Don’t Use Wi-Fi for Security Cameras

I’ve been asked for my opinion on Wi-Fi security cameras many times. My opinion is to avoid them. Wi-Fi is susceptible for many easy to perform attacks. For example, Wi-Fi deauthentication attacks are a favorite of script kiddies because they are so easy to perform. I’ve demonstrated how easy it is to many friends. WPA3 helps alleviate this, but most access points that I’ve seen are still using WPA2. If you buy a Wi-Fi camera that can’t use WPA3, it is vulnerable to this trivial attack.

Deauthentication attacks aren’t the only way to bring a Wi-Fi network down. Wi-Fi is a wireless protocol, which means it’s susceptible to jamming. When I explain this to friends, they often say that I’m being overly paranoid. But just because you’re paranoid doesn’t mean that they’re not out to get you:

A serial burglar in Edina, Minnesota is suspected of using a Wi-Fi jammer to knock out connected security cameras before stealing and making off with the victim’s prized possessions. Minnesota doesn’t generally have a reputation as a hotbed for technology, so readers shouldn’t be surprised to hear that reports of Wi-Fi jammers used to assist burglaries in the U.S. go back several years. PSA: even criminals use technology, and more are now catching on — so homeowners should think about mitigations.

This is the exact thing I’ve been warning about since Wi-Fi cameras came on the market.

The purpose of a security camera is in the name: security. You want security cameras to be a deterrence and, failing that, to collect evidence that can be provided to law enforcers, insurance companies, etc. A Wi-Fi camera isn’t going to deter a burglar who has access to jamming hardware and knows how to use it. Wi-Fi cameras that have been disconnected from their recording device aren’t going to collect evidence (a camera with a built-in SD card could, but then you’re trusting an SD card, which is a crap shoot).

If you’re going through the trouble of buying and installing security cameras, get hard wired cameras. There are a lot of excellent Power over Ethernet (PoE) options on the market. PoE cameras only require a single Ethernet cable to provide both power and data connectivity.

In Praise of Pen and Paper

Back before the Internet became ubiquitous, one of the most commonly given pieces of computer security advice was to not write passwords down on Post-It notes and stick them to your computer. The threat model was obvious. Anyone sitting down at the computer would have access to the password. This threat model was the most common one back then. While writing passwords down on Post-It notes isn’t a good idea today, it’s actually quite secure against today’s most common threats because a piece of paper can’t be accessed remotely. Ubiquitous Internet connectivity has shifted the most common threat models from local access to remote access.

Data breaches, ransomware, and distributed denial of service are three of the most common forms of attack we read about today. Data breaches in business and government networks have resulted to tremendous amounts of personal information being leaked online. Ransomware attacks can grind businesses to a halt by locking away the data needed to complete day to day tasks. Likewise, distributed denial of service attacks can bring businesses to a halt because so much data has been uploaded to other people’s computers. If those computers are knocked offline, the data uploaded to them becomes inaccessible. A folder containing information written on paper forms stored in a filing cabinet can’t be stolen remotely. It can’t be maliciously encrypted remotely. Access to it can’t be taken away remotely.

The benefits of paper don’t stop there. Paper has an intuitive interface. You pick it up and you read it. Accessing information on a piece of paper doesn’t require trying to figure out a command line or graphical user interface designed by a mad programmer who seemed to take design cues from Daedalus. The user interface of paper also doesn’t change. You don’t have to worry about a software company releasing an update to a piece of paper that drastically changes the user interface for no reason other than the sake of changing it.

Paper is resilient. Data stored on a computer can be corrupted in so many ways. A file loaded into RAM can be corrupted due to a memory error and that corrupted data can be dutifully written to disk and then included in backups. It’s possible that a file that is accessed infrequently can be corrupted without anyone noticing until all of the backups of the uncorrected file are cycled out. A file can also be corrupted while it’s stored on a hard drive or SSD. Paper doesn’t suffer such weaknesses.

Writing information down on paper has a lot of security and integrity benefits. None of this is to say there aren’t downsides to using paper. But the next time you read about patient information being leaked online because a hospital suffered a data breach, consider how much safer that information would have been if it had been stored on paper forms instead of a database. When half of the Internet disappears due to another Cloudflare misconfiguration and you are unable to perform a task because the information you need is hosted on somebody else’s computer, consider that you’d still be able to complete the task if the information was on a paper form in your filing cabinet.

