Is Nest Protect defective?

A few minutes after midnight, our interconnected Nest Protect smoke and carbon monoxide detectors began to scream. “Emergency,” said the voice between alarm tones, “there’s smoke in the hallway.” I exited the bedroom, iPhone in hand, ready to call 911. I found nothing. No smoke. No steam. No emergency. I pressed the button to silence the ear-splitting alarm above my head. “This alarm can’t be silenced,” it replied, “smoke levels are too high.”

I repeated the process, creating a short video. Sorry about the image orientation, but in my defense, it was late.

From my background with alarm systems, I know that dust can trigger some devices, so I grabbed a handheld vacuum and applied it to the screaming Nest Protect to no avail. After six minutes of alarms sounding throughout our home, I finally removed it from the ceiling and disconnected the AC power connector. The Nest Protect, now in my hands, reported that the power was out, and then that the non-existent “smoke” was clearing.

Alarms created by cooking, steam, aerosol sprays, and actual smoke are understandable. But ironically, the most expensive and sophisticated smoke detectors I have ever purchased may have a serious problem. I’m not alone. A US law firm is also looking into the issue.

According to Nest Support, there is no known problem. They are, however, sending me a new second-generation Nest Protect to replace the first-generation unit that alarmed. As far as the other first-generation Nest Protects I purchased at the same time are concerned, I apparently have to wait and see if they also produce false alarms.

The Nest problem puts consumers in a very uncomfortable situation. If Nest Protect owners receive an emergency notification while not at home, what should they do? Assume a false alarm and that property and pets will be ok? Call 911 and hope that the fire department doesn’t break down their front door in response to Nest Protect’s fantom smoke?

My confidence in Nest Protect has been shaken. Unexplained fantom false alarms are not acceptable. If this problem only occurs with first-generation units, Nest (now owned by Google) should see that in their data and replace them all, or at the very least advise owners. Are they hoping that consumers will upgrade to the second generation devices at their own expense? Or maybe they just don’t know why false alarms are occurring.

For now, the questions remain: Can I trust this product? Is Nest Protect defective?

Yelp, or should it be Yikes…

Several articles have been published about the accuracy and reliability of reviews on Yelp, including The Huffington Post and CBC. Yelp is apparently working on the issue, but I’m not optimistic. Their primary business is advertising; reviews are just content used for SEO, to crowdsource adding businesses, and to engage readers.

My IT in Canada column this week discusses the impact of questionable (I’m being polite) Yelp reviews on a local business. You can read the article here.

Note: I reached out to Yelp for comment, but they did not reply.


Missing filing cabinet!

A grey Global 9300 Series Lateral Filing Cabinet (9336-5-05) was ordered from Grand and Toy on April 9, 2016 and the AMEX card was charged on April 14, 2016. Despite multiple requests, and several days of “investigation”, Grand and Toy has been unable to locate, deliver, or provide an ETA for the missing filing cabinet. Please help!

Updated 21 April 2016: Grand and Toy have located and delivered the filing cabinet, and their management have been in touch. They are looking into what went wrong and how their process can be improved.

2014-15 Annual Report of the Communications Security Establishment Commissioner

This week the 2014-15 Annual Report of the Communications Security Establishment Commissioner was tabled in Parliament. The report was submitted in June 2015 to then Minister of National Defence Jason Kenney, but suspiciously not tabled prior to the election. The incoming Liberal government inherited the report and tabled it.

Jim Bronskill’s piece for CP, “Canada’s electronic spy agency broke privacy law by sharing metadata, watchdog says,” appears well substantiated by the report. However, it is important to note that this appears to have been an isolated incident with minimal privacy consequences.

Next week, in my column for IT in Canada, I’ll be looking at the larger issue of oversight and what Parliament should do to protect Canadians.

Pacific Lock Company

In my column this week I wrote about padlocks and parallels with cybersecurity. One of the many things I enjoy about writing is talking to companies about their products. When I started on the article, I reached out to several padlock manufacturers including Master Lock, Abus, and Abloy. Surprisingly, none of them would talk about their products to a security columnist!

In my quest for an expert quote, I stumbled across Pacific Lock Company. I had never heard of them, but as it turns out they’re one of the few independent lock companies left in North America, and possibly the world. Greg Waugh, President of the family-owned business, was happy to talk and sent me a few sample locks.

As I wrote in my article, “I was pleasantly surprised with the quality and value of PACLOCK products. Their 90A aluminum padlock with a 6-pin rekeyable cylinder sells for less than US $20 and is clearly superior to most similarly-sized padlocks on the market. Alternating spool and serrated pins make them as pick resistant as pin-tumbler locks gets. With the potential exception of a skilled locksmith willing to spend half an hour picking it, this lock will only be removed by destroying it.”

Happy New Year!

According to the Identity Theft Research Center (ITRC), in the United States there were 780 publicized data breaches in 2015 that exposed 177,866,236 records. That doesn’t include undetected breaches or those that targeted intellectual property instead of personal data.

Here in Canada we don’t know how many breaches occurred and what the practical impact of the breach notification requirements in the Digital Privacy Act will be.

The one thing we do know for certain is that the ITRC numbers represent the tip of the iceberg. This week, in my column for IT in Canada, I’ll discuss five things ever business should do to reduce the likelihood of a breach.