Or maybe you don’t install a data mining spy device in the office?
So keep cell phone in lockers, no smart TVs, and no Alexa or similar devices.
Someone should invent the pocket microwave
They can call it the hot pocket
Sounds dangerous to have anywhere near your groin.
Removed by mod
I thought that’s what they put inside the Galaxy Note 7.
Is it any different than speaking in front of your smartphone?
I don’t own an echo or Google whatever but I’ve definitely mentioned things and then got ads for that thing within the hour/day. Like cat litter when I don’t even own a cat, just mentioned it once for cleaning up spills.
More likely there’s a bunch of data points it can use. Coming within BT range of someone who does have a cat for example. Otherwise all the major smart phone companies would need to be in collision to keep the secret because the battery drain would be so blatant of it was recording, processing, transfering etc.
And all the articles that have said they aren’t recording everything, I guess they would have to be in on it too.
I don’t have a smoking gun for Google advertising based on conversation, but I mentioned in an email (Gmail) that someone I know was going to the Calgary Stampede, and Google Ads flogged Stetson cowboy hats and the Stampede for weeks after that. It was so conspicuous because normally it’s just, “hot singles in your area”, “hot Christian singles in your area?” maybe, “hot Christian moms in your area?” Nowadays it’s like, “grannies near you want to fuck.” FML.
My pastor mentioned a specific verse in his sermon recently. I went to type it in my notes. My phone’s keyboard (Gboard) suggested that specific verse immediately. Not just the book. The chapter and verse numbers, too.
It’s more likely you’re getting those hyper-targeted ads because of location tracking and relationship tracking than because they’re listening. It’s much cheaper and easier than running voice recognition on shitty audio clips from a mic in your pocket, and honestly much scarier.
People only ever have anecdotes to support the claim that tech companies are listening in on their conversations, but these companies openly admit to targeting ads based on your location data and specifically who you’ve been associating with.
It’s more likely that others in your congregation searched for that verse, so it was suggested to you based on your proximity to others who already searched for it.
from a mic in your pocket
It was in my hand. I was taking notes on it. So I doubt the audio was all that bad. My pastor also uses a mic, so his voice is not too quiet for a phone to pick it up.
because of location tracking and relationship tracking
I also find this unlikely because of how specific it got. It got the chapter and verse correct. The only input it got from me was my beginning to type out the name of the book of the Bible.
It’s more likely that others in your congregation searched for that verse, so it was suggested to you based on your proximity to others who already searched for it.
While that’s possible, I’m not sure it’d work so quickly. I typed the reference in my note-taking app literally as soon as my pastor said it.
I don’t even get “hot singles in your area” anymore.
Where did I go wrong?
I don’t know about you, but I generally turn my phone off completely when I’m at a doctor or hospital, as per the rules they have posted in the lobby asking me to do so.
deleted by creator
True, but I shit myself. Trusted a fart and full on shit my pants.
If the patient’s name is Alexa, you’re gonna have a bad time
If this is a medical facility, I’d never trust them ever again if I saw an echo there.
Dentist office I went to has a private room with an Echo, they use it to switch playlists without having to touch anything, I guess. Figure they didn’t really think it through…
But yeah I was a bit uncomfortable with that. Not that anything private was discussed, I simply had a cavity filled. They’re excellent dentists tho, best I’ve ever seen, so I won’t be going elsewhere.
Maybe mention the potential privacy issue if they’re still using echo on your next visit. They might’ve not aware of it.
In my experience with “mentioning the potential privacy issue” people are aware, it’s just an awkward conversation that they’d prefer not to have.
Imagine being a receptionist at a dentists office and some whackadoodle rolls in to the waiting room on their electric scooter, and loudly exclaims… “are you aware that you and all of the staff here are absolutely completely 100% butt naked under your clothes and hosiery? It’s unhygienic, unsanitary, non-inclusive, and completely unsatisfactory. I just thought you should know and perhaps talk it over with your boss”.
Your reaction to this hypothetical scenario is the reaction you can expect when talking to your dentist about privacy.
