SoylentNews is people
SoylentNews
from the giving-the-kids-a-big-brother dept.
Amazon has unveiled a Kids Edition of its Echo Dot smart speaker:
The $79 Echo Dot Kids Edition takes the original device's design and wraps it in a kid-friendly, colorful case. Otherwise, the hardware is the same as the tiny smart speaker that debuted in 2016. While the regular, $49 Dot is considered a more affordable and accessible version of the regular Echo speaker, the Kids Edition costs more thanks to its bundled software. Amazon includes a two-year warranty plus a one-year subscription to the new Amazon FreeTime Unlimited service, an expanded version of Amazon's new FreeTime for Alexa.
FreeTime gives users "family-focused features" and new parental controls that adults can use to restrict what their kids can do with Alexa. Family features include "Education Q&A," allowing kids to ask Alexa science, math, spelling, and definition questions, "Alexa Speaks 'Kid,'" which gives Alexa kid-appropriate answers to nebulous statements that kids may say such as, "Alexa, I'm bored." Parents can also limit the times during which kids can speak to Alexa (like no talking to it after bedtime), restrict the skills kids can use, filter out songs with explicit lyrics, and more.
[...] But even with the added parental controls, some will be wary of a speaker designed to listen to their children. Like the original Dot, the Kids Edition has a mute button and parents can put the device in "sleep mode" to prevent it from responding to commands. However, the mic will always be listening for its wake-word just like other Echo devices.
In the new Parent Dashboard in the Alexa app and online, parents can monitor how kids are using their Echos (including all their utterances, or the phrases Alexa thinks it heard before trying to respond) and limit their abilities. According to a Buzzfeed report, Amazon claims it isn't making back-end profiles for users with data harvested from Alexa. While the virtual assistant can now recognize voices and provide personalized answers based on who's talking, the company maintains that data is only being used to make Alexa smarter and more tailored to each user.
(Score: 2) by fyngyrz on Wednesday April 25 2018, @07:14PM (16 children)
The privacy implications only arise if the device is listening all the time. It isn't. The day it's actually caught doing that (and it will be if it goes there), then you'll have a place to stand on this. Until then, vigilance is called for, that's all. It's time for a smoke detector; not time to destroy the house by inundating it with water — it's not on fire.
You should probably keep an eye on Mycroft [mycroft.ai], then. It's open source, they are working on LAN-based STT (and at present offer several different non-LAN STT engines if you have a particular distrust boner for one or the other), and you have full control over every aspect of the software. You can even put it together on a Raspberry Pi, 100% your-environment — you can even type your commands in if you want to wait for LAN-based STT. The speaking part (TTS) can be local, so there's no issue there.
(Score: 3, Insightful) by Arik on Wednesday April 25 2018, @07:22PM (15 children)
What it's supposed to be doing is simply erasing/overwriting what it hears, until the keyword is detected.
Which seems reasonable, but how do you verify it? On a device that accepts updates? Impossible.
If it cannot be verified to work as it should, then it must be presumed to work as it should not.
If I felt the need for something like this, which I don't, then what I would consider 'adequate' privacy safeguards might include having a button-activated mode, where it doesn't even start listening until the button is pushed. If pushing the button were required to physically connect the microphone to the rest of the device, that would be a verifiable safeguard that could not just be eliminated 'in a flash' so to speak.
If laughter is the best medicine, who are the best doctors?
(Score: 2) by takyon on Wednesday April 25 2018, @07:45PM (6 children)
Amazon Echo devices come with a mute button that toggles the microphone on/off. Of course, you have to trust that it is actually doing so, or pull the power cord to be 100% sure.
[SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
(Score: 2) by Arik on Wednesday April 25 2018, @08:03PM (5 children)
Is there a physical mute mechanism that physically disconnects the mic? If it has that, and I can get into it to verify the operation, then that would be adequate. If it's a 'software switch' that sends a signal which the device may or may not decided to honour, however.... nah.
Of course if I were really worried about it I would then have to disassemble the device and go over every component carefully and thoroughly as well - what's to say there isn't a second microphone in there huh? But I'm not, actually, all that worried about it personally. I just hate to pay good money for poorly designed junk. I don't think they shave two cents/unit off a device that sells for several hundred because they want to spy on me. They do that cause they're cheap, and people put up with it. The fact that it enables all sorts of bad behavior (which they might want to engage in!) is just a bonus, but it's one that imposes a massive and growing, but concealed, cost on society as a whole. Loss of privacy, loss of time and money, spying, malware, all of this stuff is the result of the same mentality. The mentality that only counts pennies and doesn't see the value in good engineering and designing things right, only the costs involved.
If laughter is the best medicine, who are the best doctors?
(Score: 2) by AthanasiusKircher on Wednesday April 25 2018, @10:24PM (2 children)
Am I missing something here about why the Echo is a novel concern for your argument?
People have had microphones in their electronic devices attached to the internet for decades. Most of the time, they are turned on and off via a "software switch." It's well-known that they have been used (along with webcams) to spy on people by being enabled remotely. In most cases that have received media attention, this came about through malware or hacking, but also software bugs have created the ability at times. (And who knows what the NSA has done at times...)
So, I'm not saying you're wrong about the Amazon Echo. I'm just not certain what makes it a significantly different concern from a cellphone, tablet, computer with microphone, etc. Do you trust Apple with its proprietary software to not spy on you with an iPhone or iPad or Mac microphone? Would you recommend detailed audits of every update in a similar fashion there? And a lot of such devices with microphones allow third-party software to access microphones with ease. Are you auditing every app and software application installed that theoretically could access your microphone and internet connection? Do you audit every update for those as well?
