this post was submitted on 02 Sep 2024
350 points (96.8% liked)
Privacy
32130 readers
645 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
A school district spends $180,000 (hyperbole, I don’t know actual numbers) of taxpayer money deploying this system between the actual hardware costs, maintenance costs to install the hardware, it costs to implement it into their network, and probably an ongoing contact with this dummy’s company. Maybe only for support but with the way things are now I’m sure they built this app to phone home to their servers (introducing a huge potential security risk over simply running it locally on the schools existing network infrastructure in a docker or something), calling it “cloud based”, and charging the district 1k/month to run the devices the district now owns and should be able to operate without the company. The company then talks about how they’ll back up records and safeguard data so you don’t have to worry about that (that it dept you pay is pointless!)
Three months after deployment it turns out the sensors can be tripped by many things not related to vaping, maybe increases in heat, mouthwash breath, etc. the false positives are due to a hardware flaw and cannot be fixed with a patch. Feel free to upgrade to sensor version 2.0, now with improved accuracy! (read: the problem still exists but isn’t as bad). Only another 40k to buy the new hardware, rip out the old hardware (which is now worthless), install the new stuff, and configure the software for everything (again, maintenance and IT costs)
9 months after deployment the company is doing poorly because their product is stupid and only a few idiots actually bought it (way to go idiot). There’s concerns because they sent a new Eula that outlines data sharing policies. They are potentially finding ways to harvest the data they agreed to safely store to try and create a new revenue stream to right their sinking ship. District counsel says fighting the Eula change will be expensive and there’s not much precedent for it, plus they state they will anonymize data before sharing so it’s not a ferpa violation, technically. It feels scummy but you can’t do anything about it. You also don’t really trust them to only sell anonymized data but you can’t prove they aren’t crossing that line so whatever, I guess
15 months after deployment they get hacked because they’ve run out of vc cash, never could get an actual profit stream going (turns out they’re spending 750,000/yr on salaries for 5 people and they’re all kitted out with sick work computers for what is basically coding a web app, but I digress). security of their servers was one of the budgetary constraints they chose to make to right the ship (but had to keep the $1800 office chairs and the 15-20k/mo rent loft they use as an office in a hcol area). The contract says this may happen and they’re not responsible unless there’s gross negligence on their part, which you can’t prove, and that they do some bare minimum reactionary shit after the fact to mitigate damage. So they’re legally blameless and now you get to notify your community their children’s data was leaked to god knows who, whoops
22 months after the fact they go out of business officially. You get a form email about the company’s journey and the difficult decision they had to make to stop fucking around on a dumb project that sucks because no dumbass vc will give them fun bucks anymore to keep playing tech bro billionaire. All the sensors stop working because they require a connection to the servers, which they shut off immediately without a sunset period. You’re reminded every day when you log in to the schools admin panel and get 350 “sensor not connected” error messages and your students bitch about the “sensor not connected: server not available” error pop up showing up on their classroom console. It takes IT a few days to remove their shit from the network and that costs you even more money in wasting your IT staff time when they should be fixing the broken computers in the computer lab or whatever.
Now your school has a bunch of weird boxes on the wall. Sometimes people ask you about them and you go “oh those don’t do anything” and remember that they cost taxpayers in your community tens, if not hundreds, of thousands of dollars and wasted hundreds of hours of your supports staffs time that they could’ve been using to improve the school
But then you scroll on instagram and see there’s this new thing that will detect when kids are bullying each other. You just have to put a camera in each classroom. It’s okay, it won’t record. It will just use the power of AI and machine learning. You’re sold right there and the cycle starts again
This sounds about right. My only quibble is about sick computers and web apps. Twenty years ago I felt good because all I needed was a text editor and a web browser. Nowadays, the hungriest apps on my desktop are Firefox and VS Code.
To be fair, 20 years ago your computer would have choked doing 1/10th the stuff either one of those apps do today. Hell, I still remember writing a prank program that would lock up my school computers because I made it beep too fast.
Best comment I've read for a long time
Something tells me you don't really know Docker
I mean like running their hypothetical control software/framework within a docker on a local server. Is that illogical? I do the same for the software that runs my ip cameras with my home server, instead of them needing to connect to some external server.
You’re ultimately right though, when it comes to docker I am at the proficiency level of “can deploy other people’s images” and not so much on the “have bothered to make my own”
My work had something like this to detect drug usage on premises for a while (it was and is a problem still) and it costed like 30k capital and 2-3 opex a year. We had it for like a year and only took it out because there were too many false flags and security didn’t and doesn’t have the staff to be chasing down every alert anyway.
It was neat that on paper it was able to detect different drugs, heroin, weed, meth all flagged different alerts with 2 of those contacting police when detected. Unfortunately it was only like 70% accurate and we didn’t/don’t have enough security staff to use it properly so it’s gone now.
Finally, a local WEEE company gets to make a few hundred bucks selling off the glorified VOC sensors at the end.