Amazon: 'Unlikely' string of events led to Echo recording a family's private chat & sending to some random guy

#1

Originally published at: https://boingboing.net/2018/05/24/amazon-responds-on-echo.html

4 Likes
#2

I can see this being a useful loophole for the gov’t to use to defend snooping via digital assistants in court: “we swear these recordings just showed up!”

6 Likes
#3

See first, they tried to ship some paper plates for free, and then they returned like…I don’t know…3 whole things, that were totally defective, but that’s…like ‘3 things’, I mean, c’mon…

:roll_eyes:

Because wrasslin!

No, that’s why SyFy cancels shows… :thinking:

BTW - Thank you, Jeff! :blush:

#4

@beschizza understandably closed his thread on this so we wouldn’t have three in a day, but I wish to reply to his question with a question. And it’s not not be snarky, just to point out something people often overlook.

Why do people have these infernal contraptions in their homes?

Rob, do you have a fairly recent model smart phone and have you rooted it?

Which isn’t to say people should buy Alexa devices. I certainly advise against it. Rather to point out that most people already carry always-on listening devices they have little actual control over on their person almost all the time. That’s a problem we as a society should be concerned about, rather than just security researchers who already are. And if you think that’s paranoid, understand that your talk of hardwood floors getting sent to your contacts isn’t the underling concern. The problem is that a world where users don’t understand or have meaningful control over their digital agency is one where they’re at the mercy of bad actors, whether corporate, government or outlaws.

16 Likes
#5

Based on various posts I think Mark @frauenfelder has dozens of them.

7 Likes
#6

Actually it’s extremely likely, since we’re discussing it in an internet comment section. A 100% chance of happening is not “unlikely” :wink:

1 Like
#7

@orenwolf re-reboing

#8

Like putting the link to discussion forum sandwiched between ads on your blog?

14 Likes
#9

So it wasn’t quite some random guy although that would have been preferable. I mean it’s more likely that your conversation might be something you wouldn’t want an acquaintance to hear rather than a complete stranger that has no idea who or where you are.

2 Likes
#10

tenor

5 Likes
#11

They should install these in Uber’s self driving cars. Alexa - play death race!

A friend just mentioned that he asked the several of these dewices in his home to make cow noises. It turned into a great game of confuse-a-cat.

5 Likes
#12

Does the law of large numbers apply here? A large number of Alexa devices are listening to a large number of conversations 24/7, and have been for 2 1/2 years. While it’s probably true that what happened here is unlikely to happen to any given person or family, the likelihood of it happening to one or more people/families is - obviously - 1.

Edit: one or more people have had this happen, because we don’t know how often someone has been on the receiving end and just sat there giggling, rather than immediately calling the senders.

11 Likes
#13

No need, because I’ve never been so busy or complacent that I’d ever willingly put a HAL9000 in my home in the first place.

9 Likes
#14

Except, it’s trivially easy to set your phone to not listen if the screen is locked.

5 Likes
#15

Except, it’s trivially easy to set your phone to not listen if the screen is locked.

That’s why @GulliverFoyle mentioned rooting. If you’re using a build of the OS that your phone’s manufacturer loaded onto it, your phone could easily still be listening and you’d never know.

6 Likes
#16

It is, and people should absolutely do so. However, ultimately you’re trusting both the forthrightness and the debugging expertise and diligence of the software manufacturer (whether it’s Apple or Google or Microsoft or some smaller player). Bugs will happen and bad actors will exploit them. Short of taken apart your phone and measuring current to the mic, the only way to be truly certain your phone isn’t listening (as opposed to pretending to not listen), is to exercise full control over the code. I’m not saying you need to learn to write your own operating system, but the OS you place your trust in should be auditable by multiple independent organizations keeping each other and the manufacturer in check.

And again, I’m not trying to scare anyone or get them to avoid using smart phones. I have a Samsung Galaxy I like quite a lot, and very much enjoyed the two consecutive iPhones before I switched to Android. My only point is that this particular Alexa breach is indicative of a larger problem that we need to solve as a society in terms of how much control we exercise over out devices and digital selves.

And we can, but it’s going to entail significant changes to both IP law and software regulation, and probably most of all a grassroots movement from customers and other end users to demand real agency.

7 Likes
#17

It’s even easier to make the Echo stop listening - you just press the mic button on top. You even get a visual indicator that it’s off.

1 Like
#18

Ahh… but how do you know it’s really turning itself off?

5 Likes
#19

Whoop whoop! Longtime iPhone user here too, and I switched when Apple pulled that CPU throttling crap (which, by the way, is a good example of hidden functionality that works against the user, assuming you don’t buy Apple’s lame excuses for it). Now a very happy Samsung S9+ owner.

1 Like
#20

Both are great phones. Samsung has its issues as well, but in the balance Andriod is a better fit for me personally. I just want people to understand that the problems with digital agency are a deeper social issue not caused by or restricted to any one company. I have an S8+ I’ll be using for a few more years, but if I were buying one now I’d probably buy a Pixel as I’d like stock Android out of the box and it still has a great camera and screen.

The technology is great. The inscrutable black box, not so much.

5 Likes