Meet our writers

 







Technology April 2018

Bob’s Tech Talk

Smart Speakers, Home Automation, and Privacy

By Bob DeLaurentis

My advice is simple: Experiment with the voice control features already on your smartphone. Give home automation products more time to mature. Apple's HomePod has a good security story, but smart speakers are not as innocent as they seem in those gorgeous TV commercials.

* * * * *

A basic awareness of what can happen to the data you leave in your wake is a thought-provoking exercise. The more you automate, the more you reveal and record about your daily life.

 

Q. I want an Amazon Echo, but my wife thinks it's creepy to have a microphone listen to everything we say. What do you think?

A. I think your spouse is very wise. New tech is always flawed, and smart speakers are very, very new. The privacy implications of installing an always-on microphone in your house should not be glossed over.

The three main competitors in the smart speaker market are Amazon, Apple, and Google. The "smarts" in smart speakers comes from an "intelligent personal assistant," similar to phone-based assistants like Siri and Cortana.

Each manufacturer focuses on the features that best serve their respective interests. Amazon's Echo speaker excels at buying stuff. Google has the best search. And Apple has the best audio quality and the best privacy safeguards. They also vary in price from hundreds of dollars (HomePod by Apple, no surprise there) to less than $40 for the Amazon Dot.

Although each manufacturer publishes privacy policies about their smart speakers, understanding how they work under the hood is the best tool to compare their strengths and weaknesses.

 

Q. I began exploring home automation with Phillips Hue lights. They are hooked up to a motion sensor, but I want to add voice commands. The commercials on TV make it look simple, but I'm guessing its not. What is your take?

A. In general, home automation is better than it was a few years ago, but there are still plenty of rough edges.

Home automation extends your online behavior into the real world spaces. For example, it is possible to "automate" your household thermostat, the lights, even the doorbell. That convenience comes with hidden costs.

One of those costs can be privacy. To allow the devices in our houses to get smarter, they have to know more about us. And nowhere is that more evident than the voice control in smart speakers.

Smart speakers activate with a short phrase that includes the name of the voice assistant. The Amazon Echo responds to "Alexa." Apple has "Hey Siri," and Google uses "Hey Google."

In order to respond to your voice, the speaker must listen to everything, all the time. Manufacturers maintain that although the sound is continuously searched for the trigger phrase, most of the sound is instantly forgotten. That is accurate, but there are devils hiding in the details, far too many to cover here.

Let's assume that after researching the privacy implications, you still wish to proceed. In that case, note that the home automation landscape is still in its infancy. You will need lots of patience to get all your devices working together.

My advice is simple: Experiment with the voice control features already on your smartphone. Give home automation products more time to mature. Apple's HomePod has a good security story, but smart speakers are not as innocent as they seem in those gorgeous TV commercials.

 

Q. Amazon already knows which laundry soap I buy along with everything else I purchase from them. What difference does it make if I order it on an Echo or tap my phone's screen?

A. I agree! The brand of toothpaste you prefer is not especially interesting, except perhaps to a toothpaste marketer. When phrased with a single piece of information, privacy concerns can sound like over-the-top conspiracy theories.

Privacy is not endangered by trivial bits of data, it is jeopardized by assembling those small bits of information into a picture.

Allow me to speculate about a few of the potential problems from a technologist's perspective.

In order to work, the records for those components are stored outside your home, in The Cloud. That is just a fancy way of saying that they are in a database in a datacenter somewhere in the world.

That database may be secure from casual hacking attempts, or it may not. The technicians who write the software that makes everything work can probably see your data. Very little of it is encrypted, after all it's just mostly timestamps and temperature readings.

That remote database may be sold to someone (or many someones) without your knowledge. So what, you ask? The data is boring, no one cares about it.

Data often looks boring on the surface, but let me feed that raw data to a statistical analysis program. Now the boring data is suddenly interesting. Now I can see patterns. Like what time you leave for work each day. What time you cook your meals. Maybe I can see which rooms you are in at different hours of the day. I know when the house is empty.

A basic awareness of what can happen to the data you leave in your wake is a thought-provoking exercise. The more you automate, the more you reveal and record about your daily life.

 

Wander the Web - Three good sources of information about home automation and privacy

If This, Then That

This is a great site for home automation enthusiasts. It can bridge many different services in unique ways.

ifttt.com

 

Schneier on Security

Bruce Schneier is a longtime security expert who has been writing about these issues since 2004.

www.schneier.com

 

Apple's Security Story

This is an overview of how Apple handles customer data. HomePod security is covered by the section on HomeKit.

www.apple.com/privacy/approach-to-privacy/

 

A tech enthusiast his entire life, Bob is currently developing an educational software project. When not writing, he is in the kitchen cooking up something unusual, or outside with a camera. He can be contacted at t This email address is being protected from spambots. You need JavaScript enabled to view it. .

Meet Bob