Piracy Notices Can Mess With Your Thermostat, ISP Warns (torrentfreak.com) 242
U.S. Internet provider Armstrong has warned persistent pirates on its network of limiting their access to the thermostats if they didn't play by its rules. From a report: Our attention was caught by a recent letter the company sent to one of its users. The ISP points out that it received multiple copyright infringement notices, urging the customer to stop, or else. [...] While reduced Internet speeds are bad enough, there's another scary prospect. The reduced service level may also prevent subscribers from controlling their thermostat remotely. Not ideal during the winter. "Please be advised that this may affect other services which you may have connected to your internet service, such as the ability to control your thermostat remotely or video monitoring services." Accused pirates who want their full service restored, and regain control over their thermostats, have to answer some copyright questions and read an educational piece about copyright infringement.
Why the fuck is their thermostat exposed to the in (Score:2, Informative)
See subject
Re: Why the fuck is their thermostat exposed to th (Score:5, Informative)
They are only pointing out what other ancillary services might be interrupted if the ISP shuts off the Internet. The ISP is hoping scare tactics will result in compliance. I donâ(TM)t think the ISP intends to log into the device and change its password or anything like that. They are merely saying âoethink of everything else you use the Internet for, donâ(TM)t lose all that functionality because you are piratingâ.
Re: (Score:2, Flamebait)
/* get off my lawn mode */ ...and this is probably real good reason why you shouldn't put vital crap like home HVAC into the IoT bucket. Getting up to change the thermostat once in awhile isn't going to kill you, and while an automated home HVAC control setup might save you a few pennies each month, there are models out there which don't require an Internet connection or smartphone app that perform much the same energy-saving measures. /* end */
Re: (Score:3)
I would say a mechanical thermostat like a Honeywell Econostat is good enough. Yes, it may break due to the bimetallic spring and movement, but they are vary reliable. As an added bonus, without physical access, they can't be accessed from remote.
It may be nice to have a programmable thermostat to raise/lower temperature, but it definitely isn't a necessity.
What gets me is that there are thermostats out there that would malfunction or not work if they didn't have a constant internet connection. These dev
Re: Why the fuck is their thermostat exposed to th (Score:4, Funny)
It may be nice to have a programmable thermostat to raise/lower temperature, but it definitely isn't a necessity.
I'd really like to kill the heat when I go to bed and have it kick back on about an hour before my alarm goes off. If I owned the thermostat in my apartment, that would be worth the upgrade. That does not require IoT access. Being able to control the temperature in my apartment from work seems like a useless feature.
What gets me is that there are thermostats out there that would malfunction or not work if they didn't have a constant internet connection.
What good's a thermostat that can't help with a DDoS attack?
Re: (Score:2)
If your buying into automation of the heat in general I am surprised you don't see the value. It allows you, if you have portable internet, to be more dynamic with that mentality you are already familiar with. For instance, when leaving work you can turn on the heat so its warmed up when you get
Re: (Score:3)
This summer I set our thermostat to 86 while we were away for 3 weeks. When we got home it took the AC about 2 hours to get the house back down to sleeping temps, not exactly a hardship that requiresan always on internet connection to solve. Now if you worked highly variable hours and were single and wanted to avoid that 2 hours of uncomfortable temps while maximizing energy savings I can see it being worthwhile, but that's probably a niche application.
This is why we need net neutrality (Score:5, Insightful)
Your internet provider is a conduit on which multiple services rely. It cannot and should not, by law, be used to control or limit access, or police content either of it's own accord or upon request of external parties.
Of course, personally, I am strongly against connecting any devices (other than computers) in my home to the outside facing network, but that's beside the point.
Re: (Score:2)
Re: (Score:3)
If it were a smart thermostat provided by the cable company and it suddenly stopped functioning it could possibly cause damage to the home broken pipes etc... (it's cold enough today where I live) though my cable company doesn't supply thermostats but the power company does.
This could be a problem for the cable company where as the copyright holder may be able to to ask for the content to be removed or the customer to cease the cable company would still be liable for damages if they cut off service to a sma
Re: (Score:2)
smart thermostat provided by the cable company??? so like the cost to rent it is will be over it's full cost in less then a year.