Just because a technology is old doesn’t mean it’s completely outdated.

Decentralized Social Media

When I abandoned Facebook, I also decided to abandon all centralized social media platforms. In their place I opted to make use of decentralized services instead. To that end I joined various Matrix chat rooms on multiple servers and spun up a few of my own. I recently joined a Mastodon instance and have been enjoying the community on that instance as well as interacting with people on other instances through federation. Although not technically a social media platform (nor a decentralized one), I also participate in and even run a few group chats on Signal.

This setup takes me back to the days before Facebook gobbled up half of the Internet. Before Facebook, online social interactions were spread amongst a dozen or more chat clients (ICQ, AOL Instant Messenger, MSN Messenger, Yahoo Messenger, XMPP, etc.) and thousands of forums. Most forums had a theme. If you wanted to discuss guns, you would join any of the many gun forums. If you wanted to discuss video games, you would join any of the many video game forums. There were forums for the most niche of subjects.

For those who missed those days of the Internet and only know the post-Facebook Internet, what I just described probably sounds like chaos because you needed a separate account for each chat platform and forum (and this was in an era before password managers). However, the chaos came with many upsides. The most notable of which was that getting banned from one platform or forum didn’t result in you being banned from every other. People today often complain when they receive a temporary or permanent ban on Facebook, Twitter, or other centralized social media platform because it means they’re banned from interacting with all of their friends. To make matters worse, the number of rules and therefore the number of reasons you can receive a ban continues to increase. And since many bans are completely automated, you can find yourself barred from interacting with all of your online communities because an automated moderation system took an innocent thing you posted the wrong way.

Compare that with the decentralized social media experience I described in the first paragraph of this post. If I’m banned from one Matrix or Mastodon instance, I can sign up for an account on another instance. In the case of Matrix, you can choose to encrypt all messages in a room, which prevents the administrators of your Matrix instance from reading any of your comments (and therefore banning you for it). Signal actually forces encryption on all rooms so the same is always the case on that platform. Federation on Mastodon and Matrix means that you can continue to interact with your acquaintances even if you migrate to another server, which fixes the biggest issue with pre-Facebook chat clients and forums (if you were banned from one, you couldn’t interact with your acquaintances on that platform unless they also used another platform).

I’ve also discovered that I prefer to keep a lot of my social media activity isolate from my other social media activity. It wasn’t uncommon for me to post something on a public Facebook group just for a friend who didn’t like the topic of that group to show up and try to engage in a fight. This was even more common on Twitter, which is just a public forum. But when I post something on a Mastodon instance, only users on that instance and anybody federating with that instance (who are usually federating because they’re interested in the topic(s) found on that instance) see it. This cuts down on the bullshit from the peanut gallery. This is even more true for Matrix since most rooms are topical and the only people who join those rooms are interested in the topic.

Whereas I found centralized social media aggravating because everything I posted was visible to all of my friends, decentralized social media has been very pleasant. I can post anarchism content to anarchist rooms and not have to argue with statist friends. I can post gun content to gun rooms and not have to argue with anti-gun friends. I can post online privacy content to online privacy rooms without my technology illiterate friends taking it as an opportunity to seek free technical support. While trolls do pop in from time to time, they’re rare and generally more fun since they’re not my friends and I therefore don’t give a shit about their feelings.

While decentralized social media may seem inconvenient compared to centralized social media, I strongly urge you to give it a try. You may find that what you currently perceive to be an inconvenience, such as not all of your friends being on one platform, is actually beneficial.

Bitcoin Bad, War Bucks Good

The trick to discrediting a new idea or technology is crafting a criticism onto which supporters or people at least open to the idea or technology will latch. A lot of effort has gone into discrediting cryptocurrencies, but most of them have fallen flat because they haven’t spoken to supporters or people open to the idea of cryptocurrencies. However, what I will call the energy scare seems to be gaining some traction. A short while back Mozilla announced that it would stop accepting proof-of-work cryptocurrencies ostensibly for environmental reasons. Now Wikimedia has made a similar announcement:

Wikimedia, the non-profit foundation that runs Wikipedia, has decided to stop accepting cryptocurrency donations following a three-month debate in which the environmental impact of bitcoin (BTC) was a major discussion point.

