No internet required. No Linux powered microcontroller required. My bed couldn't get hacked. I slept in comfort.

Let’s assume I have some sort of motor disability: it could be anything from Parkinsons to quadraplegia. Having a bridge out to a common controller that maybe works on speech or some other standardised input method that works for your disability is a massive benefit. And avoids having to deal with the complexities of each individual products’ inability to meet your own accessibility needs in different ways.

So much smart home stuff is basically pointless to those of us fortunate enough to have currently able bodies, and a lifesaver to the rest.

What manufacturers like about cloud enabled devices is that they can automatically upgrade the firmware and they can get semi-accurate counts for usage.

I presume you personally could set that up. I probably could too. But 99% of the world isn't tech experts and can't do that. Or fix it if something goes wrong. Even if you can, you might just want to go to bed and not have to debug a broken assistant integration first.

The benefit of cloud integration, for that 99%, is that there is a professional out there to keep it working.

I got a fancy new one a bit later with an adjustable frame and remote control and all that... $2200, and even that felt crazy expensive!

1. That's exactly why I prefer a plain old analog mattress that needs zero tech or support from anyone ever

2. Even with that being the case, for the average consumer who wants an electronic/controllable bed, it's still a better deal than anything that requires a custom home automation setup. Check out the prices for hiring somebody who can actually troubleshoot that.

What they like is that they can charge you a recurring subscription for "service"

I prefer to think "How can this be used against someone" because while there are a lot of "smart" devices that can help people, they are often also being used to exploit those same people by collecting massive amounts of data and using that data against them or selling/leaking it to those who will use it against them, or allowing hackers to gain access to their data/network.

People with a disability or those with accessibility needs shouldn't need to give up their right to privacy or security to take advantage of every technological advance that might make their lives easier. Even people without a disability don't need some company collecting a detailed record of when/how often/how long they have sex, or how many nights they sleep alone, or what days/hours they spend in bed, or what times they go to sleep or how much sleep they get.

Devices should be designed to protect users and not to collect as much data as possible, or push ads, or expose them to hackers.

They may care in a passive sense -- the same way that most people care about social causes. They (myself included) agree that some situation is bad, but they don't inconvenience themselves improve the situation.

As an example, many people have some story about creepily being shown ads after talking about something with a friend. It's concerning to them, but no action is taken.

Extending this idea to how devices operate or are maintained it seems like we're still in a nascent stage. I benefit from a few smart devices but even in a very simple setup, things fail sometimes and then I have to fix it. My mom might benefit from some of these things but she feels better off foregoing the benefits because resolving any issue would be far more costly or impractical.

Unless these devices respect their users, they're simply profiteering off of the disadvantaged, which in my mind should be just as rage inducing.

A bridge to a common controller doesn't need an applications processor with millions of bytes of memory to run millions of lines of code to change the firmness of a stupid mattress. Stop using hammers to solve all your problems, other tools exist.

Kinda interested just to see what the parameters of this are like. Is it using PubkeyAuth or just password? Is it tunnelling home via ip or dns?

If everything is just right, I can imagine the setup for the most hilarious DNS hijack in human history.

In the immortal words of Homer Simpson. Bed goes up. Bed goes down.

Wired: Since Sleep Number beds get tied to orders, break into Sleep Number, find your target, SSH into their bed, and pivot into their home network to steal their crypto wallets.

After all, everyone always hides their money under their mattress ;)

Shouldn't bed owners sue them if they haven't been warned of that fact prior to purchase? Getting illegitimate access to your network and backdooring it is criminal offense right?

Then I got to a picture of an apparently real "Number Sleep Hub" and my mind was blown. WTF are we in a timeline so weird that there are two companies making water cooled beds, one is called Eight Sleep and the other is Sleep Number? It's like the RNG for this instance had a bad seed.

I sure hope these beds have tactile controls you can feel and use in the dark, and don't require pulling out a smartphone in front of your face while trying to sleep to adjust them, because bed/matress manufacturers for sure must know what is good and bad for sleep quality

As a night shifter it’s completely life changing in allowing me to sleep comfortably during the day. 100% worth the price to me

Fortunately I can just use the ESPHome Bedjet module (https://esphome.io/components/climate/bedjet.html) and just yell out in the middle of the night if I'm too cold.

