Consumer Reports has analyzed a bunch of popular Internet-connected video doorbells. Their security is terrible.
First, these doorbells expose your home IP address and WiFi network name to the internet without encryption, potentially opening your home network to online criminals.
[…]
Anyone who can physically access one of the doorbells can take over the device—no tools or fancy hacking skills needed.
bl5q sw5N • March 5, 2024 9:24 AM
The article jas a few remarks by Bunnie Huang on the origin of the devices.
“… selling cheap hardware under multiple brand names can increase sales in a product category that’s very popular—until it isn’t, according to Andrew Huang, … the author of “The Essential Guide to Electronics in Shenzhen.” At that point, Huang says, the company will switch products, moving on to the next big thing.
“For the security camera market, a brand is just a brand—think of it more like a marketing agency that can do a bit of injection molding and package design to create a look and feel, but they don’t do much beyond that,” he says. “They don’t hold a lot of inventory, and they flit in and out of existence, surfing the trends of commodity markets.”
Cybershow • March 5, 2024 9:45 AM
We had some fun making this episode last year much of it still
feels apropos the problems of cheap and nasty embedded (and
hidden) surveillance products.
echo • March 5, 2024 9:58 AM
Being an English lady of a certain age I’m somewhat puzzled why the only things exposed aren’t a camera lens and a doorbell and microphone/speaker. And why plug everything into the internet? Like, yes, I get convenience and being networked but really? Isn’t that what we have decent consumer protection laws and retail outlet buyers who know what they’re talking about? For the price of one email Trading Standards can rugby tackle them if they don’t behave.
Anyone who can physically access one of the doorbells can take over the device—no tools or fancy hacking skills needed. Let’s imagine that an abusive ex-boyfriend wants to watch the comings and goings of his former partner and her children.
I don’t have one so that’s not going to work.
To many shoppers, an Amazon’s Choice label might imply that Amazon had deliberately chosen that video doorbell as one to keep in stock, and was promoting it for its quality. But that’s not the way it works.
Tut.
https://www.asa.org.uk/
The Advertising Standards Authority (ASA) is the UK’s independent regulator of advertising across all media. We apply the Advertising Codes, which are written by the Committees of Advertising Practice (CAP).
https://www.asa.org.uk/make-a-complaint.html
Tremble before my POWER!
TimH • March 5, 2024 10:23 AM
Steve Gibson offered advice years ago on wifi security… nest two routers, with the inner one carrying the wired network for the private stuff, and the outer one wifi with routing only allowed to the WAN (internet modem). Both running OpenWRT or DDWRT not the native firmware.
Uthor • March 5, 2024 10:45 AM
The house I bought came with a couple of these. They’re not on my network, but I keep meaning to replace them with non-smart doorbells. But, winter… Maybe once it warms up a bit outside.
Uthor • March 5, 2024 10:47 AM
@TimH
I’m not using any smart devices, but I feel like some will be useful to me in the future (like seeing if my garage door is closed). Just don’t want that stuff on my network. I’ll hopefully remember this when I eventually go down that road.
Doug • March 5, 2024 11:54 AM
@Echo
” And why plug everything into the internet?”
In our case our memory impaired father lives at home with my sibling. The doorbell and two other cameras are there to provide us with information in the event he ever decides to take a runner and head off to parts unknown; we’d know when he left and which way he went. I’m dislike the doorbell function as the ‘bell’ only rings on our phones but not inside the house; people ring the bell, I can see them 3 states away but my sibling living at the home isn’t aware anyone is at the door (she keeps her phone turned down). It’s awesome design! /s
Meghan Ayala • March 5, 2024 12:40 PM
Steve Gibson offered advice years ago on wifi security… nest two routers, with the inner one carrying the wired network for the private stuff
Why? I think people worried that this could allow access to their internal network are worrying about the wrong thing. Browsers have just recently started trying methods to prevent external web sites from connecting to internal networks, which is to say that for years they didn’t. And it seems like some new networked-home-device insecurity is found every week.