I’ve previously touched on the energy use of Bitcoin and how it compares to the US dollar. However, since the topic is being brought up again, I feel the need to make some more criticisms of the current critics of Bitcoin.

Mozilla and Wikimedia may not accept your Bitcoin, but both will happily accept your United States dollars. This is baffling because both organizations cite environmental reasons for not accepting Bitcoin, but the United States military is one of the largest polluters in the world:

Research by social scientists from Durham University and Lancaster University shows the US military is one of the largest climate polluters in history, consuming more liquid fuels and emitting more CO2e (carbon-dioxide equivalent) than most countries.

Why does this matter? Because one cannot claim to oppose Bitcoin for environmental reasons while also not opposing United States dollars for the same reasons. The United States dollar is inseparable from the United States military because the latter is necessary to maintain the value of the former:

The world relies on the U.S. dollar and U.S. treasuries, giving America unparalleled and outsized economic dominance. Nearly 90% of international currency transactions are in dollars, 60% of foreign exchange reserves are held in dollars and almost 40% of the world’s debt is issued in dollars, even though the U.S. only accounts for around 20% of global GDP. This special status that the dollar enjoys was born in the 1970s through a military pact between America and Saudi Arabia, leading the world to price oil in dollars and stockpile U.S. debt. As we emerge from the 2020 pandemic and financial crisis, American elites continue to enjoy the exorbitant privilege of issuing the ultimate monetary good and numéraire for energy and finance.

The dollar is backed by one thing: military might. Its value cannot be separated from the United States military anymore than Bitcoin’s value can be separated from the energy usage of its miners. Bitcoin’s current contribution to global pollution is a tiny fraction of the current contribution of the United States military. Therefore, if an organization wants to encourage the use of more environmentally friendly currencies, it would dump the dollar before Bitcoin.

But the here and now isn’t the only consideration. Let’s consider the future. Bitcoin miners have been transitioning towards renewable energy for quite some time. The United States military on the other hand has made no efforts towards doing the same. While Bitcoin miners are already working to become more environmentally friendly, the Commander and Chief of the United States military is only talking about how the military needs to become more environmentally friendly at some undetermined future date.

In conclusion the claims made and actions taken by Mozilla and Wikimedia are disingenuous at best. If either organization has real environmental concerns about the currencies they accept, they have a funny way of demonstrating it.

Dangers of Closed Platforms

I advocate for open decentralized platforms like Mastodon, Matrix, and PeerTube over closed centralized platforms like Facebook, Twitter, and YouTube. While popular open platforms don’t have the reach and user base of popular closed platforms, they also lack many of the dangers.

Two recent stories illustrate some of the bigger dangers of closed platforms. The first was Meta (the new name Facebook chose in its attempt to improve its public image) announcing that it will demand a near 50 percent cut of all digital goods sold on its platform:

Facebook-parent Meta is planning to take a cut of up to 47.5% on the sale of digital assets on its virtual reality platform Horizon Worlds, which is an an integral part of the company’s plan for creating a so-called “metaverse.”

Before Apple popularized completely locked down platforms, software developers were able to sell their wares without cutting in platform owners. For example, if you sold software that ran on Windows, you didn’t have to hand over a percentage of your earnings to Microsoft. This was because Windows, although a closed source platform, didn’t restrict users’ ability to install whatever software they wanted from whichever source they chose. Then Apple announced the App Store. As part of that announcement Apple noted that the App Store would be the only way (at least without jailbreaking) to install additional software on iOS devices and that Apple would claim a 30 percent cut of all software sold on the App Store.

Google announced a very similar deal for Android Devices, but with a few important caveats. The first caveat was that side loading, the act of installing software outside of the Google Play Store, would be allowed (unless a device manufacturer disallowed it). The second caveat was that third-party stores like F-Droid would be supported. The third caveat was that since Android is an open source project, even if Google did away with the first two caveats, developers were free to fork Android and release versions that restored the functionality.

