Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Businesses Security

Security Researcher Gets Threats Over Amazon Review (techcrunch.com) 153

Kate Conger, reporting for TechCrunch:Amazon retailers sometimes go to extreme lengths to guarantee good reviews, as security developer Matthew Garrett recently discovered when he wrote a one-star review of an internet-connected electric socket. When Garrett politely pointed out that the socket in question was woefully insecure, he received emails from the manufacturer claiming that the review would get employees fired and that other reviewers were campaigning to get Garrett's review taken down. The socket in question is the AuYou Wi-Fi Switch, a $30 device that lets you turn the power from a wall outlet on and off using your phone. [...] But like so many Internet of Things devices, the AuYou switch seems to have a serious security flaw. As Garrett explains in his review, if your phone is connected to your home Wi-Fi, it sends the on/off command to the socket directly. But if you're not home, your phone sends the command to a server in China, which then passes the command along to the socket. "The command packets look like they're encrypted, but in reality there's no real cryptography here at all," Garrett explained in his review. [...] "Just now my boss has blamed me, and he said if I do not remove this bad review, he will quit me. Please help me," the representative wrote. "Could you please change your bad review into good?" Garrett responded that he would update the review if the manufacturer fixed the flaw. The AuYou representative insisted she would be fired if the review was not updated.
This discussion has been archived. No new comments can be posted.

Security Researcher Gets Threats Over Amazon Review

Comments Filter:
  • by Opportunist ( 166417 ) on Friday July 01, 2016 @03:08PM (#52429207)

    Then I guess you should have made a better product.

    Killing the messenger won't make your product any less shitty.

    • by HeadSoft ( 147914 ) on Friday July 01, 2016 @03:10PM (#52429217)

      Agreed. If her job depends on good reviews and no bad reviews, her days were numbered the day she started work anyway.

      • by Opportunist ( 166417 ) on Friday July 01, 2016 @03:12PM (#52429237)

        If your job depends on someone else not fucking up who you have no control over and cannot influence in any way, you're sitting on an ejector seat and someone else holds the trigger. Get out of that chair as soon as you can.

        • Get out of that chair as soon as you can.

          Or reach over and press the trigger yourself. When a boss gave me "his way or the highway" motivational speech, I left the company. Wasn't long before a dozen senior coworkers headed for the exit after me. The boss road the company all the way into bankruptcy and got fired after the reorganization.

          • The boss road the company all the way into bankruptcy

            Rode. If you think "road" is the right word, ask yourself - "would putting "highway" in instead work?" If the answer is "no", then "road" is the wrong spelling.

            • Rode. If you think "road" is the right word, ask yourself - "would putting "highway" in instead work?" If the answer is "no", then "road" is the wrong spelling.

              I stand corrected.

            • The boss road the company all the way into bankruptcy

              Rode. If you think "road" is the right word, ask yourself - "would putting "highway" in instead work?" If the answer is "no", then "road" is the wrong spelling.

              "The boss Hershey-highwayed the company all the way into bankruptcy" works, though.

          • To stay in the analogy, it is less painful to simply get out of the chair, tell the asshole with the trigger to go fuck himself and leave the room than to hope the chair is really zero/zero and risk spine damage.

            To get out of it, it's better to just quietly drop a 2 weeks notice than to make the shit hit the fan yourself to go with a spectacular bang. Companies that you want to get hired by do not look kindly on that kind of thing.

      • Re: (Score:3, Insightful)

        by Anonymous Coward

        Much more likely her job depends on her ability to manipulate reviewers into taking down bad reviews. She might not even actually be a she, just posing as a woman because women get more sympathy.

        The correct response to her is, "Tough shit, princess!"

    • I'm wondering if I captured some of those packets and replayed them over and over, really fast, maybe I could kill someone for real! :O

      • by Opportunist ( 166417 ) on Friday July 01, 2016 @03:17PM (#52429277)

        That will eventually become a very real threat with the IoT. Think of all the various things we have in our home that could be dangerous if they run without supervision.

        As soon as stoves get wifi, we'll get to see quite a few more fires.

        • Fuck, this ain't the half of it. This one got found, how many do you think didn't?

