• Pyr_Pressure@lemmy.ca
      link
      fedilink
      English
      arrow-up
      40
      arrow-down
      4
      ·
      1 year ago

      Is it any different than speaking in front of your smartphone?

      I don’t own an echo or Google whatever but I’ve definitely mentioned things and then got ads for that thing within the hour/day. Like cat litter when I don’t even own a cat, just mentioned it once for cleaning up spills.

      • Seudo@lemmy.world
        link
        fedilink
        English
        arrow-up
        23
        arrow-down
        1
        ·
        1 year ago

        More likely there’s a bunch of data points it can use. Coming within BT range of someone who does have a cat for example. Otherwise all the major smart phone companies would need to be in collision to keep the secret because the battery drain would be so blatant of it was recording, processing, transfering etc.

        • cor315@lemmy.world
          link
          fedilink
          English
          arrow-up
          4
          ·
          1 year ago

          And all the articles that have said they aren’t recording everything, I guess they would have to be in on it too.

      • Taniwha420@lemmy.world
        link
        fedilink
        English
        arrow-up
        16
        arrow-down
        3
        ·
        1 year ago

        I don’t have a smoking gun for Google advertising based on conversation, but I mentioned in an email (Gmail) that someone I know was going to the Calgary Stampede, and Google Ads flogged Stetson cowboy hats and the Stampede for weeks after that. It was so conspicuous because normally it’s just, “hot singles in your area”, “hot Christian singles in your area?” maybe, “hot Christian moms in your area?” Nowadays it’s like, “grannies near you want to fuck.” FML.

        • Gestrid@lemmy.ca
          link
          fedilink
          English
          arrow-up
          11
          arrow-down
          2
          ·
          1 year ago

          My pastor mentioned a specific verse in his sermon recently. I went to type it in my notes. My phone’s keyboard (Gboard) suggested that specific verse immediately. Not just the book. The chapter and verse numbers, too.

          • Schmoo@slrpnk.net
            link
            fedilink
            English
            arrow-up
            30
            arrow-down
            1
            ·
            1 year ago

            It’s more likely you’re getting those hyper-targeted ads because of location tracking and relationship tracking than because they’re listening. It’s much cheaper and easier than running voice recognition on shitty audio clips from a mic in your pocket, and honestly much scarier.

            People only ever have anecdotes to support the claim that tech companies are listening in on their conversations, but these companies openly admit to targeting ads based on your location data and specifically who you’ve been associating with.

            It’s more likely that others in your congregation searched for that verse, so it was suggested to you based on your proximity to others who already searched for it.

            • Gestrid@lemmy.ca
              link
              fedilink
              English
              arrow-up
              1
              ·
              1 year ago

              from a mic in your pocket

              It was in my hand. I was taking notes on it. So I doubt the audio was all that bad. My pastor also uses a mic, so his voice is not too quiet for a phone to pick it up.

              because of location tracking and relationship tracking

              I also find this unlikely because of how specific it got. It got the chapter and verse correct. The only input it got from me was my beginning to type out the name of the book of the Bible.

              It’s more likely that others in your congregation searched for that verse, so it was suggested to you based on your proximity to others who already searched for it.

              While that’s possible, I’m not sure it’d work so quickly. I typed the reference in my note-taking app literally as soon as my pastor said it.

        • jaybone@lemmy.world
          link
          fedilink
          English
          arrow-up
          4
          arrow-down
          1
          ·
          1 year ago

          I don’t even get “hot singles in your area” anymore.

          Where did I go wrong?

      • Chunk@lemmy.world
        link
        fedilink
        English
        arrow-up
        4
        arrow-down
        2
        ·
        1 year ago

        Get out of here with your reasoning. It’s more fun to feign outrage because it gives me an opportunity to feel smart. If you start to invalidate my superiority by pointing out how arbitrary and dramatic my response is then I’m going to downvote you.

    • ThatFembyWho@lemmy.blahaj.zone
      link
      fedilink
      English
      arrow-up
      44
      arrow-down
      1
      ·
      1 year ago

      Dentist office I went to has a private room with an Echo, they use it to switch playlists without having to touch anything, I guess. Figure they didn’t really think it through…

      But yeah I was a bit uncomfortable with that. Not that anything private was discussed, I simply had a cavity filled. They’re excellent dentists tho, best I’ve ever seen, so I won’t be going elsewhere.