[0]: https://github.com/bobobo1618/ninesleep

Don't get me wrong $2-4k is steep, but if it's a one-time for a decade or so, that's reasonable. But $4k plus you want $25/mo? Just fluff right off.

But yeah part of it is like, it's really weird. If you asked me how much consistently better sleep would be worth, the answer is how much do you want?

But phrase that as "Bed as a service" and my reflex is "you're kidding, righr?"

Get to bed early, sleep cool, don't use an alarm? (also don't work shifts)

After all, it is just a couple of pumps, a heat pump and/or a resistance and some sensors.

I slept on inflatable mattresses for years, until the company making them started outsourcing to China and the seams on the internal baffles broke on two mattresses.

Of all the possible timelines, we live in the dumbest. What was wrong with a plain old bed without 1GB of RAM and a full OS running on it?! It is the same everywhere. Finding a washing machine that was not WiFi-connected was a chore and I dread doing it again in ten years.

As a person who's broken into O(1000) "smart" devices (for fun and for profit both), I do not want them in my house, and avoiding them is getting harder due to insanity like this linux-running bed! Please make it stop!

Reduce / reuse / recycle -- in order of importance.

I agree with fixing older stuff. I buy used frequently. Estate sales are my lifeblood. If you can't fix it you don't own it.

seems like a pretty good torture on multiple levels

TBH, I wouldn't trust a custom hardware chip that can decrypt the traffic and have it last for the life of the product.

No?? When was the last time you spoke to another human being about this topic? Has any other person in your life seriously told you that they like having to download a smartphone app to set up their soundbar? Have you managed to fully insulate yourself from the broader world with a circle of dead-eyed freaks that gleefully spend their free nights registering their appliances online and reading end-user license agreements?

In the past, you needed to first buy this weeks TV magazine. Or if you got it by mail, find it between all the other magazines. Then, skip all the ads and find the schedule, in there find the program you're looking for. Now you either need to figure out the exact time slot the program airs, or some EPG code. This data now needs to be entered into the VCR. Either find the remote, or knee in front of the device. Enter the code using a rotary encoder, digits 0-9 and a few buttons, or a mixture thereof.

In both cases you need to set the receiver to the correct program before leaving the house, else the SCART-connected VCR wouldn't get the video signal. Also you'd need to hope the EPG sent by the station is updated properly - we often had some part of the recording missing, or the recording started to soon/stopped to late. I hope you did put in the correct tape and remembered to rewind it. (I'm ignoring that a modern "VCR" would store the video in the cloud and not need all of this; or a hybrid would at least get the video stream via IPTV and put it on a HDD).

Try speaking to other humans about this topic, they don't want these "good old times" back.

Also, apps suck because they are mostly always horribly made (they don't need be, but they often are, because the product needs to be cheap); and I hate being forced to use the cloud and have my hardware not work anymore after 5 years because someone decided their Amazon bill is becoming too expensive. Did I mention I don't want my data to be sold to virtually everyone - errr, I mean "shared with partners"? So I either buy things with local control, or no smarts at all.

I just had to pick the start time, the end time, and the channel the VCR need to be on to record. If i wanted to be fancy, I could pick the tape speed as well. VCR did the rest, as long as the time was correct (but really I just recorded for a minute or two on either side.)

Program guide was always in the sunday newspaper as its own booklet or in the daily newspaper.

of course we'll also sell all of that data so we can send you an ad for new bamboo sheets to keep you cool. or any thing else from anyone else that offers us money for the data

This reminds of the 2005: "phones shouldn't support texting. people should just call" vibes.

Personally I'd much rather the damn thing just have a built-in display with hardware controls.

Which is in fact a standard feature on many consumer routers now.

What we're missing is a "local only" directive from the EU to get manufacturers to play ball for the common man.

No, it's making devices "smart". There doesn't need to be a wifi-connected computer inside a washing machine, cooker, or fridge. In fact all these things can run without a computer in them at all, and they're arguably better for it.

I of course agree with you principally, I don't want smart devices, but it's not very malicious to have a sleep number bed sitting unconnected...

We're in the era of measuring yourself for better outcomes. A century ago we figured out antibiotics. Big gains. Then we figured out a lot of other pretty obvious diseases with pretty obvious cures.