No wonder I keep getting advertisements for AAAAAAAAAAAAA no, it’s fine, go ahead, AAAAAAAAAAAAAP mint.
Design your own website with squarespace! You two can own the address whyarentyouflossing.com
Yeah, don’t go looking too hard whenever you’re in a hospital or anything. The number of vulnerabilities I can spot with as little infosec knowledge I have is deeply concerning
You’re all missing the real kicker here - this sign is only here for the HIPAA auditor. Everyone knows that no one is actually going to mute the thing.
deleted by creator
We’re not all like that. Some of us do really care (a whole lot) about the person, and not just “the patient”. We get eye-rolled and sighed at sometimes because we speak up; but it doesn’t matter because advocating for our patients is one of our top priorities.
Some hospitals have better work-cultures than others, but all of them have at least a few who truly give a damn
I would like to thank you for maintaining integrity when it is not easy. I know it can be frustrating.
Removed by mod
No, there is a button to make the Echo stop listening.
If you want to prove me wrong, it should be incredibly easy to press the button and record the Echos network activity. If you’re right you’d still see network traffic. But nobody has been able to show this so far. I wonder why?
If the Echo stored the audio and then sent it sometime after you unmute, it would still pass your test.
Which you could easily see by looking at the amount of traffic sent after unmuting, unless you believe that Amazon secretly found an infinite compression algorithm they use only in muted Echo devices.
Unless some or all of it was sent along during the next time you actually do a voice command.
Tbf to foobar, that should still give a falsifiable and testable data-difference if you are willing to alter your behaviour around experimentation for an extended period of time
Though, there are always more ways to hide traffic
Again: Which you could easily see by looking at the amount of traffic sent after unmuting, unless you believe that Amazon secretly found an infinite compression algorithm they use only in muted Echo devices.
You understand that sending more information means more traffic? Unless - as I stated - they found a perfect compression algorithm, you’d be able to tell.
I’m a little confused as to why you are being so condescending. Every time you say “this is so simple if you do X”. And then I say “what about Y?” And then you’re like “that’s obvious too, just do Z” and kind of insulting me, even though you did not account for it in your prior comment. And it becomes less trivial with each additional test.
Your first method involves simply checking if there is any traffic after muting. Your revised method involves additionally checking if there is any traffic for some period of time after muting (how long?). And now your third method involves doing the first two things as well as gathering data on the average amount of traffic in your requests generally and deciding whether subsequent traffic during requests after muting for an unspecified amount of time is significantly large enough to conclude it is sending information acquired during muting.
But if they send it a little bit at a time, or they just leak a small portion of it occasionally in some requests, I think it would be very challenging to conclude definitively one way or the other.
I’m actually aware that there is no infinite compression algorithm, so you don’t need to keep saying that. And to be honest it just makes you look like you are lacking imagination because it’s not the only way to make detection difficult as illustrated by my responses.
Removed by mod
There’s not much difference between a direct switch and a transistor, both will cut the signal and neither is over rideable by software
This is disingenuous at best and incorrect at worst. The mute button on the Echo is just that, a button; it is not a switch. It is software-controlled and pushing it just sends a signal to the microcontroller to take some action. For instance, one action is to turn on the red indicator light; that’s definitely not physically connected to the mute button.
Maybe another response of pushing the button is to disable the transistor used for the microphone, but it’s more likely that it just sets a software flag for the algorithm to stop its processing of the microphone input signal. Regardless of which method it uses, the microcontroller could undoubtedly just decide to revert that and listen in, either disabling or not disabling the red light at the same time.
But I personally don’t think it listens in when muted. I don’t think it spies on us to target ads based on what we say around it. I’m not worried that the mic mute function doesn’t work as intended.
But I fully understand that it is fully capable of it, technically speaking.
I don’t know the internal workings of the echo, I was responding to a comment that said it “operates a transistor”. Which is way different than it being an input to a microcontroller.
If the button is just connected to a transistor, it’s not software controllable, since transistors are electronical devices that don’t interpret any software. A microcontroller does execute software. There’s a big difference.
I’m not sure that’s the case. We have one at work and if it thinks you’re calling out to it repeatedly it will say out loud that its mic is off and that you have to enable it.
