Hacker News new | comments | show | ask | jobs | submit login
Google is nerfing all Home Minis because mine spied on everything I said (androidpolice.com)
257 points by watbe 9 days ago | hide | past | web | 145 comments | favorite

What this all boils down to is 1) trust and 2) the value proposition with regards to the trade-off between possible privacy violation and the value the device has to them personally. For me, these devices are worthless and even if their value was >0 the number would have to be enormous because of the value I assign to my privacy.

The real issue here is the same issue we have with government agencies like the NSA and CIA. There is substantially little most people can do to verify the claim. For example, Clapper swore before congress that the NSA wasn't collecting data on millions of Americans. Snowden showed that was a complete lie. The NSA program would have continued without anyone being the wiser without the leaks because the only people that knew that didn't work for the NSA were delivered gag orders. So without some sort of civilian oversight committee that has real teeth, how would anyone actually ever find this information out?

The same is true here with things like Echo, Home Minis, etc. The data being transmitted is encrypted so even if you are technically inclined and know how to capture it on it's way out of your home network, you'll never be able to decrypt it. So how do you really know for sure that it isn't actually transmitting anything and everything you say? The only logical answer is trust. You believe them. That's enough for most people. But to say, as the article does, that ideas like this are from the tinfoil hat crew is kind of absurd. In addition to the PRISM program, we also know that Amazon's Echo is/was being used in at least one murder case and I highly doubt a few seconds before being murdered the victim used a hotword to activate the Echo device. We also know that the NSA has a program called Tailored Access Operations which they can use to intercept online tech purchases and install spyware on them if you are a target of interest.

Like you I would never bring a device like this into my home. The issue is they are becoming normalized and mainstream adoption is growing at an alarming rate. What happens when you can't purchase a home appliance without these "features" and it refuses to work without connecting to your wireless network and being able to phone home?

It's getting more and more difficult to find a non-"smart" TV, it will be a sad day if the same thing starts happening to other appliances. I don't want to live in a home with a smart fridge, smart toaster, smart oven, smart toilet.

Yep. Fortunately, though, you can simply refuse to set up the internet connection on your TV. This is what I have done. No wifi password = no outgoing data.

Probably only a matter of time before devices start leaking data via the cell network. Amazon was able to deliver "free" cell service to Kindles, right?

Tesla does the same thing in their vehicles. Every one has an LTE modem.

I hadn't heard of this or the Kindle thing mentioned by bhauer. Thanks for alerting me. A new threat I now need to monitor for (sigh).

Yup, and even standalone devices like Roku have "voice search". Which ends up being yet another microphone connected to the internet...

Projectors are still "dumb", so if you have good curtains or typically don't use the TV when it's super bright it can be a great replacement -- I switched from a TV to a projector about 10 years ago and have never looked back :)

There are plenty of “smart” projectors. It’s not really that much different from a TV.

At least it might be easier to RF shield a projector than TV… That’s the future, right? Until it becomes illegal.

then how will you have reception?

You are not alone. Given enough time, our market for "dumb" appliances will be big enough that the manufacturers won't be able to ignore us.

Before I describe exactly what happened and how I discovered this pretty incredible violation of privacy, I'd like to point out that it ended up being a hardware defect in my Home Mini as well as an unspecified small number of others. Google never intended for it to happen and has reacted incredibly swiftly to rectify the situation.

it ended up being a hardware defect in my Home Mini

According to Google.

as well as an unspecified small number of others.

Nothing to worry about, I'm sure. Probably no way to exploit those issues. Probably.

Google never intended for it to happen

Obviously, it's a rookie mistake that anyone could make. And that's why I'm willing to forgive and forget when it comes to multibillion dollar global businesses that make billions more off of the private information they gather and store. Just like I did after Equifax goofed earlier this year. And Yahoo the year before that. And …

Look, I get it that the Google PR people have been super nice and accommodating and embarrassed about the whole thing. Maybe the writer is friends with people on the team, or there might be a job at Google down the road. And, of course, some writers don't want to lose access to free trials and potential interviews.

But I really would like to see specialized news outlets show more backbone when it comes to screw-ups, and not downplay or gloss over serious privacy issues such as this, or take Google's word about what happened. It's a fair question to ask whether the problem(s) may still be present in every other Google device … and if they are potentially exploitable.

