xkcd #3109: Dehumidifier

Title text:

It’s important for devices to have internet connectivity so the manufacturer can patch remote exploits.

Transcript:

[A store salesman, Hairy, is showing Cueball a dehumidifier, with a “SALE” label on it. Several other unidentified devices, possibly other dehumidifier models, are shown in the store as well.]

Salesman: This dehumidifier model features built-in WiFi for remote updates.
Cueball: Great! That will be really useful if they discover a new kind of water.

Source: https://xkcd.com/3109/

explainxkcd for #3109

  • Sibshops@lemmy.myserv.one
    link
    fedilink
    English
    arrow-up
    22
    arrow-down
    1
    ·
    4 months ago

    To steel-man the argument some more, if you have variable-rate electricity, it could turn on when electricity is cheap.

    • dfyx@lemmy.helios42.de
      link
      fedilink
      English
      arrow-up
      9
      ·
      edit-2
      4 months ago

      This can be done with something like Zigbee. Or even simpler: you hook a non-connected device up to a “smart” power socket. No need for the device itself to talk to the outside world.

        • dfyx@lemmy.helios42.de
          link
          fedilink
          English
          arrow-up
          6
          arrow-down
          1
          ·
          edit-2
          4 months ago

          The solution is not more but different connected devices so I can decide for myself what needs to be connected and by which protocol. Get the dumbest device on the market, no wifi, no internal clock, maybe not even a humidity sensor and then, if and only if I need to remote control it, for example to put it on a schedule, I can use the cheapest “smart” device on the market to connect it to an in-house machine that can turn it on and off.

      • Hawke@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        edit-2
        4 months ago

        You still have to have some device connected to the internet. This just transfers the problem from the humidifier to the outlet.

        • ThePantser@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          9
          ·
          4 months ago

          Zigbee is local and if you really wanted to you can use Home Assistant 100% offline it will be just neutered and basic.

          • originalucifer@moist.catsweat.com
            link
            fedilink
            arrow-up
            7
            ·
            4 months ago

            im not sure why all these people jumped from ‘wifi’ to ‘internet’ as if they were the same thing. no one should be exposing their automation devices directly to the interwebs

            • dfyx@lemmy.helios42.de
              link
              fedilink
              English
              arrow-up
              4
              ·
              4 months ago

              Sadly, many wifi-enabled devices only work with some proprietary cloud-service and even if not, they’re only one configuration error (or intentional backdoor) away from talking to the outside. Better have something that isn’t physically able to talk to the internet no matter how badly I fuck up its configuration and my firewall.

              • Norah (pup/it/she)@lemmy.blahaj.zone
                link
                fedilink
                English
                arrow-up
                1
                ·
                4 months ago

                Clearly I just trust my abilities to disable a devices internet access in my router more than you. I also know that my risk factor is really low, because I’m not a journalist or a politician.

                As well, I only buy smart devices that I can lock down, brands like LIFX & Shelly that have cloud services, but don’t require you to connect to them for the device to function over LAN.

            • Cocodapuf@lemmy.world
              link
              fedilink
              English
              arrow-up
              1
              ·
              edit-2
              4 months ago

              Honestly, having any of these vulnerable devices on your network is exposing your whole network, assuming the network is connected to the web.

              Your best off using either a separate network for your smart devices with its own router, or setting up a vlan to keep your smart appliances and actual computers separate.

        • dfyx@lemmy.helios42.de
          link
          fedilink
          English
          arrow-up
          7
          ·
          4 months ago

          I run home automation with lights, switches, outlets, heaters and some more and not a single device has internet access. They all use Zigbee (a simple radio protocol) to talk to homeassistant which is open source and hosted on a machine that lives under my desk.

          Separating tasks between the dehumidifier and outlet has the advantage that each individual device can be a lot simpler, leaving less attack surface. My power outlet can’t read the humidity sensor, it doesn’t need to talk to an external server, it doesn’t even need to know that the thing connected to it is a dehumidifier. It’s just a chip that receives a radio signal and toggles a relay on or off. That’s it.

          Separating the two concerns also lets me replace the devices separately if one breaks or my requirements change. If I suddenly need wifi or bluetooth instead of Zigbee or if it’s for some reason no longer supported by homeassistant, I can just replace a 9€ outlet instead of the whole dehumidifier that could get bricked by the proprietary app losing support.

          • ThePantser@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            5
            ·
            4 months ago

            Home automation is still a dark art as far as the common person is concerned. Full of fear mongering from the media.

            Much like 3D printing was very mystical and full of “oh no 3d printed guns!” We have gone full appliance with 3d printing and it’s no longer gatekeeped by geeks in their basements.

            I’m glad I still have at least one hobby that hasn’t gone mainstream and I can still geek out on ESPHome.

      • cynar@lemmy.world
        link
        fedilink
        English
        arrow-up
        4
        ·
        4 months ago

        Some places do electricity costs in 30 minute periods. If you know cost will spike when everyone gets home, and the sun sets, then running early makes sense. Other times, holding off for an hour might be more useful.