Re: (Score:2)
My power company has a smart thermostat program where they control the thermostat to give you a reduced power bill. My neighbor wasn't smart enough to tell them to go to hell and found that they were saving him money by turning the AC off during the day when most people are at work except him he is retired...
Re: (Score:3)
Unless his house has zero insulation a load shedding programs shouldn't be a big deal. In every case I've seen the maximum time period an individual subscriber should be shed is 2 hours and even my 1963 low insulation house only has a delta T of about 1 degree F per hour, 2 degrees of rise is barely noticeable.
Re: (Score:2)
I wonder what this alleged thermostat is, if it exists because even a poorly designed connected thermostat should still operate with lower bandwidth. The wording in the paperwork suggests that you might have problems accessing it remotely and that only makes sense if the internet is disconnected. Well, maybe if you have a saturated link combined with a shitty router.
Re: (Score:3)
it sounds to me like the "smart" thermostat is provided by the cable company. In which case this probably isn't a net neutrality issue.
It wouldn't be a NN violation no matter who provided the thermostat. What the ISP is saying isn't "we're going to block all traffic going to your thermostat", but "we're going to limit all of your internet traffic in total, and this will affect IoT devices such as your thermostat."
Since they aren't targeting specific traffic based on where it's coming from, there's nothing related to net neutrality here.
Re: (Score:3)
Sorry, that doesn't say anything about restricting certain packets. That's a possible reading, but one that seems more likely to me is something like "You can't watch a video at 2 frames per second, because your video app will time out."
OTOH, I can't imagine why that would impact your ability to remotely adjust your thermostat. Not unless the controlling app has a really fat data stream, and is sensitive to lag. Possibly the notification was issued by tech services, but then re-written by marketing to be
Re: (Score:3)
Yeah that seemed pretty confusing. Of all the things a bitrate reduction would harm, a connected thermostat should be pretty low on the list. Reduced video stream quality & reduced download speeds make sense as consequences of lower bandwidth.
Re: (Score:2)
So yes, it is about restricting certain packets.
Yes, but based on the type of data the packet contains, not based on where the packet is coming from.
Net neutrality is about being neutral in terms of packet sources and destinations. It has nothing to do with discriminating based on the type of data.
Re:This is why we need net neutrality (Score:5, Insightful)
and meter testing like other utilities (Score:2)
and meter testing like other utilities
Re: (Score:3)
Your internet provider is a conduit on which multiple services rely. It cannot and should not, by law, be used to control or limit access, or police content either of it's own accord or upon request of external parties.
There are plenty of things your ISP "should not be" but the fact remains they are required to play by the rules passed by the lawmakers. If a law is passed saying they are required to cut you off if you pirate the new Star Wars movie, then that's what they have to do. They may (or may no
Re: (Score:2)
Ah, but they aren't doing that. They are going to cut you off if you are merely accused.
they need to get a court order and not some auto (Score:2)
they need to get a court order and not some auto take down.
Re: (Score:2)
they need to get a court order and not some auto take down.
Is that what the law says?
Re: (Score:3)
This is true, but also a bit naive. The ISP has a lot of responsibilty for the laws that get written -- to the point that they are often writing the laws the politicians sign.
Fire the politicians absolutely, but lets not pretend that the ISP is an innocent bystander.
Although in the case of piracy, its more the movie industry than the ISP that is writing the laws ... but in some cases the movie industry and the ISP are related companies so perhaps its a distinction without much difference.
The upshot here is,
Re: (Score:2)
The bigger problem here is that piracy is rarely proven to any legal standard. They just send the notice to essentially random people based on flawed detection methods. You either accept the arbitrary punishment or go to court, which costs you a lot of money.
For that reason courts in the UK have clamped down on the claims quite a bit. There is a huge imbalance of power and the copyright trolls rely on it to function.
It's a lot like the DMCA situation. Costly to defend, and no punishment for false claims.
Re: (Score:2)
If a law is passed saying they are required to cut you off if you pirate the new Star Wars movie, then that's what they have to do.
True, but there is no such law.
Re: (Score:2)
"Accused pirates who want their full service restored, and regain control over their thermostats, have to answer some copyright questions and read an educational piece about copyright infringement"
Yeah, fuck everything about that. Accused != guilty and to decree that those accused have to perform some remedial task akin to completing an anger management course before they get what they paid for back again is spoiling for a lawsuit for breach of contract.
