
Is your smartphone listening to you? - CarolineW
http://www.bbc.co.uk/news/technology-35639549
======
voidz
The article takes it into a boring direction, and they didn't mention Samsung
who is most active in this field. Vendors bypass appstores with their
proprietary apps. Once upon a time I had a Samsung phone, and when I
configured its email app, I saw Samsung's own servers, and not my phone,
logging in to my email server. Which means they stole my password. That's when
I tossed out Samsung devices once and for all.

But anyway, here's the courtesy tl;dr of the article:

Can it be done? Absolutely. Will it be done? Most likely. Have many people
suggested that it's already happening to them? For sure, all over the place.

Is it allowed by Google, Facebook and the like? Most definitely not. So is it
happening? Probably not, it's just a coincidence that you talk about something
specific, and then suddenly find all kinds of ads about it.

Here's a dictionary definition of 'coincidence' followed by an explanation
from a professor about how our minds have evolved to correlate stuff all over
the place and see patterns in them, even though they're just coincidences.

~~~
digi_owl
> Once upon a time I had a Samsung phone, and when I configured its email app,
> I saw Samsung's own servers, and not my phone, logging in to my email
> server. Which means they stole my password.

Would love to see some traffic logs regarding this.

~~~
dave2000
Plus a copy of all the EULAs you consented to with Samsung when you used their
phone and software.

~~~
reitanqild
However relevant this possibly is a court case it is less relevant when you
are about to pick between a nexus, an iPhone and a Samsung S-series.

Also while IANAL, note that in a number of jurisdictions EULAs like the ones
you seem to think about might not be valid. Norwegians consumer authorities
recently mocked them and I applaud them for it.

~~~
dave2000
With a Nexus you're trusting Google with a lot more info than Samsung could
hope to obtain. So if this isn't about legality then I'm not sure what it is.
Presumably Samsung aren't storing your email credentials so they can launch a
spam campaign, and you've not provided anything like enough information to
deduce that they're doing anything other than, perhaps, keeping the email
moving.

I never read EULAs and I can imagine they're not valid everywhere, but they're
useful as a measure of the intent of the company producing them. I imagine
Samsung, for example, reserves the right to use any information you provide to
ensure a certain quality of service. I'm sure Google have run their EULAs -
valid or not - past similar lawyers.

~~~
reitanqild
Google has shown that they fire sysadmins who put their nose into customer
data even though tje sysadmin in question had good intentions. AFAIK they also
have a fairly strong security record. I'm not saying Samsung doesn't but I
don't know.

------
jimhefferon
If a vendor provided a _physical_ switch with which I could turn off the mic,
that would be a feature that I at least would consider very attractive.

~~~
nickpsecurity
That's in my proposal for a secure or private phone that I drop on people
trying to build one. Hopefully it will get in a successful product at some
point. Need one for mic, front camera, rear camera, and radios. Might
compromise to have a physical switch for mic and radios with something inside
phone (eg a jumper) to turn off others. I want to be sure I can cut actual
power to mic and wireless, though.

~~~
drdaeman
If your threat model concerns with hardware/firmware exploits, then you can't
trust the physical switches unless they cut _all_ the wires - and unless you
can validate that this is what they do. Theoretically speaking, a malicious
(or threatened/persuaded/forced) manufacturer may implement a non-standard way
to power the supposedly disconnected component using still-connected wiring,
to be used for a special occasions.

/tinfoil

~~~
sametmax
This is why I got a shutter on m laptop camera. It's mechanicl, and I can see
it's on or off. It should be a legal obligation to provide those, for camera
and mic.

~~~
markokrajnc
Regarding "legal obligation": in some countries the government may be the
second main user of your camera and mic - next to you...

~~~
sametmax
This is sadly true.

------
willholloway
The only real answer to this with current consumer devices is to have a
soundproof case for your phone. Radio connection can be kept alive, and if the
case were smart it could have its own internal mic, wired to an led or speaker
on the outside of the case to alert the user that the phone is ringing.

It's a product I've been kicking around producing for a while now. Is there
demand? Would you purchase for peace of mind?

