Why do most "smart devices" seem to (needlessly?) inject a
proxy into their communications with other devices?

Arguable needs could include:
- vendor wants to harvest usage information
- vendor wants to snoop (gain some advantage)
- vendor wants to act as a bastion host
- vendor wants to supply service enhancements (e.g., DDNS)
- vendor wants to keep device current (laughable)

The first two are clearly not value added to the consumer.

The third *could* represent value -- but there's no way
of empirically knowing if it is actually happening!

The fourth seems trite -- are those enhancements REALLY
necessary? (do you really need to be able to check to
see if your laundry is done while miles from home? Or,
would an alert that finds you on the other side of the
house be more typical -- handled locally)

The fifth could be empirically verified but I'd wager
the number of updates pushed is pretty small. Esp if
you consider how often devices are "no longer supported".

Any other likely reasons?

On 2023-08-01 21:11, Don Y wrote:
> Why do most "smart devices" seem to (needlessly?) inject a
> proxy into their communications with other devices?
>
> Arguable needs could include:
> - vendor wants to harvest usage information
> - vendor wants to snoop (gain some advantage)
> - vendor wants to act as a bastion host
> - vendor wants to supply service enhancements (e.g., DDNS)
> - vendor wants to keep device current (laughable)
>
> The first two are clearly not value added to the consumer.
>
> The third *could* represent value -- but there's no way
> of empirically knowing if it is actually happening!
>
> The fourth seems trite -- are those enhancements REALLY
> necessary? (do you really need to be able to check to
> see if your laundry is done while miles from home? Or,
> would an alert that finds you on the other side of the
> house be more typical -- handled locally)
>
> The fifth could be empirically verified but I'd wager
> the number of updates pushed is pretty small. Esp if
> you consider how often devices are "no longer supported".
>
> Any other likely reasons?
>

- vendor wants to retain the option of billing you

Jeroen Belleman

On 8/1/2023 3:26 PM, jeroen wrote:
> On 2023-08-01 21:11, Don Y wrote:
>> Why do most "smart devices" seem to (needlessly?) inject a
>> proxy into their communications with other devices?
>>
>> Arguable needs could include:
>> - vendor wants to harvest usage information
>> - vendor wants to snoop (gain some advantage)
>> - vendor wants to act as a bastion host
>> - vendor wants to supply service enhancements (e.g., DDNS)
>> - vendor wants to keep device current (laughable)
>>
>> The first two are clearly not value added to the consumer.
>>
>> The third *could* represent value -- but there's no way
>> of empirically knowing if it is actually happening!
>>
>> The fourth seems trite -- are those enhancements REALLY
>> necessary?  (do you really need to be able to check to
>> see if your laundry is done while miles from home?  Or,
>> would an alert that finds you on the other side of the
>> house be more typical -- handled locally)
>>
>> The fifth could be empirically verified but I'd wager
>> the number of updates pushed is pretty small.  Esp if
>> you consider how often devices are "no longer supported".
>>
>> Any other likely reasons?
>
> - vendor wants to retain the option of billing you

Possible. I wonder how the law would treat charging for
a (presumed) "included service" AFTER the purchase?

On Tuesday, August 1, 2023 at 6:33:38 PM UTC-4, Don Y wrote:
> On 8/1/2023 3:26 PM, jeroen wrote:
> > On 2023-08-01 21:11, Don Y wrote:
> >> Why do most "smart devices" seem to (needlessly?) inject a
> >> proxy into their communications with other devices?
> >>
> >> Arguable needs could include:
> >> - vendor wants to harvest usage information
> >> - vendor wants to snoop (gain some advantage)
> >> - vendor wants to act as a bastion host
> >> - vendor wants to supply service enhancements (e.g., DDNS)
> >> - vendor wants to keep device current (laughable)
> >>
> >> The first two are clearly not value added to the consumer.
> >>
> >> The third *could* represent value -- but there's no way
> >> of empirically knowing if it is actually happening!
> >>
> >> The fourth seems trite -- are those enhancements REALLY
> >> necessary? (do you really need to be able to check to
> >> see if your laundry is done while miles from home? Or,
> >> would an alert that finds you on the other side of the
> >> house be more typical -- handled locally)
> >>
> >> The fifth could be empirically verified but I'd wager
> >> the number of updates pushed is pretty small. Esp if
> >> you consider how often devices are "no longer supported".
> >>
> >> Any other likely reasons?
> >
> > - vendor wants to retain the option of billing you
> Possible. I wonder how the law would treat charging for
> a (presumed) "included service" AFTER the purchase?

You mean like in cars where various functions stop working after a period unless you pay a subscription fee?

--

Rick C.

- Get 1,000 miles of free Supercharging
- Tesla referral code - https://ts.la/richard11209

On 02-Aug-23 5:11 am, Don Y wrote:
> Why do most "smart devices" seem to (needlessly?) inject a
> proxy into their communications with other devices?
>
> Arguable needs could include:
> - vendor wants to harvest usage information
> - vendor wants to snoop (gain some advantage)
> - vendor wants to act as a bastion host
> - vendor wants to supply service enhancements (e.g., DDNS)
> - vendor wants to keep device current (laughable)
>
> The first two are clearly not value added to the consumer.
>
> The third *could* represent value -- but there's no way
> of empirically knowing if it is actually happening!
>
> The fourth seems trite -- are those enhancements REALLY
> necessary?  (do you really need to be able to check to
> see if your laundry is done while miles from home?  Or,
> would an alert that finds you on the other side of the
> house be more typical -- handled locally)
>
> The fifth could be empirically verified but I'd wager
> the number of updates pushed is pretty small.  Esp if
> you consider how often devices are "no longer supported".
>
> Any other likely reasons?
>

I think this is, at least in part, related to finding the devices to be
connected in the context of a WiFi network of unknown configuration, and
totally clueless users.