Now we're down to the complicated subtle things. This bed is running Linux so it can tell you how you slept. If you're sleeping poorly it has all sorts of mostly mild negative effects. If you know about them you can do things to fix them. It's doing a low-grade sleep study on you every night. That can be valuable information.

>avoiding them is getting harder due to insanity like this linux-running bed

Sleep Number beds cost several thousand dollars, I think you'll be able to avoid them just fine.

Totally false. Any gains from micro optimizing people's sleep are wiped out by the constant mind pollution of social media. We are in an era of constant distraction.

The problem with activists is so many of them are foolish and just like complaining about things. Go find an actual problem to solve.

You realize the cost of the chips in the bed are a lot less than the cost to even ship a mattress right?

If I told them they couldn't have a coal-fired home blacksmithing setup "for the environment" then this would seem unfair.

But a 10c microchip? Suddenly this must be evidence of excess! (Even though the price represents that fact that it's a staggeringly efficient use of resources that also has supply-swappable carbon impact).

* sleep number beds have sensors in them that detect heart rate

* they do this by detecting pressure differences in the air mattress

* these are effectively microphones, right? and quite sensitive

People, stop spreading this BS.

Just like those stickers that say "warranty void if removed" are not legally enforceable, nothing "automatically" invalidates your product's warranty except misuse or poor maintenance.

If your Smart Bed stops working, you having poked around in the controller does not relieve the manufacturer from their warranty obligations (including implied warranty.) The onus is on them to prove that you damaged it, subjected it to "unreasonable" use, or did not properly maintain it.

You fry the bed's brain trying to hook up a JTAG when you accidentally bridge 5V to a 3.3V logic circuit? That's on you.

The controller fails because the power supply blows? The fact that you installed a JTAG header, googly eyes, and painted it pink is irrelevant. They need to fix your shit.

Even if you modify the firmware, it's on them to prove your modifications caused the failure.

Would you expect to have your laptop's warranty invalidated because you use it to game (which generates lot of heat)? Of course not. How about if you install Firefox? Or install Linux? Again, of course not. So why do you think the rules change just because a device is "dumber"?

So yes, to the conspiracy theorists it may look like a secret backdoor -- it sorta is. But in many cases I bet it's just a safety net for developers and support to fix things.

I speak for myself and my own experience working for $oldjob. Other companies or countries may of course use this differently. And of course companies get sold and such so you'll never know.

I’ve developed Linux devices selling that many units (and more) and I’m baffled that anyone would think this is a viable way to handle things at this scale.

Units like this should have a firmly read-only Linux firmware that can only be changed by signed updates. The only data you would actually get or modify is the diagnostic data or the contents of the settings. Both of those can be sent through mechanisms that shouldn’t require SSH access.

The correct way to handle this is with a debug info feature. Put something in the app that will zip up logs and configuration files and send them in for support, with the user’s explicit permission obviously. If you can’t figure it out from logs, you can use their config files to clone the situation on a device in the office.

The bigger issue is: Who are you going to task with SSHing into customer devices? With 100K or more people filing support requests, it would be insane to have engineers handling those requests with anything having to do with SSH. It would be equally insane to hand off access to customer support people and give them the keys to SSH into customer devices.

At the time I inherited a system that had 30-50k units deployed and was updated via Debian/APT. Older units were running Ubuntu 10.04 (it was 2016) and were hopelessly outdated. We managed to pull every single device to Ubuntu 16.04 and designed a fully automated image based update mechanism for them (I've linked it in other posts). We tried for read only base systems, but it was too tricky, so images stayed read-write, with migration of configs across upgrades.

At the time, customers even had access via SSH (similar to NAS devices these days).

I think what you are describing works for well defined hardware with a medium complexity software stack, or at least something that is limited in terms of epipheral device usage.

The appliance I was managing was heavily using raided disk, ZFS, loops, dmsetup, and many other Linux tools that we have all seen fail in horrible ways.

Not having SSH access, and not being able to diagnose lockups or hanging progress (D state issues) in a live system would have severely crippled us in being able to fix these issues. Many of them I'm sure we would not have been able to. We had failing disks, slow disks, failing RAM, hanging loop devices, corrupt loop devices, hanging ZFS, hanging ZFS, hanging ZFS, many of its bugs we fixed upstream, and and and...

On top of that, we had a "bring your own device" product that literally allowed people to use whatever hardware they want. That makes the read only firmware thing ever trickier.