If you're going to be cynical, be properly cynical, not just half cynical. Nobody has any use for a spying hardware appliance that tells the user all about how it's listening to every word you say and logs it in a clearly visible location. Obviously this was not intentional on any level.

Prove it with the code or what you are saying is 100% useless.

That ship has sailed regular news has been shown it can’t be trusted for the reasons you point out.

Now we have “news” services like HaveIBeenPwned.com

It's not appropriate to say that "Google never intended for it to happen" without proof that that is the case, something which is almost impossible from outside Google. Yahoo and Equifax didn't intend for their breaches to happen either, but at least they do not benefit from them. Companies like Google and Facebook, which are in the advertising/datamining business, have an incentive for "accidental" slippages like road-mapping cars collecting wifi data, "we didn't know" sharing of virtually all user data sent over the internet without encryption with the NSA, over-complicated "privacy" settings, services for which user data "will be kept separate" morphing into "we now share user data across services...," and on and on.

These are the most powerful non-governmental agencies in the world (and more powerful than almost all governments). Developers have to stop giving in particular Google a free pass on virtually everything. We need to stop setting Google DNS servers to be the default in software or in example code. We need to stop pretending that turning separate URL and search boxes into a single omnibox is a great convenience or efficiency of space and recognize that it's just more comprehensive collection of user data. We need to stop turning that ever-smaller remaining free space on the internet, the Web, into another massive spiderweb of signals sent to Google and Facebook, with as many as ten or twenty requests sent to Google from a typical webpage, many of which no longer function when these requests are blocked, because the functionality of the site, and not just the advertising, now comes from Google servers.

Acquiescence to this status quo is easy and probably good for one's career, but it's also dangerous for democracy, dangerous for innovation, dangerous for independence of thought...

I think you are having a bit of a panic attack

Before people made fun of all the tinfoil theorists.

Now all the folks who can be frivolous and blase inspite of the growing mountain of evidence must be similarly dismissed.

Whatever you say bud, I think most people on this forum are stuck in an echo chamber which of course makes everything seem more important then it really is.

You are not worried?

No, I must have no independence of free thought

Sure, but it's possible that the thing that Google never intended to happen was for the device to fail in such a blatantly obvious way. It does not rule out the possibility that Google intended for the device to (also) be able listen in a less blatantly obvious way.

This story from today's Washington Post is relevant:


Is this really an argument? I could just say there's no proof that google intended for the device to act as NSA proxy, and you could say there's no proof that ....

> there's no proof that google intended for the device to act as NSA proxy

Of course there isn't. This is the problem with surveillance: inherent in its nature is the fact that if it is done competently, its existence is indistinguishable from its absence.

Note that I'm not saying that Google is acting in bad faith. What I'm saying is that the following is fallacious reasoning:

1. This incident turned out not to be a case of bad-faith surveillance.

2. Therefore, Google never engages in bad-faith surveillance.

This is called the "hasty generalization" fallacy.


Black hats will love this.

Google took it seriously because of the potential for bad press -- the company clearly is sloppy on testing and protecting users' privacy, an issue they don't want to bring attention to, considering Google aims to have hundreds of millions of these listening devices in people's living rooms, bedrooms, and even bathrooms in five years' time.

This person also had the contact info for Google PR, which changed the nature of the interaction with Google.

This sounds like a case in which thorough product testing was sacrificed in the rush to make the deadline of the announcement event.

I would guess it's a product iteration problem - the prototypes probably worked, but the first production batch will have some level of issues that spot checks might not find.

I'm in two minds about Google home, alexa etc. On one hand, the novelty / utility of these devices makes me half inclined to get one but the fundamental idea of having a device in my house, connected to the internet that is sat there listening to me 24/7 leaves me feeling slightly uneasy at best. The idea makes me feel like I'd be treating all the things I've read in the past few years about tech companies, privacy etc with complete contempt.

"I'm in two minds about Google home, alexa etc. On one hand, the novelty / utility of these devices makes me half inclined to get one but the fundamental idea of having a device in my house, connected to the internet that is sat there listening to me 24/7 leaves me feeling slightly uneasy at best."

