Slashdot Mirror

← Back to Stories (view on slashdot.org)

Gizmodo: Don't Buy Anyone an Amazon Echo Speaker (gizmodo.com)

Posted by msmash on from the take-note dept.

Adam Clark Estes, writing for Gizmodo: Three years ago, we said the Echo was "the most innovative device Amazon's made in years." That's still true. But you shouldn't buy one. You shouldn't buy one for your family. [...] Your family members do not need an Amazon Echo or a Google Home or an AppleHomePod or whatever that one smart speaker that uses Cortana is called. And you don't either. You only want one because every single gadget-slinger on the planet is marketing them to you as an all-new, life-changing device that could turn your kitchen into a futuristic voice-controlled paradise. You probably think that having an always-on microphone in your home is fine, and furthermore, tech companies only record and store snippets of your most intimate conversations. No big deal, you tell yourself. Actually, it is a big deal. The newfound privacy conundrum presented by installing a device that can literally listen to everything you're saying represents a chilling new development in the age of internet-connected things. By buying a smart speaker, you're effectively paying money to let a huge tech company surveil you. And I don't mean to sound overly cynical about this, either. Amazon, Google, Apple, and others say that their devices aren't spying on unsuspecting families. The only problem is that these gadgets are both hackable and prone to bugs.

12 of 259 comments (clear)

  1. Good grief by fyngyrz · · Score: 5, Insightful

    You already own one of these you carry everywhere — your cellphone. A microphone (and camera!) you take everywhere, and is connected everywhere, including in your home.

    The Echo and its brethren are not a sudden influx of a listening device that can be hacked. You swallowed that bait a long, long time ago.

    --
    I've fallen off your lawn, and I can't get up.
    1. Re:Good grief by Scottingham · · Score: 5, Insightful

      Presumably though cell phones have a power constraint, the battery. If it were constantly sending full audio and video back to the mothership battery life would nose-dive.

      Plugged in smart hubs though? Buying one is probably considered opting in to full time surveillance.

      1984 seems so quaint now. Relatedly, I'm pretty sure GIFs are the 21st century Newspeak.

    2. Re:Good grief by Aaden42 · · Score: 5, Insightful

      Scope matters.

      If my cell phone was recording everything around me and transmitting it, my pocket would be on fire, my battery would be dead before lunch every day, and my bandwidth allowance would be toast by the end of the first week every month. At home, there's essentially infinite power, no bandwidth limitation, and I can hardly tell the difference between a small hockey puck that's idling & one that's active just by looking at it or touching it. Tolerances for cooling aren't nearly as tight as a phone.

      The limitations of a mobile platform provide a degree of safety, or at least verifiability. The laws of physics are on your side in this case.

    3. Re:Good grief by Anonymous Coward · · Score: 5, Insightful

      Look at your routers usage logs. Are they constantly sending full audio back to the mothership? No? Then stop spreading this paranoid bullshit and actually try contributing to society sometime.

    4. Re:Good grief by jareth-0205 · · Score: 4, Insightful

      The Pixel 2 phones can now listen and recognise songs in the background with no noticeable battery effect. They also can recognise the "OK Google" wake phrase. They're not actively transmitting this, though. But if they wanted to be nefarious and record this, and only transmit certain sections of audio, perhaps based on "bad keyword" recognition, I really don't think you'd notice.

    5. Re:Good grief by Waffle+Iron · · Score: 5, Insightful

      If my cell phone was recording everything around me and transmitting it, my pocket would be on fire, my battery would be dead before lunch every day, and my bandwidth allowance would be toast by the end of the first week every month.

      Not really, at least for audio. I still have one of those little voice recorders that people used before smartphones were around. It can record a couple of days of audio in its 2005-era flash storage, with just the power from a pair of alkaline AAA batteries.

      A rogue app on your phone could probably do the same to some file you wouldn't even notice, and upload it whenever you connect to WiFi without you noticing that either.

      At any rate, there seem to be no power issues with phones running the microphone 24x7 and constantly processing the data to look for "OK Google". That would probably be at least as power-intensive as just making a recording.

    6. Re:Good grief by Radish03 · · Score: 5, Insightful

      Or the device could just record and store all the audio temporarily, then transmit only when the phone is charging when the phone gets hot already. Depends if you want to do real-time surveillance or not.

    7. Re:Good grief by Rick+Schumann · · Score: 3, Insightful

      You already own one of these you carry everywhere — your cellphone.

      Not all of us. Some of us see so-called 'smartphones' as a 'dumb' choice because of security and privacy issues, as well as being gouged for dataplans by greedy wireless companies. The $50 plastic LG clamshell phone I do have is turned off at least 90% of the time, and since I'm an electronics person, the GPS is even disabled in hardware (antenna grounded). Furthermore I regularly recommend to people that they think carefully whether they really need a smartphone or not, and if not, get rid of it and get a basic cheap phone that's good at being a telephone and leave it at that.

      Furthermore I have a dim view to say the least of people like you who tell others to 'give up and give in' to having their privacy and their lives invaded by shitty corporations and shitty governments who want to stick their little brown noses in people's private business. You can be a coward who allows all this to be done to you all you want, and I'll look down my nose at you and everyone like you, but do NOT go around telling people to be like you. Privacy is still a Thing, it's worth protecting and fighting for, and it's criminal so far as I'm concerned to tell people otherwise.

    8. Re:Good grief by ScienceofSpock · · Score: 3, Insightful

      This is LITERALLY the single most stupid comment I have seen on slashdot.

      Let me get this straight: You think that these IoT devices, that have problems with their own security, are going to hack your router and "fog" your log files? Then you go all internet-tough-guy and threaten to "smash-face" someone because he actually explained how you can monitor and see how much traffic your IoT devices are actually sending back.

      Worst. Troll. Ever. 0/10

  2. Definitely 'nope'. by Baron_Yam · · Score: 4, Insightful

    I want something open source, that runs locally on my home network. If it requires connectivity to a server on the Internet, I don't want it.

    There's no legitimate reason such a device can't be made except so that the tech companies can access whatever data they want - which yes, is PROBABLY just for product improvement (which will include better, creepier targeted advertising), but is also a massive invasion of privacy with all sorts of potential to be used by criminals and the government doing things you'd consider criminal.

  3. It's not hard to figure it out by Guyle · · Score: 4, Insightful

    Seriously, has anyone bothered monitoring packets from an Echo or Google Home using their router or Wireshark? If these devices ARE uploading voice data when you're not actually using it then it's not difficult to figure out. I monitored mine at home for a month straight, and the only spikes in OUTBOUND traffic coincided with the precise times I asked Alexa for something. Beyond few bits here and there, which are too small to hold any meaningful audio of understandable quality, I failed to detect any secret surveillance.

    With all of the engineers out there (who are smarter than me, for sure) there has to be folks who've tried what I have on a bigger scale with better tools, and if someone had found evidence of illegal surveillance, they would have come forward by now. It's what everyone wants, right? To PROVE these things are evil?

    If you say audio uploads aren't detectable then give me a plausible method for ex-filtration of the data.

    1. Re:It's not hard to figure it out by sinij · · Score: 3, Insightful

      I choose to sleep under a hanging sword suspended by a single strand of horse hair. I closely monitored this sword, and have no detected any signs of it falling down and killing me in my sleep.

      If you say this sword is going to fall and kill me in my sleep, give me a plausible method for how it would work.