Using an intermediate proxy is likely to work, and becomes the only
means of connection rather than a fall-back.

Then the marketing department realises they can use the data.

Sylvia.

On 8/1/2023 5:50 PM, Sylvia Else wrote:
> On 02-Aug-23 5:11 am, Don Y wrote:
>> Why do most "smart devices" seem to (needlessly?) inject a
>> proxy into their communications with other devices?
>>
>> Arguable needs could include:
>> - vendor wants to harvest usage information
>> - vendor wants to snoop (gain some advantage)
>> - vendor wants to act as a bastion host
>> - vendor wants to supply service enhancements (e.g., DDNS)
>> - vendor wants to keep device current (laughable)
>>
>> The first two are clearly not value added to the consumer.
>>
>> The third *could* represent value -- but there's no way
>> of empirically knowing if it is actually happening!
>>
>> The fourth seems trite -- are those enhancements REALLY
>> necessary?  (do you really need to be able to check to
>> see if your laundry is done while miles from home?  Or,
>> would an alert that finds you on the other side of the
>> house be more typical -- handled locally)
>>
>> The fifth could be empirically verified but I'd wager
>> the number of updates pushed is pretty small.  Esp if
>> you consider how often devices are "no longer supported".
>>
>> Any other likely reasons?
>
> I think this is, at least in part, related to finding the devices to be
> connected in the context of a WiFi network of unknown configuration, and
> totally clueless users.

So, you think this lets the device "phone home" and letting the
user contact it VIA HOME instead of being able to resolve a local
name/address?

Clearly this has value if the user wants to access the device
while OFF his "local subnet". E.g., check your Ring doorbell
while you are away at work or adjust the temperature in your house
before you return to it (isn't the thermostat supposed to KNOW how
to do that??).

But, this embeds much of the devices' value in the proxy. E.g.,
a ring doorbell that can't get out to The Internet is just
an overpriced buzzer. (A thermostat can, at least, fall back
to being a $20 thermostat)

Aquos ("Smart") TVs, IIRC, route internet accesses through a central
proxy -- but, you can hack around that so you're not reliant on that
proxy for that functionality.

OTOH, most smart TVs rely on services (pay or free) that may or may not
continue to be available. If not, then what value the network connection?
(E.g., I drive all of our TVs as oversized monitors soas not to be reliant
on their out-of-date firmware)

Other services are clearly offered as "free trials" so you understand
you're not going to be able to KEEP that functionality without paying for
it, later.

Chumby? Sonos? Alexa? What value those devices when the servers go dark?

> Using an intermediate proxy is likely to work, and becomes the only means of
> connection rather than a fall-back.
>
> Then the marketing department realises they can use the data.

I wonder how much they actually use, though. I can understand cars
reporting traffic delays as a way to drive the data in a traffic
monitoring service (I've been tempted to disable the transmitter
just to screw them... what does the car/driver get from the ability
to send data to someone else??). And, you may want to watch
my purchases (but you don't need Alexa for that!).

But, do you really care if I'm home when I've got the thermostat to
a "comfortable occupancy temperature"? Are you going to sell
notifications to door-to-door salesmen that NOW would be a good
time to catch me at home??

And, lots of "tracking" is easily defeated. The "savings cards"
that most stores offer aren't smart enough to realize if you've fed
them a bogus email address, name, etc. (One company here tries to
be clever and tickles the address periodically, discovers it is
bogus and disables the card. Fine, I just set up a new account
an hour before heading to the store -- as part of the process
of checking their current sale items -- and expect it to be
disabled a day or so later. Lather, rinse, repeat.)

I wonder if it simply hasn't occurred to the developers that
putting themselves in the loop as a proxy is likely more of a
liability than an asset. (E.g. to use the wireless interface
to our oven, we have to go through the manufacturer's proxy.
Imagine that proxy being hacked and every oven told to turn
on, set for 500F. Or, every garage door told to open. Or...)

I would think it better to be able to argue that any security
lapses are solely the responsibility of the user's misuse of
the technology...

On 8/1/2023 6:32 PM, Don Y wrote:
>> I think this is, at least in part, related to finding the devices to be
>> connected in the context of a WiFi network of unknown configuration, and
>> totally clueless users.
>
> So, you think this lets the device "phone home" and letting the
> user contact it VIA HOME instead of being able to resolve a local
> name/address?
>
> Clearly this has value if the user wants to access the device
> while OFF his "local subnet".  E.g., check your Ring doorbell
> while you are away at work or adjust the temperature in your house
> before you return to it (isn't the thermostat supposed to KNOW how
> to do that??).
>
> But, this embeds much of the devices' value in the proxy.  E.g.,
> a ring doorbell that can't get out to The Internet is just
> an overpriced buzzer.  (A thermostat can, at least, fall back
> to being a $20 thermostat)

IMO, this is where the value to the seller lies as it
effectively locks the device.

The user has physical possession of the device so can
subvert "most" any protection schemes (short of custom
silicon). Checksums can be fudged. Signed binaries can
be replaced by unsigned binaries (which may or may not
have the original code embodied within) or kernels altered
to remove the signature check (as is common in many desktop
executables as well as "appliances").

[E.g., who *hasn't* modded a wireless router? Nest
thermostat? etc. Are all of these manufacturers
just inept?? Your kernel wants to check signatures?
Build a new kernel that doesn't!]