As said in the beginning, I agree with you in principle, but there are many cases in which it's not as black and white. And I can fully understand the rationale of providing remote access.

Side note: I would have never expected to be down voted on HN for expressing an opinion in a respectful manner about a subject that I have knowledge about, just because it is the "unpopular" opinion. On Reddit, I'd expect to be downvoted for something folks don't like, but on HN in thought the button is just for use against trolling and such.

Auto-update is de facto isomorphic with remote access capability but that doesn't mean you should have a remote shell. At most, maaaaybe a way for the customer to enable a shell for developer support.

Otherwise, a/b setup to avoid remote bricking, DFU or whatever current standard for customer driven unbricking in exceptional cases. But really, test all the forward and reverse update cases and keep a handful of samples of all shipped hardware so you can make sure everything actually works, and you can figure out how to fix it when you mess it up. Always test upgrades starting from factory fresh with all the versions you ever shipped from the factory. (I've run into products where several updates in, version X would work or not based on the original version from the factory forever ago because of original config or something that didn't get migrated properly but never caused problems until recently).

That said, this current situation of an always-on SSH connection/backdoor is just begging to be exploited by an irate employee, curious intern, or worms. It's impossible to know what sort of safeguards the vendor has in place, if any.

Putting a lock on a nuke is good, but not building the nuke at all is better.

> The hub includes Python 2.7.18. While extremely old (keep in mind the Hub appears to have been last updated in 2018)

If we give them the benefit of the doubt, perhaps they intended to to keep it up to date but ultimately compaines need to either be transparent about their remote access and manage it responsibly, which includes keeping the system patched, or give up access

I've got several programs stuck in 2.7.18, as they have sizable dependancies that never got updated to Python 3 -- unless I'm willing to rewrite several large Python packages, I'm stuck here forever. As long as the program isn't network connected, I don't see a problem with fixing a Python version, and set of packages, and leaving the software running forever.

I am not defending them for not keeping their stuff up-to-date, but it is very common practice for embedded systems to be hopelessly outdated. I've done what OP describes with IPMI/BMC systems for $mainboardmanufacturer1 and $mainboardmanufacturer2 (both really big name brands), and their BMC systems were equally outdated. It was almost comical, but really sad at the same time.

Moral of the story is to firewall things off really well, I suppose.

At $oldjob, I designed an upgrade mechanism to do A/B image updates so things were always up to date, or at 2-3 weeks out of date. See [1].

For small embedded systems that do not have enough space/bandwidth, this may not be feasible though.

[1] https://blog.heckel.io/2019/09/18/image-based-upgrades-upgra...

Even where not intentionally hostile, not intentionally privacy invading, not trying to fetch updates so it can show you more ads, not… most of this stuff is so hopelessly out-of-date and full of security vulnerabilities it’s only not hostile out of luck.

I don’t connect anything to WiFi unless absolutely necessary. And by that I don’t mean “the device demands it” (I just won’t buy the damn thing) but “it’s a core part of the functionality I’m asking of it”. I’ll prefer zwave/zigbee, Bluetooth, or something else wherever possible when communication is required. (If I were forced to use this bed and it had no manual controls I would definitely have used Bluetooth, avoiding this whole issue.)

And even for the devices that do get a WiFi connection… they run entirely isolated, on a separate SSID and VLAN from my normal devices and traffic, and with a whitelist for what traffic is allowed.

As far as I’m concerned the only difference between this bed and the other devices is that we know about the issues with this bed. We have no reason to believe that the other devices are any better, and in fact a pretty large body of evidence suggesting that they’re probably not.

This is what I do today, and honestly I'm about to give up. We lost. Trying to get stuff like airplay / DLNA to work via mDNS is already impossible across subnets, and telling family to switch networks if they want to control X with their phones is just a shit solution. I have to disable 90% of my vehicle's "infotainment" screen to not feel spied upon, and which breaks the app I can use for remote starts, etc.

Maybe when the "Mega-Hack of 2025" happens and all IoT devices go nuclear something will change. But for now, if you buy a device it expects to be on one giant /24 and anything different creates problems. I'm starting to spend way more time than I want maintaining all the various pieces of networking glue that keeps my devices and home automation functioning. It's no longer fun, and I'm tired of fighting it.

