It's already pretty well known that phones send tons of data. People have attached them to firewalls and can clearly see how much crap is going out every second. The problem is that there's so many packets going to so many different IPs for so many different purposes and it's all encrypted. It happens constantly even when the device is idle. My Win 7 PC does the same, despite all my attempts to shut off any telemetry and useless services. Is the device spying or is it just doing "normal maintenance"?
More importantly is that data doesn't have to be sent in realtime. Any spying can simply be stored in a queue and uploaded on a schedule. You can't associate transmission of data with a specific action or command in that case.
I hate it with a passion, but massive amounts of traffic is just the norm these days, and it's here to stay. Judging a device based on the quantity of data sent, or even when data is sent, is not feasible.
Just because ONE Phone (or mobile Platform) does it, does NOT mean they ALL do it.
I have always wondered why a Windows computer will CONSTANTLY access the Hard Drive, even when it is ostensibly at Idle, with no Applications running (except Explorer.exe). THAT'S the kind of stuff that is super-creepy to me, and it has been going on for YEARS.
But you can only cache so much data for so long, and then it has GOT to be uploaded. And just like with ANY SIGINT, just because you can't read the actual DATA, doesn't mean that you can't tell WHO is talking to WHOM. And THAT CANNOT be hidden or obsfucated, no more than the Address on the outside of a sealed snailmail envelope.
And it becomes REALLY non-trivial to transmit THAT much data (remember, the longer it waits, the more data HAS to be flushed!) without raising eyebrows, especially over time, and especially when a device is ostensibly IDLE for long periods of time. We're not talking about a "blip", checking on a server to see if there are OS Updates, etc; we're talking about pretty significant streams of data.
Sorry; but it CANNOT be hidden for any appreciable length of time. There are PLENTY of nerds with nothing better to do than to let their phone sit for a day or two and watch the WiFi traffic OUT of the Device. SOMEbody would have spotted this behavior with iOS devices by now. Period.
I agree with what your saying and I'm not saying it was Apple. I will say that when I've noticed it the topics were so unique there has to be something more to it then randomness. With the college example, it wasn't an ad, it ended up being a week of ads plastered everywhere.
As Tim Cook said recently, "It is really creepy when you look at something on the internet, and all of a sudden there are ads for it everywhere." And in fact, I seem to remember that Apple is putting something in Safari to try and stop that (I don't know how, though). So, I really don't think it is Apple.
But I agree: That is VERY odd...
Here's the Slashdot Article about what the real Tim Cook (;-) ) said:
And since the HuffPost article was from a year ago, one would assume that has already been added to Safari; since I believe Apple has already released its "Core ML" Machine-Learning Framework. In fact, it is already at "Core ML 2":
Dude, chill out man. If you don't think Apple doesn't sell the highest priced item they can, you haven't bought a $30 cable when you can pay much less.
And you haven't bought that same cable from another computer OEM, either.
Don't single-out Apple EVERY SINGLE TIME, when the entire INDUSTRY does the EXACT SAME FUCKING THING!!!
"And, considering the number of DECADES-long bugs found in F/OSS, the "many eyes" meme is just that. A meme."
Okay, now tell me how closed source software is supposed to be more secure when you can't see the code and have no idea how many vulnerabilities are just waiting to be exploited.
"That's why I said: "Don't verify the Source. That's worthless. Verify the OPERATION."
That's worthless without the sources, because you can't expect it to behave the same way every time if you can't check the sources to look for special cases.
What "Special Case" would be practical for something that is supposed to be logging and repeating your every utterance?
And how is the phone supposed to know you aren't just watching some Spy movie, FFS?
"What you are proposing is that NOBODY can have Private IP anymore."
Total nonsense. What I'm stating is that non-Free software is harmful to users. You can have private IP and use it in house without doing harm. But closed source software is not trustworthy by definition.
And, considering the number of DECADES-long bugs found in F/OSS, the "many eyes" meme is just that. A meme.
OSS is only marginally more transparent than closed-source.
