OK, sit down, everyone — we don’t want you falling over and hurting yourself when you learn the news that actually yes, your phone has been listening to your conversations all along. Shocking, we know, but that certainly seems to be what an outfit called Cox Media Group (CMG) does with its “Active Listening” software, according to a leaked slide deck that was used to pitch potential investors. The gist is that the software uses a smartphone’s microphone to listen to conversations and pick out keywords that it feeds to its partners, namely Google, Facebook, and Amazon so that they can target you with directed advertisements. Ever have an IRL conversation about something totally random only to start seeing references to that subject pop up where they never did before? We sure have, and while “relationship mining” seemed like a more parsimonious explanation back in 2017, the state of tech makes eavesdropping far more plausible today. Then there’s the whole thing of basically being caught red-handed. The Big Three all huffed and puffed about how they were shocked, SHOCKED to learn that this was going on, with reactions ranging from outright denial of ever partnering with CMG to quietly severing their relationship with the company. So much for years of gaslighting on this.
In other dystopian news, the American Radio Relay League just wrote a $1 million check to end a ransomware attack. According to an ARRL statement, unidentified “threat actors” found their way into computer systems at the group’s Newington, Connecticut headquarters and related cloud-based systems, which allowed them to install encryption packages on laptops, desktops, and servers running a variety of operating systems. The ARRL’s crisis team managed to talk the cyberattackers down from their original demand of several million dollars to just a million, which all things considered was probably the path of least resistance and lowest cost. It’s a shame that things have come to that, but here we are.
The long saga of Starliner’s first crewed test flight is finally over, as the beleaguered spacecraft pushed back from the International Space Station and headed back to a midnight landing in New Mexico on Saturday. The return was sans crew, of course, with NASA being unwilling to risk the lives of astronauts Suni Williams and Butch Wilmore in a spacecraft that hadn’t really performed up to snuff on the way up to the ISS. As if the leaky thrusters weren’t enough, just before the hatches were closed Wilmore reported weird noises coming from a speaker in Starliner. He managed to capture the sounds on his mic for Mission Control, which for all the world sounded like someone repeatedly banging on a pipe in the distance. The weird thing about the sound is the regularity, which sounded a little faster than one per second. We’re keen to see if NASA shares any in-depth engineering information on this and all the other Starliner anomalies now that the craft is back on the ground.
If you’ve ever had to do extensive overhead work, such as sanding or painting ceilings, or working under a car on a lift, you know the burn that starts to set in after just a short while of holding your arms over your head. Up to now, the only way to fix that was either hit the gym and work on upper body strength, or find another way to make a living. But now that we’re living in the future, you can just strap on your own exoskeleton backpack and take a load off the robotic way. Perhaps unsurprisingly, the ExoActive exoskeleton comes from Festool, best known for its wonderfully well-engineered premium tools that often command a premium price. The ExoActive is battery-powered and straps on like a backpack with extensions that support the upper arms. It can be set to different work heights and provides a boost in lifting power, taking some of the weight off your shoulder girdle and transmitting it to your lower back. Unlike other exoskeletons we’ve seen breathless press releases for, this one seems like something you can buy right now. Sure, it’s expensive, but it’s a fraction of the cost of shoulder surgery.
And finally, Animagraffs is back with an incredibly detailed look inside the inner workings of a 16th-century sailing vessel. The video really captures what it took to build vessels that could (just barely) sail around the world for the first time. We loved the explanation of the rigging, especially the differences between the standing rigging and the running rigging. If you don’t know your clewline from your backstay, this Blender tour de force will set you straight.
IIRC, Starliner’s speaker noise was explained as feedback between its audio/radio system and the audio/radio system of the ISS.
I experienced such similarities between what was spoken and texts and adverts over the past few years.
So, either it really happened, or psychiatrists will have to come up with a name for it, such as The Bufm Snarf Effect.