I still have an ancient sleep number bed, with no connectivity. It's leaking, and old enough to drink. I'd like to replace it, but still can't bring myself to do it because of articles like this.

I've never felt more like Abe Simpson yelling at a cloud.

Er, I mean okay, well at least they're budget friendly....

Well at least they don't have an ssh server constantly running in the background or something

Ideally you would have a backdoor on the device thats open only to the local network. User runs an app on their PC, provides willing consent for someone to complete a support task by providing an OTC to the engineer. App goes and discovers the device, and hosts the session for the engineer. If the user cant perform such a task they can probably buy a device with one button on it that will, or pay for a callout or return.

As if they're at a lack of options when it comes to addressing problems on the world stage like this. Stuxnet was both an exceptionally morally lazy and destructive act.

As an American citizen, I genuinely wish my government did NOT do that.

Except it didn't do that. It was found in dozens of networks in multiple countries. The vulnerabilities were discovered by other actors and used for other purposes.

The amount of collateral damage done here was far greater than the value of the initial operation. Importantly there were multiple different ways to achieve this particular outcome none of which required us to abuse vulnerabilities or release dangerous software to exploit them.

> This is just the state of software development/management we live in now.

Yes, and I think it's morally backwards, and I regret it.

> I really feel one of us have misreading of the situation.

I simply refuse to accept the intelligence agency marketing view of this action. It was incorrect. There were other less morally conflicted ways to solve this "problem."

In fact it would be extremely surprising if they didn’t have that list.

W. T. F. !?

Anything sufficiently complex (this bed: https://en.wikipedia.org/wiki/Sleep_Number#Sleep_Number_Bed) is going to have a microprocessor, and it makes sense to have an OS that lets you interact with it via a serial console, with Linux being the cheapest and most commonly supported OS in that context.

Still, imagine an uninflated mattress half under the actual mattress, inflated at midnight to tip someone out of bed.

Juvenile college humour, yes. Market size low but likely non zero.

Not only do they run an SSH server on their embedded Linux device but the entire Linux component is unnecessary. All it really does as far as I can tell is act as a bridge between an STM32 and a process long-polling AWS for commands. They could have achieved the same thing with less cost and complexity with an ESP32.

Also bad: they engineered it maliciously, making it completely and unnecessarily dependent on the cloud. All the sensor data is streaming in real time to the cloud and the only way to send it commands is through AWS.

If a Chinese company did this, the company would be cancelled.

In fact I'll be shocked if their product isn't blown out of the water in a couple of years by a Chinese copy that can function entirely offline and despite that massive disadvantage, can implement advanced features that Eight Sleep charges $200/yr for, like an alarm clock.

Thankfully their nonsense resulted in it being pretty easy to hack. There's a GitHub project to replace parts of the firmware.

It's worth noting that this is the first time I've ever heard of this company in my life. Something can't be "cancelled" if it has no mind share.

Why would they unnecessarily add local processing capabilities to their data collection tool? The entire point was collecting the data.

Are you even taking care of yourself if you don't have one?

Okay no but seriously, a smart bed that helps you get really good sleep at night so you wake up rested and ready to face the whole world may not be your cup of tea, but that's what they're selling. You could get that without all the technology, but what's the sleep company going to do with the data? Know that you sleep at night? What's the privacy danger in that?

Then don’t buy this specific bed?

These features are part of why people buy this product. Nobody is accidentally purchasing this as “just a bed” and then discovering that it has an app and smart controls as a surprise later.

> And why does my bed need that? It's a bed.

This is a very dishonest take. If you don’t understand or don’t want the product, then don’t buy it. But the smart controls exist because people (other than you) want them.

Even back then (2008-201?), it was common for companies to use Windows CE on IOT devices

I tried an IP address from the USA and another from Canada, and both worked correctly.

The message you get when you're blocked is:

  Sorry, you have been blocked
  You are unable to access dillan.org
  Performance & security by Cloudflare

  Why have I been blocked?
  This website is using a security service
  to protect itself from online attacks.
  The action you just performed triggered
  the security solution. There are several
  actions that could trigger this block
  including submitting a certain word or
  phrase, a SQL command or malformed data.

I wonder why they think that Brazil and other countries shouldn't be reading this site? Is the owner of the site able to geo-target which countries he wants his site to be shown in via Cloudflare?