The security of people’s internet-connected devices shouldn’t depend on would-be attackers being unable to send packets to them. Didn’t we learn that in the 1990s when internet service providers started blocking port 139? (Well, I guess Microsoft didn’t, because Windows systems were still opening that port 15 years later. I hope they’ve stopped by now.)
lurker • March 5, 2024 12:50 PM
@echo
And why plug everything into the internet?
A question many here have been asking for yonks.
@TimH has an answer, plug this stuff into your intranet; have a separate router to connect to the internet; be very, very careful if you ever connect the two.
Peter A. • March 5, 2024 1:32 PM
“why the only things exposed aren’t a camera lens and a doorbell and microphone/speaker”
So you don’t have to drill holes in your door, or wall. Don’t have to lay any cables. Just stick it to your door with a used chewing gum, press a button while holding your portable computer to it et voilà! Cheap, easy, convenient, but counter-secure.
TimH • March 5, 2024 2:17 PM
@Meghan: Why bother? Wifi passwords are easy to hack, and do you really want some kid a few doors down browsing your files? Also, it’s common to give visitor access to wifi for their phones, and you have no idea what (unknown) malicious apps are on them.
KeithB • March 5, 2024 3:06 PM
@echo
And why plug everything into the internet?
AFAIK, these all take the video and put them on a central server, i.e., not locally stored. I am sure that Ring looks through your video and if it sees a DoorDash delivery, tells DD’s competitor to advertise to you.
vas pup • March 5, 2024 5:56 PM
When physical security depends on good collection, risk assessment and timely response for red flags:
Hours before Hamas attack, IDF noticed dozens of terrorists activating Israeli SIMs
https://www.timesofisrael.com/hours-before-hamas-attack-idf-noticed-hundreds-of-terrorists-activating-israeli-sims/
“At around midnight before Hamas’s October 7 onslaught, Israeli intelligence officials identified that dozens of terror operatives in the Gaza Strip had activated Israeli SIM cards in their phones, the Israel Defense Forces acknowledged on Monday.
In a statement Monday, the IDF and Shin Bet security agency said reports that around 1,000 Israeli SIM cards were activated simultaneously in the Gaza Strip hours before the October 7 onslaught were “false and far from reality.”
They said that in practice, “several indicative signs accumulated, which included, among other things, the activation of only dozens of SIMs, which were activated in previous events in the past.”
“The indicative signs are based on a variety of tools and capabilities, including technological tools whose method of operation cannot be detailed,” the statement added.
As the devices with Israeli SIMs had been activated in the past, without anything happening, this led Israeli intelligence officials to believe Hamas could again be carrying out an exercise, and this was not seen as a definitive sign of a planned attack. They decided to continue consultations on the matter throughout the night.
It is believed that Israeli SIM cards enabled the terrorists better communication in southern Israel during the onslaught.”
Meghan Ayala • March 5, 2024 10:19 PM
@TimH
Why bother? Wifi passwords are easy to hack, and do you really want some kid a few doors down browsing your files?
I’m not sure if you’re agreeing with me or missing the point. Simply being on a local network should not grant anyone access to your files. That’s why we have strong encryption and authentication protocols.
It’s not a terrible idea to put shitty devices on an isolated network, if for some reason one really insists on using shitty devices. But the threat model there is to prevent them from sending stuff like camera images to the internet, not to protect things like file servers that already should be distrusting of the network they’re on.
R.Cake • March 6, 2024 2:40 AM
Just wondering: does anyone on this forum if there are known-good camera doorbell systems? The technology is clearly available to – for example:
1) only take a photo (or video snippet), in defined intervals, if a person is detected moving into, in or out of the defined bounding box
2) locally encrypt and sign this on the embedded secure element inside the camera
3) only then send the encrypted file (or thumbnail) to the server…
4) …which alerts you and allows you to download the video data to your device
5) …which of course would need to have a realistically secure storage for your private ECC key do decrypt for viewing.
this means the camera manufacturer would have to do some more lifting in their HW and SW design, but all of this is clearly feasible.