I am totally opposed to these devices in my home and am, frankly, aghast at the notion that they would see wide deployment or that "voice is the future ... blah blah".

However, I do have the ability to consider other viewpoints and when I do, I am completely underwhelmed by the proposed use-cases of these devices. According to Amazon themselves, the things I could do with Alexa include:

"What's on sale today ?"

"Find me a Chinese restaurant"

"What's the weather"

These are use-cases that suggest a user who either has no particular preferences or is satisfied with extremely simple, non-nuanced information (or both). These use-cases are the literal manifestation of dumbing yourself down far enough for the computer to pass your (very easy) turing test.

Other use-cases like "play my party playlist" are a wash in terms of simplicity or speed vs. just (pressing whatever play button you have in the system you use).

Are there any examples that I would find interesting or nuanced or definitive improvements over existing tools ?

I too have observed no use-cases that make these devices appealing even if data exfiltration was not their principal feature.

But what irks me most is the flimsy excuse that sending their recordings (or even a post-processed textual rendering) to the cloud is necessary to perform these trivial operations. We've had desktop voice recognition of the quality necessary to perform these operations for a long time now.

> "What's on sale today ?"

This could access an Amazon (store) API directly.

> "Find me a Chinese restaurant"

This could use a Yelp API directly, as if it were a web browser.

> "What's the weather"

This could use a Weather Underground (or whatever) API. Ideally the device could be configured to source data for these inquiries from various options.

> "play my party playlist"

This shouldn't generate any off-network traffic at all.

>> "play my party playlist" >This shouldn't generate any off-network traffic at all.

at least it should check for drm and weather you paid parking tickets or resell the song otherwise

The only killer use case I've encountered so far is being able to yell "hey Cortana! Next track!" across the room while playing with a toddler, since either walking over to push a button or pulling my smartphone out to advance it remotely would totally disrupt the current interaction with my child.

Or I could just curate my playlists more carefully.

Everything else is either too low information density (this is why I get the weather from an app, not The Weather Channel) or more efficiently handled manually (music control, search queries) in most situations

I had an an interesting moment recently where I watched my 88 year old grandfather seemlessly set up music from his Alexa, and order something on Amazon.

We might just not be the target market.

Honest question. Why do you feel this way about a hub, and not about your smartphone?

(assuming you have one)

Is it because, although your smartphone has the ability to listen to you in the same way, it is not the stated aim of the device?

Not OP, but on the emotional level, I feel similarly. I suppose this capability creeped in slowly - phones became more and more powerful while the industry moved to SaaS model, and then before we noticed your phone is always connected and always talking with someone over the Internet.

(I know technically it was feasible to use phones as listening devices decades ago, but storage and processing infrastructure was not there to do it on mass scale, and your phone could talk to one company only at any given time.)

With assistants, OTOH, you have a device whose sole purpose is to record and transmit your voice over the Internet. With our cloud-based computing world, this kind of makes the posssibilities obvious.

(Also, I have a particular distaste for solutions that use Internet connection for things that should be done entirely locally. For instance, me asking Google Now for current time, should not require sending data halfway around the planet.)

Not the OP, but .. my smartphone explicitly has NO hotwords that it listens to as far as I can tell. I opt out of this Google stuff as best as I can.

So for me the answer would be that - while my smartphone can certainly listen to things (as every thing with a microphone can. Who covered all the microphones in their laptops?) - a smartphone offers these things as optional features.

For Google Home and Alexa etc.: The 'listen all the time' (for hotwords at least..) is the single use of these devices. And as soon as you buy into this stuff you might as well allow the cloud storage of your recordings for 'better recognition'.

A smartphone could do the same. But it has a lot of value without doing any of that.

If you use voice with your smartphone you'll probably find some items on this page


I did. Curiously, the only "false positives" activations are relatively recent ones (from the last 6 months), while stuff ranging from 6 months to 2+ years ago is all correct activations. I.e. it seems either my current phone vendor or Google messed something up.

I did...

"Said: set alarm for 6:30 in the morning"

"Said: set alarm for 7"

"Said: set alarm for 7:30"

"Said: set alarm for 7:45"

As expected, this is empty for me. Glad for the link though.

