Internet of shit
-
tl;dr: Somehow an software update was started which locked down the car completely for an hour, trapping the driver and car company representative inside, all while police piled up outside as it was stuck on one of the most heavily patrolled roads in China.
-
@Atazhaia said in Internet of shit:
software update was started which locked down the car completely for an hour, trapping the driver and car company representative inside
Windows Update strike again
-
@Atazhaia said in Internet of shit:
police piled up outside as it was stuck on one of the most heavily patrolled roads in China.
I'm somewhat surprised they didn't decide to tow the thing.
-
@PleegWat said in Internet of shit:
@Atazhaia said in Internet of shit:
police piled up outside as it was stuck on one of the most heavily patrolled roads in China.
I'm somewhat surprised they didn't decide to tow the thing.
Maybe there are safety regulations that there can be no people in the car being towed.
Oh...
-
EU issues a product recall for a shitty "smart watch for children" that has idiots in charge of security:
Source: European Commission's consumer safety program with an unfortunate name
-
Source: @slavin_fpo
(Further comments in that thread suggest that it's supposed to continue working as usual without an internet connection, so it's not entirely clear what went wrong here.)
-
@DCoder it is entirely clear to me what went wrong here.
-
@Gąska said in Internet of shit:
@DCoder it is entirely clear to me what went wrong here.
The "Smart" part
-
So, to me this looks like a potentially promising regulatory regime, if y'know, anybody is willing to let more than complaining happen about IoT bullshititude.
-
@Gribnit this is the most sensible regulation I've ever seen. It actually has a potential to fix everything that's wrong with IoT. But I know the government will find a way to fuck this up entirely too.
-
@Gąska I wanted to reply to that, but you've inb4'd it.
-
-
-
-
-
@hungrier sorry
-
-
@PleegWat said in Internet of shit:
@Atazhaia said in Internet of shit:
police piled up outside as it was stuck on one of the most heavily patrolled roads in China.
I'm somewhat surprised they didn't decide to
towblow up the thing.China'd that for you.
@JBert said in Internet of shit:
Maybe there are safety regulations
Or maybe it's China.
-
Do we have bikes yet?
Electronic shifters are not exactly new but SRAM just released a new electronic and wireless shifter for MTBs.
It also can control their wireless dropper seat post. For non bikers: a device that allows you to raise and lower the saddle through a button on the handle bars. Yes that is a thing on certain MTBs. Idea is mainly you need the saddle at a decent height when climbing and riding it on a flat surface but it gets in your way when you race down the side of a mountain.So far the wireless part doesn't seem to be completely pants-on-head. SRAM claims all communication between the shifter remote (the part on the handlebars) and the gizmo that actually moves the chain to a different cog is encrypted and runs over a secure channel.
But ... there is an app!
Have an article: https://www.pinkbike.com/news/sram-wireless-eagle-axs-drivetrain-explained.html
From the article
Is my drivetrain going to get hacked? Highly unlikely, but that tinfoil hat does look good on you. The shifter and derailleur, as well as the Reverb AXS and its remote, all talk to each other through an encrypted wireless network that SRAM says is proprietary to them. In order to change the functions, you'd need to have the app, know the targeted derailleur's serial number, and have physical access to do the pairing. If your riding buddy does all that, I think he deserves to be able to play a prank on you.
Also ... the cheapest group is way more expensive then my entire (non-cheap) bike.
-
@Luhmann Their APK is one giant mess, and it's all sitting on this thing I'd never heard of before:
I wonder if their 'security' is just a checksum or something, lets do some code-spelunking.
-
@Cursorkeys
As far as I currently understand it the app doesn't control the shifter or dropper directly but allows the remote handlebar thingy to be configured. e.g. what should that button exactly do ... currently
-
@Cursorkeys said in Internet of shit:
I wonder if their 'security' is just a checksum or something, lets do some code-spelunking.
Dibs on "XOR cipher using 'SRAM'".
-
@Zecc said in Internet of shit:
@Cursorkeys said in Internet of shit:
I wonder if their 'security' is just a checksum or something, lets do some code-spelunking.
Dibs on "XOR cipher using 'SRAM'".
Just the GATT UUID and:
.isValidModelNumber
for the Bluetooth devices as far as I can see.
-
@Zecc said in Internet of shit:
"XOR cipher using 'SRAM'"
nah ... the key is just hardcoded 'Shimano'
-
@Cursorkeys said in Internet of shit:
it's all sitting on this thing I'd never heard of before:
They named their framework after an electronic component which is known to fail after a few years, and can even explode in some circumstances. Cute!
( : I know, this only applies to electrolytic and tantalum capacitors, and they don't all fail.)
-
-
@Tsaukpaetra said in Internet of shit:
Like.... I don't know.... A wire?
