• A_Random_Idiot@lemmy.world
    link
    fedilink
    English
    arrow-up
    23
    ·
    18 hours ago

    everything you say to your echo/alexa has always been sent to amazon.

    theres literally been leaks proving it.

    • Sovereign@lemm.ee
      link
      fedilink
      English
      arrow-up
      1
      ·
      15 hours ago

      I thought so… I was like wait what dont they already have to process all that data?! And no doubt its in a db somewhere… thats just how things are done. Even if they werent a malicious company, they would still need to save the data to improve the product and for analytics…

  • Prehensile_cloaca @lemm.ee
    link
    fedilink
    English
    arrow-up
    40
    ·
    1 day ago

    If Corporations were people, they’d be disappeared in the night for stuff like this.

    Which is why they’re not people.

    Why anyone would want some Tech company spybot sifting through their private experiences is beyond me, but that’s definitely what they are doing.

    • JayleneSlide@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      ·
      15 hours ago

      Which is why they’re not people.

      But the C-suite and board are almost like humans. And that’s even better for… things.

  • tabular@lemmy.world
    link
    fedilink
    English
    arrow-up
    3
    ·
    18 hours ago

    Who the hell is the manufacture to decide if a remote feature no longer functions? (I’m guessing people don’t rent these devices from Amazon - it’s your property).

    I don’t need your concent, it’s in your best interests - Amazon

    • Encrypt-Keeper@lemmy.world
      link
      fedilink
      English
      arrow-up
      17
      arrow-down
      1
      ·
      edit-2
      1 day ago

      I mean if they were doing this already there would be no point in sending this email out. They would have just happily continued letting people think it wasn’t happening while doing it anyway, while not having to deal with the backlash this will generate.

      • Teknikal@eviltoast.org
        link
        fedilink
        English
        arrow-up
        11
        arrow-down
        3
        ·
        edit-2
        1 day ago

        My suspicion is they probably need to announce it now for some legal reason but there’s no Amazon device with the power to do this locally so it’s definitely always been sent to them.

        Now would they delete that right away or analyse it first, I kinda think they would have always done the latter.

        • Encrypt-Keeper@lemmy.world
          link
          fedilink
          English
          arrow-up
          10
          ·
          1 day ago

          I mean there’s no legal reason that would exist now that didn’t before.

          My guess is that they did honor the setting, but that was because the amount of people that used it was so low vs the total number of people that used the devices. Now with smart speaker adoption rates declining, and their desire to train AI, they have to dip into the pool of people that opted not to share.

    • bitjunkie@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 day ago

      The setting mentioned in the email was on by default. So they definitely were, they’re just removing the ability to turn it off.

  • adhdplantdev@lemm.ee
    link
    fedilink
    English
    arrow-up
    3
    ·
    19 hours ago

    Duh. This why no one should have this tech as the arbiters can never be trusted with public saftey/good.

    • PeteZa@lemm.ee
      link
      fedilink
      English
      arrow-up
      11
      arrow-down
      1
      ·
      1 day ago

      I agree. Although it’s nearly impossible at this point. Especially with Amazon running a significant portion of the internet with AWS. Each one of us most likely touches an Amazon server multiple times a day, even if we don’t have any Amazon subscriptions.

      • gamer@lemm.ee
        link
        fedilink
        English
        arrow-up
        16
        ·
        1 day ago

        That doesn’t matter. You only need to worry about boycotting things within your control, like Amazon shopping and their consumer products. AWS is profitable, but so is Amazon.com.

        Buying something at a different store is always a dub even if that store is using AWS on the backend.

      • Soup@lemmy.world
        link
        fedilink
        English
        arrow-up
        8
        ·
        1 day ago

        Like the other person said, you can at least control what you interact with directly. So you cancel your Prime subscription and turn your lights with your hand instead of an Echo but you don’t worry so much about trying to figure out if any of the several companies involved in making [product] have some form of attachment to AWS.