The iOS model favors the platform owner over both third-party software developers and users. The Android model at least cuts third-party software developers and users a bit of slack by giving them alternatives to the officially support platform owner app store (although Google makes an effort to ensure its Play Store is favored over side loading and third-party stores). Meta has chosen the Apple model, which means anybody developing software for Horizon Worlds will be required to hand nearly half of their earnings to Meta. This hostility to third-party developers and users is compounded by the fact that Meta could at any point change the rules and demand an even larger cut.

The second story illustrating the dangers of closed centralized platforms is Elon Musk’s attempt to buy Twitter:

Elon Musk on Wednesday offered to personally acquire Twitter in an all-cash deal valued at $43 billion. Musk laid out the terms of the proposal in a letter to Twitter Chairman Bret Taylor that was reproduced in an SEC filing.

This announcement has upset a lot of Twitter users (especially those who oppose the concept of free speech since Musk publicly support the concept). Were Twitter an open decentralized platform, Musk’s announcement would have less relevance. For example, if Twitter were a federated social media service like Mastodon, users on Twitter could simply migrate to another instance. Federation would allow them to continue interacting with Twitter’s users (unless Twitter block federation, of course), but from an instance not owned and controlled by Musk. But Twitter isn’t open or decentralized. Whoever owns Twitter gets to make the rules and users have no choice but to accept those rules (or migrate to a completely different platform and deal with the Herculean challenge of convincing their friends and followers to migrate with them).

I often point out that if you don’t own a service, you’re at the mercy of whoever does. As an end user you have no power on closed platforms like iOS and Twitter. With open platforms you always have the option to self-host or to find an instance run in a manner you find agreeable.

They’re Called Dumbbells for a Reason

Before I begin my rant, I want to note that the etymology of dumbbell is more interesting than “stupid barbell,” but I’m allowed a bit of artistic license on my own blog. With that out of the way, let me get into this rant.

I still don’t (and likely never will) understand the modern obsession of taking perfectly functional things and making them dysfunctional by connecting them to the Internet. Nike still holds the crowning achievement for its “smart” shoes that became bricked by a firmware update. But the quest to match or exceed Nike continues. Nordictrack is obviously gunning for the crown with its “smart” dumbbells:

There are two things that make the iSelect dumbbells “smart.” The first is that these use an electronic locking mechanism, as opposed to pins or end screws. The second is that you can change the weights using voice commands to Alexa. Though, fortunately, you don’t have to since there’s also a knob that lets you change the weights manually.

[…]

Setting up the dumbbells is easy. All you’ve got to do is download the iSelect app for iOS or Android and then follow the prompts to pair the dumbbells over Bluetooth and Wi-Fi. (The latter is for firmware updates.)

Perhaps I’m showing my age, but why in the hell would anybody want to take perfectly functional weighted chunks of metal and complicate them by adding wireless connectivity, voice commands, a phone app, and firmware updates? Changing weights on adjustable dumbbells isn’t complicated or time consuming. And if you, like the author of the linked article, are concerned about the ruggedness of a physical retaining mechanism, why would you have any faith in a mechanism that is electronically controlled?

If you want adjustable dumbbells, there are a lot of excellent options on the market. Rouge Fitness makes dumbbell bars that accept plate weights. Powerblocks are oddly shaped, but built like tanks. There is also the Nüobell, which maintains a classic dumbbell profile. All of these options are within $100 (after the addition of weights for the Rouge bell and assuming you get the 50 lbs. version of the Nüobell) of the Nordictrack iSelect, are built significantly better, and won’t stop working because the manufacturer pushed out a botched firmware update. There are also adjustable dumbbells on Amazon that are much cheaper than any of these.

There’s no reason to make dumbbells “smart.” The feature set of the iSelect demonstrates that. The only thing the “smarts” let you do is adjust the weight of the dumbbells with Alexa voice commands (and brick the dumbbells with a bad firmware update, of course). And according to the article, the voice commands are slower than using the physical knob on the stand so that single feature is more of a hindrance than a benefit.

As another aside, I chuckled when the article listed “No mandatory subscription” under the pros. The prevalence of tying “smarts” to subscriptions is so great that a “smart” device can earn points by simply continuing to function if you don’t pay a subscription fee. That tells you more than you might realize about “smart” devices.

Averages Apply to Criminals Too

George Carlin once said, “Think of how stupid the average person is, and realize half of them are stupider than that.” This applies to criminals as well.

