Another IoT Debacle: Charter Offers Home Insecurity

If you are a glass-half-empty person, you’ll view Charter’s announcement that they will shutter their home security and smart home service on February 5th as another reason not to buy into closed-source IoT devices. If you are a glass-half-full person though, you’ll see the cable company’s announcement as a sign that a lot of Zigbee hardware will soon flood the surplus market. Ars Technica reports that after investigation it appears that some of the devices may connect to a standard Zigbee hub after a factory reset, but many others will definitely not.

As you might expect, users were less than thrilled. Especially those that shelled out thousands of dollars on sensors and cameras. This sort of thing might be expected if a company goes out of business, but Charter just doesn’t want to be in the home security business anymore.

Charter acquired the security business when it bought Time Warner Cable and Bright House Networks in 2016. According to Charter, they stopped marketing the home security service after that. To add insult to injury they are offering a deal to customers by which they can get an Amazon Ring kit with a hub, a range extender, and five devices for “free” if they sign up for one year of Ring monitoring for $340. When a year of monitoring can be had for $100 and a 5-piece Ring set for $199, understandably this has not gone down well. Even a 10-piece set that has the same devices plus an extra motion detector and two extra sensors can be had for only $259.

If you’re a Charter IoT customer and you don’t like that deal, there is the $179 plan from Abode, which is a slightly better proposition. Even then, the yearly monitoring plan only lists for $200 and is actually $100 right now, regardless of your relationship with Spectrum.

We liked the one quote in the article that said: “Zigbee is famously nonstandard as a standard.” We couldn’t help but think of the old adage: “The good thing about standards is there are so many of them.” This remindS us of the fiasco with Best Buy’s smart devices last year. Maybe someone will take pity on these poor users and help them out.

38 thoughts on “Another IoT Debacle: Charter Offers Home Insecurity

  1. How many “cloud”, “software as a service/subscription”, and “IoT device + proprietary cloud service” have to fold leaving their users stranded, devices bricked, data lost (or left inaccessible due to a subscription price hike) before users wake up and flatly refuse to use any device or software where they cannot:
    A) run their own server without needing permission or interaction with the company? (no phone-home or other lock-in)
    B) be assured perpetual access to their data and a perpetual license to run the version they bought locally (so that even if the company goes out of business they can access their data with no loss of capability as a result of the demise of the vendor)

    It is hard to see these cloud/*-aaS/subscription-only “services” as anything but an extremely cynical grab for money and control on the part of business who would find it hard to stay afloat without the leverage provided by vendor lock-in and holding your data hostage to boot. What’s good for their shareholders is pretty much universally bad for their customers and society as a whole.

    1. It might take a while, because “running your own server” is a formidable obstacle. You also need to maintain the software. And then, hey, you can bundle all that up and put in the cloud for a little fee.

      I believe the real issue is that you can’t change service provider for these. And that there’s no obligation to offer the abandoned technology to the highest bidder or the community itself.

    2. Yup. Companies jumped on “IoT” with expensive but insecure and minimally useable systems with fuzzy future plans, and now they’re dropping away as they come to grips with the cost of running half-baked systems. Sucks (sucked) to be their customers…

      There’s still two big requirements (opportunities) in this field:
      – a commodity home hub device so it’s not necessary to loop some packets through China to turn on a light from your phone.
      – configuration software that normal people can use. Node-Red is kewl for hackers, but not for muggles.

      … and some standards, for interoperability and security.

      Til then… I’m running a rPi hub, and Tasmota on reflashed ESP8266 devices.

    3. unfortunately, the world at large wants a product that ‘just works’, and either lacks the knowledge or know-how to create the background software that can make that possible.

      personally, i wanted a doorbell camera that was only accessible on the local network, with it’s own storage, accessible from a pc. if you’ve looked into doorbell cameras at all, you’ll see how there’s very few options that fulfill those needs. most need outside web access, and most record only to ‘the cloud’. i ended up going with a hikvision variation that officially doesn’t exist. they sell it to oem’s who are supposed to re-flash it with their flavor of firmware.

      those of us that are aware of the security issues with these IOT devices exist in a vacuum where we desire the devices core functionality, but must weigh their large disadvantages against their advantages, with software accessibility/customization usually weighing heavily as a disadvantage.

    1. Ah yes, centrally planned manufacturing, sign me up, seriously, put my name down, I figure I can keep my car running another 30 years, but I’m gonna need that Trabant delivered in 2050 to continue getting around.

