Fallout From the AWS Outage: Smart Mattresses Go Rogue
Key topics
The article discusses how a recent AWS outage caused issues with 'smart' mattresses, highlighting the problems of cloud-dependent devices, and the HN discussion revolves around the frustrations and concerns with such devices.
Snapshot generated from the HN discussion
Discussion Activity
Very active discussionFirst comment
N/A
Peak period
132
0-3h
Avg / period
14.5
Based on 160 loaded comments
Key moments
- 01Story posted
Oct 21, 2025 at 12:50 PM EDT
3 months ago
Step 01 - 02First comment
Oct 21, 2025 at 12:50 PM EDT
0s after posting
Step 02 - 03Peak activity
132 comments in 0-3h
Hottest window of the conversation
Step 03 - 04Latest activity
Oct 23, 2025 at 2:23 PM EDT
3 months ago
Step 04
Generating AI Summary...
Analyzing up to 500 comments to identify key contributors and discussion patterns
Want the full context?
Jump to the original sources
Read the primary article or dive into the live Hacker News thread when you're ready.
Call me cynical or just disappointed and jaded, but short of some EU consumer advocacy group pushing for it, I don't see how anything would realistically happen. 99% of laws are made after something bad-bad has already happened.
Often because the government is threatening to impose regulation. I’m not sure how many examples there are of industries independently choosing to collaborate to regulate themselves.
For example, if I pull the thermostat off my wall, the furnace should drop into a fallback mode that keeps the heat above freezing (I'm in Canada where this is a concern.)
I moved into a new house and did not set up the lawn irrigation system. Despite being disconnected from the cloud service, the system kept running its schedule, when I would have expected it turn off in order to conserve water.
So it's perfectly reasonable for the furnace to turn off when it is disconnected, because disconnection would be a very strong signal for an error state instead of regular intermittent network/service issues.
Certainly, the standard smart thermostat set up is that your ecobee is connected to the Internet, but controls the furnace using good old-fashioned signal wires
The overwhelmingly most common connection between a thermostat and furnace is a contact closure when calling for heat, with no ability to differentiate between “thermostat is present but not calling for heat” and “thermostat is not present” as both present as "these T-T contacts are not closed/shorted together".
While it is controllable via the cloud, even without wifi it continues to function.
You could in theory put one next to the furnace in your machine closet but that would be dumb and expensive
Fail "safe"...not Fail "keep running"
It is extraordinarily hard to design something that can withstand that pressure and still be fit for purpose. The item needs to be able to withstand pressures in excess of ~10k psi for -10c, with the pressure rising as temp decreases.
The standard solution for people that need to winterize a building that will not be heated is to drain as much water as possible from the lines, and then fill them with a liquid with a lower freezing point.
The furnace defaults to on to save the water pipes. The sprinkler defaults to off to conserve water as the system is potentially unmonitored and a burst pipe could cause issues.
A thermostat and controls are a necessary requirement for HVAC systems and defaulting anything to "run" if your control plane doesn't exist anymore is definitely not the safe option.
The other issue is that in almost all situations (like this one) what you think is a safe and sane default won't align with what other people think.
There should be defaults and they should be clearly defined, but I don't think it's always obvious to determine what they are.
While I agree with your overall point, this clause is irrelevant to/not supportive of it. The presence of a thermostat wasn't going to help you here either and there are vastly more furnaces with connected thermostats than disconnected to worry about.
CO detectors and alarms are needed to address this risk.
Freezing water pipes are bad, but a furnace running non-stop is going to exceed its duty cycle and pose a greater hazard.
Furnaces have multiple checks when they turned on, even on the dumbest furnaces. There are multiple safety mechanisms preventing it from getting too hot. CO leak - what thermostat will do for you here?
I had a friend in Australia who ran cattle on his farm. Failing open would waste water, but failing closed would mean dead cattle (and hundreds of thousands in losses). It depends on the application.
A standard furnace and thermostat won’t even know if you pull the thermostat off the wall, much less have any way to handle it beyond “full blast heat 24/7”
More challenging: you expected the sprinkler setup to do the opposite. Instead of following its last-known plan (the schedule) it should stop doing anything (possibly killing the plants it’s watering)
Good off-line only mode in a reasonable plan for what to do without the Internet makes a lot of sense, but at some point, there’s a control system and you need to change it (or even just have one in the thermostat example)
I agree it's not likely (especially if the system is running as-scheduled), but it was a surprise is all. What if I didn't set up the service at all, and it dropped below 0 C? I would be in for a nasty surprise in the spring.
