(I know many of you already know it but this incident I experienced made me so paranoid about using smartphones)
To start off, I’m not that deep into privacy rabbit hole but I do as much I can possibly to be private on my phone. But for the rest of phones in my family, I generally don’t care because they are not tech savvy and pushing them towards privacy would make their lives hard.
So, the other day I pirated a movie for my family and since it was on Netflix, it was a direct rip with full HD. I was explaining to my family how this looks so good as this is an direct rip off from the Netflix platform, and not a recording of a screening in a cinema hall(camrip). It was a small 2min discussion in my native language with only English words used are record, piracy and Netflix.
Later I walk off and open YouTube, and I see a 2 recommendations pop-up on my homepage, “How to record Netflix shows” & “Why can’t you screen record Netflix”. THE WHAT NOW. I felt insanely insecure as I was sure never in my life I looked this shit up and it was purely based on those words I just spoke 5min back.
I am pretty secure on my device afaik and pretty sure all the listening happened on other devices in my family. Later that day, I went and saw which all apps had microphone access, moved most of them to Ask everytime and disabled Google app which literally has all the permissions enabled.
Overall a scary and saddening experience as this might be happening to almost everyone and made me feel it the journey I took to privacy-focused, all worth it.
You must log in or register to comment.
- A family member might have searched it
- An ad network might have reported on your piracy (especially now with privacy sandbox)
- Your media player might just be doing some tracking and/or insecure searching for metadata
- Siri or something might have popped open
- You googled to get to the piracy website
- You may have just looked up the movie, and the movie was popular with pirates
Don’t get too paranoid
Person in a privacy community using YouTube and multiple Google accounts thinks the only way they are being tracked is through phone microphones…you can’t make this shit up.
As I have already mentioned in the post, I am not that deep into privacy rabbit hole that I am completely degoogled my life. If I did, I wouldn’t have any privacy concerns to begin with ¯\_(ツ)_/¯
On why I haven’t done it yet is simply because it is extremely hard. If you go full privacy-focused, you lose out on convience and vice versa. I’d like to stay in balance.
You focused on the wrong part of my comment. The issue isn’t that you have Google accounts or use YouTube, it’s that you seem to have very little understanding of how much data is being collected about you through these avenues. Instead you focus on some conspiracy theory about phone microphones which is still yet to be proven despite years of technologically illiterate people telling us that “the only way they could have known that is if they were listening to me!!!”. I don’t understand how you get to the point of posting in a niche privacy community whilst still being so completely clueless and misinformed.
I was in the same belief that phones do not listen to our mics for years until that news of Facebook employees leaked chat came out.
Listening to audio would be the least effective and most expensive method of data collection for advertisers. It’s not happening. They already have literally over a million data points on you, there’s nothing useful for them to glean from your audio that they don’t already have ad nauseum.
You see thousands of ads and recommendations every day. You finally found one that was relevant to you. It’s not that deep.
It’s possible that it’s inferred off the digital footprint of you pirating the content, also. People freak out a lot about being listened to, but I’d argue that’s an inefficient spying mechanism they probably don’t lean heavily on if they can avoid it. We’re all living on platforms that are knowably spying on everything you click on or read or do online and feeding that into giant AI models with everything about you. Like just by watching a pirated video on a Google TV device, Google’s hashing that and phoning that data home, possibly even matching that to the specific file, and adding that to an ad profile.
Here’s a fun little experiment you can try. Make a list of random topics and have a discussion about each of them on separate days. Make sure each topic is something that could result in creepy suggestions or ads on YT. If even one of these topics produces the expected result, you could be on to something.
No, they don’t: https://www.youtube.com/watch?v=xtfU9AsUmc4
Again, no, they don’t: https://gizmodo.com/these-academics-spent-the-last-year-testing-whether-you-1826961188
If you don’t trust a 4 minute YouTube video or an independent (?) study, try a Reddit comment: https://www.reddit.com/r/Android/comments/q1u71q/comment/hfhynid/
A phone can notice when it’s in the hands of a security expert and start acting normal. Before dieselgate, Volkswagen cars had been emissions tested for years without finding anything suspicious. Turned out VW used the car’s sensors to detect when it was being tested.
correct.
the level of unsubstantiated cope in this thread is mind boggling. from people many of whom should honestly know better.
no, they don’t
Please be careful with your claims.
