|
Send me a link of my Alexa voice command history, and if I can verify it's accurate then I will start worrying a little.
Or why even limit it to that, go use my so-called "publicly available information" and do something that actually effects me.
I get that companies do get breached and lose data, but what happens to these people? Nothing.
And let's say I do start worrying for a minute... then what? What can I do to change anything? No point wasting time worrying about it.
|
|
|
|
|
musefan wrote:
I get that companies do get breached and lose data, but what happens to these people? Nothing. Nothing you are aware of. That's not the same thing, is it?
It's not just breaches; there's also a risk of the people who perform maintenance on the application misusing the data.
musefan wrote: And let's say I do start worrying for a minute... then what? What can I do to change anything? No point wasting time worrying about it. So you don't lock your house, because you don't want to worry about what makes a good lock?
What you can do to "change anything" is to not use a compromised appliance - or at least be aware of the potential problems, so you can "step outside" on that single moment you feel the need for privacy
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
"If you just follow the bacon Eddy, wherever it leads you, then you won't have to think about politics." -- Some Bell.
|
|
|
|
|
I do lock my house, but I am not under any false impressions that it's going to stop someone getting in if they really wanted in. It's enough that is causes a delay and forces them to use more "attention drawing" methods.
And maybe partly because my insurance might not pay out if they found out I didn't lock the door
I'm not stupid enough to give my useful information out such as bank cards. But with a company like Amazon, I have enough trust that even if they did have a breach, it would be plugged faster that it would for somebody to make use of the lost data.
Besides, my Alexa is in my kitchen, the most useful information you are going to get from my account is a discussion about what me and the Mrs are having for dinner.
|
|
|
|
|
musefan wrote: But with a company like Amazon, I have enough trust that even if they did have a breach, it would be plugged faster that it would for somebody to make use of the lost data. Lots of people reuse their passwords on multiple accounts; if Amazon would leak passwords, then those passwords may be reused in another (secure) app.
musefan wrote: Besides, my Alexa is in my kitchen, the most useful information you are going to get from my account is a discussion about what me and the Mrs are having for dinner. True as that may be, it is important that you understand the implications of the dangers it may pose; it may not be the most wise move for a politician to have one in every room, for instance.
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
"If you just follow the bacon Eddy, wherever it leads you, then you won't have to think about politics." -- Some Bell.
|
|
|
|
|
Eddy Vluggen wrote: Lots of people reuse their passwords on multiple accounts are stupid. Yes, I completely agree.
But there are far too many of them to waste my time worrying about.
Eddy Vluggen wrote: True as that may be, it is important that you understand the implications of the dangers it may pose; it may not be the most wise move for a politician to have one in every room, for instance. I agree, but those that do fall into the category above (stupid people), and in that instance they are probably already doing much more stupid things anyway.
You can't stop the world falling apart, it's best to just hope you die before it gets too bad.
|
|
|
|
|
musefan wrote: I have an Alexa
What for ?
|
|
|
|
|
Well, it was a present, so I didn't actually get much choice in it.
But I do like it, I use it for music. I tell it to play a specific song, playlist, or even just shuffle songs by artist/genre and it does, very hassle free. And the sound quality is actually pretty good.
|
|
|
|
|
musefan wrote: I have an Alexa, and I honestly don't care if it did record everything I said. It's not like I walk around my house reading out my bank card numbers all day.
And even if I did say something sensitive, it's not like it's publicly accessible, so what is there to worry about?
Have you never given out card details on the 'phone?
I can think of all kinds of reasons not to have a microphone in my home - private conversations, intimate moments, breaking wind and all manner of things that I don't want to share with the world at large.
A lot of things are intended not to be publicly accessible but they still wind up being so.
Whenever you find yourself on the side of the majority, it is time to pause and reflect. - Mark Twain
|
|
|
|
|
PeejayAdams wrote: Have you never given out card details on the 'phone?