Re: (Score:2)
Net Neutrality only applied to legal content.
https://www.usatoday.com/story... [usatoday.com]
WASHINGTON, D.C. -- The Federal Communications Commission voted Thursday to implement new net neutrality rules designed to make sure Internet service providers treat all legal content equally.
Emphasis mine.
I.e. even if Net Neutrality still applied they'd be allowed to block or throttle bittorrent. And legally they can probably have a 'three strikes and you're out' policy.
What's probably legally dubious even now is to block IOT access to customers who torrent. E.g. if you share an internet connection with someone who torrents and the ISPs blocks access to some critical IOT device, can you sue? Over a heating system I g
Re: (Score:2)
even if Net Neutrality still applied they'd be allowed to block or throttle bittorrent
They are not a court. They cannot rule on whether data is legal or illegal. There are legal uses to Bittorrent - it's a great way to download Linux ISOs for one.
Re: (Score:2)
If people are downloading Game.of.Thrones.S07E07.The.Dragon.and.the.Wolf.AMZN.WEBRip.DDP2 it's pretty obviously illegal and the ISP is allowed to block it.
Reaping what they sow (Score:5, Interesting)
If ISPs argue they can throttle or assign certain traffic to fast lanes (anti-net neutrality), then they're arguing they're not common carriers. If they're not common carriers, then they're liable for the traffic they carry. They will have to track down pirates on their network and enforce copyright lest the copyright holders sue them instead of the actual pirates. They will have to monitor traffic for people plotting crimes, lest they be held liable for aiding and abetting. And if a member of a drug cartel conducts illegal banking transactions, the ISP will be on the hook for money laundering. Someone looks up ways to get away with murder, the ISP will be found complicit. If you can monitor your traffic to detect piracy, what's your excuse for not monitoring it to detect these other things?
That's the Pandora's box the ISPs will open if they decide they don't want to be agnostic to the traffic they carry. But like most people, they're tempted by only the positives of a course of action and blindly ignore the negatives.
Re: (Score:2)
I think what you mean is that the executives think an action will result in the stock price going up now, and will be able to jump ship before the negative long term consequences catch up with them.
Re: (Score:3)
Agreed. This is a big part of the reason some countries are making internet access a basic human right.
We're still in the early teething stages for some of it, but we already see how things like security systems, heat, electricity, news/warnings/emergency notifications, grocery and other life necessity ordering, etc. all can and do routinely involve internet access in their various ways. Yes, you can go to the electric company and pay your bill in pennies...assuming you are able to get there. You could m
Re:This is why we need net neutrality (Score:4, Informative)
You do realize that the reason for the 'segregated TV packages' is so that you don't have to pay for things you don't want or need, right? By far, MOST complaints about cable TV pricing is not about things people DON'T get, it is about having to pay for things they DON'T want. People don't want LESS granularity in cable, they want MORE.
Re: (Score:2)
I am strongly against connecting any devices (other than computers) in my home to the outside facing network
Define "computer".
Re: (Score:2)
Your internet provider is a conduit on which multiple services rely. It cannot and should not, by law, be used to control or limit access, or police content either of it's own accord or upon request of external parties.
Of course, personally, I am strongly against connecting any devices (other than computers) in my home to the outside facing network, but that's beside the point.
Some people just don't get it. This right here, piracy, nothing to do with net neutraility. Zero. About the only relation is Comcast blocking Bittorent cuz it's primary use case is piracy. In fact, that's sort of what gave birth to NN as a law. Anyway, Zero relation. In fact, ISP's are required by the DMCA to take efforts to stop piracy if a content creator reports it occurring on their network. Failure to attempt to block or disconnect illegitimate usage will negate safe harbor rules and the ISP its
Re:This is why we need net neutrality (Score:5, Insightful)
Net neutrality does not mean you get to copy copyrighted material. If you do that, stop having an iot thermostat.
But the ISP would be cutting off your internet connection merely because the copyright holder thinks you're pirating their material.
What happened to innocent until proven guilty?
How do we know the copyright holder isn't making a mistake?
Falsely Accused ‘Pirate’ Wins $101,000 in Attorney Fees [torrentfreak.com]
Grandma endures wrongful ISP piracy suspension [cnet.com]
Sure is a nice Nest thermostat you got there... (Score:5, Funny)
Is it that big of a deal? (Score:4, Interesting)
If you are violating the ISP terms of services, then services may be termed.
