There is so much about this story that disgusts me, and that’s before getting to the security issues. Please, if you’re in a financial position to spend money on a product like this: don’t. The “willing to overlook” list should be a blueprint for exactly the kinds of things none of us should ever overlook when considering a purchase in this day and age. As long as people keep overlooking those huge red flags, products like this will continue to create e-waste.
at the beginning: “willing to overlook […] It won’t function if the internet goes down”, and later “Personally, I don’t want my bed data accessible to anyone”.
I have no idea what’s going on in these people’s head. How can these two beliefs be held at the same time?
There’s a difference between those two though. I can self host and isolate the first one, if the internet goes down I won’t be able to access it, but it’s not in the cloud and it’s not accessible by everyone.
I think the point is that if your bed (or any other IoT) doesn’t work if it’s not internet connected, you aren’t going to be able to self host (failing some clever rev-eng) and that’s a fair indicator that your ‘bed data’ is already accessible by someone else. So subsequently claiming “I want privacy” is profoundly tone deaf. And in this case, yes, the data is indeed in the cloud (it’s what AWS Kinesis is for). It might not be available to “anyone”, but it is available for “someone” who isn’t sleeping in the bed, and personally, that’s probably too many.
Personally, I still can’t get my head past the simple idea of “I can’t control my bed if the internet isn’t up, and I’m good with that”.
I would like to represent the delegation of broke people in their 20s whose tech salaries are efficiently absorbed by their student loans:
You don’t need a smart bed. My mattress cost $200 and my bedframe cost <50. I sleep fine. I know as people age they need more back support but you do NOT need this. $250 worth of bed is FINE. You will survive!!
I’m not sure I agree. Like if you are living paycheck-to-paycheck then yeah, probably don’t drop $2k on a mattress. But I believe pretty strongly in spending good money on things you use every day.
The way it was explained to me that aligned with my frugal-by-nature mindset was basically an amortization argument. You (hopefully) use a bed every single day. So even if you only keep your bed for a single year (maybe these newfangled cloud-powered beds will also have planned obsolescence built-in, but the beds I know of should last at least a decade), that’s like 5 bucks a day. Which is like, a coffee or something in this economy. I know my colleagues and I will sometimes take an extra coffee break some days, which could be a get up and walk break instead.
You might be young now, but in your situation I would rather save for my old age than borrow against my youth. And for what it’s worth I have friends in their 20s with back problems.
(of course, do your own research to figure out what sort of benefits a mattress will give to your sleep, back, etc. my point is more that even if the perceived benefits feel minimal, so too do the costs when you consider the usage you get)
Mattresses are known to have a rather high markup, and the salesmen have honed the arguments you just re-iterated to perfection. There are plenty of items I’ve used nearly daily for a decade or more. Cutlery, pots, my wallet, certain bags, my bike, etc. None of them cost anywhere near $2000. Yes, amortized on a daily basis, their cost comes to pennies, which is why life is affordable.
Yes, there are bad mattresses that will exacerbate bad sleep and back problems. I’ve slept on some of them. When you have one of those, you’ll feel it. If you wake up rested, without pains or muscle aches in the morning, you’re fine.
I too lament that there are things we buy which have unreasonable markups, possibly without any benefits from the markups at all. I guess my point is more that I believe – for the important things in life – erring on the side of “too much” is fine. I personally have not been grifted by a $2k temperature-controlled mattress, but if it legitimately helped my sleep I wouldn’t feel bad about the spend. So long as I’m not buying one every month.
I think one point you’re glossing over is that sometimes you have to pay an ignorance tax. I know about PCs, so I can tell you that the RGB tower with gaming branding plastered all over it is a grift [1]. And I know enough about the purpose my kitchen knife serves to know that while it looks cool, the most that the $1k chef’s knife could get me is faster and more cleanly cut veggies [2].
You sound confident in your understanding of mattresses, and that’s a confidence I don’t know if I share. But if I think of a field I am confident in, like buying PCs, I would rather end the guy who buys the overly marked-up PC that works well for him than the one who walks a way with a steal that doesn’t meet his needs. Obviously we want to always live in the sweet spot of matching spend to necessity, but I don’t know if it’s always so easy.
