‘End-to-end encrypted’ smart toilet camera is not actually end-to-end encrypted | TechCrunch
techcrunch.com
Kohler, the makers of a smart toilet camera, can access customers' data stored on its servers, and can use customers’ bowl pictures to train AI.

Kohler, the makers of a smart toilet camera, can access customers’ data stored on its servers, and can use customers’ bowl pictures to train AI.

  • commie@lemmy.dbzer0.comEnglish
    92·
    16 hours ago

    https is end to end

    surely, once I read this article, I’ll find they implemented ssl

    edit:

    as I suspected, Kohler is one of the ends of the e2ee. and it is implemented. what is the news here exactly

    • Nikokin@lemmy.worldEnglish
      3·
      14 hours ago

      Https is the transit. End to end encrypted means it’s encrypted before, during, and after transit. Ie the data at rest would/should be encrypted

        • Asetru@feddit.orgEnglish
          1·
          9 hours ago

          They also said they decrypt after transit before they encrypt at rest, so it’s not encrypted in between and they can look at your data. So it’s not e2e if you want both ends to be you.

      • commie@lemmy.dbzer0.comEnglish
        32·
        13 hours ago

        if Kohler is the other end of your transmission, and the data is encrypted til they decrypt it, it’s e2ee. if you disagree, try explaining why.

        • theunknownmuncher@lemmy.worldEnglish
          4·
          12 hours ago

          Because that’s plainly not what end to end encrypted means. That’s just HTTPS.

          if Kohler is the other end of your transmission

          They’re providing the service. End to end encryption maintains an encrypted communication channel between two clients that the service provider cannot decrypt.

          By your definition, all HTTPS traffic would be end to end encrypted.

          The term “end to end encryption” is just not applicable to this context and using it as marketting to users in order to give them a false sense of security is disingenous.

          • pivot_root@lemmy.worldEnglish
            12·
            12 hours ago

            From the perspective of the Kohler toilet camera being the sender and the Kohler shit-reviewing service being the recipient, TLS can technically be end-to-end encryption. As long as the shit-reviewing server is doing the TLS termination itself—and not Cloudflare or a reverse proxy—that meets the definition insofar as only the two communicating parties having the ability to see the cleartext. That’s assuming the server has disk encryption and no employee has access to it while the disk is unlocked.

            Kohler calling it E2EE is still disingenuous as fuck regardless of my above hypothetical, however.