'End-To-End Encrypted' Smart Toilet Camera Is Not Actually End-To-End Encrypted (techcrunch.com)
- Reference: 0180280545
- News link: https://it.slashdot.org/story/25/12/04/0436234/end-to-end-encrypted-smart-toilet-camera-is-not-actually-end-to-end-encrypted
- Source link: https://techcrunch.com/2025/12/03/end-to-end-encrypted-smart-toilet-camera-is-not-actually-end-to-end-encrypted/
> Earlier this year, home goods maker Kohler [1]launched a smart camera called the Dekoda that attaches to your toilet bowl, takes pictures of it, and analyzes the images to advise you on your gut health. Anticipating privacy fears, Kohler said on [2]its website that the Dekoda's sensors only see down into the toilet, and [3]claimed that all data is secured with "end-to-end encryption ." The company's use of the expression "end-to-end encryption" is, however, wrong, as security researcher Simon Fondrie-Teitler pointed out in a [4]blog post on Tuesday. By reading Kohler's [5]privacy policy , it's clear that the company is referring to the type of encryption that secures data as it travels over the internet, known as TLS encryption -- the same that powers HTTPS websites. [...] The security researcher also pointed out that given Kohler can access customers' data on its servers, it's possible Kohler is using customers' bowl pictures to train AI. Citing another response from the company representative, the researcher was told that Kohler's "algorithms are trained on de-identified data only."
A "privacy contact" from Kohler said that user data is "encrypted at rest, when it's stored on the user's mobile phone, toilet attachment, and on our systems." The company also said that, "data in transit is also encrypted end-to-end, as it travels between the user's devices and our systems, where it is decrypted and processed to provide our service."
[1] https://mobile.slashdot.org/story/25/10/20/212258/kohler-unveils-a-camera-for-your-toilet
[2] https://www.kohlerhealth.com/how-it-works/
[3] https://techcrunch.com/2025/12/03/end-to-end-encrypted-smart-toilet-camera-is-not-actually-end-to-end-encrypted/
[4] https://varlogsimon.leaflet.pub/3m6zrw6k2bs2p
[5] https://www.kohlerhealth.com/privacy-policy/#:~:text=-End-to-end%20Encryption
Re-purposed as a marketing buzz-word (Score:2)
"End to end" means that the servers holding the data can't decrypt it. (What all those 'think of the children' types complain about.) If the server is the end-point, it's not actually end-to-end security. Marketing executives are moving the goal-posts so that cloud services can pretend to care about their customers.
Re:Re-purposed as a marketing buzz-word (Score:4, Insightful)
No, it means only the sender, and the intended receiver can access the data.
For a service like this, the intended receiver is obviously the company you pay monthly to process the data. Sounds like E2E encryption to me.
Of course, for a service where you exchange data between users, the point is that the company can't read the messages, but that's so obviously not the case here.
Re: (Score:2)
If the camera is poorly aimed, it puts a whole new meaning to end .
Re: (Score:3)
> "End to end" means that the servers holding the data can't decrypt it.
no, that's not what e2e encryption is. the definition is literally on tfa.
this "security researcher" is just making a big fuss about his personal take on semantics and context. he argues that the company has access to the unecrypted data and stores it on its servers, which is just nonsensical confusion because the company is the intended receiver. he further warns about the a risk of the company using the data which is just as nonsensical because the company using the data to provide results is the whole po
Re: Re-purposed as a marketing buzz-word (Score:2)
There's a lot of spin around what e2e encryption actually means. I think the objections of the security researcher here are that the marketing of this product implies to a user that your images are never at risk of being hacked, in other words the end user of the data pipe is the process analysing the images (e.g. images should be encrypted at all times, both in flight and at rest until they actually need to be processed). Instead they have raw photos of your junk all over their hard drives, ripe and read
Re: (Score:2)
And with other types of E2E encryption like for example whatsapp messages, the person you sent them to has them on his phone, that can get hacked?
It all gets decrypted somewhere, and that somewhere can get hacked, that's always true.
This complaint makes no sense.
Re: Re-purposed as a marketing buzz-word (Score:1)
Yeah, clearly it has to get decrypted at the point of use, but while it's sitting at rest on a drive, or in an AWS ball pit, it should be encrypted. Saying it's ok for sensitive pictures to be stored unencrypted is exactly the same lax attitude that got us in trouble when credit card numbers were stored in plain text in databases. Sensitive data should be decrypted at the last possible point in the processing to minimise the attack window. I hope all you guys on this thread saying there's no problem here
Re: Re-purposed as a marketing buzz-word (Score:1)
Having said all that, the Kohler privacy policy says that it is encrypted at rest on their servers, so unless there was something in his private comms with them to suggest otherwise, he may indeed be talking nonsense.