That's why I said: "Don't verify the Source. That's worthless. Verify the OPERATION."
While you are correct, there's a sound evolutionary reason for doing so... to successfully avoid predators.
FWIW, I think the above comment someone made about Facebook may provide sufficient answer without needing to invoke Apple lying. And I have no strong belief that Apple wasn't lying.
Like a true Trumpian, you attempt to use a double-negative to lie about your lie.
What you MEANT to say was "I have a strong belief that Apple IS lying."
We will also be discussing cigarette companies denial that cigarettes cause cancer and big oil companies denial that fossil fuels contribute to global warming, news at 11.
Seriously though, whether or not they actually are, do we expect Apple to say anything different if it can't be proven (or possibly even if it can)?
Fucking just watch for network traffic out of the phone while it is ostensibly asleep.
How would they recognise the "Ey, siri!" command if they are not listening? What they do with the audio that doesn't match the Ey siri command we don't know. As users we'll have to trust whatever they say, and however they implemented it... and I think trust is not enough.
Stupid fuck.
They have custom silicon that recognizes that "Trigger Phrase" LOCALLY. Nothing is recorded. Nothing is sent until that phrase is recognized.
Today I created a list of nouns from a physical dictionary to use as honey-pot terms. I think the right thing to do is mention the terms aloud and log the time/date. Capture the ads as the terms show up --as screenshots.
Glad YOU have nothing else to do.
Come out of that basement and check out the outside sometime; the graphics are amazing!
I've had several experiences where random run ins with people I don't know have started yielding lots of ads related to obscure topics we've talked about. For example in an elevator I ran into someone wearing the shirt of a small college I was looking at but passed on, we talked about 1 minute about the school then went our separate ways. Within 15 minutes I started seeing ads for the school even though I lived 1000 miles away and ran into the guy 2500 miles away. It might very well be an option I clicked through on an app, but it's happened on multiple occasions at this point.
Don't forget cables and dongles.:) People seem to about business models. Without a doubt Apple will sell you the highest priced items that they can get away with selling; however, the vast majority of their business model is to sell hardware. Things like media is so that you will buy their hardware. For example, Apple took a stand against DRM in music because the public was against it and it benefited Apple not to have it. They have DRM in movies and shows because the public is fine with it.
Posted from your Android Phone, Made by a company who makes most of their money selling targeted ads based on your data views. Vs. Apple who makes its money from selling higher margin devices.
Apple has released design/block diagrams on the silicon and how "Hey Siri" is implemented in hardware and doesn't require intervention from either the CPU or the OS. It can be verified by putting some scopes and circuit analyzers on the thing and seeing when and where the 'activity' actually happens.
It's fairly easy to test whether or not they're lying, if your CPU and SSD keeps waking up whenever there is audio, even if the trigger hasn't been used, you know they're lying.
Also, you can dump the contents of your iPhone as a developer. So it would also be pretty easy to verify there is no recording lurking somewhere on the drive waiting to be sent to Apple. You could also analyze the traffic that is sent to Apple and see whether it is feasible that audio recordings which would have to be a pretty continuous stream, even encrypted, are being sent without the trigger phrase.
Exactly.
Just make a looped recording that DOESN'T include the phrase "Hey, Siri" (or simply a radio station or TV would work fine), and put the iPhone in front of a speaker playing the sound. Now watch for WiFi traffic from the phone while sleeping.
So easy to verify without examining a single line of code, and yet all the FOSSies can think to do is pore over a bunch of code that may or may not be what is actually running in the device.
The rest of us understand that some level of trust must always exist, that absolutist arguments like this are worthless, and that companies have good reasons to protect intellectual property.
Wtf? Apple lies all the time. Steve jobs claimed ogg vorbis was an illegal codec at one point of time and half of their advertising in the past Implied osx couldn't get viruses.
During antenna gate it took them almost to the point of getting sued to admit the issue.
Yes. Apple should prove themselves
Citation on the Ogg quote, cuz I'm not finding it?