It might just be the part that listens for “Alexa” but that audio buffer is available to the device and it can do things with it.
I just tried it with mine, it doesn’t react in any way.
We have one at work and if it thinks you’re calling out to it repeatedly it will say out loud that its mic is off and that you have to enable it.
This is the funniest thing I’ve read today (though I’m not sure if it is a joke).
Aww, you actually believe that!
Shouldn’t take you more than 5 minutes to prove me wrong. Please do!
It shouldn’t take me more than 5 minutes? Why’s that?
Because - as I’ve explained in the comment you replied to - it’s pretty easy to check it for yourself. Unless you believe that an Echo has a secondary cellular connection that’s only used while muted, any traffic must go over your configured connection.
Just look at the amount of transferred data while it’s muted. If there is data (beyond extremely low background traffic) I’m wrong. If there is no data, you’re wrong.
This is not some hypothetical metaphysical principle we’re talking about, it’s a product that you can analyse yourself. Put up or shut up.
And I can do that all in 5 minutes without owning one?
It’s fascinating how people know that these devices break their privacy, yet they keep using them.
Convenience is one of the most addictive drugs.
Some people just don’t care about their privacy and I’m not judging them, you do you!
Professionals should care about their client’s privacy though. That shouldn’t be a debate.
Totally agree with you, i was referring to a private setting!
I do judge them. But I would more say that I came to terms with this ugly fact.
They pay to be watched.
Aw yeah
Take as old as time
Why do they even have an Amazon echo if they know it’s a fucking security risk? If you need a speaker, just get a speaker, not one a spyker (sorry, that was shite)
Maybe the family brought it in…
Maybe just don’t have any big tech surveillance devices in the hospital/clinic/whatever.
Friendly reminder to pause your bleeple before you buttlebode your over-driver. You do not want (CCF) cloud confederation forces to scuttle your bodes.
rAmen, brother!
May his noodly appendage touch you.
He boiled for your sins.
But Jeff Benzos is the biggest pharamcist in the world now, so it’s fine
deleted by creator
Shit like this is why I got a dumb speaker. It just plays audio, it doesn’t have a battery (meaning that unplugged = zero power), it doesn’t have wifi, it doesn’t have an assistant, it just plays the music I ask it to play via Bluetooth.
Why not go further and hardwire?
Why not take up the kazoo?
Do you kazoo? I often do.
It does have an aux-in, but I don’t have anything to plug into it.
What about your micropenis?
What’s wrong with Bluetooth?
It is lower audio quality, higher latency, less reliable, causes more interference for wireless networks and other devices. It’s also less secure. Those are just the reasons I can think of right now.
And by muted they mean pull the plug
And by pull the plug I mean smash it with a fucking hammer
I was going to say. Can you even mute them?
Yes, there’s a dedicated mute button that literally cuts power to the mic.
Has that been verified by somebody independent?
Yes, third parties have published complete hardware teardowns of various Echo devices. For what it’s worth, I’ve also personally reviewed multiple Echo device schematics, and have nothing to gain from lying.
Sounds like something that someone who has something to gain from lying would say.
Heh. I’ll continue to badmouth Amazon for all the internal and external bullshit they pull, but during the decade I worked there, they actually took privacy and security seriously for the in-house devices.
I hate it when acronyms aren’t clearly defined… PHI stands for Protected Health Information.
This is almost certainly in a provider setting, in which all covered employees will have received extensive training detailing what “PHI” stands for.
Removed by mod
FYI: Mutung the echo/Alexa/Google home/etc doesn’t stop it from listening, just from making noise itself.
This is not true. I hate these companies, but don’t spread misinformation. This one is easy to verify.
Curious to learn how would you verify it. Wouldn’t one has to go as low level as power spikes? Not to sound paranoid but one can’t just believe the PR these companies said. Consequently we have to check how the device behaves. It’s not because it doesn’t send information that it does not process it. One could imagine it logs on specific behavior or keywords and only send information back when “normal” behavior is expected, e.g update check. I’m not trying to imply this is the case, only that verifying doesn’t seem “easy” to me.