Now you mention it, few weeks back I did, was right next to my Alexa too...
Thing is, I don't for a minute think Amazon have that audio stored anywhere on their servers. And even if they did record every bit of audio from every customer (very unlikely), what are the odds of someone with criminal intent would have access? and even then happening to pick out those 10 seconds of audio out of the whole data set for every consumer? It's just not going to happen. And if it somehow did (it won't), it's highly unlikely my bank will allow the purchase using my card details to happen.
It's more likely that my phone would be tapped and someone would get my card details that way... so what should I do, stop using my phone?
PeejayAdams wrote: private conversations, intimate moments, breaking wind and all manner of things that I don't want to share with the world at large. Why do you care if people you have never met, and likely never will, hear a private conversation?
|
|
|
|
|
Is it beyond the wit of man to write an audio version of grep that looks for regular expressions of 16 integers? Maybe, maybe not but I'm sure there's someone working on it as we speak!
musefan wrote: Why do you care if people you have never met, and likely never will, hear a private conversation?
You should hear some of my private conversations!
Whenever you find yourself on the side of the majority, it is time to pause and reflect. - Mark Twain
|
|
|
|
|
PeejayAdams wrote: Is it beyond the wit of man to write an audio version of grep that looks for regular expressions of 16 integers? Not at all, but if there is a criminal out there who can afford the processing power to go through that much audio data then I can't image credit card fraud is worth their time.
PeejayAdams wrote: as we speak! Pun intended?
PeejayAdams wrote: You should hear some of my private conversations! Well, the way people think things are going, I should be able to Google them in a couple of years
|
|
|
|
|
You'll never be able to guess the keywords!
I fully take your point re power consumption but do hackers pay their own electric bills and use their own processors?
Whenever you find yourself on the side of the majority, it is time to pause and reflect. - Mark Twain
|
|
|
|
|
PeejayAdams wrote: do hackers pay their own electric bills and use their own processors? You seem to know an awful lot about hackers... a very suspicious coincidence
|
|
|
|
|
OriginalGriff wrote: You got one? No, the price is too high for such a gimmick.
OriginalGriff wrote: Did you care? Yes; unless the gimmick would be free like GMail - but since one pays for it, one can expect a modicum of security.
It would also need power to do anything, so I'd at least have a power-switch near to turn it off on some occasions.
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
"If you just follow the bacon Eddy, wherever it leads you, then you won't have to think about politics." -- Some Bell.
|
|
|
|
|
OriginalGriff wrote: most of these things can be turned into spy devices pretty easily
You have a phone?
Ever use internet without vpn?
If yes, then what's the point of putting an effort to protect against one more thing? Let 'em have it all. Overflow their servers with data and they just might crash! In this day and age we are all compromised by ease of access devices which are/can be effectively used to spy on you and there's very little you can do about it. A quote from Manhhunt: Unabomber is trying to get out of my lips here, but failing miserably.
If you don't compromise security for a phone or accessible internet access then kudos to you! But I neither have the resources nor the choice to act like a nomad or a monk and I think it's safe to say neither do most people.
OriginalGriff wrote: You got one?
Nope, I don't see the reason to buy one. A guy in the office bought one used it for a week before he got bored and dumped it where no man shall ever go.
|
|
|
|
|
Because with phone / VPN it's my choice what happens: I can "limit the damage" or not as I chose without significantly compromising functionality.
But with these things, pretty much everything you say or do becomes public knowledge - even without the consent of your family and visitors.
Technically, in the UK at least, not warning a visitor that Alexa / Google is listening and recording can probably be a criminal offense: Is it illegal to record conversations? - DMA[^] and also almost certainly infringes the Human Rights (privacy) legislation of the EU...
Sent from my Amstrad PC 1640
Never throw anything away, Griff
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
OriginalGriff wrote: Because with phone / VPN it's my choice what happens
Or maybe that's what they want you to think?