Clive Robinson • March 6, 2024 4:57 AM
@ R.Cake,
Re : Security systems that are secure.
“Just wondering: does anyone on this forum [know] if there are known-good camera doorbell systems? The technology is clearly available to – for example”
Yes there are, quite a few, but they are not “consumer grade” but “professional grade” and carry not just a significant price tag, they are usually not for sale via outlets but only through “professional service installers” and the like at eye-wateringly expensive prices.
There was once a growing “semi-professional” market but that has been swept away due to hidden third party profits (see my point 6 in the first comment of this thread).
By any reasonable definition of security, any security system that as part of it’s primary function,
“Has to route via third party servers on an insecure public network by deliberate design”
is not secure.
And almost certainly had some kind of “con game” in play as well.
Which is why you find out that Ring and Amazon are running what is actually an extension of the “you are the product not the customer” Internet “Let’s get rich on the theft of PII” idea.
Combined of course through the,
1, Bleed them by rent.
2, Bleed them with forced obsolescence.
Both put in place by the likes of John Deere, Amazon etc to increase profit.
If you look back Ring devices were being given to US Law Enforcement “for free”, who were then using then as “give aways” to people who “over looked” lets call them “places of interest” and the LEO’s acquired access to the Ring servers where all the footage was stored…
There is a private report floating around in the “Private Security” world that does the cost comparisons of getting such surveillance installed and the professional installed and all to obvious “street lamp” systems.
In short it’s way better than 450 to one on average.
The police get the “door bells” given to them, they can be installed by a “community beat officer” in five minutes or so, and about a half hour of installing and demonstrating the app on a householders phone etc it’s done say two hours tops of police officer time maybe a day total with the paperwork etc. They LEO’s then get a copy of the feed via a let’s call it a rental agreement with the commercial organisation that supplies the cameras for free.
Compare that to taking upto six months of negotiation with the city authorities and in some cases upwards of $100,000 to install and run for a year a professional system They LEO’s also have to supply their own monitoring staff and recording equipment. Which is why the LEO’s used to sell access at road junctions and the like to traffic control and auditing firms who packaged it up and sold it back to the city planners as well as commercial radio/TV etc for “live traffic news”.
Cost wise these free Ring and similar devices are a “no brainer” for the LEO’s. The only difficult part is getting some householder to allow the install. This is where the “We are the good guys” comes in. Usually if LEO’s want to put surveillance on a property it’s because of “complaints received” by locals who are having problems with the property. Thus a friendly “Community beat officer” does a little friendly building of bridges and does the old “you need a burglar arm” style sales trick and most house holders “getting it for free” will agree faster than a hat can reach the ground under gravity…
Now what’s in it for the third party company?
Well they also sells those feeds to private “security organisations”. Knowing that the local LEO’s have “put them in” then the sales go at “premium price”.
It’s a variation of the model Palantir uses that has built them up to being some claim the worlds largest security organisation that rivals both the CIA and FBI on coverage and depth of information.
So whilst what you want is quite easy to do, it’s not going to happen the “closed source” commercial way as there is way way to much hidden third party money floating about.
So if you want to start your own FOSS system then good luck, the problem is getting the hardware.
Do you remember what happened with the FCC and WiFi routers?
Expect the same to happen if a FOSS project gains traction.
Oh a friend and I did an informal test recently of just how much “street facing” “home surveillance” there is in London streets[1]. We found in certain areas as many as one in five properties had them… Most of them technically illegal as they were not registered as they are legally required to be via the UK “Information Commissioners Office”(ICO) as a data base.
