Hacker News new | past | comments | ask | show | jobs | submit login
You’re muted – or are you? Videoconferencing apps may listen when mic is off (wisc.edu)
478 points by sizzle on April 13, 2022 | hide | past | favorite | 343 comments



I feel like they're trying to make an insidious suggestion about the usage of these. IMO, there's likely a good reason - user experience.

At a hardware level, grabbing the microphone can take time. Even worse that timing is inconsistent across devices, workloads, etc. That leads to a bad experience when unmuting and needing to delay your commentary. The solution to this is to keep the microphone on, but mute at a software level. This way the mic is always hot and ready to relay audio as fast as the software can switch.

I'd be somewhat willing to bet continue to stream audio is also a quality assurance mechanism. Some networks will shape traffic according to load. A quick jump in bandwidth can introduce unexpected jitter and latency. By continuing to stream audio (but not necessarily process or re-transmit), video conferencing can better ensure an un-interupted experience.

----

With that being said, if you really care about privacy, consider getting a hardware mute microphone.


Honestly, it feels like most people here aren't reading the article.

> The researchers then decided to see if they could use data collected on mute from that app to infer the types of activities taking place in the background. Using machine learning algorithms, they trained an activity classifier using audio from YouTube videos representing six common background activities, including cooking and eating, playing music, typing and cleaning. Applying the classifier to the type of telemetry packets the app was sending, the team could identify the background activity with an average of 82% accuracy.

How is this not extremely concerning for anybody who cares about privacy?

How about we not make the default that companies can do whatever they want and users have to take steps like a hardware-muted mic (which isn't always an option) to ensure a basic expectation of privacy?


"They found that all of the apps they tested occasionally gather raw audio data while mute is activated, with one popular app gathering information and delivering data to its server at the same rate regardless of whether the microphone is muted or not."

The way I read that is, only one of the apps actually sends audio data to the server when the mic is muted. I'm not sure why they don't say which one, and I'm not sure what is meant by "occasionally gather raw audio data" but it could be as innocuous as the mute button not updating and a half second of audio being sent before muting starts. Nobody is building a machine learning profile out of that.

The real story here should be that one app where the mute button doesn't actually work. The others are all operating normally as far as I can tell.


> I'm not sure why they don't say which one

Yeah, that's very annoying.

Zoom, for example, will tell you, when you are muted and you begin to speak. It's a very nice thing.

I have a microphone (that wasn't expensive) that has a hardware mute. I use it when I really want to make sure I'm not heard, even for "speaking" detection.


> Zoom, for example, will tell you, when you are muted and you begin to speak

MS Teams has that feature too.

TBH I'm not surprised: when you mute the mic in an app, you're still letting the app in control. If you really want to be safe, you need to mute at OS level or in hardware. That's why cameras have a hardware cover in modern laptops.


Precisely, this is why I think the earlier comment's suggestion:

> How about we not make the default that companies can do whatever they want and users have to take steps like a hardware-muted mic (which isn't always an option) to ensure a basic expectation of privacy?

Sounds nice on the surface, but is ultimately silly. Sure, it'd be nice if everyone did the right thing, but you can never guarantee that, and hence if you really care you need to perform the mute at a lower level than what the app has access to.


Well, I have hardware buttons, too. But without some basic trust, this society could not operate anymore.

And the increasingly (or is it just perceived?) shady behavior of big companies are not helping.


>But without some basic trust, this society could not operate anymore.

I am afraid this eludes our leaders across the board.


The apps can control the sound devices at the OS level too. But fortunately most(/all) don't, so muting in the sound server / OS is generally safe.


MacBook pros already have a mute-speaker button.

It would be so nice to have a mute-mic button which lights up when muted.


My Dell laptop from work has this feature, there is a mute mic button and it lights up. With my desktop I have a usb mic that has a mute button and a red/green LED to indicate the state.


Ironically this is a good use case for a Touch Bar: a button on your keyboard that is only there _sometimes_ because it’s only needed in certain contexts (when you’re on a call)


The touch bar is like an idea that works really well in your head. It has so many theoretical cool uses. But in reality I end up never using it for anything.. I would have been happy if the new one had the touch bar and the function keys, but that would have been extra cost for a feature people just aren't using.


After using a stream deck for some odd automation, I think the real flaw was having the touch bar be so contextual, and replacing the existing function keys. Had both existed, and and allowed the user to extend their customisation; say buttons for common actions, siri suggestions, shortcuts it may have been perceived differently, and more of power user tool.

Most of the actions just duplicated existing UI elements.


I think one thing that makes an external stream deck work, is that it is a separate context sensitive device, that is mentally separated from the keyboard.

So when you go to the deck to perform an action, you mentally context switch away from the keyboard, so your brain is looking for different clues.

So even with a touch bar + function keys, the function keys stay in keyboard context, but the touch bar requires that switch in any case. Maybe taking your eyes to the touch bar is enough of a context switch, mentally.


I liked the touch bar..

The problem was that it was too much of a tradeoff. Either a touch bar or function keys. I need function keys. The touch bar was useless for this purpose (no tactile feel).

Apple could easily have done both. There's more than enough space even on the 13" macbooks. It would have taken a bit of space from the vertical range of the touchpad but it's already comically large anyway.


It’s nice in theory for so many things (my favorite is choosing characters when typing in Japanese) but almost never overcomes the friction of using a third input device. I was somewhat of a proponent of it until I got a desktop, then I was happy to ditch it and have a consistent keyboard for desktop and laptop.


It might be but not really.

I carefully made sure I didn't mention the touch bar. I waited until 2022 to finally be able to buy a MBP without a touchbar (and with magsafe charger).

I would very much like a physical button with a reassuring tactile feeling to it. Like the mute button on the function keys row.


But then we're back at a software button, not an hw one.


For that you need an actual pro laptop like a lenovo which has mute button and led for Mic


Quite interestingly the only laptops I've seen with such a feature (button to mute and LED to display the mic is muted) are huawei's matebooks. Some of them also have the camera under a keyboard button, extremely weird angle but when the camera is hidden you can be 100% sure you are not being recorded.

The mic mute button of course works at the OS level but still...


https://frame.work/ hardware toggles disconnect the built-in microphone and camera from the USB bus.


Also controlled by the OS, but many ThinkPad's have such a button and light too.


My ASUS laptop has a dedicated mute mic button, not a key, on top of the keyboard.


> Zoom, for example, will tell you, when you are muted and you begin to speak. It's a very nice thing.

Zoom was discussed 2 months ago in "Why is the Zoom app listening on my microphone when not in a meeting?"

https://news.ycombinator.com/item?id=30266894


There's a weird culture around reporting problems without reporting names. You see it a lot here on HN and occasionally in media. I'll never understand. Why bother talking about corporate misbehavior (or etc) and not back it up with the basic, minimal data you could provide?


I imagine it's to avoid getting sued by the company behaving poorly. Companies bring lawsuits against good-faith security researchers all the time to try to silence them, so if you were a researcher, why would you expect the one company among the several you researched who's potentially misbehaving to not misbehave by trying to sue you into silence?


Makes claims impossible to falsify, without naming names nobody can poke holes in your analysis.


Or, you know, keeps your ass safe from being sued...


Anybody can sue you at any time for any reason.

For libel and slander cases though, telling the truth is a valid defense.


This view vastly underestimates the ability of a completely wrong party to sue for slander. In the US at least. You see this with pseudoscientific snake oil salesmen all the time.


>Anybody can sue you at any time for any reason.

Which is neither here, nor there, as some are more likely to sue you than others.

>For libel and slander cases though, telling the truth is a valid defense.

Which is neither here, nor there, again. Not everybody wants the hassle of going through a lawsuit or the time and money costs associated, even if they have a "valid defense".


In theory, but assholes often aren’t creative, and justice system is as it always had been, so,


They state that their findings will be presented at Privacy Enhancing Technologies Symposium in July. So it seems they want to keep some info for that event.

Should i hazard a guess, it would be either Zoom or Teams.


My guess was going to be Google Meets because I suspect this happens in order to pipe audio to their voice to text translation engine they use to offer you the live closed-captioning feature.

As well as, I assume, to archive a text indexable/searchable log of your conversations. I say this latter part based on multiple experiences I've had receiving clearly targeted advertising for topics I make random passing jokes or commentary about in live conversation, but which I've never once searched, click-imprinted, etc. for online. But, this is purely suspicious speculation. The live closed-captioning feature is a real thing and a thing I could absolutely see resulting in Google always sending audio streams to their backend for.


> You see it a lot here on HN and occasionally in media

It makes some sense here on HN where people often post under their real names and want to think carefully before badmouthing a former employer, or otherwise picking a fight.

I agree that journalists have little excuse.


> I agree that journalists have little excuse.

Except wanting anyone, ever to talk to them again about something controversial.


I disagree.

Bob Woodward has gotten PLENTY of high level politicians to talk to him candidly even though he's publishing what they are saying often in an unflattering light.

If someone as famous as the watergate guy can STILL get politicians to talk to him, what does a random journalist have to fear?

I mean, FFS, the gamer nexus guy got newegg to talk to him even after blasting them about ripping him off and letting them know "we are recording everything".

Journalists are acting like a single inkling of a bad word said will lock them out of access to everyone everywhere. The truth is, there are so many journalists out there that one could make a career of asking hard questions and publishing unflattering statements and the STILL would likely not be recognized by most individuals if they asked for an interview.


> Bob Woodward has gotten PLENTY of high level politicians to talk to him candidly even though he's publishing what they are saying often in an unflattering light.

Woodward is absolutely one of the few exceptions, if not the only one.

He publishes on a long timescale with dozens of sources, not a short timescale with one or two.

So everyone knows the story will come out but not immediately, and everyone knows everyone talks to Bob.

But like it or not, most (not all) of the people he talks to have less to lose, because they are at or close to the apex of power in DC; there will always be jobs for them elsewhere in the USA, in a thinktank or on a board somewhere.

(It's also worth noting that Woodward's most famous source was anonymous for essentially his entire life)

In the real world outside seats of government, talking to a journalist on the record about stuff you should not often means you are the single source -- the only person who made the unflattering or damaging story possible, in a story that maybe won't wait even a week to be published.

It puts you out there on your own, gets you fired, makes it difficult to get immediately re-hired, and I suspect for an American with a family in an at-will state makes telling the truth on the record a luxury they can't afford.


The gamer nexus guy? He got a 1-on-entire-team-of-PR-and-customer-service-people interview at a deep-discount computer parts company in their own office to discuss known implications of decisions they deliberately made. THAT's your benchmark?

