• 1 Post
  • 72 Comments
Joined 10 months ago
cake
Cake day: January 3rd, 2024

help-circle









  • But without hard evidence I don’t believe random apps are just recording clandestinely in the background.

    I certainly do. Malware attempts to record you is old news.

    We have always assumed voice was off the table for practical reasons - voice recordings are expensive to decode and correlated usefully.

    Cox has particularly deep pockets, which makes this interesting.

    I do actually agree, this really could just have been a vendor bullshitting. Normally I would say Occam’s razor points there. But Occam’s razor points the other way, to me, when I consider that basically everyone I know has experienced a voice targeted ad.

    The big ugly question is which apps are recording voices?

    It might just be name squatting spyware. I haven’t seen confirmation that any do this, and I always assumed it was too expensive. Maybe it still is, but my guess is Cox isn’t the only ones who got that sale offer.

    The creepy part is, if you’re not inclined to take Google, Amazon, and Meta at their word, then one wonders what other apps are recording voices…

    Here’s the conspiracy part:

    • Apps by Meta famously ask for more permissions than they should reasonably need.
    • Both Google and Amazon publish operating systems that promise us they are enforcing our permission preferences, while definitely collecting more behavior data than most people would feel comfortable with, if they were aware.
    • We know that all three companies thrive on tracking our behavior, and selling what they learn.
    • One of the three had to change it’s corporate slogan away from “don’t be evil”.

    The conspiracy emerges when we look at these data points and squint a little.


  • Security researchers would’ve noticed this.

    They did notice. Malicious apps that use everything they can to spy on you are old news.

    To your point - this isn’t confirmation that any of the big players are listening directly. That would probably have been caught by security researchers, although it would be really difficult in Google’s or Amazon’s case, as they run proprietary software at a very low level.

    The news here is two fold;

    1. Cox got caught buying that data, and when confronted about it, Google, Amazon, and Meta all failed to deny that they also buy that data from those malicious app makers.

    2. This is strong evidence that someone is routinely collecting that data. That’s news. We’ve suspected for awhile that, at minimum, the malware apps do. Occam’s razor says at minimum, we should now assume many malware apps are using microphone to collect speech and submit it elsewhere for analysis.

    The unprovable part of this that smells much worse is: a kid in a basement writing malware does not have the computing power to turn tons of raw voice recordings into useful correlated data.

    That kid needs an ally with a lot of computing power. Google, Meta, and Amazon all have a motive here and have the necessary computing power.

    And all three worded their denials pretty carefully, I noticed.


  • In summary: Google, Amazon and Meta all deny that they directly access your microphone, and all three failed to actually deny purchasing voice data from third party apps that definitely do use your microphone and pair that with your ad targeting profile.

    This is getting more attention because an internal slide deck from Cox Media Group was leaked. Based on rthe nature of leaks, it’s safe to assume that Cox isn’t the only organization up to this, they were just three least careful

    So yeah, they’re listening to anyone who isn’t incredibly careful what apps they install and what permissions they give those apps.

    Exactly as we all have suspected for years, while they gaslight us promising that they definitely don’t.

    Notice that they’re still denying it, and trust that as you will.