[HN Gopher] Sonos is spying on me (and you)
___________________________________________________________________
Sonos is spying on me (and you)
Author : gingerlime
Score : 178 points
Date : 2020-10-04 17:18 UTC (5 hours ago)
(HTM) web link (blog.gingerlime.com)
(TXT) w3m dump (blog.gingerlime.com)
| bobwall wrote:
| I recently got the outdoor Polk audio speakers. And have them
| hard-wired to a fairly high-end receiver. The sound quality is so
| much better. I listen to a lot of vinyl, so that makes it an
| easier choice too. We use the smaller WonderBoom speaker when we
| do need it for the beach or something, but when at home, I will
| always chose to get the hard-wired path. Regardless how quickly
| the Sonos speakers connect to your source, hard-wired is better
| quality and is always connected.
| mimixco wrote:
| The OP writes that Sonos speakers can function without an
| internet connection which is entirely untrue and what
| differentiates the product from others in the market. Sonos
| speakers access the net and your streaming music accounts by
| themselves without using your phone and you can demonstrate this
| by turning off the phone while they're playing. Logically,
| therefore, the cloud service on which this relies must keep that
| personal info about you. Location is used to find the speakers
| around you when you're using the phone app.
|
| I'm very against unnecessary data collection and even more
| opposed to companies selling my data, but I'm very happy with my
| Sonos and I don't see any evidence that they're doing either of
| those things.
| williamscales wrote:
| > Sonos speakers access the net and your streaming music
| accounts by themselves without using your phone and you can
| demonstrate this by turning off the phone while they're
| playing. Logically, therefore, the cloud service on which this
| relies must keep that personal info about you.
|
| This is definitely one model, there's also the chromecast model
| which allows you to turn off the phone. I guess it might not as
| fully featured as Sonos though? Chromecast appears to work by
| the service issuing a token of some kind to the chromecast
| after you start playing from your phone.
| clairity wrote:
| i own an old play:1 for the bathroom, which hasn't been updated
| since sonos started requiring accounts a few years ago. it
| happily chugs along without any of my personal info (though i
| only listen to free stations, not subscription-based ones).
| avianlyric wrote:
| > The OP writes that Sonos speakers can function without an
| internet connection which is entirety untrue
|
| Afraid you've got this a little wrong. It depends entirely on
| what music services you use.
|
| It's quite possible to use Sonos speakers without an internet
| connection if you use something like AirPlay, a local NAS, or
| an audio in (e.g. TV or Record Player).
|
| If you wanna use a streaming music service like Spotify, then
| obviously they need an internet connection. Unless of course
| you stream via your phone using AirPlay, but your phone will
| probably still need an internet connection.
| rsync wrote:
| "It's quite possible to use Sonos speakers without an
| internet connection if you use something like AirPlay, a
| local NAS, or an audio in (e.g. TV or Record Player)."
|
| Yes, this is technically true (and is my primary use-case for
| Sonos). However, in the 15 years that I have been in their
| ecosystem, the ability to play while Internet-disconnected
| has ranged between completely non-functional to sort-of
| functional to only-functions-when-Internet-perfect.[1]
|
| The fact is, they don't care about this use-case anymore and
| don't devote resources to testing and bug-fixing it.
|
| [1] There was a long period of time when Sonos worked fine
| with no Internet, and also with perfect Internet, but if you
| had laggy or lossy Internet they would just puke.
| pintxo wrote:
| True, no need for a controller (phone).
|
| But the sonos speakers themselves are little controllers, in
| theory they can perform all necessary actions, store the needed
| data and talk to any streaming services. Why is there a
| technical need for a cloud service?
| avianlyric wrote:
| > Why is there a technical need for a cloud service?
|
| oAuth? I suspect a primary need for a cloud service is to
| just handle authentication with music services.
|
| In theory you could do it entirely locally, but then you
| would run into super weird and dangerous (from a security
| perspective) situation where the redirect leg of the oAuth
| would need to point to a local IP address or similar.
|
| I imagine it is possible to work around these issues, but it
| would be a huge faff, and would be very hard to make it as
| slick as a cloud based system.
|
| Ultimately most consumers just don't mind signing up for
| things. So why make your engineering 50% more complicated for
| a tiny minority of your target market.
| Bud wrote:
| On the contrary, it's really quite easy to run a NAS and do
| all your music locally, and it's very easy to make it "as
| slick" as a cloud system. Millions of people are doing this
| already with products like Plex.
| avianlyric wrote:
| I'm not saying that running a NAS is hard. I'm saying
| that most of Sonos customers don't run a NAS, they use
| something like Spotify.
|
| The number of Sonos customers that are really interested
| is a local only setup in the music streaming age is
| vanishingly small.
|
| I run a NAS, Plex, and even had a local music collection.
| But I've ditched it for Spotify. I simply can't be
| bothered to deal with the faff. When I want music, I want
| it to work first time every time, not a 1% chance that
| something brakes that require 30mins of my time to fix.
| ashtonkem wrote:
| Stuff like this is why I keep cobbling together my own systems
| out of open source components. It's less slick than a turnkey
| solution like Sonos, but it makes me feel less like a resource
| that's being exploited by another big company.
| TLightful wrote:
| Care to share the main components of your setup?
|
| I've been close making an investment in Sonos, mainly in Amps
| to ensure good multiroom and the simple Sonos experience.
|
| But tired of reading this kind of stuff and the usual "large
| company" bullsh!t.
|
| Thanks,
| jannes wrote:
| Not to mention the fact that their app is constantly bugging me
| to turn on the "recently played" feature, which will store my
| listening history on their servers.