Nothing about that situation has bearing on whether people first think of safely concealed sources or being publicly dragged through the mud like Chelsea Manning and Edward Snowden before sharing things far more important than entitled rants about customer service for entertainment-related products. My lord.


this is a press release about a new study not a news article


Maybe their research is ongoing, maybe they are afraid of being sued, maybe they'd rather not harm a company so reputation without fully understanding why they do this


So why did they publish the text now then (other than obviously for self-promotion)?

Why not finishing their research first, discussing with lawyers how not get sued, and contacting the company about it so that they can fix it or comment on it, and only then publishing the proper, responsible research that is actually useful to someone?


I have said negative things about someone's favorite product and then abandoned a thread (not here on this site) because the stream of hate that followed drowned out the original message.

People can be irrationally attached to the things they use.

As a farm kid growing up, you didn't step between two guys arguing the merits of I-H and J-D farm equipment (1970s...)


In their actual paper[1] they identify it as Webex.

[1] https://wiscprivacy.com/papers/vca_mute.pdf


Webex will by default listen for ultrasound emitted by some video conferencing devices for easy stop. If you disable this, does that change the results?


I was suspecting this was webex, I use an external audio device (plantronics/polycom Calisto 7200) that has an indicator when the microphone is active. It's only anecdotal, but for me when the webex ultrasound features is activated, the microphone is constantly active as long as webex chat is running. When the ultrasound detection is disabled, the microphone is disabled when not in a meeting. As an aside, this setting was reset recently, but that just seems like the ongoing dark pattern/incompetence of "forgetting" privacy settings between software releases.


My understanding is that it activates when you make the Webex Teams/Meeting the application with focus, and should turn off some time after it is no longer the active application, I think ~60 seconds.

It is doing this for the ultrasonic room detection feature, which can be turned off.


> The way I read that is, only one of the apps actually sends audio data to the server when the mic is muted

You're reading it incorrectly.

The paper outlines that as far as they can tell Webex is not sending audio when the mute button is pressed, but is gain and other parameters, based on this audio. And this has been reported to Webex, and they are investigating.


"occasionally gather raw audio data" could be used to remind you that you're muted when you're trying to talk. I've seen that in either GoToMeeting or Zoom


Because a video conferencing app with a bad UX is going to be quickly supplanted with one with a better UX; the privacy concerns of being spied on by a video conferencing app while you are muted is very minute for most people.

There should be a line between "companies doing whatever they want" because of some implied "nefarious" reasons, and "companies doing whatever they want" because their customers want a better experience even if it has security/privacy implications.


I have been using Microsoft Teams and its hard to imagine anyone buying it for the user experience, yet it's not an unpopular choice. It seems more likely to me that the fact that the organization already had a bunch of managed Microsoft software was the most important selling point, and that this is a common situation. "Admin experience" if you will.

So sure, Teams gets some things right, UX-wise, but for every "notify the user if they're speaking while they are muted" there's a "randomly scroll the chat back down while you're looking through history", a "randomly make it impossible to erase a link with backspace in the chat box" or a "don't let people see who is participating in the conference", and there's little incentive for them to avoid crap like it and avoiding whole categories of bugs because people are buying it for other reasons.


Because a video conferencing app with a bad UX is going to be quickly supplanted with one with a better UX

For the vast majority of users, price beats UX. If a company can keep their app free by selling user data, they will out-compete paid alternatives, regardless of the UX.


This is not how enterprise software works. Audited data privacy is a core selling point of enterprise communication systems like Slack and Zoom, which are able to charge a lot of money for enterprise licenses and have very viable business models. You're right that this may not work in the consumer space, but that battle is already lost -- there are myriad free communication options available to consumers such as messenger calls, facetime, etc.


> Audited data privacy is a core selling point of enterprise communication systems like Slack and Zoom

Is Zoom audited? Zoom had been lying for about having end-to-end encryption, for example, until they were caught by the US Federal Trade Commission. Surely, something like that would have been discovered earlier in an audit, if they were audited and the audits were worth something.

They were also sending data to third parties like Facebook and Google through their SDKs.

https://arstechnica.com/tech-policy/2020/11/zoom-lied-to-use...

https://arstechnica.com/tech-policy/2021/08/zoom-to-pay-85m-...


They also kept microfone on after closing calls, and reverted after getting caught https://thinksproutinfotech.com/news/zoom-update-fixes-macos...


Seriously, who in their right mind is using Zoom at this point? They've been "accidentally" collecting people's data, disclosing people's data to others, and have been caught lying so many times there's nearly zero chance that it's just total incompetence and even if it were, why use something made by people who are that bad at their job?

There are so many alternatives, how is it Zoom has any business at all?


> how is it Zoom has any business at all?

Zoom was the first videoconferencing software I experienced where the first 15 minutes of the meeting was not spent with "can you see me," "can you hear me," some people falling back to dialing in to a speakerphone, and one or more out-of-band calls to various participants to troubleshoot problems.

Zoom was click a link. And it worked. Nobody cared much about anything else beyond that.


Perhaps I am misremembering but I remember using Skype 9-10 years ago without any issues. Zoom does not seem to be that much of an improvement in terms of ease of use


But is Skype that way now? Zoom was in good position when the pandemic made everyone pick a video conferencing app. Some of the competition (Webex comes to mind) got slapped so hard they basically copied the Zoom interface in order to stay somewhat competitive.


This morning my boss tried to host a meeting on his favorite Zoom substitute. The first 20 minutes were spent trying to fix a ten second delay in his audio. Finally we just switched to a Zoom call, and it worked flawlessly.

There are only two videoconferencing platforms I've never had any problems with: Zoom and Google Meet. I don't trust either company, but sometimes you just have to get your work done.


this was definitely a thing in windows too although no idea if changed now - I remember zoom running in the tray would cause the microphone to activate even outside of calls. I was weirded out by it enough to stop running zoom on startup and eventually replace zoom with other applications that didn't exhibit that behaviour.



Where does it say that the code was audited? And where does it say who did it?


Considering the trouble I have with WebEx again and again UX indeed comes late.

I often call it "golf-course-ware" the sales person goes golfing with the executive, they discuss features and prices and discounts ober the match and the executive typically doesn't have to use the software but only their employees or the assistant.

Interestingly Zoom for me was a game changer in usability and it spread during pandemic, when executives where at home partially without their physical conference room with video conf setup and without assistant.


Zoom’s better than it used to be, still some big orgs and their IT security treat it (with some justification and I think informed paranoia) as something to be tolerated due to client demand and avoided for anything sensitive.


I don't know about this, Zoom has been taking over the enterprise world and they have /awful/ security.


Mostly agree. Price has a higher weight than UX but a bad enough UX will succumb to reasonably priced competitors.

Anecdotally, privacy/security seem to be on the bottom of the stack. Platform support and necessity for work are above them all.


I think there are two different problem here.

1. When the mic is soft muted, information is getting sent to the conference provider which could leak information about private matters.

2. When the mic is not muted all information is definitely going to the conference provider in a way they can decrypt so they can mix it.

That is to say that when using most conference software, you have already granted then access to contents of the meeting.

If you can't trust them to not miss use information they get when the mic is off, then you also can't trust them when the mic is on.


End-to-End encryption for group video and audio is now supported. I'm not sure it works or who is supporting besides Signal, but it is apparently not not required that the conference provider decrypt the streams to mix them.

https://mashable.com/article/signal-end-to-end-encrypted-gro...


Element/Matrix also support e2ee.

Jitsi has supposed e2ee videoconferencing (on Chrome - they used some chrome-specific API for processing) for (I believe) at least a year or two.


The API is called Insertable Streams. It's not actually supposed to be Chrome-specific, others are just lagging in implementing it.

Element has native E2EE for 1-to-1 calls, but uses Jitsi for group calls. Native E2EE group calls actually also exist, called Element Call (https://element.io/blog/introducing-native-matrix-voip-with-...) but they're yet to be integrated into Element and specced into Matrix, I believe.


Jitsi's own solution I assume (also on Jitsi Meet), and not the usual XMPP/Jabber that (non-Meet) Jitsi uses ?


> it is apparently not not required that the conference provider decrypt the streams to mix them

I don't believe this could be true, and the linked article doesn't have the word "mix" anywhere. I imagine that there is no mixing happening until after decryption on the client device. Of course this means that every audio source goes to each recipient discretely, which means more bandwidth, but audio (especially near-silent moments therein) is lightweight enough for reasonably sized groups. Obviously this same n^2 scaling issue happens with the video anyway which is never mixed.


That's correct. You can't mix without decrypting. Signal does not mix at the server because it can't.

More info is available at my blog post about it: https://signal.org/blog/how-to-build-encrypted-group-calls/


Good stuff, thanks!


> How is this not extremely concerning for anybody who cares about privacy?

I manage some properties for a family member on the side, one of which is in a very bad neighborhood. When I travel to this neighborhood I have a certain state of alertness that I would not normally have in my boring suburbistani neighborhood. This is better known as "situational awareness" - the man approaching me in my own neighborhood is likely a just having a friendly conversation, the man approaching me in bad neighborhood is guaranteed going to at least try to bum a smoke off me, which I don't have as I don't smoke, and will likely act belligerent if I refuse to give him money as a follow-on to the request for a smoke.

Contextually, I expect a video conferencing software to be listening to and watching me even if it doesn't necessarily reflect in the UI, it has the capability and is actively meant to do so. As such, I explicitly don't have any form of sensitive conversation in the vicinity regardless of status. On the other hand, I do not expect it to do so when not running nor my laptop to do anything similar.

Perhaps there is a legitimate criticism to be made here of poor UX around "not listening" - but to paint this as an "extremely concerning" issue is sky-is-falling critique. This over-the-top concern seems further alarmist in that both my laptop and phone display clear and obvious warnings to the user when the microphone is hot.


If your VC software decides to perform signal processing on the microphone input while it is running but you are muted then yes, it can determine things about your behavior.

But that's true for literally all applications running on your computer. Evil software running on your machine can do all sorts of bad things.


If software that actually exists is really already sending "telemetry" that can reliably identify your activities in the real world the concern isn't that theoretical anymore.


You can tell that an application accesses the microphone these days.


It's not that simple. An application could have access to the microphone, but an OS could be providing the mute functionality, thereby not passing any data to the app even if it keeps access to it (there are hardware/software issues with releasing and reaccessing it with extremely low latency like one expects of a mute/unmute button).

The problem, as reported in the article, is that apps are not making use of the OS mute, but are instead still reading from the microphone, and some are even passing the readout to their servers.


