this post was submitted on 02 Sep 2024
840 points (95.3% liked)

Privacy

31981 readers
249 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

Some of the LinkedIn Responses are direct and on-point, and also hilariously/depressingly based depending on how you look at it:

EDIT: In hindsight, I think I should've looked into posting this in a different community.. It's closer to a silly "innovation".. soo.. is this considered FUD? I also don't support smoking or vaping, especially among kids. Original title had "privacy-violating" before the "solution".

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 186 points 2 months ago (8 children)

A school district spends $180,000 (hyperbole, I don’t know actual numbers) of taxpayer money deploying this system between the actual hardware costs, maintenance costs to install the hardware, it costs to implement it into their network, and probably an ongoing contact with this dummy’s company. Maybe only for support but with the way things are now I’m sure they built this app to phone home to their servers (introducing a huge potential security risk over simply running it locally on the schools existing network infrastructure in a docker or something), calling it “cloud based”, and charging the district 1k/month to run the devices the district now owns and should be able to operate without the company. The company then talks about how they’ll back up records and safeguard data so you don’t have to worry about that (that it dept you pay is pointless!)

Three months after deployment it turns out the sensors can be tripped by many things not related to vaping, maybe increases in heat, mouthwash breath, etc. the false positives are due to a hardware flaw and cannot be fixed with a patch. Feel free to upgrade to sensor version 2.0, now with improved accuracy! (read: the problem still exists but isn’t as bad). Only another 40k to buy the new hardware, rip out the old hardware (which is now worthless), install the new stuff, and configure the software for everything (again, maintenance and IT costs)

9 months after deployment the company is doing poorly because their product is stupid and only a few idiots actually bought it (way to go idiot). There’s concerns because they sent a new Eula that outlines data sharing policies. They are potentially finding ways to harvest the data they agreed to safely store to try and create a new revenue stream to right their sinking ship. District counsel says fighting the Eula change will be expensive and there’s not much precedent for it, plus they state they will anonymize data before sharing so it’s not a ferpa violation, technically. It feels scummy but you can’t do anything about it. You also don’t really trust them to only sell anonymized data but you can’t prove they aren’t crossing that line so whatever, I guess

15 months after deployment they get hacked because they’ve run out of vc cash, never could get an actual profit stream going (turns out they’re spending 750,000/yr on salaries for 5 people and they’re all kitted out with sick work computers for what is basically coding a web app, but I digress). security of their servers was one of the budgetary constraints they chose to make to right the ship (but had to keep the $1800 office chairs and the 15-20k/mo rent loft they use as an office in a hcol area). The contract says this may happen and they’re not responsible unless there’s gross negligence on their part, which you can’t prove, and that they do some bare minimum reactionary shit after the fact to mitigate damage. So they’re legally blameless and now you get to notify your community their children’s data was leaked to god knows who, whoops

22 months after the fact they go out of business officially. You get a form email about the company’s journey and the difficult decision they had to make to stop fucking around on a dumb project that sucks because no dumbass vc will give them fun bucks anymore to keep playing tech bro billionaire. All the sensors stop working because they require a connection to the servers, which they shut off immediately without a sunset period. You’re reminded every day when you log in to the schools admin panel and get 350 “sensor not connected” error messages and your students bitch about the “sensor not connected: server not available” error pop up showing up on their classroom console. It takes IT a few days to remove their shit from the network and that costs you even more money in wasting your IT staff time when they should be fixing the broken computers in the computer lab or whatever.

Now your school has a bunch of weird boxes on the wall. Sometimes people ask you about them and you go “oh those don’t do anything” and remember that they cost taxpayers in your community tens, if not hundreds, of thousands of dollars and wasted hundreds of hours of your supports staffs time that they could’ve been using to improve the school

But then you scroll on instagram and see there’s this new thing that will detect when kids are bullying each other. You just have to put a camera in each classroom. It’s okay, it won’t record. It will just use the power of AI and machine learning. You’re sold right there and the cycle starts again

[–] [email protected] 2 points 2 months ago (1 children)

a docker

Something tells me you don't really know Docker

[–] [email protected] 2 points 2 months ago

I mean like running their hypothetical control software/framework within a docker on a local server. Is that illogical? I do the same for the software that runs my ip cameras with my home server, instead of them needing to connect to some external server.

You’re ultimately right though, when it comes to docker I am at the proficiency level of “can deploy other people’s images” and not so much on the “have bothered to make my own”

load more comments (6 replies)