A hardware chip with a ring buffer and hardware keyword detection is something i feel much better than any microphone in any other device which is purely controlled by software.

Isn't it a valid distinction between a device which could be abused to spy on you vs a device with the sole purpose to record ~everything you say unless you opt out (like in this case)?

I can see how smartphones make that possibility less obvious and more palatable even to users who are aware of it.

If you are worried that a home hub will spy on you, then you should be way more worried your phone will do the same thing.

A lot of phones already listen to audio nonstop. Take the Android phones that listen to "OK Google" or the Apple phones that respond to "Hey Siri". Those features require the phone to listen to and process audio nonstop. Sure, if you don't like that then you can turn it off, but I don't understand why people have concerns about stationary always-listening devices moreso than phones with the same functionality. These base stations or hubs are the same concept, except they're present in a room instead of part of your phone.

All other things equal, I think mobile phones are a much greater threat vector than home hubs. Mobile phones are juicy targets with large, complex attack surface areas. See the various remote code execution exploits in Android that could be triggered by sending someone a message. See the various high levels of privilege that applications have that can be used to spy on you. Did you see the article about how Uber had secret privileges that allowed the app to record iPhone screens? [1]

There are multiple reasons why an attacker would want to compromise your phone (e.g. to steal your data, not just record your voice). Many people have phones, so sophisticated adversaries are more likely to invest the energy into developing attacks. There's a lot more to compromise (apps). Home hubs are less likely to see that same level of scrutiny, and they're less likely to be vulnerable to the same types of attacks and issues because they're much simpler devices (they don't run "apps", they don't communicate on the network except with their vendor).

If you're worried about being spied on, then you should also be worried about other people's phones, which you may not even realize are in the room with you! By comparison it tends to be pretty obvious / known to everyone when there's a home hub present in a room. Your phone probably doesn't have a hardware-level light that tells you when it's recording you, like your home hub does. The list goes on.

[1] http://bgr.com/2017/10/05/uber-app-privacy-issues-iphone-scr...

"A lot of phones already listen to audio nonstop."

I think you have to be careful about what it is you care about. Listening isn't it. To the extent that modern phones "listen non-stop" you're just one step away from saying that all microphones are non-stop-listeners.

What matters is what data is available, where it goes, and who can get access to it. If my phone truly only has a small ring buffer with specialized hardware purpose-built to listen for "OK Google", which it is reasonably accurate at, then it's not a privacy issue. The problem is that by visual inspection I can't distinguish that from a system that is listening for "OK Google" and also other politically interesting keywords, or a phone that is just sending all my audio up, etc.

Now, I am a very technically aware person compared to the general population, and I have good reason at the moment to still believe that phones aren't actually spying on the audio level as much as people believe on the grounds that it is technically impossible due to both battery and mobile data consumption. However, it is not entirely comforting that those are the only reasons I believe it is not happening, and improvements in battery technology, CPU efficiency, and/or mobile bandwidth are going to eliminate those assurances for me.

(By contrast, location spying, activity spying, and abundant marketing-based tracking clearly does happen.)

I monitor traffic on my phone due to data limits. I turn of features that aren't needed, like bluetooth or wifi. My phone is a well understood ecosystem. Meanwhile, these other devices are a speaker and a button. Why wouldn't I trust that?

Exactly correct. But having Alexa's and Google Home's around isn't helping anything. It's just yet another vector that can be used to inadvertently collect your data.

What's the distinction? When comparing to a modern smartphone which supports "Hey Siri" or "OK Google," then both devices have dedicated hardware that's always listening for the activation phrase, then send your audio off to the cloud for processing. The only real difference is that your phone does this even when it's unplugged, can still send your audio to the cloud when far beyond the range of your home WiFi, and can listen to you everywhere you go instead of just at home.

Disable the voice recognition and you have a perfectly functioning phone. With a hub you have a paperweight, pretty big difference.

I agree smartphones are bad, but can see how they perceived not as bad as hubs.

Why would you trust it to actually be disabled when it says it's disabled, but not trust the hub to actually keep your data private when it says it's private?

I for one, do not trust or use them. All I'm saying is they could appear more trustworthy, perhaps because users are less aware.