On Macos, there is an indicator dot in the status bar, on all chat apps, the mic dot is always active while the camera dot does turn off when the camera is disabled. The most likely situation is that turning the mic and camera on at the OS level has delay which is acceptable for turning on video but not for audio where you want to be able to respond to something quickly.


> But that's true for literally all applications running on your computer. Evil software running on your machine can do all sorts of bad things.

This is why I personally insist on using the web version of streaming software over an installed binary.


> How is this not extremely concerning for anybody who cares about privacy?

Because they're not actually doing that?

These researchers did everything they could think of to come up with the most concerning headline.

I imagine someone, somewhere is going to make a video conferencing app that closes the audio interface every time you press mute. I also expect few people will use that option because it adds additional latency every time you unmute.

I want my mute button to work ASAP and I don't believe Zoom (or anyone else) is interested in whether or not I'm eating while muted.


> Because they're not actually doing that?

>> Applying the classifier to the type of telemetry packets the app was sending

Are you sure they’re not? The used these algorithms on telemetry packets sent from browsers. I see no reason to give companies whose revenue is built on ads the benefit of the doubt here.


I don't think one should go to the level of making random bs claims about things, and then blaming the groups one is making the claims about.


Are you sure they are? That seems to be the bar we should meet when you make an accusation, right?

Besides - is it really super valuable to know that while I (thought I) was muted that I was cooking? Zoom's going to find out I... eat?


> and I don't believe Zoom (or anyone else) is interested in whether or not I'm eating while muted.

If they are, the continuing video feed is pretty likely to answer their question.


> ....and I don't believe Zoom (or anyone else) is interested in whether or not I'm eating while muted.

But the detectives with a search warrant are pleased to be able to listen to your private conversations.

The secret police who do not need a warrant (or legality) are glad to be able to listen too.

The staff at Zoom are happy to spy on you, probably, for a small reward.

A proper mute removes those concerns. A mute that does not mute is inviting a lawsuit


If these are your threat models, your microphone should have a hardware mute switch, and you should at least have something opaque to cover your camera.


There's no cost to privacy if it's all being written to /dev/null. I'm not worried because the cost benefit analysis is not even remotely in the video conferencing app's favor to listen to that traffic. Are they really going to use the compute time to analyze all this audio, then do what? Try and monetize data on what people are doing in the background of their video calls?

The technical cost of deploying this is probably large, and the cost to reputation immense if they were caught doing this. By comparison, giving people the additional sense of privacy by actually turning off and on the mic is likely more than outweighed by the annoyance of lag between turning on and off your mic and being heard by the other chat members.

Although they could do something like write random bits of audio to the stream when the mic is muted in software. That'd at least let users know that the actual audio isn't leaving their device. But the hardware peripheral activation is probably not going to go away.


Most of the time, audio that a videoconference app receives while the mic is unmuted is going to be a lot more useful for surveillance purposes than the audio the app receives while it's muted. If you're so concerned about the app knowing when you're eating 82% of the time, why would you trust the app at all?


> How about we not make the default that companies can do whatever they want and users have to take steps like a hardware-muted mic

You're implying government policy for how companies operate in this area... Which is worth pursuing, but we all know that usually ends up half way effective, requires a cat and mouse game of auditing and enforcement, or big companies playing fight club math with the fines.

Even if this was already the case for this particular issue, as users we end up never really being sure if a company is violating that particular requirement.

> users have to take steps like a hardware-muted mic (which isn't always an option) to ensure a basic expectation of privacy?

This should be the default, just like how operating systems and networking evolved over the past 30 years starting with a "trusts everyone" attitude towards a "trust no one" by default. We need to assume most companies are potential bad actors, the hardware and software that comprises the basic operation of our device needs to provide the user with facilities to control flow of information separate from third parties, especially when it comes to input devices. In the case of microphones and cameras hardware switches should be the norm, or at minimum indicator lights.

This could also quite easily be a government policy for hardware vendors, and I suspect it would be more effective... It only has to reach a threshold after which users expectations shift to force manufacturers hands, so it's direct effect need not be as comprehensive to be effective.


It is, just most people don’t care. And you can’t buy a little shutter for your laptop mic like you can for the camera.


You can control your microphone in your OS settings. While we are still on PulseAudio, check out pavucontrol for Linux systems. I am sure there are equivalent tools for Windows or MacOS.

There are also laptops with hardware microphone switches (eg. https://puri.sm/products/librem-14/ or https://frame.work/).


You can easily buy a microphone with a physical mute switch though.


Yes, more addons for the employer-supplied Mac. I miss my Thinkpads


Why did you move the goalpost? The comment you're responding to claims that there isn't a malicious purpose here. You instead claim to rebut it by saying that it's "concerning for those concerned with privacy". Can you see how those are different things?


It's amazing how many people down thread simply ignore or minimize what you point out here. And this on the same site where people get mad about the wrong kind of cookie which they always had full control over anyways ...


please go away and read about the architectural permissions for things like this, performance, latency and re-read this... if it bugs you throw away your smartphone or custom-compile lineageOS


Teams has a notice that it pops up if you're talking and on mute, and there's another for if you're not on mute but your mic is producing no signal (mic has it's own mute). I find those super helpful, personally.


Yeah, Meet does the same thing. I find it annoying, because I am muted because the kids are making a bunch of noise, not because I am trying to talk.

I am muting because I don't want the sound in my room broadcasted... if it was silent, I wouldn't have to mute!


In like 25% of my meetings, somebody is accidentally muted while they are trying to speak. The popup speeds up the process of them unmuting.


I still don't know how professionals keep making this mistake. Having used Discord for so many years, this has never been a problem aside from a select few people who had very clear reason to mute themselves. Meanwhile in professional settings, people seem to be falling for this over and over while lacking the common curtesy of not letting random environmental noise bleed through (read: their mics are barely ever turned off).

Not to mention push-to-talk has solved this issue for almost a few decades now.


>I still don't know how professionals keep making this mistake.

Because

1) most group calls that need people to be on mute most of the time are useless, boring, snooze fests, most attendees don't care about, so those 'professionals', who are caffeinated zombies half asleep, will space out and forget the status of their mic within 10 seconds of toggling it

and

2) most chat apps suck at drawing attention to the status of the mic and, if you have multiple monitors, you can be staring at one monitor (Jira, reddit, Redmine, HN, VS Code, etc.) while the chat app and the status of the mic is being displayed on another monitor where you're not looking

It's a mistake super easy to make. Still, better be safe and make the mistake of being muted all the time, than forgetting to mute yourself and have participants hear something you didn't want them to hear.

Ideally I'd want a feature that gives the image on all my monitors a nuclear red vignette, or something like that, whenever my mic is hot, so I don't have to keep paranoidly glancing at the mute toggle every couple of minutes, to make sure my mic is still muted, so they can't hear me mumbling on how incompetent management is and on how useless this meeting is.


It takes a long time for the masses to adopt software in the way you mention. I’d bet that discord users are not representative of the masses. The main reason I notice people talking while muted is 1) forgot they were muted 2) multitasking / distracted 3) unfamiliar with the software / how to unmute. #3 was probably #1 in summer of 2020 when everyone was just starting. The #1 and #2 I listed just happen. It’s common to never speak in a meeting. It’s common to never speak in a meeting and then randomly get called on leading to forgetting to unmute. It’s also common that your mic isn’t working and you don’t realize it until you do try to speak and everyone is say “you’re on mute”. This happens all the time with some Bluetooth Bose headphones and my work PC, some configuration has this device matchup to be a constant problem and my IT couldn’t care less about a permanent solution since they found a temporary one (reverts on reboot).

I know people that literally retired early when they were forced to use PCs in the office. Over 30 years later, many people can barely use the most basic features of their computer. All to say, I’m not surprised this is an issue and I don’t see people as a whole digging their way out any time soon.


We all have our shortcomings.

Some people don’t intuitively track the state of the video conferencing microphone, especially if they have cognitively involved jobs or lots of distractions. Mine are 1) the inability to resist that little self esteem boost from disdainfully highlighting inanity of other people’s shortcomings, and 2) making snide comments.

They’re both super obnoxious but I’m working on them.


People are not communication professionals. They are not ATC nor even pilots.

Still, PTT is the solution, preferrably in hardware. Not supported in sw anyway by e.g. Teams. In hw it keeps the mike-on symbol lit, and the device powered. Always having to push prevents ever forgetting to do so.

Discord's input handler sucks, uses semantic keys, not keycodes. Can't be mapped to an otherwise disabled capslock. TS and mumble can do that. Compared with those Teams audio looks like a toy.


Because in Discord you hop into an audio call and you're there for however long you want to hang out in the room. People can come and go from this room, but the room is persistent. In a job, you're going from meeting to meeting each with different attendees and stakeholders. You might have been on top of it in the morning for standup then 3 hours and a head full of code/spreadsheets/whatever later when you're discussing tech debt with other people you forget to unmute until your portion of the meeting comes 5 minutes into the start. Push-to-talk certainly helps, but if you're frequently talking in small meetings (say 3-5 people) then PTT becomes more of a hindrance than a help.

Personally I just have a headset with hardware mute functionality and a big red circle showing me it's muted. It remembers its muted status, so I just mute it by default and default my OS to use the headset's mic. That way I know quickly and easily when I'm muted and when I'm not, though even then I have small mistakes in the mornings when I'm tired. Over time I've optimized my meeting workflow because my company has gone all remote and I'm in a lot of meetings.


Main reason why I invested in a mic that has its own mute button with a very obvious red light when it's muted.

It also can keep the Teams mute status in sync as long as I don't touch it in the app myself (I believe through Teams detecting whether the mic interface is marked as muted or not, so it isn't exclusive to my mic).


I hate the latter, because I use a keyboard shortcut to mute/unmute the microphone on the OS-level. This works fine with Google Meet, but in Microsoft Teams I have to use the button in its UI because that pop-up gets in the way (also: Teams not working at all in Firefox, what's up with that?).


It's BS. I changed my user agent to Chrome and it worked just fine.


It is BS, but when I tried that, I had other things not working, like sharing my screen. So it is BS, but not merely for looking at the user agent of the browser, but for the software development incapability or unwillingness on the side of MS. (Edit: While basically every other voice chat / video chat web app works fine on FF, so basically everyone but MS and Slack has solved this problem years ago. Go figure.)


GoToMeeting also refuses to work in Firefox.


Yes, I have the exact same situation, and had to resort to uBlock Origin's element zapper because of how annoying that popup is. Of course it's an alphabet soup of minified CSS classes, so I assume it'll break the next time they update the UI.