More interestingly (to me): did it have a local interface or was the only way to update it tied to the internet?
You have to drain them yearly.
Why does the control system have to live on someone else's server in "the cloud"?
There's no reason for smart home devices to require an internet connection to the producer's service. Companies could just as easily put compute on device, or sell some sort of "bridge" (aka a home server appliance) that runs the compute and the accessories connect to.
Fully offline, local network only.
Save the online stuff just for analytics or other value-add features, but core functionality shouldn't require a web service.
The only reason it's 100% internet connection required all the time is to sell subscriptions, aka consumer hostile behavior.
In both cases the control system is physically in your house. It sounds like the sprinkler system did work completely offline (though it's not clear if you'd actually be able to change anything without internet - that would be a problem if not), they didn't set up an account so the system was in "offline" mode and dutifully ran the sprinklers on the last known schedule.
For the thermostat the example was physically removing the control system, which is typically not connected to the furnace through any sort of internet connection, and expecting the furnace to know what to do.
When it comes to safety it’s a bit more clear cut. The job of a heating system is to heat so don’t turn off heating when this can endanger people and houses.
The job of a lawn irrigation system is to irrigate. Who wants a dead lawn just because the internet or wifi are down, or to conserve water only when the system is disconnected from the internet but not from electricity?
That isn't the case, and so if the safe default is off, that definitely hampers utility, which isn't a very good selling point, heh.
I'd consider this a very important feature
What we need is a “in the event of X - keep doing Y”.
Not running when disconnected is definitely a safe default, but I'm not sure it's automatically desired. If I found out I couldn't use my sprinkler system unless it was connected to the internet, I'd be annoyed at the unnecessary gating of such functionality.
I'd have expected (and strongly prefer) that it keep running with whatever the last settings were. That's almost surely going to be healthier for the lawn, ornamentals, and vegetable garden than shutting off.
I would wager that most people with automated irrigation systems prefer plant growth/protection over water conservation.
I'm not sure how you'd program a furnace to run to keep a house above freezing without any temperature feedback from the house. You could potentially run it until the area immediately surrounding the furnace itself was above freezing, but that would be nowhere near enough in some cases and way, way more than needed in other cases. You might able to use outdoor weather compensation (easier/more effective/comfortable with hydronic heat distribution than with ducted air heating) if programmed correctly, but my experience is that most are either not installed or are configured to be far too hot [because call-backs are expensive and paid by the HVAC company usually].
edit: a more succinct way of expressing my thinking is to say "the less software the better" by which which normies are are often amused.
It's also not very well supported in things like homeassistant, despite what they say.
One of the overlooked features of the Apple Home app is its ability to firewall your IoT devices. If you have a compatible router:
Home Settings → Wi-Fi Network & Routers → HomeKit Accessory Security
The options are:
The Automatic setting only allows devices to talk to a manufacturer whitelist of connections for things like firmware updates. The other two options are self-evident.I've found that "Restrict to Home" occasionally causes problems with older devices.
I actually have a router that supports it, but I don’t dare turn it on because I have no confidence on it continuing to exist and the migration path back off it looks like a pain.
Tech workers: The only piece of technology in my house is a printer and I keep a gun next to it so I can shoot it if it makes a noise I don't recognize.
(stolen from @PPathole on Twitter)
This is the earliest version I have found: <https://imgur.com/6wbgy2L>
Maybe that's the best option TBH.
I told my electrician to redo lighting in a more sensible and modern way but basically nothing involving smart devices -- to which he wholeheartedly agreed. There are a couple things that aren't quite convenient related to how everything is positioned and because a couple of motion detectors weren't reconnected. And I'll deal with those with unconnected devices.
So I had an opportunity to make the house "smart" and basically passed.
(Will probably add some remote monitoring over time but nothing fancy and mostly Raspberry Pi-based.)
If I had an electrician redo the wiring, I'd do the same thing without the "smart".
(He also took out a ton of knob and tube wiring which gives you some idea of when the original wiring dated to even if a lot had been incrementally upgraded over the years.)
At the time it was an upgrade from halogen bulbs, so the lights themselves have seen me through 10 years so far, way more than the old lights would have. Sadly, they're all bound to go some point soon. It has been 10 years though!
I would never enable the feature that lets you control them from out of the home though. I'm not completely sure what the purpose of that would be..
It was a great way to keep the fridge alive, the thermostat was already a replacement and it never worked properly, so that sometimes things were frozen, sometimes barely cold. ~24 years old. A new one would be more efficient, but then I woudln't be able to log when I opened the fridge anymore (only with something battery powered and long transmit intervals).
