Maybe just don’t have any big tech surveillance devices in the hospital/clinic/whatever.
If the patient’s name is Alexa, you’re gonna have a bad time
mutedthrown in the trash where it belongsThe HIPAA strikes again! 🤣
Or maybe you don’t install a data mining spy device in the office?
So keep cell phone in lockers, no smart TVs, and no Alexa or similar devices.
Someone should invent the pocket microwave
They can call it the hot pocket
Sounds dangerous to have anywhere near your groin.
That’s nokia 3310 during a call
I thought that’s what they put inside the Galaxy Note 7.
Honestly I wouldn’t be opposed to it
Is it any different than speaking in front of your smartphone?
I don’t own an echo or Google whatever but I’ve definitely mentioned things and then got ads for that thing within the hour/day. Like cat litter when I don’t even own a cat, just mentioned it once for cleaning up spills.
deleted by creator
More likely there’s a bunch of data points it can use. Coming within BT range of someone who does have a cat for example. Otherwise all the major smart phone companies would need to be in collision to keep the secret because the battery drain would be so blatant of it was recording, processing, transfering etc.
And all the articles that have said they aren’t recording everything, I guess they would have to be in on it too.
I don’t have a smoking gun for Google advertising based on conversation, but I mentioned in an email (Gmail) that someone I know was going to the Calgary Stampede, and Google Ads flogged Stetson cowboy hats and the Stampede for weeks after that. It was so conspicuous because normally it’s just, “hot singles in your area”, “hot Christian singles in your area?” maybe, “hot Christian moms in your area?” Nowadays it’s like, “grannies near you want to fuck.” FML.
I don’t even get “hot singles in your area” anymore.
Where did I go wrong?
My pastor mentioned a specific verse in his sermon recently. I went to type it in my notes. My phone’s keyboard (Gboard) suggested that specific verse immediately. Not just the book. The chapter and verse numbers, too.
It’s more likely you’re getting those hyper-targeted ads because of location tracking and relationship tracking than because they’re listening. It’s much cheaper and easier than running voice recognition on shitty audio clips from a mic in your pocket, and honestly much scarier.
People only ever have anecdotes to support the claim that tech companies are listening in on their conversations, but these companies openly admit to targeting ads based on your location data and specifically who you’ve been associating with.
It’s more likely that others in your congregation searched for that verse, so it was suggested to you based on your proximity to others who already searched for it.
from a mic in your pocket
It was in my hand. I was taking notes on it. So I doubt the audio was all that bad. My pastor also uses a mic, so his voice is not too quiet for a phone to pick it up.
because of location tracking and relationship tracking
I also find this unlikely because of how specific it got. It got the chapter and verse correct. The only input it got from me was my beginning to type out the name of the book of the Bible.
It’s more likely that others in your congregation searched for that verse, so it was suggested to you based on your proximity to others who already searched for it.
While that’s possible, I’m not sure it’d work so quickly. I typed the reference in my note-taking app literally as soon as my pastor said it.
I don’t know about you, but I generally turn my phone off completely when I’m at a doctor or hospital, as per the rules they have posted in the lobby asking me to do so.
Get out of here with your reasoning. It’s more fun to feign outrage because it gives me an opportunity to feel smart. If you start to invalidate my superiority by pointing out how arbitrary and dramatic my response is then I’m going to downvote you.
True, but I shit myself. Trusted a fart and full on shit my pants.
If this is a medical facility, I’d never trust them ever again if I saw an echo there.
Yeah, don’t go looking too hard whenever you’re in a hospital or anything. The number of vulnerabilities I can spot with as little infosec knowledge I have is deeply concerning
Wait until you hear about the listening devices that 90% of people carry around in their pockets everywhere they go.
What? What do they say?