In this particular case as far as I understand, disabled means no recording at all, while keeping private means your data is already transferred and access is granted to parties based on how private is defined in the tos.

There's a significant difference in that your phone has a limited battery, in which actual audio recording and data transmission would deplete quickly. Even if you were to use the hotword detection, you can be reasonably confident it works as claimed (only listening for the hotword passively), because it's nearly impractical for it to do anything else all the time.

As phones get better and more capable, I do get more worried about this though.

I agree with this. I'll happily experiment with these "home assistant" devices only once they can be used completely untethered from the Internet. I don't even mind if it's listening to audio 24/7 as long as it does not have the ability to send it all home to the mothership.

I will start to integrate an always listening device into my home when I can get one I control.

I do use a phone I don't control, and it is mostly sandboxed into social activities. Yes, it does potentially listen to me, and I am aware of it, but it won't take control of anything that is not a social activity.

At the risk of sounding like a Luddite, what exactly is the utility of these devices? I find voice input still to be very cumbersome. Except for obvious applications such as driving in a car, I see no viable usage scenario where I have to utter my interactions out loud. Which scenarios am I missing/forgetting here?

In our home the Echo devices are used throughout the day for home control tasks. "Alexa, turn on the kitchen lights", "Alexa, close the east garage door", "Alexa, is the front door locked?" etc. The kitchen Echo sees a lot of action around dinner time for things like timers ("Alexa, set a timer for 15 minutes"), conversions ("Alexa, how many cups in a quart"), and grocery lists. The hands-free nature of these interactions are particularly helpful when you may have your hands full while preparing a meal.

I have a fair amount of home automation kit deployed which I find fun to monkey around with but the rest of the family never really cared to interact with until the Echo came into play.

These are good scenarios, thank you. I still have some reluctance because I am not sure how dependent Alexa (or the home automation system, for that manner) is on services that are outside my control. I recall that a lot of these products went belly up, leaving their customers stranded.

I strongly recommend checking out Home Assistant, which is fully self-hosted and open-source. The Alexa integration requires the cloud (because that's where Alexa lives), but nearly everything else my system does is under my roof and under my control.

Alexa, set a timer for [five minutes before I'm to pick up my son]. Alex, play [some music/some [genre]/[specific album]]. Alexa, turn on the FireTV. As I am about to leave: Alexa, turn off the TV. (the latter two thanks to the Yonomi app + a Logitech Harmony Hub; everything you can make a Harmony Hub remote control (IR, bluetooth), you can start/stop via Echo + Yonomi)

[Alexa, self destruct (yes, it knows that one; and responds with a number of alternatives - "Command code not recognized, self-destruct not initiated", "Auto-destruction in 5,4,3,2,1,boom, hmm that did not go as planned" and more)]

These are not big things, but there are lots of little things where before I might have to take my phone out (or find it), or realize with my hands full I forgot to turn the TV off, have to put stuff down and go back into the living room to turn it back off, then pick my stuff up.

I agree: Voice input is cumbersome for anything complex, and I also read fast enough and have a visual enough memory to not want it to read to me. So I only use a fraction of what it's useful for. But the ones I use it for have quickly become very ingrained little conveniences. Turns out you can do a lot with just turn on/off [device/group].

Thanks for clarifying :-) While these are simple scenarios, I now realize their utility.

Amazon Tap has been a good compromise for me. I mostly just use it for playing music, and it serves that purpose very well. The portability over the Echo varieties is also better for me.

I suppose it's possible that it's still listening, at the same risk you run by having any device with a microphone connected to the internet.

I agree with other commenters who aren't sold on voice commands as efficient, but even my four year old (who can't read) can play music on the Tap.

I notice that in the log of the recordings that it made, it specifically says "started by hotword."

If that had instead said "started by long press," I think this may have been easier to figure out as a button issue versus a voice recognition issue by the user.

Is that a fake static field in the log, or what?

I imagine the following transpired.