I have come to peace with ubiquitous and comprehensive data collection of
everything I send unencrypted over the wire. In a way it fits with current 4th
ammendment ideas concerning zero expectation of privacy.

But just like the Supreme Court I strongly draw the line at the walls and
shade drawn windows of my home. I do not want internal surveillance of my
personal conversations with friends or lovers in my own home, and every
internet connected microphone you own, in your macbook, Fire TV remote or cell
phone can be almost trivially turned into a bug by any actor with the right
exploit.

We've already seen it done by IT at a school district [1], school staff
attempted to use laptop webcam photos of students in their bedroom to
discipline them for drug use.

[1]
[https://en.wikipedia.org/wiki/Robbins_v._Lower_Merion_School...](https://en.wikipedia.org/wiki/Robbins_v._Lower_Merion_School_District)

~~~
williamscales
I've thought about making something like this myself and I would definitely
purchase one if it were available.

I wonder how to make an acoustically insulating phone case that is not so
bulky one has to keep the phone in a bag. Acoustic insulating materials I've
seen are fairly massive or have large spatial extent (or both).

------
jameslk
This is why I use an app called DVasive which tells me when my mic or camera
is in use. It's pretty good at figuring this out it seems, although I haven't
found any nefarious apps yet that use my mic or camera unexpectedly (I've been
using the app for a couple of years). It probably wouldn't work for vendors or
other rogue ways to get access to my phones devices however.

~~~
cle
How can you trust DVasive isn't itself malicious?

~~~
trakout
Isn't DVasive software founded by John McAfee? I'd trust it based purely off
his personality. He's kinda crazy (in a good or bad way, depends on who you
are), and he'd probably make a lot of noise if he found out his app was
malicious.

~~~
_audakel
Thats all is based on if he is somehow still involved with the technical
details enough to figure it out. Most likely whoever put it in won't be
talking about it to him.

------
sandworm101
In defence of the BBC, they are particularly sensitive to this atm. It is not
unusual for journalists in the UK to be asked to remove batteries from phones,
particularly when discussing certain international matters that may interest
certain people. The concept of a smartphone being turned into a listening
device isn't unheard of in the UK. For whatever reason, US/Canadian
journalists are more trusting. I trace this to the aftermath of the london
riots and RIM revelations. So I am not surprised to see the BBC publish
something in this area more readily than others.

~~~
williamscales
What do the journalists do when the battery is non-removable? Do they just
leave the phones "far enough away"?

~~~
sandworm101
Not joking: I've seen them wrapped up in layers of tinfoil.

~~~
luxpir
That's fine, if it's not recording to send later when defoiled.

Better off not taking it or putting it in another room, next to a radio tuned
to static.

Mind you, when I'm pocket dialled I can rarely hear any conversations clearly.
Doesn't take much to muffle audio input.

~~~
sandworm101
Unless the phone isn't simply recording, but is harvesting the mac address (or
other identifier) of nearby phones in order to expose who the reporter is
meeting with. Then the microphone is irrelevant.

------
barnacs
I wouldn't be surprised if your smartphone was listening to you, but sadly
these particular feats would be feasible simply based on all the information
these people have been willingly sharing with google/facebook/etc.

If a lot of her friends/family are searching for "Motorbike accident,
Thailand", it seems likely google would suggest it to her.

Similarly, if someone's boyfriend mentions to a third party on facebook
something along the lines of "sorry we missed the <event> last night,
@girlfriend was having a migraine", it's not so surprising if said gf is shown
migraine ads soon after.

Bottom line is, I think people vastly underestimate how much private
information they are willingly sharing. Sadly, these companies don't even need
to listen in sneakily these days.

------
smaisidoro
I have to say, I'm very sceptical about all of this, but one day a friend
showed me a product (some speakers that use the table surface for resonance)
and the ad showed a couple of minutes after on Facebook.

I started thinking on how devices can emit audio signatures for other devices
around it to be aware of its presence. A couple of years after, Chromecast
uses audio for authentication of nearby devices.