[1] As I’ve mentioned before you can spot CCTV cameras by a variation on the “red-eye” or “lamping” effect of 180degree internal reflection of focused optics (think those “cats-eyes in the roads). Spotting “CCTV video over WiFi” is also not much of a technical challenge due to “basic traffic analysis” as the shape of the transmissions have certain distinctive features well below the abilities of encryption to hide. So using one to find the other is not difficult either.
Erdem Memisyazici • March 6, 2024 8:54 AM
Maybe if there were lots of package thieves in the neighborhood and the police were not responsive I would get an offline version and hide it somewhere while the camera was set up pointing at the door. In any other scenario it never occured to me to have a 24/7 peephole service you could accidentally share with the world. I also have glass on the sides of the door so it’s not too hard to peek that way from the T.V. room.
I think a service like this makes more sense for the elderly who can’t easily get to the door quickly to look outside and just say, “Who is it?” I don’t see why it would need the Internet in any scenario though.
You should be able to run the data through shielded wires through a hard barrier into some sort of device to share around the house.
If you really needed 90% useless video of the outside of your house for security reasons you could do a motion detection thing, or add an IR camera for an object approaching and record intervals there. From inside the house maybe do an egress only sort of off site archiving for the more clever thief who might go for the storage device on their way out but it should not need the full WiFi network.
On the security side my personal experience has shown me that a weapon inside the house and theft insurance are sufficient precautions. It’s generally a rare event and when it happens you’ll need a deterrant more than evidence. Things are replaceable, people are not.
scratches head I feel like I wrote something quite similar to this comment before on a similar topic. shrugs I simply state the obvious.
Erdem Memisyazici • March 6, 2024 9:17 AM
I lied. I did think about a flying indoor drone for those without cats or children to replace the indoor security cameras that periodically patrols a flight path. Amazon made something like that I think called Always Home Cam (should have patented lol) but I still wouldn’t connect it to the WiFi, it doesn’t need the Internet.
I have a brother in the house who has a floor cleaning robot hooked up to the Internet and as much as I hate that … that’s what he wants to do. To share that data. The same brother wears a heart rate, blood pressure, and blood oxygen level sensor on his wrist hooked to the Internet with apps and all so the companies can tell how he feels about certain ads I guess. I would not share that willingly with strangers.
A second brother bought a crappy virus filled (so said Norton Anti-virus while installing the software it came with) cheap home security camera system which went offline as soon as we went on vacation to Turkey. The positive that came out of that were the cameras. It now looks like we are recording the doorway but really not the case.
If you are going to steal the T.V. just don’t wake me up. Neither of us would be happy about that.
Jelo 117 • March 6, 2024 9:46 AM
The Insecurity of Video Doorbells ends The Loneliness of the Long Distance Runner [1].
Peter A. • March 6, 2024 10:37 AM
Video doorbell is only really needed when the area just outside of your doorway is out of your normal field of view (out of a window etc.), such as around the corner of the apartment block you live in or at the gate of a large property. In the first case it’s up to the apartment block admins so you can’t do much by yourself, in the second case you can afford a true CCTV/intercom system.
Just install an analog optical peephole with a fisheye lens, you lazy chimp. Or a (partially) glass front door.
The only sensible exception I can see is mobility-impaired people. Maybe there are some more situations like this I can’t think of right now. In that case I would go for a peephole, but with a cheap USB camera attached. If it’s not a complete intercom system with door unlocking, it’s pretty useless – you need to walk up to the door anyway.
echo • March 6, 2024 10:55 AM
I’m not hugely sold on a door cam intercom thingy. I have considered a wired one but a fish eye peep hole and door chain is good enough for me. (There are more secure options than a door chain. I have my reasons.) Unlike the more blingy things this arrangement will still be working long after I have expired.
For those that could do without one and still have the mentioned use cases there are alternatives:
For those with assistance and delivery needs:
Clive Robinson • March 6, 2024 11:26 AM
@ Peter A., ALL,
Re : Looking out allows looking back
“Just install an analog optical peephole with a fisheye lens, you lazy chimp. Or a (partially) glass front door.”