Team Member A: "We're going gold next week, Product decided we'll be including touch support after all - the Hardware guys worked out the kinks just in time"

Team Member B: "Hmm, that's a little tight. Perhaps it can be a simple change, we will re-use the tested code paths and only test additional touch integration"

Result: on_longpress(trigger_hotword());

+1 to google for sending a guy to pick up a defective unit at 9pm on a Friday, gotta say that is dedication

Google deserves absolutely no kudos for this. Their customer service is well-known for being a nigh-impenetrable monolithic black box, the only reason this got taken care of so quickly and personally is because they want to avoid negative press of the Home being a literal surveillance box. If you have a problem that won't hurt their PR, good luck getting any assistance from them.

I'm highly critical of Google in general, but this is indeed an amazing response from them, and is above and beyond what I'd expect from any tech company.

Though, I have to wonder if the response was so urgent because the author is a journalist who specifically writes about Google products (which he indicated to them right away). They really had no choice but to respond immediately.

Yes, this is what happens if you are well known blogger with a large following and happen to have private contacts within Google's marketing department.

The average user will not get anything remotely like this response, and it's dangerous to hold this up as a positive representation of Google's support - their support was never even involved.

Seems like this may have been less out of concern of bad press and more because of the author's agency as a journalist. I'd imagine a most bug reports have trouble standing out from the "noise" surrounding Google's day-to-day operations, but the author can make their request a little "louder" so Google noticed. Probably helps too that it sounds like the population of people with the home minis is currently pretty small (only attendees of the release event).

You'd think we'd have some sort of baseline for an "acceptable" number of queries. Alarm bells should probably go off if a home thinks people are talking to it 24/7.

Disclaimer: I work at Google and don't actually have any idea how any of this works.

They were already parked across the street in a windowless van so it wasn't really that dedicated.

"I iz here frum da Google tu replace unit, yes?"

I guess mentioning you work on a story and publish in a day will make a difference.

Dedication ? They were just afraid of really bad PR that could (will) result from this.

This issue should be caught earlier. Instead of pushing people to work on Friday evening, give them more time to test the crap out of the stuff that you want to release.

I think the Google engineer that, years ago, missed a flight connection to write a MapReduce from the airport that restored corrupted data is perhaps a step or two beyond...

That sounds interesting but from searching around I can't find anything about that, do you have a link?

It was a decade or more ago; I'm not sure there are links out there. Although legendary internally, there's at least one more recent and more epic MapReduce-based story. In order to fully understand it, though, you'd need to reveal details about search infrastructure.

Meanwhile, A2DP on Android is still broken ...

(Just a random issue on Google's support forum that has been open for ages)

Not only that, but also diagnosing the problem on Saturday and Sunday. Kudos to the Google Home team.

"We are working on a story and will publish in the next day or so," makes a lot of people get up at 3am

ask them why your adsense got cut off and see the response time.

On the other hand, "if you're not here on Saturday, don't bother coming in on Sunday." When did this become admirable again?

It should be admirable, precisely because it should be exceptional.

Sometimes it really does hit the fan, and sometimes it really does need to be now. That is the nature of the industry. We just need to make sure it’s remarkable for the right reasons.

Even in Germany, and Scandinavia – with our extreme employee protection laws – in such emergencies, employees are allowed to work during the night, on a weekend (just for double pay).

These are exceptional examples, but completely normal, and acceptable.

The question is whether whoever did the work got weekend overtime pay.

At Google, you get extra pay for off-hours oncall.

At OT rates I trust and a payment for being on call

No, certainly not. Most of my off-hours oncall shifts look like me sleeping while nothing is happening. But it is a nice bonus that I'd prefer not to give up.

These days I accept nothing less than full time pay for on-call status, even if that looks like me sleeping while nothing is happening. Of course, that means I almost never get asked to provide on-call service, but if a company is exerting some control over my time, they're going to pay full value for that. It's not about what I'm doing, it's about what I'm not able to do. I can't travel, I can't drink excessively, I can't ignore my phone or put it on do not disturb, I can't be too far away from an internet connection, etc.

And those things deserve compensation. Full time pay? I mean everything is negotiable but that one is a hard sell.

Yes having a payment for being on call say £500 for 1 in 4 but expecting fulltime pay while you on call is just silly

Price is just the intersection of supply vs demand. You arbitrarily choosing £500 is no more or less silly than me choosing 1x base rate or even 10x base rate. It just sounds like you're more willing to let work intrude on your private time than I am. Neither of us is silly for that.