I know! Eight zillion designer-hours in to one of the most-used applications of all time, and yet the "you can join now" popup blocks the "join" button.


Firefox is an unsupported browser - Teams works fine on Edge.


> Teams works fine for me on Edge.

"If you don't want to install our app, you can just install our browser."


Except it works when you supply the Edge user agent on Firefox, unlike Google services which are much harder to work around.


Define "it works".

For me, with this method, text chat works a bit (often forgets chat history on reload). Notifications get dropped all the time. No video conferencing at all. Sometimes I have to discuss with colleagues, why my teams acts weird.


My mic has a physical mute switch and it causes all kinds of problems with auto-leveling in videoconferences. Even with the switch left on, the mic itself rejects enough background noise to cause problems for the software that assumes half-broken built-in condenser mics.


I also considered this, but the article is talking about audio _telemetry_, not that they're keeping your hardware mic "hot" locally. Audio detection like that could be done entirely locally.


Very much this, it takes time to recapture the microphone and it's really annoying to lose the first part of what you say every time you unmute. I lead the video team at a videoconferencing app (gather.town) and we keep the microphone active when you mute for this reason.

As seems to be pretty common, for the sake of privacy we do stop sending audio to the media server. That's a tradeoff, since we're still susceptible to losing a little bit while the audio connection resumes.

Edit: as others have mentioned, also useful to keep bluetooth headsets in two-way audio mode rather than reverting to audio output mode, since that's really disruptive.


Just throwing it out there but maybe to avoid bandwidth spikes that might lead to latency depending on the setup, could you inject some kind of easily identifiable "is muted" signal along with white noise in place of silences? or would that sort of pre-mixing be too slow to do in real time on the client side?


Shoutout to gathertown. Love what you’re doing.


It’s something to be aware of.

The first time I had ever heard of Zoom, it was long before the pandemic and it was about how Zoom was a videoconferencing app that was installing an http server (read, a security hole on the user’s computer) which remained even if you deleted the app. This was to “improve the user experience” so that it could quickly reinstall itself if you clicked one of their web widgets to start a call.

It’s worth checking in on exactly what software is doing in the background, auditing its activity and coming to a more precise understanding of 1. The reputation of the company behind it and 2. How they came to have this reputation and whether it is still relevant.


My first introduction to Zoom was their malware-like pre-install install. https://twitter.com/c1truz_/status/1244737672930824193


That was March 2020?

This is from July 2019: https://daringfireball.net/linked/2019/07/10/zoom

After they were called out, supposedly they fixed it, but that tweet you just linked looks like more of the same nonsense which goes right back to my original point: reputation matters. If the first could be taken as honestly naïve, the second proves it was not. Zoom doesn’t go on anything I own or control.


For me the problem was that they were called out about the backdoor they installed on Macs, and then totally refused to do anything about it, and it took Apple to actually incorporate a system update to remove Zoom's malware.

I understand 'mistakes' happen (though this was way too elaborate to be a mistake). But to just shrug it off and refuse to do anything when it's discovered is just total ignorance of security.


Yep. I don't trust them at all.


On Linux at least, Teams continue to grab the microphone even after the meeting has ended. You can see this by looking at apps registered for "recording".

I'm not sure how that can be justified. Besides privacy, the issue is that this prevents the sound card from going to sleep, which may be an issue on laptops. But I guess this is insignificant compared to the rest of Teams' power consumption.


Teams is a real clustefuck, I do not believe it is a design decision but rather just poorly written code.


From the outside perspective, this must be true. Recently I have noticed, that Teams, unlike any other app I tried, is unable to properly distinguish between stereo and mic, when that arrives both at the headset jack (made for both, stereo and mic) of my laptop. When I switch in Teams to use that as mic, it means, that others hear themselves and do not hear me. I tried everything, but Teams is simply unable to take the proper mic input from the headset jack, while an app like audacity has no issue at all. Teams is utter garbage. Found topics on MS websites, where people are describing similar problems. The answers usually are: "Well, it is MS, what do you expect?" and no solution in sight. In the year. 2000 and 22. And this is what I am forced to deal with. So I had to go back to only have the output on headset jack and use the laptop internal mic, which very likely has much worse quality than my external on the desk standing microphone, which I am effectively unable to use, because I have to use Teams...

This stuff can drive you crazy. Each month there is some new annoyance or broken part, that I discover.


Teams and audio problems is pervasive. Since a few months I cannot use Teams on the iPhone any more [1] because they changed/broke volume control so that even the lowest possible volume is way too loud (and interestingly, Teams somehow manages to circumvent the hearing protection settings in iOS). The audio quality on iOS is also very jarring, regardless of connection speed, basically to the point of it hurting in the ears even if you reduce the volume to a safe level (e.g. by dangling the headphones in front of your ears instead of putting them in, which is absolutely ridiculous). Similarly I had issues with Teams mute control on a dedicated, certified headset, where both the mute button on the headset and in the Teams UI did nothing, only the special Fn key on the laptop worked. "It magically fixed itself at some point".

[1] I really liked to walk'n'talk for a few recurring meetings. Unfortunately, Microsoft does not like people touching grass.


I've never had your particular issue, but my favorite has got to be that it somehow "loses" the mic between conferences, although the sound server shows it as still recording...

I can understand not detecting something, or badly, but if it works now, and then on the next conference it figures "nah, there's no mic", I just can't understand what it does.


Oh losing the mic has happened to me mid-call many many times. Suddenly I would notice, that someone does not respond to anything I am saying, then check in Teams and, what do you know ... "Your microphone is not working.". I leave call, call again, without changing anything, mic works again ...


I find that usually (but not always...) restarting Teams works. I chalk it up to "made by Microsoft". People make fun of me at work when I ask them if they tried rebooting it whenever they have a problem (the company I work for runs Windows on the desktop, I'm the odd one out running Linux).

I used to think that this was an issue with me running Linux, and an "unsupported" distro at that (Arch). But I'm always reassured (in a way) when I see people having the exact same issues I do on Windows, with basic, run-of-the-mill configs (I have multiple sound cards, some of which come and go).


It also doesn't happen on MacOS where you can see the indicator dot go away after a call. Teams just has a lot of bugs.


Okay, given that they are not listening for any insidious purpose, they should all just add a legally binding, unrevokable clause to their all of their terms of service indicating that they will never sell any audio data or data derived from the audio data while the microphone is muted. Absent that, it is entirely legal for them to do so at any time for any reason with no consequences, so I see no reason why we should take the word of a amoral entity that pinky swears they will not do so when a legally binding statement is so much cleaner and more straightforward.


Would you use a service that sells your audio data when unmuted? :/


I don't think an application has to actually do anything with the audio data in order to retain its access to the microphone. I'm not an expert here, but I'd imagine it's something like this:

    mic = grab_access_to_mic()
    while app_is_running:
        if (is_muted):
            pass
        else:
            send_that_audio(mic)
It also mentions some of the apps sending the muted audio "to the cloud", which seems completely unrelated to retaining access to the mic.

Also, seems like an honest mistake, but I think they got this backwards, right?

> They used runtime binary analysis tools to trace raw audio in popular videoconferencing applications as the audio traveled from the app to the computer audio driver and then to the network while the app was muted.

Wouldn't it be driver -> app -> cloud? I think I'm splitting hairs at this point though.

Lastly, it would be nice if this article at least listed the apps that were investigated.


The worst part is that on iOS you can't just start and stop input stream separately from output, but you have to stop the entire audio session and restart it in output only category. You can configure the session to ignore all input channels, but that won't get rid of the mic indicator (or at least didn't back when the mic indicator was introduced in the first place).

Yes, I work on an app that keeps the mic running all the time because of the above, and because ASIO doesn't allow disabling input at all.


"if you really care about privacy, consider getting a hardware mute microphone"

Even if you get an external microphone which can be muted, if you're on a laptop you'll still have an internal microphone which can't be muted except through software.

What we really need are laptops sold without microphones and cameras. Then you can just use external ones only, and be sure that no one's listening/looking when you unplug them.


Unfortunately, even if a company offered this, in today's world the product would likely have a hidden microphone that isn't listed on the featured hardware.

Much like the old physical typewriters had spyware hidden on them without the users knowledge. I would be willing to bet that every keyboard has something similar today.

It's also striking to see how many people believe that they can trust the 'little indicator lights' on their microphone and cameras to actually indicate that their physically cut off from power. Very, very few devices are made in a way that this is true, and I would be hard pressed to believe it even if it was started in a manual unless I physically checked the equipment.

Ultimately, just assume that the entire world can scrutinize everything that happens on or around any electronic device... so everything, all the time.


Technically any speaker can also potentially be used as a microphone.


Usually software only captures one mic at a time.


> At a hardware level, grabbing the microphone can take time. Even worse that timing is inconsistent across devices, workloads, etc. That leads to a bad experience when unmuting and needing to delay your commentary. The solution to this is to keep the microphone on, but mute at a software level. This way the mic is always hot and ready to relay audio as fast as the software can switch.

Another solution is to mute at the microphone, if your hardware has a button for that. This way the application can do whatever it wants, it will still get nothing. Using the hardware button is often less effort, than switching windows, finding that unmute button visually and moving the mouse to that button to click it. Or one could use push to talk. Since there are ways to mute yourself without having to do it in the app, it would be acceptable, if unmuting took a part of a second to be effective, indicating that by some "unmuting ..." label somewhere.


got a modmic - popular mic - has a button on it to mute the mic- light turns red - pushed the button and went for a pee - came back to the meeting - left again to get a drink - came back - was asked to mute my mic - light was red - clicked hardware button - red light turned off - clicked again - right light turned on - mic was still active - no longer trust hardware buttons


That is a button that works via software, not a physical disconnect like on some other mics. When its a physical disconnect the os can’t tell if you’ve sent a mute command, just that all audio input stopped.


Not all mics are like this. I have a Corsair gaming headset which has a hardware mute button. I frequently set it on mute when I'm munching on something, forget to unmute, and despite videoconferencing software and the OS thinking the Mic is unmuted, no signal is detected.


> With that being said, if you really care about privacy, consider getting a hardware mute microphone.

But still consider using both software and hardware mutes. I was on a sales call years ago and activated the hardware mute. While one of our salespeople was talking I groaned out loud, and the call suddenly went silent. Somehow the hardware mute had failed, despite the light being lit.


At the hardware level, it takes 0 time (10's of microseconds at most for I2C connected codecs, maybe a millisecond for USB 2.0 sound card) to mute the mic input channel to the mixer sitting before the A/D converter.

If it takes any more than 0 time, it's caused by badly written software.