        And there will be some level of consumption in this horrible system that’s not gunna be good in order for you to not be horribly depressed but people can shed more than they think and alternatives do exist for many of the ones you might put at lower priority.

  • Avid Amoeba@lemmy.ca
    link
    fedilink
    English
    arrow-up
    12
    ·
    edit-2
    1 day ago

    For anyone with existing Home Assistant setup, the Home Assistant Voice Preview is pretty good alternative, when it comes to voice control of HA. The setup is very easy. If you want conversational functionality, you could even hook it up to an LLM, cloud or local. It can also be used for media playback and it’s got an aux out port.

    I used to use Google Home Mini for voice control of Home Assistant. The Voice Preview replaced that rather nicely.

      • SayCyberOnceMore@feddit.uk
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 day ago

        I’m using a Pi Zero as a voice satellite with an additional mic hat and a speaker hanging off the audio output and it’s … ok

        There’s definitely much lower WAF with this option

        The voice assistant has built-in audio which appears to be high (enough) quality and considering it’s case, power, etc, not to mention funding the advancement of open source voice control, it’s just overall “better”

        If you’ve got a Pi lying around with a mic & speaker, definitely give it a go

  • MurrayL@lemmy.world
    link
    fedilink
    English
    arrow-up
    34
    ·
    1 day ago

    If you do not want to set your voice recordings setting to ‘Don’t save recordings,’ please follow these steps before March 28th:

    Am I the only one curious to know what these steps are? The image cuts off the rest of the email.

    • pogmommy@lemmy.ml
      link
      fedilink
      English
      arrow-up
      45
      arrow-down
      1
      ·
      1 day ago
      1. Unplug your amazon echo devices
      1. Hit it with a hammer
      1. Send it to an electronics recycler
    • MurrayL@lemmy.world
      link
      fedilink
      English
      arrow-up
      10
      ·
      edit-2
      1 day ago

      If anyone else is wondering, I’ve not found a verbatim quote of the steps but I did see an article that mentioned the consequences. It seems like you will be able to turn this off but it will disable Voice ID:

      anyone with their Echo device set to “Don’t save recordings” will see their already-purchased devices’ Voice ID feature bricked. Voice ID enables Alexa to do things like share user-specified calendar events, reminders, music, and more. Previously, Amazon has said that “if you choose not to save any voice recordings, Voice ID may not work.” As of March 28, broken Voice ID is a guarantee for people who don’t let Amazon store their voice recordings.

      • IMALlama@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        1 day ago

        The old “privacy focused” setting made speech processing local. The new “privacy focused setting” means that processing will happen on a remote server, but Amazon won’t store the audio after it’s been processed. Amazon could still fingerprint voices with the new setting, to know if it was you or your parents/parter/kid/roommate/whomever and give a person specific response, but for now at least they appear to not be doing so.

        This all seems like it’s missing the point to me. If you own one of these devices you’re giving up privacy for convenience. With the old privacy setting you were still sending your processed speech to a server nearly every time you interacted with one of those devices because they can’t always react/provide a response on their own. Other than trying to avoid voice fingerprinting, it doesn’t seem like the old setting would gain you much privacy. They still know the device associated to the interaction, know where the device is located, which accounts it’s associated with, what the interaction was, etc. They can then fuse this information with tons of other data collected from different devices, like a phone or computer. They don’t need your unprocessed speech to know way too much about you.

      • slaneesh_is_right@lemmy.org
        link
        fedilink
        English
        arrow-up
        16
        ·
        1 day ago

        True, but a mobile phone is basically a world brain, calculator, camera, flashlight, you can watch movies on it in hi def, hate it all you want, it’s one of the most versatile tools on the planet. An echo dot, it just spy garbage and nothing else

      • pogmommy@lemmy.ml
        link
        fedilink
        English
        arrow-up
        12
        arrow-down
        1
        ·
        1 day ago

        Phones are at least easier to justify since everyone kinda needs one now and there aren’t many great private options, especially for the lay person

          • pogmommy@lemmy.ml
            link
            fedilink
            English
            arrow-up
            7
            ·
            1 day ago

            I mean yeah, but for a lot of people if they ditch their phone they’ll also lose their job and possibly relationships they value.

