SoylentNews is people
SoylentNews
from the Alexa,-order-two-tons-of-creamed-corn.-Alexa-confirm-order dept.
Gizmodo has an article up that The Amazon Alexa Eavesdropping Nightmare Came True
A German Amazon user requested data about his personal activities under the EU's General Data Protection (GDP) regulation.
This individual owned no Alexa devices, but still received over 1700 recordings of what were purportedly his commands.
Some of the files reportedly related to his Amazon searches. But according to the report there were also hundreds of Wav files and a PDF cataloging transcripts of Alexa’s interpretations of voice commands. According to c’t magazine
The recordings revealed the victims’ personal habits, jobs, taste in music, schedule, alarms, social life, and even caught him showering.
The recordings were not of the recipient's voice nor anyone he recognized. When he contacted Amazon, he received no response (other than the link to the file going dead). He then contacted C't Magazine.
Using the information they gathered from the recordings, the magazine contacted the victim of the data leak. He “was audibly shocked,” and confirmed it was him in the recordings and that the outlet had figured out the identity of his girlfriend. He said Amazon did not contact him.
When asked for comment by Gizmodo
Amazon sent Gizmodo the same statement it had shared with Reuters. “This was an unfortunate case of human error and an isolated incident. We have resolved the issue with the two customers involved and have taken steps to further improve our processes. We were also in touch on a precautionary basis with the relevant regulatory authorities.”
While not a common type of mistake, inappropriate sharing of conversations and recording is also hardly unheard of. For example a Portland woman found her Echo had sent a recorded conversation between her and her husband to one of his employees.
As a reminder, you can delete your Amazon Echo recorded history or just parts of it should you wish to do so, as described here.
(Score: 2) by donkeyhotay on Monday December 24 2018, @03:31PM (2 children)
"...As a reminder, you can delete your Amazon Echo recorded history or just parts of it should you wish to do so, as described here..."
Or, you could just not have an Amazon Echo in the first place. I'm still at a loss as to why anyone would want one of the damn things.
(Score: 2) by takyon on Monday December 24 2018, @03:45PM (1 child)
I can easily imagine a future in which every new smartphone, dumbphone, smartwatch, laptop, and TV has either Alexa, Google, Siri, Bixby, or whatever on it. Along with some other devices such as wireless headphones.
This scenario is enough to make Soylentils cringe, but in truth you probably have to activate the voice assistant function and link it to an online account in order to get pwned like this. Although you may be subject to vulnerabilities that allow automated IoT botnets to take over your device. An attacker could activate millions of microphones, record audio in low bitrate Opus, collect it all, automatically transcribe it, and have an algorithm search for anything that could be used for breaking into bank accounts or blackmail.
[SIG] 10/28/2017: Soylent Upgrade v14 [soylentnews.org]
(Score: 3, Funny) by Anonymous Coward on Monday December 24 2018, @03:50PM
Or they could use it to find out what everyone wants for christmas and send them all presents.