SoylentNews

Coyote and apple in rural New Mexico

That's not actually the title that I wanted for this journal entry but the one I wanted does not fit: "Hypothesis: Google is using the microphone in Android devices to listen to the ambient audio in a room to deliver targeted advertising" and I've put on my scientist hat and I'm putting in my due diligence to falsify or prove this hypothesis. Oddly enough I formed this hypothesis by observing a side channel on my Android phone and after I formed my hypothesis and started doing research I discovered just how many reports exist and serious discussions about this exact topic. I think it's important to point out that I formed my hypothesis first and then found anecdotal evidence about this after I started doing research - that is to say I do not believe I was primed or biased towards this hypothesis because of recent events.

First it will reduce confusion a lot to understand how I personally use my Android phone. I FUCKING hate smart phones with a passion. I own my computers, they do what I want and they don’t do things I don’t want, and I’m extra picky and I will accept no less. The modern smart phone is not a device you own – it’s a device you paid for and posses but that device is owned by the people who control the software on it and that is not us it is the manufacturers and in the case of Android add Google in as well. It turns out this is even the case when using something like LineageOS; continue reading to find out why. I can’t actually get my phone to stop doing things I don’t like nor can I get it to do all the things I like.

I dislike smart phones so heavily I did not use one at all in 2015 and 2016 when I decided to take the battery out of my Galaxy S5 and use a featureless phone appropriate for a third world country instead. It could do WAP but I didn’t even pay for that service, just unlimited talk and text for $25/mo, it has a full qwerty thumb keyboard and the battery lasted for 6 days. I find that to be a very attractive package myself.

What I also like to do though is eat and have a job and in 2017 my job required many different kinds of two factor authentication applications and I was informed I had to get a smart phone. Reluctantly I got my S5 out of storage, put the battery back in, charged it up, fed it the phone network unlock code I pried out of T-Mobile when I canceled the service for this phone originally, put CyanogenMod on it, turned off Wi-Fi and Bluetooth, locked down the permissions as much as I could, added the cheapest data service I could, installed the authenticator apps and PagerDuty and …. thats all. I fucking hate smart phones so I just don’t use my S5 like it’s a smart phone. I make phone calls, I text people and I use the authenticator app. Otherwise my phone is stock CyanogenMod (now LineageOS, I’m up to date) with the Google support programs that the open source Android projects can’t release.

The S5 is actually very nice hardware and even with CyanogenMod or LineageOS on it the battery life is very good. With no radios on except the baseband unit and the fact that I basically do not use my smart phone I could easily go for 3 days with out charging it. I got very used to this behavior and did it all the time and it was highly reliable all the way from Jan 2017 (when I brought the S5 back to life) until around this March or somewhere around 4 months ago. At that point my phone picked up the rather annoying habit of sucking the battery dead in less than 24 hours. A reboot would get the phone to maybe last up to 2 days before it’d start rapidly consuming power. You could see in the power consumption graphs where it changed and the angle goes drastically down in the battery lifetime graph. When auditing the battery and CPU usage it is all accounted to the system and Google Play Services and I thought to myself “great LineageOS has another battery killing bug, I’ll have to tolerate this until it gets fixed.”

A couple update cycles go by and this bug has persisted through all of them. Quite annoyed I looked at the project and there was no discussion about it. The S5 is one of the most common platforms for running LineageOS so if there was a platform issue it would be reported. I needed to look for something else.

LineageOS releases on a weekly cycle but every other week I’m on-call at work and I don’t adjust anything on my phone during that time. I want to make sure it is in a known good configuration while I’m on-call so unless there is a security fix I update on a 2 week cycle. This slowed me down some while I waited for upstream fixes that just would never come.

After I’d given up on the idea of an OS bug I decided to audit the applications that were getting the usage attributed to them. It did not originally click but Google Play Services is not even handled by LineageOS – thats Google software that allows the app ecosystem to function on the phone and with out it there is not very much Android. Now I’m interested in this component and I start doing research.