Dentist office I went to has a private room with an Echo, they use it to switch playlists without having to touch anything, I guess. Figure they didn’t really think it through…
But yeah I was a bit uncomfortable with that. Not that anything private was discussed, I simply had a cavity filled. They’re excellent dentists tho, best I’ve ever seen, so I won’t be going elsewhere.
Maybe mention the potential privacy issue if they’re still using echo on your next visit. They might’ve not aware of it.
In my experience with “mentioning the potential privacy issue” people are aware, it’s just an awkward conversation that they’d prefer not to have.
Imagine being a receptionist at a dentists office and some whackadoodle rolls in to the waiting room on their electric scooter, and loudly exclaims… “are you aware that you and all of the staff here are absolutely completely 100% butt naked under your clothes and hosiery? It’s unhygienic, unsanitary, non-inclusive, and completely unsatisfactory. I just thought you should know and perhaps talk it over with your boss”.
Your reaction to this hypothetical scenario is the reaction you can expect when talking to your dentist about privacy.
No wonder I keep getting advertisements for AAAAAAAAAAAAA no, it’s fine, go ahead, AAAAAAAAAAAAAP mint.
Design your own website with squarespace! You two can own the address whyarentyouflossing.com
But Jeff Benzos is the biggest pharamcist in the world now, so it’s fine
deleted by creator
It’s fascinating how people know that these devices break their privacy, yet they keep using them.
They pay to be watched.
Aw yeah
Some people just don’t care about their privacy and I’m not judging them, you do you!
Professionals should care about their client’s privacy though. That shouldn’t be a debate.
Totally agree with you, i was referring to a private setting!
People that don’t care about their privacy is exactly what makes it so hard to just exist privately. I shouldn’t have to give up my rights because other people don’t care about them
I do judge them. But I would more say that I came to terms with this ugly fact.
Take as old as time
Convenience is one of the most addictive drugs.
reminder that the google home tells you that the mic is muted if you call it. it’s basically a telescreen. in the case of the echo show, it is literally a telescreen.
It has a separate local thingy that doesn’t talk to the internet for voice activation. This is actually proven.
Not saying google isn’t shady as fuck but this particular time its legit.
Have you made sure of that by monitoring the data sent out? If not, well…
I’m not sure “no spike” is all that revealing. Looks like the “heartbeat” was still present the entire time.
Your hatred has blinded you.
Perhaps reread the comment and reply to it with a relevant one and leave the childish assumptions for your celebrity slashfic.
Source?
I can’t find anything
https://labs.sogeti.com/google-home-spying/
As you can see from the graph above, we have sharp spikes of data being sent around the times the hot word and commands were sent. The Google Home performed as expected. As the device booted up, there was some data transfer, otherwise the network was relatively quiet between commands. We also proved that when the device microphone is muted, none of the hot word triggers or talking caused an increase in network traffic.
This is an old article based on an older device but you can test a new one for yourself with some pretty basic networking knowledge and equipment.
That’s quite a terrible test though. I’m not a security expert but even I can think of quite a few ways they could’ve hidden traffic from such tests, even unintentionally. If Google is that evil, they know they have to be smart about it. And, unfortunately, they are both. So I wouldn’t trust anything but a complete software and hardware analysis, painstakingly checking every circuit and processor instruction. But then, why even bother, the whole thing is like hiring a child molester as a kindergarten teacher.
Oh, yes I agree. If you want to be malicious, you can think of many ways to go around it. You could use a physical switch that kills the circuit to the microphone and say “see? it’s physically impossible to listen if the microphone wires are not even connected!” and then hide a second microphone inside the speaker chassis. But unless you’re a valuable target, I prefer my Occam’s razor to be the appropriate kind of sharpness.
Oh, they definitely want to be malicious. Afterall, their livelyhood depends on it, and there’s are literal tons of money on the table for knowing exactly the things that people don’t want to be known about them. That’s why I referred to them as pedos in kindergarten: they look like a data hoarding company, swim like a data hoarding company and quack like a data hoarding company. They might play it nice for now and test waters, but ultimately, what they are after all along is your personal data and especially private data. No way you can bet on them not acting upon this temptation.
