Tag Archives: Amazon Key

Another Brilliant Notion

Posted on by

Before I get to today’s main topic, a little bit of housekeeping, loosely following Tuesday’s post.

I will be attending the Scott Joplin International Ragtime Festival again this year. There’s still time to make your own plans to attend. What better way is there to spend a weekend than listening to great music performed well? In addition to the music, there will be dancing; symposia on ragtime, it’s precursors, and successors; and tours of Sedalia.

And yes, there will be copies of TRTT for sale. I’m not currently planning on a formal signing–though I’m certainly open to the possibility–but I’ll be happy to sign your copy*. I recognize most of you have been resistant to the idea of distributing copies to friends and relatives, so how about an alternative plan? Get ’em for people you don’t know–the possibilities are endless:

  • Send one to Donald Trump. He won’t read it, but maybe dealing with thousands of copies will distract him from tweeting for a few minutes.
  • Slip one to the opposing pitcher before the next ballgame you go to. Who knows, it might distract him enough to give your team a chance.
  • Give them to Scott Pruitt. He needs something cheerful in his life right now. And if he gets enough copies, he can use them to build himself a privacy booth at least as good as the one he made with the sofa cushions when he was a kid.

I’ll be happy to sign any “Strangers and Enemies” copies too. And I’ll add a personal message of your choice!

* I’m still unsure how to sign ebooks. Suggestions welcome!

Admittedly, the weather in Missouri in June is a bit on the hot and muggy side, but for those of you east of the Rockies, it’ll be a nice change from the snow you’re still getting. And better June than September, right?

So I hope to see a few of you at the Liberty Center and around Sedalia between May 30 and June 2.

Commercial over, moving on.

By now many of you have probably heard that the amazingly ill-thought-out Amazon Key program is expanding. If you don’t want Amazon unlocking your house and putting your packages inside–and who would?–they’re now going to offer an alternative: they’ll unlock your car and put your package in the trunk.

Which is, at least by comparison with the original offering, not a bad idea.

Despite San Francisco’s well-publicized problem with smash-and-grab auto robberies, your chances of having your car broken into are probably no higher than of having your house robbed. Assuming, of course, that nobody is following Amazon delivery peons around their routes and texting car delivery locations to a confederate.

Anyway, the service will be offered in conjunction with GM and Volvo initially, and then expand to other makes later. Trunk delivery will also require a recent model with online connectivity, i.e. OnStar.

Which brings us to my major complaint about this iteration of Amazon Key: it’s a reminder that we don’t really own our cars anymore. Ownership should mean control, but a modern, connected car sacrifices control. The manufacturer–and potentially dealers, repair shops, police, and others–can unlock your car, disable features, and display advertisements at will.

Yes, I’m talking capability rather than practice, but policies can change. Once the hardware is in place to, for example, show ads on your navigation screen, you’re never more than one manufacturer-controlled software update from not being able to turn the ads off.

Or one bug–or hack–away from the car failing to recognize the remote relock signal.

That’s true whether you use Amazon Key or not, of course.

Not Just No

Posted on by

Not just no, but hell no. I’d use an even stronger word, but I try to keep this blog within shouting distance of being safe for work.

As anyone who reads this blog regularly has probably guessed, I’m talking about the just-announced Amazon Key service.

For those of you who haven’t heard about Amazon Key, it’s the Big A’s take on an idea Walmart introduced recently: a way for delivery people to put your packages inside the house, so they can’t be stolen.

Walmart’s version, by the way, is a little creepier: they’re offering the service for groceries, and it includes putting them in your fridge. For now, Amazon Key seems to be limited to setting your packages inside the door and leaving it at that. I say “for now” because it’s apparently their way of getting a foot in the door (sorry) and will be expanded later to offer services such as dog walking and housekeeping.

The way the service will work is relatively straightforward: you (well, not you, because I hope everyone reading this blog is smart enough to give Amazon Key a pass) buy a particular Wi-Fi camera and smart lock. Once they’re installed, if you don’t answer the door, your friendly package delivery peon can contact somebody at Amazon HQ, who will remotely unlock the door. You get an alert on your phone and can use your phone and the camera to watch the peon put your packages inside. Presumably the door will lock again when it’s closed.

Amazon claims they’ll be vetting the delivery people. That’s nice. They also claim to vet the current delivery people. You know, the ones who park in the middle of the street and hurl packages over the fence. (A side note: since I wrote that post, I’ve seen several female Amazon delivery peons. Most of them were accompanied by males who were, unlike the women, not wearing any Amazon logo-bearing clothing. Does Amazon also vet those security ride-along people?)

Amazon also says they’ll be carrying insurance to cover you against delivery issues, property damage, or theft. That’s nice. They also explicitly warn against using the Amazon Key service if you have pets who might come to the door. So, clearly they don’t think the insurance will cover lost pets–nor do they want to deal with lawsuits from their gig economy, vetted delivery peons seeking to make the Big A responsible for their dog bites and/or allergic reactions.

But leave that aside.

Remember last year, when a researcher found that “twelve of sixteen locks he bought at random had either no security or absolutely horrible security“? I’ve seen nothing to make me think matters have improved in the last fourteen months. Granted, Amazon is better than many companies about issuing software updates to products they sell under their own name. But it’s not entirely clear to me whether the lock will be Amazon-branded, let alone Amazon-built.

Then there’s that camera. Look back another year, when reports were going around about baby monitors. At that time, nine out of nine popular baby monitors were found to have serious security flaws. Don’t think camera manufacturers have improved their security in the past two years: cameras have been prominent contributors to the waves of zombified Internet of Things attacks we’ve seen in the past year, beginning with last October’s Mirai malware-controlled mess.

But leave that aside, too.

Suppose everything works perfectly according to Amazon’s plan. Amazon is already a huge target for hackers. Do you think giving them the ability to remotely unlock doors will make them less of a target? Do you believe their security is that much better than, say, Target? Experian? Hell, a quick Google search should remind you that the National Security Agency can’t keep their own data secure.

As far as I’m concerned, a massive security breach at Amazon exposing the personal information of millions of customers is only a matter of time.

I’ll pass on Amazon Key, thanks. I hope you will too.