|
| There is a "Hide" button which dismisses it for a few days, but
| then it just comes back. I keep denying it every single time, but
| the app doesn't care how often I have denied it already.
| centimeter wrote:
| It shouldn't surprise anyone that sonos does malicious shit with
| their software given that you can't set up these speakers without
| A) giving them an internet connection (local wifi is not
| sufficient) and B) creating a sonos account.
|
| There is _zero_ legitimate reason that speakers need to phone
| home or be associated with your identity to function.
|
| Any device that has mandatory account registration should be
| looked upon with extreme suspicion.
| mrweasel wrote:
| I haven't tried Sonos, but if a product, which you'd assume is
| more or less just a speaker, requires you to "sign up" or to some
| extend expects you to manage it via a smart phone, you should
| generally be sceptical.
|
| What annoys me is that Sonos shouldn't even need to do this crap.
| The people I know who own Sonos products love them and already
| pay a premium for the product. How much can they honestly be
| making of this data?
|
| We know from a few years back, that the experts in violating your
| privacy, Facebook, will make around $60 per year, for an
| American, somewhat less for Europeans and nothing from everyone
| else. I doubt that Sonos is able to make ANY meaningful profit
| from the data they collect, so why bother?
|
| It's the same with Samsung, how much does it cost to develop and
| maintain the infrastructure for collecting data, compared to how
| much money is to be made?
| callmeal wrote:
| >I haven't tried Sonos, but if a product, which you'd assume is
| more or less just a speaker, requires you to "sign up" or to
| some extend expects you to manage it via a smart phone, you
| should generally be sceptical.
|
| It's worse than that. Not only do you need to have an account
| to use these speakers, but there's no way to run them without
| using the built in app, and there's no way to avoid getting on
| the upgrade treadmill with the app.
|
| I had a sonos setup I was very happy with, until I was forced
| to upgrade my laptop app because it wouldn't let me play any
| music without upgrading. And then guess what? My laptop was too
| old (circa 2010 17" macbook pro) for tne new app, and when I
| complained on their forums, was told to upgrade my laptop
| because the os was no longer supported and it was a "security
| risk to run old operating systems".
|
| Goodwill was very happy to receive those speakers that week,
| and sonos is now on my list of companies I will never buy from,
| and on the list of companies I will take time out of my day to
| make sure my friends (irl and internet strangers) hear about
| their practices.
| Agentlien wrote:
| I used the Sonos app to set my speakers up once. Since then I
| just use whatever device (usually phone or TV) is nearby to
| control them via spotify. Works excellently.
| bambax wrote:
| I hate them for the same reason.
|
| They also had dedicated controllers which were deprecated,
| but a phone app isn't as versatile. You can't lend your phone
| to a guest at your house, or to a kid, etc.
| bloat wrote:
| Sonos speakers are DLNA sinks. Once they are set up you can
| stream music using something like
| https://github.com/masmu/pulseaudio-dlna, without using the
| Sonos app on your phone or computer.
| recursive wrote:
| What would be really cool (to me) is if the speakers were
| exposed as Bluetooth audio devices. I don't want to have to
| think about how to setup DLNA or what's compatible with it.
| contravariant wrote:
| DLNA and external speakers are 2 very different things.
| Suffice it to say you should choose and buy the kind of
| device you want.
| amelius wrote:
| It's recurring revenue, while they only sell a speaker once.
|
| Anyway, I don't understand why governments don't ban user
| tracking or targeted ads.
| mrweasel wrote:
| Ah, I've been thinking about this, what we need to ban is
| this:
|
| * The creation of products or services derived from the
| collection of users private information.
|
| I don't expect Garmin to not track their users, that's
| basically the feature we bought when we buy their watches.
| Sonos/Samsung/Facebook/Google, who-ever, should be allowed to
| collect data on their users, BUT they should NOT be allowed
| to turn that data into a product that is resold to third
| parties.
|
| For most companies that would mean the end of data
| collection, while not preventing those companies who use the
| data for creating meaningful services to do so.
| teddyh wrote:
| Wouldn't that merely create an incentive to work around the
| "no third party" rule by doing everything in-house? Like
| Google, for instance.
| mrweasel wrote:
| Googles ad department wouldn't be able to sell targetted
| ads, because that based of their collected data.
| amelius wrote:
| Yes, data brokers should not be allowed to exist [1].
|
| But I also think that any collection of data for
| advertising purposes (e.g. by Google) is unjustified,
| simply because if the user is looking for a product they
| can enter the data that they think is relevant in a search
| (which is immediately forgotten), and this could provide
| similar accuracy to following the user without the
| downsides. (In case of such a "product search", Google
| could extend the search procedure by adding some questions
| and/or checkboxes, as long as they forget the data
| immediately.)
|
| [1] https://clearcode.cc/blog/what-is-data-broker/
| HenryBemis wrote:
| >governments don't ban user tracking
|
| You mean like governments whose "authorities" salivate when
| someone has a "smart device" (aka something in your house
| with a camera and/or speaker) that records every word you say
| 24/7? The same government/authorities that solve crimes based
| on your fitbit tracker tracking your heartrate? (It was in
| the news a couple of years ago - also discussed in HN)
|
| Most "eyes" governments do their best to increase tracking,
| reduce encryption, reduce the cost of policing (and
| information collection and processing).
| amelius wrote:
| _Some_ people in a government perhaps, but certainly not
| _all_ people in a government.
| alexchamberlain wrote:
| Sorry, where is the evidence Sonos is selling any of this data?
| jacquesm wrote:
| Sonos is a horrible little company and the sooner they die the
| better. Privacy violations, intentional bricking of devices,
| grafting a service onto hardware that doesn't need any, forcing
| users to disclose a ton of information they should never have to
| disclose in order to get their bloody speakers to work.
