that across most of the U.S. if it _weren 't_
| safe to leave a package at one's house then people would be up
| in arms demanding that the police do their jobs. ISTR that the
| U.K. crime rate is about 21/2 times that of the U.S.
| zweep wrote:
| American suburbs are relatively high trust environments (and
| used to be much more so). It's quickly fading though.
| AdmiralGinge wrote:
| >If I'm not in I expect another delivery attempt or for the
| package to be taken to the secure local* depot where I can pick
| it up.
|
| It's not the lack of localness that's the problem for me in the
| UK, it's more that most depots are only open 9-5 when people
| are at work. If you have anything resembling a long commute
| (particularly by public transport) then you can get really
| screwed over, especially if you can't drive for whatever reason
| you pretty much have to take half a day off to collect your
| package in many cases.
| stronglikedan wrote:
| I'm in the US, and I have a UPS depot that I can walk to if I
| miss a delivery with signature required, and that depot is
| open from 10AM-9PM seven days a week. The absolute maddening
| part is that, instead of taking undelivered packages to the
| depot at the end of each day, they wait until the next
| business day!
|
| I try to avoid using UPS when I can, since they are the most
| user hostile delivery service in my area. I have more of a
| chance of getting a package on time when they leave it on my
| porch unattended.
| simmonmt wrote:
| Deliveries left unsecured on a doorstop is a common practice in
| the US, typically found in low-crime residential areas. It was
| by no means invented by Amazon -- it's been a thing for a long
| time.
| cheeze wrote:
| I feel like Europeans often forget just how big the USA is. I
| live in a major metro. Just like in EU, it would be ludicrous
| to leave a package on someones doorstep.
|
| But if you live in a rural area, things are completely
| different. Which from my understanding is the same as EU for
| the most part.
| sib wrote:
| In the past 20 years, I've lived across the major metro
| areas of Seattle, Silicon Valley, and now Los Angeles. in
| all places, it's been common practice for delivery
| companies to leave packages outside unless the shipper has
| specified otherwise for a high-value or theft-prone item.
|
| Over literally thousands of deliveries during that time,
| the number that have disappeared mysteriously is under 1%.
| In fact, more have not been delivered at all (i.e., fraud
| on the part of the delivery person) than have been stolen.
| thinkingemote wrote:
| 1% is pretty high theft rate. 1% means if you get a
| package every week, once in 2 years one will be stolen.
| Or it means in a city of 100,000 1000 people will have
| thefts of their packages.
| bart_spoon wrote:
| Its pretty common in non-rural areas in the US. I live in a
| suburban area and its normal. Some of my coworkers who live
| downtown have had issues with porch pirates, so I'm
| assuming they have porch drop off as well.
| tharne wrote:
| This is very common even in higher density suburbs. Unless an
| area is known to have a crime issue, it's standard practice
| in the U.S. to leave the package on the front steps. I've
| lived in the burbs for the vast majority of my life and have
| never had a package stolen. Despite common media portrayals,
| the U.S. is mostly a very nice place to live.
| dpkonofa wrote:
| Does this only apply to the Android version? Wouldn't the iOS
| version need permission to collect things like bluetooth info?
| bogomipz wrote:
| The privacy horror aside is there a possibility that this data
| sharing could possibly be used to subvert the security of the
| owners home that ring is protecting? Could patterns be inferred
| such as a home owner's work schedule, when they are on vacation,
| that they might be using a device with outdated firmware etc? Or
| is that too far fetched?
| mirimir wrote:
| This is truly ironic. In that Amazon is using FUD about crime to
| expose people to potentially criminal exploitation.
| 5cott0 wrote:
| Half a dozen ad trackers, a/b testing frameworks, & analytics
| libraries have been the standard in mobile apps for years.
|
| Growth at all costs.
| rooam-dev wrote:
| How should someone grow a product without a/b testing and/or
| metrics?
| 5cott0 wrote:
| Did I say you could? Just pointing out the standard because
| I'm somewhat surprised this is news to anyone here.
|
| A growth at all costs mindset in many cases leads to
| redundant and irresponsible overuse.
| andrewxhill wrote:
| For those interested in alternatives, check out this project to
| build an open, privacy-preserving home AI/ML platform
| https://www.kickstarter.com/projects/aikea5/aikea-your-priva...
| ponsin wrote:
| > Reusability and recyclability
|
| Our decision to use the Raspberry Pi 4 and not a proprietary
| development board was due to the ease in which AIKEA can be
| recycled into other projects and devices, should backers no
| longer need a home security device.
|
| nice
| BubRoss wrote:
| What does 'home AI' even mean? Most people just want a video
| camera with a webserver on their doorbell.
| sliken wrote:
| I suspect it means using ML to identify things in the camera.
| Like say cat, dog, man with clip board, man carrying box,
| etc.
|
| I've love to get a hangout/signal/IM text identifying
| anything approaching my door without having to look at a
| picture. Bonus if the face recognition is good enough to
| recognize family.
| jacquesm wrote:
| Quite likely many people don't even want the webserver.
| ta999999171 wrote:
| webservers can be local, homes.
| Jamwinner wrote:
| Still just another useless attack surface.
___________________________________________________________________
(page generated 2020-01-28 23:00 UTC)