• bdonvr@thelemmy.club
    link
    fedilink
    English
    arrow-up
    31
    arrow-down
    2
    ·
    edit-2
    2 months ago

    Someone back this up with proof. Security researchers would’ve noticed this. They’d’ve had to have hacked their way around the microphone permission systems and microphone use indicator (depending on OS) on your phone and upload that data without being caught by security analysts. That kind of bug would probably be worth a fairly decent bounty too.

    The article talks about a slide in a PITCH to advertisers. But not a concrete system. Then it goes on to say advertisers bought a dataset from other sources. What dataset? From where? It doesn’t say. Transcriptions from voice assistants? Maybe. But without hard evidence I don’t believe random apps are just recording clandestinely in the background. But people want to believe this so writing shitty unsourced articles with click bait titles and tenuous-if-I’m-generous linking of weak facts lacking entirely in context generates lots of clicks.

    • MajorHavoc@programming.dev
      link
      fedilink
      English
      arrow-up
      8
      arrow-down
      2
      ·
      2 months ago

      Security researchers would’ve noticed this.

      They did notice. Malicious apps that use everything they can to spy on you are old news.

      To your point - this isn’t confirmation that any of the big players are listening directly. That would probably have been caught by security researchers, although it would be really difficult in Google’s or Amazon’s case, as they run proprietary software at a very low level.

      The news here is two fold;

      1. Cox got caught buying that data, and when confronted about it, Google, Amazon, and Meta all failed to deny that they also buy that data from those malicious app makers.

      2. This is strong evidence that someone is routinely collecting that data. That’s news. We’ve suspected for awhile that, at minimum, the malware apps do. Occam’s razor says at minimum, we should now assume many malware apps are using microphone to collect speech and submit it elsewhere for analysis.

      The unprovable part of this that smells much worse is: a kid in a basement writing malware does not have the computing power to turn tons of raw voice recordings into useful correlated data.

      That kid needs an ally with a lot of computing power. Google, Meta, and Amazon all have a motive here and have the necessary computing power.

      And all three worded their denials pretty carefully, I noticed.

      • bdonvr@thelemmy.club
        link
        fedilink
        English
        arrow-up
        6
        arrow-down
        1
        ·
        2 months ago

        Cox got caught buying that data, and when confronted about it, Google, Amazon, and Meta all failed to deny that they also buy that data from those malicious app makers

        But what is that based on? This paragraph?

        A spokesperson for CMG told Newsweek that “CMG businesses have never listened to any conversations nor had access to anything beyond third-party aggregated, anonymized, and fully encrypted data sets that can be used for ad placement.”

        I don’t think that explicitly means they had datasets made up of clandestinely recorded conversations in the wild.

        third-party aggregated, anonymized, and fully encrypted data sets that can be used for ad placement.

        Really could describe ANY possible set of tracking data… Unless you put this quote into a clickbaitey article and strongly imply it’s something sinister.

        • MajorHavoc@programming.dev
          link
          fedilink
          English
          arrow-up
          4
          arrow-down
          1
          ·
          edit-2
          2 months ago

          You’re not wrong to give the benefit out the doubt and believe their PR person isn’t lying.

          But I’m not inclined to give that benefit of the doubt. I don’t trust these folks farther than I can throw them. I don’t, myself, need proof, to believe they would try this crap.

          And this is definitely evidence.

    • MajorHavoc@programming.dev
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      9
      ·
      edit-2
      2 months ago

      But without hard evidence I don’t believe random apps are just recording clandestinely in the background.

      I certainly do. Malware attempts to record you is old news.

      We have always assumed voice was off the table for practical reasons - voice recordings are expensive to decode and correlated usefully.

      Cox has particularly deep pockets, which makes this interesting.

      I do actually agree, this really could just have been a vendor bullshitting. Normally I would say Occam’s razor points there. But Occam’s razor points the other way, to me, when I consider that basically everyone I know has experienced a voice targeted ad.

      The big ugly question is which apps are recording voices?

      It might just be name squatting spyware. I haven’t seen confirmation that any do this, and I always assumed it was too expensive. Maybe it still is, but my guess is Cox isn’t the only ones who got that sale offer.

      The creepy part is, if you’re not inclined to take Google, Amazon, and Meta at their word, then one wonders what other apps are recording voices…

      Here’s the conspiracy part:

      • Apps by Meta famously ask for more permissions than they should reasonably need.
      • Both Google and Amazon publish operating systems that promise us they are enforcing our permission preferences, while definitely collecting more behavior data than most people would feel comfortable with, if they were aware.
      • We know that all three companies thrive on tracking our behavior, and selling what they learn.
      • One of the three had to change it’s corporate slogan away from “don’t be evil”.

      The conspiracy emerges when we look at these data points and squint a little.

      Edit: I think many of y’all are in denial about how much you shouldn’t trust Meta apps on your phones.

      We know Meta wants to use things you say to build an ad profile. We have evidence they don’t have any moral qualms about doing it. We know they have unfathomable terms of service and closed source apps.

      And now we know there’s been at least one closed door conversation about buying the recordings that supposedly don’t exist.

      I don’t have proof but I also don’t have any apps by Meta on my phone.