      • redcalcium@lemmy.institute
        link
        fedilink
        English
        arrow-up
        22
        ·
        1 year ago

        Maybe mention the potential privacy issue if they’re still using echo on your next visit. They might’ve not aware of it.

        • DogMuffins@discuss.tchncs.de
          link
          fedilink
          English
          arrow-up
          9
          arrow-down
          3
          ·
          1 year ago

          In my experience with “mentioning the potential privacy issue” people are aware, it’s just an awkward conversation that they’d prefer not to have.

          Imagine being a receptionist at a dentists office and some whackadoodle rolls in to the waiting room on their electric scooter, and loudly exclaims… “are you aware that you and all of the staff here are absolutely completely 100% butt naked under your clothes and hosiery? It’s unhygienic, unsanitary, non-inclusive, and completely unsatisfactory. I just thought you should know and perhaps talk it over with your boss”.

          Your reaction to this hypothetical scenario is the reaction you can expect when talking to your dentist about privacy.

    • sebinspace@lemmy.world
      link
      fedilink
      English
      arrow-up
      26
      ·
      1 year ago

      Yeah, don’t go looking too hard whenever you’re in a hospital or anything. The number of vulnerabilities I can spot with as little infosec knowledge I have is deeply concerning

    • HughJanus@lemmy.ml
      link
      fedilink
      English
      arrow-up
      10
      ·
      1 year ago

      Wait until you hear about the listening devices that 90% of people carry around in their pockets everywhere they go.

  • DogMuffins@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    103
    arrow-down
    2
    ·
    1 year ago

    You’re all missing the real kicker here - this sign is only here for the HIPAA auditor. Everyone knows that no one is actually going to mute the thing.

      • MrShankles@reddthat.com
        link
        fedilink
        English
        arrow-up
        18
        ·
        1 year ago

        We’re not all like that. Some of us do really care (a whole lot) about the person, and not just “the patient”. We get eye-rolled and sighed at sometimes because we speak up; but it doesn’t matter because advocating for our patients is one of our top priorities.

        Some hospitals have better work-cultures than others, but all of them have at least a few who truly give a damn

        • random65837@lemmy.world
          link
          fedilink
          English
          arrow-up
          5
          ·
          1 year ago

          That’s cool, but given the majority of the population literally has zero clue on what privacy actually is, or what tech is intentionally doing to destroy it, it’s a lost cause. The healthcare system is one of the worst places for any personal information.

    • TWeaK@lemm.ee
      link
      fedilink
      English
      arrow-up
      24
      arrow-down
      3
      ·
      1 year ago

      Also muting it probably doesn’t stop it listening, it just stops its response.

      • FooBarrington@lemmy.world
        link
        fedilink
        English
        arrow-up
        16
        arrow-down
        15
        ·
        edit-2
        1 year ago

        No, there is a button to make the Echo stop listening.

        If you want to prove me wrong, it should be incredibly easy to press the button and record the Echos network activity. If you’re right you’d still see network traffic. But nobody has been able to show this so far. I wonder why?

        • TWeaK@lemm.ee
          link
          fedilink
          English
          arrow-up
          16
          arrow-down
          2
          ·
          edit-2
          1 year ago

          Yeah I read the other comments after making mine. However everyone keeps calling it a “physical” button, and I don’t think that’s accurate. It won’t be a physical switch that opens a circuit, it will be a button that operates a transistor that opens the circuit.

          Still, I see no good reason to trust the device - especially in a medical setting.

          • calcopiritus@lemmy.world
            link
            fedilink
            English
            arrow-up
            9
            arrow-down
            7
            ·
            1 year ago

            There’s not much difference between a direct switch and a transistor, both will cut the signal and neither is over rideable by software

            • Piranha Phish@lemmy.world
              link
              fedilink
              English
              arrow-up
              9
              arrow-down
              2
              ·
              1 year ago

              This is disingenuous at best and incorrect at worst. The mute button on the Echo is just that, a button; it is not a switch. It is software-controlled and pushing it just sends a signal to the microcontroller to take some action. For instance, one action is to turn on the red indicator light; that’s definitely not physically connected to the mute button.

              Maybe another response of pushing the button is to disable the transistor used for the microphone, but it’s more likely that it just sets a software flag for the algorithm to stop its processing of the microphone input signal. Regardless of which method it uses, the microcontroller could undoubtedly just decide to revert that and listen in, either disabling or not disabling the red light at the same time.