If you believed the claims of politicians and law enforcers, you’d think that the invention of encryption and the tools it enables, like Tor and Bitcoin, is the end of law enforcement. We’re constantly told that without backdoor access to all encryption, the government is unable to thwart the schemes of terrorists, drug dealers, and child pornographers. Their claims assume that everybody using encryption is knowledgeable about it and technology in general. But real world criminals aren’t James Bond supervillains. They’re human beings, which means most of them are of average or below average intelligence.

The recent high profile child pornography site bust is a perfect example of this point:

He was taken aback by what he saw: Many of this child abuse site’s users—and, by all appearances, its administrators—had done almost nothing to obscure their cryptocurrency trails. An entire network of criminal payments, all intended to be secret, was laid bare before him.

[…]

He spotted what he was looking for almost instantly: an IP address. In fact, to Gambaryan’s surprise, every thumbnail image on the site seemed to display, within the site’s HTML, the IP address of the server where it was physically hosted: 121.185.153.64. He copied those 11 digits into his computer’s command line and ran a basic traceroute function, following its path across the internet back to the location of that server.

Incredibly, the results showed that this computer wasn’t obscured by Tor’s anonymizing network at all; Gambaryan was looking at the actual, unprotected address of a Welcome to Video server. Confirming Levin’s initial hunch, the site was hosted on a residential connection of an internet service provider in South Korea, outside of Seoul.

[…]

Janczewski knew that Torbox and Sigaint, both dark-web services themselves, wouldn’t respond to legal requests for their users’ information. But the BTC-e data included IP addresses for 10 past logins on the exchange by the same user. In nine out of 10, the IP address was obscured with a VPN or Tor. But in one single visit to BTC-e, the user had slipped up: They had left their actual home IP address exposed. “That opened the whole door,” says Janczewski.

Despite the use of several commonly cited tools that supposedly thwart law enforcement efforts, law enforcers were able to discover the location of the server hosting the site and identity of suspected administrators using old fashioned investigative techniques. This was possible because criminals are human beings with all the flaws that entails.

One thing this story illustrates is that it takes only a single slip up to render an otherwise effective security model irrelevant. It also illustrates that just because one is using a tool doesn’t mean they’re using it effectively. Despite what politicians and law enforcers often claim, Bitcoin makes no effort to anonymize transactions. If, for example, law enforcers know the identity of the owner of some Bitcoin and that individual knows the identify of the person buying some of that Bitcoin, it’s simple for law enforcers to identify the buyer. Popular legal crypto exchanges operating in the United States are required to follow know your customer laws, which means they know the real world identity of their users. If you setup an account with one of those exchanges and buy some Bitcoin, then law enforcers can determine your identity by subpoenaing the exchange. Even if the exchange you’re using doesn’t follow know your customer laws, if you connect to it without obscuring your IP address even once, it’s possible for law enforcers to identify you if they can identify and put pressure on the exchange.

No fewer than three mistakes were made by the criminals in this case. First, they falsely believed that Bitcoin anonymizes transactions. Second, they failed to obscure the real world location of the server. Third, one of the individuals involved connected to their Bitcoin exchange without a VPN once. These mistakes made their efforts to secure themselves against law enforcers useless.

When politicians and law enforcers tell you that the government requires backdoor access to encryption in order to thwart terrorists, drug dealers, and child pornographers, they’re lying. Their claims might have some validity in a world where every criminal was as brilliant as a James Bond supervillain, but we don’t live in that world. Here criminals are regular humans. They’re usually of average or below average intelligence. Even though they may know that tools to assist their criminal efforts exist, they likely don’t know how to employ them correctly.

Securing Financial Applications Behind Secondary Accounts

Many people run their entire lives from their mobile devices. Unfortunately, this makes mobile devices prime targets for malicious actors. Apple and Google have responded to this by continuously bolstering the security of their respective mobile operating systems (although the openness of Android means device manufacturers can and often do undo a lot of that security work). One major security improvement has been the optional use of biometrics to unlock devices. Before fingerprint and facial recognition on mobile devices, you had to type in a password (or optionally draw a pattern on Android) every time you wanted to unlock your device. This dissuaded people from setting an unlock password on their devices. Now that mobile devices can be quickly unlocked with fingerprint or facial recognition, implementing a proper unlock password on a device isn’t as inconvenient. With this increase in convenience came an increase in the number of people properly locking their devices.

