Comment by Spooky23
2 months ago
There is so much time spent “debunking” audio recordings being shared with various entities it makes me more suspicious.
Just like Facebook’s “we never sell your data (we just stalk you and sell ads using your data)”. I’m sure there’s a similar weasel excuse… “we never listen to your audio (but we do analyze it to improve quality assurance)”
It’s similar with the TSA facial recognition photos. “We delete your photo immediately” but what they don’t say is that they don’t delete the biometrics from that photo.
It's a crime that were compelled to concede our 4th Amendment rights in order to travel.
Literally not compelled in this case, the TSA signage says that the image capture is completely optional.
More generally, having your stuff screened for security to get on a commercial plane isn't a 4th amendment violation, the word "unreasonable" is right there in the amendment for a reason. You're in public in an enclosed flying object bringing your goods onto someone else's plane with 100+ strangers aboard, it is completely reasonable and necessary for the freedoms of everyone involved for the TSA to ensure that your stuff doesn't have dangerous objects aboard.
Don't forget that freedom also involves the freedom of other people to not be negatively impacted by you exercising your "freedom."
5 replies →
Depends on the type of travel right? I took Amtrak weekly for several years and never even had to show ID.
3 replies →
Same with drivers licenses and passports having a photo requirement too
9 replies →
It literally says right on the facial recognition sign that you're free to opt out, just let the TSA employee know
5 replies →
Amtrak and Greyhound do not require those biometrics, nor does renting a car and driving (or driving your own).
15 replies →
> There is so much time spent “debunking” audio recordings being shared
Not really. 99% of the time it's someone claiming that it happens.
And it's always an anecdote, never clear proof that it happened. Let alone that it happened because of the audio and not web activity. And that the conversation was actually the cause for the ad and not the other way around.
Is it technically possible? Sure. But if so many people are so certain that it definitely happens, why didn't dozens of people already prove it with a fresh Google/Apple account and phone?
I observed a clean experiment that showed a friend’s Google Pixel phone listening to us and adjusting news stories on Google app’s home screen.
However:
— IIRC the phone was unlocked,
— this only affected the news feed, and
— this was 5–6 years ago.
We 1) noted how Google app shows some selection of news after opening, 2) talked clearly for a minute about a very random and conspicuous topic in presence of the unlocked phone, and 3) demonstrated that the Google app showing an article relevant to the topic within a few minutes. The article was a few days old, too, so it was clearly boosted out of more recent stories.
The only reason it could be something other than the phone microphone is if I was misled by my friend steering us towards a predefined topic. However, that would require some extensive preparation to rule out the story appearing in the first step and would be very atypical for that person.
I recall seeing an article about Google admitting this and changing their policy to stop, but can’t seem to find it now. I imagine it was bad publicity, though to my friend it was a feature to see personalized content.
This was a coincidence.
That’s why it’s something you observed one time 5-6 years ago, not something that happens repeatedly in a testable way.
4 replies →
Here is an example that just happened today. I talked to my partner about me going to a city directly (via one state) or indirectly (via another state). All I said was "so you want me to go directly to X".
Boom, Illinois tourism ad shows up the next time I hit the internet. Scary thing is I didn't even say the state name, just the destination, and SOMETHING calculated that Illinois is in the middle.
This stuff has now happened far too many times in the last 10 years of my life, it is simply implausible to call it coincidence at this point. You are being listened to by your phone.
Ad firms have no ethical boundaries, and have lied about their data collection over and over.
What is really frightening is that if the ad companies know everything about you, then multiple state actors also know everything about you.
Confirmation bias at its finest
Why would that be even be a good targeted ad? Its simpler and more profitable to show you ads about a place you actually plan to go to..
> You are being listened to by your phone.
This would simply eat the battery immediately, it's simply not feasible and given all the other, cheap tracking it wouldn't even be beneficial.
1 reply →
> Not really. 99% of the time it's someone claiming that it happens.
It’s never packet captures, reverse engineering of the app, or one of the tens of thousands of employees working for these companies blowing the whistle.
Nobody can even show that their phone app is using background CPU when they talk, utilizing the microphone, or sending packets from that app. All of which are in reach for anyone with Android and some basic skills.
It’s always an anecdote about someone who said something out loud and then saw ad for it later. That’s it. That’s the entire basis for the conspiracy. Yet it persists.
It’s a very good litmus test for people who don’t understand technology as well as they claim to.
On the other hand it might point to something more serious, that the level of tracking Facebook and Google use lets them loosely predict what you are going to think about.
So maybe the microphones are safe and pristine, but we should be worried and appalled the same as if they were actually listening.
