Comments

You must log in or register to comment.

zoom_zip wrote

And what can we do to stop our conversations being spied on ?

don’t have a phone

have a dumb phone

if you have a smartphone keep it in a faraday cage

5

disabled_larper wrote (edited )

don’t have a phone have a dumb phone

Dumbphones have very rare legitimate use cases. Generally speaking they are actually worse than smartphones. You’d be unable to use anonymous VoIP numbers, unable to have any acceptably secure communications, etc. These are essential for having some privacy when using phones.

3

[deleted] wrote (edited )

1

zoom_zip wrote

you have to trust the phone at an operating system level. if you can’t do that, then it doesn’t matter what privacy tools you install.

6

nulloperation wrote

Put LineageOS or PostmarketOS on it.

4

throwaway wrote (edited )

Make sure not to install google apps when using LineageOS.

...and if you prefer a smartphone being smart, don't install PostmarketOS just yet.

4

disabled_larper wrote

Lineage and Postmarket seem to be pretty terrible. They might be good for tinkering and customization, but not for security.

I’d only recommend GrapheneOS, CalyxOS, or iOS.

2

[deleted] wrote

3

disabled_larper wrote (edited )

De-googling Android is a challenge that's why projects like Librem 5 and Pinephone are important.

Linux phones are… not great to say the least. But afaik GrapheneOS is completely de-gooogled and looks like a far better alternative in terms of privacy and also usability. Just about every other ROM I’ve found (except maybe Calyx) has issues with security as well.

2

deeppurplehazedream wrote

I know this is serious but I can't help it...have you tried asking your phone about this? Remember, be calm and non-confrontational.

5

nulloperation wrote

It depends on the software running on your phone. If your device has voice activation with Siri or Cortana or Google Voice Access, then it is by definition listening to you in order to respond to keywords. It would not be able to respond to something it wasn't listening to, obviously.

Now, you could disable those voice services, but you'd have to take the word of Google or Apple or Microsoft that it is really off, because much of the source code is proprietary and hence secret.

Same, if you install a Facebook spyware app and grant it permission to access your microphone, then you'd have to trust Facebook that they really do not listen to you once your call is done. We pinky swear that we're not listening to your microphone even though 99% of our income is from surveillance ad-tech!

To improve the situation, run a free / libre OS on your smartphone and use a free / libre app store. However, the phone modem will most likely still run non-free software, so it's not yet a perfect solution.

4

moonlune wrote

The voice activation app is meant to only processes sound locally and only listen for their specific hook phrases ("hey google"), discarding everything before that. Only the sample after the hook phrase is sent to the server to be processed by the AI.

Or at least that's what marketing says.

3

Edward wrote

I'm not aware of any concrete proof that phones are always listening. Just a lot of anecdotes about targeted ads and the like. But it's very possible.

The best way to guarantee your phone isn't listening would be to get rid of your phone. That's not very helpful though depending on your circumstances.

3

DeletedButArchived wrote

I dont think it has

We do know that most government's and many companies have back doors or just straight up access to most phones to listen to you.

Many apps and services like Alexa listen to you all the time. So it's a orginary function on the phones. So a fairly simple app will have the ability to record your voice and send it off without your knowledge.

From a hacking perspective listening to someone is quite a trivial fast.

So talking logically we know many people are listening to you. The question is if they store the information or look at it. There doesn't seem to be much info on that one.

3

TechnoBarbarian wrote

The answer is probably not all the time, not because they couldn't but because these companies don't need them too. They already have your location, who you hang out with, what their talking about, what all your friends watch, everything you search, where you go to work, who works at your work, what they watch, what they do in their free time, etc.

Most of the time that's enough to deduce things that are damn uncanny. Not even mentioning that they have this data on so many people that they can spot underlying patterns. Then do stuff like figure out if someone is pregnant before they know it themselves.

But I don't think everyone phones are always sending all their audio back to some server.

3

celebratedrecluse wrote

Get Top On The Phone!

but seriously, yes. be careful with that. no discussions of serious shit, or typing in passwords, with a phone on and within thirty feet/the same room.

3

masque wrote (edited )

There is an established tracking technique where certain apps will listen for inaudible tones embedded in broadcast media for various purposes (e.g. to tell which TV channels the user of a particular phone is watching, or to link a phone to a computer in order to build a unified tracking profile). Here's an article about that. I think they sometimes put these tracking beacons in physical locations as well (participating stores, etc.)

There was also a soccer league app that was caught using users' microphones to catch pubs streaming games without a license.

In both cases, the app is listening for a specific, known signal, which means that it doesn't need to transmit tons of audio data to a central server. But it's still definitely an example of your phone's microphone being used to gather information about you without your knowledge.

I've never seen any convincing evidence for the "I talked about needing a new umbrella and now I'm seeing ads for umbrellas, so my phone must be spying on me" idea. It usually seems like people just don't realize how much information they're leaking via other channels (mainly web tracking, location data, and credit card purchases, all of which can be very revealing).

That being said, I also don't buy the argument that this is categorically impossible because it would require transmitting too much audio data to a central server to be analyzed. I'm pretty sure you could run low-quality speech recognition locally, identify the most clearly spoken keywords, and just send that relatively small amount of data somewhere occasionally. The data quality wouldn't be very good on the individual level, but targeted ads and data mining are only really meant to work in aggregate anyways. I still haven't seen any evidence that this is actually happening, though.

2

disabled_larper wrote (edited )

Where I can find a clear article about our smartphones actually listening to us, I found contradictory claims on the subject

I’ve never heard of phones which automatically record and transmit audio on the general public. However phones can obviously be tapped, bugged, and hacked, which would pose a threat on an individual level if you’re concerned about that. Phones also use insecure communications, such as SMS, which would be a threat to anyone really.

And what can we do to stop our conversations being spied on ?

Depends on your threat model. It could be as simple as using an end-to-end encrypted messenger such as Signal with ephemeral messages enabled. Or it could be something as complex as throwing out any mobile phones you own and sending encrypted messages from an airgapped machine via external storage such as a USB or CD. Even then, there are ways to infiltrate and exfiltrate date on airgapped computers. If that’s a concern for you, I’d suggest doing your own research on it. TEMPEST might be a good place to start, but it would probably be very difficult to perfect with an untrained person trying to replicate it in a home environment.

Is it only facebook that spy on our conversations or also others apps ?

It’s just about everything. Even the very hardware and operating systems you use can’t be trusted. Windows, Mac, iOS, and Android all have their own issues with security, privacy, and freedom. GNU/Linux is a little better for freedom and privacy, but their security is even worse than that of the previous operating systems I mentioned. And that’s not even talking about the hardware and firmware.

In the meantime support projects which have a focus on security and freedom. seL4, Genode, RISC-V, Power9, etc all seem like promising foundations. For now just pick whichever is best for your situation. For some people it’s Mac & iOS, for others it’s GrapheneOS & Qubes, etc.

1