          Compared to this, icebergs hover over the ocean with it all out on show.

          • by theskipper ( 461997 ) on Friday July 01, 2016 @04:42PM (#52429837)

            Yeah and not limited to insecure transmissions to foreign servers, embedded stock passwords and keys too. If you check out his other reviews, he actually outs them on another product. For example:

            Morjava®MJ-SmallK Intelligent Smart Wifi Plug Socket Wireless Switch Timer Wifi Socket Wifi Smart US Plug for iPhone iPad Android Smartphone APP
            https://www.amazon.com/dp/B01F... [amazon.com]

            "The ugly:

            Oh this is all pretty terrible. To start: the security on this device is a joke. The communication between the app and the device is encrypted with AES, but the encryption key is the same for all devices and is contained within the app - it's "fdsl;mewrjope456fds4fbvfnjwaugfo". This means that it's easy to decrypt any traffic you can see other people send, and also easy to encrypt your own commands. This isn't too much of a problem on your local network (the majority of smart devices will allow anybody on your wifi to control them), but it's awful when it comes to the cloud interface. By default, anyone in the world can send a command to the plug and it'll just perform it. That means anyone can just turn your plugs on and off, and also set the timer. You can avoid the worst of this by setting a password in the app, but there's no sort of rate limiting on the queries so if someone has identified your plug it won't take too long for them to crack your password.

            But wait! There's more!

            It runs ssh by default and has a default root password (" p9z34c"), so anyone on your network can log into it and run whatever they want on it. Anyone who can see your network traffic can decrypt the commands and extract the password, so don't use the app on any untrusted networks. It downloads app updates and plug firmware updates over http and doesn't do signature validation, so anyone can man in the middle you and get you to flash backdoored firmware onto your plug."

            Needless to say, a big thank you to Mr. Garrett for exposing these issues. This is the kind of thing I might buy on a whim and certainly don't have time to figure out what level of security these things are operating at. He's performing a much needed public service.

            • by Grog6 ( 85859 ) on Friday July 01, 2016 @06:05PM (#52430311)

              The common thread for all these phone home vulnerabilities are all going to servers in China.

              Nothing really happens there without the government's knowledge, and probable support.

              Would our government do any less?
              Hell, Their backdoor traffic probably doesn't even show up in the logs, lol.

              The people talking to the security researcher are probably being threatened by the people who designed the backdoors.

              • by St.Creed ( 853824 ) on Friday July 01, 2016 @07:17PM (#52430649)

                The common thread for all these phone home vulnerabilities are all going to servers in China.

                Nothing really happens there without the government's knowledge, and probable support.

                There is a nice Chinese saying (Tian gao, Huangdi yuan) that basically says "Heaven is high and the emperor is far away". It's still very much in vogue. It means most Chinese know that as long as they don't draw attention, they can do a lot of things you might get arrested for - but won't. Demonstrating on Tianmen square is a good way to get that attention, but just being one of a gazillion small electric shops isn't.

                Never attribute to malice what can be adequately explained by incompetence.

              • by AmiMoJo ( 196126 )

                It's built down to a price, which means no money to develop security features and little money to run the server. No conspiracy, you just get what you pay for.

                • Well, it looks like the price of no security is going bankrupt; so perhaps they should have put more thought into the security?

            • Re: (Score:3, Informative)

              by Anonymous Coward

              Not to mention that company is violating the GPL. The next paragraph from his review lays it out:

              It's also running Linux and various other pieces of GPLed software. The GPL is a software license that requires that you either include the source code to the GPLed components when you sell a device, or include an offer to provide the source code on request. This does neither, which is a violation of the license. Unless you meet the requirements of the license, you're breaching copyright. So this device breache

              • There has always been exceptions to the distribution clause in the gpl. This exception covers system libraries and operating systems if they are already readily available from other normal sources.

                It is possible that they do nothing more than configure an operating system for a system on chip processor with the configuration app and do not need any source code.

    • by Anonymous Coward

      I'll hire him to buy the part from China, write better software for it, and resell it at the Apple store for twice the price.

    • Re: (Score:2, Informative)

      by Obfuscant ( 592200 )

      Then I guess you should have made a better product.