Re: (Score:2)
I like your follow up comment, but please don't strawman me. I replied to your assertion of " the marketing of this product implies to a user that your images are never at risk of being hacked", and i just replied that it has to always be decrypted somewhere, and that somewhere can be compromised. So this isn't the property of any E2E encryption.
Re: Re-purposed as a marketing buzz-word (Score:1)
Apologies if you thought that - wasn't intended. Something in the article / post I initially relied to made me think they were storing unencrypted.
Re: (Score:2)
that makes sense, but he isn't making any effort of educating users either, rather throwing in more confusion. he could have just said: "while it appears to be true that your data is e2e encrypted, be aware that it may still be hacked at the endpoint". maybe that would have been too obvious.
i just wonder what in the potential users' imagination is supposed to be the endpoint of their encrypted poop.
Re: (Score:2)
lol as if users of a toilet camera are going to read this guys blog. His audience is other security researchers.
Re: (Score:2)
I thought "end to end" meant "one tushy to another".
Storm in a toilet bowl (Score:2, Troll)
This "researcher" doesn't seem to know what end-to-end encryption is, or why what the manufacturer says is true. Their blog says that "[t]he term is generally used for applications that allow some kind of communication between users", but that's not true. The most common type of end-to-end encryption is HTTPS, typically between the user and a web server.
Also, they offer an AI powered service to analyse your output, and state that they use the data for further training. That is well within both expectations
Re: (Score:2)
"analyze your output"
Nice one!
I like it when we agree. I'm unable to fathom why this guy thinks the images should be encrypted in a way that makes it impossible to provide the service. I'm forced to guess that the answer is sensationalism.
Re: (Score:2)
True end-to-end encryption would be having a bad case of diarrhea.
Re: (Score:2)
I'm not sure there is any amount of money that I'd accept to engineer a product that involved looking at thousands of photos of unflushed toilets.
Re: (Score:2)
Millions actually. Vibe code it. The worst part would be training the model I think.
ehmm what? (Score:3)
So the issue for the security researcher is that when E2E encryption is mentioned that for him it's not clear who the other end is? For a camera whose entire purpose it to send the data to the vendor you're paying monthly for analyzing the data and give you feedback on your health O_o....
Yeah, the company is obviously the other end, how else could they provide the service you're paying them for???
Or is there some part in the E2E encryption definition that the intended recipient can't be a company??
Re: (Score:2)
I don't know. I'm baffled by the complaint. I see data encrypted in transit and at rest and say, "good enough".
This (Score:2)
If the pictures were encrypted so the company couldn't decrpyt them wtf would be the point of sending them in the first place!? Its a service, not a personal file server for poo pictures.
This "security researcher" seems to lack even basic common sense.
Re: (Score:2)
> If the pictures were encrypted so the company couldn't decrpyt them wtf would be the point of sending them in the first place!? Its a service, not a personal file server for poo pictures.
Thanks. Now you tell me...
Re: (Score:2)
And is this corroberated anywhere that this is now the common definition?
I get we use E2E encryption in the context of whatsapp to have a specific meaning there, but since when does that mean that this is the only meaning?
And how can it even be unclear in this case? you actively pay the company monthly to analyze your data, so yes, they have access to it. duh??
I still don't see it honestly....
It just seems he imagined E2E only meaning user -> user encryption, and that this case is thus somehow unclear. W
Training AI to do what? (Score:1)
Training AI to recognize feces? Why? Never mind, I don't want to know.
Re: (Score:2)
> Training AI to recognize feces? Why? Never mind, I don't want to know.
Cheech and Chong could have benefitted from this technology.
Re: (Score:2)
> Training AI to recognize feces? Why? Never mind, I don't want to know.
Like recognizes like, so AI should be able to evaluate feces with little or no training.
Next up... (Score:2)
It's going to come out that the camera's view area doesn't just include the contents of the toilet bowl.
"end-to-end" huh huh (Score:2)
> When you sit on the toilet you connect your butthole up to the large network of connected buttholes.
Not mine, just astonishing relevant.
More ads (Score:1)
More ads like the chick with the cat tights, PLEASE!!
Re: (Score:2)
You see them too?? Yeah I almost bought some but I don't want to buy anything from a business that uses fake genAI models. Taking work away from real human models is not acceptable to me.
End to end... (Score:1)
Transport encrypted from your "end" to theirs, sounds like it's working as specified!
Re: (Score:2)
> Transport encrypted from your "end" to theirs, sounds like it's working as specified!
When your shit's encrypted, does it still smell like shit?
Vulnerability (Score:1)
I hope there aren't any back doors! Well, aside from your own.