[1] except for when companies are unloading their old stock and it’s actually cheap.
[2] but maybe, amortized, that is worth it to you. I won’t pretend to always be making the right decisions.
I personally have not been grifted by a $2k temperature-controlled mattress, but if it legitimately helped my sleep I wouldn’t feel bad about the spend.
Note, because it’s not super obvious from the article: the $2k (or up to about 5k EUR for the newest version) is only the temperature-control, the mattress is extra.
All that said: having suffered from severe sleep issues for a stretch of years, I can totally understand how any amount of thousands feels like a steal to make them go away.
One of the big virtues of the age of the internet is that you can pay your ignorance tax with a few hours of research.
In any case, framing it as ‘$5 a day’ doesn’t make it seem like a lot until you calculate your daily take-home pay. For most people, $5 is like 10% of their daily income. You can probably afford being ignorant about a few purchases, but not about all of them.
One of the big virtues of the age of the internet is that you can pay your ignorance tax with a few hours of research.
Maybe I would have agreed with you five years ago, but I don’t feel the same way today. Even for simple factual things I feel like the amount of misinformation and slop has gone up, much less things for which we don’t have straight answers.
For most people, $5 is like 10% of their daily income. You can probably afford being ignorant about a few purchases, but not about all of them.
Your point is valid. I agree that we can’t 5-bucks-of-coffee-a-day away every purchase we make. Hopefully the ignorance tax we pay is much less than 10% of our daily income.
I think smart features and good quality are completely separate issues. When I was young, I also had a cheap bed, cheap keyboard, cheap desk, cheap chair, etc. Now that I’m older, I kinda regret that I didn’t get better stuff at a younger age (though I couldn’t really afford it, junior/medior Dutch/German IT jobs don’t pay that well + also a sizable student loan). More ergonomic is better long-term and generally more expensive.
Smart features on the other hand, are totally useless. But unfortunately, they go together a bit. E.g. a lot of good Miele washing machines (which do last longer if you look at statistics of repair shops) or things like the non-basic Oral-B toothbrushes have Bluetooth smart features. We just ignore them, but I’d rather have these otherwise good products without she smart crap.
Also, while I’m on a soapbox – Smart TVs are the worst thing to happen. I have my own streaming box, thank you. Many of them make screenshots to spy on you (the samba.tv crap, etc).
Also, while I’m on a soapbox – Smart TVs are the worst thing to happen. I have my own streaming box, thank you. Many of them make screenshots to spy on you (the samba.tv crap, etc).
Yes, absolutely! Although it would be cool to be able to run a mainline kernel and some sort of Kodi, cutting all the crap…
You don’t need a smart bed. My mattress cost $200 and my bedframe cost <50. I sleep fine. I know as people age they need more back support but you do NOT need this. $250 worth of bed is FINE. You will survive!!
I guess you never experienced a period with serious insomnia. It can make you desperate. Your whole life falls in to shambles, you’ll become a complete wreck, and you can’t resolve the problem while everybody else around seems to be able to just go to bed, close their eyes and sleep.
There is so much more to sleep than whether your mattress can support your back. While I don’t think I would ever buy such a ludicrous product, I have sympathy for the people who try this out of sheer desperation. At the end of the day, having Jeff Bezos in your bed and some sleep is actually better than having no sleep at all.
You make some good points why this kind of product shouldn’t exist and anything but a standard mattress should be a matter of medical professionals and sleep studies. When people are delirious from a lack of sleep and desperate, these options shouldn’t be there to take advantage of them. I’m surprised at the crazy number of mattress stores out there in the age of really-very-good sub-$1,000 mattresses you can have delivered to your door. I think we could do more to protect people from their worn out selves.
None of the old people in my family feel the need for an internet connected bed (that stops working during an internet or power outage). Also, I imagine that knowing you are being spied on in your sleep by some creepy amoral tech company does not improve sleep quality.
I do know that creepy amoral tech companies collect tons of personal data so that they can monetize it on the market (grey or otherwise). Knowing that you didn’t use your bed last night would be valuable information for some grey market data consumers I imagine. This seems like a ripe opportunity for organized crime to coordinate house breakins using an app.