      We don't know that the product isn't good. All we know is that there is a convenience option that has a security issue, but which is trivially eliminated by prudent network management. The device itself may function flawlessly and do exactly what you need it to do.

      For example, this [3gstore.com] has a similar "call home to Momma" feature, but by simply blocking outbound connections from it at the router you solve the problem completely. You're left with a pretty reliable remote controllable power switch. I've got four o

      • Re: (Score:2, Insightful)

        by Opportunist ( 166417 )

        So a product being crap doesn't really matter that much if you can easily take care of it?

        So glad you agree that VW shouldn't be required to pay that ridiculous fine.

      • by anarcobra ( 1551067 ) on Friday July 01, 2016 @06:39PM (#52430487)
        If I have to jump through hoops and block traffic from this device just so it's not a security risk, it's not reliable or secure.
        If this device were free I wouldn't complain so much, but in this case you are paying for it.
        • Re: (Score:3, Informative)

          by Obfuscant ( 592200 )

          If I have to jump through hoops and block traffic from this device just so it's not a security risk, it's not reliable or secure.

          Reliability is a different issue than security. And it's not a big hoop. It's a hoop that you should be jumping through whenever you add a device that you don't want talking to the outside world to your net. You have no reason to believe that any device you use isn't trying to talk to someone somewhere these days and especially if the device is advertised as "IoT" and controllable from a mobile device from anywhere in the world. It shouldn't take a bad review on Amazon to tell you this. If you do the bloc

          • My point isn't that you shouldn't block outgoing traffic.
            My point is that now that you know this product phones home, you should not buy it.
            Instead find on that doesn't phone home.
            You can block traffic just in case and still buy hardware that (as far as you know) doesn't open you up to huge security risks.
            • My point is that now that you know this product phones home, you should not buy it.

              You have yet to support your point. Why not buy it? It does the job I want, it does it well and reliably, and it is trivial not only to prevent it from "phoning home" but to actually configure it, and my network, so I can control it from anywhere in the world without that "phone home" feature.

              Instead find on that doesn't phone home.

              I think the point has been made rather clearly that you cannot determine this a-priori, and have to assume that it does whenever it is marketed as being controllable from anywhere in the world.

              You think I should "find

    • Also, there's zero evidence that anyone job is really in danger. It's quite possible... I'd guess probable even... that this is just some PR flack or "social media manager" doing a "pull the heartstrings" effort to get the product's reviews up. One employee sending messages or a dozen, it's probably all one person's (poor) efforts at spin control.

      • Pulling the "heartstrings" with security researchers is usually a pretty bad move.

        We have none. What you mistake for them is the strings that makes us drop the shit on you.

        • by MrKaos ( 858439 )

          Pulling the "heartstrings" with security researchers is usually a pretty bad move.

          We have none. What you mistake for them is the strings that makes us drop the shit on you.

          Another way to look at it is you are protecting the people who would be subject to the consequences of their incompetence. Most of the people buying those products or services don't have the technical knowledge to make an informed evaluation and simply 'trust' the vendor is doing the right thing.

          Well it is proper that a security researcher does not have that trust because their duty is to the people who do have that trust so that they don't get hurt or ripped off as a result of those with just enough know

          • Yeah, that makes me look nicer, I'll go with that.

            In general, though, we've put up with enough bullshit and spin that it is enough for two lifetimes. Yes, also from users. The shortest and also most commonly told lie ever is "nothing", usually told right after being asked what they've done.

  • by orlanz ( 882574 ) on Friday July 01, 2016 @03:10PM (#52429211)

    Now you write another review about how horribly the company treats its employees.

  • by vikingpower ( 768921 ) on Friday July 01, 2016 @03:12PM (#52429231) Homepage Journal

    are not over, yet. By far.

    • That's only the start.

      The IoT hasn't even taken off yet, and I can already tell you that it is going to be ugly. It will be a data harvesting hog, and security and data protection will never be a core element of it until legislators get hit hard by it, and then we'll get laws that make the ones we have concerning the internet look sane in comparison.

      This is going to get very ugly very fast.

      • The problem will be, that the legislators rather than creating laws to improve security in IoT, will instead outlaw breaking into the devices, as they do now with the internet.