              But I personally don’t think it listens in when muted. I don’t think it spies on us to target ads based on what we say around it. I’m not worried that the mic mute function doesn’t work as intended.

              But I fully understand that it is fully capable of it, technically speaking.

              • calcopiritus@lemmy.world
                link
                fedilink
                English
                arrow-up
                3
                ·
                1 year ago

                I don’t know the internal workings of the echo, I was responding to a comment that said it “operates a transistor”. Which is way different than it being an input to a microcontroller.

                If the button is just connected to a transistor, it’s not software controllable, since transistors are electronical devices that don’t interpret any software. A microcontroller does execute software. There’s a big difference.

            • HughJanus@lemmy.ml
              link
              fedilink
              English
              arrow-up
              7
              arrow-down
              2
              ·
              1 year ago

              A transistor is controlled by software so yes, it’s absolutely over rideable.

              • calcopiritus@lemmy.world
                link
                fedilink
                English
                arrow-up
                4
                arrow-down
                2
                ·
                1 year ago

                Transistors are simple electronical devices. They don’t run software. You can control their inputs with another device (such a microcontroller) that does run software. You can also control their inputs with a button. You can’t control their output with software.

                I don’t know how an Amazon echo is wired up, but if you just have a button connected to the gate of the transistor, it works basically the same as a mechanical switch.

                • HughJanus@lemmy.ml
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  arrow-down
                  4
                  ·
                  1 year ago

                  Transistors are simple electronical devices. They don’t run software.

                  No, as I just said in the comment you replied to, it’s backwards. Software controls transistors.

                  The important difference is that a mechanical switch cannot be maliciously switched on by software. It has to be done physically and intentionally.

        • CoggyMcFee@lemmy.world
          link
          fedilink
          English
          arrow-up
          16
          arrow-down
          5
          ·
          1 year ago

          If the Echo stored the audio and then sent it sometime after you unmute, it would still pass your test.

          • FooBarrington@lemmy.world
            link
            fedilink
            English
            arrow-up
            13
            arrow-down
            4
            ·
            1 year ago

            Which you could easily see by looking at the amount of traffic sent after unmuting, unless you believe that Amazon secretly found an infinite compression algorithm they use only in muted Echo devices.

            • CoggyMcFee@lemmy.world
              link
              fedilink
              English
              arrow-up
              8
              arrow-down
              3
              ·
              1 year ago

              Unless some or all of it was sent along during the next time you actually do a voice command.

              • V0lD@lemmy.world
                link
                fedilink
                English
                arrow-up
                5
                arrow-down
                2
                ·
                1 year ago

                Tbf to foobar, that should still give a falsifiable and testable data-difference if you are willing to alter your behaviour around experimentation for an extended period of time

                Though, there are always more ways to hide traffic

              • FooBarrington@lemmy.world
                link
                fedilink
                English
                arrow-up
                5
                arrow-down
                6
                ·
                1 year ago

                Again: Which you could easily see by looking at the amount of traffic sent after unmuting, unless you believe that Amazon secretly found an infinite compression algorithm they use only in muted Echo devices.

                You understand that sending more information means more traffic? Unless - as I stated - they found a perfect compression algorithm, you’d be able to tell.

                • CoggyMcFee@lemmy.world
                  link
                  fedilink
                  English
                  arrow-up
                  11
                  arrow-down
                  5
                  ·
                  1 year ago

                  I’m a little confused as to why you are being so condescending. Every time you say “this is so simple if you do X”. And then I say “what about Y?” And then you’re like “that’s obvious too, just do Z” and kind of insulting me, even though you did not account for it in your prior comment. And it becomes less trivial with each additional test.

                  Your first method involves simply checking if there is any traffic after muting. Your revised method involves additionally checking if there is any traffic for some period of time after muting (how long?). And now your third method involves doing the first two things as well as gathering data on the average amount of traffic in your requests generally and deciding whether subsequent traffic during requests after muting for an unspecified amount of time is significantly large enough to conclude it is sending information acquired during muting.

                  But if they send it a little bit at a time, or they just leak a small portion of it occasionally in some requests, I think it would be very challenging to conclude definitively one way or the other.

                  I’m actually aware that there is no infinite compression algorithm, so you don’t need to keep saying that. And to be honest it just makes you look like you are lacking imagination because it’s not the only way to make detection difficult as illustrated by my responses.