Googling “Google Play Services high battery usage” returns about 10.5 million results; well ok, something is bound to relate. Now the Play Services are this kind of black hole of activity. Apps can ask it to do tasks for them such as open up the microphone and perform analysis. When this happens the usage is not accounted to the apps but to the Play Services. The only form of control is in the app permissions – an app needs microphone permission to use the mic through Play Services too. There is not, as far as I can tell, any mechanism to audit the activity of or requests into Play Services.

The general advice for this problem is to find the app on your phone that is spying on you and take the microphone away from it. Did you download that shitty free game? It’s been spying on you, dumb ass. Universally. Followed up with “that fixed it, thanks!” – yeah I’m really on the normal people side of the Internet here. Sigh.

So which of the shitty third party apps on my phone is the one spying on me? Is it PagerDuty? Is it the authenticators? They don’t even have microphone permissions. You know what does have microphone access though? Play Services. I don’t need that bullshit so I removed mic access to it. It basically told me my phone wouldn’t be able to do anything with a microphone at that point but that doesn’t impact me in any way.

After I removed microphone permissions from Play Services I got my 3 day battery life back. Well now we are on to something. Except that something is a possible compromise of my phone. But what is the intrusion vector? I don’t have Wi-Fi on, I don’t have Bluetooth on, I don’t browse the Internet and I didn’t install third party apps. I’m basically victim blameless because I’ve busted my ass to be paranoid and meticulous with that phone because I hate it and dislike the idea of a security vulnerability prone spy machine in my pocket.

I’ve got no doubt that something was chewing CPU while listening to the CPU but if it isn’t malware that came in through some security vulnerability that means it could be malware that came in with LineageOS, the Google parts of Android that have to come from a third party, or Google themselves.

It’s been a year and a half since I installed those Google components, I got them from where the LineageOS project recommends, and they were not a problem until relatively recently and have been getting updates from Google – I don’t think they are the malware.

I don’t think the LineageOS project has been compromised and is distributing malware, I don’t think this is an OS bug, and I certainly don’t think Google is running an open microphone and doing analysis on it.

I’ve got a feeling I’m weird enough that there are not that many phones out there in actual “usage” where the variables can be reduced down that low. If you can identify other variables I’d really like to hear about it – please leave a comment – though before you decide to leave a comment please read this whole thing or you risk wasting time trying to falsify this hypothesis.

I’ve got some really great friends who are sharp as a rock and won’t allow me to be intellectually lazy and are accomplished technologists and are quite interested in something like what I’m experiencing so I decide to start talking to them.

One of my friends has many patches in CyanogenMod/LineageOS so he knows the platform pretty well. I asked him about Play Services and told him about what I’m observing on my phone and how it can get into this state. His opinion is that I’m probably right – Play Services probably is chewing CPU while analyzing audio though we can’t easily identify what might be commanding it to do so.

He also said oh by the way I’ve got the feeling lately that Google is showing me advertising for things I talk about with my friends in person only and have never typed into a computer or smart phone. But I’m not confident I haven’t leaked this information through some other vector and I’ve never bothered to try to analyze this and control variables. This individual is wholly committed to the Google ecosystem, does not hate Google, is not paranoid, and doesn’t even particularly care if Google was listening to him and provided targeted advertising. I did make a point to ask him if he thought there was a point where Google started reacting to him talking and before that it didn’t happen and he said yes he can think of that point but he doesn’t believe this is enough to rule out something like confirmation bias or bias to only remember significant events when presented with random things. We are being properly scientific here – my hypothesis is pretty extreme after all.

Another friend of mine discussed for a few hours the difficulty of providing sufficient evidence that would convince him that my hypothesis is true. There are many many problems that exist here and the biggest one I can think of is bugs. No mater what evidence I can provide to explain the behavior of my phone there is always the possibility of it simply faulting and not operating properly and this is a non-issue entirely. It makes this problem essentially unprovable.