I like to think about it sorta thermodynamically: consider your behaviour under the blurred lens of interests, what you buy, what you read, how you react to news, etc, in this model humana have, let's say, n bits of entropy; how many of those bits can Facebook decode?
Not saying this is true, but the amount of time and effort put into saying "no one is listening to you" could be attributed to the novel 1984, where the government is actively listening to its citizens. Enough people could associate the novel with government surveillance that it's what people interpret as the most likely surveillance happening - and enough people don't understand tech that it's lost on them that a) the tech to actively listen to millions of people constantly doesn't exist at the appropriate level to be effective b) there are significantly more and far more effective ways to monitor people with current tech than via microphone. It's truly unfortunate people don't understand tech to realize what's actually possible and what is actively happening vs what they imagine could be happening
Sure it does. You just haven’t seen it.
Download OtterAI. Or run voice memos all day, load it into NotebookLM and it about your day. Hell, setup whisper on your MacBook and you can chug away at pretty significant quantities of audio.
I’ve seen solutions that process audio from hundreds of multi-party meetings and can do all sorts of analysis. In one case, it can do realtime sentiment analysis and alert security when an encounter is getting tense.
We don't "listen" to your audio, the microphone does, and your phone transcribes it to text on your device. You cannot listen to text. Therefore we don't listen to your phone audio.
Except for the fact that if you read the debunkings, they go into great detail as to why that is empirically not the case.
There is a small list of reasons why it needs to be "debunked:"
1. Your phone is gathering data that you don't realize that it gathers.
One of the biggest examples of this is real-time location data that is brokered by cellular carriers and sold as aggregated marketing data. You don't have to give your apps permission to do anything like that because your cellular carrier can get that data regardless of your phone's OS.
2. Your phone is gathering data that you gave it permission to gather, perhaps gathering it in a way you didn't think it would do.
For example, let's say you give an app permission to read your entire photo library so that you can upload a photo. But since you gave it that permission on the OS level, it might be uploading more images than you explicitly select. Another example used to be clipboard data before the OSes asked permission for use of the clipboard. One last example is text that you enter but do not submit.
Another big aspect of this is that people don't realize how these ad networks work in real time. It's not a slow thing for an advertising company to learn something about you and react accordingly, it can happen in a few short seconds.
2. The average person doesn't have any comprehension of how easy it is for data science practices to uncover information about you based on metadata that seems benign or that you don't know exists.
Most people don't understand how your behavior in an app can be used to tell the company things you like and dislike. The TikTok algorithm is a great example, it can tell what you like just by extremely subtle inputs, how you swipe, how long you watch the video. A lot of people don't realize how many things about them aren't particularly unique and how many preferences can be tied to a really specific persona that you fall into.
A real world example of all of this put together is that I was spending a lot of time browsing appliances because I just bought one, and I went to physically visit a friend. We were talking about my new appliance, and later they got ads for that specific appliance. So, the person's reaction would naturally be "it was listening to us!!" but in reality, it is more likely that our cellular carrier or carriers knew we were physically in the same place and reported that piece of information to some kind of data broker. Consider how there are a limited amount of cellular carriers, that location data may not have needed to even exit the cellular carrier to sell this data to someone. I.e., if we both have the same cellular carrier , our company already has that information and it isn't selling it to another company, it's perhaps just telling a data broker that Person A and Person B interact with each other.
Just note that I'm not claiming this is exactly how it all works as I'm not in that industry, but the general ideas here apply. The general takeaway is that literally recording audio with a microphone just isn't necessary to derive hyper-specific things about people.
That's much worse compared to listening for keywords. You're looking up men's enhancement products and everytime you enter a room all ads on everyone's phone change to those products?
While I don't agree with these sorts of industry practices and believe the US needs a universal data privacy law, I don't see how matching up some relatively impersonal metadata could be considered worse than directly listening in to private conversations.
The advertiser trying to sell my friend appliances didn't really get a lot right about them. They're a renter and the advertiser thought they’d like to buy a major kitchen appliance just because we were in the same location.
If they were able to listen in to our conversations they wouldn't have sent them an advertisement at all.
Now this could be a fun adversarial exercise, with more interesting products of course.
This assumes that companies such as TikTok control their timeline up to the individual post, perfectly analyzed in order to extract your unique traits, and they have specifics ads lined up for you. Where - in my view - their timeline is just a bunch of random submissions. TikTik is just trying to sell ads and will try anything to match your profile to one of their active ad compaigns so they can bill their client more.
