Bad Smart Watch Authentication
14 comments
·February 9, 2025mightysashiman
now if one could do some reverse engineering on Garmin watches and enable an opensource alternative to Garmin Connect, that would be marvellous.
ulf-77723
What‘s wrong with Connect from your perspective? My only concern with it is that it’s slow
arijun
I wish there was a concept of paid expert reviews on Amazon/everywhere. A general review system works well (ignoring review gaming) when your concern is "Does this shirt fit?" or "What's the build quality?", but fails when one expert review of "This device is fundamentally unsound," gets drowned out by reviews on the more easily testable aspects ("The band is really comfortable!").
A great example would be when Benson Leung was testing USB-C cables on Amazon to see which were standards compliant.
ge96
In my experience too when posting a negative review it can get removed (this was about replacement batteries for lenovo laptops).
fph
We need to use Unicode steganography to hide the message "this smartwatch sucks" into an innocent-looking review.
redleader55
Apparently something similar is used by Chinese customers reviewing restaurants. They would make a food sign from food pieces that spells "crap food" in slang, but otherwise leave a stellar review for the restaurant.
scblock
How does this help anyone?
michaelt
I considered doing this once, a few years ago, but I couldn't figure out a way to make it work.
It's pretty frustrating that when you're shopping for a laptop, nobody can tell you it'll suspend properly under Linux. Or when you're shopping for a bike light nobody can tell you whether over the summer it'll self-discharge to the point it bricks itself due to cell imbalance. Or when you're shopping for a microsd card, nobody can tell you.... you get the picture.
But to produce honest reviews, I couldn't accept free review units, kickbacks or affiliate money. And people shopping for laptops and bike lights don't need a $$$-per-month subscription to my newsletter/channel/patreon, they just need a few yes-or-no answers.
And there's a huge amount of churn in products on sites like Amazon; you wouldn't just pay for 40 bike lights, review them all, and solve the problem forever. Different models and brands appear all the time.
And even then, just because when I reviewed that microsd card and found it had great performance, nothing stops the manufacturer substituting cheaper components later on, without changing the part number; it's not like there was a specification promising the performance I observed in my review.
HnUser12
Isn’t amazon vine paid review?
ThinkingGuy
TornadoGuard: https://xkcd.com/937/
thrownblown
Project Farm!
null
Great writeup, didn’t expect “bad authentication” to actually be zero authentication, that’s absurd.