Sometimes you may wonder if the microphones are really in use after all. Apparently that can be measured: https://www.theregister.com/2022/09/12/mic_monitoring_spying/ As a bonus, L5 gets a specific mention (although, it’s not only the USA version has the switches). This would be nice to have to know what is happening with all the devices around us…
First, these solutions require users to trust the implementation of the laptop manufacturers or the operating systems
This statement from the article is somewhat off the mark. The whole point of a hardware kill switch, whether it’s on Purism devices or even the Apple laptop mentioned, is that you don’t have to trust the operating system. Even if the operating system is a virus-riddled pile, cutting the power will prevent the device from working.
To some extent, when Purism publishes the schematics you don’t have to trust the hardware implementation even - although the number of customers who could actually verify the hardware against the schematics may be limited.
TickTock had less success against 40 other devices, meaning smartphones, tablets, smart speakers and USB web-cameras.
Well for my USB webcam, I simply unplug it when not in use. I am not aware of any exploits against an unplugged webcam. Not only does unplugging prevent use of the webcam but, in the event that the operating system is compromised, the webcam can’t have malicious firmware flashed (for webcams where that is a possibility).
Hmm, I wonder whether television sets have analog or digital microphones.
Television sets shouldn’t have microphones at all. (I guess one day I should try to track down where the microphone is on my more recent TV that must have one somewhere. I don’t use that functionality, for obvious reasons.)
My remote has a microphone. I don’t use it and refused the TV when it asked if I wanted to, but it is there. Was on my previous one too.
No, not really. As acknowledged here:
The majority of people will have to trust the implementation, and that even includes those that can follow a trace as they’re likely still trusting that it kills power and doesn’t send a power-off signal as some hardware switches do by connecting to a pin that is used for the more polite power on/off via sending a voltage high or low. In the instance of using a more polite on/off via hardware switch you’re also trusting the chip to obey the command to power on/off even if it’s independent of the OS control there may still be software involved.
So no, for the majority of the audience that statement was not somewhat off. Did it leave out a small caveat that would have taken a decent amount of time to explain and would have detracted from the core of their message, yes. Should all articles go all the way down all rabbit holes because some people might want to see extreme level of details that don’t add value to the conversation being had and are part of a different conversation? Also no.
My comment was mostly about “or the operating systems” in the quoted text.
In other words, provided that you do trust the hardware (or you verify the hardware) then you don’t have to trust the operating system.
That removes the context from the statement though. They’re saying you have to trust the hardware or software then you’re saying that you don’t have to trust the software if you trust or verify the hardware… that’s what or means…
Wow. What a crazy World.
I guess they justify it as a feature to input text in search fields using voice recognition for stuff like YouTube without using a keyboard.
I am neither a conspiracy theory person, nor a paranoid person. But it is bad that all means for total surveillance are already there available and distributed.
- CCTV at many places with face recognition and walk recognition already advanced enough
- LTE/WiFi/BT connectivity everywhere so that it is always possible to locate your car or cell phone
- microphones everywhere in phones, notebooks, TV remote controls, cars…
We have to TRUST that nobody abuses this technology.
But I don’t want to blindly TRUST. Bad people do exist.
Voice cam also be an accessibility option. For some people voice control is necessary so the input method itself isn’t inherently the problem nor inherently bad.
As you point out, the concern is that these potentially useful tools are abused which harms in the abuse but also almost certainly leads to harm in the backlash as well.
And the abuse would come in two general forms:
- the manufacturer collects information that you are not aware of and giving informed consent to the collection of and/or uses it in ways that you are not aware of and giving informed consent
- a government piggy backs on that and uses legal compulsion to get access to that information or more
On top of direct abuse there is also:
- implementation flaws mean that a large range of parties (explicit criminals, governments, activists, …) get access to information that you are not aware of and giving informed consent to i.e. unintended by the manufacturer
As far as accessibility goes, the main question would be: where is it implemented? I assume that at the current time most remote controls aren’t up to the job of doing speech recognition but … is it then implemented in the TV? or is it implemented by the manufacturer somewhere on the internet (so the sounds from the room in which you are viewing the TV have to be transmitted to a server somewhere on the internet)?
