PSA Newsletter 10: Privacy, Security, Automation!
UK Online Safety Bill, An IP Camera System Recommendation, Philips Hue will require an account soon, and more...
The UK parliament's Online Safety Bill has passed and is now on its way to becoming law. Regardless of what is printed and spun about this bill, there are a few things everyone needs to remember:
- It is very difficult to prove someone is of a certain age online with 100% accuracy.
- It is physically impossible to build a secret backdoor into an E2EE (End to End Encrypted) system, no matter how much well-intentioned legislation is thrown at it. Full stop. This is a physics and math problem; not a legislative problem.
- Systems that claim to be encrypted, but are not E2EE (there's a difference) such as Telegram, can't build a backdoor that only authorized users can utilize. It has been revealed several times in the last ten years that bad actors such as government-sponsored hackers and criminals eventually discover these exploits and utilize them for nefarious means.
The passage of this bill will have a massive effect on most if not all internet-connected companies operating in the UK who don't have the option of exiting that market. Those that can afford to leave, will. 
Reolink makes a local-first NVR (network video recorder) and cameras. If you'd like the benefits of IP cameras, but without immediately uploading to the cloud, give Reolink a look. 
Signify, the company that owns Philips Hue, has made a change to their app that will now require an account and sign in before using lights and other homekit appliances users have already paid for. Understandably, longtime users are furious at being made to create yet another account to use what were once considered simple and private smart devices. For the time being, an alternative to Philips Hue are Nanoleaf bulbs. As of this writing, Nanoleaf doesn't require a login, has a track record of making local-first light panels and lights, and is privately held. However, this is not a guarantee against a future change. As always, segment your smart home devices as best you can and deny direct internet access via your router's settings if they start to ask for a login before allowing you to control your smart home.