OTOH, if a considerable portion of the device's *value*
is implemented "off site", the user (or counterfeiter)
has to come up with a means of replacing that functionality
in order to sever the tie to the external agency.

[And, a counterfeiter hoping to leverage the external agency's
service has to know how to masquerade as a legitimate client.]

But, then you have to truly add value with your service and
not just "inconvenience certain clients...

On 02-Aug-23 11:32 am, Don Y wrote:
> On 8/1/2023 5:50 PM, Sylvia Else wrote:
>> On 02-Aug-23 5:11 am, Don Y wrote:
>>> Why do most "smart devices" seem to (needlessly?) inject a
>>> proxy into their communications with other devices?
>>>
>>> Arguable needs could include:
>>> - vendor wants to harvest usage information
>>> - vendor wants to snoop (gain some advantage)
>>> - vendor wants to act as a bastion host
>>> - vendor wants to supply service enhancements (e.g., DDNS)
>>> - vendor wants to keep device current (laughable)
>>>
>>> The first two are clearly not value added to the consumer.
>>>
>>> The third *could* represent value -- but there's no way
>>> of empirically knowing if it is actually happening!
>>>
>>> The fourth seems trite -- are those enhancements REALLY
>>> necessary?  (do you really need to be able to check to
>>> see if your laundry is done while miles from home?  Or,
>>> would an alert that finds you on the other side of the
>>> house be more typical -- handled locally)
>>>
>>> The fifth could be empirically verified but I'd wager
>>> the number of updates pushed is pretty small.  Esp if
>>> you consider how often devices are "no longer supported".
>>>
>>> Any other likely reasons?
>>
>> I think this is, at least in part, related to finding the devices to
>> be connected in the context of a WiFi network of unknown
>> configuration, and totally clueless users.
>
> So, you think this lets the device "phone home" and letting the
> user contact it VIA HOME instead of being able to resolve a local
> name/address?

Yes.

>
> Clearly this has value if the user wants to access the device
> while OFF his "local subnet".  E.g., check your Ring doorbell
> while you are away at work or adjust the temperature in your house
> before you return to it (isn't the thermostat supposed to KNOW how
> to do that??).
>
> But, this embeds much of the devices' value in the proxy.  E.g.,
> a ring doorbell that can't get out to The Internet is just
> an overpriced buzzer.  (A thermostat can, at least, fall back
> to being a $20 thermostat)

I'm not saying its desirable, just that from the point of view of the
manufacturer, it's simple, and avoids the cost of providing support to
help people get things running, and also avoids comment in social media
about how it "doesn't work."

If the manufacturer goes out of business and no longer pays for the
proxy, then everyone's devices are more or less bricked, but the
manufacture has gone, and doesn't care.

Sylvia.

On 8/1/2023 8:32 PM, Sylvia Else wrote:
> On 02-Aug-23 11:32 am, Don Y wrote:
>> On 8/1/2023 5:50 PM, Sylvia Else wrote:
>>> On 02-Aug-23 5:11 am, Don Y wrote:
>>>> Why do most "smart devices" seem to (needlessly?) inject a
>>>> proxy into their communications with other devices?
>>>>
>>>> Arguable needs could include:
>>>> - vendor wants to harvest usage information
>>>> - vendor wants to snoop (gain some advantage)
>>>> - vendor wants to act as a bastion host
>>>> - vendor wants to supply service enhancements (e.g., DDNS)
>>>> - vendor wants to keep device current (laughable)
>>>>
>>>> The first two are clearly not value added to the consumer.
>>>>
>>>> The third *could* represent value -- but there's no way
>>>> of empirically knowing if it is actually happening!
>>>>
>>>> The fourth seems trite -- are those enhancements REALLY
>>>> necessary?  (do you really need to be able to check to
>>>> see if your laundry is done while miles from home?  Or,
>>>> would an alert that finds you on the other side of the
>>>> house be more typical -- handled locally)
>>>>
>>>> The fifth could be empirically verified but I'd wager
>>>> the number of updates pushed is pretty small.  Esp if
>>>> you consider how often devices are "no longer supported".
>>>>
>>>> Any other likely reasons?
>>>
>>> I think this is, at least in part, related to finding the devices to be
>>> connected in the context of a WiFi network of unknown configuration, and
>>> totally clueless users.
>>
>> So, you think this lets the device "phone home" and letting the
>> user contact it VIA HOME instead of being able to resolve a local
>> name/address?
>
> Yes.

I'd buy that for devices that one has to "reference" (i.e., name)
This avoids the problem of users not having a local name service
AND not wanting to deal with non-static RFC1918 addresses.

But, there's no real need for that in devices that you *don't*
have to address (e.g., a TV resolving a URL through a proxy
instead of directly)

>> Clearly this has value if the user wants to access the device
>> while OFF his "local subnet".  E.g., check your Ring doorbell
>> while you are away at work or adjust the temperature in your house
>> before you return to it (isn't the thermostat supposed to KNOW how
>> to do that??).
>>
>> But, this embeds much of the devices' value in the proxy.  E.g.,
>> a ring doorbell that can't get out to The Internet is just
>> an overpriced buzzer.  (A thermostat can, at least, fall back
>> to being a $20 thermostat)
>
> I'm not saying its desirable, just that from the point of view of the
> manufacturer, it's simple, and avoids the cost of providing support to help
> people get things running, and also avoids comment in social media about how it
> "doesn't work."
>
> If the manufacturer goes out of business and no longer pays for the proxy, then
> everyone's devices are more or less bricked, but the manufacture has gone, and
> doesn't care.