And with all that … is there any transparency? If you ask them how it is implemented so that you can assess your risk, do they refuse to tell you on the grounds of commercial secrets? and even if they told you, can you verify whether they are telling the truth and the whole truth?
I’m just pointing out that getting hung up on what ifs and maybes overlooks a very valid group of people that genuinely benefit from the functionality.
I disagree that the “caveat” can be omitted and is small. The majority have to trust the community and not the manufacturer, because with the available schematics, it’s sufficiently simple to verify the hardware. It makes a huge difference, because now your threat model can switch from “this hardware might be designed to listen to everyone” to "my hardware might be modified specifically to listen to me*! This is a huge difference with a much lower probability and much higher cost for the attacker. In practice, it means that the majority of people don’t really have to trust anyone at all, since a targeted attack against them is extremely unlikely.
It would be nice if the argument were internally consistent.
Trusting the community to verify what the manufacturer is doing is indistinguishable from trusting the manufacturer and is actually trusting the manufacturer then also trusting the community to catch the manufacturer of the manufacturer misbehaves.
The threat of an individuals hardware being modified is a completely different and unrelated topic.
There is no contradiction in my words. In theory, the majority has to trust the community, but in practice, unless you think you are personally targeted, you don’t need to trust anyone, if the community is sufficiently large. Just a couple of rigorous hardware verifications published online by random activists should be sufficient to be reasonably convinced that the hardware itself is not compromised by design (or that the chip is not “asked” to switch off). And ordinary people don’t even need to know about it.
There is a large difference between trusting a manufacturer and trusting a community. A manufacturer is a single point of failure, a perfect target for all sorts of bad actors, including governments and hackers. For-profit manufacturers also have incentive to spy on users to get more advertisement revenue. It’s much harder to compromise a community; how do you think one could even do this? They don’t normally rely on advertisement money or have any center.
This sounds as if having open schematics and a community is worse than closed hardware with a for-profit company producing it. This does not look logical to me.
This is the intent of being able to speak to the remote, and is indeed an accessibility/laziness feature. But you and @OpojOJirYAlG are right, the data isn’t ephemeral and I have no idea what happens to my voice queries after they’ve been used to search YouTube or whatever, which is why I don’t use it.
If it only were specific queries or other inputs, but those mics can listen for conversations and background to identify keywords (speech-to-text and machine learning, commercial and political targeting etc.), people (age, sex, gender, health, activity etc.) and items (think machine noises, keyboard presses etc.).
The voice interface in itself isn’t that bad of an idea. Its that the raw data and sound are transmitted elsewhere and used for other things, without much in the way of limits or control. There are (or used to be, probably still is for special needs) ok software that works on the device well enough for basic commands, without the need to use cloud or AI.
The mic on my remote is button-activated such that you hold or press a particular button in order to use it. I think it’s reasonable to assume that the mic on the remote isn’t a hot mic as that would drastically decrease its battery life.
Doesn’t that undermine its usefulness for accessibility?
If you trust it, it is however a better implementation from a security / privacy point of view. That is also a better implementation from the perspective of accidental commands.
I’m not saying you are wrong at all but, hypothetically speaking, couldn’t it be sound-activated? So effectively it is on standby (low power) waiting for any sound loud enough to activate and then it will come out of low power mode. (That would mean that it would be a hot mic for the entire time you are watching the TV but not a hot mic for X hours overnight when the room is empty and the TV is off, for example.)
It sounds to me (pun intended) that you are a potential customer of the “microphone safety kit” from the OP, if and when it becomes a commercial product.
Maybe. Its arguably easier to press and maybe hold one button than use the “directional pad” of sorts to navigate an on-screen keyboard. Doing the latter is a pain, so I think its just a means of trading voice data for convenience.
I think it could, but if I was Samsung, I would market that (just say “Hey Tv” and tell it what you’re searching for!) and then raise the price of the TV $200.