Is having your Thermostat blocked that big of a deal? So you get home and your home is 50 degrees and you have to turn it up. and be cold for about an hour?
I mean what would happen if your ISP had an outage? Does your IoT fail when there is no connection?
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Why not, for a heated garage. 50 degrees would be a good temperature. High enough to melt snow, but not wasting energy needlessly.
Also if I am away from my home for a long period of time, I don't want the pipes to freeze, but I don't need the house comfortably warm.
Re: (Score:2)
Yes, it can be big deal if you leave your thermostat off then want to turn it on remotely when the weather turns cold. If you are away for a few days and temperatures drop below freezing that will be real big deal.
Is there a smart thermostat that doesn't have a safety temperature? Nest thermostats, for example, will by default not allow the temperature to fall below 40F, even if they're turned off. And really, why would you ever set them to "off"? The whole point of having a smart thermostat is so that it will do things like figure out when no people are around and lower the temperature to a reasonable minimum to save money.
So, really, the worst case here is that you're away for a while and your house cools to 40
Re: (Score:2)
I'm surprised an ISP's terms of services would have terms directly about piracy. ISPs are just a pipe.
Very rarely are they "just a pipe". Most often, they are also cable companies, selling packages like HBO, etc. Piracy cuts into their business.
ISP name (Score:4, Funny)
Armstrong? More like Strongarm.
Not wanting to freeze to death (Score:4, Informative)
Another reason to get a VPN.
Re: (Score:2)
Another reason to get a VPN.
This. If you are torrenting in the clear in the US (or any country with laws similar to ours) you're an idiot.
Re: (Score:2)
If you download movie theater recorded "CAM"s of currently playing movies, you will get a letter from your ISP. If you're patient enough to wait for the BD-rip, you won't.
If you download episodes of Big Bang Theory, or Game of Thrones, you will get a letter from your ISP. If you're downloading episodes of Mr. Show, you won't.
Things that are current and popular are aggressively defended.
Re: (Score:2)
Re: (Score:2)
Only the ISP has the information tying the IP address to a specific household, and ISPs do not voluntarily provide this information to copyright trolls (though I'd be more worried if your ISP is also a content owner, ala Comcast). All they do is forward along the threatening letters from the troll to the customer.
Are you daft? Media companies can, and more importantly, HAVE compelled this information through the courts. Again, have you all forgotten the RIAA lawsuits against end users already?
Re: (Score:2)
Popularity is a correlation; it directly depends on benefactors being approached by services that probably have a word like "mitigation" in their name.
They pitch noise like "Game of Thrones was downloaded 80,000 times that's one MILLION dollars of moneys, so you're losing out by not hiring us for the bargain of $50,000"
Then there's a second powerpoint at the end of the contract, "we got 40,000 super-serious emails sent which definitely means we scored you like, all the cash ever, in totally-real dollars, so
Re: (Score:3)
I was using this pwned thermostat as my VPN endpoint though!
Re: (Score:2)
Or better, another reason to not have your essential services require Internet access.
Singular points of failure. (Score:4, Insightful)
Sure, a single point of failure is outside of your control may fail but four single points of failure stacked atop each other (power/network hardware/ISP/server) is a recipe for disaster.
Yet another great reason (Score:3)
Yet another great reason to not to connect things to the internet without a great reason.
Re: (Score:2)
IOT toilets, now there's a shitload of shit waiting to happen...
Re: (Score:3)
Flush reversal exploits?
Re: (Score:2)
"Buffer overflow"
Dumb pipes (Score:3)
Re: (Score:2)
Terems of service ... (Score:3)
... is contract law.
I don't have a problem with the ISP, but I have a problem with the ToS.
Copyright owners should be going directly after the perpetrators.
Why don't we have a ToS with the electric company that NO powered devices will work if we violate copyright?
Idle threat (Score:3)
This isn't messing with your thermostat, it's interfering with remote access back to it when you're gone. Something I'm pretty sure 99% of us can't do now anyway and for the 1% who do, lack a substantial need.
Re: (Score:2)
I might guess - and it's only guess, but a plausible one - that their anti-piracy measures may involve blocking incoming connections. It's a good way to render p2p clients less capable without impacting web browsing.