I can't imagine manufacturers make such decisions *thinking* they
may go out of business (and washing their hands of the consequences,
therefore). Rather, it would seem that a manufacturer would be
concerned that they would have ongoing costs even after the
product was no longer generating revenue.

E.g., how long will MS keep the activation servers running for
old versions of the OS/apps? (You'd think they would publish
some universal keys, after a while, so they could shut down
those servers)

On 2023-08-02 07:13, Don Y wrote:
> On 8/1/2023 8:32 PM, Sylvia Else wrote:
>> On 02-Aug-23 11:32 am, Don Y wrote:
>>> On 8/1/2023 5:50 PM, Sylvia Else wrote:
>>>> On 02-Aug-23 5:11 am, Don Y wrote:
>>>>> Why do most "smart devices" seem to (needlessly?) inject a
>>>>> proxy into their communications with other devices?
>>>>>
>>>>> Arguable needs could include:
>>>>> - vendor wants to harvest usage information
>>>>> - vendor wants to snoop (gain some advantage)
>>>>> - vendor wants to act as a bastion host
>>>>> - vendor wants to supply service enhancements (e.g., DDNS)
>>>>> - vendor wants to keep device current (laughable)
>>>>>
>>>>> The first two are clearly not value added to the consumer.
>>>>>
>>>>> The third *could* represent value -- but there's no way
>>>>> of empirically knowing if it is actually happening!
>>>>>
>>>>> The fourth seems trite -- are those enhancements REALLY
>>>>> necessary? (do you really need to be able to check to
>>>>> see if your laundry is done while miles from home? Or,
>>>>> would an alert that finds you on the other side of the
>>>>> house be more typical -- handled locally)
>>>>>
>>>>> The fifth could be empirically verified but I'd wager
>>>>> the number of updates pushed is pretty small. Esp if
>>>>> you consider how often devices are "no longer supported".
>>>>>
>>>>> Any other likely reasons?
>>>>
>>>> I think this is, at least in part, related to finding the devices to be connected in the context of a WiFi network of unknown configuration, and totally clueless users.
>>>
>>> So, you think this lets the device "phone home" and letting the
>>> user contact it VIA HOME instead of being able to resolve a local
>>> name/address?
>>
>> Yes.
>
> I'd buy that for devices that one has to "reference" (i.e., name)
> This avoids the problem of users not having a local name service
> AND not wanting to deal with non-static RFC1918 addresses.
>
> But, there's no real need for that in devices that you *don't*
> have to address (e.g., a TV resolving a URL through a proxy
> instead of directly)
>
>>> Clearly this has value if the user wants to access the device
>>> while OFF his "local subnet". E.g., check your Ring doorbell
>>> while you are away at work or adjust the temperature in your house
>>> before you return to it (isn't the thermostat supposed to KNOW how
>>> to do that??).
>>>
>>> But, this embeds much of the devices' value in the proxy. E.g.,
>>> a ring doorbell that can't get out to The Internet is just
>>> an overpriced buzzer. (A thermostat can, at least, fall back
>>> to being a $20 thermostat)
>>
>> I'm not saying its desirable, just that from the point of view of the manufacturer, it's simple, and avoids the cost of providing support to help people get things running, and also avoids comment in social media about how it "doesn't work."
>>
>> If the manufacturer goes out of business and no longer pays for the proxy, then everyone's devices are more or less bricked, but the manufacture has gone, and doesn't care.
>
> I can't imagine manufacturers make such decisions *thinking* they
> may go out of business (and washing their hands of the consequences,
> therefore). Rather, it would seem that a manufacturer would be
> concerned that they would have ongoing costs even after the
> product was no longer generating revenue.
>
> E.g., how long will MS keep the activation servers running for
> old versions of the OS/apps? (You'd think they would publish
> some universal keys, after a while, so they could shut down
> those servers)

They'll just announce the end of support for the old OS/aps and
invite you to spend some on an "upgrade". Easy. And that trick
is getting common for all sorts of devices, not just computers
and software. That is the _real_ motivation for the internet of
things.

Jeroen Belleman

On 8/2/2023 1:00 AM, jeroen wrote:
>> E.g., how long will MS keep the activation servers running for
>> old versions of the OS/apps?  (You'd think they would publish
>> some universal keys, after a while, so they could shut down
>> those servers)
>
> They'll just announce the end of support for the old OS/aps and
> invite you to spend some on an "upgrade". Easy. And that trick
> is getting common for all sorts of devices, not just computers
> and software. That is the _real_ motivation for the internet of
> things.

I am actually surprised at how *long* MS has continued to
support their activation servers.

Assuming that folks will willingly accept being "cheated" a second
time is dubious. They can just as easily take the obsoleting of the
existing kit to be an opportunity to discard or replace it with
something else (FROM someone else!).

I don't know anyone who has "upgraded" their thermostat, doorbell,
security camera, baby monitor, etc. because the original stopped
working (due to a service shutdown).

[I *do* know of devices that have experienced hardware failures
and been retired simply because of the impracticality of repair
of "inexpensive" devices]

TVs, IMO, are the quickest to be "left behind" in terms of the
services they can access, media formats they can process, etc.
Along with them, STBs. (Yet some services still remain
accessible -- I was playing with a Roku XD a few nights back
and found that some channels still worked)

SOHO networking kit is always going obsolete as security
protocols are improved along with available bandwidth.
But, the old kit still works -- albeit with the same limitations
that it had originally (not surprisingly).