|
| Sincerely hoping that the GDPR will be used to maximum effect to
| show once and for all that these practices need to end.
|
| Them saying they have a 'legitimate interest' does not make it
| so, that's just a preemptive strike against their future GDPR
| audit.
| ycombonator wrote:
| Assume that any microphone not under 'your control' and has an
| opaque interface is spying on you.
| fphhotchips wrote:
| None of this seems unreasonable?
|
| I don't even own a Sonos (the whole forced obsolescence thing),
| but there's a whole range of reasons they'd need location; at
| least on Android it's basically a proxy for Bluetooth access
| (don't know if that's the case on iOS), but there's also other
| legitimate reasons for it like determining correct WiFi channels
| for the region, detecting nearby speakers, etc etc. The account
| has obvious legitimate uses for features the speakers provide.
|
| The only thing that's questionable to me is the Activity
| Information. Which you can opt-out of. So, if you don't like it,
| opt-out.
|
| If you're one of the many people on thread complaining about the
| account requirement, I suggest you buy one of the many speakers
| that doesn't require an account. It'll probably be cheaper, too.
| pimlottc wrote:
| It's worth mention what this doesn't include - namely, audio
| recordings. Sonos should at least get credit for offering a
| microphone-free version of their products for users who don't
| want to an Amazon/Google/Apple listening device into their home.
| Definitely helped sway me into choosing Sonos when I was shopping
| for wireless speakers.
| xoxoy wrote:
| it's surprising this is still surprising. IOT is inherently
| invasive. Anyone who gets an Alexa speaker or Google one or a
| Roku and is surprised they are spy devices is just telling on
| themselves at this point.
| mdoms wrote:
| Why would you give a speaker your email address? I would return
| it the second I was faced with that.
| techslave wrote:
| thought this would be useless griping of sonos that has existed
| for years now. no, this is new and valuable information. glad i
| got rid of sonos long ago.
| hsbauauvhabzb wrote:
| I just went to disable data collection in the Sonos app. It was
| the only part of their app hidden behind a password - seems like
| it's trying to dissuade people from accessing that particular
| setting...
| s1mon wrote:
| Location data may be necessary for the simple reason of following
| the local laws for WiFi channels. Different countries allow
| different channels to be used at different strengths. If that's
| the case, Sonos should make that more clear.
| TedShiller wrote:
| I bought one too, and when it forced me to provide my location
| during activation I just laughed and promptly returned the
| speaker.
|
| First, nobody needs to know my location for me to listen to
| music. Second, when Sonos goes out of business in the future,
| they want their speakers to become landfill?
|
| Nobody should support a company like that. There are too many
| great dumb speakers out there.
|
| I ended up getting a Xeo2 speaker from Dynaudio. So much better
| quality anyway.
| chromatin wrote:
| I really need an open alternative -- sonos speakers run linux
| under the hood (AFAIK), and I would be surprised if there is not
| a RPi powered project somewhere. The speaker hardware is perhaps
| the hard part.
| mnd999 wrote:
| Logitech Media Server / Squeezelight on some Pis (or whatever)
| should do it.
|
| It's pretty old skool now but it works just fine. Has plugins
| for airplay and whatever android does as well.
| contravariant wrote:
| It's a bit annoying that Logitech killed the squeezebox,
| which made it somewhat more accessible, but I believe that
| thanks to that the code is open source now, so there's that.
| eddieroger wrote:
| I agree there should be a compute platform somewhere to do
| this, but having listened to (and owning one) a few Sonos
| products, I think the technology is the less interesting part
| of the deal. Their speakers sound really good, and seem to make
| my sources sound really good in a really easy to use package. I
| have their AirPlay 2 compatible soundbar, and it works so well
| when hooked up to my TV as the input, and seamlessly can then
| receive AirPlay from my devices and fill a room. If there is an
| open source equivalent, or plans to make one, I would love to
| see it paired with really amazing sound producing hardware.
| chromatin wrote:
| Agree -- I have two old Play:1 synced in a L-R stereo pair
| which sounds fantastic.
| monocasa wrote:
| SnapCast is what I've been looking at in that space.
|
| https://github.com/badaix/snapcast
| gchucky wrote:
| I run Snapcast across my house connected to MPD running on a
| local Linux box, and have been pretty happy with it. I've had
| to do very little maintenance to keep things running.
|
| The main thing I haven't been able to figure out is how to
| have multiple Snapcast streams and control which room listens
| to what. I don't actually think it's possible to do.. (though
| I could be wrong?)
| jeffbee wrote:
| Sonos uses location data because it allows you to control nearby
| speakers.
|
| The only thing that really bothers me about the mandatory sign-in
| thing (which is new ... there was no reason to sign in for the
| first 15 years of the product) is that their password flow sucks
| and I end up having to look up the password in my password
| manager and type it in. Would be much better if I could simply
| authorize new clients using my web browser, they way you do it
| with Amazon Prime Video on a new TV.
| pmlnr wrote:
| Lol, no. That's the right needed on android to scan the
| available cells, and wifi aps.
| lprd wrote:
| Excellent write-up! If one is looking for a better alternative,
| just buy a modern receiver with airplay 2 built in and pair it
| with some decent speakers. Not only will that sound better by an
| order of magnitude, you'll have the option of upgrading your
| system over time.
|
| I admit that Sonos has the high ground when it comes to
| convenience, but after reading this and being burned by their
| bricking policy on older devices, one is far better off with a
| traditional 2.1 set up (at least for a living area).
| reid wrote:
| I just got a few smart speakers as well and avoided Sonos.
| Decided to go all in on AirPlay 2.