I believe the people who buy this want to basically experience the most technological “advanced” thing they can pay for. They don’t “need” it. It’s more about the experience and the bragging rights, but I could be wrong.
I’m sorry to somewhat disagree. The reason I would buy this (not at that price tag, I had actually looked into this product) is because I am a wildly hot person/sleeper. I have just a flat sheet on and I am still sweating. I have ceiling fans running additional fans added. This is not only about the experience unless a good night sleep is now considered “an experience”. I legitimately wear shorts even in up to a foot of snow.
Ouch… Please do not follow this piece of advice. A lot of cheap mattresses contain “cancer dust”[1] that you just breath in when you sleep. You most likely don’t want to buy the most expensive mattress either, because many of the very expensive mattresses are just cheap mattresses made overseas with expensive marketing.
The best thing to do is to look at your independent consumer test results for your local market. (In Germany where I live it’s “Stiftugn Warentest” and in France where I’m from it’s “60 millions de consommateurs (fr).” I don’t know what it is in the US.)
A good mattress is not expensive, but it’s not cheap either. I spend 8 hours sleeping on this every day, I don’t want to cheap out.
[1] I don’t mean literal cancer dust. It’s usually just foam dust created when the mattress foam was cut, or when it rubs against the cover. People jokingly call it “cancer dust”
The headline is incredibly clickbaity and misleading. Bezos and Amazon don’t really have anything to do with the real problems outlined in the article.
It is misleading because the issue is almost completely unrelated to Amazon (that just happens to be the cloud provider being used; the issue would be the same with another provider). The implication of the hyperbolic headline is that Bezos or Amazon have anything to do with the the startup that made the mistake, but clearly that’s not the case. It leads one to expect more Amazon involvement than there is.
Pushing updates instead of user-initiated updates is one of the worst things that human kind have ever invented, and I am only moderately hyperbolic about that. I think almost all modern tech problems, and even many tech industry problems, can be directly tied to it.
Why care about bugs? We can just push out an update! No one will notice! Until their phone randomly reboots while they need to call 911 (which actually happened to me on my Android).
Why care about UX consistency? We can just push out A/B updates and experiment directly on our users! (which meant an app I was trying to teach my grandmother to use was completely different on her system than mine.)
Consistently applying important security updates is something you can most definitely not expect the average user (or even technically sophisticated but lazy users) to do. Bugs are inevitable, no matter how hard you try.
As a person in tech, my only advice for future generations is avoid adding tech to your daily life. More than anything, Big Tech’s main purpose is to add rent seekers to your life.
This always gets me - as a technologist, people are always so surprised to hear I use a dumb phone, hate AI and typically go for the low-tech option when there is one. Why is this still surprising though? I guess “normal” humans don’t spend a single second thinking about the negative sides of technology…
This type of modern tech can essentially be distilled down to a Rube Goldberg machine.
I’m not suggesting we use hot coals to warm up our beds, but rubber based hot water bottles were invented more than 100 years ago. That said, I like the aquarium chiller for cooling down a bed.
The author replaced internet temperature control on a thing they purchased with local temperature control that worked in a way they preferred. In what universe would it ever be illegal to improve a thing that you purchased for your own use in your own home, in a way that doesn’t impact anyone else?
heh, i don’t think that’s what he was asking about being legal. it seems to me he’s asking how the company’s insecurity is allowed.
it’s an interesting question, in medicine we have malpractice, something similar in the US for things like structural engineers, but our “engineering” isn’t really licensed, so there’s no real safety rating on things like this from a data leakage and connectivity standpoint…
the physical bed cooling/heating product would have had to pass a UL rating i think to be able to be sold in the US, but there’s no such rating to ensure it’s secure from a technical/data standpoint
it’s probably too difficult to nail something like that down, especially as new exploits are being found all the time
I completely misread you. I was cruising through the front page as I had my first coffee of the day, read an article about someone modifying their bed cooler to remove some anti-features, and absolutely interpreted the question as “How is this [modification] legal?” Sorry for misreading you! I think @aae nailed the question you were really asking, mostly.