Don Y <blockedofcourse@foo.invalid> wrote:
> On 8/1/2023 8:32 PM, Sylvia Else wrote:
>> On 02-Aug-23 11:32 am, Don Y wrote:
>>> On 8/1/2023 5:50 PM, Sylvia Else wrote:
>>>> I think this is, at least in part, related to finding the devices
>>>> to be connected in the context of a WiFi network of unknown
>>>> configuration, and totally clueless users.
>>>
>>> So, you think this lets the device "phone home" and letting the
>>> user contact it VIA HOME instead of being able to resolve a local
>>> name/address?
>>
>> Yes.
>
> I'd buy that for devices that one has to "reference" (i.e., name)
> This avoids the problem of users not having a local name service AND
> not wanting to deal with non-static RFC1918 addresses.
>
> But, there's no real need for that in devices that you *don't* have
> to address (e.g., a TV resolving a URL through a proxy instead of
> directly)

Now you delve back into the area where the manufacturer sees an
after-sale revenue stream from the sale of "usage/monitoring" data to
advertisers. A TV that directly resolved a URL would not give the
manufacturer "usage/monitoring" data that they could monetize by
selling it to advertisers. Having the TV resolve all URL's via a proxy
does give the manufacturer that data stream they can then monetize.

As well, going through a proxy also provides some "plug and play"
ability when the TV is installed on a local network that does not have
any local nameservice setup due to lack of knowledge on the part of the
owner, or lack of doing so on the part of the ISP installer who
installed the network access point for the customer. So the TV maker
can attempt to 'explain away' the monitoring as seemingly necessary for
it to work in a wider array of missconfigured network situations (and
sadly, the non-technical user would buy such an explanation).

>>> Clearly this has value if the user wants to access the device while
>>> OFF his "local subnet".  E.g., check your Ring doorbell while you
>>> are away at work or adjust the temperature in your house before you
>>> return to it (isn't the thermostat supposed to KNOW how to do
>>> that??).
>>>
>>> But, this embeds much of the devices' value in the proxy.  E.g., a
>>> ring doorbell that can't get out to The Internet is just an
>>> overpriced buzzer.  (A thermostat can, at least, fall back to being
>>> a $20 thermostat)
>>
>> I'm not saying its desirable, just that from the point of view of
>> the manufacturer, it's simple, and avoids the cost of providing
>> support to help people get things running, and also avoids comment
>> in social media about how it "doesn't work."
>>
>> If the manufacturer goes out of business and no longer pays for the
>> proxy, then everyone's devices are more or less bricked, but the
>> manufacture has gone, and doesn't care.
>
> I can't imagine manufacturers make such decisions *thinking* they may
> go out of business (and washing their hands of the consequences,
> therefore). Rather, it would seem that a manufacturer would be
> concerned that they would have ongoing costs even after the product
> was no longer generating revenue.

More likely the decision is made for a combination of several reasons:

1) more likely to "just work" in a plug-and-play mode given a
non-technical user and in a wider array of miss-configured network
situations

2) less support calls from non-technical users (translation: less cost
to in providing any after-sales support)

3) the datastream provides "side-channel" monetization to the
manufacturer via sales to advertising companies in some way

4) the "forced obsolescence" factor when the manufactuer decides to
remove the "proxy" is seen as providing future sales that might not
otherwise happen as users replace their now non-functioning devices.
(This one may or may not often factor in, numbers 1-3 above would
likely be sufficient to convince most of there being value in the
"go through a proxy always" operation method). Esp. #3 where the
manufacturer gets some level of revenue stream even after the
initial device sale.

On 8/2/2023 6:34 AM, Bertrand Sindri wrote:
>> But, there's no real need for that in devices that you *don't* have
>> to address (e.g., a TV resolving a URL through a proxy instead of
>> directly)
>
> Now you delve back into the area where the manufacturer sees an
> after-sale revenue stream from the sale of "usage/monitoring" data to
> advertisers. A TV that directly resolved a URL would not give the
> manufacturer "usage/monitoring" data that they could monetize by
> selling it to advertisers. Having the TV resolve all URL's via a proxy
> does give the manufacturer that data stream they can then monetize.

How often do folks *really* use their TV to surf the web?
You DL *content* through the various services installed on
the TV (and they can directly monitor your consumption
of each, individually; the TV manufacture could conceivably
monitor which of them you use/avoid.)

> As well, going through a proxy also provides some "plug and play"
> ability when the TV is installed on a local network that does not have
> any local nameservice setup due to lack of knowledge on the part of the
> owner, or lack of doing so on the part of the ISP installer who
> installed the network access point for the customer. So the TV maker

The TV is a "pull" device wrt network addressing. Even screencasting
is handled through the UI provided *in* the TV. And, because it
is on 24/7 (even if "sleeping"), it never needs to surrender a lease.

> can attempt to 'explain away' the monitoring as seemingly necessary for
> it to work in a wider array of missconfigured network situations (and
> sadly, the non-technical user would buy such an explanation).