There's negotiation and asking for the moon on a stick - you just get laughed at.

I guess that's a matter of perspective. I'm not trying to sell it. In fact, quite the opposite.

There are several different tiers based on the SLO of the oncall, usually measured in something like minutes to a keyboard after a page.

The compensation varies based on the tier.

Special support for special people makes me want to use their surveillance devices even less.

Title should be changed to be less clickbait-y.

Perhaps: Some guy’s defective Google Home recorded everything and they had extraordinary customer support and fixed it.

Well, hold on -- it's not a production defect, it's a design defect. "Some guy's defective Google Home ..." unnecessarily plays down the likelihood that it will impact actual customers. BTW the "extraordinary customer support" only took place because he claimed he was going to publish a news story about it. I would describe that instead as "Google swiftly invoked their extraordinary marketing/damage control team."

No, the explanation points to a production defect:

The Google Home Mini supports hotword activation through a long press on the touch panel. [Google said it] is seeing the touch panel register “phantom” touch events.

How widespread the production defect is remains to be seen, but it is a newly introduced feature that apparently has seen too little testing.

Googles support for normal customers is pretty bad. I have two google homes. One of them refuses to work with my lights and nest. Their response was to “switch what rooms they’re in”. Because you know, that will fix a software issue.

It was a production defect, it was not working as designed. The software fix to disable the feature on all devices before they start being sold means there is little likelihood that this specific problem will impact any customer.

Google jumping to fix it now helps their bottom line as much as their reputation, and is just smart business. Trying to cast it in a negative light seems biased, its more a "common sense/good business decision" than a positive or negative action.

Or, with less marketing, Some guy’s defective Google Home recorded everything and the company deployed a fix for it.

To be fair, when it comes to Google, receiving any customer service is extraordinary

Apparently the trick is to have a well-read blog and write to their PR people...

"fixed it" like the Bobs "fixed" Milton's payroll glitch

The notion that voice recognition is still hard enough to require doing it on a server somewhere still bothers me a lot. IMHO there should be no excuse for this today. I understand that the device needs to be connected to the internet anyway, but this whole thing is such a gimmick it's not worth the privacy risk.

[edit] to clarify I think speech to text can be done on a device today, that's why this bothers me.

> voice recognition is still hard enough to require doing it on a server

I'm not sure this is true, it's just that since they are phoning home anyways, why commit to extra local hardware to change sound bytes into text words?

I would love to see an offline version of one of these with an easy API (do any high quality ones exist?). If I then wanted a generic Google request to give me the first Google response, so be it.

The awesome folk at Snips are challenging the idea that you can't do it locally https://snips.ai/technology/

Nice. I wish every route I took there didn't require me to sign up. But I did find https://github.com/snipsco and am browsing now.

> is still hard enough to require doing it on a server

Hot word detection would suggest that voice is easy. "Accent" and "Intent" recognition is the hard part.

Not sure what you mean exactly but this seems wrong. These devices do hotword (and speaker) recognition largely locally, but speech to text is done server side.

They aren’t nerfing all Home Minis, just disabling a feature in an early batch of them that caused it activate far too often.

So many words to explain a very obvious (since it indicated it was listening) bug.

When the first home assistants were announced, I was excited. [..] I didn't give too much thought to these privacy concerns because they all sounded theoretical and unlikely

That's interesting and more than somewhat disconcerting, coming from a tech journalist.

Tech journalists aren't typically in the business of criticizing the introduction of new gadgets and online services; that sort of thing is their lifeblood. In many cases they must cultivate relationships with tech companies to obtain stories, free trials and sample products. Don't bite the hand that feeds you.

Follow the money and take all journalism with a healthy grain of salt.

At least they took it seriously. Obviously they're going to be a lot more responsive to a well-known tech blogger, but either way google still doesn't usually make house calls.

Because they know if the bad publicity around this becomes viral it will kill the adoption of smart assistants for the next 10 years.

That was well dealt with. Especially the part about deleting all long-press recordings from the servers. Very thorough Google!

Hmm, not really. If they know it's from a long-press, at least the activity website should say so, and not from "hotword activation".

But otherwise, yes, this is stellar. Also, hardware is hard.

