Dear Google; Next Time You Invade My Home, Could You At Least Knock? (updated)

So I wrote a post back in February musing about the potential security risks posed by Google’s newly acquired NEST Thermostat and PROTECT smoke detectors  (http://strongviewslightlyheld.willowblish.com?p=535).  Its only April and we’ve had our first major home intrusion.  The irony is that the invader was Google itself.

We have 3 of the smoke alarms and one thermostat in our new place.  The key reason we bought the smoke alarm was their “wave to silence” function.  Basically they, they give you a warning in a pleasant recorded voice and a wave of your hands under the device is read as “I know there is smoke I just burned the toast its all good please don’s scream like a banshee and force me to fiddle with tiny, poorly marked buttons before just pulling out the battery because you are just going to go off again.

It turns out the wave to silence function works a little too well.  To quote Nest’s CEO letter.  ”we observed a unique combination of circumstances that caused us to question whether the Nest Wave (a feature that enables you to turn off your alarm with a wave of the hand) could be unintentionally activated. This could delay an alarm going off if there was a real fire.”

All well and good.  They are working on a fix and it should be ready in a few months.  But what  happened next was disquieting, dumb, and downright creepy.  NEST reached into my home via my own Wi-Fi signal and disabled the “wave” feature on all of my smoke detectors.  No notice whatsoever.  We never got an e-mail to our (registered) account.  (I finally found the NEST e-mail in my SPAM folder.  Which is odd given I had signed up and gotten a “welcome” e-mail so the NEST e-mail address should have been on my whitelist.  Splitting hairs here, but that speaks to poor e-mail identity management by NEST.)  We did not get any visual or verbal indications from the devices themselves.  No notice at all.  The first I hear of it was via Google News and a forwarded e-mail from a friend.

Practically speaking, this might have been the “right” course of action.  And NEST’s lawyers were probably screaming that NEST would be liable if they had the means to automatically disable that function and didn’t use it.  All well and good BUT…

  • NEST could have at least sent out a notification e-mail THAT DIDN’T END UP CLASSIFIED AS SPAM.  They have our e-mail address and had already been listed as a valid recipient when I got my welcome e-mail.
  • They could have also have sent out a smartphone notification (I HAD to install the NEST app to configure them).
  • They could have at least put the news front and center on their website (It took three clicks and some digging around towards the bottom of the page to find their official communication on the subject).

Most importantly, they should have explained the hows and whys of their decision to come into my house and start messing with the appliances.  With some assurances of what they can or can’t do.  And what they will or won’t do.

As it stands, I have 4 devices in my home with significant sensor capabilities.  They can sense when we are here and when we are not – is that with a motion sensor or a microphone?  What are they recording and to whom is that data going?  It is now painfully clear that I did not actually gain ownership when I “bought” them.  NEST clearly thinks (and acts) like they still “own” them.   They are no more “mine” than a cuckoo’s eggs.  I am just the gullible host for their centrally coordinated flock of autonomous offspring.

None of this is to say that I necessarily object to the practicalities here.  The problem isn’t the outcome, but how NEST/Google went about it.  I am left with a profound mistrust of these devices.  Will I spend the money and time to rip them out?  Probably not.  Might I take them off the grid?  Quite possibly (more on that below).  Will I be recommending them to friends?  Not with a long list of caveats.  Will I be writing negative and fairly annoyed blog posts about it?  Eyup.

*Taking Nest’s off the grid.  My NESTS’s are all connected to our home Wi Fi network.  In fact, they MUST be connected to WiFi to work properly (see below).  Turns out I was wrong on this, as pointed out by Roy RUssel in the comments who is clearly smarter-than-I-am-and-probably-actually-read-all-the-instructions-like-I-keep-planning-to.  His comment “Oh, and the NEST devices communicate with each other via 802.15.4. Probably needed for the battery-powered devices, and it still works without a connection to the Internet via wi-fi. http://support.nest.com/ca/article/How-does-Nest-Protect-connect-wirelessly

So the good news is that I can just change my router password and lobotomize the smoke detectors.  BUt that means changing a lot of other WiFi device passwords.  Or  I just wipe the NESTs and re-install.  The re-install remains a major pain in the ass.

Happily, I have a spare WiFi router lying around.  The obvious solution is to turn that on WITHOUT connecting it to the Internet and then connect all the NESTS to THAT WiFi signal.  That way they can talk to each other, but they can’t get out of the house.  And that keeps NEST/GOOGLE from getting in…  I am likely to do this, but dreading it because the install process is a raving pain in the ass.

