Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Privacy The Internet

Amazon Devices Will Soon Automatically Share Your Internet With Neighbors (arstechnica.com) 182

If you use Alexa, Echo, or any other Amazon device, you have just over a week to opt out of an experiment that leaves your personal privacy and security hanging in the balance. From a report: On June 8, the merchant, Web host, and entertainment behemoth will automatically enroll the devices in Amazon Sidewalk. The new wireless mesh service will share a small slice of your Internet bandwidth with nearby neighbors who don't have connectivity and help you to their bandwidth when you don't have a connection.

By default, Amazon devices including Alexa, Echo, Ring, security cams, outdoor lights, motion sensors, and Tile trackers will enroll in the system. And since only a tiny fraction of people take the time to change default settings, that means millions of people will be co-opted into the program whether they know anything about it or not. The Amazon webpage linked above says Sidewalk "is currently only available in the US." [...] Amazon has published a white paper detailing the technical underpinnings and service terms that it says will protect the privacy and security of this bold undertaking. To be fair, the paper is fairly comprehensive, and so far no one has pointed out specific flaws that undermine the encryption or other safeguards being put in place. But there are enough theoretical risks to give users pause.

This discussion has been archived. No new comments can be posted.

Amazon Devices Will Soon Automatically Share Your Internet With Neighbors

Comments Filter:
  • How is that supposed to even work?

    • Re:Tile trackers? (Score:5, Informative)

      by hjf ( 703092 ) on Monday May 31, 2021 @09:46PM (#61441448) Homepage

      Mesh network, 900MHz devices. Basically the idea is, if the device isn't able to reach YOUR home router, but it can see your neighbor's router, it can connect through it. Think for example, a motion sensor at the far end of your backyard.

      • by cusco ( 717999 )

        Not quite. If the Tile can't make a good connection to your home router but can reach the neighbor's Ring it will transmit through the Ring to their router.

  • And this is why.. (Score:5, Informative)

    by sit1963nz ( 934837 ) on Monday May 31, 2021 @04:04PM (#61440624)
    I will will NEVER have Amazon, Google, Facebook hardware in my house.
    • Privacy policy: "Amazon does not disclose customer information in response to government demands unless we're required to do so to comply with a legally valid and binding order."

      That's a much weaker standard than "...to comply with a court order".

      Also, they don't say anything about not having contracts with police forces, for example, who are not government.

    • by dargaud ( 518470 )
      I don't see what the fuss is about, is it just because it's Amazon ? The same connection sharing method has been in use for two decades with ADSL and cable modems, pioneered by FON IIRC. Where I live, all 3 main internet providers activate it by default in their provided broadband modems. Of course you can disable it, and I did. But if left ON, all it does is possibly suck a bit more power. And when you travel in cities you can always easily find free wifi thanks to this method. I haven't heard of vulnerabi
    • Only Apple and their mesh network for the AirTags, on which a researcher recently showed how anyone can help themselves to your bandwidth?

  • by Pierre Pants ( 6554598 ) on Monday May 31, 2021 @04:10PM (#61440650)
    then you're not the type of person who actually cares about this, or about many other things that reasonably intelligent people care about.
  • to install 0.0.0.0 amazon.com to the hosts file
    i want a list of all amazon's domain names, and post it to github
  • A) I refuse to have these spies in my domicile
    B) If I did, I would go through all the setup screens and not only change the default password, but disable this kinda shit

    That said, my sister has a couple of the things and A) They all have default passwords; and B) setup screens? What are those? I plugged them in and they worked. What's your problem?
  • I feel as if we just talked about this.

    Oh, yes, we did talk about it [slashdot.org], back on the 17th.

    I said it there and I'll say it again: Amazon veered hard off-course and into crazy town with this feature. It's so easy to abuse this sort of access for nefarious purposes, and many of us called out several obvious examples of what bad actors could do with a system as open as this one. Even with the bandwidth limits and data caps it has, it's sufficient bandwidth for transmitting 1 minute of 720p footage every 10 minutes

  • what? again? does this mean I have to check the settings this week as well, persistent little bugger.
  • So.... (Score:5, Insightful)

    by Malays2 bowman ( 6656916 ) on Monday May 31, 2021 @04:43PM (#61440776)

    If illegal material is shared, guess who gets slammed with legal charges

    (Hint: It won't be Amazon)

  • by clambake ( 37702 ) on Monday May 31, 2021 @04:53PM (#61440800) Homepage

    If my internet is down it's because there's a power outage or something, and I expect my neighbors are down, too. The only use for this is random people wandering by to steal bandwidth.

  • Good! (Score:4, Insightful)

    by Gravis Zero ( 934156 ) on Monday May 31, 2021 @05:01PM (#61440820)

    This is a great way for people to learn to stop trusting the internet of shit.

  • by oldgraybeard ( 2939809 ) on Monday May 31, 2021 @05:24PM (#61440886)
    share a small slice" service huh? so how much are they paying people for allocating/reselling their internet resources?
    • Iduno if its against the comcast TOS to have this service active, but its for sure against the comcast TOS to get paid for it, as that would turn you into an ISP.

  • Seems like turning this on without active consent may turn out to be illegal in at least some jurisdictions. (Might even qualify as theft depending on the specific laws in effect.) And, for that matter, it may even violate the terms of service from the device owner's ISP and lead to them having their internet disconnected. And then there's the liability quagmire for some random passerby or neighbor doing something illegal on the device owner's internet connection. I'm kind of hoping Amazon gets a major lega

    • by Nkwe ( 604125 )

      Seems like turning this on without active consent may turn out to be illegal in at least some jurisdictions

      You clicked on that agreement when you installed your Amazon device right? (or you continue to use your Amazon account?) Guess what, you actively consented. Not saying that this is right, but it's how it seems to be.