Both of which work against you with criminals.
Criminals that attack homes unless they are really stupid want information about if people are in the house or not.
Even frosted glass allows the movements of people inside a house to be seen from an outside observer. Also there are “reverse peephole lenses” that can look back through a peephole.
From experience of being attacked in my home and being stabbed in the head with a screwdriver, nearly loosing an ear because a neighbour dumped a broken trellis at the edge of the property a burglar grabed and swung at full might at my head, and having had to fight with a saucepan a burglar who had got inside and grabbed an eight inch blade kitchen knife from the block in the kitchen… I’ve spent some time thinking about how to cover not just the front but sides and back of the property and the roof as well[1].
The problem for the defender in the main is “wildlife” causing false positives. A pigeon flying to land on a branch can be the same hight and moves about the same speed as a burglar…
For the attacker knowing when and where you are in the house is vital for them unless they are just mad “nutbars” and some actually use “game trail / nature” cameras to scope a place out and see what routines the occupants might have.
There are various tricks you can do with mechanical clock driven switches to give apparent random light changes. But that only works if they can not observe actual movement.
[1] A Jewish friend had art thieves climb up a neighbour’s property bridge across to their roof and lift the roof tiles cut the felt etc, to go after the artwork in my friends home whilst they were asleep in bed (The thieves had tried to bypass the alarms on all the doors and windows).
Winter • March 6, 2024 12:07 PM
@Clive
Re : Looking out allows looking back
Which was one of the problems with the wifi cameras which allows to see whether you open the door, or simply can see when you leave.
For the simple lens, I tend to see a small shutter on the inside to prevent the looking back problem.
Also, in general, you do not want thieves to break and enter when you are at home. So it is not always preferable to keep them in the dark about your whereabouts.
I heard jewelers sometimes have a hardened safe build into their car parked outside the house where they store their merchandise. That way, the more daring and ruthless thieves do not enter the house.
William • March 6, 2024 1:25 PM
Doorbells usually don’t last through winter at my place. There’s a cowbell which is useful to get my attention if I am out in the garden, but nobody ever sees it as a replacement to an electric button.
So, I have my phone number written on a piece of duct tape over the button. That way, I can answer the door even if I am not home. Friends who don’t carry phones tend to know how to use a cowbell so the solution covers most all the bases.
JG5 • March 6, 2024 2:35 PM
A new optical metamaterial makes true one-way glass possible
https://phys.org/news/2024-02-optical-metamaterial-true-glass.html
Peter A. • March 6, 2024 3:28 PM
@Clive: yes, there are drawbacks and almost everything works both ways except time… But a peephole can be covered from inside by a shutter that falls back when you stop holding it up and a glass window (a part of the door or some other window looking out on the doorway) can be covered with blinds, shades, curtains etc. Hiding your movements inside (or your very presence) by covering your windows may be beneficial or not, depending on the situation, but it also works both ways – you cannot see who’s outside and what he’s up to.
@Winter: I have heard some people say they would like to not be at home when the break-in happens, some otherwise. Also depends on the local legal landscape etc.
Clive Robinson • March 6, 2024 5:33 PM
@ Peter A., ALL,
Re : Optical side channels and lamping.
“But a peephole can be covered from inside by a shutter that falls back when you stop holding it up and a glass window can be covered with blinds, shades, curtains etc.”
Only there is a problem, if you use them they have an optical side channel that reveals not just that you are at home but almost exactly where you are when you use them…
A little experiment to try, with the aid of an assistant.
With the peephole with shutter in the closed position go outside in the dark and let your eyes become accustomed to the dark. Then via mobile phone or what ever ask the assistant inside to look out the peephole.