"Smart" devices (Score:5, Insightful)
The good news is that consumers appear to be getting the message that "smart" devices are dangerous; from what I've read, sales are way down. Security vulnerabilities are the most obvious issue, but there's also stuff like this (the vendor fucking with you for unrelated reasons) and the question of long-term support.
Heating and cooling can be matters of life and death. I wouldn't entrust them to the Internet. (Monitoring them, sure, but not controlling them.)
Re: (Score:2)
Heating and cooling can be matters of life and death. I wouldn't entrust them to the Internet. (Monitoring them, sure, but not controlling them.)
At least not without a non-connected way to control them in case of outages, hacking, or vendor being an @$$.
Re: (Score:2)
The good news is that consumers appear to be getting the message that "smart" devices are dangerous; from what I've read, sales are way down. Security vulnerabilities are the most obvious issue, but there's also stuff like this (the vendor fucking with you for unrelated reasons) and the question of long-term support. Heating and cooling can be matters of life and death. I wouldn't entrust them to the Internet. (Monitoring them, sure, but not controlling them.)
Your comment doesn't make sense in the context of the article. As the summary itself said, if your internet access is downgraded, then you might not be able to control your thermostat REMOTELY. Nothing about local control.
And yes, anyone who actively wants to remotely control their thermostat (i.e. the ones who might be affected by this) are precisely the ones that want a "smart" device. By definition.
Re: (Score:2)
The good news is that consumers appear to be getting the message that "smart" devices are dangerous
Meh. I doubt there's a smart thermostat on the market that doesn't have a safety temperature.
Re: (Score:2)
Yup, there's been so much fuckery with IoT stuff and companies closing I'd never trust cloud dependent stuff. I am looking at OpenHAB though for some home automation, you run your own local Hub and can even your own cloud service (ie they make the cloud portion open source too!). Combine that with an open source project I found for ESP8266 based smart devices and now I can do everything that the commercial programs do (and more) without giving up control to anyone else. The local hub will allow everything t
Gotcha now (Score:5, Funny)
Alright, you filthy pirates... Freeze!
What crappy design does this? (Score:2)
What online IoTish thermostat doesn't have a well-defined offline mode in the first place? Is NEST like that? I don't have one but was thinking about it.
There should be no such thing as an online device that doesn't behave properly when the Internet service goes down. Obviously it can't do everything it can do when the service is up but it should at least be programmable to do something reasonable if not desirable.
Why is this different from voice service? (Score:3)
I never heard of someone getting their phone service cut because they were doing something illegal with it.
WTF is an ISP doing trying to play law enforcer? The authorities should get a warrant, tap the traffic, then make an arrest. Or not, if it turns out the evidence wasn't correct.
Then the ISP should update their watchdog software to not give such false positives.
Re: (Score:2)
I never heard of someone getting their phone service cut because they were doing something illegal with it. WTF is an ISP doing trying to play law enforcer? The authorities should get a warrant, tap the traffic, then make an arrest.
I think the whole system was designed to continue protect the government's grant of copyright, but without the huge drain on the public coffers that your proposal would involve.
still think the internet of things (Score:3)
Re: (Score:3)
Re: (Score:2)
This sounds vaguely illegal in and of itself (Score:2)
In a broader sense, this is the questio
Re: (Score:2)
You might be interested to follow that net neutrality thing a little more closely. This is actually a very good argument for it.
There's a difference between (Score:2)
a Programmable and s "Smart" thermostat.
I'd be more concerned about medical equipment in the home that depends on constant internet access to keep someone alive or safe losing connectivity.
Re: (Score:2)
Re: (Score:2)
do pirates have medical equipment at home?
I don't believe they're exclusive Especially with unsecured WiFi routers, or others in the home.
Also interferes with health monitoring (Score:4, Interesting)
My dad used to have a remote monitor for his pacemaker that sent data over the internet to his doctor. Without the remote monitoring, he'd have to make regular trips to the doctor for monitoring (and having an elderly man driving on snowy roads is a risk of its own)
The internet is becoming a utility, and it should be regulated as such - the power company can't turn off your power just because they think you're using electricity to grow marijuana. They can, however, tip off the police about the suspected grow house, but they can't turn off your power.