The one thing I’d add to that answer is that, if the FTC were so inclined, they probably could exert enough pressure to at least require such an ssh backdoor to be disclosed up front, if not compel the manufacturer to remove it. I don’t believe any new hard-to-write regulation would even be required for that.
It kind-of is, particularly given the most sensitive nature of the data. Some electronics companies I know also ship their devices with the option to connect to them via SSH - but in contrast to this example, SSH access is documented and off-by-default. They use it mostly to see what’s wrong if a customer calls in because something’s not working, and then ask the customer if they’d be willing to provide remote access for debugging purposes, when the customer needs to enable themself.
I really enjoyed this article, but I kept thinking that this is a very unique blog theme and I’ve seen it before. Then I saw the related article at the bottom about Google’s OAuth flow. These people are definitely doing good work.
I can definitely see the value of a temperature-controlled mattress pad. And I can see the value of it being computer-controlled in some basic way that’s more complicated than a thermostat. But the idea that it then has to connect to a server somewhere is just insane to me. Bluetooth would be fine. If you kept the user-adjustable controls to a minimum, an IR remote would probably be fine. There is no reason in the world that a request for a setting change to my mattress pad needs to go out to an AWS server and come back.
On the IOT thing more generally: hue and brightness controllable LED bulbs are fantastic. The idea of connecting them to my Wi-Fi and from there to the public internet in order to control them is terrifying to me. What I have instead are GE LED+ bulbs that are advertised as having “one” extra feature per bulb design. I have the color changing ones; they have an IR remote. The same remote works on all of them. It’s an absolute delight.
There is so much about this story that disgusts me, and that’s before getting to the security issues. Please, if you’re in a financial position to spend money on a product like this: don’t. The “willing to overlook” list should be a blueprint for exactly the kinds of things none of us should ever overlook when considering a purchase in this day and age. As long as people keep overlooking those huge red flags, products like this will continue to create e-waste.
at the beginning: “willing to overlook […] It won’t function if the internet goes down”, and later “Personally, I don’t want my bed data accessible to anyone”. I have no idea what’s going on in these people’s head. How can these two beliefs be held at the same time?
There’s a difference between those two though. I can self host and isolate the first one, if the internet goes down I won’t be able to access it, but it’s not in the cloud and it’s not accessible by everyone.
I think the point is that if your bed (or any other IoT) doesn’t work if it’s not internet connected, you aren’t going to be able to self host (failing some clever rev-eng) and that’s a fair indicator that your ‘bed data’ is already accessible by someone else. So subsequently claiming “I want privacy” is profoundly tone deaf. And in this case, yes, the data is indeed in the cloud (it’s what AWS Kinesis is for). It might not be available to “anyone”, but it is available for “someone” who isn’t sleeping in the bed, and personally, that’s probably too many.
Personally, I still can’t get my head past the simple idea of “I can’t control my bed if the internet isn’t up, and I’m good with that”.
The data could be end-to-end encrypted. (Though of course, usually it isn’t.)
Usually done by having the same private key for every device, which inevitably gets leaked. We can’t have nice things. :-)
Can’t some things not be cloud?
How many millions would a non-cloud bed company raise from VCs?
I’m sure the Eight Creeps are working on AI powered sleep temperatures right now, and it’s at least worth another 100 million.
No, that’s illegal now.
I would like to represent the delegation of broke people in their 20s whose tech salaries are efficiently absorbed by their student loans:
You don’t need a smart bed. My mattress cost $200 and my bedframe cost <50. I sleep fine. I know as people age they need more back support but you do NOT need this. $250 worth of bed is FINE. You will survive!!
I’m not sure I agree. Like if you are living paycheck-to-paycheck then yeah, probably don’t drop $2k on a mattress. But I believe pretty strongly in spending good money on things you use every day.
The way it was explained to me that aligned with my frugal-by-nature mindset was basically an amortization argument. You (hopefully) use a bed every single day. So even if you only keep your bed for a single year (maybe these newfangled cloud-powered beds will also have planned obsolescence built-in, but the beds I know of should last at least a decade), that’s like 5 bucks a day. Which is like, a coffee or something in this economy. I know my colleagues and I will sometimes take an extra coffee break some days, which could be a get up and walk break instead.