I honestly dismissed my paranoia all of these years with the argument that it
would show in battery and data usage. But with offline language models, I'm
not so sure anymore.

~~~
Houshalter
One theory I have is that advertisers keep track of IP address. So if your
friend searched for something on your internet, it would show ads to you.

I know this happens because a few years ago there was a discussion about how
advertisements were leaking christmas present purchases through something like
that.

But what's really creepy is the article claimed 24/7 speech recognition didn't
drain battery too badly. And doesn't eat up data if it's over wifi.

~~~
Karlozkiller
Yes this definitely happens. I've had people on the same network as me getting
Japanese YouTube ads just because I or someone else looked at a few Japanese
videos.

------
hackuser
I'm very surprised this is news, especially on HN but even on the BBC. I can't
believe serious IT security researchers wouldn't be aware of it.

A well-known (to me, I suppose) application is to listen to commercials
playing on TV, in pursuit of the ad industry goal of tracking users between
platforms. There's even a tech that ads an inaudible sound to commercials that
your phone can pickup.

------
ck2
also related:

RSA key extraction in one hour via mobile phone microphone placed next to PC

[http://m.cacm.acm.org/magazines/2016/6/202646-physical-
key-e...](http://m.cacm.acm.org/magazines/2016/6/202646-physical-key-
extraction-attacks-on-pcs/fulltext)

------
ibudiallo
Not that long ago, I had an experience with this[1]. I'm currently running a
test with my old phone to confirm that it is listening to me. I have an old
android phone, with the microphone disabled (tape on the input)

Every once in a while, I will have the tape removed and say a few keywords,
then disable it. My hope is to see if I will receive any advertising in with
these niche keywords. It's only been a week so far, but I will update the post
if there is anything.

(Note I have create a new google account just for it.)

[1]: [http://idiallo.com/blog/be-mindful-with-ad-
targeting](http://idiallo.com/blog/be-mindful-with-ad-targeting) (disclaimer:
my blog)

------
dredmorbius
As I've been suggesting increasingly on HN and elsewhere: sell me hardware
_without_ a mic.

I no longer trust mobile phones at all, so I carry one virtually never.

I use a tablet. It has an integrated mic and two cameras. The cameras are
taped (they should have lens caps). On the rare occasions I use it for voice
comms, I plug in a headset.

Pervasive audio pickup is a growing problem. It's going to be all but
impossible to avoid _other_ devices (other people's phones, audio-wired
Internet-of-Shit lightbulbs, toasters, refrigerators, thermostats, video
panels, Glade Stasi Vases (e.g., Google Now, Amazon Echo), cars, busses. But
you can at least assert your own personal hardware.

~~~
majewsky
On a related stance, Rob Gonggrijp and Frank Rieger of the Chaos Computer Club
suggested a certification for "Guaranteed Cloud-less Objects", given the
recent surge of IoT devices that spy on you, or lock you out unexpectedly
because of server maintenance.

Source: Video at
[https://media.ccc.de/v/32c3-7501-ten_years_after_we_lost_the...](https://media.ccc.de/v/32c3-7501-ten_years_after_we_lost_the_war)

~~~
dredmorbius
_Interesting!_

Thanks.

------
ddebernardy
> Facebook also told the BBC it does not allow brands to target advertising
> based around microphone data and it never shares data with third parties
> without consent.

This and the follow-up paragraph read like:

> Facebook monitors background noise already without using it themselves for
> advertisement targetting purposes, but will share the data with third
> parties if you miss a privacy setting.

/tinfoil

~~~
sukilot
Are you intentionally changing the scope of terms in your misparaphrase?

FB doesn't share data, it uses data for targeting, and it doesn't target by
mic data.

~~~
treebeard901
If we accept that facebook is monitoring your microphone, and they are not
targeting ads based on the mic data, then what is the point of having it
monitor your microphone to begin with?

------
jwr
The fact that we have to ask that question and can't be sure of the answer is
worth an article in itself.

------
EA
It's being done because:

1) there is power/money to be gained 2) users will consent to it, actively or
passively

#2 isn't really a requirement in emerging technologies and with little case
law on the books

------
stephengillie
I'd be interested to see low-power voice recognition. My PowerShiri demo uses
~12% CPU on a Core2 Duo laptop when it's listening.

~~~
etatoby
I'm pretty sure most apps use the default OS services, which just send the
compressed voice data over to a server, where the actual recognition is
performed (and your voice data stored forever, for "research and development"
reasons...)