|
| JBL Link Music devices are about $70 right now and support
| AirPlay 2 only operation with no need for another app, just the
| built-in Home app. I picked up 3 locally from Home Depot and I'm
| happy with 'em. They also have 5 GHz Wi-Fi and the connection a
| bit better than the 2.4 GHz AirPort Express when far away from my
| AP.
|
| And if you already use Google Home, these work with it too with
| Chromecast built-in, but it's optional. I just kept them AirPlay
| 2 only.
|
| I also use hard wired Ethernet on AirPort Express devices as
| AirPlay 2 receivers. They all mix together nicely. Planning to
| add wired outdoor speakers with a spare one.
| Lutzb wrote:
| I hope that in the future we will get some insight on how sonos
| became the company it now is. When they started there were no
| mandatory accounts, no spying, dedicated remotes (i.e. no
| analytics). I really wish we could get back to this time.
| [deleted]
| orev wrote:
| It's really not hard to see why all tech companies are going
| this way. Data collection is the new gold rush and any company
| not trying to get into it will lose to ones that do. It not
| really much of a mystery.
| geekuillaume wrote:
| Shameless plug: I'm building an alternative to Sonos focused on
| managing audio streams on your home network. It's a software and
| a controller webapp to broadcast synchronized audio on any number
| of Windows / MacOS / Linux / Chromecast / Airplay speakers / Web
| pages / Philips Hue (light synchronized to the audio). It's
| available on https://soundsync.app/ and the sources are on
| Github: https://github.com/geekuillaume/soundsync
| kingosticks wrote:
| I like the inclusion of synchronising browser playback also,
| that's something beyond what snapcast offers. And it seems to
| be based on webRTC, is that right? Any pointers for integration
| with a gstreamer-based source?
| bambax wrote:
| Looks very good!!
| crooked-v wrote:
| This reminds me that I'd really love to find something that can
| take advantage of the implicit capability of Dolby Atmos to use
| a nigh-arbitrary arrangement of various speakers as a unified
| soundscape.
| lawn wrote:
| I was wondering what I should replace our sonos with. This
| looks quite interesting, thank you.
| xpe wrote:
| Could you comment on if SoundSync uses
| https://en.m.wikipedia.org/wiki/Open_Sound_Control ?
| tmikaeld wrote:
| Really well done and a fair license too.
|
| Thanks for sharing!
| yalogin wrote:
| Sonos is just a speaker. IMO that is it's main allure. They don't
| need to know who I am and they don't offer me services or expect
| recurring revenue from me. At least that's what one would think.
| Looks like they went into the data harvesting business too. Too
| bad.
| jowsie wrote:
| Someone at every company has clearly done the math and decided
| the security conscious customers they alienate/lose will be
| massively offset by the amount of revenue they can generate by
| harvesting data. I'm no longer surprised to find [random simple
| device] is sending any data it can find off to third parties
| anymore.
| chubot wrote:
| Reading between the lines in Wikipedia, it seems like they
| were forced into a pretty hard pivot in recent years. I think
| people were pressuring the founder/CEO to switch to a
| different revenue model, and then he stepped down shortly
| thereafter.
|
| It's hard to compete in this area for sure. I want a no-
| cloud, LAN not WAN speaker, but I think economics forces them
| to do the "Big Tech" thing ... That business model works :-/
|
| It does seem like another instance where the markets are
| "broken" (or maybe not, I guess most people just like giving
| up their data, and they don't have subscription fatigue)
|
| Looking at the last data point, I feel like they'll be
| incentivized to do more of this kind of stuff to improve the
| business.
|
| https://en.wikipedia.org/wiki/Sonos
|
| _In March 2016, CEO John MacFarlane announced the company 's
| shift to streaming music services and voice control instead
| of local playback, and laid off some employees.[25]_
|
| _In July 2016, the company opened its first Sonos Store in
| SoHo.[26]_
|
| _In September 2016, the company announced that its products
| would become available at the Apple Store.[27]_
|
| _In January 2017, MacFarlane announced via the company 's
| blog that he would be stepping down from his role as CEO, and
| that he would be succeeded in this position by former COO
| Patrick Spence.[28]_
|
| ...
|
| _In August 2018, Sonos went public, trading on the NASDAQ
| under the symbol SONO.[30]_
|
| _In November 2019, Sonos acquires Snips SAS, a privacy-
| focused AI voice platform for connected devices with the goal
| to bring a music-specific assistant to its devices.[3]_
|
| _In June 2020, Sonos announced plans to lay off 12% of its
| workforce, close its New York store and six of its offices,
| and cut its top executives ' pay by 20% for three to six
| months, in response to the economic disruptions caused by the
| COVID pandemic.[32]_
| derriz wrote:
| "John MacFarlane announced the company's shift to streaming
| music services and voice control instead of local playback"
|
| That's all fine and best of luck with the pivot. Businesses
| change focus all the time.
|
| What is has made me despise the Sonos company and culture
| is that they effectively forced pre-pivot customers who
| bought Sonos products (which were designed and sold
| primarily for local playback) to make that pivot also or
| else have their devices bricked.
| naskwo wrote:
| For "offline" speakers, just buy some (used) Bang & Olufsen
| speakers (with built-in amplifiers) and a Bluetooth receiver to
| connect your mobile device. Done.
| mimixco wrote:
| One thing non-Sonos owners might not realize about their business
| model is that it is the _opposite_ of subscriptions. Because the
| software is so cool (creating an infinite jukebox out of all your
| music sources and subscriptions, both local and online), you are
| inclined to buy their boxes.
|
| Sonos doesn't charge anyone for using the software and there are
| no ads introduced into your listening experience by Sonos. Their
| idea (and I think it's a great one) is to make the listening
| experience so great and so unique on their hardware that you are
| simply compelled to buy more of it and to recommend it.