In my experience, whenever investigating these claims and refutations we usually find when digging past the pop media headlines into the actual academic claims, that noone has proven it’s not happening. If you know of a conclusive study, please link.
Regarding the article you have linked we don’t even need to dig past the article to the actual academic claims.
The very article you linked states quite clearly:
The researchers weren’t comfortable saying for sure that your phone isn’t secretly listening to you in part because there are some scenarios not covered by their study.
(Genuine question, not trying to be snarky) Will you take a moment to reflect on which factors may have contributed to your eagerness to misrepresent the conclusions of the studies cited in your article?
Of course a researcher is never sure something is 100% ruled out. That’s part of how academic research works.
My eagerness stems from being tired of anecdotes presented as evidence supporting a weird privacy conspiracy. This takes away from the actual issue at hand, which is your digital footprint and how your data is used.
Of course a researcher is never sure something is 100% ruled out. That’s part of how academic research works.
once again, that isn’t what they were reported to have said. [and researchers don’t need to repeat the basic precepts of the scientific method in every paper they write, so perhaps its worthwhile to note what they were reported to say about that, rather than write it off as a generic ‘noone can be 100% certain of anything’] it’s a bit rich to blame someone for lacking rigor while repeatedly misrepresenting what your own article even says.
what the article actually said is
because there are some scenarios not covered by their study
and even within the subset of scenarios they did study, the article notes various caveats of the study:
Their phones were being operated by an automated program, not by actual humans, so they might not have triggered apps the same way a flesh-and-blood user would. And the phones were in a controlled environment, not wandering the world in a way that might trigger them: For the first few months of the study the phones were near students in a lab at Northeastern University and thus surrounded by ambient conversation, but the phones made so much noise, as apps were constantly being played with on them, that they were eventually moved into a closet
there’s so much more research to be done on this topic, we’re FAR FAR from proving it conclusively (to the standards of modern science, not some mythical scientifically impossible certainty).
presenting to the public that is a proven science, when the state of research afaict has made no such claim is muddying the waters.
if you’re as absolutely correct as you claim, why misrepresent whats stated in the sources you cite?
I’ve said this elsewhere but it would be piss easy to prove. I think it’s weird that we’re talking about how something can be true because it hasn’t been disproven, but not that something can’t be true because it hasn’t been proven.
piss easy
many domain experts dedicating significant resources to it’s study
pick one.
when your sources repeatedly don’t say what you claim they say, maybe its time to revisit your claims ;)
It would be piss easy to prove your phone is always listening to you. Stop being obtuse.
always listening
i never claimed always, i specifically advised op to refrain from claiming always.
how can you pretend to represent a sound scientific approach when you misrepresent the scientific claims made in sources you cite
I have videos that prove the opposite so like idk
If they actually prove something, I’d be happy to give them a watch. 40 minutes of some dudebro’s podcast with a phone in his hands doesn’t count
Hey, looks like you forgot to post them so we’ll ignore your comment for now until you do!
Listen, mister/miss. I tried it once and the reaction was bad because geopolitical reasons. Do I want to get banned by admin abuse? No. Do I want to start a political fight in a nice thread? Also no.
I will watch these later. But recently one of the Facebook’s employee’s chat was leaked saying they listen to customer mics 24/7 via a third party. Google blocked the alleged third party and Facebook has ended ties with them too.
What about it?
It was an ad partner’s pitch deck, not much to do with Facebook itself. And it didn’t really explain how it would be listening anyway.
Besides, if they were recording, processing and / or transferring audio, that would mean there’s data usage, battery usage, etc - stuff that’s easy to prove.
The truth is a lot simpler (and scarier) and you will find that in the links I provided.
First off, if you’re concerned about phone privacy, consider a custom OS for your phone that respects privacy such as GrapheneOS.
It’s easy to figure out that your device isn’t listening to a constant audio stream 24/7, since that would drain battery and send a lot of noticeable data over the network. However, it is entirely possible to listen for certain keywords as you mentioned, and send them encrypted with another seemingly legitimate packet. There’s no way to be 100% certain, but it is possible in theory without draining too much battery.