In moving the shutter the light level through the peephole changes, likewise as the human eye is moved into position. But also even if the lights are off inside, the human eye when focused through it acts like a “cats eye” and can be “lamped”[1].
Similar light level changes or lamping occurs with blinds.
So as the insider “defender” you not only reveal you are present in the property to the outside “attacker” but almost exactly where you are, and where your head is[2] which has been known for a very long time as dangerous thing.
To bring it upto date you can use modern night vision systems that use just out of human visual range IR LEDs that will give good “eye shine” even through glass. Anyone with minor technical ability can replace the wide angle IR Led with a narrow focused IR laser diode. Which means that such systems will work from well off the average home lot/plot.
Sufficiently well to read not just pulse rate but respiration rate thus have a reasonable indicator of the insiders age.
[1] The use of “redeye” / “eyeshine” which is 180 degree internal reflection from focused optics, in this case the eyes of living creatures. It has long been used by hunters to more easily find and shoot nocturnal game / pests. The process is traditionally known as “lamping” in the UK where it has been done on foot since the invention of the “carbide lamp”, in the US, Australia and New Zealand it’s done from vehicles and is called “spotlighting” and can work out to several hundred yards with suitable gun optics and light sources. Though fifty yards is normally considered the limit for hunting small nighttime game such as rabbits or predators such as foxes, bobcats, etc,
https://en.m.wikipedia.org/wiki/Spotlighting
Because it’s being made illegal in many places the rifle optics and visible light sources are being replaced with Infrared scopes and a lamp just out of human visual range high power focused IR lasers with ranges upto a mile or more. Basically a robust and high power version of fairly inexpensive “night vision systems”.
[2] It’s known historically that with “keyways” / “key holes” that went through locks and the doors, some people made the mistake of using them as a “spyhole”. Attackers simply waited till the light through the keyway changed then shoved a long “bodkin” needle with poison on it through the key hole into the insiders eye or brain. Some say that such techniques have been in use for well over a thousand years (though I have my doubts).
ResearcherZero • March 7, 2024 11:48 PM
Do you have an overwhelming impulse to share the sensitive or personal details of others —without explicit consent? Don’t would be good advice.
‘https://www.forrester.com/blogs/breaking-down-the-us-executive-order-to-protect-americans-sensitive-personal-data/
ResearcherZero • March 7, 2024 11:59 PM
@William
People just bang on the door even if you place a large label under the doorbell, stating DOORBELL. I tried a larger label with an exclamation mark, but that garnered no attention either. I tore the little sucker off, removed wiring and bits and bobs. I did find that an abusive message telling everyone to go away works. Not for family members unfortunately.
Family members with an overwhelming impulse to share sensitive or personal details without consent.
Clive Robinson • March 8, 2024 1:24 AM
@ ResearcherZero,
Re : Lord of the flies solution.
“I tore the little sucker off, removed wiring and bits and bobs. I did find that an abusive message telling everyone to go away works. Not for family members unfortunately.”
I had a problem with unwanted callers of the “faux-religious” kind who would “bang on the door to save my soul” at unreasonable times…
So I put up a metal door “fly screen” and hung a genuine electrical “risk of death by electrocution” sign on it. And as it crackled and zipped with blue-white arcs connected it via a time switch to a very high voltage generator (much like the hair raising one you get in school 😉
They came to bang on my door at an unreasonable time and got a bit of a shock… So they called the police… Who when they arrived started off on the wrong foot. I pointed to the danger notice on the self closing and latching/locking gate that clearly said “Authorized Access Only” “Qualified Personnel Only” along with the dire warning of death by electrocution symbols, emergency phone number etc. I pointed out that the requirements of the law had been not just complied with but verified and that they were in fact breaking the law as were the very unwelcome faux-religious nut jobs.
As for “family members” yes they can be a problematic issue especially when having been abusive they become “born again” religious nutbars. Last century I made it clear to members of my family that I regarded any contact from them as “harassment” with a “Cease and Desist” notice that formed a legal contract.