      • by schwit1 ( 797399 )

        You're missing the point. The homeowner has a EULA, T&Cs and AUP with the ISP. Do those ISP agreements permit the homeowner to enter into an agreement with another party to share the bandwidth?

        I could see ISPs updating the agreements to prohibit just this kind of sharing without the ISP getting a payoff.

        • by Nkwe ( 604125 )

          Do those ISP agreements permit the homeowner to enter into an agreement with another party to share the bandwidth?

          Unknown. My point is that you *also* have an EULA with Amazon that says you allow Amazon's devices to talk to each other and share information, including the bandwidth that you have purchased from your ISP. It is certainly a valid question as to what happens if your ISP and Amazon's EULA/TOS are in conflict. I would guess that ultimately the consumer would be on the hook for entering into a second contract that was in conflict with a prior contract, but that is where lawyers make their money...

          • IANAL, but I'm pretty sure comcast can sue amazon directly for breach of contract if they coerce customers into breaching their contract with comcast.

      • False, did not agree to have them steal bandwidth to give to others.

        • by Nkwe ( 604125 )

          False, did not agree to have them steal bandwidth to give to others.

          Amazon customers probably did agree to that. I seriously doubt that Amazon didn't consider that and update their EULA/TOS to account for it.

  • Seems like riding on your neighbor's amazon devices is a great way to engage in illegal activities on the web.
  • by upuv ( 1201447 ) on Monday May 31, 2021 @07:33PM (#61441206) Journal

    1. These devices are on the inside of your home network. So they will now eat your home bandwidth which means if you have a data cap you just gave some of it to amazon.
    2. Amazon devices are cheap low cost devices. Their whole job in life is to connect to everything and share data with the mother ship. And now you expect this device to securely share your network with random devices?
    3. Amazon devices are cheap low cost devices. Which can be easily overloaded with excess traffic. Especially if you have one in wireless range of a lot of other devices. So example an apartment dweller living above a restaurant. Your device could easily be swamped making your home experience garbage. And you are paying for the privilege to give your net and compute to randoms.

    And if this is not perfectly clear. SECURITY. A thousands ways this is a security disaster.

  • Just wait until someone gets their door kicked in by men with guns at 4:30AM and a flashbang grenade thrown in their baby's crib because someone used the 900MHz band to download child porn. This also violates a lot of end user ISP agreements by effectively "sharing" a residential Internet connection so I'm sure some of the ISPs will have a problem with it.

    Unfortunately, I'd figure that blocking the Amazon IP addresses at the router effectively breaks the intended functionality of the cameras in the first

    • don't take the deal you may need to do jail time and wait for your trail but don't take the deal in that case and when amazon can't give the logs you must aquit!

    • This isn't that.

      Devices on sidewalk are not reaching out to open-ended hosts on the internet. They're conversing with AWS services. Trafficking child porn on Sidewalk would be the equivalent to posting illicit content in an S3 bucket- there is a chain of accountability, and it doesn't involve an innocent bystander whose wifi network got volunteered for this 900mhz whispernet.
    • by mark-t ( 151149 )

      Amazon's retort would doubtless be that these people should be opting out or else stop using the devices entirely.

      To make an analogy from Amazon's perspective, It isn't the city's fault if you keep blowing the breakers in your house for drawing too much power at one time... figure out how to be compliant with the restrictions you have or pay for the necessary upgrades to your property to support it.

  • One legal tatic "they" often use is its your IP address, you must be using it to attach you to a crime. (personally I always thought this was dubious to start with) but now its is even more so as it could be ant of the neighbors. Also many of us do not have unlimited plans and are charegd for traffic. This is going to result in many angry people over unexpected large bills.
  • by misnohmer ( 1636461 ) on Tuesday June 01, 2021 @04:20AM (#61442112)

    So Amazon claims it's secure? What kind of a liability are they accepting for anyone abusing this? If someone uploads illegal content from your internet connection, is there anything in the terms of service that Amazon will provide you with the best lawyers their money can buy to defend you (and cover bail), and if you are in fact found innocent, they will compensate you for all lost income, pain and suffering, and any and all potential future issue stemming from the fact that you were accused in the first place? I doubt it.

    They really should make it an opt-in option and offer to pay for the bandwidth. Then each customer who opts in becomes a provider to Amazon, so they know they are taking a risk, perhaps demand Amazon detail exactly who sent what over their Echo.

  • This is a great way to determine who is nearby who. Perhaps your neighbor just bought a new widget, here is an advertisement because maybe you want to buy one too and keep up with your neighbor?

    -A consumer is puzzled: 'I pulled the plug, how is it still on the internet?'
  • I've been on the internet long enough to not fall for this "big company bad" clickbait. The guy at arstechnica is trying to get you to read something on a site that is chocked full of ads. The irony is probably lost on most but not me. Just because the media is on the internet doesn't mean its not media.

    Anyways this is basically a service where is your neighbors internet is cut their ring camera could hop on yours. We all know wifi can be spotty etc. This is not some guy walking down the street and needs a little extra juice on his phone.

    Going to point of calling Amazon a ISP. Bringing the fact that Amazon has your shopping history. Just piling on for the "I'm scared of big tech" crowd to have a "see...I was right! I was right!" moment. You are not special, they don't care about you, there are 100s of millions of us...get over yourself.

    Should it be opt-in? Probably, or at least advertised, but its not exactly doomsday here people.

Real Programmers think better when playing Adventure or Rogue.

Working...