[detaro]

Just to clarify, since this article just talks about smartwatches in general: The issue are watches that allow someone to remotely listen in, not all variations of smart watches for kids. They are banned for that ability, not for general concerns about IoT security.

Hidden listening devices (devices with listening capability that are disguised as other harmless items) are illegal to possess or sell in Germany under existing law. The regulatory agency for this just made a press release pointing out this specific device category and that they have taken action against sellers.

German press release: https://www.bundesnetzagentur.de/SharedDocs/Pressemitteilung...

[sparkie]

This should include all smart phones with children's games installed on them too.

My niece asked me to install some games on an old smartphone I let her play with. Out of about 15 I looked at, 15 asked for access to one or more of the camera, microphone, address book, location or just blanket ask for every permission under the sun. None of them needed these permissions for the actual game play of course.

How does Google find this kind of spying on children acceptable?

[sideshowb]

Why apps ask for blanket permissions: have you ever tried using a cordova library? My own app has to ask for storage access just to get reliable sound output...

The deeper answer is that economic incentives don't encourage minimal permissions, even if there's no malicious intent.

[sitkack]

And android and google is negligent for not allowing users to limit apps ability to use these apis.

An app can request it, I'd like to say NO in a way that doesn't break the app. It asks for camera, fine it gets the same stock photo. It asks for location, it gets the Galapagos. It asks for microphone, it gets "Never Gonna Give You Up". Installing an app shouldn't be a binary (hah) choice.

[SyneRyder]

But you can do that on Android now. On Android 7.0 (might even work on 6.0), go into Settings -> Apps, tap on an App and then tap on Permissions. You can then enable or disable individual permissions for that app (eg enable camera but disable microphone)

Android apps now request permission at the time they need to use a feature, not on first install. They've basically adopted the same permissions model as Apple.

[biafra]

This is not what he described. Removing any of these permissions must be handled by the app. The app shouldn't even know I removed a permission. It should just get empty or fake data.

[TomMarius]

No, the app has no control over it. It displays a system dialog once it tries to use something.

[freeone3000]

XPrivacy does.

[madez]

That is one of the examples why Richard Stallman was right and free software is the way to go.

[psergeant]

If this wasn’t an endemic problem on Android while being hardly a problem at all on iOS then I’d agree

[orbifold]

Android is not open source in the same way that gcc is. Sure it uses an open source license, but it is fully controlled by google.

[Karunamon]

How would free software prevent permission abuse? Open source spyware is still spyware.

[smichel17]

FLO software shifts the balance of power between users and developers, since (1) it's harder to sneak a "feature" in without people finding out, (2) if a developer makes a change that people don't like, it's much easier for people to continue using the old version, and (3) there is potentially more competition between developers, since they can start from a fork of the project instead of a clean slate.

As that applies to the specific example in your comment, (1) people can verify whether or not a piece of open source software is listening and phoning home, (2) if it is spyware, a different programmer could make a fork and remove this antifeature, and (3) if they published the fork, now end users have the choice of using a version that does not track you.

Does this mean Open Source software never tracks you? Of course not. But it is much more resistant to this sort of thing.

[Karunamon]

Nobody reads source code (hell they don’t even read the permissions and those are a lot easier to understand); the de-spied clone couldn’t use the same name, couldn’t necessarily communicate with the same servers, and wouldn’t get near as much exposure.

The practical impact of such a change, even if it were forced top down by Google, is nil. Nobody outside a tiny minority of geeks treats free software as a selling point.

[sparkie]

In theory you could automate the process of removing unwanted permissions in another app store. For example, if some game on the google app store wants the camera but doesn't need it, a "safe app store" could download its code and remove the camera permissions and any potential calls to functions which read from the camera. (They could be replaced with blank stubs or even a fake video like a rickroll). Same principle for address book (just provide fake/randomly generated people, etc).

Obviously not everyone would use the safe version because of the network effect of Google's play store. But for anyone who becomes aware of the "safe app store" and is aware of privacy risks, they'll almost certainly chose to download their apps from there.

[madez]

The source being open puts huge pressure on the developer not to put in backdoors.

Overmore, your claim

> Nobody outside a tiny minority of geeks treats free software as a selling point.

is wrong. Just to give one counterexample, the European Comission is not a bunch of geeks and they strongly prefer free software.

[mchaver]

> The practical impact of such a change ... is nil.

I don't believe that. I think there would likely be a small group of people that would audit the software to create fact finding reports and others may create patches to fix software. Of course this is still subject to abuse, but there would probably reputations for certain sources.

Similar to journalism. There are a lot of first hand sources out there but the average layman does not read them. They would rather read a summary/interpretation of the facts. This is also subject to abuse. Reputation is important.

[davb]

I don’t think end users would be the ones doing the code review. Making source auditable by “a tiny minority of geeks” would be a net positive, increasing the chance that someone (bug bounty hunter, appsec blogger, etc) would find and report on malicious apps. It would be no silver bullet, but more transparency would be no bad thing.

