Dear Google; Next Time You Invade My Home, Could You At Least Knock? (updated)

So I wrote a post back in February musing about the potential security risks posed by Google’s newly acquired NEST Thermostat and PROTECT smoke detectors  (  Its only April and we’ve had our first major home intrusion.  The irony is that the invader was Google itself.

We have 3 of the smoke alarms and one thermostat in our new place.  The key reason we bought the smoke alarm was their “wave to silence” function.  Basically they, they give you a warning in a pleasant recorded voice and a wave of your hands under the device is read as “I know there is smoke I just burned the toast its all good please don’s scream like a banshee and force me to fiddle with tiny, poorly marked buttons before just pulling out the battery because you are just going to go off again.

It turns out the wave to silence function works a little too well.  To quote Nest’s CEO letter.  “we observed a unique combination of circumstances that caused us to question whether the Nest Wave (a feature that enables you to turn off your alarm with a wave of the hand) could be unintentionally activated. This could delay an alarm going off if there was a real fire.”

All well and good.  They are working on a fix and it should be ready in a few months.  But what  happened next was disquieting, dumb, and downright creepy.  NEST reached into my home via my own Wi-Fi signal and disabled the “wave” feature on all of my smoke detectors.  No notice whatsoever.  We never got an e-mail to our (registered) account.  (I finally found the NEST e-mail in my SPAM folder.  Which is odd given I had signed up and gotten a “welcome” e-mail so the NEST e-mail address should have been on my whitelist.  Splitting hairs here, but that speaks to poor e-mail identity management by NEST.)  We did not get any visual or verbal indications from the devices themselves.  No notice at all.  The first I hear of it was via Google News and a forwarded e-mail from a friend.

Practically speaking, this might have been the “right” course of action.  And NEST’s lawyers were probably screaming that NEST would be liable if they had the means to automatically disable that function and didn’t use it.  All well and good BUT…

  • NEST could have at least sent out a notification e-mail THAT DIDN’T END UP CLASSIFIED AS SPAM.  They have our e-mail address and had already been listed as a valid recipient when I got my welcome e-mail.
  • They could have also have sent out a smartphone notification (I HAD to install the NEST app to configure them).
  • They could have at least put the news front and center on their website (It took three clicks and some digging around towards the bottom of the page to find their official communication on the subject).

Most importantly, they should have explained the hows and whys of their decision to come into my house and start messing with the appliances.  With some assurances of what they can or can’t do.  And what they will or won’t do.

As it stands, I have 4 devices in my home with significant sensor capabilities.  They can sense when we are here and when we are not – is that with a motion sensor or a microphone?  What are they recording and to whom is that data going?  It is now painfully clear that I did not actually gain ownership when I “bought” them.  NEST clearly thinks (and acts) like they still “own” them.   They are no more “mine” than a cuckoo’s eggs.  I am just the gullible host for their centrally coordinated flock of autonomous offspring.

None of this is to say that I necessarily object to the practicalities here.  The problem isn’t the outcome, but how NEST/Google went about it.  I am left with a profound mistrust of these devices.  Will I spend the money and time to rip them out?  Probably not.  Might I take them off the grid?  Quite possibly (more on that below).  Will I be recommending them to friends?  Not with a long list of caveats.  Will I be writing negative and fairly annoyed blog posts about it?  Eyup.

*Taking Nest’s off the grid.  My NESTS’s are all connected to our home Wi Fi network.  In fact, they MUST be connected to WiFi to work properly (see below).  Turns out I was wrong on this, as pointed out by Roy RUssel in the comments who is clearly smarter-than-I-am-and-probably-actually-read-all-the-instructions-like-I-keep-planning-to.  His comment “Oh, and the NEST devices communicate with each other via 802.15.4. Probably needed for the battery-powered devices, and it still works without a connection to the Internet via wi-fi.

So the good news is that I can just change my router password and lobotomize the smoke detectors.  BUt that means changing a lot of other WiFi device passwords.  Or  I just wipe the NESTs and re-install.  The re-install remains a major pain in the ass.

Happily, I have a spare WiFi router lying around.  The obvious solution is to turn that on WITHOUT connecting it to the Internet and then connect all the NESTS to THAT WiFi signal.  That way they can talk to each other, but they can’t get out of the house.  And that keeps NEST/GOOGLE from getting in…  I am likely to do this, but dreading it because the install process is a raving pain in the ass.