**  NEST Install is a Pain In The Ass & Weirdly Dependent on WiFi.  To be up to code, newly installed smoke detectors need to “talk” to each other (so an alarm in one sets off the others).  This is done with a wire for traditional devices.  We have that wiring installed.  The NESTs, however, do not provide a wire to make that connection.  It turns out they use their own proprietary wireless protocol.  Given the NEST team’s origin at Apple, it shouldn’t be a surprise that they have deliberately refused to play well with others.  My bias is to indulge that isolationism by installing any future NESTs as un-connected “islands” and relying on more open protocols for any whole-house systems.

Per the above, this bit is wrong.   NEST’s. however, will ONLY use Wi-Fi for that interconnect – there is no lead for the hard-wired house interconnect wiring.   This is clearly less safe and less reliable.  If I have a power outage, my router goes out and my (otherwise battery backed up) smoke detectors go blind?!?  Lets not even get into the ways that wireless is less reliable than wired.  Or the lack of future proofing in relying on WiFi on smoke detectors that could be installed for @30 years.

Even more annoying (and unsafe) is the surprisingly clunky and annoying set-up.  First of all, it REQUIRES that I install NEST”s app on my smartphone (which presumes you HAVE a smartphone otherwise you are stuck).  But the only way to register the devices is to climb up on a ladder, take the thing off the ceiling, try not to dangle it from its electrical leads, and take a “picture” of the QR code on the back of the device.  Or type in the code printed (in tiny type) on the back.  This all has to be done ON the ladder if your devices are hard-wired as ours are.  Then you go through a weird song and dance of button pressing on the other already-installed NEST’s to create that interconnect.  This went OK for two of our devices.  The third one took multiple tries.

This install is a major pain.  It also creates a long-term safety risk.  I need to repeat this exercise every time I change my router password or upgrade/replace my router.  This is one reason I haven’t taken the things offline yet.  But what happens if I sell or rent the place?  A buyer might go through the effort to re-connect the NEST’s to his/her WiFi.  A renter?  So I guess I can do it (which means the renter would need to give me his/her router password which is weird and creepy).  Or, more likely, that interconnect feature remains but the ability to control the devices is lost over time.

What is most annoying is that our on-line NEST account does not offer the means to save the device ID’s.  I SHOULD be able to change the connectivity settings and router password online, then hit a “commit” button and have the devices re-boot with the new password.  NEST’s recent invasion of my home makes it clear that functionality is available.  But NEST apparently wants to keep that for itself and isn’t willing to share that with me, the ostensible owner of the device.

*** NEST Review:  Like the Smoke Alarms.  Thermostat kind’ve “meh” so far:

We do like the smoke alarms.  Actually the feature we have appreciated most is the “night light” feature that gives off a nice glow when you pass under them in the dark.  We have one in the kitchen, but have had no false alarms or need for the wave-to-silence function so far.  I take the lack of false alarms as a sign they are well tuned.  I am not sure I will put them in the new house given the install and lack of hard-wiring.  I would probably put one in the kitchen as a stand-alone insurance against kitchen fires with wave-to-silence for burned toast.

The thermostat has been meh so far.  The auto-learning function probably works well for people with regular schedules, but it hasn’t coped all that well with us so far.  I haven’t tried to program it manually yet.  The on-device scheduling system is tedious and the on-line scheduling system isn’t much better.  Most glaring is the lack of any easy way to set up a standard program timing that runs all 7 days of the week.  You have to enter times and temperatures for each day individually.  My take is that NEST made it intentionally difficult so you’d just default to the device’s auto-learn function.  Which would be fine it it was auto-learning but…

Also the device looks pretty cool, but it sits on a bigger (and ugly) plastic white mounting plate.  That doesn’t show up in the ads because it CAN be mounted directly to your drywall if your HVAC guy knows to cut a much-smaller-than-standard size hole and electrical box for the wiring.  Ours didn’t so we ended up with the ugly plate.  And no on-line options for less ugly or paint-able plates….  And we didn’t really want to DIY our own drywall repair.  At least not yet.

Conclusion:  Concerned about the smoke detectors as a whole house solution and ambivalent about the thermostat.  But do like the stand-alone smoke detector as a kitchen fire solution….  Elsewhere I figure the alarms aren’t going off unless there really is a problem.

Share Button
This entry was posted in Tech, Telecom, Markets, Macro. Bookmark the permalink.