You can check network activity while it’s muted and while it’s not muted to see when it’s phoning home. And if you’re still worried, keep it on mute for an extended period of time and then turn it on again to see whether it transmits the backlog or not. Easy to proof.
Are you saying the size of the upstream packet should be proportional to the mute time? Wouldn’t that assume that one knows ahead what such logs include or not? For example if we imagine that the device is listening while on mute for the keyword “potato” and it’s not being said once during the mute period, wouldn’t that still making an upstream packet of a fixed length, i.e zero, despite being actively listening and able to phone home? Genuinely trying to understand how one can be so confident based solely on packet size as this seems to make some assumption on how the device behaves.
Edit: regardless, monitoring traffic (which I already mentioned, hence aware of but arguing it’s not sufficient) using Wireshark or netcat is definitely not “easy” for most people buying such devices.
If the device monitors despite being on mute and does not send packets home while on mute, then it would send more when turned back on, yes. How else would the logged information reach the datacenter? Also, not everyone buying an Echo needs to do an analysis, it’s enough if a random tech-savvy person does it. Unless you argue they purposefully build surveillance devices and mix them with devices that are what they claim to be to obfuscate this behavior.
The conspiracy theory is about the muted device spying on you, not whether the activation phrase is recognized while muted. Or maybe I am misinterpreting this comment chain.
I don’t think so, here is another example, what if the device counts how many times someone said “fuck”, then sending {fuck:0} or {fuck:4,294,967,295} will result in the same size of data being transmitted. In fact imagining that the device is designed to do so, it could always send a large meaningless packet on querying for updates just so that when it actually needs to send data, it would look similar, same approximate number and lengths of packets and can be capped. I’m not saying it’s the case now, just technically feasible and I believe hard to detect.
Also on “trusting” someone then answered in https://lemmy.world/comment/4594899 but I’d said it’s also not “easy”. At least one must trust their institutions able to vet on the person able to review such devices and that the device tested and the one used are actually identical.
Finally I’m not arguing for conspiracy theory or that Echo is spying on users, only that verification for privacy on closed system is not “easy” either through trust of 3rd parties or technical expertise for an “average” user, not somebody working in the domain.
The sources people use here seem to confirm it being a hardware mute that cuts off power to the mic. https://iot.stackexchange.com/questions/2382/is-the-amazon-echo-mic-mute-a-hardware-switch
Well that’s arguably “easy” but then one must trust these people and thus either know them and their motives or understand the underlying technology (and thus not needing their expertise) so I’d say no really “easy”.
I mean, it technically is listening for the wake up words, like “Ok Google,” but nothing is transmitted when in that mode. Only when the wake up word is uttered, then a network connection is established.
I read an article about an independent auditor making these tests and writing about the results.
Of course, and to be fair, the devices’ behavior may have changed recently. But I haven’t heard anything about it yet.
Having said that, since we’re talking about the mute button, someone else already mentioned that the mute feature is hardware-based.
No, the microphone literally stops converting sound to electrical signals in that mode. The mute button causes a hardware disconnect; if the mute light is on, the microphone is literally unpowered.
Which is what I mentioned in my very last sentence, yes.
Even if it’s verified not to spy on you today, they’re all one forced update away from always listening and reporting back, either to corporate or a hacker. Don’t trust code you can’t see.
How do you alter hardware remotely?
Alter the hardware? The firmware would just need to be updated silently. No piece of computer hardware doesn’t have some form of software running at a low level.
Again, the power cut & indicator light are implemented in hardware. there is no software running on a single-transistor circuit.
You never said that to me. I had to figure out what your talking about through your comment history with other people.
Do you trust that? Have you opened one up and followed the traces?
I was developing devices for Amazon professionally. Those were the schematics from the actual hardware design.
False. The mute button literally removes power to the microphone. The indicator LED is actually hardwired to indicate the inverse of its power line.
We’re living in a dystopian future…
IoT and smart device security only means your data is protected from unauthorized access. It’s up to the manufacturer, not the user to decide who can get in.
Remember that S in IoT stands for Security!