            Cell phones spying on people isn’t good, but most people are simply not informed about how invasive they are and couldn’t make an informed decision if they tried. Pair that with the fact that cell phones are essential for a lot of modern life, and it’s not difficult to see why the average person is generally more wary of smart speakers than cell phones.

          • pogmommy@lemmy.ml
            link
            fedilink
            English
            arrow-up
            7
            ·
            1 day ago

            I meant they’re easier to justify in the sense that I see why people don’t put much thought into putting a spying device in their pocket, not that I agree with the disregard. Most peoples’ friends, family, employers, etc. all expect them to have a cell phone and be available by it. Additionally, the way most people interact with their phones, the spying is much less obvious. They joke about them “always listening”, but a lot of people don’t understand the privacy concerns of pretty typical internet use, so the fact that the device has more than just a microphone, it appears to be worth it to a more typical consumer than us.

            Contrast that with an Alexa, google home, or apple home thing, devices which nobody cares if someone else doesn’t own, which most people only see as a microphone and speaker, and whose primary functionality is to always be listening to you. The skepticism is much easier to arise.

            I’m not saying the level at which cell phones spy on their users is acceptable or even worth it, just that I see why the average user who isn’t conscious of their privacy doesn’t regard them with the same concern they do smart speakers.

      • jim3692@discuss.online
        link
        fedilink
        English
        arrow-up
        9
        arrow-down
        3
        ·
        1 day ago

        At least, on mobile devices, it’s typically easier to install a privacy-focused firmware (like LineageOS or GrapheneOS). Those AI assistants are completely locked down.

    • Flic@mstdn.social
      link
      fedilink
      arrow-up
      8
      ·
      1 day ago

      @richardisaguy @Tea sometimes they just come free with stuff. We got given two Google ones when my husband bought a Pixel phone. We were going to sell them on but we never got round to it. You can physically turn off the microphone part though (at least it tells you it’s turned off so fingers crossed) so we use the one with a screen as a digital photo frame (and a speaker) and the other one as just a speaker.

    • whoisearth@lemmy.ca
      link
      fedilink
      English
      arrow-up
      7
      arrow-down
      3
      ·
      1 day ago

      I have a bunch in my house. It’s a glorified radio all I use it for is:

      • Set timer for x minute
      • What time is it
      • Ask CBC to play radio one Toronto
      • What is the weather today

      For the convenience I accept the mining they may do.

    • SpaceNoodle@lemmy.world
      link
      fedilink
      English
      arrow-up
      107
      arrow-down
      2
      ·
      2 days ago

      Off-device processing has been the default from day one. The only thing changing is the removal for local processing on certain devices, likely because the new backing AI model will no longer be able to run on that hardware.

      • 4am@lemm.ee
        link
        fedilink
        English
        arrow-up
        54
        arrow-down
        1
        ·
        2 days ago

        With on-device processing, they don’t need to send audio. They can just send the text, which is infinitely smaller and easier to encrypt as “telemetry”. They’ve probably got logs of conversations in every Alexa household.

        • b1t@lemm.ee
          link
          fedilink
          English
          arrow-up
          49
          arrow-down
          1
          ·
          2 days ago

          This has always blown my mind. Watching people willingly allow Big Brother-esque devices into their home for very, very minor conveniences like turning on some gimmicky multi-colored light bulbs. Now they’re literally using home “security” cameras that store everything on some random cloud server. I’ll truly never understand.

            • b1t@lemm.ee
              link
              fedilink
              English
              arrow-up
              2
              ·
              1 day ago

              My brother and a buddy both have Alexas. And yeah, I hate being anywhere near the thing.

          • deranger@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            17
            arrow-down
            11
            ·
            edit-2
            2 days ago

            Why has no security researcher published evidence of these devices with microphones uploading random conversations? Nobody working on the inside has ever leaked anything regarding this potentially massive breach of privacy? A perfectly secret conspiracy by everyone involved?