I'm confused at what you're claiming here. Yes, the submissions are rather random, but TikTok definitely figures out what type of content you like and what advertisements are most effective.
Your feed is almost certainly personalized up to the individual post, but I think if we are making an analogy to human curation it's certainly not working the same way behind the scenes.
Nope, there is no need for this.
Think of it like an attacker (the app) would breach a cryptographic target (you and every other user of the app). The attacker starts to send random messages or try to mess around with signatures/tokens/APIs and listens for errors, timeouts, spam filters, possible side channels until it learns enough to figure out how to predict how the system will behave and maybe even to influence it.
Both in the analogy and with the timeline out does not matter if you mix a few random messages between a test and another as long as you comprehensively keep track of how the target behaves.
Every interaction is a data point, some data points are more useful than others but none is useless
I can just say that I knew an entrepreneur in early post Y2K who developed apps to track music played in clubs in SF for folks like ASCAP, BMI, and SESAC. They gave out "free" phones (these were the small expensive candybars and nice flip/slideups) to the influencers of the day. They compressed the audio for orthogonality, and had a huge number of hashes to match. If they got more than a few consecutive matching hashes at a location that wasn't paying royalties, they got an enforcement call.
So the idea that it takes a huge amount of computing resources, battery life, permissions, or bandwidth to do matching of keywords is hilarious. That's what "siri", "hey google", "alexa" etc are all doing 24 hours a day. Just add another hundred and report them once an hour. You don't need low latency. It's just another tool in the bag!
Of course the cat food example is bad, because if they weren't looking for that you wouldn't get a response. Who would be willing to pay big for clicks on cat food. Now bariatric surgery? DUI? HELOC? Those pay.
>That's what "siri", "hey google", "alexa" etc are all doing 24 hours a day.
You might have just convinced me that the “phone is listening” is total bunk, because these dedicated devices are just so bad at recognizing the very specific, short, phrases when explicitly directed at them that I can’t imagine they are listening for much more. Listening to my in-laws try to activate their Alexa and Google Homes is something the CIA might consider for their next torture method.
You expect 95% accuracy matching activation phrases. You don't need that for ads. It only needs to work some of the time for some of the people, especially if it makes $/click.
1 reply →
> So the idea that it takes a huge amount of computing resources, battery life, permissions, or bandwidth to do matching of keywords is hilarious.
I also knew an entrepreneur who tried this same thing, but with TV shows.
Fingerprinting specific audio is a different algorithm problem entirely. You only need to sample a short section of audio every few minutes and then process the spectral peaks, which are fingerprinted against a database of known samples.
This is how apps that name a song work. It’s not the same as constant full speech to text.
But you’re skipping the key part of the story: They had to hand out phones specifically for this because you can’t get constant audio background processing from installing an app on a modern phone OS without the user noticing.
> That's what "siri", "hey google", "alexa" etc are all doing 24 hours a day.
Again, wake word monitoring is a different algorithm. Monitoring for a wake word is a much simpler problem. They’re not processing everything you say, concerting it to text, and then doing a string compare for the wake word. It’s a very tiny learning model trained to match on a very specific phrase, which might run at a hardware level.
I agree it's a different algorithm, but not a higher powered one. You don't need to know context to get HELOC, Bariatric, or DUI. You also don't need 95%+ accuracy for 95% of the population. You're just doing advertising.
2 replies →
What kind of keywords would you imagine provide an actual, profitable advantage to an ad company? I can't imagine "computer 2", "fridge 3", "egg 4" being all that valuable compared to.. literally my whole browser history and my reaction to other ads/videos (I looked at that short for 10s vs immediately skipping builds a very nice profile). And now add i18n in the picture - even the main AI assistant products suck in anything other than English, so this fancy, advanced technology with low return of value would end up with a low target audience as well.
Also, "Siri" and the like ends up waking the main processor, which is definitely easy to prove/disprove. Just talk to your phone continuously for a long time and see if it wakes.
Low, even very low, return of value is not no return. Therefore, given they make some return, and it has some value, that's enough for them to do it. Ads and ad data are two sides. We are often not the target for an ad, but our data provides stats about how an ad is performing. If more consumers are influenced to spend $1000 on something than not, then it's worth if for them. It's an aggregate cost benefit analysis not how effective it is at the isolated individual level.
Another thing to consider is that we should never fall into the trap of thinking we are immune from influence from advertisers. Firstly, it's basically what advertiser want; it allows more actions like this, more of our data to be sold and secondly because it's easier to influence someone if they think of a decision as their own choice, than if they think they were manipulated into it. We do not remember the ads we see but we can remember that we are all susceptible to influence.
1 reply →