I wouldn't blame the HW for the privacy issues, here.


> I'd be somewhat willing to bet continue to stream audio is also a quality assurance mechanism. Some networks will shape traffic according to load. A quick jump in bandwidth can introduce unexpected jitter and latency. By continuing to stream audio (but not necessarily process or re-transmit), video conferencing can better ensure an un-interupted experience.

They don't have to actually send the data though in this case they should just send 0 padding. It's all encrypted presumably, so the only externally observable factor is the packet size.


Yeah pretty much. How exactly do people expect the "you appear to be muted and talking" notification to work... exactly? eye roll


It could also be for background noise suppression when unmuted. This isn't a giant privacy concern, just be clear about what the mute button actual does for all the privacy people. Generally, when I'm on a Zoom call, I'm not expecting ridiculously high privacy, and expect my recipient and the service to have access to the conversation. If not, I would use Session.


Not to mention the feature of notifying a user they are muted if it sounds like they're trying to talk.


Completely agree, there's a lot of user friendly reasons to want the software to behave this way. I use a headset with a hardware mute that engages when I put the mic arm up, that's what I use when I want to make sure I'm muted.


You are right that the problems you listed are easily solved by keeping the mic open/streaming.

If you actually value privacy as a company though, these are all very solvable problems.


Yep, plus on many apps, if you're speaking while muted, a popup/toaster will show, notifying you that you're muted and if you want to unmute.


I never enjoyed Lync/ Skype for business but one thing it did right was supporting mute on headsets in sync with the app.


It's simple. Most video conferencing apps that I've used will let you know that your mic is muted when you try to speak and your mic is muted.

If you think they're doing something else, then don't use it. If you think you don't have a choice because your employer requires you to use it, your choice is not in whether or not to use the software. If it's something you care about, there's always a choice.


Exactly the reason I use a headset with a boom mic. Flip it up to mute, and back down to activate. Love it.


wait till the wear and tear on that hinge breaks from doing this 50 times a day lol


Or how about an OS-level software mute? Like you have for muting the speaker.


> user experience

The “Think of the children!” Of privacy violators.


have to agree, it's not well explained, but hardly seems like a smoking gun that google/zoom/skype are listening out for anti-government hysteria...


Google Meet at least it's very obvious to tell they do this because if you talk while muted, they will show a pop-up saying that you're talking but you're muted.

Whether this functionality is justification for more nefarious data usage remains to be seen.


Zoom also has a similar popup. It's quite useful, too.

> “It turns out, in the vast majority of cases, when you mute yourself, these apps do not give up access to the microphone,” says Fawaz. “And that’s a problem. When you’re muted, people don’t expect these apps to collect data.”

I wouldn't assume that's nefarious


Once I was on Teams meeting and someone exclaimed “We can see your screen, systemvoltage!”. Sure as hell, I wasn’t sharing anything. Thankfully I wasn’t browsing HN, but writing code.

These things implemented somewhere in the middle of the stack seems dangerous. I much more prefer a slider switch. Preferably made from real atoms and molecules.


Not long ago I dialed into a 100+ person, 3+ hour long quarterly planning type call. It was a video call, but I had to be in the car for part of the time so I dialed in.

After sitting through over an hour, including the part I thought was essential to my team, I jumped off the call and proceeded to explain the shit show to my fellow passengers for 15m or so.

When I got to my destination and pulled out my phone I discovered _I had never hung up_ - I was on the line the whole time. I had said some things that you should never say about your employer within their earshot and expect to remain in their employ.

After some nauseating minutes I realized I had been saved by the auto-mute feature. When a call has over x participants, everyone is muted until they take their mic off of mute.

I am much more careful now about these things, bc I don't expect to get that lucky again.


Holy shit, I cannot imagine the stomach drop when you pulled that phone out. This is one of my biggest anxieties. Sheesh.


I love Discord for some usecases but a while ago I pressed the mute button to talk to my brother sitting next to me and my discord friend made a joke about what I said while muted.

I double-checked Discord and the mic icon was displaying as muted but I could still talk to my friend regardless.


Yes, be careful. You were lucky. Also, bloated apps lie to you and UIs are buggy, what you see in the UI may not be the case.

I now disabled screensharing in MacOS privacy settings for all apps unless I am explicitly sharing.


But then when you need to use it you have to restart the app, right?


I have to cough a lot, so I have a headset with a flip-to-mute mic.

As a result, I don't generally use in-software mute effects. :/


In Google Meet, the UI will change to show that it thinks you have hardware muted the microphone and so "unmuting" the Meet software won't help. I think it's a red ! mark or similar. All my USB headsets have hardware mute.


Couldn’t this be done by using some ML on the video stream?


That's way more computationally expensive and only available if the camera is on (and the user's mouth is visible).


That’s true. I’ve never tried it with the camera off.


Probably the user experience would not be as good, though, since it'd be an audio-only feature that only works if you've enabled video.


The solution is obvious: have the camera watch you even when it's "off".

:-)


That is for the "You are talking, but others can't see your face" notification.


"We can see that you are talking. Would you like others in the meeting to see you as well?"


- Is device X receiving input

vs

- Training models, wasting years of CPU cycle world wide, &c.

For such a dumb feature... I just don't see the point


As a Deaf person, the notification annoyed the heck out of me and there are not even an option to disable the notification. I muted my mic because I am Deaf and I don't use my voice to communicate with my fellow Deaf friends over Zoom/Teams.

And there is no option to disable Zoom joining-room audio (the one that when you join the room, Zoom present the option to ask which microphone you want to enable). Why would I need to enable the microphone if I am signing to my Deaf boss? Deaf communities have major grief with those notifications.

At least, I can disable the microphone access in my macOS and Zoom won't complain. However disabling mic permission in iPadOS will make Zoom to whine about it. Every time I join a meeting, it will let me know that the microphone access is disabled and "kindly" asked me to enable it. In Windows, I can deny the microphone access to Zoom in the Windows setting, however for some reason that made Zoom to crash.


Then why mute yourself?

Even more interesting: Why do you prefer to sign over video instead of typing? Are there forms of expression that are more natural that way?


> Then why mute yourself?

Why not? The only sound they will find is my dogs barking, doors slamming (I lives in apartment), my partner talking in his phone, all of that background noise. Why participants should be subjected to those noise and why Zoom need to know the noises?

> Why do you prefer to sign over video instead of typing? Are there forms of expression that are more natural that way?

We signs because Signed Languages is our modality and the only form of expression in Deaf communities. There are no written sign language or spoken sign language. Using sign language is natural for us to use. We avoid using typing because it is not a true representation of the community, we don't have same proficiency of written/spoken languages as you and others. So to them, it looks like we are from a call center in India with broken English.


I'm fascinated by your last point. Are you saying that being deaf impedes your written communication ? As a layman I would have thought that written communication would be a godsend.


Sign languages aren't English-but-via-hands (even American and British sign languages). They have their own unique vocabulary and grammar. For native speakers of a sign language, English is a foreign language.


I am not deaf, but a family member of mine is a studied American Sign Language in college and worked as an interpreter and we've discussed this topic a few times at length.

Some interesting take-aways I have from discussing this:

* Sign language communication is very different. We can speak with our mouths much faster than we can manipulate our hands, so fewer words are used. I have to imagine this means that the words that are used are far more significant.

* Names are interesting. Most people names don't have signs, and signing every letter would be annoying, so apparently people get nicknames made up of descriptive words. So, you might go by "tall mustache" in normal conversation, but you're 10u152 in writing.

People wouldn't write the same way they would sign. ASL is a completely different language and direct translations to written English modifies the meaning of a lot of statements.


I'm not deaf and/or use sign language, but I have modes where I prefer speaking rather than written text. I would presume deaf people would be the same for their more personal and expressive communication.


I think you may not appreciate how intertwined your verbal cognitive skills are with your ability to think / type / communicate.


Absolutely. That’s why I asked


Sign language is an actual independent language.

Most sign at the same pace as speech. Both of which are faster than typing.

Sign language has the same, or more, expressive properties as when we use inflection etc. in voice.


Is it a serious question? Why do you prefer to speak over video instead of typing?


I am curious about that too (although others have already answered). I prefer typing over speaking.

But I have realized that a lot of people I interact with find it more difficult to understand information in written form. Ie it's easier to teach someone with spoken language than over written text.

I dislike video calls.


Probably similar reason why, after about 5-6 back and forth cycles in a direct Slack chat, I will usually suggest we get open a voice call to finish the conversation. It is faster and the level of communication is better. Typing is slower and you don’t get nuance hence why some people use emoji.

I totally understand why the person above indicated that they preferred signing to typing.


Signing has tons of advantages over typing, since you can convey emotion/tone with your hands and facial expressions. I'd also imagine it has a higher WPM, although WPM might be a bad measure since some small words like "a" can get skipped when signing.


Why do you prefer to talk over video instead of typing?


> “With a camera, you can turn it off or even put your hand over it, and no matter what you do, no one can see you,” says Fawaz. “I don’t think that exists for microphones.”

Maybe it doesn't exist on whatever sleek glassy slabs they're working with, but the old Thinkpad, Elitebook, and Precision workstation laptops I have around me at the moment all have dedicated microphone mute buttons (the Precision has a Fn key combo, the others have physical buttons that do nothing but mute the microphone) that I reach for before trying to mouse over to a different mute button for a particular videoconferencing app.


On my Thinkpad, this was still just interpreted as an OS-level keyboard shortcut, as far as I remember.

A solution that actually (logically if not physically) deactivates any built-in microphone would arguably be at least as important as a "webcam shield".

Apple does this for the built-in microphone for their newer laptops, but that benefit is immediately negated when e.g. connecting a USB webcam that also contains a microphone.


On my T480s the mic mute button is handled in hardware/low-level firmware however all it does is set the mic input level to 0%, where the OS can trivially set it back to 100% if it wants.

At least the LED on the button is driven by firmware based on that level, so it lights up only when the mic level is actually at 0%. While it won't prevent the OS from raising the volume, at least you'll know about it as the mute light will go off.


Check out if you can disable the mic in Audio MIDI Setup on Mac OS X. I tend to use the built in webcam so I’ve never looked on an external one, but in theory you should be able to selectively disable the input/output of any device via its interface. I do this to disable the mic on Work equipment and use my own AirPods as the mic input.


Yes those mute lights have been stuck on "lit" (= "mute") on my Windows forever, both the mic and speaker lights. However recording and playback work fine, the lights just stay on. Very annoying, a little unsettling.

My daily driver is Ubuntu where both lights work fine, on the same machine (dual boot). But now I know not to trust them.