9 Responses to Dear Google; Next Time You Invade My Home, Could You At Least Knock? (updated)

  1. Roy Russell says:

    I got that same letter and I was struck by the missed opportunities for engaging with their customers. I wasn’t annoyed like you were at their reaching in and turning off a feature but I was annoyed at their attitude. They are in a position to encourage plenty of positive behavior change and if this is the way they do it then they won’t succeed. I’m sure NEST also has a lot of word-of-mouth referral from customers who like their cool looking and working products. (I am personally responsible for installing several at my parents’ and mother-in-law’s houses.) They need to work on trusting their customers more, it will pay off for them.

  2. Roy Russell says:

    Oh, and the NEST devices communicate with each other via 802.15.4. Probably needed for the battery-powered devices, and it still works without a connection to the Internet via wi-fi.
    http://support.nest.com/ca/article/How-does-Nest-Protect-connect-wirelessly

    They may still require setting up via wi-fi though.

    • Steve says:

      I had no idea. Thanks very much for the correction I will update the post. And makes sense once you think about the legalities involved if the system did go down without WiFi. Although I will count it as another communications failure that NEST didn’t make that no-WiFi-required function more obvious. WHich I think goes back to them wanting access to the device. May thanks for the correction!

  3. Mahlen says:

    “Or the lack of future proofing in relying on WiFi on smoke detectors that could be installed for @30 years.”

    According to FEMA , smoke alarms should be replaced every 8-10 years.

    http://www.usfa.fema.gov/citizens/home_fire_prev/alarms/

    • Steve says:

      I wonder how many people actually do replace the things ever…. (grin). I would guess the real installation life of a smoke detector is whatever the period is between major home renovations – which is probably closer to 20-30 years. But a very good point regardless. Thank you!

  4. David Phillip Oster says:

    My experience was very different then yours. I photographed the smoke detector before I installed it, top and bottom, so I never have to unmount it to read a QR-code. (Also the number is on the box.)

    The old thermostat was screwed directly to the drywall, so the new one sits flush in two of the old screw holes, and I just put a bit of spackle over the other two unused screw holes from the old thermostat.

    I did get an email from Nest saying that they were temporarily disabling the hand-wave feature as a safety precaution. Fine with me, as I’d never used that feature.

    For me, the most important feature is a smoke alarm is: don’t bug me with a loud alarm in the middle of the night just to let me know you want me to change the battery. So, I keep the nightlight turned off, to make the battery last longer.

    It was so much easier to tell the thermostat my schedule than the one it replaced. The old one was such a pain that we’d just pick a temperature and press the hold button. With Nest we set a comfort band for when we’re home, and widen it to extremes, to not power up, when we are asleep or away. I like never having to fiddle with the horrible clock interface of the old one, when daylight saving time changes come around.

    • David Phillip Oster says:

      And as for setting a seven day schedule: I don’t mind hitting Copy once and Paste 6 times.

      • Steve says:

        Totally valid, but sort’ve misses the point. If someone is going to charge me hundreds of dollars for a thermostat, I shouldn’t HAVE to hit copy and paste 6 times. The whole point of effective interface design is to NOT ask your users to do dumb repetitive crap like that.

    • Steve says:

      I also finally found the NEST e-mail in my SPAM folder. Which is odd given I had signed up and gotten a “welcome” e-mail so the NEST e-mail address should have been on my whitelist. Splitting hairs here, but that speaks to poor e-mail management by NEST. In general, many of these comments are more valid for someone replacing existing (unwired) smoke detectors on a DIY basis. Although they describe work-arounds that I just don’t think you should have to resort to for a device that costs $234 on Amazon right now. I shouldn’t HAVE to keep track of QR codes. NEST should track them for me. After all, it’s clear they don’t mind stepping into my house to change settings so you’d think they could at least make it easy for me to do the same without having to get up on a ladder. It isn’t like they don’t have the device IDs on record… My devices were installed by the electrician as part of a gut renovation with total replacement of all wiring. That means they are hard-wired into house power. Good news is I don’t have to change the batteries. But I also can’t/couldn’t take them off the ceiling without shutting off fuses and un-wiring them. By that same token, our drywall guys cut a “standard” sized hole for a (larger, rectangular) thermostat into the newly installed drywall. I can (and might) go back and try to fill in, but if NEST came with a more flexible mounting plate…. (paint-able or something attractive like brushed nickel for a few $$ more). But certainly not pretending my complaints are universal or universally shared. Also a quick disclosure that you actually appear to work for Google might have been in order although not that big a deal. Having said all that, thank you (sincerely) for the comment. All feedback (well, most feedback) is good feedback. Really. And you are right that this isn’t that big a deal.