~~~
imaginenore
Such a stream would have been detected a long time ago. Do you have any
evidence?

------
readme
It definitely does, and I wouldn't be surprised if big companies did not do it
directly. I'd theorize that the tiny apps people download for games or little
cat pictures unkowningly integrate this functionality as a dependency of
advertising SDKs they use to make $0.10 CPC then the ad middlemen sell it back
to the bigger companies.

------
markokrajnc
I wonder how many (foreign) security agencies use exactly the same
technology... so easy to access... so much to gain...

~~~
sukilot
Every security agency is foreign to someone, and many have peering
arrangements

------
ck2
Doesn't this need a visible permission in an app or are there workarounds like
using the google play api?

~~~
etatoby
You only need to put in the app an obscure functionality that makes use of the
mic, and then explain what it is in the app description, for the 1% of people
who will even bother to ask why Super Candy Smash Tournament is asking for
permission to use the mic.

~~~
logicallee
If Google were serious about granular permissions in Android it would allow
you to choose from three options: "allow", "block", "pretend to allow" for
every requested permission, where the third would be described as "Your app
will be given permission but will not have actual access unless you grant it."
Then later you could have a pop-up "This app is requesting access to your
camera. You have previously chosen to give it fake access. (a black image.)
this app is requesting camara access: allow access/block/pretend to allow?"

likewise contacts, photos, whatever. There should be detailed places to put
fake content to give apps, for example here are my fake contacts, here are my
fake photos, here are wav files for my fake microphone feed. Some people have
new phones and haven't sent SMS's yet, or have no contacts - how would an app
know if this is the case?

So fuck you, pinball gane app, the fuck you need to read my SMS and contacts
and camera photos and need my microphone for. No, I just have a new phone and
am in a quiet room :-D

~~~
majewsky
Didn't they add this to Marshmallow? So that if the app wants to access the
camera roll, but you don't allow it, it just gets an empty list of images.

(I might confuse this with iOS, though. Does someone have a source?)

~~~
schiffern
Unfortunately these OS level privacy countermeasures are trivial to
circumvent.

Instead of checking for [photo permission denied] or [camera permission
denied], on supported OS versions the app can check for [empty image list] or
[black camera image]. Then display the impenetrable wall, or disable the
goodie, or lock out the content because it can't verify that there are N or
fewer viewers, or...

~~~
logicallee
I addressed this explicitly: an advanced user could create fake contacts, take
or upload fake photos (for example, I might not care about EXIF data), create
fake SMS's. How should an app determine the difference between a user with a
new phone with few or no SMS's, and a user who has chosen to fake a few or no
SMS's? More to the point, the phone could simply generate fake content
algorithmically, and these algorithms could change all the time. How would an
app keep up? If it helps you think about it, at this point the phone is the
bot and the App is the one trying to keep a bot from successfully using its
API. Surely possible, but not "trivial".

------
jokoon
I have a huawei $60 android which is 2 year old. I don't have a data plan nor
a SIM in it, I just use it for offline openstreetmap data with OSMAND and for
watching youtube video. I'm not so rich so I use a nokia candybar cell phone
for my calls.

I was at this park, and my battery was nearly dead. At the 20% mark, I noticed
that the battery drained very quickly, and it lost 1% per 10 second. Maybe
it's a battery physics issue, or maybe it was emitting my position/recording
to a GSM antenna... I guess it was defintely a battery physics issue.

~~~
williamscales
Battery meters are nonlinear (i.e. they don't follow a straight line) in the
regions close to full and close to empty. Battery level meters also tend to go
out of calibration over time. I think these two factors together probably
explain what you saw (as you say, a battery physics issue essentially).

------
simunaga
Android 6 will allow to block the permissions of an app, right?

------
miguelrochefort
> Is your smartphone listening to you?

I wish. Not doing so would seem like a missed UX opportunity.