Go ahead and allow micrphone access to your apps and then be pikachu-face when your conversations are recorded on these data-leeching, privacy violating Facebook etc. apps.
I’m pretty sure you need to really do zero-day stuff to get record microphone if one hasn’t allowed microphone for the app. It would be impossible to capture microphone data if the app is not active / “in background” as it is not running at all (not counting voip-permissions). I’m speaking about iPhone here, dunno about Google phones (all Androids). Wouldn’t be too surprised if Google is listening for advertisement purposes when your phone is in standby.
You don’t need a 0-day if you are the phone manufacturer or the OS. If your app is the one in charge of assigning privileges, then your app has the privileges.
Also, you will note an additional “benefit” for devices with on-device voice recognition (speach to text in hardware/firmware ynning on an accelerator). Hey don’t need to capture the raw microphone input. Hey can just watch for the counts of whatever X keywords they are interested in this week. A handful of bytes is very easy to hide…
I’m 99% sure there has been at least one proof-of-concept attack where they used the accelerometer as a (bad) microphone, that could be another sneaky way they collect conversations. Nothing would surprise me, companies like this are more nefarious and less honest than many cyber criminals.
You would be surprised. I have microphone access off for all apps but when bluetooth is conected I can see it turning the microphone on and off regularly. Like 5-10s every few minutes. Check and see for yourself. I have and LG but it did it the same on my older samsung.
Oh, come on, are you serious? You’re saying that they’ve been listening linking to the article saying they are listening which in turn is linking to the article saying they can listen. And then you have the audacity to talk about gaslighting?
Any modern phone and/or mobile OS shows some kind of notification when microphone is in use. Do you actually believe some random third party no one has heard about could pull this off? That no one would notice the network traffic, increased CPU and decreased battery life due to constant listening? Again, seriously?
Ahh but that’s he kicker.
You have to trust them. And it is in their best interest to lie.
But let’s imagine they aren’t lying.
What does “accessing the microphone” ACTUALLY mean?
From a system standpoint, it means getting access to the audio stream itself.
But that isn’t the only useful way to use microphone input.
Most phones have hardware speach-to-text nowadays.
If an app queries the register that holds the count of how many times the word “popsicle” was recognized in the last 8 hours, is that “accessing the microphone”?
Nope. It’s just talking to the CPU/accelerator.
Can this hardware be turned off?
Usually no.
I get your point, but considering that in terms of Android permissions “querying WiFi status” equals “obtaining user location”, I’m going to assume that they would do the same for speech recognition.
(Also, I’m a Slavic language speaker, so I’ll be safe for a couple of years after anyone introduces anything like that in US. Alexa still doesn’t support my language almost 10 years after premiere.)
Clearly no one in these articles have heard of white hats, or security researchers.
Yeah, it’s not absurd and is in fact the literal definition of gaslighting for so called experts to proclaim otherwise — just see for yourself:
https://web.archive.org/web/20231214235444/https://www.cmglocalsolutions.com/blog/active-listening-an-overview
Isn’t wiretap a felony? Who’s going to prison?
There are plenty of “two party consent” states for audio recordings, so it’s not like the phone’s owner accepting an EULA with tiny font about it makes this any less of a crime.
I’m entirely serious, this deserves prison sentences. It’s not the only marketing behavior I’d describe as such, but it’s a great example.
Gaslighting indeed. Suppose I shouldn’t complain but in a 50″ Onn smartv we received as a gift the Youtube app was so desperate for my gmail account it first flooded us with ads so I left it alone. Later it changed tack and offered no videos unless I gave it my gmail. Again I let it stew for a few days more and somehow it grabbed the account of one of my nephews. I suppose that one time he visited he logged on YT from our home’s internet.
Strange because if it were to grab one wiithout asking it should have been MY gmail but somehow Google missed badly. I let it be nonetheless since my nephew’s got a Premium account and watching YT without ads is a big boon and YT is none the wiser.