Lenovo ThinkPad P51


I generally hate my HP laptops' hardware, but this is one of the features that I really love and wish more computers had.

On the one I'm typing this on, the key actually sends a standard Media Mute signal, that can be used under Linux (complete with the LED coming on when it's muted). Ironically, this needs special drivers under Windows.


I'm going to guess the hardware switches and key combos went away because they are too confusing for users. I remember constant complaints of "Internet doesn't work" because the wifi hardware switch was turned off. And as the saying goes, if the majority of users are using it wrong, it was designed wrong.

I think Apple picked the right middle ground by making access to the mic and camera a permissions request as well as showing a clear indicator to the user whenever these are active. Steve jobs said the best UI is to ask the user for their data when you want it and keep making them aware of this access every time you use it.


The problem with software-controlled permissions is that nation-state actors (who have unbounded resources) can snoop on your private matters with significantly greater ease.

At least with a hardware switch, someone would have to physically intercept the air waves in the room you're in. In software, the surface for OS-level vulnerabilities is massive, and state sponsored mass surveillance just gets easier.

Sadly, this is a trade-off we have made as a society for "ergonomics".


This line of argument is bikeshedding at it's finest.

If Mossad is out to get you, they are going to get you, no matter what you do. The threat model for 99.999% of the population doesn't include bespoke attacks from three letter agencies.


Do these mute buttons actually hardware-mute the mic or do they send a keycode to the OS?


Usually the second. If you have multiple buttons to do it (for example dedicated button + Fn+F4 combination) then it's almost certainly software.


They seem to do both, at least on some models? On my thinkpad running openbsd, the speaker mute can become desynced. Audio won't play unless both are unmuted. Pushing the button will flip flop the software state, but not the reverse (although I believe that code could be written, it doesn't exist). So if you soft mute, then push button, hardware mutes and software unmutes, but sound still doesn't play.


I always use the key mute button on the Thinkpad, but anyway it can be muted in the system menu easily (at least in XFCE).

(In fact, I just checked in Gnome, the menu does not expose microphone volume, it's only available from the settings window.)


I actually like how Zoom can warn you that you're muted if you start talking, happens to me all the time. And that obviously wouldn't be possible without keeping the access to the mic. So the light being on is OK for me. However continuing to stream the sound to the server is a huge problem, if it's really what's happening - but we can't confirm that without knowing which app is in question...


Your not muted at an operating system level, your muted at an application level when you hit the zoom mute button.

I have a switch on my headset I use to mute at a hardware level on top of the software mute button.


Am I the only one who actually likes this feature?

Zoom prints out a huge full screen notification of "you are muted press X+Y to unmute". Very rarely people speak on Zoom while they are muted.

Now if someone would add the reverse of "your mic seems to be sending nonsense crap and everyone can hear it, maybe you should mute yourself?"


At least as far as not giving up microphone access is concerned, when using Bluetooth headphones, this is very much desirable:

Deactivating the microphone usually is seen as a signal by the OS to switch Bluetooth headphones from two-way conferencing mode (low latency, mediocre quality) back to "music" mode (high latency, good quality). This usually takes 2-3 seconds and disrupts all sound being played (most notably other people talking in the meeting).

I wouldn't want that to happen every time I mute myself.

Continuing to send data to the conferencing bridge is indeed quite shady. Hopefully this would just be (encrypted) silence or comfort noise parameters, which can be useful to e.g. keep NAT mappings alive.


I’ve often used Bluetooth headphones with a physical microphone switch (boom arm up) and there is never any disruption to the audio output.


I can't speak to all videoconferencing software, but Zoom does this to throw up a "Hey nobody can hear you, did you mean to unmute?" banner


What about those cases where you wish you'd been muted?

"Hey everyone can hear you, did you want me to erase the last 5 seconds from their memory?" would be a nice feature.

Facepalm.


There's a Zoom setting to Mute Attendees Upon Entry. I make that my default for every meeting.

Some people complain, but I've had way too many people join and not realize their mic is live, so the meeting is interrupted by random dude shouting at his children to stop making noise, etc.

Or even better, when the meeting tool has a "Call me at this number" tool, but does not require validation before bridging the audio. So instead the CEO's All-Hands PowerPoint presentation is interrupted by that one guy who tried to have Zoom/WebEx/GoToMeeting call his cellphone, but the call goes to his voicemail instead and the voicemail audio plays over the (recorded) conference. Fun times. I've seen it happen multiple times.


Huh, isn't this the default behavior? I never set that and all meetings I attended mutes me by default


Business users might get different defaults from their admin.


Yes, I think we know this: how else do they think it's possible for Teams (or other videoconferencing app) to warn you that you're muted when you start talking whilst muted without the mic being switched on?

I'm not saying there's definitely not anything sinister happening here in the case of every videoconferencing app, but there are legitimate reasons for leaving the mic on that are about improving user experience, not spying on you.


Isn't it common knowledge by now that cameras and microphones are still "on" even if you disable it at the software level?

Zuckerburg has been taping webcam/microphones/etc for a while now. Though being the CEO of a major corporation requires you take privacy more seriously.

https://www.macworld.com/article/228326/mic-drop-how-to-keep...


> being the CEO of a major corporation requires you take privacy more seriously

My privacy is as valuable to me.


Probably not in the general population, I would guess from my friends and family. Or they just don't care, also possible. ^^

Even those that used to tape over webcams (some started doing so after the Snowden revelations in '13) gave up on that during the pandemic, due to video call after video call and "webcam taping fatigue". Webcam shutters in non-business laptops would be great. :D

Audio is another beast and way harder to solve, as there is no tape or (cheap) shutter that can really block a microphone, and physical disconnects are probably not a feature in most customers eyes, as they have no optical feedback, like webcam shutters. So they could, to most people, maybe only be a source of "why does my audio not work - ah, the stupid button" frustration. :/


> Isn't it common knowledge by now that cameras and microphones are still "on"

No. Can you provide evidence.

Because that would imply that applications are routinely bypassing OS security controls. Which at least on a Mac requires a sophisticated compromise i.e. the camera light is directly linked to the camera itself via an independent subsystem.


Instagram uses camera as soon as you open the app, as it's a relatively slow process to fully load the camera and make it fully usable in a way Instagram devs intended to.

They've admitted it themselves. Not sure about microphones.


Wrong.

On iOS there is an orange/green dot in the menu bar that indicates when the microphone or camera are in active use. The dot appears when you try and use say the Live feature but at all other times it does not appear.

My point still stands that unless apps have compromised iOS/OSX it is NOT true to say that the camera/microphone are always on.


Zuckerberg is an attractive enough target that someone would go to the trouble of trying to compromise his MBP's iSight firmware (and such compromises have been proven to be possible, and pretty easy in pre-T2 macs.)

The tape, however, is probably about really making completely sure he doesn't accidentally show video on a call or videoconference when he didn't mean to.

Video could easily reveal even his approximate location (via shadows and such), and that could potentially lead to deriving, say, that he's working on an acquisition or talks with another company, leading to stock manipulation/speculation and so on.


It's always been risky to trust the mute button, even before zoom etc. The rules have been the same for at least 30 years. Never send an email or other type of text message you don't want the whole world to see. Never say anything on a conference call, even when muted, you wouldn't say when not muted.

Ethically any audio chat software shouldn't transmit any audio it receives when muted. The "hey, you are muted" notifications can all be done client side and don't need any server side support. But ethics is not a factor in the design of any enterprise office software.


It's been mentioned a few times in this thread, but it looks like they all have a legitimate reason for this which is making sure the unmute button is instant. Because having the first few words of your talking get through is more important than a theoretical privacy issue to most users.


I agree with that. But there is no reason for them to transmit any data over the network while "soft muted".


Hello!

I am one of the authors of the paper in this thread. You can find the paper here: https://wiscprivacy.com/papers/vca_mute.pdf. I can also answer any questions you have about the research.


They really need to keep reading mike input. When you start talking on mute, it is nice that the app reminds you that you are mute (although they could do better voice detection)

I wished that the whole conference app would be red on mute and green on unmute and would pulse (in both states) to the audio input level.

Is my keyboard typing loud? Show me that I’m sending loud noises to all my peers.

Make it dead obvious that I’m talking to a muted mike.


Quit hoping that software providers change in this regard and demand hardware with physical microphone kill switches.

The Framework laptop provides an example of a high quality, repairable laptop with physical kill switches for the mic and camera.

I love the UX of "Oops, it looks like you are talking but you are muted" and I also value privacy. The physical kill switch provides a true "mute button" when it's needed.


I love my framework... But be careful If taking out the battery. The battery connector socket on the mother board is extremely fragile. I learned that when I bent the pins in the socket when reattaching the battery...


The actual study appears to be here: https://wiscprivacy.com/publication/vca_mute/

The findings are largely reassuring, to be honest:

> 1. Continuously sampling audio from the microphone: apps stream data from the microphone in the same way as they would if they were not muted. Webex is the only VCA that continuously samples the microphone while the user is muted. In this mode, the microphone status indicator from an operating system remains continuously illuminated.

> 2. Audio data stream is accessible but not accessed: apps have permissions to sample the microphone and read data; but instead of reading raw bytes they only check the microphone’s status flags: silent, data discontinuity, and timestamp error. We assume that the VCAs, like Zoom, are primarily interested in the silent flag to tell if a user is talking while the software mute is active. In this mode, apps do not read a continuous real-time stream of data in the same way as they would while unmuted. Most Windows and macOS native apps can check if a users is talking even while muted but do not continuously sample audio in the same way as they would while unmuted. In this mode, the microphone status indicator in Windows and macOS remains continuously illuminated, reporting that the app has access to the microphone. We found that applications in this state do not show any evidence of raw audio data being accessed through the API.

> 3. Software mute: apps instruct the microphone driver to completely cut off microphone data. All of the web-based apps we studied used the browser’s software mute feature. In this mode, the microphone status indicator in the browser goes away when the app is muted, indicating that the app is not accessing the microphone.

> The notable exceptions to these trends are the Microsoft VCAs (Teams and Skype) and Cisco Webex. Microsoft VCAs are much more difficult to trace because they do not use the standard Windows userland API. Instead, they directly make calls to the operating system. Since the Windows syscall interface is undocumented, we could not determine how Teams and Skype use microphone data when muted. More interestingly, we observe that Cisco Webex — unlike the rest of the Windows native VCAs — continuously accesses the microphone while muted.