  2. its no different to buying an “i” device. 2 or 3 software updates later and device is rendered useless, despite the fact the hardware still operates just fine but shell out another $1000 and move more good parts to landfill

    1. Well to be fair most portable “i” devices have their battery sealed inside and are not a replaceable part, so the device is designed to only last a few of years anyhow. So forcing consumers to trash them before the bad experience starts is probably part of some internal policy.

      1. See my reply below. I have had an iPhone battery replaced before. And I’d say the battery wearing out is probably much worse than any other bad experience you could have. Dead battery = useless phone. Delays and lagging interface = just annoying but still functional.

        I think people are pretty cynical about manufacturers like Apple and others who actually make pretty great products and are just out to make money like everybody else.

        However the subject of the article is obviously worse than that. I think the moral of the story is don’t put all your eggs in one basket. Or you have to be ok with losing all your eggs if the basket gets acquired by a larger company and then shut down because it’s no longer profitable.

        1. There are plenty of things Apple is doing which are shady at best. They do make some ok hardware, but they also fail to solve problems with their hardware and actively work against fixing hardware that has been broken, which is pure disgusting.

          There have been companies with IoT devices that have gone out of business and therefore stopped supporting their hardware, but this intentional dropping of products by a still operating company is worse, I agree.

    2. Same goes for Android devices. Eventually you lose official support, and then you’re up the creek on your own because 3rd party software gradually shifts with the operating system version as well – assuming they’re letting you in the appstore in the first place.

    3. I have not had the same experience with Apple devices.

      Until last month I was using a nearly 5 year old iPhone 6 and had replaced the battery. Apple store did it for <$50 USD, and others offered battery replacement for about half that. Only reason I replaced the phone was bc my wife wanted to buy me a new one for Christmas and the camera on the 11 is better. Plus I get a bigger screen and better hardware.

      My 2008 MacBook runs like a champ on its third battery. Runs short on ram with today’s insanely complicated web pages, but otherwise no complaints. I may switch to a lightweight Linux distro at some point, but again, no complaints about Mac OS which it still runs.

      Durability, stability, compatibility, and continued support are the most important to me, and those are the reasons why I will continue to buy Apple products despite them being expensive.

      At some point Apple could shut down iCloud for some reason but I just don’t see that happening. So I don’t see any of my “i devices” becoming useless anytime soon.

      1. Ha ha ha ha!

        Let me laugh at you even harder.

        Nobody does planned obsolesce like Apple, it’s their business model.

        Durable: phones that bend, keyboards that don’t work, chips that overheat…

        Stability: chips that overheat, bugs that crash the whole phone…

        Compatibility: easy, it’s compatible with nothing, except Apple products.

        Why buy generic, when you can get all these features above for 2X the price!

        Don’t get me wrong, I love people like you, perfect for making Apple stock go higher. People like you will pay whatever people like me decide you should pay.

        1. You decide what people like me will pay? I’d love to hear you explain how that works.

          Laugh all you want. I am just relating my own personal experience with Apple products which has been great. It’s not that I’ve never used the competition. I just prefer Apple stuff.

          Sure there are bugs and problems. Show me one manufacturer of similar products that has never had one, and maybe I’ll switch in about 5 years or so when I get tired of my phone.

        2. Wow, love how people on HAD can have a sensible discussion. Someone said the a-word (Apple) and then others act like a-holes.

          Not everyone likes Apple. We know.
          My iMac is 10 years old, but still gets security updates, and runs more or less fine. Support for iOS devices drops sooner, but that’s largely tied to battery life, and non-replaceable batteries is tied to consumers wanting small thin devices.

          I do object to non-replaceable HDs on newer apple kit. That’s the one thing that can usually be upgraded very cost-effectively. But otherwise there’s a lot of hate here.

          Going back to the original article, I’m happy also glad my home kit isn’t sending data off to China, but runs off devices in my home.

  3. I’m thinking of launching a kind of iot backend + insurance company. We would act as a proxy to a cloud provider (aws, or whatever), selling backend solution to IOT companies. With a x years guarantee that the server will be running (no matter what happens to the iot company) and some sort of crowdfunding for users who want keep servers running after that.

    And we’d provide a label that iot company can use in their marketing to increase trust.