|
| I started out with a Play:5 and upgraded a year later to a second
| one to make a stereo pair. I've also used these units in business
| with 5-7 Play:3s and multiple employees controlling them from
| their phones. There is simply nothing like this in the Bluetooth
| or other "smart speaker" worlds.
|
| My house could support two Play:5s in four rooms + outside. Sonos
| setups offer "Disney-like" sound control where you decide what
| music plays in what room(s) and at what volume. Were they to
| convince me to part with that much money, they could sell me $5K
| worth of speakers just based on the software experience (and the
| great sound quality, which no one disputes).
| tomc1985 wrote:
| How about having their business model as selling solid wireless
| speakers without all this extra value-added smart crap
|
| Their current business model is not worth defending. There is
| no reason a smart speaker needs location access, network
| access, an account, or even a privacy policy. I wish someone
| would bring these folks to heel
| t-writescode wrote:
| Well, it likes network access to be able to stream music from
| Spotify or whatever, but I get your point.
| azinman2 wrote:
| Sure it does -- because it's thru your network that the
| device works, thru your account they see each other and
| registers/links with various services, and location access
| (which I don't believe I've ever had requested) could easily
| be for available stations etc.
|
| I'm not seeing the big deal here. When the title said it's
| spying on me, I thought it was listening with its microphone.
| This is making a big deal about nothing AFAIK.
| tomc1985 wrote:
| > soon to realize that I need to register with my email
| just to set up the device on my network
|
| If they want to do stupid value-added convenience crap then
| fine. But does the speaker work without the account? (No.)
|
| There are many possible paths they could take for allowing
| the device to connect to various services and other
| devices, and Sonos happened to choose the cheap way. These
| smart devices should not require a cloud connection just to
| operate when there are plenty of ways of interfacing with
| them that are completely local.
|
| My Windows computer does not require a Microsoft account to
| be able to use Spotify or Netflix or whatever. These things
| can all run independently and be setup through a local
| connection or a digital display. Why should a speaker?
| inopinatus wrote:
| The article is garbage. It's by someone who either doesn't
| understand how networked devices function, or does but
| wants to write a slanderous hatchet job.
|
| Of course it needs your bloody Spotify username, it streams
| Spotify for you, and the control protocol runs through a
| cloud service so that you can control it universally.
| Complaining about that seems like idiocy, frankly.
| tomc1985 wrote:
| I think they understand better than you think. Requiring
| a cloud connection just to set up a piece of hardware
| reprehensible.
| inopinatus wrote:
| It isn't a piece of hardware. This is the false conceit
| underlying not just the article, but also the obscene
| pile-on of uninformed ranting in these comments.
| jonahbenton wrote:
| Sonos speaker owner for more than 10 years, and also privacy
| engineer.
|
| This article is largely wrong, on substance, on inference, and on
| intent.
|
| There are a LOT of businesses that create privacy problems in the
| world. My experience with and read of both Sonos' business and
| their privacy policy- what they are doing is not problematic.
|
| To the specific points in the piece:
|
| 1. why does Sonos need location
|
| To provide music service choices that are appropriate for the
| region the owner is listening from. This is necessary from an IP-
| Intellectual Property- perspective. Not debatable. Please share
| naive takes on the legitimacy of IP in other fora.
|
| 2. additional usage data
|
| First, some context- as a business, you absolutely NEED to KNOW
| YOUR CUSTOMERS.
|
| The most expensive sales are to new customers. The cheapest are
| to satisfied existing customers. The differences in these costs
| are often in the orders of magnitude. They are the difference
| between profitability and bankruptcy. There is no debate about
| this. It is the nature of business: of sales, of marketing, of
| user education. If you want to run a business, you have to know
| whether your products are working for your customers.
|
| Now, how do you know whether your products are working for your
| customers? Here's a secret- THEY WILL NOT TELL YOU. Yes, some
| vanishingly small fraction will complain when something doesn't
| work, or credit you with their joy. But the vast (VAST) majority-
| between 99% and 99.99%, depending on product and scale and so
| forth- you will hear NOTHING from.
|
| In that context, how do you know whether your product is working,
| whether they are using it- and presumably enjoying its use?
|
| The implicit exchange here- as a user- is between communicating
| with the vendor, or, permitting the product to provide usage data
| to the vendor.
|
| On this question, people fall on a bimodal distribution. There is
| a tiny (TINY) fraction who prefers to communicate and not have
| usage data collected. This fraction can be very helpful, but also
| completely unhelpful, because they are a vanishingly small
| fraction, and not representative, of the market.
|
| Therefore, in order to run a business, and to know your
| customers, you have to get the usage data from the product
| itself.
|
| Of course, what usage data do you collect? Here's where we get to
| legitimate interest, probably the most misconstrued part of the
| article.
|
| 3. legitimate interest
|
| The author of the piece makes a big todo about this, but then
| bails at the last minute with:
|
| > If you read their privacy policy further, you could spot the
| real incentives and potential uses of the data, but I won't dive
| into it here. I do recommend reading it though.
|
| Yes- go read the privacy policy. It's very well written,
| describes exactly what and why, in very clear terms. The
| incentives are- being able to stay in business selling speakers
| that people like and use without building a surveillance
| infrastructure.
|
| The author also says-
|
| > In my mind, most of this collection is unnecessary.
|
| Let me be blunt- your mind does not know what is involved in
| keeping a business alive.
|
| Also:
|
| > Do they need to collect all this personal data about me to
| determine what feature improvements would please their customers
| most? I don't think so.
|
| I'm sorry. You're wrong.
