[TeMPOraL]

The trick is to avoid trusting parties that have incentives to abuse that trust and means to do so. Free market working the way it does, sooner or later one of such entities will abuse that trust.

So, baked beans are probably OK in terms of SIGINT. Depending on how well food regulations are enforced in your area, I might or might not worry about the edibility of them, though. But on-line services are definitely suspect with respect to data handling. Doubly so, if they pop up where they shouldn't be in the first place - like e.g. IoT - as that's already evidence of a business model built on abusive relationship.

[lucb1e]

> Doubly so, if they pop up where they shouldn't be in the first place - like e.g. IoT

Hanlon's razor, "never attribute to malice that which is adequately explained by stupidity", does seem to apply to that particular one, though. But I'm no war historian or politician or something; while the security of these devices is stupidity to the point of criminal negligence, I find it hard to say for sure whether some of this might be on purpose.

[TeMPOraL]

I have my own razor[0], that I tend to call Hanlon's Handgun: "Never attribute to stupidity that which can be adequately explained by systemic incentives promoting malice". I think it applies here more than Hanlon's Original.

Also, I wasn't thinking about security. I was thinking about intentional abuse of data, that starts with collecting and processing data that doesn't need to be done for a device to function.

--

[0] - Introduced in https://news.ycombinator.com/item?id=21691282, named after me in https://news.ycombinator.com/item?id=21691718 :).

[fsflover]

You razor is also described here (and called "moloch"): https://slatestarcodex.com/2014/07/30/meditations-on-moloch/.

[TeMPOraL]

Yeah :). That's one of my favorite articles on the Internet and meditating on these meditations had a big role in shaping my current set of beliefs.

[nmlnn]

That's just something people repeat over and over again until it seems true. In reality it just provides cover for malicious actors/actions.

[bilbo0s]

I agree.

The CIA, NSA, DHS, etc are all much, much smarter than me, and I would use IoT to compromise targets if it were my job. So there's that data point.

[machinelabo]

That's why we have regulations and regulatory agencies. You'll need to trust them to their job (just pegging the trust one more level up).

[lucb1e]

TeMPOraL does seem to be aware of the existence and enforcement of food regulations:

> baked beans are probably OK in terms of SIGINT. Depending on how well food regulations are enforced in your area

Unless you meant the IoT part, I'd love to see regulations, let alone enforcement, there.

[machinelabo]

Definitely, new technologies always had this issue though. Regulatory agencies move at a snails pace to adopt new changes - for good or for worse - that's up for debate. Good because new tech doesn't exploit consumers. Bad because haphazardly put together regulations can harm busineses and progress in general.