        • That's a given, and just like with the internet, people who are willing to break the law won't give half a shit about it.

          This just in, legislators: Criminals don't care about your laws. If I want to steal something from you, I am already committed to breaking a law. Why do you think I'd give a shit about breaking yet another one?

  • by Anonymous Coward

    solution: plug socket into HR system and send shutdown notice

  • by Anonymous Coward

    You can round up your crummy employees and dump them into an incinerator for all I care. I shit on the mass grave where their mothers have been bulldozed into. I hope they die horribly in a gutter of flesh-eating bacteria infection while their kids are sold into sex slavery to cannibals.

  • by Anonymous Coward on Friday July 01, 2016 @03:15PM (#52429269)

    The AuYou representative insisted she would be fired if the review was not updated

    Sadly, that is probably true, and some poor engineer will lose their job, but that engineer probably was under severe pressure to get the thing out the door with absolutely minimal development time in the first place. She probably knew it wasn't great, but had no real choice due to pressure from above.

    Maybe in the end it comes down to the fact that the market does not reward security, it rewards low price. Proper security costs money. The online marketplaces are brutal.

    • by DarkOx ( 621550 )

      See this is problem with free trade right here though. If this thing was manufactured in the states, then the company could probably be held to account one way or another for repairing or replacing faulty products. Sure they might decided to get rid of the engineer who designed this thing, but ultimately they would have some incentive to fix their internal process and try and do some QA.

      Being its a no-name Chinese made product the company will likely just rename itself and be quite beyond the reach of the

    • by tomhath ( 637240 )

      that engineer probably was under severe pressure to get the thing out the door with absolutely minimal development time in the first place

      If you believe that I have a bridge in New York to sell you. Chinese company sells a product that opens your network to a server conveniently located in China. I have a hard time believing that was a mistake.

      • If you believe that I have a bridge in New York to sell you. Chinese company sells a product that opens your network to a server conveniently located in China. I have a hard time believing that was a mistake.

        Even if it was a mistake, the potential for harm is the same.

        (I also have a hard time believing that was a mistake, but either way it's got "Bad News" written all over it.)

        • Well, the potential may theoretically be the same, but the expected damages are probably much higher from an intentional security hole.

      • by suutar ( 1860506 )

        if it were a deliberate attempt to be sneaky one would expect it to be a little more subtle. Instead of using the same key for everything generate a random key, but embed it in the message in a recoverable way, for example.

        Of course, they could be using this to make people _think_ it's too dumb to be deliberate. Hmmm....

    • by umghhh ( 965931 )
      There is a reason why there is no airline ready to send you into heavens (in both meaning of the word) on a plane that has no original spare parts, have not been inspected anyway and where the badly paid crew did not have the possibility to learn proper emergency procedures or even normal ones, This reason is that all these things are illegal and a dumbass that would have tried to do that with his airline would get it locked out of any western market. IoT is at the same time: relative easy to abuse by tech
  • by jishak ( 571556 ) on Friday July 01, 2016 @03:16PM (#52429271)
    Update your review with the responses from the company. Be fully transparent to future customers whoe might be mislead by the company's products. Don't feel bad if someone loses their job because they weren't doing it properly to begin with. I would go so far as to tell the company that if they keep pushing it I would start investigating the security of their other products and possibly educate them about the Streisand Effect with other companies who have tried to do the same thing.
    • by Opportunist ( 166417 ) on Friday July 01, 2016 @03:21PM (#52429295)

      The sad part is that this will not cost the head of the culprit but of the scapegoat. What most likely happened was that some beancounter decided that this piece of crap has to hit the market damn right now because being first trumps being good, every engineer and their dog knew that the product isn't ready for prime time by any stretch, management decided to release it anyway and the engineers will now get to take the heat for the crappy product because, well, weren't they the ones who made it?

      Who should get fired are management and finances, but they will fire the ones who were actually doing the work.

      • The sad part is that this will not cost the head of the culprit but of the scapegoat. What most likely happened was that some beancounter decided that this piece of crap has to hit the market damn right now because being first trumps being good, every engineer and their dog knew that the product isn't ready for prime time by any stretch, management decided to release it anyway and the engineers will now get to take the heat for the crappy product because, well, weren't they the ones who made it?