On a side note given the information provided in the link is correct, it's scary how the big company has failed to adhere to law or simply just ignored it. I remember a post a few days ago, someone saying we (Software Developers) should start taking strict actions/precautions as doctors do with their oaths. Perhaps we could start penalizing the developers for their complete disregard for security atleast. I doubt individual developer can be held accountable for ever changing law and its clauses.
In other words we need an(other) interface between QA and Dev and Legal. The current manager, project lead, team lead, developer relationship has too many pitfalls.
|
|
|
|
|
Abbas A. Ali wrote: You have a phone? You even come across people using mobiles in public places and spelling out their card number and 3-digit security number. People in general have a very poor perception of risk in today's world.
As an aside... round here we have a permit parking scheme. In the "good old days" permits were physical paper certificates displayed on the windscreen. The parking enforcement people walked around and if there was a car without a permit they ticketed them. Only data on illegally parked cars was collected, and then only on paper for transcription back at the office. Now the wardens go around with a mobile app, typing in the registration of EVERY car, which is then checked against a remote database (together with time and GPS data). Now details of every car in the area - legally parked or not - together with location and time is reported back to parking HQ. Think of the mischief that data could be used for... yet no-one, as far as I can tell, has so much as blinked at the change from paper permits to paperless. Similarly here in the UK, the government driven stampede to "smart" electricity and gas meters is going to be reporting back in real time (well, up to half-hourly) energy use about virtually every property in the land. Again, dead easy for a bad actor to identify abnormal energy usage and spot when normally-occupied homes are left empty. Yet another reason not to follow the herd into "smart" meters.
There's talk of a "digital divide" - those with access to high-tech, and those without. I'd suggest there's also a "privacy divide" - between those who spray every detail of their lives into the ether, neither knowing nor caring where it goes or is used for, and those who take a degree of control over their data and apply intelligence to manage exposure. (Though in the above example, you may not even realise your legally-parked car is going to be monitored on an hourly basis by the council's subcontractors... and the only option is not to park in a permit parking zone. )
|
|
|
|
|
Hey,
|
|
|
|
|
I try to avoid voice control for several reasons, one I talk to myself (I know, I know), two I am paranoid about Big Brother listening (not really an issue) & when I do use it I have an overwhelming desire to say "Open the pod bay doors, Hal" and get disappointed by the reply (I really have to hack it to answer "I'm sorry, but I can't Dave")
|
|
|
|
|
Obligatory XkCD: Listening[^]
Sent from my Amstrad PC 1640
Never throw anything away, Griff
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
|
I have Google assistant on my Xiaomi Mi tv box, and for that application, it is great. It switches the mic on immediately I enter a search field anywhere (haven't had time to try "Ok, Google" yet), and the search and voice recognition is great.
The box is only on once or twice a week, and Google Assist sure beats entering search terms using on-screen keypads.
"'Do what thou wilt...' is to bid Stars to shine, Vines to bear grapes, Water to seek its level; man is the only being in Nature that has striven to set himself at odds with himself."
—Aleister Crowley
modified 15-Jul-19 8:27am.
|
|
|
|
|
Never had, never will. Too much of my life is exposed to the world as it is.
Technician
1. A person that fixes stuff you can't.
2. One who does precision guesswork based on unreliable data provided by those of questionable knowledge.
JaxCoder.com
|
|
|
|
|
No interest.
The privacy part doesn't bother me... that was lost a long time ago when I started using the internet. I just don't find voice based interfaces the least bit appealing.
The Beer Prayer - Our lager, which art in barrels, hallowed be thy drink. Thy will be drunk, I will be drunk, at home as it is in the tavern. Give us this day our foamy head, and forgive us our spillage as we forgive those who spill against us. And lead us not to incarceration, but deliver us from hangovers. For thine is the beer, the bitter and the lager, for ever and ever. Barmen.
|
|
|
|
|