I would more buy the idea that the TV itself would be vulnerable to
changes in web technology, exploits and other things that could make
it misbehave or fail to render a site properly. A *smart* proxy
could conceivably address these issues (or, at least, protect the
device/network)

>>>> Clearly this has value if the user wants to access the device while
>>>> OFF his "local subnet".  E.g., check your Ring doorbell while you
>>>> are away at work or adjust the temperature in your house before you
>>>> return to it (isn't the thermostat supposed to KNOW how to do
>>>> that??).
>>>>
>>>> But, this embeds much of the devices' value in the proxy.  E.g., a
>>>> ring doorbell that can't get out to The Internet is just an
>>>> overpriced buzzer.  (A thermostat can, at least, fall back to being
>>>> a $20 thermostat)
>>>
>>> I'm not saying its desirable, just that from the point of view of
>>> the manufacturer, it's simple, and avoids the cost of providing
>>> support to help people get things running, and also avoids comment
>>> in social media about how it "doesn't work."
>>>
>>> If the manufacturer goes out of business and no longer pays for the
>>> proxy, then everyone's devices are more or less bricked, but the
>>> manufacture has gone, and doesn't care.
>>
>> I can't imagine manufacturers make such decisions *thinking* they may
>> go out of business (and washing their hands of the consequences,
>> therefore). Rather, it would seem that a manufacturer would be
>> concerned that they would have ongoing costs even after the product
>> was no longer generating revenue.
>
> More likely the decision is made for a combination of several reasons:
>
> 1) more likely to "just work" in a plug-and-play mode given a
> non-technical user and in a wider array of miss-configured network
> situations

Yet damn near every user has a (wireless) router that suffers from
the same configuration issues, lack of intuitive UI, etc. And,
folks all rely on them for *all* their access...

> 2) less support calls from non-technical users (translation: less cost
> to in providing any after-sales support)

Except when the proxy is not available or fails (or is discontinued).
As it is an integral part of the service, at those times, the user
MUST contact support.

> 3) the datastream provides "side-channel" monetization to the
> manufacturer via sales to advertising companies in some way
>
> 4) the "forced obsolescence" factor when the manufactuer decides to
> remove the "proxy" is seen as providing future sales that might not
> otherwise happen as users replace their now non-functioning devices.
> (This one may or may not often factor in, numbers 1-3 above would
> likely be sufficient to convince most of there being value in the
> "go through a proxy always" operation method). Esp. #3 where the
> manufacturer gets some level of revenue stream even after the
> initial device sale.

Do you really think people are happy with "forced obsolescence"?
To the extent that they would re-up with the same supplier to
reward him for treating them thusly?

It's one thing to have a "free trial" period expire and be
faced with the question of "do I want to PAY for that service
that I'd previously had for free". It's another to have
something that you feel you *have* paid for taken away, "arbitrarily".

"What's to keep them from doing this, again, NEXT year? How much
time do I want to spend repurchasing something that I already
*owned*?"

Are you going to "rent" your software tools -- after having become
accustomed to *owning* them (under license)? Are you going to
rent your music after having purchased a collection of titles?

Don Y <blockedofcourse@foo.invalid> wrote:
> On 8/2/2023 6:34 AM, Bertrand Sindri wrote:
>>> But, there's no real need for that in devices that you *don't* have
>>> to address (e.g., a TV resolving a URL through a proxy instead of
>>> directly)
>>
>> Now you delve back into the area where the manufacturer sees an
>> after-sale revenue stream from the sale of "usage/monitoring" data
>> to advertisers. A TV that directly resolved a URL would not give
>> the manufacturer "usage/monitoring" data that they could monetize by
>> selling it to advertisers. Having the TV resolve all URL's via a
>> proxy does give the manufacturer that data stream they can then
>> monetize.
>
> How often do folks *really* use their TV to surf the web?

For the non-technical crowd (i.e., the 98 percentile of users, the
answer is likely 'surprisingly often'. Granted, the use very well may
be: 1) youtube 2) porn 3) latest cat video from FB/instagram/etc vs. TI
chip datasheets.

> You DL *content* through the various services installed on the TV
> (and they can directly monitor your consumption of each,
> individually; the TV manufacture could conceivably monitor which of
> them you use/avoid.)

They (the manufacturer) could know everything about your usage of the
"TV", as they provide the OS, and can add whatever additional
monitoring hooks they want.

>> As well, going through a proxy also provides some "plug and play"
>> ability when the TV is installed on a local network that does not
>> have any local nameservice setup due to lack of knowledge on the
>> part of the owner, or lack of doing so on the part of the ISP
>> installer who installed the network access point for the customer.
>> So the TV maker
>
> The TV is a "pull" device wrt network addressing. Even screencasting
> is handled through the UI provided *in* the TV. And, because it is
> on 24/7 (even if "sleeping"), it never needs to surrender a lease.

DHCP lease vs. 'nameserver IP' are two different things. If it uses a
proxy for all network coms. (and has the proxy's IP addresses already
stored) it can operate in a network that has only DHCP providing only
an IP for the device and a gateway IP. It won't care, nor need, the
DHCP server to also indicate a nameserver to utilize. Thereby making
it slightly more "plug-and-play" as I said.

>> can attempt to 'explain away' the monitoring as seemingly necessary for
>> it to work in a wider array of missconfigured network situations (and
>> sadly, the non-technical user would buy such an explanation).
>
> I would more buy the idea that the TV itself would be vulnerable to
> changes in web technology, exploits and other things that could make
> it misbehave or fail to render a site properly.

Yes, this will happen, and from the manufacturer's perspective simply
means the device is likely to be replaced sooner rather than later,
keeping the new sales treadmill running.

> A *smart* proxy could conceivably address these issues (or, at least,
> protect the device/network)

Possibly -- but given the crap quality of most of the software on most
smart tv's, I very much doubt the maker is concerned with 'fixing'
broken renderings or with 'protecting' the device.