|
| Sonos is in fact a great case study. The business did run
| entirely without any customer accounts or other usage monitoring
| for the first several years of its existence. Guess what? They
| were unprofitable, and running out of cash, headed to failure.
|
| New leadership, changes in these practices to pay more attention
| to metrics and usage, and to the market, has enabled them to
| survive, even when facing increased competition from the tools
| that are cheaper surveillance vehicles.
|
| Sonos is clear that their business is not dependent on
| advertising or other data harvesting-based business models. One
| can decide not to believe them, but one should take that step
| from a position of knowledge and awareness, both of what is
| involved in running a business- with a vested interest in having
| happy, engaged users- and also in the distinctions between
| surveillance businesses and non-surveillance businesses. The
| author does not understand these things.
|
| The author concludes with some ridiculous recommendations, like
|
| > Don't connect your Sonos to 3rd party services: Sonos would
| encourage you to give it access to your Spotify account, Amazon,
| Apple or any other 3rd party music service. You don't actually
| need it in most cases. You can use the music service directly,
| and just play it on your Sonos speaker as a destination (e.g.
| using Airplay)
|
| Not only is this a distinction without a difference- any privacy
| violation is going to be happening at the 3rd party music
| service- this is an example of a user being ignorantly hostile to
| a business they bought a product from.
| eludwig wrote:
| Not making excuses for this issue, but it seems to me that
| keeping a company like Sonos (upscale audio hardware) alive &
| prosperous with the crazy megalithic competitive forces that lurk
| on all sides must be a nightmare.
|
| On the one hand you have Apple and their half-hearted (for now)
| entry, and at the low end you have Alexa/"Talk to it" speakers.
| These alternatives seem destined to encroach on the Sonos turf
| come hell or high water.
|
| I will say that for their intended purpose--streaming music to a
| network connected speaker, Sonos speakers just work great! Their
| app interface, while not a great experience, functions. When I
| click "Play," stuff immediately comes out of my speakers. NOW.
| There is never a delay, never a spinning pizza, never, never
| NEVER! (anecdata, of course)
|
| So I (me, not you) can't blame them for wildly thrashing a bit on
| the data collection side. I get it. They are terrified they are
| going to get squeezed eventually.
|
| Do I wish they would reconsider advertising and related marketing
| shenanigans as business models? Yes, I do. For now they meet my
| needs and they just work. It's a trade off I'm (me, not you) are
| willing to make for now.
| clairity wrote:
| the core business problem for sonos is that they were a one-
| trick pony that didn't strategize. they assumed they had
| cornered their little market segment and focused on feathering
| their nest, rather than monitoring and adjusting to wider
| market dynamics. entrenchment is not a (sustainable) business
| strategy.
|
| when sonos came to market, they were the best repositionable
| home speaker system, hands down. their primary differentiator
| was their superb and resilient audio-syncing capabilities (not
| it's less-defensible content catalog, though that helped as a
| flanking feature).
|
| they had the chance to become _the brand_ in home audio, and
| they blew it. phenomenally. likely because they were under-
| /mis-invested in r&d, and possibly also under-capitalized
| (often because founders don't want to risk
| devaluation/dilution).
|
| from that base of home audio, they were perfectly positioned to
| become the home hub of the future, the nerve center for
| everything audiovisual (and beyond) in the home. instead, they
| got distracted by clouds, analytics, big data, and every other
| tech buzzword floating about. it's business strategy 101, and
| the perfect business case fodder.
| lostlogin wrote:
| How have they blown it? I have tried a few systems and none
| work as well as theirs. I'm not interested in voice activated
| anything, which may make me an outlier.
|
| This article (and a post yesterday that said similar) have me
| making some system tweaks and the Pihole is part way their. I
| think I'll just block the speakers at the firewall to keep
| things simple.
| echelon wrote:
| You can only sell so many speakers to your customers.
| They're not disposable commodities that need annual
| refreshes. I'm not buying any more Sonos equipment. I was
| done five years ago.
|
| Sonos is trying to deprecate their older models and
| introduce planned obsolescence. They had a program to brick
| your old equipment in exchange for rebates on newer models.
| That was totally wasteful and wanton, and the Internet
| called them out on it.
|
| They have so many competitors now, including the tech
| giants which control streaming. Google is in a feud with
| them and could cut off access.
|
| Sonos is in a very precarious spot.
| clairity wrote:
| > "How have they blown it?"
|
| this kind of negative press does filter out into consumer
| choices over time. and as @fivre pointed out, they're
| getting squeezed out by better-capitalized monopolists,
| losing market- and mind-share to the likes of apple, amazon
| and google. sonos doesn't have the capital to compete, and
| lost their first-mover advantage by stagnating rather than
| leading the market.
|
| (i also block everything but streaming connections for my
| sonos at the router.)
| tomc1985 wrote:
| Sennheiser seems to be doing just fine....
| hakfoo wrote:
| What's odd to me is wireless and self-contained/smart as a
| selling feature. I know there's some appeal in some of the
| integration and multi-room features, but there are plenty of
| platforms offering those features in a wired format with far
| more flexibility and choice. I feel like even if I had an
| infinite budget, something like Sonos doesn't feel like a great
| solution.
|
| The higher-end you're going on audio, the more static things
| become. Yeah, you might take your iPhone dock or Bluetooth
| speaker and move it around, but if you spend $1000 on speakers
| (or 10k on building a listening room), you're gonna want the
| speakers in the sweet spot and left there. If I'm working with
| that constraints, why is having a wireless smart speaker I have
| to tether to a phone or hub any better than if I had just ran
| speaker wire to a receiver? Especially since it still has to be
| wired for power.