This.
As the article suggests: “Should you trust them not to be spying on you?” Hell no!
But we can also use freely available tools to verify this.
This is even more potent on your phone.
A lot of people seem to believe your phone is listening to you all the time and feeding you ads based on your IRL conversations.
That’s not happening, and this can be easily verified even without any networking knowledge/tools by taking a look at your cell phone data bill.
Recording and uploading your mundane conversations all day long would be a huge drain on your battery and an expensive addition to your cell data bill. You would likely notice if it was happening.
Again: by all means DO NOT TRUST THESE COMPANIES, but also maybe do a little testing before assuming all private conversations are being recorded.
MN
But my battery is shit and I’m always connected to Wi-Fi
WiFi makes it easier IMO.
It’s very simple to snoop all the WiFi traffic and verify what is being sent while it’s more challenging to get those details on cell data
Please do tell what is in the encrypted packets it phoned home with?
Sadly, it’s not my Wi-Fi
I mean google literally keeps all your voice to text transcriptions(if you use the feature) and location history by default. It wouldn’t be such a far fetch to think the device does basic analysis locally and sends ad recommendations along with everything else
I trust nothing.
Yes you do, you trust every paranoid nut spouting conspiracy theories they heard on tiktok - you’ve just decided to doubt the very clear and logical evidence that refutes them.
Projecting
Err, not applicable I think
so “Muting” your google home effectively puts it in airplane mode?
Muting puts the microphone on a closed circuit iirc, i.e. it’s just a circuit that detects whether you’ve used the keyword, and is completely separate and inaccessible to its OS beyond it knowing “the user used the keyword”, a boolean value if you may.
I don’t need a conspiracy nut to tell me that’s probably not true to believe that it’s probably not true
Companies and the public don’t give a shit about privacy
Pretty sure muting it straight up disables the microphone completely.
No. If it’s “muted”, it will recognize “OK google” and tell you to unmute the mic first to enable online functionality.
Exactly, that way it can record your data offline and upload it next time you go back online. They don’t send data while muted, they didn’t say anything about after…
Technically, per EU and California law, you should be able to download all data they have on you – Google will offer a friendly page with recordings and their transcripts. But who knows if that’s all they store? They’re a black box.
I have 3 devices and none of them do this 🤷
It’s also not “airplane mode” because I can send music to any of them
Mine doesn’t? I scream at it until I get pissed, look at it, and realize the light is orange.
It absolutely does. It screams “THE MIC IS CURRENTLY MUTED” whenever I talk while it’s muted. Google mini Gen 2
Well I don’t have that model, and mine doesn’t. Weird.
FYI: Mutung the echo/Alexa/Google home/etc doesn’t stop it from listening, just from making noise itself.
This is not true. I hate these companies, but don’t spread misinformation. This one is easy to verify.
Even if it’s verified not to spy on you today, they’re all one forced update away from always listening and reporting back, either to corporate or a hacker. Don’t trust code you can’t see.
How do you alter hardware remotely?
Alter the hardware? The firmware would just need to be updated silently. No piece of computer hardware doesn’t have some form of software running at a low level.
Again, the power cut & indicator light are implemented in hardware. there is no software running on a single-transistor circuit.
You never said that to me. I had to figure out what your talking about through your comment history with other people.
Do you trust that? Have you opened one up and followed the traces?
Curious to learn how would you verify it. Wouldn’t one has to go as low level as power spikes? Not to sound paranoid but one can’t just believe the PR these companies said. Consequently we have to check how the device behaves. It’s not because it doesn’t send information that it does not process it. One could imagine it logs on specific behavior or keywords and only send information back when “normal” behavior is expected, e.g update check. I’m not trying to imply this is the case, only that verifying doesn’t seem “easy” to me.
