Google's Nest halts sales of its fire alarm – because waving your hand switches it off

Updates push over the air to fix safety concern


Google's Internet-of-Things wunderkind Nest is disabling a software feature called Nest Wave, citing safety concerns.

In this letter to customers, Nest Labs CEO Tony Fadell writes: “During recent laboratory testing of the Nest Protect smoke alarm, we observed a unique combination of circumstances that caused us to question whether the Nest Wave (a feature that enables you to turn off your alarm with a wave of the hand) could be unintentionally activated. This could delay an alarm going off if there was a real fire.”

As a result, Fadell says, the feature is being disabled immediately and automatically in all Nest devices in the field, and “we have also halted sales of all new Nest Protect alarms to ensure no one buys an alarm that needs an immediate update.”

Let's just look at the salient point again: the disabling is happening automatically, without any intervention required on the part of the user. As noted in the letter: “Within 24 hours, Nest Wave will be automatically disabled. You don’t need to do anything and even with this feature disabled, our smoke alarm will continue to work very effectively”.

If hackers of all hat shades between white and black weren't already looking at the functionality that gives Nest Labs the ability to push device updates without user interaction, they probably are now.

In the rare case that the Nest Labs alarm device has found its way into an installation with no WiFi access and no Nest user account, the company is offering refunds.

Last January, Fadell promised that for the time being, Google's ownership of the company wouldn't see its data swallowed up into the Chocolate Factory's advertising data sets. So El Reg has to accept that so far, it's only using its unfettered access to connected devices for good, not evil. Right? ®

Similar topics

Broader topics


Other stories you might like

  • AI tool finds hundreds of genes related to human motor neuron disease

    Breakthrough could lead to development of drugs to target illness

    A machine-learning algorithm has helped scientists find 690 human genes associated with a higher risk of developing motor neuron disease, according to research published in Cell this week.

    Neuronal cells in the central nervous system and brain break down and die in people with motor neuron disease, like amyotrophic lateral sclerosis (ALS) more commonly known as Lou Gehrig's disease, named after the baseball player who developed it. They lose control over their bodies, and as the disease progresses patients become completely paralyzed. There is no currently no verified cure for ALS.

    Motor neuron disease typically affects people in old age and its causes are unknown. Johnathan Cooper-Knock, a clinical lecturer at the University of Sheffield in England and leader of Project MinE, an ambitious effort to perform whole genome sequencing of ALS, believes that understanding how genes affect cellular function could help scientists develop new drugs to treat the disease.

    Continue reading
  • Need to prioritize security bug patches? Don't forget to scan Twitter as well as use CVSS scores

    Exploit, vulnerability discussion online can offer useful signals

    Organizations looking to minimize exposure to exploitable software should scan Twitter for mentions of security bugs as well as use the Common Vulnerability Scoring System or CVSS, Kenna Security argues.

    Better still is prioritizing the repair of vulnerabilities for which exploit code is available, if that information is known.

    CVSS is a framework for rating the severity of software vulnerabilities (identified using CVE, or Common Vulnerability Enumeration, numbers), on a scale from 1 (least severe) to 10 (most severe). It's overseen by First.org, a US-based, non-profit computer security organization.

    Continue reading
  • Sniff those Ukrainian emails a little more carefully, advises Uncle Sam in wake of Belarusian digital vandalism

    NotPetya started over there, don't forget

    US companies should be on the lookout for security nasties from Ukrainian partners following the digital graffiti and malware attack launched against Ukraine by Belarus, the CISA has warned.

    In a statement issued on Tuesday, the Cybersecurity and Infrastructure Security Agency said it "strongly urges leaders and network defenders to be on alert for malicious cyber activity," having issued a checklist [PDF] of recommended actions to take.

    "If working with Ukrainian organizations, take extra care to monitor, inspect, and isolate traffic from those organizations; closely review access controls for that traffic," added CISA, which also advised reviewing backups and disaster recovery drills.

    Continue reading

Biting the hand that feeds IT © 1998–2022