            We know more about top secret NSA programs than we do about this proposed Alexa spy mechanism. None of the people working on this at Amazon have wanted to leak anything?

            I’m not saying it’s not possible, but it seems extremely improbable to me that everyone’s microphones are listening to their conversations, they’re being uploaded somewhere to serve them better ads, and absolutely nobody has leaked anything or found any evidence.

              • deranger@sh.itjust.works
                link
                fedilink
                English
                arrow-up
                11
                arrow-down
                4
                ·
                edit-2
                2 days ago

                Sure, but that’s not the commonly repeated conspiracy, even by non technical normal people, that everyone’s mics are listening all the time and they’re being used to serve you ads or whatever. The scale of this is not at all comparable to what I’m talking about. Yeah, I’m sure sometimes devices are inactivated inadvertently, those responses are uploaded, and people have listened to those recordings when they didn’t have permission. That is a far cry from all devices listening nearly all the time, using some surreptitious method to upload the data, and what was being recorded being used for some nefarious purpose.

                Again, I’m not excusing these devices for being a privacy nightmare, but I just think it’s extremely implausible that Alexa, Siri, Google, etc. are always listening and nobody has discovered a device uploading.

                The real privacy nightmare is that recording your conversations is completely unnecessary to build a richly detailed profile of you and your contacts. Regular old device / browser fingerprinting and a few people in your group sharing contacts with apps is enough for that, and it’s not a top secret conspiracy.

              • catloaf@lemm.ee
                link
                fedilink
                English
                arrow-up
                6
                arrow-down
                5
                ·
                2 days ago

                Per that article, it only happens when it thinks it’s been activated, and only when you opt in. Not much of a bombshell.

                • hungprocess@lemmy.sdf.org
                  link
                  fedilink
                  English
                  arrow-up
                  13
                  ·
                  2 days ago

                  Emphasis on “when it thinks”. Not much point to a privacy control that the device can just ignore for unspecified reasons, and they had 150+ instances of that occurring in this data set.

              • deranger@sh.itjust.works
                link
                fedilink
                English
                arrow-up
                6
                arrow-down
                2
                ·
                edit-2
                2 days ago

                I’m not saying it’s not possible

                There is no argument from ignorance fallacy in what I said. I am not claiming these devices never send audio without you wanting because there’s no evidence to the contrary.

                However, the idea that everyone’s microphones are always listening, and that’s why you saw an ad for whatever after talking to your friend, yet not a single person has observed a device uploading this kind of data, nor has anyone ever leaked any kind of information on this supposed system, is extremely unlikely to be true in my opinion.

                They don’t need microphones to do this. Regular tracking is plenty to do a good job at suggesting you a highly relevant ad, and frequency illusion does the rest. You’re not noticing the thousand times you see ads that are irrelevant to whatever you were talking about, but the one time you do notice really sticks out.

                Frankly there are plenty of more concerning ways of violating our privacy that are out in the open that I believe are a much higher priority than mics always recording, of which there is no evidence for.

                • b1t@lemm.ee
                  link
                  fedilink
                  English
                  arrow-up
                  4
                  arrow-down
                  3
                  ·
                  edit-2
                  2 days ago

                  If no proof is offered (in either direction), then the proposition can be called unproven, undecided, inconclusive, an open problem or a conjecture.

                  Stating that you don’t think that it’s possible is irrelevant. It’s either happening or it isn’t. True or false. P or ¬P.

                  is extremely unlikely to be true in my opinion.

                  Is an argument from ignorance. Not trying to be rude, but this is basic logic.

                • b1t@lemm.ee
                  link
                  fedilink
                  English
                  arrow-up
                  5
                  ·
                  2 days ago

                  Yeah, but it’s rooted and running a custom ROM ;)

            • takeda@lemm.ee
              link
              fedilink
              English
              arrow-up
              6
              arrow-down
              2
              ·
              2 days ago

              Because if they would publish it, the other security experts would say “well, duh, that’s how it works”.