I still unplug my desktop's external camera and microphone when not in use (9" outty-inny cables plugged into my monitor so those ports are accessible), and use hardware buttons (that may really be implemented in software, unfortunately) to mute during calls, and can just flick the camera to point at the ceiling. Will be more of a concern when I'm back to laptop living.


I use this[0] on Mac OS and it works extremely well. It turns the mic off at the system level. Holding down a key acts as push to talk and triple-pressing the key locks it on.

[0] https://github.com/yulrizka/osx-push-to-talk


Zoom is really bad for this. On my old thinkpad there is a "mute" button on the keyboard. When you press it, it mutes the mic in windows sound settings and turns an indicator light. I've had Zoom un-mute the mic itself with not notification to the user and the "mute" led even stayed on. In old version of Zoom, the host could unmute you without your consent and this would unmute the mic at the system level too. I resorted to disabling the microphone in the Device Manager so it would show up as unplugged instead. This also disables the popup other commentors mentioned.

It looks like newer versions have unmute-consen which hopefully fix it, but the original behaviour made me feel uneasy and not trust Zoom.


I always use my browser instead of these native apps precisely so I can deny microphone permission whenever I want it muted.


It would be nice if you could also have this level of control over native apps.


Once you use something like the Jack Audio Connection Kit it's hard to understand why a user-controllable system-wide audio graph isn't just the default thing baked into the kernel API.

I have full control over all apps. It involved some extra effort creating a fake ALSA device that sends/receives from JACK, but once it's in place, all audio connections become points you can easily make and break in the graph.


Just use opensource and ditch all commercial apps of this kind:

1. Jitsi (sadly, it's Java though) https://jitsi.org/

2. Element (sadly, it's Electron though) https://element.io/

3. BigBlueButton https://bigbluebutton.org/

4. Jami https://jami.net/


I work on Video conferencing apps as a PM.

There’s a very simple reason this is done - to detect if the user is speaking while muted and if so to let them know. That’s it.

At least for the one I’m building. :D


I have a older logitech "speakerphone" microphone that I normally use for video calls and the like as people have commented that it sounds better than the mic that is built into the webcam. One of the nice things about it is that you can touch a "mute" function and the LEDs around the edge of the speaker that usually will light up for a volume dial indicator will turn "red" when it is "muted". And I have found that it does track whether or not the session is muted or not.

Whether or not an application is correctly using the functionality or they try to do something sneaky like using a mute function on app to trigger a "cut audio" function on the server side of the video conference is one of the reasons why I use the speakermicrophone. That visual indicator is usually linked to the Audio Subsystem and with the speakermicrophone being a 1st tier HID device for audio purposes, makes it more likely that things are working as they should.

When it doesn't light up and I'm intentional on the mute is when I would worry.


If I could pick one hardware feature that I'd love on all my i-devices and laptops, it'd be physical shut-off switches for the mic and camera(s). Or, in the camera's case, maybe a cover, since that way you're less likely to have the camera "turned on" without realizing it.

[EDIT] and by "physical" I mean "actually breaks a circuit when off"


https://puri.sm/products/librem-14/

I haven't used it and have no connection to them but think they're onto something in their product design.


Google Meet certainly stays on, but does not try to pretend it doesn't. Feature, not a bug. And this is google, who you know has no compunctions about data collection. The microphone volume icon continues to show movement based on noise from your microphone and it will even prompt you if it thinks you're speaking to unmute yourself.


This is the exact reason that made me develop MuteMyMic. I was really fed up with all these apps that alter input volume behind your back. Now, I can at least know that somebody is playing nasty as MMM beeps whenever mic's volume was changed.

This is not an advertisement ;) I no longer actively develop this app, however, I am still a happy user ;)


I'm fine that the app locally still processes the audio stream - even if I'm muted - to show me a warning if I start talking while muted etc. The alarming part in the article is that at least one app would still send the audio stream _to the server_ while being muted. Any mentioning which "popular app" that is?


It's obvious that Zoom is listening, because if I try to speak when I'm muted, it tells me that I'm muted.


I highly recommend a basic XLR interface/mic combo.

These connect via usb and along with improved sound quality give physical volume and mute buttons.

Internal mics can then usually be disconnected from the motherboard if comfortable working inside a computer.

It shouldn't cost more than $100-200 to get started.

Why trust an open mic any more than an open webcam?


Yep! I have an older Steinberg UR22; quality is awesome. Mine doesn't have mute buttons, but with my Streamdeck I can mute/unmute the input sources very easily.


Years ago, an engineer working in videoconferencing told me that the algorithm they used for avoiding feedback loops involved listening at how it comes out at the other end.

I suppose that perhaps there could be audible artefacts when muting/unmuting if these algorithms didn't continuously do this.


Nothing beats black electrical tape that you can easily put over microphones and cameras when you don't want them to be live... It's going to really be the easiest and most reliable way to ensure a decent level of privacy moving forward. I've been using it for ages now.


For microphones it may not work well. I prefer hardware kill switches on my Librem 15.


My team and I built some of the world's most decentralized videoconferencing software, using WebRTC. You can try it on https://yang2020.app/meeting for example ... but it's available in all of our apps, including for teachers, etc.

Since a major point of our platform (qbix.com/platform) is to avoid relying on external third parties, that meant we built a version of livestreaming that is completely peer-to-peer. Imagine a giant tree at whose root are the WebRTC participants "on stage", the ones getting their feed directly get the least lag, and then people just join different parts of the tree (and ask to rejoin if the parent node dropped out or is too slow).

Here is what we learned:

1. On some platforms, it's hard to turn off the audio listening, because you can't turn it back on later. So you have to just disconnect the audio stream going out, but it's still being captured.

2. When someone is "muted" in a chat, what this really means in P2P setups is that the peers have to "respect this setting" and simply ignore the audio/video stream that the one muted is sending.

3. Sometimes, it's very valuable from a business standpoint to grab the incoming video, and do eye recognition and face tracking (yes we support all that too, in our platform, it's available in Javascript). So a teacher can, for example, take attendance and know which students are no longer present or engaged, without actually seeing their feed. All of it is done on the client side of the student, and with their consent.

Each of 1, 2, 3 can lead to a determined "hacker" kid making it seem like they're listening when they're not, etc. But there are some cool tricks to make it really hard and expensive to pull off perfectly.

We use this, for example, to award credits to people for completing educational materials or listening to a show, as with https://ftl.fm


2) Seems like a waste of bandwidth, did you consider the use case that turning off the video stream might be done to try to reduce bandwidth usage either due to cost of bandwidth or bandwidth being limited enough to break other simultaneous needs? And since 3) while creepy, is at least done on the client so does not seem to require the stream to always be sent to the other clients.


Well, yes, it can be turned off and yes it can be not sent, but that's at the discretion of the client. They can "hack their client" to send it anyway which is why everyone has to "refuse" to receive it from a "muted" client, as well. It's a second line of defense. Never trust the client.


Might want to hire some marketing and product branding agency folks to make sure you are branding this in a way that seems safe and trustworthy, so people will try it out and you can increase engagement and adoption.


That sounds like a great idea, but how much would it cost? We are kind of strapped for cash.


> Sometimes, it's very valuable from a business standpoint to grab the incoming video, and do eye recognition and face tracking ...

this should 100% be opt-in. Think what kind of future is being created.


it's a core feature of the app, in this case it's opt-in by the TEACHER, the student can simply choose not to participate in the course


“With a camera, you can turn it off or even put your hand over it, and no matter what you do, no one can see you,” says Fawaz. “I don’t think that exists for microphones.”

Some microphones have physical switches. Turn off your internal laptop microphone and only use a mic with a switch.


Google Meet will pop up a little "you're muted - are you trying to speak" bubble if it hears noise through your mic while you're muted. So obviously it's still accessing the mic. I don't see this as a big deal.


This is a mountain out of a mole hill. All of the video conference apps I've been on (like Zoom and Teams) are very clear that they don't give up the mic when they mute. They are simply not sending your audio. The apps even give you a helpful message on screen when you make noise but are muted. The "Trying to talk? You're muted!" type of message. How else would they get that other than to be monitoring the mic constantly?

Also there is a big difference between having the mic, listening for consistent sound above a certain level.... and actually doing something with it.


I have two different headsets I use for conferencing, on a USB with a mid-cable control for volume and mute, and a BT headset with physical buttons on the ear cups. I have messed with both, under Linux and Windows 10, and when they are muted, they are really muted.

I have not disassembled them, I am certain that the USB HID is inside the mid cable control unit, but the headsets themselves must be muting the audio stream.

If you use the mute button on the conferencing app? Then I assume all bets are off, but with controls on an external headset, I would assume all behave similarly.


This is entirely in line with my understanding of how these products should work.


"They found that all of the apps they tested occasionally gather raw audio data while mute is activated, with one popular app gathering information and delivering data to its server at the same rate regardless of whether the microphone is muted or not."

Sure would be nice if they named and shamed, with an opportunity for the company to comment as well.

I can imagine adaptive video rates eating up the freed bandwidth, but I would not bet on it. I would bet the audio was indeed being sent even on mute.

Pretty unforgivable


With some poor power saving implementations keeping the mike on can make sense. Switching the power back on when reactivating the mike may cause noticable stutter. An application with limited permissions might not be able to turn the mike off without dropping the device to some low power state.

Being in a conference, muted, hearing something that requires action, hitting "unmute", freeze for a second... bad thing.

A hardware switch would be the better option. But then people wanting to hear you cannot inform you about still being muted.


That's why I have a powered mike with a physical switch.

The web cam has a hinged lense cover.

The background picture is of the office, taken from the exact POV of the web cam, when it was clean. That way it is not necessary to straighten out the office before video conferencing.

It also causes the weird behavior of looking like I am "beaming in" to the office from my orbiting starship :-) Or maybe it's just a glitch in the simulation of myself that has long since replaced me.


The lack of a physical button to control camera and microphone access is really annoying. At least with a camera, I can cover up with a patch but I can't do anything about my microphone.


They are confusing the concepts of an app level vs OS level mute. If the app itself paints a mute button, of course there's no guarantee that it will do what it says. You have to trust the developers at their word, that they are actually ditching the audio feed coming into their application. Some apps even use the audio to provide useful functionality (like a "you are speaking while muted" notification). If you are really concerned about it, mute the app from system controls instead.


Why wouldn’t said app also be able to programmatically unmute at the os-level?


It could, but you'll notice and then uninstall that app.


Most OS's don't very visibly indicate whether the mic is muted or not, only the speakers.


If you're on a Mac, use Shush [0] to give yourself global mute control with a single keypress. You can set it on push-to-talk mode or push-to-silence mode, both are extremely useful. I have mine set to the Fn key and leave in PTT mode most of the time.

