That’s data laundering
this post was submitted on 13 Jan 2024
608 points (95.5% liked)
Privacy
31876 readers
1 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
Damn you! Angry upvote.
I applaud your clean laundry pun.
This sounds like some kind of DDOS attack like the ones that involved connected light bulbs. Malware gets into the light bulb or washing machine and repurposes the infected device to flood targeted servers:
Obligatory meme wisdom:
https://biggaybunny.tumblr.com/post/166787080920/tech-enthusiasts-everything-in-my-house-is-wired
I have an LG washer and dryer on my IoT VLAN and funneled through a pi hole. I've been pleasantly surprised at how quiet and well behaved they are on my network. Hardly ever phone home and only connect to one or two domains. Something is seriously wrong with his dudes washer.
The most noisy devices on my network are my smart TVs. The last time I bothered to look, it wasn’t even close to comparable.
My phone is my most used device. It had something in the ballpark of 800 blocked requests in a day, after an entire day of doomscrolling and heavy use. It was the third most blocked device on my network, behind both of my smart TVs. The “better” TV had ~2400 blocked requests in that same day. The worse one had nearly 3000.
I hadn’t even used my TVs that day.
some software keeps resending requests when they don't go through, so if you didn't block them, the number could've been much, much lower.
of course it's stupid and fuck that, but still.
load more comments
(1 replies)
load more comments
(1 replies)
Smart devices are great, but if it's not Zigbee or Zwave and Home Assistant, it can fuck off.
I like my devices to be dumb but be able to function without internet.
What do Zigbee and Swave do better than others? Btw Tasmota is cool too
Zigbee and zwave are fully local. They can’t decide to phone home over the protocols without your consent. The hubs can if they are wifi connected but that’s a different issue.
Anything on a network, be it wifi or Ethernet, can (attempt to) phone home without any use intervention, and without a wifi connected hub.
load more comments
(2 replies)
They cannot access the internet because they need a bridge to work. The bridge can be open source software like Zigbee2MQTT.
I'm a little new to this stuff myself, but basically those devices are robust enough to get the job done but also simple enough that they don't do anything else. I have Z-Wave for my shades, a temperature/humidity sensor, a tilt sensor for my garage door, a relay for the opener, and a light switch/scene controller for some physical button shortcuts. Very different things, and I don't need an app from each manufacturer. Each device also creates a mesh network with one another, so these devices can have a pretty low-power, low overhead radio for battery life and still work pretty well even if you're reaching far away from your hub.
I haven't used Zigbee but I understand it works pretty similarly. They seem to have some pretty cheap scene controllers so I was thinking of getting on that bandwagon (my shades were Z-Wave and that's what got me into this rabbit hole so I've been using that to start)
Also, an honorable mention for TP-Link's Kasa series. Hardware is pretty solid and while I do need their app to get a device going, it's made pretty well and integrates nicely to Home Assistant. Now if only they'll put out that fan controller they announced a year ago and haven't given a meaningful update over since!
Zwave chips are all made by one company, and the old ones can't be updated against a newer vulnerability.
But each to their own
load more comments
(1 replies)
That's a pretty silly headline for an article that quite clearly states that the issue was with the router's data usage reporting capabilities.
I don't understand the craze of slapping wifi or bluetooth connectivity to everything without giving proper thought. Cameras, television, vehicles, coffee pots, medical devices, laundry machines, hipster juicers... what's next? Is my salt shaker going to have it?
That's a great idea! You can check your salt levels while at work or on vacation. You could even have your salt shaker automatically order more salt from Amazon when the level got too low. Or how about you program your maximum daily salt intake so it closes up when it's reached.
So much potential!
load more comments
(1 replies)
Every washing machine I've owned for the last 30 years has had a delayed start function and I've never used it once, if that simple function is useless I donno what else a WiFi connection could offer
Delayed start, but from your phone, via their totally-not-tracking-infested app. That's why it needs wifi.
Not sure if I need the /s but here it is just to be sure.
Notify you when a cycle is done, but you could do that with a vibration sensor over zigbee and home assistant, or an outlet power monitor.
People simply don't understand there are other low-band wireless local communication protocols other than wifi and maybe IR, and that is completely taken advantage of by companies who deal in user data.
load more comments
(1 replies)
load more comments
(4 replies)
And the bad part is that it is being forced upon us. You can't even find non-smart TVs to buy anymore.