That wouldn't be innovative enough now would it? Cabled electric shifters already exist. Most bikes however still have mechanical shifters, they work by literally pulling or releasing the cable so that a spring pushes or pulls the chain on the desired cog.
-
@Luhmann said in Internet of shit:
@Tsaukpaetra said in Internet of shit:
Like.... I don't know.... A wire?
That wouldn't be innovative enough now would it? Cabled electric shifters already exist. Most bikes however still have mechanical shifters, they work by literally pulling or releasing the cable so that a spring pushes or pulls the chain on the desired cog.
It could be an electric wire, just to be edgy.
-
@Tsaukpaetra said in Internet of shit:
It could be an electric wire,
but it wouldn't be innovative because both SRAM and Shimano have had electric, wired stuff for years
-
@Luhmann said in Internet of shit:
@Tsaukpaetra said in Internet of shit:
It could be an electric wire,
but it wouldn't be innovative because both SRAM and Shimano have had electric, wired stuff for years
The article also mentions wireless brakes. I can't even...
-
-
@Luhmann There's no stopping you.
-
@JBert
I'm locked in a high gear
-
@Luhmann can we disc-uss this elsewhere?
inb4 ymbnh
-
-
-
@dkf said in Internet of shit:
@Luhmann said in Internet of shit:
SRAM
That keeps confusing me…
My first mental connection when I read that abbreviation was to:—
-
Source: @DannyDutch
-
@DCoder
I like the follow-up thread that spawned:
-
@izzion That makes me wonder if you can shout "Alexa, unlock the front door!" through the letterbox.
-
@mott555 I know voice assistants claim to recognize your voice to prevent things like that. But I'm sure some AI researcher will come up with a set of text-to-speech voices designed to match any voice training.
Even better, imagine if you could design some audio so it sounds like random noises to humans but contain commands for voice assistants. Even embed them into a song or something.
-
-
when a six-year-old asked her family’s new Amazon Echo “can you play dollhouse with me and get me a dollhouse?”
This made me realize we probably have the technology to make AIs that can play and become friends with children.
The dystopia possibilities grow.
-
-
@anonymous234 said in Internet of shit:
imagine if you could design some audio so it sounds like random noises to humans but contain commands for voice assistants. Even embed them into a song or something.
You mean, somewhat like this?
https://www.nytimes.com/2018/05/10/technology/alexa-siri-hidden-command-audio-attacks.html
-
@mott555 said in Internet of shit:
@izzion That makes me wonder if you can shout "Alexa, unlock the front door!" through the letterbox.
-
@Gąska said in Internet of shit:
@Gribnit this is the most sensible regulation I've ever seen. It actually has a potential to fix everything that's wrong with IoT. But I know the government will find a way to fuck this up entirely too.
- At first, the government will rightly regulate everything to an ISO-esque level. Companies will jump through all the hoops to get their code certified
- Once the politician whose pet project this was leaves office to become a Highly Paid Consultant, the program won't get as much attention or funding as it used to
- Backlogs of certifications will build up, leading to lawsuits and/or companies just skirting the law because the resulting fine is less than the cost of lost business
Politicians will be bribedlobbyist will bring forward proposals to allow the industry some level of self-regulation- Someone will put forth a double-speak way of saying "code fucks up sometimes, it's just something we'll have to deal with"
- Some
VultureVenture Capitalist will fund an industry wide "code assurance insurance" scheme. You see, if code fucks up, it causes a monetary loss of some sort. If a company puts out bad code, it has effectively caused a economy wide monetary loss. The users of that software are the ones who lose out. Instead of everyone getting mad and suing each other-- let's just all recognize that Code Fucks Up Sometimes. It's okay. It happens. So, like, how about companies that write code buy "insurance" from me. Then if anyone who uses your software suffers monetary loss, they file a claim with me, and I'll use the "fuck up credits" you've purchased (which, of course, are being invested) to cover those losses. - We end up with real-life actual Inedo Code Offsets, except it's funding some rich asshole's coke habit rather than a children's charity.
-
@anonymous234 said in Internet of shit:
@mott555 I know voice assistants claim to recognize your voice to prevent things like that. But I'm sure some AI researcher will come up with a set of text-to-speech voices designed to match any voice training.
Once again, defeated by the analog hole!
@anonymous234 said in Internet of shit:
Even better, imagine if you could design some audio so it sounds like random noises to humans but contain commands for voice assistants. Even embed them into a song or something.
They're already doing that for image recognition.
-
@TimeBandit said in Internet of shit:
@anonymous234 said in Internet of shit:
Embed them into a song or something.
They have also donated the dollhouse a local children’s hospital.
I'm not sure I'd trust a dollhouse to manage a children's hospital.
-
@Deadfast said in Internet of shit:
I'm not sure I'd trust a dollhouse to manage a children's hospital.
Don't worry about it. The people in charge of hospitals don't actually DO anything except collect a $500k/year salary.