0: https://apps.apple.com/us/app/shush-microphone-manager/id496...


I use a hardware switch, albeit for a different reason: I hate the beeping sounds all videoconferencing apps make when you mute/unmute yourself. I guess a good call overall.


What's not clear to me is whether other participants of the meeting are aware of my sound while my mic is "muted".

I'm far less concerned about the videoconference system hearing me than my other meeting participants. This morning during a boring company-wide meeting I accidentally fell asleep (it was an early morning meeting and I was still in bed!)

All that said, it should really be a right of consumers that audio and video capture devices have a physical on/off switch.


Assuming the app that's using the microphone would still need to have hardware access to be able to switch back on when someone unmutes themselves, couldn't there be a higher level API within the OS that still allowed hardware access but wouldn't allow input through so that the audio couldn't be captured in third party apps? Seems like this is an OS issue that Microsoft, Apple and Linux team need to work on if that isn't already the case.


The most unsurprising thing ever. Hardware switch would be the only way to be sure. (Apparently modern macbooks do hardware disable the mic and camera when the lid is shut)


I make it a habit to utilize dial-in numbers for conference software and disable mic inputs on my computer for this reason. There’s no guarantee that my phone doesn’t listen in while I’m muted, but I feel like it’s a better choice. There is a bit of audio quality loss, but on the flip side it isn’t as much of a battle over bandwidth while streaming video, sharing my screen, and broadcasting on audio.


That answer it simple: HARDWARE SWITCHES. My ThinkPad already has physical camera shutter door. All I need now is physical mic on/off switch.


I use objective-see’s app Oversight [1] for MacOS.

OverSight monitors a mac's mic and webcam, alerting the user when the internal mic is activated, or whenever a process accesses the webcam.

Have found it very useful whilst using videoconferencing apps.

[1] https://objective-see.com/products/oversight.html


I’m less concerned about privacy and more concerned about a bug in their code causing my microphone to say mute but not mute


Fixed for BBB with 2.2.4 but it still consumes upload bandwidth comparable to a recording open microphone.

https://github.com/bigbluebutton/bigbluebutton/releases/tag/...


I use the hardware button to mute. My headphone has a mute button right on the cord. It's fast and easy and always within reach. If that's not available, I use the operating system to mute. My Linux systems have a mic icon on the top bar. I believe it's easy to do in Windows also. I don't know about mac.


I always get a good chuckle out of burping and farting while on "mute" because I have seen the traffic.

No expectations of privacy should be the norm when you have mics and cameras. In fact, cameras are easy to handle. Just cover it with something and you're done. Nice continue to listen even if you block them


I like the feature of my video conferencing software that popups up a helpful overlay when I start speaking while on mute. It lets me know I'm muted in case I don't intend to be and reminds me I can press and hold space to temporarily unmute.

Obviously it's listening white muted to do this, but it seems legit.


It's one of the reasons I have a headset with a mechanical switch to turn off the microphone.


Batch file on the desktop to disable the devices

On a call - "We're live" - always assume the camera and mic are hot

Off a call - "Its dead Jim"


This is something that should be solved at the operating system level.

macOS has an orange indicator light when the microphone is active, and Control Center shows which app is using it.

Platforms are responsible for controlling access to the microphone, so they should let users know when it is active, too.


> “And that’s a problem. When you’re muted, people don’t expect these apps to collect data.”

The lesson here for the user:

Don't rely on the software. Mute at the hardware level (many headsets have a button for that), or at the OS level (many keyboards have a button for that).


Easily explained by Zoom's "You seem to be talking, you're muted" message.


Sometimes the best security is to go low-tech. At the risk of not being original, I vote for a mechanical/physical hardware switch for microphone, and a manual lid/lock for the camera (or chewing gum, but it will leave marks :-) )


I am generally against new government regulations, but I would most likely support a law that requires all microphone and camera elements have an LED hard-wired into the power wire/trace. If the sensor is powered, the user should be able to tell.


The case where the school administrator was spying on kids - the macbook light would quickly turn on and then off and you had to look carefully to see it.


This article fails to recognize the value (in a Ui perspective) for detecting surrounding audio when you are in mute.

I do find it useful to know I tried to speak, and the audio bars visually indicate that I just spoke.

Hence the need for audio listening even if you are on mute.


Is this is really important to you there is at least one solution: Wearable Microphone Jamming[0]

0. https://news.ycombinator.com/item?id=28885739


Tell me you don't understand how things work without telling me don't understand how things work. /s

All the apps tell you that you are muted when you are trying to talk while muted. How do they think they do that?


Purism's laptops (and cell phone) all include hardware kill-switches for mic and webcam (and also the radios, bluetooth and wifi)

https://puri.sm/


There are other reasons to capture the mic (for example, to display a message to you that you are speaking while muted). Or to test the audio settings prior to unmuting yourself in the meeting.


If you make a noise while muted, Zoom pop up a dialog saying something like "warning, you're muted!"

So that was kind of a giveaway that zoom is accessing the mic when muted, not really a secret.


I use Shush on my Mac to have a push to talk button that's independent of the app. That way I can leave the app unmuted if I plan to talk at all, and can always use the same button.


I always noticed that the Mac version of Zoom stays open in the background rather than closing after you finish a meeting. Very sus. I have to manually close out the app.


This reads like the app is open and active and muted within the app? So the answer is to close the app if you want privacy? Seems kind of obvious to me.


Use a microphone with an hardware switch. Problem solved.


I once had a Slack call where I muted my mic, the UI updated to show it was muted...

And my mic was still on. Needless to say I never used Slack calls again.


Attention:

The title of this submission has been editorialized by removing the "may" from "may listen", which changes the claim completely.


One valid use case for this is for the software to detect when you're speaking while on mute and notify you that "you're on mute". Maybe I dreamed it up, but I thought I've seen this before (WebEx?).

I could imagine a soft-mute feature where you're on mute when you're not talking (perhaps to keep down on background noise) but if your app detects that you're actively talking, it will unmute you. It might lose the first word or two that you say but could be effective. I could also see this going horribly awry when someone thinks they are on mute rather than soft mute and say something Biden-esque, like "what a stupid son of a bitch".


MS Teams has the "you're on mute" notification.


If they don't listen when your mic is off how are they going to remind you that you're talking but you forgot to unmute?


PSA: I learned again recently that by default on a new installion, Slack does not mute your audio when connecting to a meeting.


Use a Mute Me device. https://muteme.com/


This seems to just toggle the video conferencing software's native "mute" function, which is exactly the scope of this article.

How would that help here?


no shit sherlock! that's why Teams is able to tell you that you are muted while talking. welcome


One nice thing about the frame.work laptop is a hardware mic privacy switch built right in to the screen.


Not surprised.. Especially with evil software companies like zoom.

I always switch off on my mike itself. Better.


The reason they do this is to give you that little warning "You're muted" when you speak while on mute (if they weren't listening to the mic, they wouldn't know that). This is such common behavior (even with the warning!) that I think a videoconferencing app without such warnings would be virtually impossible to use.


The article specifically states in a number of these apps the data is hitting the network. You don’t need to do that for what you describe.

Reduced latency after unmute is probably the better explanation.

> They used runtime binary analysis tools to trace raw audio in popular videoconferencing applications as the audio traveled from the app to the computer audio driver and then to the network while the app was muted.

> They found that all of the apps they tested occasionally gather raw audio data while mute is activated, with one popular app gathering information and delivering data to its server at the same rate regardless of whether the microphone is muted or not.


Yeah how can you write an article about it without mentioning this obvious and innocent reason? Disingenuous clickbait.


I just want to make sure the people in the meeting don't hear the toilet flush.


What bothers me a lot sometimes is that i fear there is a bug in the software mute. Specially when this is implemented separately by each VC software. The bug that even if you think you are muted, the software still fed the audio to the audience.

The reason i’m raising this is knowing software is very complicated nowadays and are more susceptible for bugs. The other day my MS teams froze. I closed the app and tried to open it again. That didn’t work. It felt like i merrily closed the frontend while the backend was stuck. I remember the days a window was a task, closing that window terminates the task. These days are over. Somehow these softwares are made so complicated, not sure for what reason, that the likelihood of introducing bugs is increased.

So taking this frontend-backend example. Imagine the mute button just sends the command to backend for mute but the backend failed to do so. And the frontend assumed all was fine. The user would have been misinformed.

I would use the (hardware) button that stops the audio at the microphone level all the time.


I always use the mute switch on my microphone and not the mute switch in software.


This is why I go to sound preferences in my OS and turn my mic input level to 0.


How else would they check for and suggest "You may be muted"?


Have a mute button on your microphone and cover for your camera. Something you can see is engaged (e.g. a light goes on/off).

Some laptops now have switches that disconnect them from USB... which can be a different kind of pain, if there are other devices that may be connected to.


Lots of the mutes for external mics still do it in software. The software may run on the microphone itself and not the host computer, but still. I don't trust it. Give me something that interrupts a circuit.

Many laptops (notably including MacBooks) can be damaged by even fairly thin camera covers. Which sucks, because they should very obviously be standard.


Most MacBooks are also designed so the camera “on” light is impossible to disable in software.


Some hardware up there must be active and sending data even when the light's not on. It's how they make the (excellent, can hardly live without it now that I'm used to it) automatic monitor color temp adjustment work, AFAIK. Though maybe that's a separate sensor from the camera proper.


The camera and microphones are run through the T2 security chip. Also, there's a separate ambient light sensor.


That’s certainly a different sensor, called the ambient light sensor.


This is why I love being able to mute with a click in my KDE taskbar.


I am, because I ask my operating system to mute the microphone.


Anybody knows what Discord behaviour is with respect to muting?


Of coooourse they are.

Cause why should we trust these companies to be honest?


That's why I use an external mute. No shenanigans.


People will always choose convenience over security


Always thought of muting as the other party not hearing what I say, not that the app wasn't listening. It's running after all. Assume it's listening to everything


Use a headset with a hardware mute button.


I've been trying to buy one (bluetooth). I'm on headset #3, advertised as having a mute button, like the previous 2, which does absolutely nothing, like the previous 2.

I'd gladly shell out 100 bucks for a bluetooth headset with a real mute button, which just cuts off the mic, instead of telling the PC to do something (which the PC apparently won't do without custom drivers, which I can't install on my company-issued laptop, and which I wouldn't trust either).

Bonus if it's 1 ear only, I find those (esp. the ones with the arc overhead) more comfortable in long sessions, and my job has a lot of those.

Can anyone point me at one known to actually work? Thanks!


flush




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: