Skip Navigation
18 comments

  • People worried about “digital eavesdropping” aren’t paranoid. There’s an entire class-action lawsuit based on Apple’s Siri getting caught being activated without the trigger command and data that was captured being sent to third party providers.

    • Not outright false, but out of context. That suit was settled with Apple denying any wrongdoing, for one thing, but more importantly, from what I can tell the point wasn't whether Apple was turning on Siri without permission (which is unlikely) and more that accidental or unintentional activations were being recorded and processed for advertising.

      I presume that's scarier for Apple, because a) it's probably very likely to have happened, and b) if a court found they have to be 100% accurate in filtering out unintended activations the entire voice assistant thing may be completely impossible to implement legally.

      So we know they paid some money to settle that, but we don't know what was going on (beyond research like the one in the linked article by the OP that says it's unlikely anybody is sending secret voice data).

      • Nearly every settlement with a major corporation is settled without the company admitting wrongdoing. I don’t doubt that there was an accidental glitch involved. What confuses me is why that makes it ok to you.

        It’s generally a safe bet with cases like this that it would not have made it at far as it did in courts or been as hefty in compensation if the evidence hadn’t been damning.

        Here’s the original article in the Guardian that set the whole thing in motion. Apple formally apologized for it.

        In other words, we kinda do know what happened. There was a whistleblower on the contractor side.

  • An earlier version of this article was published in 2019.

    While the content of the article is true, and I had to explain it to other people on the internet and irl multiple times in the last decade, the article doesn't write about the new TPU chips nowadays appearing in devices. With them full on-device STT will become more and more possible, so the tests mentioned in the article won't detect eavesdropping, as they won't need to send sound files to datacenters, only the transcript.

    It would have been useful if they wrote about this new vector in the article, as TPUs were not that common in 2019.

    • Okay, but if the myth was false then and the behavior of the legit user interaction with the voice assistant versus idle is different... why would they wait until they have on-device processing to implement it that way? Why would they implement expensive server recognition for intended use but sneak in on-device processing JUST for advertising purposes they are already mining you for well within the EULA's terms? That and you'd definitely see it in battery consumption, if not in data throughput. NPUs/TPUs are hungry bois, so it wouldn't be a particularly smart workaround for quiet detection.

      It's not that I think they wouldn't spy on your conversations, it's that I think it'd be bad business to do it that way.

      This is always shocking to me. I mean, the researchers in this example are out there going "no, seriously, these third party apps are taking screenshots of your phone whenever you give screenshot permissions and sometimes sending video of what you do and they track you to the smallest detail and it's messed up" and everybody brushes that off and goes BUT SIRI IS LISTENING THO!!! and you just can't convince them to care about the real bad thing or to stop caring about the probably false less bad thing.

      It's very confusing to me.

18 comments