Show me a true, self-replicating virus on macOS or iOS.
It's been over TWENTY years for OS X/macOS, and ELEVEN for iOS. Where are all the viruses? Trojans don't count.
This is why clauses which require that the user be able to actually build and then furthermore actually install and use the code they compiled are necessary. What good is source code, Mister Anderson, if you are unable to compile and use it?
You F/OSS fanbois really take the cake!
What you are proposing is that NOBODY can have Private IP anymore.
My charger has a light that shows when the battery is charging. When the battery is charged, the light turns off.
The charger light turns on when the TV or music is loud. It switches off not quite as fast as a scope would show activity, but soon enough to know that something draws more current when there is significant audio input.
I bet a phone with a dead battery could be used to track audio spying pretty easily.
I love your point about storage. Some apps queue their data for upload on reconnect.
Since your charger has a light on it, I am assuming you DON'T have an iPhone.
Slashdot Mirror
It's already pretty well known that phones send tons of data. People have attached them to firewalls and can clearly see how much crap is going out every second. The problem is that there's so many packets going to so many different IPs for so many different purposes and it's all encrypted. It happens constantly even when the device is idle. My Win 7 PC does the same, despite all my attempts to shut off any telemetry and useless services. Is the device spying or is it just doing "normal maintenance"?
More importantly is that data doesn't have to be sent in realtime. Any spying can simply be stored in a queue and uploaded on a schedule. You can't associate transmission of data with a specific action or command in that case.
I hate it with a passion, but massive amounts of traffic is just the norm these days, and it's here to stay. Judging a device based on the quantity of data sent, or even when data is sent, is not feasible.
Just because ONE Phone (or mobile Platform) does it, does NOT mean they ALL do it.
I have always wondered why a Windows computer will CONSTANTLY access the Hard Drive, even when it is ostensibly at Idle, with no Applications running (except Explorer.exe). THAT'S the kind of stuff that is super-creepy to me, and it has been going on for YEARS.
But you can only cache so much data for so long, and then it has GOT to be uploaded. And just like with ANY SIGINT, just because you can't read the actual DATA, doesn't mean that you can't tell WHO is talking to WHOM. And THAT CANNOT be hidden or obsfucated, no more than the Address on the outside of a sealed snailmail envelope.
And it becomes REALLY non-trivial to transmit THAT much data (remember, the longer it waits, the more data HAS to be flushed!) without raising eyebrows, especially over time, and especially when a device is ostensibly IDLE for long periods of time. We're not talking about a "blip", checking on a server to see if there are OS Updates, etc; we're talking about pretty significant streams of data.
Sorry; but it CANNOT be hidden for any appreciable length of time. There are PLENTY of nerds with nothing better to do than to let their phone sit for a day or two and watch the WiFi traffic OUT of the Device. SOMEbody would have spotted this behavior with iOS devices by now. Period.
I agree with what your saying and I'm not saying it was Apple. I will say that when I've noticed it the topics were so unique there has to be something more to it then randomness. With the college example, it wasn't an ad, it ended up being a week of ads plastered everywhere.
As Tim Cook said recently, "It is really creepy when you look at something on the internet, and all of a sudden there are ads for it everywhere." And in fact, I seem to remember that Apple is putting something in Safari to try and stop that (I don't know how, though). So, I really don't think it is Apple.
But I agree: That is VERY odd...
Here's the Slashdot Article about what the real Tim Cook (;-) ) said:
https://apple.slashdot.org/sto...
https://www.huffingtonpost.co....
And since the HuffPost article was from a year ago, one would assume that has already been added to Safari; since I believe Apple has already released its "Core ML" Machine-Learning Framework. In fact, it is already at "Core ML 2":
https://developer.apple.com/ma...
What "Special Case" would be practical for something that is supposed to be logging and repeating your every utterance?
Obviously, looking for specific users, or subsets of users. Or for activity which will disguise the network traffic.
And how is the phone supposed to know you aren't just watching some Spy movie, FFS?
Obviously, voice printing.