The sources people use here seem to confirm it being a hardware mute that cuts off power to the mic. https://iot.stackexchange.com/questions/2382/is-the-amazon-echo-mic-mute-a-hardware-switch
Well that’s arguably “easy” but then one must trust these people and thus either know them and their motives or understand the underlying technology (and thus not needing their expertise) so I’d say no really “easy”.
They’ve been torn down physically multiple times by techs and verified that the mute button is a physical disconnect, that said, that could very well be model specific, change later on, or possible even undone with software updates. They shouldn’t be trusted either way as Amazon has proven to lie about not recording whole conversations other than trigger words, but as a whole, so far seems that the mute button is legit. People have also WireSharked them and watch data transmissions from them while muted, and after prolonged mutes to see if theirs a data spike. I haven’t seen anything damning…yet.
No software update could bypass such a hardware feature, which is exactly why it was designed thusly.
Just because a button is tested to cut power/connection to a mic, doesnt mean it did it directly.
Huh? It was built that way, and it does it. It’s a hardware feature.
Physical “hardware switch” gets thrown around a lot, but it means nothing other than that, a physical switch that can be manipulated. Just because a physical switch can mute / disconnect the mic, that’s not synonymous with a physical disconnect. No different than the old phones with physical home buttons that you could repurpose when you rooted. They were a physical button, but that button didn’t do it’s function directly. Whther that’s the case with the echo, I have no idea. But given Amazons track record, It wouldn’t surprise me if it’s just a physical soft switch.
I mean, it technically is listening for the wake up words, like “Ok Google,” but nothing is transmitted when in that mode. Only when the wake up word is uttered, then a network connection is established.
I read an article about an independent auditor making these tests and writing about the results.
Of course, and to be fair, the devices’ behavior may have changed recently. But I haven’t heard anything about it yet.
Having said that, since we’re talking about the mute button, someone else already mentioned that the mute feature is hardware-based.
No, the microphone literally stops converting sound to electrical signals in that mode. The mute button causes a hardware disconnect; if the mute light is on, the microphone is literally unpowered.
Which is what I mentioned in my very last sentence, yes.
You can check network activity while it’s muted and while it’s not muted to see when it’s phoning home. And if you’re still worried, keep it on mute for an extended period of time and then turn it on again to see whether it transmits the backlog or not. Easy to proof.
Are you saying the size of the upstream packet should be proportional to the mute time? Wouldn’t that assume that one knows ahead what such logs include or not? For example if we imagine that the device is listening while on mute for the keyword “potato” and it’s not being said once during the mute period, wouldn’t that still making an upstream packet of a fixed length, i.e zero, despite being actively listening and able to phone home? Genuinely trying to understand how one can be so confident based solely on packet size as this seems to make some assumption on how the device behaves.
Edit: regardless, monitoring traffic (which I already mentioned, hence aware of but arguing it’s not sufficient) using Wireshark or netcat is definitely not “easy” for most people buying such devices.
If the device monitors despite being on mute and does not send packets home while on mute, then it would send more when turned back on, yes. How else would the logged information reach the datacenter? Also, not everyone buying an Echo needs to do an analysis, it’s enough if a random tech-savvy person does it. Unless you argue they purposefully build surveillance devices and mix them with devices that are what they claim to be to obfuscate this behavior.
The conspiracy theory is about the muted device spying on you, not whether the activation phrase is recognized while muted. Or maybe I am misinterpreting this comment chain.
I don’t think so, here is another example, what if the device counts how many times someone said “fuck”, then sending {fuck:0} or {fuck:4,294,967,295} will result in the same size of data being transmitted. In fact imagining that the device is designed to do so, it could always send a large meaningless packet on querying for updates just so that when it actually needs to send data, it would look similar, same approximate number and lengths of packets and can be capped. I’m not saying it’s the case now, just technically feasible and I believe hard to detect.