>>>>> Clearly this has value if the user wants to access the device
>>>>> while OFF his "local subnet".  E.g., check your Ring doorbell
>>>>> while you are away at work or adjust the temperature in your
>>>>> house before you return to it (isn't the thermostat supposed to
>>>>> KNOW how to do that??).
>>>>>
>>>>> But, this embeds much of the devices' value in the proxy.  E.g.,
>>>>> a ring doorbell that can't get out to The Internet is just an
>>>>> overpriced buzzer.  (A thermostat can, at least, fall back to
>>>>> being a $20 thermostat)
>>>>
>>>> I'm not saying its desirable, just that from the point of view of
>>>> the manufacturer, it's simple, and avoids the cost of providing
>>>> support to help people get things running, and also avoids comment
>>>> in social media about how it "doesn't work."
>>>>
>>>> If the manufacturer goes out of business and no longer pays for
>>>> the proxy, then everyone's devices are more or less bricked, but
>>>> the manufacture has gone, and doesn't care.
>>>
>>> I can't imagine manufacturers make such decisions *thinking* they
>>> may go out of business (and washing their hands of the
>>> consequences, therefore). Rather, it would seem that a
>>> manufacturer would be concerned that they would have ongoing costs
>>> even after the product was no longer generating revenue.
>>
>> More likely the decision is made for a combination of several reasons:
>>
>> 1) more likely to "just work" in a plug-and-play mode given a
>> non-technical user and in a wider array of miss-configured
>> network situations
>
> Yet damn near every user has a (wireless) router that suffers from
> the same configuration issues, lack of intuitive UI, etc. And, folks
> all rely on them for *all* their access...

And for a huge segment of that population, that wireless router was
installed and configured by "the cable guy" and was never touched by
the end user again for any configuration.

You are viewing the world from a "I know how it works, and I can
change/reconfigure it" viewpoint. 98% of the general public can just
barely handle plugging the power brick into the wall outlet and into
the box, and pressing the "on" button. They operate in a very
different world from the one you inhabit.

>> 2) less support calls from non-technical users (translation: less
>> cost to in providing any after-sales support)
>
> Except when the proxy is not available or fails (or is discontinued).
> As it is an integral part of the service, at those times, the user
> MUST contact support.

No, because for a large segment, they will presume the device has
failed and proceed to go buy another. Esp. if their cellphone/tablet
still works while the TV has quit.

>> 3) the datastream provides "side-channel" monetization to the
>> manufacturer via sales to advertising companies in some way
>>
>> 4) the "forced obsolescence" factor when the manufactuer decides to
>> remove the "proxy" is seen as providing future sales that might
>> not otherwise happen as users replace their now non-functioning
>> devices. (This one may or may not often factor in, numbers 1-3
>> above would likely be sufficient to convince most of there being
>> value in the "go through a proxy always" operation method). Esp.
>> #3 where the manufacturer gets some level of revenue stream even
>> after the initial device sale.
>
> Do you really think people are happy with "forced obsolescence"?

Those of us technical enough to understand it, no, we are not happy
with it. For the 98% non-technical "plug-and-play" users, they don't
see it as "forced obsolescence" but as "the dang TV's quit working".
If it is outside the warranty period they then go looking to replace
it.

> To the extent that they would re-up with the same supplier to reward
> him for treating them thusly?

When all the suppliers are treating you the same way, who you gonna
call? They might swap to a different brand, but then a customer of
that other brand swaps to this brand for the same reason, and both
brands see "an additonal sale" and see the sales treadmill keep on
spinning.

> It's one thing to have a "free trial" period expire and be faced with
> the question of "do I want to PAY for that service that I'd
> previously had for free". It's another to have something that you
> feel you *have* paid for taken away, "arbitrarily".

For the non-technical user base, they don't understand that the TV quit
because the manufacturer decided they wanted to turn off the proxy
server supporting the TV. They just see that the TV quit. Not "quit"
as in the push button screen remains dark type, but as in "won't play
youtube" or "won't play pornhub" or whatever they were going to watch.
So they will chalk things up to "it's broke" and toss it out to the
curb to be replaced by another one.

> "What's to keep them from doing this, again, NEXT year?

Nothing.

> How much time do I want to spend repurchasing something that I
> already *owned*?"

On 8/2/2023 3:17 PM, Bertrand Sindri wrote:
> Don Y <blockedofcourse@foo.invalid> wrote:
>> On 8/2/2023 6:34 AM, Bertrand Sindri wrote:
>>>> But, there's no real need for that in devices that you *don't* have
>>>> to address (e.g., a TV resolving a URL through a proxy instead of
>>>> directly)
>>>
>>> Now you delve back into the area where the manufacturer sees an
>>> after-sale revenue stream from the sale of "usage/monitoring" data
>>> to advertisers. A TV that directly resolved a URL would not give
>>> the manufacturer "usage/monitoring" data that they could monetize by
>>> selling it to advertisers. Having the TV resolve all URL's via a
>>> proxy does give the manufacturer that data stream they can then
>>> monetize.
>>
>> How often do folks *really* use their TV to surf the web?
>
> For the non-technical crowd (i.e., the 98 percentile of users, the
> answer is likely 'surprisingly often'. Granted, the use very well may
> be: 1) youtube 2) porn 3) latest cat video from FB/instagram/etc vs. TI
> chip datasheets.

I know of exactly one "average joe" who gets content over the internet.
All others use cable. (but, most of the folks I know are older and
have stable viewing habits -- not fad driven)

>> You DL *content* through the various services installed on the TV
>> (and they can directly monitor your consumption of each,
>> individually; the TV manufacture could conceivably monitor which of
>> them you use/avoid.)
>
> They (the manufacturer) could know everything about your usage of the
> "TV", as they provide the OS, and can add whatever additional
> monitoring hooks they want.