|
| At least I know my amplifier isn't spying on me or monetizing
| my endless appetite for Rise Against. Because it was built in
| 1980 but still sounds as good as anything in the same price
| class today.
| crooked-v wrote:
| One of the big factors with Sonos that you won't get out of
| receiver setups is the ability to mix-and-match inputs and
| outputs over a whole house: having one speaker by itself
| playing the news in the morning, having everything in the
| house playing synced music on low in the afternoon, and
| having the home theater set playing a movie in the evening.
| Not needing speaker wire adds to that convenience: you can
| then stick a speaker in the garage or the bathroom in the
| future without laying more wire, as long as you have an
| outlet.
|
| Of course, all of this isn't exclusive to Sonos, but from
| what I understand none of the copycat competitors have
| matched their ease of use so far.
| rtsil wrote:
| Sonos packages practicality, ease of use and WAF (Wife
| Acceptance Factor). They're not the best in pure sound
| quality, flexibility or, it appears, privacy.
| pdonis wrote:
| _> for their intended purpose--streaming music to a network
| connected speaker, Sonos speakers just work great!_
|
| And that should mean they do not _need_ to play these games
| with data collection.
|
| _> They are terrified they are going to get squeezed
| eventually._
|
| Squeezed by _what_? I wish more manufacturers would just make a
| simple freaking product that works great for its intended
| purpose, _and nothing else_. That should be an _advantage_ to
| Sonos against all the other companies that refuse to just do
| that.
| dylan604 wrote:
| But if a company can make money making a product && make
| money by storing some text in a database why wouldn't they?
| /devilsAdvocate
| Nextgrid wrote:
| > keeping a company like Sonos (upscale audio hardware) alive &
| prosperous with the crazy megalithic competitive forces
|
| Make good hardware and sell it at a profit. Problem solved.
| Sonos still has an edge on the actual audio hardware (that none
| of the existing "smart speaker" competition can match, besides
| maybe the HomePod but the lack of Spotify support is a major
| dealbreaker for a lot of people).
|
| In any case, I don't see how data collection helps with any of
| this; selling consumer data alone isn't going to be enough to
| keep the company afloat, and introducing ads into the audio
| stream itself will be a major no-no (unless the speakers are
| given for free, but then the costs of that would outweigh the
| advertising profits). I don't think speakers are a thing that
| can be monetized with data, full stop - and that's okay.
|
| Most likely the whole idea behind the data collection &
| analytics is to justify the salaries of their marketing
| department and give the engineering department something to do
| (analytics show that X percent of customers loved this new
| feature, let's rebuild/expand it) while ultimately all that
| people want is a speaker that plays their Spotify and gets out
| of the way (and unlike other hardware, people aren't - and
| shouldn't be - used to replacing their speakers every year).
| cortesoft wrote:
| > Make good hardware and sell it at a profit.
|
| It really isn't that simple, and I wish people would stop
| acting like making ANY profit is enough to keep a business
| around.
|
| First, making a profit isn't enough... you have to make more
| profit than the people investing money in the company could
| make elsewhere. If you make $1 for every $100 invested, and
| some other company can make $2 for every $100, why would
| anyone invest in the $1 maker? It isn't just about profit, it
| is about the opportunity cost of using capital on something
| that isn't as profitable as other capital uses.
|
| Second, let's say the profit margins are actually pretty
| good, and you make a nice return on this quality hardware you
| make. However, if the quality actually is really good, what
| do you do after everyone who needs your product buys it? You
| either have to build in obsolescence, which everyone rightly
| hates, or you have to switch to making another product. That
| switch is expensive, and cuts into your profit margin...
| assuming your new product is even successful. This is a lot
| of risk.
|
| What that risk means is that investors don't want to be left
| holding the bag when your product reaches market saturation
| and your pivot fails... which is going to make it harder to
| get investment.
|
| Really, Sonos is a great example of what happens when you
| follow your instructions to "make a good product and sell it
| at a profit"... they did that for many years, and made
| money.... but now most people who want a speaker like Sonos
| makes already have them, and their growth has stopped. They
| can still make money on each speaker sold, but they are
| selling fewer of them. So they are trying to pivot to make
| money some other way, and it sounds like it might not be
| going great.
|
| The only sustainable hardware business is to make and sell a
| huge amount of commodity hardware at small margins, and
| simply switch to the next thing once some OTHER company does
| the expensive research and experimentation to create the next
| thing people want to buy.
| tomc1985 wrote:
| All they have to do is survive. They do not need to take
| over the world.
|
| There are other boutique audio hardware companies that do
| not take such a data-heavy approach and they are doing
| fine. As I hinted in my other comment, Sennheiser or
| Klipsch are examples.
|
| Does Bose demand this much access to you and your data just
| to sell you a new WaveRadio or whatever? They even have a
| dedicated retail presence to maintain!
| consumer451 wrote:
| > All they have to do is survive. They do not need to
| take over the world.
|
| The is generally the antithesis of funds that invest in
| tech, is it not?
| BostonEnginerd wrote:
| Bose did get caught vacuuming up user data:
|
| https://www.reuters.com/article/us-bose-lawsuit/bose-
| headpho...
|
| I do agree with your overall point though!
| lotsofpulp wrote:
| > All they have to do is survive. They do not need to
| take over the world.
|
| Depends on their finances, and what the investors are
| looking to get out of it. And they may need to compete
| with the compensation offered by FAANG companies who can
| easily do it with perpetually rising market valuations.
|
| Ability to scale almost infinitely at almost zero
| marginal costs makes consumer tech products involving
| decent software quite a difficult business to be in.
| Animats wrote:
| _I don 't see how data collection helps with any of this_
|
| If you're selling an upscale product, you can sometimes
| collect upscale intel. Something useful for stock trading,
| perhaps.