You might be young now, but in your situation I would rather save for my old age than borrow against my youth. And for what it’s worth I have friends in their 20s with back problems.
(of course, do your own research to figure out what sort of benefits a mattress will give to your sleep, back, etc. my point is more that even if the perceived benefits feel minimal, so too do the costs when you consider the usage you get)
Mattresses are known to have a rather high markup, and the salesmen have honed the arguments you just re-iterated to perfection. There are plenty of items I’ve used nearly daily for a decade or more. Cutlery, pots, my wallet, certain bags, my bike, etc. None of them cost anywhere near $2000. Yes, amortized on a daily basis, their cost comes to pennies, which is why life is affordable.
Yes, there are bad mattresses that will exacerbate bad sleep and back problems. I’ve slept on some of them. When you have one of those, you’ll feel it. If you wake up rested, without pains or muscle aches in the morning, you’re fine.
I too lament that there are things we buy which have unreasonable markups, possibly without any benefits from the markups at all. I guess my point is more that I believe – for the important things in life – erring on the side of “too much” is fine. I personally have not been grifted by a $2k temperature-controlled mattress, but if it legitimately helped my sleep I wouldn’t feel bad about the spend. So long as I’m not buying one every month.
I think one point you’re glossing over is that sometimes you have to pay an ignorance tax. I know about PCs, so I can tell you that the RGB tower with gaming branding plastered all over it is a grift [1]. And I know enough about the purpose my kitchen knife serves to know that while it looks cool, the most that the $1k chef’s knife could get me is faster and more cleanly cut veggies [2].
You sound confident in your understanding of mattresses, and that’s a confidence I don’t know if I share. But if I think of a field I am confident in, like buying PCs, I would rather end the guy who buys the overly marked-up PC that works well for him than the one who walks a way with a steal that doesn’t meet his needs. Obviously we want to always live in the sweet spot of matching spend to necessity, but I don’t know if it’s always so easy.
[1] except for when companies are unloading their old stock and it’s actually cheap.
[2] but maybe, amortized, that is worth it to you. I won’t pretend to always be making the right decisions.
Note, because it’s not super obvious from the article: the $2k (or up to about 5k EUR for the newest version) is only the temperature-control, the mattress is extra.
All that said: having suffered from severe sleep issues for a stretch of years, I can totally understand how any amount of thousands feels like a steal to make them go away.
One of the big virtues of the age of the internet is that you can pay your ignorance tax with a few hours of research.
In any case, framing it as ‘$5 a day’ doesn’t make it seem like a lot until you calculate your daily take-home pay. For most people, $5 is like 10% of their daily income. You can probably afford being ignorant about a few purchases, but not about all of them.
Maybe I would have agreed with you five years ago, but I don’t feel the same way today. Even for simple factual things I feel like the amount of misinformation and slop has gone up, much less things for which we don’t have straight answers.
Your point is valid. I agree that we can’t 5-bucks-of-coffee-a-day away every purchase we make. Hopefully the ignorance tax we pay is much less than 10% of our daily income.
I think smart features and good quality are completely separate issues. When I was young, I also had a cheap bed, cheap keyboard, cheap desk, cheap chair, etc. Now that I’m older, I kinda regret that I didn’t get better stuff at a younger age (though I couldn’t really afford it, junior/medior Dutch/German IT jobs don’t pay that well + also a sizable student loan). More ergonomic is better long-term and generally more expensive.
Smart features on the other hand, are totally useless. But unfortunately, they go together a bit. E.g. a lot of good Miele washing machines (which do last longer if you look at statistics of repair shops) or things like the non-basic Oral-B toothbrushes have Bluetooth smart features. We just ignore them, but I’d rather have these otherwise good products without she smart crap.
Also, while I’m on a soapbox – Smart TVs are the worst thing to happen. I have my own streaming box, thank you. Many of them make screenshots to spy on you (the samba.tv crap, etc).
Yes, absolutely! Although it would be cool to be able to run a mainline kernel and some sort of Kodi, cutting all the crap…
I guess you never experienced a period with serious insomnia. It can make you desperate. Your whole life falls in to shambles, you’ll become a complete wreck, and you can’t resolve the problem while everybody else around seems to be able to just go to bed, close their eyes and sleep.