My point was that "Netflix" has no way of knowing what you are consuming
on "Amazon" ... or VUDU or ... Unless the manufacturer has agreed to
share this information with them, they don't even know if you've been
*watching* TV!

And, a TV displaying content sourced via cable tells the manufacturer
*nothing* of your viewing habits.

>>> As well, going through a proxy also provides some "plug and play"
>>> ability when the TV is installed on a local network that does not
>>> have any local nameservice setup due to lack of knowledge on the
>>> part of the owner, or lack of doing so on the part of the ISP
>>> installer who installed the network access point for the customer.
>>> So the TV maker
>>
>> The TV is a "pull" device wrt network addressing. Even screencasting
>> is handled through the UI provided *in* the TV. And, because it is
>> on 24/7 (even if "sleeping"), it never needs to surrender a lease.
>
> DHCP lease vs. 'nameserver IP' are two different things. If it uses a

Of course. But, a numeric IP that "rarely changes" is as good as a
static IP. And, a static IP is as good as a name.

Given that most homes have few IP devices competing for addresses
and that DHCP servers will tend to reoffer the same IP to a "repeat
customer" (assuming the TV gets shut off for many lease times),
a dynamic address can be as good as a static one.

[My NASs each take leases. Yet, I can find them reliably because
their IPs don't really change.]

> proxy for all network coms. (and has the proxy's IP addresses already
> stored) it can operate in a network that has only DHCP providing only
> an IP for the device and a gateway IP. It won't care, nor need, the
> DHCP server to also indicate a nameserver to utilize. Thereby making
> it slightly more "plug-and-play" as I said.
>
>>> can attempt to 'explain away' the monitoring as seemingly necessary for
>>> it to work in a wider array of missconfigured network situations (and
>>> sadly, the non-technical user would buy such an explanation).
>>
>> I would more buy the idea that the TV itself would be vulnerable to
>> changes in web technology, exploits and other things that could make
>> it misbehave or fail to render a site properly.
>
> Yes, this will happen, and from the manufacturer's perspective simply
> means the device is likely to be replaced sooner rather than later,
> keeping the new sales treadmill running.

That's a gamble on the manufacturer's part. MS thought they could move
past XP just by declaring that a new OS was available. Yet, folks
clung to XP. (Ditto W7)

Granted, XP continued to work so they weren't forced to make a choice.
But, if they had been, do you think it wouldn't have prompted folks to
look into alternatives -- Linux, OSX, android ("let's get rid of this
big, klunky laptop")

Why not issue a new product annually and "train" folks to replace
even more often? Ans: because each time they have to replace something
is an opportunity for them to decide NOT to replace with YOUR product.

>> A *smart* proxy could conceivably address these issues (or, at least,
>> protect the device/network)
>
> Possibly -- but given the crap quality of most of the software on most
> smart tv's, I very much doubt the maker is concerned with 'fixing'
> broken renderings or with 'protecting' the device.
>
>>>>>> Clearly this has value if the user wants to access the device
>>>>>> while OFF his "local subnet".  E.g., check your Ring doorbell
>>>>>> while you are away at work or adjust the temperature in your
>>>>>> house before you return to it (isn't the thermostat supposed to
>>>>>> KNOW how to do that??).
>>>>>>
>>>>>> But, this embeds much of the devices' value in the proxy.  E.g.,
>>>>>> a ring doorbell that can't get out to The Internet is just an
>>>>>> overpriced buzzer.  (A thermostat can, at least, fall back to
>>>>>> being a $20 thermostat)
>>>>>
>>>>> I'm not saying its desirable, just that from the point of view of
>>>>> the manufacturer, it's simple, and avoids the cost of providing
>>>>> support to help people get things running, and also avoids comment
>>>>> in social media about how it "doesn't work."
>>>>>
>>>>> If the manufacturer goes out of business and no longer pays for
>>>>> the proxy, then everyone's devices are more or less bricked, but
>>>>> the manufacture has gone, and doesn't care.
>>>>
>>>> I can't imagine manufacturers make such decisions *thinking* they
>>>> may go out of business (and washing their hands of the
>>>> consequences, therefore). Rather, it would seem that a
>>>> manufacturer would be concerned that they would have ongoing costs
>>>> even after the product was no longer generating revenue.
>>>
>>> More likely the decision is made for a combination of several reasons:
>>>
>>> 1) more likely to "just work" in a plug-and-play mode given a
>>> non-technical user and in a wider array of miss-configured
>>> network situations
>>
>> Yet damn near every user has a (wireless) router that suffers from
>> the same configuration issues, lack of intuitive UI, etc. And, folks
>> all rely on them for *all* their access...
>
> And for a huge segment of that population, that wireless router was
> installed and configured by "the cable guy" and was never touched by
> the end user again for any configuration.
>
> You are viewing the world from a "I know how it works, and I can
> change/reconfigure it" viewpoint. 98% of the general public can just
> barely handle plugging the power brick into the wall outlet and into
> the box, and pressing the "on" button. They operate in a very
> different world from the one you inhabit.

I think you underestimate the resources that folks have
available to them. EVERYONE knows some neighborhood kid
who's "a whiz with computers" (it may even be their
own kid!). Or, can quiz the IT-guy at work for advice.
Or...

>>> 2) less support calls from non-technical users (translation: less
>>> cost to in providing any after-sales support)
>>
>> Except when the proxy is not available or fails (or is discontinued).
>> As it is an integral part of the service, at those times, the user
>> MUST contact support.
>
> No, because for a large segment, they will presume the device has
> failed and proceed to go buy another. Esp. if their cellphone/tablet
> still works while the TV has quit.