Unless I'm missing something, the ONLY main difference with the Echo is that you assume it's listening because it needs voice activation to start. If anything, I'd think it's MORE likely that any significant bugs or flaws that caused privacy concerns would be noticed with the Echo, because it's obvious that's how it works and many privacy folks are concerned about it. Meanwhile, most people probably carry around several devices with them all the time or have such devices in many rooms in their house with built-in microphones, but they don't think about the fact they could be spying on them, because they ASSUME the microphone is generally off. As you rightly point out, with only a "software switch," that's NOT a reasonable assumption.
So why are we all talking so much about the Echo as if it's of greater concern here again??
(Score: 2) by Arik on Wednesday April 25 2018, @10:49PM (1 child)
Well I'm a people and I certainly haven't. I think the word that fits better there is 'fools.'
"I'm just not certain what makes it a significantly different concern from a cellphone, tablet, computer with microphone, etc."
Nothing, they're all poorly designed junk.
If laughter is the best medicine, who are the best doctors?
(Score: 2) by AthanasiusKircher on Thursday April 26 2018, @01:05AM
Okay, so at least your perspective is consistent. That's different from a lot of people who seem to suddenly be worried about things like the Echo, when they've basically had surveillance devices in their houses for years.
(Score: 0) by Anonymous Coward on Thursday April 26 2018, @03:28AM (1 child)
"The Amazon Echo does include a physical mute button" according to a security researcher [csoonline.com] (N.B., 2017 story).
(Score: 1) by anubi on Thursday April 26 2018, @07:27AM
You think you have the ONLY mic button?
I'll just post the link. [gizmodo.com]
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
(Score: 2, Disagree) by fyngyrz on Wednesday April 25 2018, @07:55PM (7 children)
It's listening for its wake word, with algorithms that are only (and barely) able to detect it. It's not broad STT. Ergo, it's not listening for the wake word in the "you need to be worried about it" sense.
1) It doesn't have the storage to keep much audio
2) It doesn't have the local STT that would be required to triage what goes into storage
3) It only sends stuff to Amazon when you talk
I don't even count that Amazon has told us explicitly that it doesn't do what you're worried about. It's not possible for it to do it without getting caught - it'll have to use the network in order to know what to listen to / send it along, which would get it caught immediately. Lots of users, including myself, monitor its network activity. It has no other means of communication available to it.
The echo has a mute; you hit that, it's not listening to anything. So mute it until you want to talk to it, then talk to it, then mute it again. The ring lights up red when it's muted, so you can tell what state it is in.
Hack it. Nothing stopping you from getting in there and cutting out the microphones.
(Score: 4, Informative) by frojack on Wednesday April 25 2018, @08:12PM (6 children)
This puts the lie to almost every singe thing you said:
https://www.reddit.com/r/amazonecho/comments/5n2p5y/alexa_speaking_on_no_wake_word/ [reddit.com]
https://www.thesun.co.uk/tech/6032872/amazon-alexa-speaker-listening-conversations-update/ [thesun.co.uk]
No, you are mistaken. I've always had this sig.
(Score: 2) by fyngyrz on Wednesday April 25 2018, @08:16PM (3 children)
Yeah, no. They had a bug for a while. They fixed it. Keep googling.
(Score: 4, Informative) by Arik on Wednesday April 25 2018, @08:46PM (1 child)
And they can "fix it" back again any time they like.
This is EXACTLY what I mean when I say you can't trust it. The fact that they can do it is PROVEN correct by the fact they already did it! And no less so if they did it by accident. They can do it anytime they want, but more importantly, *so can others.* When you have a system that is fundamentally insecure by design, it's not just the manufacturer who can 'pwn' you at will, but also any number of other bad actors who can 'exploit' the same capabilities the manufacturer has, but who will NOT be deterred by any concerns about the manufacturers reputation.
And yes, you can be super paranoid and sniff all the traffic and inspect it constantly. And you have to watch it CONSTANTLY for this to be any good. It could behave exactly as it's supposed to until it receives an update, or possibly just a particular obfuscated command, and then suddenly it's a hostile device. This could happen in mid-sentence. It won't matter how closely you watched the traffic every day for the last 2 months if you aren't on the ball TODAY you won't even notice the change. Who wants to do that though? Who wants to pay good money for something that fundamentally can never be trusted and is always going to have to be watched like a hawk? In practice I doubt very much you are inspecting the traffic in real time, and even if you are the vast majority of owners will not.
Why not spend a few pennies more per unit and make them right?
Oh, what an old fashioned idea. The world economy would die overnight without forced obsolescence and landfills growing across once fertile landscapes. I forgot, carry on.
If laughter is the best medicine, who are the best doctors?
(Score: 2, Insightful) by tftp on Wednesday April 25 2018, @10:38PM
(Score: 0) by Anonymous Coward on Thursday April 26 2018, @12:06AM
It's always a bug, isn't it. Even the 100th time - "Ooops. Our bad. It's a bug."
(Score: 2) by fyngyrz on Wednesday April 25 2018, @08:19PM
Also, I already discussed the patents here. [soylentnews.org]
(Score: 0) by Anonymous Coward on Wednesday April 25 2018, @08:39PM
similar, more recent story: [theverge.com]