There is so much more to sleep than whether your mattress can support your back. While I don’t think I would ever buy such a ludicrous product, I have sympathy for the people who try this out of sheer desperation. At the end of the day, having Jeff Bezos in your bed and some sleep is actually better than having no sleep at all.
You make some good points why this kind of product shouldn’t exist and anything but a standard mattress should be a matter of medical professionals and sleep studies. When people are delirious from a lack of sleep and desperate, these options shouldn’t be there to take advantage of them. I’m surprised at the crazy number of mattress stores out there in the age of really-very-good sub-$1,000 mattresses you can have delivered to your door. I think we could do more to protect people from their worn out selves.
None of the old people in my family feel the need for an internet connected bed (that stops working during an internet or power outage). Also, I imagine that knowing you are being spied on in your sleep by some creepy amoral tech company does not improve sleep quality.
I do know that creepy amoral tech companies collect tons of personal data so that they can monetize it on the market (grey or otherwise). Knowing that you didn’t use your bed last night would be valuable information for some grey market data consumers I imagine. This seems like a ripe opportunity for organized crime to coordinate house breakins using an app.
I believe the people who buy this want to basically experience the most technological “advanced” thing they can pay for. They don’t “need” it. It’s more about the experience and the bragging rights, but I could be wrong.
I’m sorry to somewhat disagree. The reason I would buy this (not at that price tag, I had actually looked into this product) is because I am a wildly hot person/sleeper. I have just a flat sheet on and I am still sweating. I have ceiling fans running additional fans added. This is not only about the experience unless a good night sleep is now considered “an experience”. I legitimately wear shorts even in up to a foot of snow.
As the article says, you can get the same cooling effect with an aquarium chiller for that purpose. You don’t need a cloud-only bed cooler.
[Comment removed by author]
Ouch… Please do not follow this piece of advice. A lot of cheap mattresses contain “cancer dust”[1] that you just breath in when you sleep. You most likely don’t want to buy the most expensive mattress either, because many of the very expensive mattresses are just cheap mattresses made overseas with expensive marketing.
The best thing to do is to look at your independent consumer test results for your local market. (In Germany where I live it’s “Stiftugn Warentest” and in France where I’m from it’s “60 millions de consommateurs (fr).” I don’t know what it is in the US.)
A good mattress is not expensive, but it’s not cheap either. I spend 8 hours sleeping on this every day, I don’t want to cheap out.
[1] I don’t mean literal cancer dust. It’s usually just foam dust created when the mattress foam was cut, or when it rubs against the cover. People jokingly call it “cancer dust”
source?
https://www.everydayhealth.com/healthy-home/does-your-mattress-contain-fiberglass-how-to-know-and-why-its-dangerous/
wait… is it carcinogenic? Now I’m concerned lol
I wouldn’t know. Because it depends on what the “dust” is. It just lead most reviewer to say “this can’t be healthy”
This article claims that it just lead to lung irritation. But again, I’m just paranoid, with asbestos we started having concerns way too late.
There won’t be a better headline in 2025 anymore. We can skip the year.
The headline is incredibly clickbaity and misleading. Bezos and Amazon don’t really have anything to do with the real problems outlined in the article.
I found it so over-the-top obviously click-bait in such a way that it didn’t bother me. Almost click-bait to be ironic.
Gosh, it’s quite obvious hyperbole. I can’t imagine it actually misleading any reasonable person.
It is misleading because the issue is almost completely unrelated to Amazon (that just happens to be the cloud provider being used; the issue would be the same with another provider). The implication of the hyperbolic headline is that Bezos or Amazon have anything to do with the the startup that made the mistake, but clearly that’s not the case. It leads one to expect more Amazon involvement than there is.
That title is a work of art. I didn’t even know they make IoT beds, this is a ridiculous story all in all and the title is perfectly appropriate.
Love the lobsters screenshot in the post :D
No, they really don’t! It’s a temperature controlled bed, it should be a dead simple closed system.