Re: (Score:2)
I wonder if anyone's going to revive that old hacking tool, "back orifice".
I mean the jokes write themselves (Score:2)
But I'd really love to know how exactly how many of these things were sold? A dozen? 500? Thousands? Feels like there is an econ or finance study about consumer behavior buried in the customer base of such an item.
Mainly just folks with disposable incomes who like tech? Someone with cancer risk really convinced this will work? The most expensive Spencers gag gift? "I could look it up myself but I don't want to have to look at my own poop?"
Re: (Score:2)
It was probably invented by the mail-clerks at Exact Sciences. They were tired of the mishaps when receiving Cologuard return-samples whose patients didn't understand the packaging instructions.
What happens... (Score:2)
...if they invert the ends by mistake ?!?
This is stupid. (Score:2)
This is exactly end to end encryption, and the so-called "security researcher" appears to have no idea what he is talking about. So:
> Mr. Fondrie-Teitler, what you've just said is one of the most insanely idiotic things I have ever heard. At no point in your rambling, incoherent response were you even close to anything that could be considered a rational thought. Everyone in this room is now dumber for having listened to it. I award you no points, and may God have mercy on your soul.
Using customers' bowl pictures to train AI (Score:2)
Hopefully not yet sentient.
Who? Which? (Score:2)
So who asked for turd cam?
Who thought turd cam was a good idea?
Which product manager approved turd cam?
Who would buy a turd cam?
Who would buy a turd cam from an over priced company like Kohler?
I'm starting to like using the words "turd cam". I hope that it doesn't accidentally wind up in an email or something.
Gezus, Kohler must have subscribed to r/ratemypoop (Score:2)
I know where they got the idea. (must be some pervs at Kohler, and I was one!)
What is this shiat? (Score:2)
Kohler Dekoda can tell you.
harm (Score:2)
I'm not sure I see the harm here and they may be some good. People want Koehler to be able to see the pictures so that they can be analyzed (be careful how you pronounce that word). And of course Koehler shoudl take care to safeguard the data at rest.
It would be interesting to know if Koehler have been able to diagnose anything for anyone or even if they successfully flag people that ate beets yesterday
Wrong? (Score:2)
No, it is "end to end" encryption exactly as they claimed - one of those ends is their datacenter where the data is processed.
As per the description from the linked blog:
> "End-to-end encryption", or E2EE, is a method of securing data that ensures only the sender and their chosen recipient are able to view it.
The "chosen recipient" is Kohler's datacenter, so it's behaving exactly as claimed. The application functions by processing the data on their servers, which is also why a monthly fee is charged to provide the service.
You could theoretically avoid this by transmitting the data directly between the camera and your device, and doing the proces
fart analyzer (Score:2)
I was thinking a fart gas analyzer would be better for figuring out what's going on in your gut. Pictures of turds can probably be machine-learned on to tell a lot, but things like levels of H2S and other toxic gasses would be better. Maybe a combo of the two.
enshitification (Score:3)
I'm not sure Cory Doctorow had this in mind, but, why not.
Do *NOT* Want (Score:2)
End to end encryption, for a toilet? Frankny I do not want a TOILET to connect me "end-to-end" with anybody. They're doing it wrong.
Time to pull up the sheet on IOT. Not only has it gone up it's own backside, now it's trying to go up ours too.
Should we really complain about this? (Score:2)
If it were truly end to end encryption the consumer endpoint wouldn't be the toilet, it would be the consumer. However I don't think we really want end to end encryption in this case. If so, we might be asking the company to tell their customers to "Take this certificate and shove it up your ass."
It's all a lie (Score:2)
The truth is that you really cannot tell whether someone has a "healthy gut" from looking at what they put in the toilet. In fact, there isn't even a solid (ha) agreement on what "gut health" even means; and there is even limited evidence that a healthy gut produces overall health, or if overall health produces a healthy gut. See, for example: [1]https://pubmed.ncbi.nlm.nih.go... [nih.gov]
There is DEFINITELY no rigorous science that shows that sending photos of your poop to Kohler will make you healthier. None.
[1] https://pubmed.ncbi.nlm.nih.gov/39322314/
Lets hope they focus on health problems! (Score:2)
But lets be real, their next a toilet will have a screen so they can shill drug/product ads to a trapped audience. Whoa, looks like you need some Pepto Bismol! I can order it for you!
Wow (Score:4, Funny)
Imagine the leaks.
Re: (Score:1)
Some really shitty security there.
Re: (Score:2)
It just circling the bowl.
Re: Wow (Score:2)
I don't think the end users will give a shit about E2EE.
Re: (Score:2)
No, I really, really *don't* want to imagine the leaks!