TL;DR: If you have Amazon IoT devices in your home, such as Echo or Ring cameras, and your neighbors have any of the same, you will be able to jump onto their network and they onto yours.

Nifty, huh?

Excerpt:

quote:

Amazon is close to launching Sidewalk – its ad-hoc wireless network for smart-home devices that taps into people's Wi-Fi – and it is pretty much an opt-out affair.

The gist of Sidewalk is this: nearby Amazon gadgets, regardless of who owns them, can automatically organize themselves into their own private wireless network mesh, communicating primarily using Bluetooth Low Energy over short distances, and 900MHz LoRa over longer ranges.
...
Amazon Echoes, Ring Floodlight Cams, and Ring Spotlight Cams will be the first Sidewalk bridging devices as well as Sidewalk endpoints. The internet giant hopes to encourage third-party manufacturers to produce equipment that is also Sidewalk compatible, extending meshes everywhere.

Crucially, it appears Sidewalk is opt-out for those who already have the hardware, and will be opt-in for those buying new gear.

[Emphasis added]
What the above means is that if you already have certain Amazon hardware, and Sidewalk is added to it in a firmware update, it will be enabled by default, without asking you.

Full article: Amazon's ad-hoc Ring, Echo mesh network can mooch off your neighbors' Wi-Fi if needed – and it's opt-out

I have one remaining Amazon device on our WLAN, a 2nd Gen. Fire TV. And it's rarely powered on. With this I'm thinking it may never be powered on ever again, and there'll be no more Amazon IoT devices placed on our LAN or WLAN. Ever.

wifi encryption doesn't matter anymore for this use??

quote:

Originally posted by airbubba:
wifi encryption doesn't matter anymore for this use??

"...communicating primarily using Bluetooth Low Energy over short distances, and 900MHz LoRa over longer ranges."

This is such a ludicrous plan I cannot help but laugh

Here's a screenshot of the email I got from Amazon on November 24th and nothing heard from them since. I have the latest Alexa app and have not seen this "Sidewalk" feature in settings yet. I keep checking every few days or when I think about it, so I can disable "Sidewalk" when it shows up. I don't need it nor would use it. I don't use devices outside the normal range of my WiFi router. If others in the neighborhood use their devices outside their router's range, I don't feel it is on me to compensate for them.

I just wonder if I'll need to disable "Sidewalk" every time there is an Alexa update in the future.

I guess this is a difference between a retired network admin. and everyday end-users. The LANs I administered at work were nailed-down at the border. When we had multiple multiple locations, the individual LANs were carefully isolated from one another. Thus: Whatever was on the internal LAN was regarded as (mostly) trustworthy.

We did not allow employee devices, such as phones and tablets, on our LANs for two reasons: 1. We had no reasonable way to ensure they weren't compromised and 2. If they had cellular connections they could conceivably allow our Internet firewalls to be bypassed.

I run our home LAN and WLAN the same way I ran our corporate networks. Devices on my network that could reach out and connect to foreign networks are unacceptable to me. I find the mere concept appalling.

Agree with all of your approach. But I have also found that corporate IT has gotten pretty lazy with their security concerns. Just look at the level of hacking going on today. I still do not understand why EVERYTHING has to be wifi or bluetooth connected today. For Christ;s sake you can get a bluetooth connected toothbrush.

In general I only connect things that NEED to be connected for my purposes. Funny story, when I was locking down one of my daughters from internet many years ago I found out she was accessing through the FRIDGE of all things. I had it hooked up only to show weather at a glance. No more

Oh yeah, for me I will build my own camera server (Blue Iris currently). NEVER will I subscribe to anything Amazon, or Ring, or anything else from companies that monitor you and share that data with other companies and police departments.

quote:

Originally posted by cruiser68:
Agree with all of your approach. But I have also found that corporate IT has gotten pretty lazy with their security concerns.

Hell, corporations got lazy with corporate IT security starting... better than twenty years ago. Coincidentally, about the time Microsoft started making serious inroads into Corporate Enterprise networks with MS-Win NT 4, in fact.

No, I'm not blaming it on Microsoft.

Coincident with that, proxying firewalls started falling out of favor, being replaced by stateful and so-called "deep packet inspection" systems. Real firewall geeks looked at that stuff and objected "That's no firewall!" They were ignored. Then corporations started drilling more-and-more holes in what "firewalls" they had and started throwing just any old thing on their LANs that seemed like a Neat Idea.

I was lucky. Or maybe it was because I was so flipping obstinate. I wasn't going to stand for that nonsense. My bosses soon noticed that partners, competitors, suppliers, and customers were getting 0wn3d right-and-left, while we were not.

quote:

Originally posted by cruiser68:
Just look at the level of hacking going on today.

Indeed. Those same network security geeks with whom I used to regularly converse predicted, when things started going in the direction they did at the time, this is where we'd end up. Many of them left their jobs, and even embarked on whole new careers, rather than either continue trying to fight it or stick around and deal with the constant fallout.

I imagine that if I walked into a corporation today on a network security consulting gig and was asked "What do we need to do?" my answer would be something like "Burn it all to the ground and start over"

Comcast/Xfinity has been doing something similar with their wifi and their Xfinity mobile. My wife and I still have Xfinity mobile and started using it in Washington. When you’re near someone’s home with Xfinity internet, anyone with Xfinity mobile joins their network.
Being that Xfinity pretty much has a monopoly on internet in Western Washington, we used almost zero cellular data. Our phones would connect with whatever router was close and we would leech off their connection. Walk up the street and it was like an AP setup where you would switch from one to the next and not even notice the change.

