Comment by Aurornis
1 year ago
I’m fascinated that this urban legend persists among tech people because it’s so easy to disprove.
Did you know that you can set up a proxy from your phone and capture all traffic from it? It would be so trivial to find the traffic from your phone. There are ways to MITM and inspect the traffic, too.
There are also many people doing static reverse engineering of phone apps looking for security vulnerabilities. To believe this urban legend, you’d also have to believe that none of them have ever encountered this hidden voice analysis code.
If we ignore that, you know there are OS-level security controls on apps, right? iOS and Android don’t make it easy for apps to use the microphone constantly and run in the background to process it.
Finally, if we ignore all of that, how can anyone believe that these companies are recording conversations but none of their employees have ever chosen to blow the whistle? We’ve seen numerous FAANG “whistleblowers” come through with everything down to trivial or baseless complaints, but nobody has blown the whistle on these supposed widespread spying programs?
The whole urban legend is preposterous to anyone who has any experience with apps or phone security, let alone common traffic analysis or reverse engineering tools. I don’t understand why the myth is so persistent among even some technical people.
I'm not sure if the legend is true or not. But this argument doesn't really disprove it. The devices don't need to send full audio recordings. They are powerful enough these days that they can do a cheap on-device audio analysis and tagging, and then upload the (very small) tags. It doesn't need to be Siri quality analysis because it doesn't matter if the analysis is incomplete or sometimes inaccurate. They would just be scanning for certain keywords.
As for whistleblowing... Is there really that much to whistleblow about it? We already know that ad-based companies like Google are collecting our data every chance they get, because they make billions of dollars from it. They're scraping our emails, studying our GPS location, paying attention to who we are in proximity with, etc. The level of surveillance is incredible and people don't really care. It wouldn't be headline news to find out that they are taking advantage of yet another side channel.
>Did you know that you can set up a proxy from your phone and capture all traffic from it?
The phone knows about your proxy. There are phones - actual brands - that were caught on sending secret telemetry to their manufacturer, but only when not listened - definitely only on mobile data, no wifi, and I assume with cert pinning.
I know a person who was researching this and they needed a Faraday cage and a BTS to conduct experiments. So it's not exactly trivial.
The difference is that these were small Chinese brands that were not even that popular in my country - and still someone researched this. Imagine how much research Android and Iphone get, and there's not a single proof of and wrongdoing. Now that is unlikely.
This is just flat earth for technophiles. They don't really want to know the truth, they just want to enjoy their fantasy of living a conspiracy theory.