> A new one would be more efficient, but then I woudln't be able to log when I opened the fridge anymore (only with something battery powered and long transmit intervals).
Also, how did you do this? Wiring to the door switch itself or a current switch around the fridge light conductor?
History students are often disappointed when they learn why the AI take-over failed. They were defeated by human resistance, which was kept alive by libraries and old paper books, and a surprising machine ally.
Books had not been replaced, because even the mightiest AI could not make printers work.
But I do have Zigbee sensors and switches, all of which connect to my home server and Home Assistant. None of them see the internet. But Home Assistant is accessible from the internet through a reverse proxy from whitelisted IPs.
Edit: I'm not talking on a day to day basis, but when I go on a trip. And I don't have a porch nor I like beer.
Amazing that some people downvote for stating the obvious, which is that you can lose some convenience. There's trade offs when you connect something to the Internet? That's also obvious.
When I get back home in the summer from a short trip away, with a toddler and a million bags it is definitely convenient for me to have a cool home and not a 40+ degrees celsius one.
My Ecobee is convenient but will probably go back to an offline model when it dies or loses support. Once I dialed in my preferred schedule, I rarely touch it except to lock a set temperature when going out of town.
so the rule stays the same with slight modification - nothing every gets connected to wifi unless you have phd in networking :)
I've had good luck with the TP-Link/Kasa/Tapo wall switches and bulbs.
Difficult if you're not there though? Whereas a smart bulb/switch can turn it on when you're not there (crime deterrence) or when you're almost home (handy in hallway with no light.)
(Niche uses, perhaps, but "I just use my hands" is reductive silliness.)
In fact you could even use an simple analog switch if you want the lights to go on at certain times. And for the hallway I would suggest the tried and true motion sensor.
Sure for really complex logic and a lot of flexibility you might want an micro controller eventually but those are truly niche uses.
"Smart" devices are insanely overengineered for the simple problems they solve and the huge problems they can cause.
By the time I'm in the dark hallway, it's a bit late. "But just add a motion sensor outside!" Yeah, except this is a block of flats and you can't add stuff to the communal areas like that.
> if you want the lights to go on at certain times
I don't. I want the lights to go on -as if we were at home-. Which is "random times depending on which room and what people are doing and if there is cooking going on and ..." Home Assistant learns from smart bulb activations and can simulate our presence effectively.
This 24 hour timer can turn on two devices (lamps) on for whatever time interval you program, it’s $12: https://www.homedepot.com/p/Defiant-15-Amp-24-Hour-Indoor-Pl...
It consists of a mechanical timer, a dial, and a relay. It plugs into a receptacle. It does not require an internet connection.
> or when you're almost home (handy in hallway with no light.)
This wall switch occupancy sensor that can switch 2A (240 watts at 120V, more than enough for one hallway) is $23, it’s a decora device so figure $2 more for a 1-gang stainless decora wall plate (or less than buck if you go with plastic!): https://www.homedepot.com/p/Lutron-Maestro-Motion-Sensor-Swi...
Wall switch occ sensors get more expensive as the current they can switch gets higher, one that can do 6A is $87: https://www.homedepot.com/p/Lutron-Maestro-Dual-Tech-Motion-...
However, that much current can power (72) 10W LED recessed cans that each put out about ~1000 lumens. Or enough light for approximately 2400 square feet of interior space.
> (Niche uses, perhaps, but "I just use my hands" is reductive silliness.)
These are not niche functions, occupancy sensing and time of day scheduling are in basically every commercial lighting control system and fairly common in homes. They’re solved problems with cheap commodity devices available that don't require an internet connection.
> It consists of a mechanical timer, a dial, and a relay.
Great but it only works on fixed times. Which isn't what we want.
> This wall switch occupancy sensor
Would only work once we're inside. Which isn't what we want.
(And there's no possibility of putting one outside.)
> They’re solved problems with cheap commodity devices
For certain simplistic scenarios where things are easily installable, etc. Which is great! I'm not saying everyone should use smart things. Just pointing out, repeatedly, that the "cheap commodity devices" do not, and indeed cannot, perform the same functions as smart devices.
The switches I buy, do all of the dumb stuff, plus more - and the "plus more" parts can be quite useful.
More than once I got stuck standing outside in the rain waiting for the smart door lock to come back online after a squirrel jiggled the cable drop by running down it or some k8s pod in the cloud service got knocked over by a chaos gremlin or someone was using a vacuum cleaner that generated too much noise in the wifi spectrum or who even knows what.