[hdheiej88]

Reading it verbatim isn’t necessary for everyone

A “paper trail” back to the contents of our gadgets that can be audited, and some people would no doubt, would be much better than

“Fu society we own it all.”

Open source is the means of production today. Let’s keep it that way.

[hdheiej88]

We’d end up tossing fewer gadgets if we required they run open-source:

https://news.ycombinator.com/item?id=15721911

[danellis]

Doesn't really help unless you build the software yourself, though, and even then only after you've audited the source. And, if we're going down that rabbit hole, with a compiler you've compiled yourself after auditing the source. Using a compiler you... well, you get the point.

[sitkack]

It has little to do with the software and everything to do with distribution. Users cannot install software on their devices. You eat the food given or you starve.

[WizzleKake]

Why is spying on children any different than spying on adults?

[jimktrains2]

While in absolute terms it's not any more ok to spy on adults than children, the idea of spying on children being more morally repugnant is based around the idea of children as innocent and by spying on then we're depriving them of that and allowing malicious actors to prey on that innocence (hey, now someone knows where this child will be, when, and most of the important things happening in their life; much easier to trick.)

In reality the same arguments apply to adults, but we find it less morally repugnant because adults aren't innocent and are expected to gaurd themselves against such actions. However, it becomes more and more difficult to guard against.

[AlexandrB]

> While in absolute terms it's not any more ok to spy on adults than children, the idea of spying on children being more morally repugnant is based around the idea of children as innocent and by spying on then we're depriving them of that and allowing malicious actors to prey on that innocence (hey, now someone knows where this child will be, when, and most of the important things happening in their life; much easier to trick.)

This seems like a very mushy reason. I'm pretty sure the real reason is that children are not considered able to knowingly consent to many things - including contracts such as EULAs or TOS. Given this, a child is also not expected to be able make a reasoned decision about privacy tradeoffs.

The reason it's "ok" to spy on adults is that they can make an educated decision about whether they're ok with being spied on. I don't necessarily agree that this is true in practice, but I think that's the theory.

[jimktrains2]

It is not "ok" to spy on adults. It simply doesn't elicit a feeling of disgust in most people.

[sparkie]

I think it does elicit the feeling of disgust, but most people don't know it's happening. (Or downplay the risks - such claiming that it's only machines and not people watching).

It should also be completely illegal, but the justice system can't keep up with technology. Imagine you found out that your next door neighbor has drilled a hole through the wall and fed a camera into your house - what do you do? (Call the police, certainly). Is it really any different when the camera feed isn't a physical wire but done over the internet?

[ivanhoe]

Because with kids it's much more obviously evil thing to do. For adults one can perhaps argue that they (being adults) can choose for themselves whether to give or not to give the permissions - just like with everything else in their life, it's their responsibility to know better. Kids can't really be expected to make informed decisions on actions that are potentially dangerous, they need to be protected by adults.

[gkya]

> For adults one can perhaps argue that they (being adults) can choose for themselves whether to give or not to give the permissions

That's wishful thinking. Most people can't tell the WWW from Facebook. People are so bad at writing emails that there are Workshops for Composing E-Mails which sell out quickly. Many disable SIM PINs because they forget them or don't want to bother remembering them. The people who read permissions an app requests make such a little percentage of smartphone users that they can't even be considered a minority.

I beleive we need some kind of CE for software. It's easier to make sure that your parmigiano reggiano comes from Emilia-Romagna that it is to make sure that you can rely on a certain online service provider / platform. That's simply unacceptable.

[gsich]

So? They are still adults. If they want to know if works, they can learn it.

Most of them don't care.

[gkya]

And they'd rather not care. A life where we had to make sure every single thing we have and every tiny peg or thing in them is of a certain quality would be hell. Have you read "I, pencil"? I suggest it becomes compulsory reading to every single person. Things involve lots of other things and all we have is some governmental and international bodies helping us have some trust in what we possess.

[sitkack]

> CE for software

Yes, and hardware at the firmware level.

[ptaipale]

Children are more vulnerable and less able to beware of the risks.

[cucuuc]

Sexually explicit information of children.

We generally believe that sexual exploitation of children is worse than of an adult. We don’t allow for consensual sexual relations, creation or mere posesion of explicit material with a child.

In fact drawings of said material can get you in a lot of trouble in many, liberal, countries.

That being said, I hate what the internet has become.

[mirimir]

Good point. All that spying crap should be illegal. Including governments' spying crap. But good luck on that :(

[jdietrich]

COPPA.

[jasonmp85]

I don’t know, you should ask their advertising team, otherwise known as their entire source of income.

[jt2190]

Maybe a bit off topic, but for an entertaining and chilling way to understand why Germans are so opposed to listening devices, watch _Das Leben der Anderen_ (The Lives of Others).

http://www.imdb.com/title/tt0405094/

[Fnoord]

Great suggestion!

Not merely microphones though, but also privacy at a whole.

The other reason is the WWII history.

Das Leben der Anderen is a very good movie with a sublime cast (including Sebastian Koch), but hardly entertaining. A somewhat entertaining movie about the GDR (DDR) is Goodbye Lenin [1], starring Daniel Brühl (Bruehl). Both movies are primary dramatic though.