        Who should get fired are management and finances, but they will fire the ones who were actually doing the work.

        This, I do agree is woefully sad, but none of it excuses a shitty product. Expose an ,i>entire product line, and even those at the top will be affected.

        Common sense needs to push back against shitty time-to-market decisions, especially when it comes to IoT, which can and will affect human lives, not merely jobs.

      • Not first, just another company jumping on a product line.

        They certainly paid more attention to their case molding then they did to their software.

    • by reanjr ( 588767 )

      Emails are subject to copyright. Publishing an email thread without permissions is copyright infringement. I would not suggest doing this when the company has proven itself to be litigious.

  • Internet of Temerity (Score:5, Interesting)

    by StandardCell ( 589682 ) on Friday July 01, 2016 @03:26PM (#52429331)
    The idiocy surrounding IoT is mind boggling at nearly all levels in the chain. Ease of use and security are almost always at odds with each other, and the former typically wins at the expense of the latter. Secure device enrollment, VLANs, air gapping...who needs this crap when you can download an app, put the device on your home network with a button press on the router, and go?

    In this case, we have a bunch of designers without a real background in and/or regard for infosec putting out products that use the "security by obscurity" model and get called out on it. To top it off, it is also the model of personally identifiable information being shipped overseas for who knows how many violations of privacy, and subject to violations of rights by governmental entities monitoring the same information. That this is now common with so many Chinese-made products (especially web cams!) is particularly galling. Even better, the "threats" against this man would normally result in automatic termination of the threatening employee in most Western countries. I suspect this company is like the uncountable numbers of cockroaches on Alibaba, Ebay and Amazon hocking their trash - they'll sell it until they can't, then they'll re-form under a different name and do it again, and think that they're right until they get called out like these idiots did.

    Last year a recruiter presented me for a job at a lighting company in Eastern Pennsylvania for their IoT product efforts with my background in security and cryptography as well as electronics. They passed on me because I didn't have enough of lighting background (which is a hell of a lot easier to pick up than security). When I countered to the recruiter that security was the most important thing for them, he agreed wholeheartedly but said there was nothing he could do to convince them otherwise.

    If this is the future of IoT, I want no part of it.
    • by MobyDisk ( 75490 )

      Actually, it sounds like you should start an IoT company. In a few years, everyone will wake-up and realize that the wave of cyber-attacks on poorly-defined IoT devices has to stop. And a company with products that are already secure will have a serious leg-up on the competition.

  • by Dega704 ( 1454673 ) on Friday July 01, 2016 @03:28PM (#52429337)
    Streisand Effect: Hello there!
    • by rakslice ( 90330 )

      This. Even if it's just the Streisand effect of one.

      I honestly don't understand what whoever decided to send the e-mails was expecting.

      TBH, while I feel sorry for this employee on a personal level if they are indeed begging for their job and they're trying to make ends meet and this is the only job they can get that supports them adequately, whoever decided to send these e-mails really needs to use their head. If the poster feels they're benevolently warning unsuspecting people away from buying a poor qual

  • by hawguy ( 1600213 ) on Friday July 01, 2016 @03:29PM (#52429351)

    I don't care if someone in China can flip my light on and off. Some people are excited excited [youtu.be] when that happens.

    I'd be more concerned about a device on my network creating a persistent connection to a server in China... who knows what packets it's capturing or what it's relaying to that server - maybe it's giving them a full TCP tunnel back into my network?

    • I don't care if someone in China can flip my light on and off.

      I have a switch in my apartment. It doesn't do anything. Every once in a while, I turn it on and off. One day I got a call. It was from a woman in France. She said "Cut it out."

      (Steven Wright quote)

  • by Bruce Perens ( 3872 ) <bruce@perens.com> on Friday July 01, 2016 @03:32PM (#52429363) Homepage Journal

    I recently posted a similar review on Amazon, although mine was regarding a burglar alarm which connects to a server in China and has no encryption. To their credit, the manufacturer has not challenged the review.