| adkadskhj wrote:
| Sonos have had me curious for a while. I often use in-home
| small bluetooth speakers and frankly i'm happy enough with them
| - i just want more of them, with more power.
|
| So for louder, phone connected speakers would you still
| recommend Sonos? Ie i'm not sure i need the idea of multiple
| rooms playing the same thing. I'd love it, but my wife wouldn't
| hah. However i do want (decent) quality speakers in all rooms
| that i can play music on, and i'm largely satisfied with the
| bluetooth-phone experience. I'm just not satisfied with my tiny
| bluetooth speaker quality or sound level.
|
| Any opinion of if i should look into Sonos? Or would cheaper
| bluetooth speakers fit better?
|
| _(edit: Sidenote, the voice assistant option is a downside for
| me. Otherwise i 'd probably own a few Apple HomePods)_
| pletnes wrote:
| I prefer sonos for my own reasons. Bluetooth sucks power from
| my phone. Sonos connects over wifi and the phone isn't
| involved in the streaming. I can remote control sonos from
| the spotify windows app or webapp on my laptop. Also the
| multi-speaker functionality is great. I don't use it often,
| but if doing work around the house it's nice to hear the
| audio stream just continue. Not a gamechanger itself though.
| HeyImAlex wrote:
| I have three of their little speakers and a sound bar and I'm
| pretty happy. No connecting/disconnecting bluetooth, no
| walking out of range and the sound getting choppy, I can
| select which speaker I want to play directly from spotify or
| open the app and play multiple rooms at once. Not sure how
| well it works (or if it even can) as a direct bluetooth
| speaker. I think it's more like a little music server and
| your phone is just the remote.
| lostlogin wrote:
| I had wanted the 5, but it turns out the One is vastly more
| powerful than I need. The volume has never been above
| 1/3rd. They are really good.
|
| The creepiness factor is a significant problem but I hope
| to beat it with network changes and send them some
| feedback. It certainly makes me reconsider further
| purchases.
| nxc18 wrote:
| Sonos works well and I love it generally, but I've been
| really disappointed with their business practices the last
| few years. The S1->S2 debacle really shook my confidence and
| reminded me that I'm tying up a very expensive speaker with
| cheap digital services that could disappear or be obsoleted
| at literally any moment with little notice.
|
| Their whole recycling/permanently destroying speakers debacle
| was also quite annoying.
|
| If you go into expecting the third year and beyond of service
| to be bonus and that you're the product not the customer,
| it's a great fit for your needs.
| cube2222 wrote:
| I've read the article and as far as I understand they use my
| location and data all around my music listening. (I don't
| have voice enabled)
|
| To me that's not a dealbreaker, it may be to you.
|
| I've got a few Sonos speakers, and all around they sound
| great, so I can only recommend them! I've also never had any
| troubleshooting to do with them.
| avianlyric wrote:
| I do wonder if they actually take your location.
|
| I know in iOS a bunch of non-obvious APIs are attached to
| location permissions. Including access to your current WiFi
| network name, which would be used by Sonos to configure
| your speaker during setup.
| fivre wrote:
| "the big players are already fuckers, flaunt the law, and will
| eat competitors' lunches if they don't do same" seems a rather
| sad outlook. if we can't ask companies not to be horrible
| because their predecessors are already horrible, and that we
| should instead just permit everything after to ramp up the
| horribleness in the name of competition, the endgame seems
| rather bleak. we can't just demand that companies be better?
|
| given Sonos' track record with the "lol, can't have anyone
| using an OLD PRODUCT THAT STILL WORKS FINE" thing i'm rather
| unsure we should really give them the benefit of the doubt here
|
| ref https://news.ycombinator.com/item?id=21895086 for "recycle
| mode" fiasco
| jkmcf wrote:
| I've been very critical of Sonos since before these
| incidents, but TBF, they've properly addressed both. I'm not
| sure WHY the client depends on the speaker's hardware
| capabilities, but I'd guess the old client source code was
| complex enough to warrant a rewrite and it wasn't cost
| effective maintaining backwards compatibility.
|
| I don't think there was malice involved. Sonos seems like a
| company that has a very tough time making money, and since
| they IPO'd two years ago they are "responsible" to
| shareholders now (their stock opened at 15 and as of Oct 2 it
| was 15 -- could be worse!). Bricking old products would give
| a profit boost if everyone said ok and bought new products,
| but they underestimated the backlash.
|
| It's the same reason their client sucks -- it will cost a lot
| of money to make native apps that take advantage of the
| respective eco-systems. The client suffices for most people
| so why bother?
|
| That said, I'll go back to being pissed if they release new
| hardware I want and get rid of the 30% discount.
| Nextgrid wrote:
| > it wasn't cost effective maintaining backwards
| compatibility
|
| Open-source the last compatible version of the client and
| let the community maintain it? Or at the very least publish
| the API specification and let the community build a new one
| from scratch?
| kelnos wrote:
| It's a shame this is being downvoted. People paid money
| for these devices, and it's disgusting that we allow
| companies to render inoperative perfectly working
| hardware just because they don't feel like supporting it
| anymore.
|
| Open sourcing the old version of the software might be
| too much to ask for various reasons, but publishing API
| documentation in order to enable third party
| implementations IMO should be legally required in cases
| like this.
| pascalo wrote:
| Yes please to the API bit. I'm maintaining the
| "unofficial Sonos controller for Linux" and it'd help a
| great deal if I didn't have to Wireshark the protocol all
| the time.
|
| https://github.com/pascalopitz/unoffical-sonos-
| controller-fo...
___________________________________________________________________
(page generated 2020-10-04 23:00 UTC)