The steps you took are good, making sure that apps don’t have any permissions they don’t need. Privacy is a spectrum, so it’s not “all or nothing”. As I mentioned before, if you’re seriously concerned about mobile privacy and want a solution, you can get a custom operating system that can remove any privacy invasive elements. GrapheneOS also allows you to disable the camera and microphone system-wide (although this functionality is present on some other Android builds).
If it eases you any, a lot of these advertisements happen to be coincidence and trigger confirmation bias. It could be that those ads happened to show up by coincidence, or that advertisers managed predicted your interests, or that you got tracked by some other means while downloading the movie. The possibilities are nearly endless.
You should install Rethink and see how much garbage your phone constantly transmits and receives. And this is not even a kernel-level firewall, so who knows how much data Google actually exfiltrates…
I don’t know about a constant audio stream, nor about keywords, but I noticed that Google Keyboard sends out some data every time you type anything. It’s not even that subtle.
Root your phone and degoogle it if it doesn’t have LineageOS image. If it does have LineageOS image, then flash it. Oh, and don’t use Google and YouTube. Use Brave/Vivaldi for web search and Tubular for YouTube.
I’ve seen a lot of people using Vivaldi as “private” browser. What is the point here?
Because it’s one of the few browsers on Android that allow you to put your address bar down
Firefox?
Firefox is okay but most websites break on it.
I don’t see any main website being broken due to firefox
Most? Are you sure you didn’t install some extensions that break your browsing?
I had uBO and Dark Reader installed.
Those 2 might very well cause issues sometimes, you should try and fiddle around with their settings on the websites that complain, or outright whitelist them if nothing works and you want to use them, other times it really is the browser or even more often an artificial check of the user agent string (dick move on the dev’s side), so if you spoof a Chromium browser it’ll start working right away
Anyone saying they know for 100% certain it’s not happening is probably speaking from their emotional desire for it not to be true - rather than actual fact.
Anyone who has looked into the actual technical aspects, rather than spouting the usual surface-level “tech facts” or parroting headlines (rather than the actual academic findings), cannot seriously claim to know for certain its 100% not happening.
@op i would advise caution on stating ‘24x7’ until there is evidence of that specific claim. (unless you’re referring to while voice assistants are enabled.)
I am surprised by the response I got from majority here. I thought the people who are privacy-focused, wouldn’t give the benefit of doubt to Google of all companies. But it isn’t the case here. Everyone here just assumes and believes strongly it isn’t technically not possible which is really the case when you look at the other services offered by Google.
@op i would advise caution on stating ‘24x7’ until there is evidence of that specific claim. (unless you’re referring to while voice assistants are enabled.)
Google app which is pre-installed is pretty a forced voice assistant on everyone on android.
I get your feeling :) Don’t worry the silent majority is on your side. However they won’t comment because they fear from being banned or backslashed…
While It can’t be proven or disapproved, I also had my share of strange coincidence where my mind goes “Huh? How is that even possible?”… Kinda strange feeling! But that feeling gave me the push to the privacy route maybe in a rather to extreme direction? Always follow your guts when there’s to much noise to make a clear decision.
- RethinkDNS (block every in/out request except those manually allowed)
- Degoogles android (Shizuku+canta, magisk, debloater)
- Only open source apps and delete everything else (no exceptions here) -…
You will never get full 100% privacy or anonymity, however you can make your data as much as difficult to get and waste some of their resource and time :).
Good luck !
Looks like the silent majority disagrees with you… Stop convincing yourself of things that aren’t true.
76 up’s / 68 down’s on OP’s post.
It’s very close, still the majority wins, that’s how it works, if not happy change the system not the voters.
Maybe not 24x7 but this did happened and people have reported it multiple times. If you really think those multi-billion dollars companies are not capable of or won’t do anything so sketchy because it’s not “worth it”, then it’s time to open your mind to the possibility that those companies are not your friends.
cos the majority in this thread cannot even read the articles they cite mistakenly thinking it supports their unscientific claims that this topic is decided.
afaict no researcher has formally claimed a full coverage binary analysis.
if you know of such a study please link?
afaict the researchers are very upfront about the limits to the coverage of their studies and the importance of that uncovered ground being covered.
when the researchers themselves are saying the work isn’t over. why are all the super geniuses in this thread so smugly announcing this topic is wrapped up?
i guess they know better than the actual researchers do. amazing, someone should tell them not to worry cos the geniuses in the forums have it all worked out 🤣
[if you’re unable to reply with a direct excerpt from actual formally issued research (not some pop media headline) i will not bother responding]
Hahaha… What a stupid take. Yeah scientific research isn’t biased and hasn’t been poisoned by conflict of interest… never has been and never will I guess? Scientific research is the ultimate truth of wisdom and you don’t need your own critical thinking anymore 😮💨 (Yeah the tobacco industry was right, smoking is healthy !)
when the researchers themselves are saying the work isn’t over. why are all the super geniuses in this thread so smugly announcing this topic is wrapped up?