              It is just the average people that are unaware of it, or don’t seem to care.

          • loie@lemmy.world
            link
            fedilink
            English
            arrow-up
            5
            arrow-down
            2
            ·
            2 days ago

            I mean… I 100% agree, and yet you and I and everyone reading this are carrying around a phone that can do the exact same shit

            • b1t@lemm.ee
              link
              fedilink
              English
              arrow-up
              6
              arrow-down
              1
              ·
              2 days ago

              This is why jailbreaking/rooting your phone is so important.

            • Ulrich@feddit.org
              link
              fedilink
              English
              arrow-up
              3
              ·
              edit-2
              1 day ago

              I am not, thank you very much. Even if I was, you can simply disable the wake word. And you can go into your account (if you have one) and see/listen to any recordings it has made to verify that it has stopped listening.

    • tal@lemmy.today
      link
      fedilink
      English
      arrow-up
      19
      arrow-down
      1
      ·
      edit-2
      2 days ago

      If you look at the article, it was only ever possible to do local processing with certain devices and only in English. I assume that those are the ones with enough compute capacity to do local processing, which probably made them cost more, and that the hardware probably isn’t capable of running whatever models Amazon’s running remotely.

      I think that there’s a broader problem than Amazon and voice recognition for people who want self-hosted stuff. That is, throwing loads of parallel hardware at something isn’t cheap. It’s worse if you stick it on every device. Companies — even aside from not wanting someone to pirate their model running on the device — are going to have a hard time selling devices with big, costly, power-hungry parallel compute processors.

      What they can take advantage of is that for a lot of tasks, the compute demand is only intermittent. So if you buy a parallel compute card, the cost can be spread over many users.

      I have a fancy GPU that I got to run LLM stuff that ran about $1000. Say I’m doing AI image generation with it 3% of the time. It’d be possible to do that compute on a shared system off in the Internet, and my actual hardware costs would be about $33. That’s a heckofa big improvement.

      And the situation that they’re dealing with is even larger, since there might be multiple devices in a household that want to do parallel-compute-requiring tasks. So now you’re talking about maybe $1k in hardware for each of them, not to mention the supporting hardware like a beefy power supply.

      This isn’t specific to Amazon. Like, this is true of all devices that want to take advantage of heavyweight parallel compute.

      I think that one thing that it might be worth considering for the self-hosted world is the creation of a hardened network parallel compute node that exposes its services over the network. So, in a scenario like that, you would have one (well, or more, but could just have one) device that provides generic parallel compute services. Then your smaller, weaker, lower-power devices — phones, Alexa-type speakers, whatever — make use of it over your network, using a generic API. There are some issues that come with this. It needs to be hardened, can’t leak information from one device to another. Some tasks require storing a lot of state — like, AI image generation requires uploading a large model, and you want to cache that. If you have, say, two parallel compute cards/servers, you want to use them intelligently, keep the model loaded on one of them insofar as is reasonable, to avoid needing to reload it. Some devices are very latency-sensitive — like voice recognition — and some, like image generation, are amenable to batch use, so some kind of priority system is probably warranted. So there are some technical problems to solve.

      But otherwise, the only real option for heavy parallel compute is going to be sending your data out to the cloud. And even if you don’t care about the privacy implications or the possibility of a company going under, as I saw some home automation person once point out, you don’t want your light switches to stop working just because your Internet connection is out.

      Having per-household self-hosted parallel compute on one node is still probably more-costly than sharing parallel compute among users. But it’s cheaper than putting parallel compute on every device.

      Linux has some highly-isolated computing environments like seccomp that might be appropriate for implementing the compute portion of such a server, though I don’t know whether it’s too-restrictive to permit running parallel compute tasks.

      In such a scenario, you’d have a “household parallel compute server”, in much the way that one might have a “household music player” hooked up to a house-wide speaker system running something like mpd or a “household media server” providing storage of media, or suchlike.