        • Billegh@lemmy.world
          link
          fedilink
          English
          arrow-up
          13
          arrow-down
          4
          ·
          1 year ago

          I’m not sure that’s the case. We have one at work and if it thinks you’re calling out to it repeatedly it will say out loud that its mic is off and that you have to enable it.

          It might just be the part that listens for “Alexa” but that audio buffer is available to the device and it can do things with it.

          • Arthur Besse@lemmy.ml
            link
            fedilink
            English
            arrow-up
            5
            ·
            1 year ago

            We have one at work and if it thinks you’re calling out to it repeatedly it will say out loud that its mic is off and that you have to enable it.

            This is the funniest thing I’ve read today (though I’m not sure if it is a joke).

            • null@slrpnk.net
              link
              fedilink
              English
              arrow-up
              3
              arrow-down
              3
              ·
              1 year ago

              It shouldn’t take me more than 5 minutes? Why’s that?

              • FooBarrington@lemmy.world
                link
                fedilink
                English
                arrow-up
                5
                arrow-down
                2
                ·
                1 year ago

                Because - as I’ve explained in the comment you replied to - it’s pretty easy to check it for yourself. Unless you believe that an Echo has a secondary cellular connection that’s only used while muted, any traffic must go over your configured connection.

                Just look at the amount of transferred data while it’s muted. If there is data (beyond extremely low background traffic) I’m wrong. If there is no data, you’re wrong.

                This is not some hypothetical metaphysical principle we’re talking about, it’s a product that you can analyse yourself. Put up or shut up.

  • Devouring@lemmy.world
    link
    fedilink
    English
    arrow-up
    93
    arrow-down
    3
    ·
    1 year ago

    It’s fascinating how people know that these devices break their privacy, yet they keep using them.

  • MrFlamey@lemmy.world
    link
    fedilink
    English
    arrow-up
    74
    arrow-down
    3
    ·
    1 year ago

    Why do they even have an Amazon echo if they know it’s a fucking security risk? If you need a speaker, just get a speaker, not one a spyker (sorry, that was shite)

  • hperrin@lemmy.world
    link
    fedilink
    English
    arrow-up
    67
    arrow-down
    1
    ·
    1 year ago

    Maybe just don’t have any big tech surveillance devices in the hospital/clinic/whatever.

  • aesthelete@lemmy.world
    link
    fedilink
    English
    arrow-up
    58
    arrow-down
    5
    ·
    1 year ago

    Friendly reminder to pause your bleeple before you buttlebode your over-driver. You do not want (CCF) cloud confederation forces to scuttle your bodes.

  • Kevnyon@lemmy.world
    link
    fedilink
    English
    arrow-up
    47
    arrow-down
    2
    ·
    1 year ago

    Shit like this is why I got a dumb speaker. It just plays audio, it doesn’t have a battery (meaning that unplugged = zero power), it doesn’t have wifi, it doesn’t have an assistant, it just plays the music I ask it to play via Bluetooth.

          • SpaceNoodle@lemmy.world
            link
            fedilink
            English
            arrow-up
            6
            ·
            edit-2
            1 year ago

            Yes, third parties have published complete hardware teardowns of various Echo devices. For what it’s worth, I’ve also personally reviewed multiple Echo device schematics, and have nothing to gain from lying.

              • SpaceNoodle@lemmy.world
                link
                fedilink
                English
                arrow-up
                2
                ·
                1 year ago

                Heh. I’ll continue to badmouth Amazon for all the internal and external bullshit they pull, but during the decade I worked there, they actually took privacy and security seriously for the in-house devices.

  • CyberDine@lemmy.world
    link
    fedilink
    English
    arrow-up
    34
    arrow-down
    11
    ·
    1 year ago

    I hate it when acronyms aren’t clearly defined… PHI stands for Protected Health Information.

    • Bgugi@lemmy.world
      link
      fedilink
      English
      arrow-up
      31
      ·
      1 year ago

      This is almost certainly in a provider setting, in which all covered employees will have received extensive training detailing what “PHI” stands for.

  • PeterPoopshit@lemmy.world
    link
    fedilink
    English
    arrow-up
    19
    ·
    1 year ago

    IoT and smart device security only means your data is protected from unauthorized access. It’s up to the manufacturer, not the user to decide who can get in.