    First, it's entirely possible that the management did not realize that the device was not encrypted or that they specified encryption and that the programmer involved provided something very lame like exclusive-OR with a byte. This, however, indicates a failure of due diligence on the part of the management.

    Globally, the quality of employees performing embedded-systems programming for consumer products is dismal. This doesn't mean just China, it's also really bad in the U.S. and South Korea in my personal experience. The employees can not be expected to have any concept of proper security. I have seen lame attempts at encryption, stripping the executable as an anti-reverse-engineering strategy (!), and many other things a competent systems programmer would face-palm upon encountering.

    Firing the employee as a condition of your not removing the review is deceptive. If the employee actually did something wrong (which we can't tell from here) that is the cause of their firing and it should be independent of whether your review stays up or not.

    It's clearly just an attempt to lay guilt upon you for doing the right thing. But the people you should be protecting first are the consumers who could buy this device and rely on it having more security than it actually does. Go on and do the right thing by making this review available wherever people would purchase the device.

    • by hawguy ( 1600213 )

      I recently posted a similar review on Amazon, although mine was regarding a burglar alarm which connects to a server in China and has no encryption. To their credit, the manufacturer has not challenged the review.

      I'm not sure the manufacturer should get credit for being complacent.

    • I recently posted a similar review on Amazon, although mine was regarding a burglar alarm which connects to a server in China and has no encryption. To their credit, the manufacturer has not challenged the review.

      You do not get credit for not doing the wrong thing. You get credit for doing this right thing. In your case, that would be addressing the flaws you uncovered, or at the very least thank you for uncovering them.

    • by eth1 ( 94901 )

      Globally, the quality of employees performing embedded-systems programming for consumer products is dismal.

      It's kind of scary, really. My dad spent decades as an electrical engineer designing ASICs. He lamented that almost the entire last 10 years of his career, he spent following the new generation of EEs around fixing all of their stupid mistakes. And this was for "important" stuff; stuff that he was never able to provide any more detail to me about than "I'm designing a DSP chip" because of classifications; stuff that if my speculation is correct, might get our soldiers killed if it goes awry.

      I'm sure some of

  • It probably isn't true. By which I mean the communications from the seller are a bunch of BS. They are just trying to cajole him into changing the review. Note how the communications moves from coaxing to begging to threats.
  • by bistromath007 ( 1253428 ) on Friday July 01, 2016 @03:41PM (#52429437)
    I only see begging in the summary. Way to go, editors.
    • It's in the headline from Techcrunch, too, and I see no threats towards the author of any kind. Begging, yes. Attempts to guilt him into changing the review, yes. But no threats. It is the fault of the slashdot editors for passing along fearmongering, but not inventing it this time.

      And if you read the Techcrunch article, you'll see what the brouhaha is about, and some pretty amazing statements by the product reviewer. He claims that all you need to know is the MAC address. "If anybody knows the MAC address

  • by MobyDisk ( 75490 ) on Friday July 01, 2016 @03:46PM (#52429463) Homepage

    Perhaps, this was not a mistake, but a "feature" they just never thought anyone would notice.

    Years ago, a friend of mine used Radio Shack plug-n-power AKA X10 modules to control things in his house. The nice ones even had a wireless option where you didn't have to plug-in to a wall socket. One day I went over to his house and, rather than knocking on the door, I toggled the lights in his bedroom repeatedly. Security holes are priceless :-)

    • I assume you are talking about the X10 alarm controller that has a plug-in alarm that activates when the selected device is toggled on and off several times. How hackery of you to use this known function of a simple protocol to annoy your friend. You are a 733t haxor fer sur!
      • by maugle ( 1369813 )
        An easy-to-find security hole is still a security hole.
        • An easy-to-find security hole is still a security hole.

          And we used to live in a world where people didn't try to be assholes to people they call their friends. It used to be that "security holes" were evaluated based on the risks and hazards involved instead of every security hole being "OMFG it's a SECURITY HOLE and the product and developers are crap because there is one."

          I know, times have changed. Today, if you can visit a "friend's" house and get the house and device code for his bedroom lamp and set a wireless X10 remote to the same house, it's a "securi

      • by MobyDisk ( 75490 )

        Nope.

