Comment on Matter 1.2 is a big move for the smart home standard
Serinus@lemmy.world 8 months agoYeah, but with Matter you can do everything locally. Maybe we need another standard where they can suck up all the data about when you turn your bedroom light on and off. We can call it “HCA”.
Monument@lemmy.sdf.org 8 months ago
While reading that article, I started to wonder about privacy controls that exist within Matter.
It’s sort of weird that every company seems kind of united behind it. That’s sort of rare.
And don’t get me wrong, I’m sure Matter does a lot for those companies, but I don’t know if Matter currently offers any actual privacy.
The hubs and control devices can obviously report back to the manufacturer with any data they are legally allowed to collect. That surely includes network information (including nearby networks), any location or geofence activity, device types, events, and statuses reported by those devices. It’s all the data that could be harvested before, but through one hub. We’ve just obscured the fact that Google, Samsung,or even Apple are doing the collecting behind the Matter name. And when you give a device access to your network, it can talk to every device on your network and reach the internet unless you’ve blocked it. Does the Matter standard prevent devices from gathering information from other Matter devices, or even from your network/other networks around you? Does Matter dictate that devices may only share data with the Matter routers? That is: are they prohibited from using non-Matter communication protocols? Can a device request that a Matter hub send data to a server on its behalf? Can a device directly talk to an external server?
If data can be collected, and a server can be reached, there’s no privacy to be had under Matter.
The questions above are rhetorical, but without reading the actual Matter specification (which is ‘available’ online, if you give the Matter consortium your information), I couldn’t tell you whether or not there’s actually any privacy, or if this is just a group project to steal user data.
Serinus@lemmy.world 8 months ago
I think the idea behind Matter is the major players (Apple, Google, Samsung) want access to all the devices (and information) through their own hubs, while the smaller players (Belkin, Phillips, etc.) don’t want to be excluded by not working with the hubs people expect. (I’m using “hub” loosely here to fit several things.) And consumers don’t want to install 12 different apps that don’t interact to control their home.
Home Assistant is probably an unintended consequence of this, and may be one of the reasons why they’re dragging their feet. It’s not that Matter is secure or private, but it’s created the opportunity for security and privacy through local control.
I don’t expect the Home Assistant segment of the market should be big enough to concern them, especially with what it provides back. Home Assistant can’t disappear in ten years the way so many existing apps and critical appliance software have over the years.
You had further questions about Matter that I’m also interested in. Your Matter devices are getting an IPv6 address. Are they potentially capable of independent communication over the internet? Seems this would be impossible to hide though.
AA5B@lemmy.world 8 months ago
Hopefully this will influence better support for segmented networks in home routers. Yeah, Samsung probably wants to collect any data it can, but Netgear can sell a lot of routers by making it easy for you to feel safer
abhibeckert@lemmy.world 8 months ago
AFAIK yes - matter devices can theoretically collect information about other devices in your home. A lot of matter devices use very low power radio connections that would struggle to penetrate walls/etc and it works a little bit like the internet where a network packet has an almost infinite number of ways to potentially reach the destination. So, if you’re worried your TV might record the fact that your lights were turned off at 11pm… maybe get rid of that TV.
Pretty sure Matter devices can use whatever non-matter communication protocols they want.
Pretty sure they can, yes. And they need to be able to do that to download and apply security patches.
Monument@lemmy.sdf.org 8 months ago
Thanks for your input.
Those are my assumptions as well.