What about deleting everything from backups? Will they spend time to search all of the backups they have and delete that data? Is the data really deleted or just marked as deleted so it's not shown on the website?

They don't need to search backups manually. All products are required to have automated pipelines (along with monitoring) to wipe out user data.

Any source on that?

There's an example of the Music pipeline going wrong:


Another reference for Fi: https://www.linkedin.com/in/pliu1/ "Redesigned and refactored the Fi user data deletion system to ensure compliance with data deletion policy, to add instrumentation, and to improve performance"

There is a dedicated team that tracks compliance for all products. (source: I was at Google)

Not only that did they destroy the data on the disk or only delete the named links to the data.

Oh, hell no. I've held off on getting an Alexa or a Google home partially for this reason. My main reason for not getting one is because I think they are actually pretty useless and I find it kind of annoying to have to pretend to be a robot to get them to understand me.

But -- I also realize that they literally can (and clearly do) collect your audio data 24/7. In this case it was a "mistake" on the part of Google, which they quickly worked around by commenting out some code in the firmware. But all it would take is probably a few lines of code and an automatic update to turn on 24/7 audio collect for all Google Home users.

My theory with Amazon's Alexa (and probably Google Home) is that they lose money on these things, because they don't actually care about making a profit on them. The whole idea is to collect as much audio data as possible to improve their machine learning models.

It's a race to see who can collect the most data on their customers, and ultimately develop the best and most comprehensive speech recognition model on the market.

Sorry that this is quite tangential to the topic of the article, but it opened my eyes to the existence of Apple-level worshiping of Google -- eesh. Just the sheer scope of how this person is involved with Google customer products is astonishing.

Are there any serious FLOSS alternatives to these devices?

Mycroft.ai, perhaps.

These assistants seem like a privacy nightmare.

Are a privacy nightmare.

Soon someone will bring one out called a telescreen, and people will but them voluntarily.

Don't we already carry them in our pockets?

Soon? Didn't Amazon literally just release that?

Try running tcpdump to see what servers your computer connects to. Lets open chrome, and type something into the address bar ... erm, sorry, the search bar ...

What would have happened outside of California?

These kinds of things always make me wonder ('Member that whole Apple-Deleting-iTunes-Library-Thing).

I'd love that kind of support.

You have to be very naive to use these products in your home or office.

Odd that google's device could comply with all of the industry standard best practices, home automation regulation, code audits, licensing requirements, and privacy guarantees and yet still have such a bug.

What regulations? What guarantees? There really aren't any at this point. As for 'best practices' that's a laugh, sadly. Home Automation has been all over the maps, for decades now, and it's not looking like it'll stabilize much any time soon. This is, perhaps, a good thing, in that innovation continues to occur when things are in disarray. A patchwork of various pieces from different vendors might seem inconvenient, but that also brings along a lot of diverse approaches and innovation. I'll trade that against dominant market player arrogance any time. Nice to have options, even nicer to have the suppliers fighting each other through innovation.

"That's the joke."(TM)

Ah, good sir, you are asking some good questions. Best not go any further, if you know what I mean :)

Is this touch button similiar isolated that the keyword detection part?

Sounds like a software button.

How is something that can hear everything you say not record everything you say?

When you are watching a video on youtube, are you recording it?

Of the two options, "hotword" and "physical touch", I'm surprised at which was disabled to prevent false positives!

If they'd disabled hotword, then the phantom physical touch would still happen, so literally nothing would've been solved.

Sorry I wasn't clear enough making my point:

I'm surprised that the implementation of a (simple) physical button was done badly.

I'm surprised that the (surely more difficult) hotword detection works so well.

My guess is that location could have helped trigger the defect - assuming they're using a capacitive touch button, then moist environment of a bathroom isn't exactly helping (doesn't change that it's an implementation issue, though).

Capacitive buttons are also highly sensitive to noisy ground busses. A cheap power supply can make one go haywire.

Want to bet the developers all had good clean power while the production units got cheap Chinese bricks?

That's cute, you think it was an error or mistake that it happebed. Instead, the only mistake that occurred was that you could see what it had been doing this whole time. But don't worry, the next box they send you for free, one in which this "mistake" can never happen will be arriving shortly!

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact