General discussion

Smart mattress app: I have security concerns, please help!

We just bought a Sleep Number bed and it needs to be connected by app to our computer via the wireless system to operate some of the features of the bed. However, my husband feels it leaves us vulnerable to hackers getting access to our info. What are your thoughts as to the safety of this kind of system? I also have the app on my phone, I just haven't finished setting up the connection. Would it be better to control it on my phone rather than the home computer or wouldn't it make any difference security wise?

--Submitted by Joan G.

Discussion is locked

Reply
Follow
Reply to: Smart mattress app: I have security concerns, please help!
PLEASE NOTE: Do not post advertisements, offensive materials, profanity, or personal attacks. Please remember to be considerate of other members. If you are new to the CNET Forums, please read our CNET Forums FAQ. All submitted content is subject to our Terms of Use.
Reporting: Smart mattress app: I have security concerns, please help!
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Comments
- Collapse -
Congrats

You've hit on the question that many of us have been debating. It's a question of Ease of Use and convenience v. security and privacy! I've said many times that when I was working, the discussion was all about the "rush to marketplace" and anything that the consumer doesn't see can't be dealt with because it takes too long. A lot of the new tech seems to revolve around making life a tiny bit easier while doing away with privacy. People need to READ those privacy and terms of use documents because they don't tell you what MIGHT happen, they tell you about what does happen. IoT has been a target of mine. Yes, you might think that your fridge needs an "expensive-to-repair" family center but I'll bet few IoT products have enough security. So, now it's not just LED lights on your mattress. So, my thoughts...

In theory, it shouldn't matter whether this is controlled by a PC app or a phone app. It's just data. So, I'd suggest that you look hard at the software or apps that the bed uses and see what data you need to give it. Your home address? Why?! Why does your bed need to know that. Does the local weather become a factor? Do they ask for your age group? The household mean income? Always assume that there will be an employee of the company who will find a way to profit off of that. Some companies don't do background checks. So tell us. What features require WiFi? And is that just for control from a phone because they are too cheap to give you a remote control? Do you need to control the bed from outside your home? Or is this all about the international movement to have your life controlled by cell phones?

To summarize: I don't see any difference between using the computer or the phone unless your batteries may die on you. As for the safety and security, you'll have to look at what data you will be supplying. If that can go over the Internet, then I don't think that's a good idea regardless of what the company says. It's like my diabetes tester now insists on using a cell phone app and the first thing setting up the app says is to accept the policy that you lose your HIPAA (medical record) rights. What rights do you give up in order to use the bed? Are they going to keep tabs on how well you sleep? How often you sleep? I wouldn't go for that as its nobody's business. Even if its for "anonymous aggregated data". Sounds like you buy the product and then your use of the product makes them rich by selling your data to...? But without the specifics, its hard to tell.

- Collapse -
We Just Got One, too.

I just got a Sleep Number bed and I absolutely LOVE it! I haven't had such good sleep in years.

The best way to secure your data on that device (or any other) is to configure your home network properly. I run literally nothing but other secure routers off the router provided to me by Verizon, which is my only connection to the outside world; I use it largely as an isolation/gateway router. I have other wireless routers wired to it that feature a high level of security, and the bed is connected wirelessly to one of those.

As to intercepting the packets out on the Internet or transmitted via cellular connection to your phone, somebody would really need to be gunning for you for them to go to the trouble to intercept such data.

In any event, it does not seem to be transmitting any identifying data beyond the username you have chosen. I really wouldn't worry about it.

- Collapse -
Concerns

I just bought a Sleep Number mattress, myself. I have the same concerns as you. Because of that I do without the Convenience of using the "smart" system. It seriously does not need to even be turned on. Mine is not.

But, I had gotten used to my 19 year old Sleep Number mattress that never had the "smart" capability. I actually like my older system better! I do not like having wireless forced upon me and crammed down my throat.

Oh, and btw, I bought an extra control for my new system which cost $35. Expecting two people to use ONE control is ludicrous!

- Collapse -
Security Concerns

We have had a sleep number bed for a few years now. We initially used the app on our smartphone to see how our sleep patterns changed with the numbers. After a while, we found that the system is super sound sensitive - it could tell our heart rate and respiration rate while we were sleeping! There was a section in the instructions that said you could turn off the communication portion during periods of intimacy if desired. With a system that sensitive to noise, it could easily pick up anything you say in the room - which is why we decided to disconnect it from the network. We have two remotes that control all the bed features we use.
I am not concerned about my network so much as the Sleep Number servers getting hacked (legally or otherwise), with the rise in companies being hacked, then being able to 'eavesdrop' on us.

- Collapse -
Digital

Digital is actually virtual. There will always be a chance to exploit anything on the information pipeline.
Just the nature of digital at hand. Have no idea how secure their database is or if software is encrypted to any degree. One of the best rules to go by is ..What information is required to enter? If that is not a major concern then continue. Any personal information requires good encryption. Ask the company if you have any questions first.

- Collapse -
Weak Links

Your home wi fi network is as safe as the weakest link - kids toy, bed, friend you let use your home wi fi (phones store the details for next time), tv,
I'd not want my bed connected to a remote server with a company, not sure why they need details of my sleeping habits, the problem of checking their T&C and privacy details is extra work.
Any app often requires you give permission to other apps (email, wifi, photo, contacts), so even if the bed is secure, are the others? Companies data mine, so you could well find the info you have is being passed around to companies you didn't think have the access via your phone, laptop or pc. If I did connect, I'd have a dedicated device to stop cross data mining

- Collapse -
Security clarification

I see from the replies that people thought our concerns were people getting access to our sleep info but my husband’s real concern is that they might hack in and get our password to the WiFi and then be able to access our pc and our personal and financial info.
I’ve read where people won’t give their password out to anyone and others say in the case of a bed there isn’t any guts in the bed to be able to get into our home system. But what makes it any different from when people get their baby monitors hacked and the talk thru the speakers etc.

- Collapse -
for Joan and her concern on the sleep # app & bed !

I purchased a sleep number bed 20 years ago and used it with much delight until one of the bladders sprung a leak. I decided to go look at other beds besides another sleep number bed. I went into the sleep number store and looked at all the new choices and had them determine my sleep number (that is best position to reduce your stress points. The technique was interesting to me. Right then I said, the old bed was so good, why look at others, so I looked a 3 models and chose the dual queen p6. Beings my background is science I like the concept of letting me monitor my own sleep patterns. The program and app costs more but I have been very happy with observing it. Yes you will be connected to the internet and the Sleep Number Company Servers that record your sleep patterns. But they will give you a lot of information on "how you sleep." Your pulse, breath rate, when you are restless, sleeping silently, or out of bed and then measuring how many hours you slept compared to what you desire. To my knowledge you do not put in any "private information" about you that could be used against you or give away any sleep secrets. I don't think you need to worry about the app and its use.
I can tell you that I love my sleep number bed and the newly available app has made the sleep in this bed even more interesting to me. I don't think you have much to worry about. If you understand the internet and all the apps, everyone is collecting information on everybody, but you don't give the sleep number people much information for your purpose of watching your sleep habits.

CNET Forums

Forum Info