Also on “trusting” someone then answered in https://lemmy.world/comment/4594899 but I’d said it’s also not “easy”. At least one must trust their institutions able to vet on the person able to review such devices and that the device tested and the one used are actually identical.
Finally I’m not arguing for conspiracy theory or that Echo is spying on users, only that verification for privacy on closed system is not “easy” either through trust of 3rd parties or technical expertise for an “average” user, not somebody working in the domain.
False. The mute button literally removes power to the microphone. The indicator LED is actually hardwired to indicate the inverse of its power line.
Shit like this is why I got a dumb speaker. It just plays audio, it doesn’t have a battery (meaning that unplugged = zero power), it doesn’t have wifi, it doesn’t have an assistant, it just plays the music I ask it to play via Bluetooth.
Why not go further and hardwire?
It does have an aux-in, but I don’t have anything to plug into it.
What about your micropenis?
What’s wrong with Bluetooth?
It is lower audio quality, higher latency, less reliable, causes more interference for wireless networks and other devices. It’s also less secure. Those are just the reasons I can think of right now.
Why not take up the kazoo?
Do you kazoo? I often do.
You’re all missing the real kicker here - this sign is only here for the HIPAA auditor. Everyone knows that no one is actually going to mute the thing.
Knowing Doctors and Nurses they’ll openly and loudly discuss senstive issues in front of anyone in the hospital grounds. Its really quite frustrating and has even been raised in our local newspapers.
We’re not all like that. Some of us do really care (a whole lot) about the person, and not just “the patient”. We get eye-rolled and sighed at sometimes because we speak up; but it doesn’t matter because advocating for our patients is one of our top priorities.
Some hospitals have better work-cultures than others, but all of them have at least a few who truly give a damn
I would like to thank you for maintaining integrity when it is not easy. I know it can be frustrating.
That’s cool, but given the majority of the population literally has zero clue on what privacy actually is, or what tech is intentionally doing to destroy it, it’s a lost cause. The healthcare system is one of the worst places for any personal information.
Also muting it probably doesn’t stop it listening, it just stops its response.
No, there is a button to make the Echo stop listening.
If you want to prove me wrong, it should be incredibly easy to press the button and record the Echos network activity. If you’re right you’d still see network traffic. But nobody has been able to show this so far. I wonder why?
Aww, you actually believe that!
Shouldn’t take you more than 5 minutes to prove me wrong. Please do!
It shouldn’t take me more than 5 minutes? Why’s that?
Because - as I’ve explained in the comment you replied to - it’s pretty easy to check it for yourself. Unless you believe that an Echo has a secondary cellular connection that’s only used while muted, any traffic must go over your configured connection.
Just look at the amount of transferred data while it’s muted. If there is data (beyond extremely low background traffic) I’m wrong. If there is no data, you’re wrong.
This is not some hypothetical metaphysical principle we’re talking about, it’s a product that you can analyse yourself. Put up or shut up.
And I can do that all in 5 minutes without owning one?
Yeah I read the other comments after making mine. However everyone keeps calling it a “physical” button, and I don’t think that’s accurate. It won’t be a physical switch that opens a circuit, it will be a button that operates a transistor that opens the circuit.
Still, I see no good reason to trust the device - especially in a medical setting.
There’s not much difference between a direct switch and a transistor, both will cut the signal and neither is over rideable by software
A transistor is controlled by software so yes, it’s absolutely over rideable.
Transistors are simple electronical devices. They don’t run software. You can control their inputs with another device (such a microcontroller) that does run software. You can also control their inputs with a button. You can’t control their output with software.
I don’t know how an Amazon echo is wired up, but if you just have a button connected to the gate of the transistor, it works basically the same as a mechanical switch.
Transistors are simple electronical devices. They don’t run software.
No, as I just said in the comment you replied to, it’s backwards. Software controls transistors.
The important difference is that a mechanical switch cannot be maliciously switched on by software. It has to be done physically and intentionally.
This is disingenuous at best and incorrect at worst. The mute button on the Echo is just that, a button; it is not a switch. It is software-controlled and pushing it just sends a signal to the microcontroller to take some action. For instance, one action is to turn on the red indicator light; that’s definitely not physically connected to the mute button.
Maybe another response of pushing the button is to disable the transistor used for the microphone, but it’s more likely that it just sets a software flag for the algorithm to stop its processing of the microphone input signal. Regardless of which method it uses, the microcontroller could undoubtedly just decide to revert that and listen in, either disabling or not disabling the red light at the same time.
But I personally don’t think it listens in when muted. I don’t think it spies on us to target ads based on what we say around it. I’m not worried that the mic mute function doesn’t work as intended.
But I fully understand that it is fully capable of it, technically speaking.
I don’t know the internal workings of the echo, I was responding to a comment that said it “operates a transistor”. Which is way different than it being an input to a microcontroller.
If the button is just connected to a transistor, it’s not software controllable, since transistors are electronical devices that don’t interpret any software. A microcontroller does execute software. There’s a big difference.
I’m not sure that’s the case. We have one at work and if it thinks you’re calling out to it repeatedly it will say out loud that its mic is off and that you have to enable it.
It might just be the part that listens for “Alexa” but that audio buffer is available to the device and it can do things with it.
We have one at work and if it thinks you’re calling out to it repeatedly it will say out loud that its mic is off and that you have to enable it.
This is the funniest thing I’ve read today (though I’m not sure if it is a joke).
I just tried it with mine, it doesn’t react in any way.
If the Echo stored the audio and then sent it sometime after you unmute, it would still pass your test.
Which you could easily see by looking at the amount of traffic sent after unmuting, unless you believe that Amazon secretly found an infinite compression algorithm they use only in muted Echo devices.
Unless some or all of it was sent along during the next time you actually do a voice command.
Tbf to foobar, that should still give a falsifiable and testable data-difference if you are willing to alter your behaviour around experimentation for an extended period of time
Though, there are always more ways to hide traffic
Again: Which you could easily see by looking at the amount of traffic sent after unmuting, unless you believe that Amazon secretly found an infinite compression algorithm they use only in muted Echo devices.
You understand that sending more information means more traffic? Unless - as I stated - they found a perfect compression algorithm, you’d be able to tell.
I’m a little confused as to why you are being so condescending. Every time you say “this is so simple if you do X”. And then I say “what about Y?” And then you’re like “that’s obvious too, just do Z” and kind of insulting me, even though you did not account for it in your prior comment. And it becomes less trivial with each additional test.
Your first method involves simply checking if there is any traffic after muting. Your revised method involves additionally checking if there is any traffic for some period of time after muting (how long?). And now your third method involves doing the first two things as well as gathering data on the average amount of traffic in your requests generally and deciding whether subsequent traffic during requests after muting for an unspecified amount of time is significantly large enough to conclude it is sending information acquired during muting.
But if they send it a little bit at a time, or they just leak a small portion of it occasionally in some requests, I think it would be very challenging to conclude definitively one way or the other.
I’m actually aware that there is no infinite compression algorithm, so you don’t need to keep saying that. And to be honest it just makes you look like you are lacking imagination because it’s not the only way to make detection difficult as illustrated by my responses.
Why do they even have an Amazon echo if they know it’s a fucking security risk? If you need a speaker, just get a speaker, not one a spyker (sorry, that was shite)
Maybe the family brought it in…
IoT and smart device security only means your data is protected from unauthorized access. It’s up to the manufacturer, not the user to decide who can get in.
Remember that S in IoT stands for Security!
Big brother is listening…
Amazon isn’t big brother
Don’t be so sure of that…
amazon absolutely is big brother lol
Big brother is the gov, if you think Amazon has more power than the government especially in oversight like prism and NSA you’re wrong, but Amazon does work for them and hands over data to the real big brother