Setting a proper unlock password protects the owner from the consequences of their mobile device being stolen. A thief might get the device, but if it’s a properly locked (which implies all security updates are installed and the device is actively supported by the manufacturer) device, the thief will be blocked from accessing data on the device such as any financial applications.

Now that locked devices are more prevalent, thieves are resorting to new forms of trickery to gain access to the valuable information on devices:

Most scams that utilize payment apps involve a range of tricks to get you to send money. But some criminals are now skipping that step; they simply ask strangers to use their phones and then send the money themselves.

The victim often doesn’t realize what’s happened until hours or even days later. And by that point, there’s very little they can do about it.

If somebody asks to borrow your phone, tell them no. But asking to borrow a phone isn’t the only way thieves acquire access to unlocked devices. Thieves are also targeting people who are actively using their devices (and since those people often aren’t paying attention to their surrounding, they’re easy targets). If a thief steals an unlocked device from somebody, they can gain access to the information on the device until it is locked again.

Most financial applications offer the ability to set an application specific password, which you should do. However, Android offers another level of security. Android supports multiple user accounts. Applications and data in one user account cannot be accessed by other user accounts (an application can be installed in multiple accounts, but each installation is unique to an account). A user can add a separate user and install their financial applications in that account. When they’re using their main account for things like making calls and instant messaging, their financial accounts remained locked behind the secondary account. So long as the user isn’t actively using the secondary account, any thief who swipes the device while it’s unlocked will not even be able to see which, if any, financial applications are installed.

Financial applications aren’t the only ones that you can hide behind secondary user accounts, but they’re good candidates because unauthorized access to those applications can result in real world consequences. Furthermore, financial applications usually aren’t accessed frequently. They’re accessed when a user needs to check the status of an account or make a transaction.

Malicious Automatic Updates

The early days of the Internet demonstrated both the importance and lack of computer security. Versions of Windows before XP had no security to speak off. But even by the time Windows XP was released, your could still easily compromise your entire system by visiting a malicious site (while this is still a possibility today, it was a guarantee back then). It was during the reign of Windows XP when Microsoft started taking security more seriously. Windows XP Service Pack 2 included a number of security improvements to the operating system. However, this didn’t solve the problem of woeful computer security because even the best security improvements are worthless if nobody actually installs them.

Most users won’t manually check for software updates. Even if the system automatically checks for updates and notifies users when they’re available, those users often still won’t install those updates. This behavior lead to the rise of automatic updates.

In regards to security, automatic updates are good. But like all good things, automatic updates are also abused by malicious actors. Nowhere is this more prominent than with smart appliances. Vizio recently released an update for some of their smart televisions. The update included a new “feature” that spies on what you’re watching and displays tailored ads over that content:

The Vizio TV that you bought with hard-earned cash has a new feature; Jump Ads. Vizio will first identify what is on your screen and then place interactive banner ads over live TV programs.

[…]

It is based on Vizio’s in-house technology from subsidiary company Inscape that uses automatic content recognition (ACR) to identify what is on your screen at any given moment. If the system detects a specific show on live TV it can then show ads in real-time.

Vizio isn’t unique in this behavior. Many device manufacturers use automatic updates to push out bullshit “features.” This strategy is especially insidious because the malicious behavior isn’t present when the device is purchased and, oftentimes, the buyer has no method to stop the updates from being installed. Many smart devices demand an active Internet connection before they’ll provide any functionality, even offline functionality. Some smart devices when not given Internet access will scan for open Wi-Fi networks and automatically connect to any one they find (which is a notable security problem). And as the price of machine to machine cellular access continues to drop, more manufacturers are going to cut out the local network requirement and setup their smart devices to automatically connect to any available cellular network.

This pisses me off for a number of reasons. The biggest reason is that the functionality of the device is being significantly altered after purchase. S consumer may buy a specific device for a reason that ceases to exists after an automatic update is pushed out by the manufacturer. The second biggest reason this behavior pisses me off is because it taints the idea of automatic updates in the eyes of consumers. Automatic updates are an important component in consumer computer security, but consumers will shy away from them if they are continually used to provide a negative experience. Hence this behavior is a detriment to consumer computer security.