It would simply show “Xfinity Hotspot” and wouldn’t give you the SSID if the network you were leeching from.

Only way to disable this was to have Comcast shut off the router that’s built into their modem, and use your own router.

quote:

Originally posted by Beancooker:
Only way to disable this was to have Comcast shut off the router that’s built into their modem, and use your own router.

I use an Xfinity gateway that I set up in bridge mode. It is connected to my own router and Aruba enterprise APs.

The tech that installed my new coax line (to support gigabit download speeds) recommended that I go into my Xfinity Internet Service account settings online and, under the WiFi Public Hotspot setting, select "disable" Public hotspot status.

According to him, even if you are using your own router and WiFi radios, the gateway's public hotspot will be active unless you disable this setting.

No need to call Comcast. You can turn off the public hotspot yourself online.

quote:

Originally posted by EZ_B:

I use an Xfinity gateway that I set up in bridge mode. It is connected to my own router and Aruba enterprise APs.

The tech that installed my new coax line (to support gigabit download speeds) recommended that I go into my Xfinity Internet Service account settings online and, under the WiFi Public Hotspot setting, select "disable" Public hotspot status.

According to him, even if you are using your own router and WiFi radios, the gateway's public hotspot will be active unless you disable this setting.

No need to call Comcast. You can turn off the public hotspot yourself online.

Good to know. I now live in central AZ, aka the land of complete trash internet. I have a decent deal through century link for their fiber service. Disabled their router as the router built into the modem is only capable of 300 mbps. I run an Apple router.

I miss Comcast everyday.

quote:

Originally posted by ensigmatic:

quote:

Originally posted by airbubba:
wifi encryption doesn't matter anymore for this use??

"...communicating primarily using Bluetooth Low Energy over short distances, and 900MHz LoRa over longer ranges."

both BLE and LoRa have very low data rates. so what's the point?

I'm pretty pissed that amazon bought Ring.

quote:

Originally posted by Beancooker:
I miss Comcast everyday.

Lots of people I know consistently complain about Xfinity/Comcast.

But I get 950 Mbps down and 40+ Mbps up all day long on my wired desktop.

Even with everyone working/learning from home these days my Xfinity service has been extremely reliable and robust.

I pay about $200 a month for unlimited gigabit Internet, more channels than I will ever watch (including HBO Max), and unlimited landline phone service.

It might not be a bargain, but we regularly consume over 1 TB of data a month. So for us, it's worth it.

quote:

Originally posted by Beancooker:
Comcast/Xfinity has been doing something similar with their wifi and their Xfinity mobile.

Nope. Not the same thing. Not even remotely. I will draw a crude ASCII drawing to illustrate the difference.

What Comcast/Xfinity does:

Your LAN/WLAN <-> Comcast/Xfinity modem <-> Internet
                          ^
                          |
                          v
                    Xfinity Mobile

What Amazon is doing:

Your LAN/WLAN <-> Your ISP's modem <-> Internet
     ^
     |
     v
Neighbor's LAN/WLAN <-> Neighbor's ISP's modem <-> Internet

With what Comcast/Xfinity is doing, "guests" on the public WiFi connection do not have access to your LAN/WLAN. Presumably Comcast/Xfinity have taken measures to ensure such guests cannot even see the host homeowner's/business' Internet traffic, either. (I would not gamble on that, which is one reason I would not use one of those devices.)

With what Amazon's doing, neighboring networks' traffic is placed on other neighboring networks' LANS/WLANS.

Massive difference.

quote:

Originally posted by radioman:
both BLE and LoRa have very low data rates. so what's the point?

Better some connectivity than none? Especially since, with some of these IoT devices: Lose Internet connectivity and they go entirely stupid. E.g.: What one member noted about a neighbor who was without Internet connectivity following the Nashville incident.

Most folks won't care nor will they comprehend how it works, they'll just be glad that if they lose wi-fi that their security devices will still work and be accessible...

IF you dig down into the details it would seem side-walk was designed to be safe, secure and privacy conscious.

You can listen or read Steve Gibon's analysis of it in Security Now! 796.
https://www.grc.com/securitynow.htm


If you don't like stuff like this happening on your network. I suggest you remove all the Internet of Things (IoT) devices off your LAN, either stop using them or put them on their own network that you have ingress and egress restrictions on. That is what I have at my house, separate LAN/WiFi just for cameras, door bell, smoke detectors, ...

Most people have a blanket Allow All egress rule on their home networks. The amount of connections IoT devices make out-bound is staggering. Many of them are connecting to data centers in China and/or Asia.

quote:

Originally posted by eyrich:
IF you dig down into the details it would seem side-walk was designed to be safe, secure and privacy conscious.

Uh huh.

I would no more trust my network security to them than I do my ISP, which is why I've always run my own border routers.

quote:

Originally posted by eyrich:
Most people have a blanket Allow All egress rule on their home networks.

That's because that's the way routers are out-of-the-box and very few Joe or Jane Homeowner types have any idea what "egress rules" even are, much less what are reasonable egress rules, much less how to configure them.

quote:

Originally posted by eyrich:
The amount of connections IoT devices make out-bound is staggering. Many of them are connecting to data centers in China and/or Asia.

Word.

So, here’s the thing... I could see the “social good” in this. If a security system could trigger all the cameras in a neighborhood to start recording, and time sync, whenever one system gets triggered, it would, presumably, have a high chance of recording any break-ins, etc.

I see the potential STAZI informer effect, but I’m not sure that it would matter. Cameras are so cheap now, it would be simple for a totalitarian official to just install them, everywhere.

IMPORTANT: Opt out now.

only a few days left until this piece of crap rolls out.