You forgot the sarcasm tag; because you couldn't possibly be serious...
Dude, chill out man. If you don't think Apple doesn't sell the highest priced item they can, you haven't bought a $30 cable when you can pay much less.
And you haven't bought that same cable from another computer OEM, either.
Don't single-out Apple EVERY SINGLE TIME, when the entire INDUSTRY does the EXACT SAME FUCKING THING!!!
Now, FUCK OFF.
Seriously.
"And, considering the number of DECADES-long bugs found in F/OSS, the "many eyes" meme is just that. A meme."
Okay, now tell me how closed source software is supposed to be more secure when you can't see the code and have no idea how many vulnerabilities are just waiting to be exploited.
"That's why I said: "Don't verify the Source. That's worthless. Verify the OPERATION."
That's worthless without the sources, because you can't expect it to behave the same way every time if you can't check the sources to look for special cases.
What "Special Case" would be practical for something that is supposed to be logging and repeating your every utterance?
And how is the phone supposed to know you aren't just watching some Spy movie, FFS?
You people make no sense.
Don't bother answering him. He's an Apple fanboy. No matter how many times you prove him wrong he will double down on stupid.
Log in and fight like a man; or STFU and FOAD.
"What you are proposing is that NOBODY can have Private IP anymore."
Total nonsense. What I'm stating is that non-Free software is harmful to users. You can have private IP and use it in house without doing harm. But closed source software is not trustworthy by definition.
And, considering the number of DECADES-long bugs found in F/OSS, the "many eyes" meme is just that. A meme.
OSS is only marginally more transparent than closed-source.
That's why I said: "Don't verify the Source. That's worthless. Verify the OPERATION."
While you are correct, there's a sound evolutionary reason for doing so ... to successfully avoid predators.
FWIW, I think the above comment someone made about Facebook may provide sufficient answer without needing to invoke Apple lying. And I have no strong belief that Apple wasn't lying.
Like a true Trumpian, you attempt to use a double-negative to lie about your lie.
What you MEANT to say was "I have a strong belief that Apple IS lying."
FTFY.
Moron.
We are listening and recording.
Translation from Slashtard-speak:
Everything is a Conspiracy.
We will also be discussing cigarette companies denial that cigarettes cause cancer and big oil companies denial that fossil fuels contribute to global warming, news at 11.
Seriously though, whether or not they actually are, do we expect Apple to say anything different if it can't be proven (or possibly even if it can)?
Fucking just watch for network traffic out of the phone while it is ostensibly asleep.
Easily verified, moron.
How would they recognise the "Ey, siri!" command if they are not listening? What they do with the audio that doesn't match the Ey siri command we don't know. As users we'll have to trust whatever they say, and however they implemented it... and I think trust is not enough.
Stupid fuck.
They have custom silicon that recognizes that "Trigger Phrase" LOCALLY. Nothing is recorded. Nothing is sent until that phrase is recognized.
Boy, you're stupid.
Today I created a list of nouns from a physical dictionary to use as honey-pot terms. I think the right thing to do is mention the terms aloud and log the time/date. Capture the ads as the terms show up --as screenshots.
Glad YOU have nothing else to do.
Come out of that basement and check out the outside sometime; the graphics are amazing!
I've had several experiences where random run ins with people I don't know have started yielding lots of ads related to obscure topics we've talked about. For example in an elevator I ran into someone wearing the shirt of a small college I was looking at but passed on, we talked about 1 minute about the school then went our separate ways. Within 15 minutes I started seeing ads for the school even though I lived 1000 miles away and ran into the guy 2500 miles away. It might very well be an option I clicked through on an app, but it's happened on multiple occasions at this point.
Brains look for patterns.
That's why Conspiracy Theories work so well...
PRISM was with the users consent?
PRISM was another approved third-party app?
Do governments get that explicitly approved microphone access?
Hey NSA?
Other than one highly-suspect PPT slide, there is ZERO proof that Apple ever participated in PRISM.
