- cross-posted to:
- [email protected]
- cross-posted to:
- [email protected]
You must log in or register to comment.
So, umm, my bed suddenly get too hard or soft at night? Yawn.
I was willing to overlook:
- The bed costs $2,000
- It won’t function if the internet goes down
- Basic features are behind an additional $19/mo subscription
- The bed’s only controls are via mobile app
My man would have been willing to overlook having Jeff bezos himself sleep in his bed with him before realizing what was happening.
I want to learn more about this! Searching for "bed backdoor " right now
Trying very hard not to come to the conclusion that if you waste 2000 bucks on a connected bed, you have only yourself to blame.
Seriously. Unlike dumb TVs, dumb beds are not going away. Buy one for 400 bucks and donate the remainder of your bed-buying fortune. Your body won’t notice and €1600 can do a lot of good.
To be fair it’s more of a mattress than a bed
I’ve read some people get help from the cooling these provide, but I think there’s versions without subscriptions.
Also I’ve read of people buying shit like this in the hope it helps intractable insomnia, and they probably aren’t thinking that clearly, because of sleep deprivation.
I share your suspicions but I’d go further. The bed industry has always struck me as an obvious scam that plays on people’s nebulous health anxieties and also on the tempting cognitive fallacy that, since an 8-hour night is the same amount as an 8-hour workday, the exact physical makeup of your bed is somehow as important as your career or something. It all strikes me as almost completely irrational. People slept for aeons on straw and somehow survived. A bed is a soft flat object, any other abstract properties are just marketing IMO.
Also, eight hours is a modern invention! Throughout most of human history we slept several times a day, rather than just once.
I’m really liking siestas these days and can’t go back to a single eight hour block.
Absolutely. The 8-hour sleep is probably just a marketing invention, related to modern electric light. In pre-modern Europe it was common to get up and do housework in the middle of the night.
I mean, I fully agree with the sentiment, but if you think you won’t notice the difference between a $400 and $2000 bed, you just haven’t slept in one. I got almost 2 hours more sleep a night switching up to a $2000 (dumb) bed.
My partner and I have a basic box spring and a Queen-sized free mattress (from a family member.)
We put a 4” thicc memory foam topper on it and I can easily get 13 hours straight of sleep. It’s horrifying.
As a regular traveler I have slept in a lot of beds. Maybe 300 (sic) in the last decade, of all quality levels. For me it makes all but no difference to how much sleep I get, the only thing that bothers me is when the springs are literally sticking out. So this is all completely anecdotal and I do respect your own anecdote. But I can’t help noticing that I see it repeated in lots of bed adverts.
When you blame consumers for allowing antisocial tech into their lives, you’re doing free work for the tech barons.
So nobody has any agency and we’re all just helpless puppets on strings?
On the contrary. I want people to have their own opinions, and to buy the things that suit their tastes even if they seem silly to me.
And I want those things to have fair, consumer-friendly regulations applied to them.
And when companies try to abuse their consumers, and I want us to criticize the company rather than the consumer.
I can get on board with that.
The email address attached to the public key, [email protected], to me suggests the private key is likely accessible to the entire engineering team.
This assumption is doing a lot of heavy lifting in the authors argument that this is a big deal.
Remember, the “s” in IoT stands for “security”.
I could completely see this email address being a shared email address and not tied to a single user.
How so, it’s clearly a shared account
I don’t think that’s a wild assumption to make
A shared account doesn’t mean everyone who works there has access to it, or that those who do have access aren’t subject to some type of access control.
The article basically goes on to say that the existence of this key makes a huge difference to the security/privacy of the product. It argues that using it, someone could access data from the device, or use it to upload arbitrary code to the device for it to run. However, those are both things the user is already trusting the company with. They have to trust that the company has access controls/policies to prevent individual rogue employees doing the things described. It seems unreasonable to say that an SSH key being on the device demonstrates that those controls aren’t in place.
Great article, with a pretty cool (or warm) solution to the problem.
This is fucked up, but it’s still somehow better than a Murphy Bed backdoor.