For instance, most people who want a reliable mattress would buy one that doesn't require, or allow configuration.
It seems to me that most of the home automation enthusiasts are actually into configuration and troubleshooting as a hobby. And maybe doing party tricks. There's nothing wrong with that. But I don't think there are enough people to really make this badge work.
> I think the group of people who would buy something with "smart" in the name and also really care about reliability is pretty small.
1) they aren't smart
2) they are answers to questions/need that don't exist in the first place
I think it would be smart for Matter to lean into the "offline local control" aspect of their branding and certification requirements.
I haven't actually tried this, but:
- The Home Assistant Matter commissioning tool doesn't have any documentation at all about how the network is selected AFAICS.
- The Thread organization seems extremely proud of how Thread devices can access the Internet. Apple TV doesn't seem friendly at all to preventing its Thread Border Router from forwarding to the Internet. Home Assistant's OTBR add-on has no useful configuration whatsoever AFAICS. The easiest way to get it right would seem to be to buy something like a Sonoff POE-capable Thread dongle and sticking it on a VLAN, except that those, for some reason, seem to support Thread RCP but not being a Border Router themselves, and then you're back to managing your own OTBR installation.
Are you sure this isn't a case of different matter version support? In which case, in my experience, thread border router works just fine, but the controller needs to support such devices.
Apple: Keeps Thread credentials locked to HomeKit's border routers.
Google: Shares some credentials, but only within Google Account environment.
Amazon: TBD, but their Matter implementation is mostly cloud-tied.
Samsung: Hybrid approach; still best when used inside SmartThings, their 1.4 update seems to support for joining existing Thread networks. Still have to test it.
So, even though Thread theoretically allows full interoperability, no vendor wants to be reduced to a dumb router in someone else’s ecosystem.
there is no easy way to bridge Apple Thread to Home Assistant or Google Thread, even though it is theoretically supposed to be possible from a protocol standpoint.
If you have such solutions, let me know, because I would take full advantage of it, and will regale your contributions in multiple home automation threads.
The Home Assistant iOS app can extract the Thread credentials from Apple’s border routers and send them to Home Assistant. The documentation for what happens thereafter is not amazing.
1. Must work offline on my local network (like Matter through Home Assistant)
2. Must have a physical button for operation when there is no network available or someone doesn't want/have a phone.
There are a few sub-certifications:
- OF: Offline-First as you mentioned
- JE: Jailbreak-Escrow -- the firmware install keys are held in escrow and will be published if the company goes defunct -- allowing ongoing repair & control.
- FE: Firmware-Escrow -- firmware source will be published if the company goes defunct.
- FA: Firmware-Audit -- firmware is compiled by certifiers to verify BOM, security, privacy & online dependencies.
Another benefit would be a "nutrition label" showing active online traffic & data shared.
Hey, I got myself a water-pressure powered bidet so it still works without power.
My rule #1 in home automation is making sure none of the technology fails its original function without connection.
I implement Home Assistant to assist in homes for non-technologist. Every single thing i implement must function independently, without the vendor or any internet connection. i.e., z-Wave locks must function with or without connectivity. Switches must switch on/off with or without zigbee, and valves must be able to close/open without that wifi.
This would only work out for the companies if the average consumer actually cared about "offline-first", which they very much don't. It would be a very small and ever shrinking market.
Matter is pretty common on newer smart home products, while Thread is a bit newer so it's only supported on some products right now.
We had a monolith (but not monorepo) that had big Conway’s Law problems. We wanted to start making microservices. We had a couple sidecars that I either wrote or did reconstructive surgery on, but the few microservices we had were dumb. One created head-of-line problems for fanout, asking a question that could have been a Consul long poll. The other really could have been run entirely in Bamboo if we hadn’t cheaped out on agent size.
I killed the former, but the latter used a larger slice of all of our modules than all of the sidecars combined. It was also an offline process, writing into dark content in S3. So I could break it for an hour without anyone noticing, and in some environments I could go a full work day without rolling it back as long as I watched for production alerts (and I was on the team that did).
If I got rid of it then all library and runtime upgrades would get harder, though half the team ignored my advice anyway and then we had occasional P1s or 2s because of it.
My experience, there and elsewhere, is that offline logic of any flavor at least pays for itself in terms of code-build-test cycles, fairly quickly and self-evidently. But some people think it sounds counterintuitive and push people to “go fast” without it. Which only happens if they double down and cut more corners.
If there's a subscription, then it doesn't work offline.
It's a huge project but only the smaller IoT companies are taking it seriously
107 more comments available on Hacker News