Pushing updates instead of user-initiated updates is one of the worst things that human kind have ever invented, and I am only moderately hyperbolic about that. I think almost all modern tech problems, and even many tech industry problems, can be directly tied to it.
Why care about bugs? We can just push out an update! No one will notice! Until their phone randomly reboots while they need to call 911 (which actually happened to me on my Android).
Why care about UX consistency? We can just push out A/B updates and experiment directly on our users! (which meant an app I was trying to teach my grandmother to use was completely different on her system than mine.)
etc etc…
Consistently applying important security updates is something you can most definitely not expect the average user (or even technically sophisticated but lazy users) to do. Bugs are inevitable, no matter how hard you try.
As a person in tech, my only advice for future generations is avoid adding tech to your daily life. More than anything, Big Tech’s main purpose is to add rent seekers to your life.
This always gets me - as a technologist, people are always so surprised to hear I use a dumb phone, hate AI and typically go for the low-tech option when there is one. Why is this still surprising though? I guess “normal” humans don’t spend a single second thinking about the negative sides of technology…
The tweet that correlating OpenAPI drama with low quality sleep statistics is so absurd.
This type of modern tech can essentially be distilled down to a Rube Goldberg machine. I’m not suggesting we use hot coals to warm up our beds, but rubber based hot water bottles were invented more than 100 years ago. That said, I like the aquarium chiller for cooling down a bed.
Wow! How is this even legal?
The author replaced internet temperature control on a thing they purchased with local temperature control that worked in a way they preferred. In what universe would it ever be illegal to improve a thing that you purchased for your own use in your own home, in a way that doesn’t impact anyone else?
heh, i don’t think that’s what he was asking about being legal. it seems to me he’s asking how the company’s insecurity is allowed.
it’s an interesting question, in medicine we have malpractice, something similar in the US for things like structural engineers, but our “engineering” isn’t really licensed, so there’s no real safety rating on things like this from a data leakage and connectivity standpoint…
the physical bed cooling/heating product would have had to pass a UL rating i think to be able to be sold in the US, but there’s no such rating to ensure it’s secure from a technical/data standpoint
it’s probably too difficult to nail something like that down, especially as new exploits are being found all the time
Yes, I was asking about the insecurity. The idea of SSH access to all of people’s data seemed absurd
I completely misread you. I was cruising through the front page as I had my first coffee of the day, read an article about someone modifying their bed cooler to remove some anti-features, and absolutely interpreted the question as “How is this [modification] legal?” Sorry for misreading you! I think @aae nailed the question you were really asking, mostly.
The one thing I’d add to that answer is that, if the FTC were so inclined, they probably could exert enough pressure to at least require such an ssh backdoor to be disclosed up front, if not compel the manufacturer to remove it. I don’t believe any new hard-to-write regulation would even be required for that.
It kind-of is, particularly given the most sensitive nature of the data. Some electronics companies I know also ship their devices with the option to connect to them via SSH - but in contrast to this example, SSH access is documented and off-by-default. They use it mostly to see what’s wrong if a customer calls in because something’s not working, and then ask the customer if they’d be willing to provide remote access for debugging purposes, when the customer needs to enable themself.
[Comment removed by moderator pushcx: Political arguments aren't topical here.]
I really enjoyed this article, but I kept thinking that this is a very unique blog theme and I’ve seen it before. Then I saw the related article at the bottom about Google’s OAuth flow. These people are definitely doing good work.
I can definitely see the value of a temperature-controlled mattress pad. And I can see the value of it being computer-controlled in some basic way that’s more complicated than a thermostat. But the idea that it then has to connect to a server somewhere is just insane to me. Bluetooth would be fine. If you kept the user-adjustable controls to a minimum, an IR remote would probably be fine. There is no reason in the world that a request for a setting change to my mattress pad needs to go out to an AWS server and come back.
On the IOT thing more generally: hue and brightness controllable LED bulbs are fantastic. The idea of connecting them to my Wi-Fi and from there to the public internet in order to control them is terrifying to me. What I have instead are GE LED+ bulbs that are advertised as having “one” extra feature per bulb design. I have the color changing ones; they have an IR remote. The same remote works on all of them. It’s an absolute delight.