In return for them not contacting me in any way again, I would not take legal action against them. They broke it several times on what they saw as “gods work” or similar before the earthly message sunk in via “14 day notice of intention to proceed” letters.
In a “reasonable world” having to use the “sledgehammer on nut” principle would not be required… But as I suspect you’ve found out for some their definition of reasonable behaviour is “very self entitled” and not even remotely close to your definition of “reasonable”.
echo • March 8, 2024 11:39 AM
@Clive
As you note “perimeter defence” isn’t just a matter of the physical but also the bio-psycho-social. How much of a physical threat are they? What is their state of mind and conscious and unconscious emotional and verbal cues? What are the external influencing factors including organisational filters? Sherlock Holmes isn’t complete fiction. Uniforms and changes of fashion can throw your evaluation but with experience you can see through this. There’s a difference between someone just being tired and having a bad day and a fundamental problem waiting to happen. If in doubt you’re usually right…
Sadly there’s this thing called “wayleave”. There’s implied consent for any stranger to knock at your door unless way leave is withdrawn. I’ve had to warn organised religious nutjobs not just once but twice. The second time I pointed out quite firmly for them that way leave was withdrawn that they could delete any and all information they had on me (as I was not their gullible “mark”). If they didn’t then they would face a complaint of harassment and a complaint to the Information Commissioner’s Office (ICO) which comes with a potential fine of up to £100,000. The passive aggressive misogyny and inner conflict between religious indoctrination and male violence I could see play out at his being told what for by a woman of a certain age was a sight.
Oh before I forget. If you’re worried about another violent burglar incursion interior doors are useless. If your property is of the kind which will accommodate it a security door at a pinch point between floors can seal off an entire floor as a safe room. Don’t have a closed door on a bedroom unless you have adequate ventilation. High C02 levels are bad for your health.
As for kitchen knives I don’t recommend knife blocks and wall mounted magnetic knife holders. Better to have a knife stored out of sight given most domestic murders happen in kitchens. I’m thinking of buying/making a lockable wall mounted cabinet with an interior magnetic knife holder to preserve the edges and keep them out of sight and out of mind.
I have found when facing down a rapey man it’s best to make a stand between yourself and the rest of the property with the strong implication the front door is waiting for their exit. They know what the word “Go” means. Further engagement risks violent escalation. If that’s not going well then exit as fast as possible. It happened to me once. Also a friend of mine got home once and a man known to both of us was waiting for her in her bedroom. She pulled the same trick. That situation could have gone badly. Charged misogynistic violence has a very rapid escalation ladder all of its own and can end in murder. The none zero risk of random misogynistic violence is one reason why I have no hand sized heavy or sharp objects in eyeline or easy reach anywhere inside my property.
Once you see the security model evolved over tens of thousands of years play out a lot of on the surface bio-psycho-social behaviours begin to make sense.
Subscribe to comments on this entry
Sidebar photo of Bruce Schneier by Joe MacInnis.
Clive Robinson • March 5, 2024 7:54 AM
@ ALL,
There is a saying,
“Sometimes when you pay for what you get, you really pay for what you get over and over.”
Meaning that “buyer beware” is rather more than a surface effect.
Worse that there is no real correlation between paying more and getting better quality (remember security is part of quality). Also there is not a correlation between paying less and getting less quality (thus security) even though the price difference has to originate from somewhere, the question is “where?”
As a rule of thumb these days you should ask “Why is this connected to the Internet?”
That is what justifies the expense of,
1, added components
2, added software
3, other added such as board area.
And importantly,
4, What does the consumer gain
5, What does the producer gain
6, What do third parties gain.
If your “third party model” includes data brokers, law enforcement, and Governments –and it should– then deciding the price is too high no matter what you pay may or should tell you to make a different purchasing or acceptance model.
Money may not be everything, but peace of mind almost certainly is in the long term.