WiFi just isn’t very good at going through buildings. It’s fine for the main living areas of an average home, but once we venture towards the periphery of our domains it starts to become less reliable. For connected devices outside the core of a home, this presents a problem, and it’s one Amazon hope to solve with their Sidewalk product.
It’s a low-bandwidth networking system that uses capability already built into some Echo and Ring devices, plus a portion of the owner’s broadband connection to the Internet. The idea is to provide basic connectivity over longer distances to compatible devices even when the WiFi network is not available, but of most interest and concern is that it will also expose itself to devices owned by other people. If your Internet connection goes down, then your Ring devices will still provide a basic version of their functionality via a local low-bandwidth wide-area wireless network provided by the Amazon devices owned by your neighbours.
I Can See Your Amazon Ring From Here
The massive online retailer and IoT cloud provider would like to open up a portion of your home broadband connection via your home security devices over a wireless network to other similar devices owned by strangers. In the Amazon literature it is touted as providing all sorts of useful benefits to Ring and Echo owners, but it has obvious implications for both the privacy of your data should it be carried by other people’s devices, and for the security of your own network when devices you don’t own pass traffic over it. For the curious there’s a whitepaper offering more insights into the system, and aside from revealing that it uses 900 MHz FSK and LoRa as its RF layer there is a lot information on how it works. As you might expect they have addressed the privacy and security issues through encryption, minimising the data transmitted, and constantly changing identifiers. To read the Amazon document at face value is to enter a world in which some confidence can be gained in the product.
The question on the lips of skeptical readers will no doubt be this: what could possibly go wrong? We would expect that the devices themselves and the radio portion of the network will be investigated thoroughly by those who make it their business to do such things, and while there is always the chance that somebody could discover a flaw in them it’s more probable that weaknesses could be found in the applications that sit atop the system. It’s something that has plagued Amazon’s IoT offerings before, such as last year when their Neighbors app was found to sit atop a far more garrulous API than expected, leading to a little more neighbourly information being shared than they bargained for. If Amazon’s blurb is to be believed then this system is to be opened up for third-party IoT device and app …read more
Source:: Hackaday