Good thing everyone diligently reads the T&A of Pool 3d before using it. You are reading every line of text before you hit agree, and then uninstall, right?
On the other hand, it’s amazingly easy for advertisers to figure out what topics / products you’re talking about without the need for constantly recording via your microphone. In most instances, it doesn’t even really make sense to constantly record audio via the mic to monitor folks, other means are much more cost efficient while being just as effective. That’s not to say that some app isn’t or hasn’t done it, just that historically speaking, it hasn’t been as ubiquitous as a lot of people seem to think or imply.
Sometimes with these things, you have to apply Occam’s Razor.
I stayed with some family during the holidays a few years ago and they are conspiracy theory fanatics unfortunately. The type that swear their phones are listening to everything they say. They get ads for things they’ve only ever talked about in person. That sort of thing.
As proof, they pointed out how the prior night the topic of old timey candy from our childhoods came up and all of a sudden they were getting news stories and facebook ads about those liquid filled wax bottle candies. To them, the only plausible explanation is that our phones were listening to us.
Except, as I pointed out, I specifically looked those wax bottle candies up later that night because I was curious if they were still for sale. They live way out in the country and there’s limited cellular data, so basically everybody there that night was using the same wifi connection. Which means, our internet activity is all linked because to the outside world, we’re all on the same network/IP address. Even more curious, though, nobody got ads for any of the other candy that we talked about and which I didn’t specifically look up. So, if our phones were actually recording us and serving up ads based on the things we talked about, then why didn’t we get ads for Blackjack gum, wax lips, and Brach’s? Only the very specific one I happened to search for.
I thought Android has a non bypassable green dot in the notification bar when the micro is on ?
I feel like you’re missing the point. Showing a green dot still doesn’t solve the problem or make it ok, especially when this technology works in the background and can capture sound even while the device is in your pocket, like the article says.
I don’t think we should have to be on the lookout for a little dot showing up on the screen constantly. It shouldn’t even ask for microphone access unless it’s absolutely essential for the app’s main purpose. “Features” like this should always be off by default and buried deep in the settings. If people really wanted it (they don’t), they’d go in and turn it on themselves.
Users need to know what this dot means, and some like children or the elderly will likely not understand the ramifications
It’s probably bypassable too. And, anytime the microphone is used, you have no idea the multiple extents that data is being used for.
Apps can use the microphone in secret and there’s no way to know when they’re using the microphone? This is a major security flaw in Android!
No they dont , they dont have to. Far easier to get things other ways.
Yes, but also no. You’re underestimating advertisers’ greed for data.
It’s actually trivial nowadays to build a background service like that.
Which would show up in network traffic , which it doesnt. There is no need for it.
You could easily process the audio and filter in on the device and just send the transcribed parts that match your filters for further processing. No need to send a constant audio stream. Eventually it would show up in the battery usage but things like the google song recognition also heavily use the mic and process audio and it doesn’t show up as heavy as you would expect.
Ok, real question: what exactly would show up in network traffic?
Evidence of voice collection and data transmission. Just hook it up to wireshark and test. It’s been done and zero evidence produced. Not trivial to hide. Neither in traffic or battery use .
Btw independent aricle from 2008 heres something a decade fresher https://www.androidauthority.com/your-phone-is-not-listening-to-you-884028/
Why would they need to do it anyway? Far easier to just use the telemetry already there. Your phone knows more about you than you think already if you don’t use privacy respecting software. No need to use the microphone. But if you know something none from the security field does, I’m all for seeing some evidence.
Nevermind the why (I’m not entirely convinced it’s being done), I want to know what exactly would be seen in network traffic.
Ok, you said “voice collection” which I’ll assume is audio recording and then uploading to some server. That’s an astonishingly bonkers and inefficient way of doing it. You run a very small model (using something like Tflite) that’s trained against a few hundred keyboards (brand names, products, or product category) and run it on the background of your service. Phones already do essentially this with assistant activation listening. Then once a few hours of listening, compress the plain text detection data (10 MB of plain text can be compressed to 1 MB) and then just upload the end result. And we wouldn’t be talking about megabytes, we’d be talking single digits kilobytes. An amount that wouldn’t even be a blip on wireshark, especially since phones are so exceedingly chatty nowadays. Have you actually tried to wireshark phone traffic? It’s just constant noise.
It’s entirely possible to do. But that doesn’t mean that it is being done.
It would cost trillions and half the battery life. Just because you dont understand something doesnt make you right. Your entire argument is shattered in the link I provided you earlier. Its not a few kb needed and if done locally a huge battery eater. Not to mention that the cost to have any use of it would exceed the entire value of the admarket.
there are plenty of people that can find shit in the noise on wireshark if there was anything like what you are suggesting.
Also there is a teapot in orbit around jupiter. Prove me wrong.
Just because you dont understand
Lol. My dude, I’m a developer who specializes in AI.
It would cost trillions
I have no clue how you came to that number. I could (and partially have) whipped up a prototype in a few days.
half the battery life
Hardly. Does Google assistant half battery life? No, so why would this? Besides, you would just need to listen to the mic and record audio only if the sound is above a certain volume threshold. Then once every few hours batch process the audio. Then send the resulting text data (in the KBs) up to a server.
The average ad data that’s downloaded for in-app display is orders of magnitude larger than what would be uploaded.
there are plenty of people that can find shit in the noise on wireshark
How are they going to see data that’s encrypted and bundled with other innocuous data?
Go ahead, make TVs more smart. We literally removed our TV thus weekend. If you want me to upgrade it, please removed the spyware.