It’s better to be safe than sorry
Edit:
Therefore, the fact that no evidence for large-scale mobile eavesdropping has been found so far should not be interpreted as an all-clear. It could only mean that it is difficult – under current circumstances perhaps even impossible – to detect such attacks effectively.
https://link.springer.com/chapter/10.1007/978-3-030-22479-0_6
Scientific enough?
hey man, i think you may have misinterpreted who i was replying to /what i was saying, or perhaps i didn’t communicate perfectly.
i am 10,000% on your side with this, and very much appreciate your post and appreciate your support in this thread/community on this topic. it’s actually giving me a tiny bit of hope that this community isn’t entirely lost.
i’ve really grown absolutely weary of the ridiculous denialism in society and especially in so-called tech communities on this topic.
the kindest thing i think you could say about the rampant denialism is they emotionally do not want to believe it could be happening, and therefore all rationality has gone out the window.
these threads are always a circle jerk of denialists repeating popular media headlines which say “its not happening”, and then if you read the article IT DOESN’T SAY THAT AT ALL. and these denialists WON’T EVEN FUCKING READ THE ARTICLES THEY POST.
apart from the emotional cope, perhaps also partial exposure to eg. basic consumer stuff like installing steam or downloading a movie, so they assume the bandwidth is too high to exfiltrate audio cos their music/game/movie audio files are big, completely ignoring the fact that the telecomms industry has put many decades and $ into producing efficient voice codecs for around 50 years now. they probably think nyquist is a brand of cough medicine
same goes for all the other erroneous ‘consumer tech’ false facts they parrot back and forth.
eg. the lunacy of saying the tired old statement “if they were listening ALL THE TIME, we’d know” completely ignoring threshold based noise gates have been a thing for well over half a century.
these self-proclaimed know-it-alls can’t even put in 10 minutes reading BASIC topics in an encylopedia to realise this shit was solved over half a century ago. (actually you don’t even need tech knowledge or an encylopedia to imagine such a fundamental thing as…i don’t know…not recording when nothings happening 🤯). they can’t put in even BASIC effort, yet are SOOO smug in not only telling us “its absolutely not happening”, but they actually can’t wait to be rude and ridicule randoms for even asking the question.
yeah the level of technical competence on this site has plummeted since the influx of the reddit crowd.
just enough consumer tech enthusiast knowledge to delude themselves they can smugly and self righteously shit on the average non-tech person.
and now they’re the majority, drowning out legitimate curiosity by loudly parroting headlines from articles they didn’t even read. slowly turning lemmy into the regurgitated reddit pop media shithole they wanted to escape.
this topic is especially difficult because of the clear emotional desire for it not to be true. hence the degree of fragile cope in this thread.
thankfully not everyone here is a lost cause, and you’ve been given some good advice on delineating the other possible causes for what you’ve observed. when we do a careful analysis we must ofc consider all possibilities.
what i’ve not seen properly acknowledged in this thread, however, is that the possibility of alternative explanations doesn’t preclude the possibility of voice-based surveillance either.
this topic is especially difficult because of the clear emotional desire for it not to be true. hence the degree of fragile cope in this thread
Well said.
Yet again, someone mistakes an anecdote for evidence. And evidence is also not the plural form of anecdote.
I’m sure we have people here who are tech-savvy enough to have actually examined the kinds of data that their phone is sharing.
If you have something like Google Home or Amazon Alexa, then yeah, those would be sending voice data back, and yeah, they could probably use it for advertising. But as far as I know, there is no evidence that phones are “always listening” and “always sending information back” when they’re idle.
In addition to all the GrapheneOS recommendations, there are also faraday bags. Drop the phone in while at home or wherever.
That doesn’t really help unless the bag is also soundproof; it could just as easily store what you say and send it off later.