I can also recommend any movie starring Jürgen Vogel [2] (Juergen). The subjects movies he's in touches upon are often thought-provoking. Although also, usually drama. I can highly recommend German cinema, I hold the authenticity of German cinema in high regard.

[1] http://www.imdb.com/title/tt0301357/

[2] http://www.imdb.com/name/nm0900915/

[JBlue42]

Das Leben der Anderen isn't "entertaining" per se but I recall being pretty devastating.

[jt2190]

> ... but hardly entertaining.

I'm curious about your use of the word "entertaining"...

Do you mean to exclude dramas, tragedies, or things that deal with serious subject matter? Or do you mean to say that Das Leben der Anderen isn't a good movie?

(Language is fun! :-) )

[Fnoord]

Yeah it is possible I took the term too strict [1] but wouldn't the broad definition of it include every movie ever made?

[1] https://en.wikipedia.org/wiki/Entertainment

[weber111]

All movies are entertainment, but only good movies are entertaining

[Fnoord]

Is entertainment an objective term, and entertaining a subjective term?

[cJ0th]

That's why Germans should be opposed to listening devices. The fact is, the vast majority is perfectly happy using stuff like android phones or amazon's echo.

[Xylakant]

Both an amazon echo and an android phone require a key phrase to activate. It’s obviously possible that they could be used by amazon/google to listen in, but neither is a covert device that you can use to listen in on me, something that these smart watches enable.

[squarefoot]

"Both an amazon echo and an android phone require a key phrase to activate."

But thanks to the devices closed nature, their manufacturers have the exclusive ability to remotely modify their workings so that the device could listen without the "owner" consent. This assuming it hasn't already been done and a single packet hidden into an update push can trigger undetectable monitoring. Technically it would be trivial to implement and trivial to turn off with another update so that it would remain undetectable in case of device hardware/firmware/software inspection.

SmartTV also should be treated as dangerous. https://bgr.com/2017/02/07/vizio-smart-tv-spying-case/ https://www.rte.ie/news/technology/2017/0308/858060-samsung-...

[anonymfus]

Android permissions don't distinguish between foreground and background audio capture, so every messenger app installed could be used to listen in.

[germanier]

"Could be used by a determined person with the necessary skills" and "is intended for and market to consumers as" is not the same thing even though there might not be a technological difference.

[bennettfeely]

Until they are hacked and are used by others to listen in

[Xylakant]

This still is not their primary purpose. And yes, illegal acts could turn them into an illegal covert listening device, but that would be illegal, wouldn’t it?

[Fnoord]

Same could be said about smartphones and laptops.

Its why I prefer a hardware killswitch on a device.

My ThinkPad T61 got one. My MBPs don't. The T61 is from 2008. The MBPs are from 2010 and 2015.

[Gaelan]

The MBP at least has the camera light. Not proactive, but if you see the light come one at least you can kill the power

[scott_karana]

Bullshit. They're already "activated" if they can hear the key phrase in the first place.

In only the absolute best case, the always-on microphone is backed by a local-only module that picks up the keyphrase, and sends only subsequent communications to the cloud.

[hammock]

We can argue about the definition of covert, but Amazon Echo does allow others to somewhat sneakily listen in on you:

>When you drop in on your device or a contact's device, the light ring on your Echo pulses green, you connect automatically and can hear anything within range of the device

https://www.amazon.com/gp/help/customer/display.html?nodeId=...

[Xylakant]

Drop in is an optional feature that needs to be explicitly enabled for a list of contacts. It’s not covert if you have to turn it on.

[hammock]

Like I said, we can argue over "covert." But once you allow a contact to drop in on you, they can do it at any time, with no prior warning, and you won't know it until they're already listening to you.

[ako]

That is a great movie to understand what it was like living in communist eastern-Europe.

[jacquesm]

That's a super good movie, definitely recommended.

[rightos]

Couldn't this simply be done in after market installable software on a general purpose smart watch?

[Arnt]

You cannot sell an illegal device and tell your your customers (nudge nudge wink wink) to install an upgrade to comply with the law.

If you sell a legal device, then you cannot offer an upgrade to make it illegal.

[Xylakant]

More importantly, requiring a software upgrade to enable that functionality would make it obvious that this is indeed of questionable legality and limit the market. Many people buying these watches (or the children dolls affected by the last round of bans) are not aware that these are in fact hidden spying devices.

[blattimwind]

Technically its not a ban of specific merchandise, since they were already illegal. Its more like, say, a police raid against an arms dealer (=> thats not an arms ban).

[rightos]

I'm not suggesting a first party would do it, but say a platform akin to Pebble, Apple Watch or Android Wear were to enable an app like that to be developed. What part would be illegal then - the device itself? The app? The app store? Restricting this seems somewhere between asinine and impossible.

[germanier]

Illegal would be such an device with that software installed.

We restrict many things that are hard to enforce but this is not a reason to refuse to try at all.

[Xylakant]

It could, but that software would turn the watch into a device that's illegal to own.