Princeton boffins have looked at the networking behavior of a bunch of Internet of Things kit and found – stop me if you've heard this one – device makers aren't paying attention. The pair, PhD student Sarthak Grover and Center for Information Technology Policy fellow Roya Ensafi, say the devices they tested obey the rules of bad security, like badly-implemented encryption and privacy leaks. Their presentation, here, was given to the Federal Trade Commission's PrivacyCon 2016. As the researchers note, novice programmers abound in the Things market, making novice mistakes, and trying to do things on hardware that can't support security. Because Thing-makers are relentless snoops, even two devices on the same network communicate with each other via the cloud. "You have hardware which is incapable, and you have information which is always being sent to the cloud," Grover told PrivacyCon.