Legislation needed (Score:3)
This is why we need legislation that treats internet access like the US used to treat the mail. Where mail service used to connect each citizen to the rest of the world and the fidelity of the service was vigorously protected, today we have the internet that does essentially the same thing for the modern world. As such internet access and protection of email should be enshrined into law as a basic right with the same protections of privacy as was the original US mail service.
Re: (Score:2)
Re: Service Level (Score:2)
What I does a solitare game clock in at 100megabytes and use 1 gig of data weekly?
Isp's are about to find out that net neutrailtiy would have been better than fighting advertising networks.
Re: (Score:2)
Out of curiosity, what part of NN would have stopped Joe MoronOnline from downloading a crap malware-loaded binary to his laptop and running it?
Re: (Score:2)
I wouldn't be so sure. This is, after all, "on the internet".
Re: (Score:2)
How is it really extortion? They are pointing out that if their Internet service is cut off they can't connect to devices connected to the Internet because their services is not active.
Re: (Score:2)
Perhaps you could say it is an implied threat... but it's only one that points out the consequences of the decisions that the person makes.
Because the ISP has every right to degrade service for customers who violate the ISP's TOS.... so really all their so-called threat is doing is reminding those who might do so that their could be unintended consequences for such actions.
If I may give a better example of your analogy.... "That's great that you have your driver's license.... it would be a real shame i
Re:Extortion (Score:4, Interesting)
Being a threat, and due process (or lack thereof) have nothing to do with it. 'If you get caught shoplifting you will be prosecuted' is a threat, and is not extortion. 'Pay me $400 or I tell the cops you stole' could be extortion.
Extortion requires you to gain something through coersion. In the first statement, the person making the statement is not gaining anything, and there is no coersion. In the second statement, there is both potential gain and coersion.
In the ISP case, there is neither gain nor coersion.
Re: (Score:2)
Do you have a source for this? I couldn't find anything on the web to support the assertion.
Re: (Score:3)
Not the person you're replying to, but Google still works at finding citations. One of many:
Headline: Walmart halts program that told shoplifters: Pay up or face police ... Shoplifting suspects at stores that use Corrective Education are shown a video describing the program and are given 72 hours to decide whether they will pay or not, according to the Journal. The program costs either $400 up front or $500 later. If they decline, the retailer may pursue "other legal rights to seek restitution and resolve [cnbc.com]
Re: (Score:2)
I am not a customer of the ISP in question so I'm not sure I'm reading it right, but it sounds like this particular ISP doesn't so much "shut off" as deliver less than the customer originally paid for:
Re: (Score:2)
It's 2018 bitch, we're gonna have allegations up somewhere around "laws of physics" by April.
Re: (Score:2)
it sounds like this particular ISP doesn't so much "shut off" as deliver less than the customer originally paid for
No, it sounds like the ISP is delivering exactly what they said they would when both parties agreed to a contract that - among other things - says you can't use their systems and properties and related services to rip off intellectual property. It's not exactly mysterious.
Re: (Score:3)
it sounds like this particular ISP doesn't so much "shut off" as deliver less than the customer originally paid for
No, it sounds like the ISP is delivering exactly what they said they would when both parties agreed to a contract that - among other things - says you can't use their systems and properties and related services to rip off intellectual property. It's not exactly mysterious.
Which would be fine, except there's a rather significant track record of those complaints being not in fact true. There's also no penalty for that, outside of the few cases where the person decided to go ahead and sue and could because they could prove damages in court.
The DCMA is bad, bad law for many reasons, if you've not noticed.
Re: (Score:2)
Given the way devices tend to get redesigned, I'm not convinced that you can expect thermostats that offer remote access to offer local access.
OTOH, since I wouldn't have one in the house, I haven't looked at the current designs. But even if local control exists for all the current designs, I expect them to be "made more efficient" in the future.
Re: (Score:2)
Re: (Score:2)
my 1980s non-internet connected thermostat is so fancy I can set different temps for different times of each day. Both the heater and AC are controlled by it.
So, can save energy when no one home, then bring place to comfy temp for evening.
no "apps", no internet, no hackers
Re: (Score:2)
"Multiple times a day" is a bit more than twice a year isn't it?
Unless you consider "off" and "on" to not be changes in temperature... And then i would question if you even know what thermostats do...