As an aside, this behavior illustrates another important fact that I’ve ranted about numerous times: you don’t own your smart devices. When you buy a smart device, you’re paying money to grant a manufacturer the privilege to dictate how you will use that device. If the manufacturer decides that you need to view ads on the screen of your smart oven in order to use it, there is nothing you as an end consumer can do (if you’re sufficiently technical you might be able to work around it, but then you’re just paying money to suffer the headache of fighting your own device).

Once again I encourage everybody reading this to give serious consideration to the dwindling number of dumb devices. Even if a smart device offers features that are appealing to your use case, you have to remember that the manufacturer can take those features away at any time without giving you any prior notice. Moreover, they can also add features you don’t want at any time without any notice (such as spyware on your television).

Ode to the Dumb Car

I own three vehicles. The newest one was built in 2008. They’re all dumb vehicles. They have gauges on the dashboard and the only “screen” any of them have are primitive segmented LED displays on their radios. The clocks only know how to display hours and minutes and need to be manually set whenever daylight savings time changes (or the battery is disconnected).

To me a vehicle is a long term purchase. When I buy one, I assume that I’ll be driving it until is stops functioning. I want at least a decade and always hope for more. Because I tend to drive vehicles for a long time, I avoid vehicles that have built-in navigation, touch screens, or infotainment systems. Vehicle manufacturers are notoriously bad at software. Not only do they tend to write software poorly, they also don’t provide updates for very long. That can lead to awkward situations like your clock rolling back 1024 weeks:

The Jalopnik inbox has been lit up with a number of reports about clocks and calendars in Honda cars getting stuck at a certain time in the year 2002. The spread is impressive, impacting Honda and Acura models as old as 2004 and as new as 2012. Here’s what might be happening.

If you scroll through a Honda or Acura forum right now, chances are you’re going to run into a bunch of confused owners. When they hopped into their cars on January 1 they found the clocks on their navigation systems frozen at a certain time. And the calendar date? 2002, or 20 years ago.

[…]

Drive Accord forum user Jacalar went into the navigation system’s diagnostic menu on Sunday and discovered that the GPS date was set to May 19, 2002, or exactly 1024 weeks in the past.

Global Positioning Systems measure time from an epoch, or a specific starting point used to calculate time. The date is broadcasted including a number representing the week, coded in 10 binary digits. These digits count from 0 to 1023 then roll over on week 1024. GPS weeks first started on January 6, 1980 before first zeroing out on midnight August 21, 1999. It happened again April 6, 2019. The next happens in 2038.

Synchronizing time with GPS is an intelligent choice. But you have to understand the specification. Since the week counter for GPS rolls over every 1024 weeks, you need your system to take that into account and adjust accordingly. Honda didn’t take that into consideration so now the clock on a bunch of their vehicles is stuck 20 years in the past. Making the matter worse is that Honda hasn’t provided a fix and, if history is any indicator, may never provide a fix (or at least not provide a fix for vehicles past a certain manufacturing date).

This problem is just another on the long list of what I like to call software based obsolescence. Software based obsolescence isn’t necessarily planned obsolescence. I doubt anybody at Honda implemented a plan to cause this issue. In all likelihood the software developers were ignorant of the fact that the GPS week counter rolls over every 1024 weeks. Because they were ignorant of that behavior, the didn’t take it into consideration when they wrote the software (in fact the developers may have been using a third-party library for syncing time with GPS and that library didn’t take the rollover into consideration).

As a general rule software doesn’t age well. The more complex a piece of software is, the worse it will age (obviously exceptions to the rule exist). So software written to control a specific process in your engine may age fine, but software that handles time synchronization (a surprisingly complex task) will likely age poorly. This is why software patches exist. However, when you combine increasingly complex software with systems that cannot be updated or will not be updated after a specific period of time, that product, if it’s dependent on software, will have the same life expectancy as the software. In the case of the Honda vehicles mentioned in the story, the rest of the vehicle is able to operate properly even if the time synchronization is broken. But if a system depends on an accurate clock, then improper time synchronization will break that system.

This is why I prefer to avoid systems that are reliant on software unless I only plan to use the platform for a specific period of time or the platform is open to user modification and the software it depends on is open source.