I wouldn't be surprised if appliances come with their own data plan, because the data they collect is valuable.
load more comments
(1 replies)
I've been looking for a breast pump recently - I'd like electric so I don't have to manually pump. All of the ones I could find in the shop required an app to connect to the device. Why? What purpose does that serve me? I'd have to make an account, accept needless permissions and cookies and give them access to very personal data about my boobs and milk production - I went with a manual one instead
Any device that requires an app to function is an immediate deal breaker for me. Same for most things that require "the cloud" to work. Garage door openers, doorbell or other cameras, cooking appliances, door locks, cars, even a basic pedometer to name a few. All of these things will only work temporarily until the company decides it's end of life for any reason.
load more comments
(1 replies)
The spectra is both the highest rated and it doesn't use an app. We have the one with the battery and it is so so convenient and easy to use.
load more comments
(1 replies)
load more comments
(4 replies)
It's possible that it had some vulnerability which was automatically exploited by one of her majesty's secret services (perhaps with help from their US counterparts) to make it a component of their covert infrastructure.
Sounds outlandish, but
load more comments
(1 replies)
Do not buy BS internet connected devices period. There was a time when internet connected devices did exactly they were supposed to do and nothing more. There is literally no reason why most of these devices can't act as their own server and keep your data local and private. Corporations have become far too greedy to trust their cloud won't sell you out in every way it can. The ONLY two reasons a manufacturer adds internet connectivity are:
-
To monitor and collect as much data as possible and/or:
-
To implement a subscription service for something that normally wouldn't require monthly payments.
Corporate closed clouds have proven time and time again that they can't be trusted.
load more comments
(2 replies)
I’m curious what information a wash machine is sending could be useful to anyone?
4gb is definitely a bug ... imagine getting 4gb per data per customer per day ..
It's likely been hacked by someone who guessed the default login details (when was the last time you changed the password on your washing machine), and is being used for malicious purposes such as DDoS attacks.
Hooray for IoT! The worst thing to happen to network security since... ever
My LG washer needed a key printed on a label on the door to connect it to the network. However that isn't to say that once on the network that the network itself wasn't compromised and the washer found as an easy attack surface.
load more comments
(1 replies)
My heat pump can be controlled by an app but it all goes through an external web page for some reason so I noped out of it.
Would be funny as fuck if they were using these devices as Bitcoin miners.
Hackers have used wind turbine farms as bitcoin miners. It's not that far fetched.
For now, it looks like the favored answer to the data mystery is to blame Asus for misreporting it. We may never know what happened with Johnie, who is now running his LG washing machine offline.
Another relatively innocent reason for the supposed high volume of uploads could be an error in the Asus router firmware. In a follow-up post a day after his initial Tweet, Johnie noted “inaccuracy in the ASUS router tool.” Other LG smart washing machine users showed device data use from their apps. It turns out that these appliances more typically use less than 1MB per day.
load more comments
(2 replies)
If you bought a washing machine that needs Internet access you are a fucking idiot.
They don't need wifi, so no, you're not an idiot if you buy one and just leave it disconnected
load more comments
(3 replies)
It’s an older meme sir, but it checks out.
Bloatware has spiraled out of control. It's a consequence of coding becoming easy and accessible. Programming is no longer the domain of idealistic nerds. It is possible for anyone to make garbage tech wares.
Wait, wait, wait. Let's not aim at the wrong thing. Programming becoming accessible is a great, and is not the cause of bloat. Bloat is not even something that can be easily pointed to a single cause, and a lot of things played a role, like poor tech education, companies not giving a fuck and relying on hardware replacement, lack of regulations, big tech corporations having practically monopolies and no incentive to create better products, the high demands of timing for projects, etc.
load more comments
(1 replies)
You mean 3.7kg of load right?
Right? ...
woohoo high tech everything is the best
What program is that?
Looks like Synthetics and Cottons at 60° and 1200RPM. But my guess is that all programs will send data.
load more comments
(2 replies)
That's a clear indication of IoT control being taken over by malicious actor to make it a part of botnet.
Any IoT needs to be secured when connected to Internet (and, not intranet).
load more comments
(1 replies)
view more: next ›