* A local daemon is constantly watching that data stream for signals that appear to contain "Hey Siri" using a limited pattern recognition algorithm.
It's dedicated hardware, not a daemon, stupid.
The rest of your paranoid Slashtard rant is just that: Paranoid.
Don't forget cables and dongles. :) People seem to about business models. Without a doubt Apple will sell you the highest priced items that they can get away with selling; however, the vast majority of their business model is to sell hardware. Things like media is so that you will buy their hardware. For example, Apple took a stand against DRM in music because the public was against it and it benefited Apple not to have it. They have DRM in movies and shows because the public is fine with it.
Oh, just FUCK OFF.
Seriously.
FUCK THE FUCK OFF.
Posted from your Android Phone, Made by a company who makes most of their money selling targeted ads based on your data views.
Vs.
Apple who makes its money from selling higher margin devices.
;-)
Right. Of course we can trust Apple. Obviously.
A LOT more than we can trust an ANONYMOUS, COWARD, don'tcha think?
Apple has released design/block diagrams on the silicon and how "Hey Siri" is implemented in hardware and doesn't require intervention from either the CPU or the OS. It can be verified by putting some scopes and circuit analyzers on the thing and seeing when and where the 'activity' actually happens.
It's fairly easy to test whether or not they're lying, if your CPU and SSD keeps waking up whenever there is audio, even if the trigger hasn't been used, you know they're lying.
Also, you can dump the contents of your iPhone as a developer. So it would also be pretty easy to verify there is no recording lurking somewhere on the drive waiting to be sent to Apple. You could also analyze the traffic that is sent to Apple and see whether it is feasible that audio recordings which would have to be a pretty continuous stream, even encrypted, are being sent without the trigger phrase.
Exactly.
Just make a looped recording that DOESN'T include the phrase "Hey, Siri" (or simply a radio station or TV would work fine), and put the iPhone in front of a speaker playing the sound. Now watch for WiFi traffic from the phone while sleeping.
So easy to verify without examining a single line of code, and yet all the FOSSies can think to do is pore over a bunch of code that may or may not be what is actually running in the device.
Idiots.
The rest of us understand that some level of trust must always exist, that absolutist arguments like this are worthless, and that companies have good reasons to protect intellectual property.
Precisely.
Yeah, because lying to Congress is a fantastic plan, and they would totally do that to... what end?
Posting the source code isn't going to happen. They would let government auditors in under NDA long before that happened. Get real.
Exactly. A Special Master would be appointed to review the Source and Report to Congress.
But so what? Just packet sniff the output for a day or two, and that will tell you FAR more than any stupid "review" of a million or so lines of code.
Idiots.
Not by me or to my standards, and you have provided no links or other data to backup your statement.
Tough shit.
Wtf? Apple lies all the time. Steve jobs claimed ogg vorbis was an illegal codec at one point of time and half of their advertising in the past Implied osx couldn't get viruses.
During antenna gate it took them almost to the point of getting sued to admit the issue.
Yes. Apple should prove themselves
Citation on the Ogg quote, cuz I'm not finding it?
Show me a true, self-replicating virus on macOS or iOS.
It's been over TWENTY years for OS X/macOS, and ELEVEN for iOS. Where are all the viruses? Trojans don't count.
This is why clauses which require that the user be able to actually build and then furthermore actually install and use the code they compiled are necessary. What good is source code, Mister Anderson, if you are unable to compile and use it?
You F/OSS fanbois really take the cake!
What you are proposing is that NOBODY can have Private IP anymore.
No thanks, Comrade!
My charger has a light that shows when the battery is charging. When the battery is charged, the light turns off.
The charger light turns on when the TV or music is loud. It switches off not quite as fast as a scope would show activity, but soon enough to know that something draws more current when there is significant audio input.
I bet a phone with a dead battery could be used to track audio spying pretty easily.
I love your point about storage. Some apps queue their data for upload on reconnect.
Since your charger has a light on it, I am assuming you DON'T have an iPhone.
Therefore, your entire post is moot.