**  NEST Install is a Pain In The Ass & Weirdly Dependent on WiFi.  To be up to code, newly installed smoke detectors need to “talk” to each other (so an alarm in one sets off the others).  This is done with a wire for traditional devices.  We have that wiring installed.  The NESTs, however, do not provide a wire to make that connection.  It turns out they use their own proprietary wireless protocol.  Given the NEST team’s origin at Apple, it shouldn’t be a surprise that they have deliberately refused to play well with others.  My bias is to indulge that isolationism by installing any future NESTs as un-connected “islands” and relying on more open protocols for any whole-house systems.

Per the above, this bit is wrong.   NEST’s. however, will ONLY use Wi-Fi for that interconnect – there is no lead for the hard-wired house interconnect wiring.   This is clearly less safe and less reliable.  If I have a power outage, my router goes out and my (otherwise battery backed up) smoke detectors go blind?!?  Lets not even get into the ways that wireless is less reliable than wired.  Or the lack of future proofing in relying on WiFi on smoke detectors that could be installed for @30 years.

Even more annoying (and unsafe) is the surprisingly clunky and annoying set-up.  First of all, it REQUIRES that I install NEST”s app on my smartphone (which presumes you HAVE a smartphone otherwise you are stuck).  But the only way to register the devices is to climb up on a ladder, take the thing off the ceiling, try not to dangle it from its electrical leads, and take a “picture” of the QR code on the back of the device.  Or type in the code printed (in tiny type) on the back.  This all has to be done ON the ladder if your devices are hard-wired as ours are.  Then you go through a weird song and dance of button pressing on the other already-installed NEST’s to create that interconnect.  This went OK for two of our devices.  The third one took multiple tries.

This install is a major pain.  It also creates a long-term safety risk.  I need to repeat this exercise every time I change my router password or upgrade/replace my router.  This is one reason I haven’t taken the things offline yet.  But what happens if I sell or rent the place?  A buyer might go through the effort to re-connect the NEST’s to his/her WiFi.  A renter?  So I guess I can do it (which means the renter would need to give me his/her router password which is weird and creepy).  Or, more likely, that interconnect feature remains but the ability to control the devices is lost over time.

What is most annoying is that our on-line NEST account does not offer the means to save the device ID’s.  I SHOULD be able to change the connectivity settings and router password online, then hit a “commit” button and have the devices re-boot with the new password.  NEST’s recent invasion of my home makes it clear that functionality is available.  But NEST apparently wants to keep that for itself and isn’t willing to share that with me, the ostensible owner of the device.

*** NEST Review:  Like the Smoke Alarms.  Thermostat kind’ve “meh” so far:

We do like the smoke alarms.  Actually the feature we have appreciated most is the “night light” feature that gives off a nice glow when you pass under them in the dark.  We have one in the kitchen, but have had no false alarms or need for the wave-to-silence function so far.  I take the lack of false alarms as a sign they are well tuned.  I am not sure I will put them in the new house given the install and lack of hard-wiring.  I would probably put one in the kitchen as a stand-alone insurance against kitchen fires with wave-to-silence for burned toast.

The thermostat has been meh so far.  The auto-learning function probably works well for people with regular schedules, but it hasn’t coped all that well with us so far.  I haven’t tried to program it manually yet.  The on-device scheduling system is tedious and the on-line scheduling system isn’t much better.  Most glaring is the lack of any easy way to set up a standard program timing that runs all 7 days of the week.  You have to enter times and temperatures for each day individually.  My take is that NEST made it intentionally difficult so you’d just default to the device’s auto-learn function.  Which would be fine it it was auto-learning but…

Also the device looks pretty cool, but it sits on a bigger (and ugly) plastic white mounting plate.  That doesn’t show up in the ads because it CAN be mounted directly to your drywall if your HVAC guy knows to cut a much-smaller-than-standard size hole and electrical box for the wiring.  Ours didn’t so we ended up with the ugly plate.  And no on-line options for less ugly or paint-able plates….  And we didn’t really want to DIY our own drywall repair.  At least not yet.

Conclusion:  Concerned about the smoke detectors as a whole house solution and ambivalent about the thermostat.  But do like the stand-alone smoke detector as a kitchen fire solution….  Elsewhere I figure the alarms aren’t going off unless there really is a problem.

This entry was posted in tech-telecom-markets-macro. Bookmark the permalink.

9 Responses to Dear Google; Next Time You Invade My Home, Could You At Least Knock? (updated)