    (if someone want to work on this …)

    1. Why would people trust your company to remain in operation?
      How would you price your… ‘service’… without knowing how much bandwidth and compute resources will be required?
      Basically your idea sounds no better than the current situation… maybe even slightly worse.

  4. Cloud based “security” is great. many third parties have access to:

    -When your home is occupied
    -When you enter
    -When you leave
    -When you go on vacation
    -Your phone number
    -Your address
    -Your credit card number
    -Photos of the outside of your house
    -Photos/video of the inside of your house
    -Photos of your kids,pets
    -Your work phone number/address
    -How many other people have access, their names, address, phone numbers, etc

    I’m sure this data could NEVER be used to commit crimes.

    1. Don’t forget that most criminals aren’t that clever, and most burglaries (at least in the U.K.) are done on the spur of the moment, and involve things like windows left open.

      But yes, that data shouldn’t be going to insecure 3rd parties.

      1. I remember when “free” movie tickets were distributed to homes.

        A nice 2-3 movie, a “moving” van or some sort of service vechicle, and everything gets emptied out.

        Works even better when the tickets can only be used by those named, something nice and family friendly.

    1. …I mean to be honest I’m glad. Maybe this will dissuade people from using iot garbage and demanding ever more sophisticated and omniscient security despite crime being basically nonexistent for decades. Ring in particular is the goddamned devil. That whole system should be banned immediately. It’s soooo much more of a risk than a couple Amazon knickknacks stolen off a porch are worth. It’s evil.

      Nobody even uses the iot stuff after like a month. It all is just gimmick and novelty for a minute and then people forget about them, keep paying, and keep increasing surveillance. There’s a couple extremely rare exceptions, but every single ai assistant I’ve seen hasn’t been spoken to in like at least half a year. We’re not even getting anything out of this! It’s the stupidest deal ever.

      1. I’ve not followed Ring other than watching Techmoan’s video on it, and my upstairs neighbour has one as an intercom for her ground floor front door. What’s so evil about Ring?

        I broadly agree that crime in general has decreased, but I don’t at all blame people for wanting to feel secure in their homes. I’m a single woman living alone and sometimes I am afraid by (probably) perfectly innocuous things happening outside my home. I’m a hacker so I’ll make some kind of local CCTV with an online backup but most people don’t have the time, inclination, or ability to do the same.

  5. I’ve been in the market for a home security system, and issues like this are why I haven’t jumped yet. I’d like a simple system based on readily available components (that doesn’t require me to break out the soldering iron), that is supported by open source software run on a home server, which provides an android app, and has a reasonable history or user base. Unfortunately, there doesn’t seem to be much out there. Would love to have someone prove me wrong!

    1. there are quite a few options for DIY without the soldering iron (some with the raspberry pi, some with hacked cameras). With some work involved, of course.
      But …if you want to have an app, with access to the stuff from anywhere you will reach the same conclusions as the manufacturers: you will need to put most things in the cloud. It’s not the only way, but the best way.

  6. Oddly enough there’s a house not far from me advertising their security via Spectrum, I wonder if they got the mail message reporting it. And how were they delivered I wonder?

    Incidentally Al, there’s a Prop Bot banging at your door, they want you back.

  7. It’s not just ioT hardware.

    Some hardware needs net access and has third party server dependence even when the net access doesn’t provide any additional functionality.

    When they switch the server off, the hardware no longer works.

    It’s like a hardware subscription or hardware as a service but you have to pay for the hardware.

  8. It isn’t just the cloud and proprietary systems that are a risk it is the complex dependencies these systems have that mean that maintenance can be a pain should two or more parts stop working with each other in the way that you need based on some assumption that worked a few years ago but was never and actual documented feature. Complexity = fragility. Have you heard of the slow food movement (no that is not a gastroenterological joke), well I want to start a “Slow Solutions” movement for hardware and software systems that are designed to be robust, secure and have a long life without falling over due to component characteristic changes or unavailability of replacement parts. Neophilia is great for innovators but sometimes you just want to build something that does the job, that you can then set and forget for a decade or so, like the rest of the parts of the house you are building.

  9. Folks just need to stop living outside of their means. If you can’t control it or handle it, then you really don’t need it. I can see uses for the disabled but otherwise mow your own yard, and get up off of the couch every now and then and listen to your parents about turning off lights and the thermostat. I almost hope the next big attack cripples all of these idiots’ homes. I think it would do humanity good to take a couple of steps back at this point.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.