My tvs are connected to an SSID that can’t hit the internet. I blocked them before but my dumb ass neighbor left their WiFi unprotected and my tvs just connected to them because it couldn’t get out the internet on my network. So I created an SSID logged them in and blocked it from the internet. It doesn’t bounce to open WiFi anymore. If I block it completely from the network the WiFi just disconnects from the network because it can’t hit anything. I have LG’s.
Why is it even legal for it to just hop open networks automatically? Sure, if you leave your wifi unsecured you’re dumb and anyone can access it, but it’s still not a network you have permission to access
The fact that they just desperately jump on any network is absurd. Its acting like malware.
That is an insane thing to have to do. Having to manipulate your TV into not doing something you don’t want or require it to do.
is this still a surprise to anyone here?
I remember a bunch of people freaking out about this a few years ago and an equal number telling them they were paranoid.
You can talk about stuff and your phone will just magically start suggesting related items. Why would anyone be surprised the monitoring device in their pocket is monitoring them?
Yes.
Not to you or me, but there are tons of people, even here, that are absolutely incredulous towards the idea that its possible.
But… they can’t access the microphone without the user explicitly allowing
Tell that to Facebook. Shit, I’ll talk about something with my wife and see ads about it ten minutes later. Been happening for years.
It’s more likely that your wife or someone nearby was further researching the same topic you were talking about.
Facebook and other ad companies use your location, relationships, and other data they already had on you to serve you relevant ads.
At this stage, they know more about you than the government, or your wife.
I’ve read about this phenomenon in the past. Generally it’s found that due to audio processing cost and the sheer amount of other data easily gathered, there’s no reason for them to snoop with your microphone because other data is so readily available, much easier to process, store and ship.
I read about that recently as well. There is a problem though. Your phone can turn your voice into text instantly. It’s a feature built in to your keyboard. They could turn the audio into text and then transmit the text only. Saves much data that way.
Only on iOS. Also a lot of apps can present valid uses for microphone access, which prompts users to allow unlimited malicious use
Because it is software-based access control, it is impossible to guarantee that access really has been disabled. Thanks to Apple’s design, we now live in a world where users are not supposed to detach batteries or physically turn off microphones and cameras; it’s all software-controlled. The problem is that software can be hacked and have backdoors. Also, thanks to Apple’s smart design, users can no longer upgrade the memory sticks on their Mac Minis and MacBooks. Why do I say it is all Apple’s fault? Unfortunately, other manufacturers copy these design ideas…
Article is from 2018. Someone must have pasted the url from hacker news where the same story was dug up recently.
Wasn’t there just a storey a couple days ago that apps where not doing this but taking screenshots and videos on the screen and sending that. And both iOS and Android have the microphone notification now.
I used to work for a mobile advertiser, and we installed hella bloatware on phones.
This idea was floated a couple times but was deemed not very effective cause you’d have to store and process hours and hours of audio data that didn’t tell us much more than just having a week or so of GPS data, your Facebook profile, and your phone IMEI.
It’s pretty easy to see if you’re near a Popeyes and what other IMEIs are connecting to the same tower, extrapolate that to you being near your wife and you and your wife thinking about shit on the Popeyes menu.
Boom targeted ad/video for fried chicken.
The rest is general tech paranoia leading to Apophenia.
There’s no microphones or cameras, it’s just the already gigantic mountain of data anyone who uses a smartphone is constantly broadcasting getting ground through the big data machine that has been the pillar of all tech since the last recession.
If it’s trying to figure out if you’re watching Stranger Things it can look for when you’re stationary at home and just needs to record a few seconds at a time every few minutes. I don’t know how the fingerprinting works. It might be able to run locally and not use a ton of power. We’re talking Shazam, not full text transcription.
Here’s the thing. If you watch that, Netflix know your IP. If you’re on an Android TV box, Google will know your IP.
Odds are your phone is on the Wifi. Linked through IP. Now you get ads for Stranger Things on your phone. It doesn’t need to listen because everything is so leaky. You are linked on so many devices.
Yeah, Netflix knows I’m watching Stranger Things. But afaik they don’t sell that information. And even if they do, there’s still reason for this company to try to get it themselves for cheaper. And they know something else about you based on these crappy apps they’re embedded in. So that’s all extra data points they can cross reference and get even more data.
you’d have to store and process hours and hours of audio data that didn’t tell us much
I mean that could be solved as simply as a local transcription service…
But wouldnt it be a moot point if I restrict access to GPS for all apps?
How much of that data is from Google/Apple (e.g. Google Maps)?If you use android google grabs your GPS data regardless, you have to root and disable it.
Apple does the same thing but they didn’t have their pants occupied by third-party network’s fingers like google did until the pixel came out.
Google maps is basically a beacon for AdMob to target you nearly perfectly.
Also using “fine location” in any app grabs the nearby wifi list and sends it to Google/apple if it’s not cached.
Also most ad providers these days have made deals with major networks that let them tell what tower your IMEI pinged off of.
It’s why google tried to push android/ad IDs, way less info for the networks to advertise over, and it also put the tracking in their hands instead.
And people wonder why I keep rooting my Android phones.
Without advanced permission denial and file access restrictions, phones will spy on anything and anyone.
Rooting is no longer required and is a security risk
Or do you mean flashing custom privacy respecting rom
Granting blanket root to all programs on an android phone sure that’s a risk; but who the fuck does that on any system…
From memory individual apps would be able to request root which could be denied, approved once, approved always or ignored.
Why would you provide any app with root access tbo?
What do they need it for?
Really depends on what you want to do.
Same as any Linux system you don’t want applications to have root access all the time. However if I want to remove a system file or modify something that a normal user isn’t able to, something is going to require higher privileges than the standard user account has.
ok thanks, but where’s the list of these apps?
These type of articles never list the apps they’re discussing.