  • Sounds like the employee needs firing. They're not being blamed for the bad PR so much as for their screw-up. The boss is just throwing the "get it taken down or you're fired!" as a punishment for not doing his job. Damage control is the first step in the response, "stop the heavy bleeding". Which isn't the security, it's the bad PR. So that's his first job. If he succeeds at that, his second job will be to fix the problem.

    If he can't kill the bad PR, he's out immediately, someone else will come in to

  • "The AuYou representative insisted she would be fired if the review was not updated."

    Why would I care, as long as my review was factual and accurate?

    It's not my problem that her company is run by pieces of shit that fire people for events outside of her control, or that they're making a shitty product, or for the fact that they got caught doing so.

    Seriously, it's too bad but I'm not going to lie just because someone somewhere might get fired. Here's a tip: don't make a shitty product and you won't get shitt

  • by wonkey_monkey ( 2592601 ) on Friday July 01, 2016 @04:13PM (#52429623) Homepage

    he will quit me

    I wish I knew how to quit you.

  • Bizarrely, if you write "AuYou Wi-Fi Switch" in Han Chinese it's only two little ticks different from "Streisand Effect".

  • Comment removed (Score:4, Interesting)

    by account_deleted ( 4530225 ) on Friday July 01, 2016 @04:52PM (#52429899)
    Comment removed based on user account deletion
  • These wifi power switches are actually pretty cool and useful, just don't buy this one. I recommend the Orvibo S20. It has better security and can be controlled by an open source python script that runs on Linux. Linux warms up my towel for me in the morning as I wake up :)

  • The IoT is going to make Sky Net look harmless.
  • I looked into these a couple of years back and I couldn't find a single one which didn't wantto dial home to a server, which could be shutdown at any time.

    I want something with a web interface and I can just remap a port on my router to present that (secure) web interface, then I can control it myself.
    Perhaps some kind of secure access would be nice, so you could build a basic server which can control all the power points, monitor usage, set timers etc.

    It's 2016 (!!) and most of us still have very little co

    • I want something with a web interface and I can just remap a port on my router to present that (secure) web interface, then I can control it myself.

      Here. [3gstore.com] It, too, wants to phone home for some reason, but blocking the device at the router stops that.

      It's 2016 (!!) and most of us still have very little control or monitoring over the power sockets around our homes,

      I'd suggest X10, but apparently it is an incredible "security hole" that people can actually control outlets around the house. The specific comment was about wireless X10 and how much fun it is to screw your friend by toggling his lights, but if you're standing on the front step of your friend's house you can plug in your wired X10 controller to an outside outlet and do the same thing with no need for wirel

      • I genuinely don't understand why I can't get a power reading from every single light AND socket in the house

        Current utilisation, total utilisation this month / week etc
        Ability to turn off and on, timing
        Total house usage

        I understand it should cost more to do and it's more complicated but again, 2016! It's madness. I'm actually kind of glad I'm not well off enough to afford a house, because it would frustrate me to own my own place or build my own place and not be able to easily do that yet.

        • I genuinely don't understand why I can't get a power reading from every single light AND socket in the house ... I understand it should cost more to do and it's more complicated but again, 2016!

          There is nothing magic about 2016. Yes, I understand, "it's a modern world". But it will cost a lot more to do that, and it will require a lot of smarts to configure this all. How do you manage four things plugged into a power strip? Does each thing report its data, does each socket on the strip report, or do you just monitor the socket in the wall and say that's good enough? How do you tell how much that cable set-top-box is using vs. the TV plugged into the same strip? And then you turn on the lamp plugge

  • Emotional wording, pleading for good reviews, tales of woe and unemployment from bad reviews...I wouldn't believe this for an instant. It's highly probable that no one's job is actually at stake, and this is a con to get the review changed. I've had them beg me to not leave a bad review after never receiving items, broken items, etc; it's pretty common. Don't be swayed, stick to your guns.
  • "Just now my boss has blamed me, and he said if I do not remove this bad review, he will quit me. Please help me,"

    Gawwwd, such a dumb-ass on many levels. I hope the bastard does get fired.

Understanding is always the understanding of a smaller problem in relation to a bigger problem. -- P.D. Ouspensky

Working...