Nest got back to us, saying that the researchers assumed incorrectly what the geo-location data was for, which actually was used for the weather station, not the user’s house: “The authors initially made an incorrect assumption, which we pointed out to them before they presented their report, that the response to the weather update request contains exact location of the customer’s home. In fact, the weather information is provided by an online weather service, and the geolocation coordinates are for their remote weather stations, not our customers’ homes. The only user information that is contained in the requests is zip code. We have reached out to the researcher to make this clarification update.” A group of researchers have revealed that the Internet of Things is probably less secure than you expect. At a talk during PrivacyCon held by the Federal Trade Commission last week, the researchers revealed that many smart devices leak private information in cleartext — with little to no effort to encrypt that data.