I hit the Internet more this time looking up something like “Google spying targeted advertising” and there is a ton of people posting to forums and comment sections with “I think Google is showing me targeted advertising based on what I say and never type into a computer.” And the responses are near universal:

1) You are leaking this in a way you just don’t know about
2) You have bias that is influencing you and this is not actually true
3) The prediction technology that Google has is so good they can predict that based on other sources of information besides typing it into a computer or hearing it on the microphone
4) There is another app that is spying on you, it is not Google, find the shitty app you downloaded and this is your fault dumb ass

There is one other very notable comment I saw and there was not any follow up comments to it. “It doesn’t matter if Google is doing this right now or if they are not. The fact is that Google will do that the moment they thought they could get away with it.” I believe that is true fundamentally though I still don’t really feel like that time is now. At this point I’m starting to wonder why I feel like it wouldn’t be now and if I should give up on bothering with how I feel.

At this point I’ve seen a ton of anecdotal evidence to believe I’m on a path worth forming an experiment over. But anecdotal evidence is not useful for anything more than that really and what I’d like to see is some information from reputable sources where there is something like a professional doing the writing and integrity and the probability of being trolled is low. I would like something where I can believe people are acting in good faith and that’s not going to happen in a forum.

There are plenty of articles out there in the past few months that address this specific issue in reputable publications such as the Guardian and the BBC. Most of the publications are specifically about Facebook (which is something completely different than what I’m talking about) and most of the articles come to the conclusion that it is not reasonable to assume that someone like Facebook or Google is listening to everything going on and using it to target advertising. Though the BBC did fund a proof of concept spy system that could grab audio from an Android phone microphone and send it back to a server for real time analysis and did it using normal Android components in a few days. While that proof of concept was successful no one involved believed it was likely that was actually going on.

Again the explanation becomes centered around biases and leaking information in ways that people are not expecting or sophisticated technology able to identify other patterns. And while that is creepy it isn’t a microphone listening to you so they can target advertising at you.

Because who would do that, really?

A bunch of reporters is interesting but that’s not a primary source. Actually reporters can be kind of dumb and lazy even if they are acting in good faith. Can I find a primary source for something like “Google microphone targeted advertising?” Maybe some security researcher has figured out how to audit the Google Play Services activity or has done a MITM or some kind of side channel attack. Or I could find this published by Google in 2006: Social- and Interactive-Television
Applications Based on Real-Time Ambient-Audio Identification

Michael Fink
Center for Neural Computation, Hebrew University of
Jerusalem,
Jerusalem 91904, Israel
fink@huji.ac.il

Michele Covell and Shumeet Baluja
Google Research, Google Inc.,
1600 Amphitheatre Parkway, Mountain View CA 94043
covell@google.com and shumeet@google.com
Abstract

This paper describes mass personalization, a framework for combining mass media with a highly personalized Web-based experience. We introduce four applications for mass personalization: personalized content layers, ad hoc social communities, real-time popularity ratings and virtual media library services. Using the ambient audio originating from the television, the four applications are available with no more effort than simple television channel surfing. Our audio identification system does not use dedicated interactive TV hardware and does not compromise the user’s privacy. Feasibility tests of the propos ed applications are provided both with controlled conversational interference and with “living-room” evaluations.

Of course everyone knows that phones have been listening to digital sub-carriers that are mixed into television programming – that’s been going on for years now. I’m pretty sure even lay people know that happens at this time.

That is not what this paper describes at all. This paper describes a really clever system for reducing many seconds of audio down to a few bytes and sending it off for content matching.

Instead, we introduce a system that can simply ‘listen’ to ambient audio and connect the viewer with services and related content on the Web. As shown in Figure 1, our system consists of three distinct components: a client-side interface, an audio-database server (with mass-media audio statistics), and a social-application web server. The client-side interface samples and irreversibly compresses the viewer’s ambient audio to summary statistics. These statistics are streamed from the viewer’s personal computer to the audio-database server for identification of the background audio (e.g., ‘Seinfeld’ episode 6101, minute 3:03).

This topic was discussed by MIT Technology Review Googling Your TV

Prototype software from Google Research could listen to your TV and send back useful information – and ads of course.

Do you remember the Google Chrome/Chromium audio blob that was pushed on users in 2015? I now believe that is when Google shipped the production version of that technology and it went out to PCs first.

I believe what is happening now is that Google has figured out how to get the algorithm performance good enough it can run on a smart phone and they have started releasing it to the public.

So now if you watch something like this live experiment to test this hypothesis on Youtube all you are looking at is what Google invented 12 years ago and seems to finally got around to deploying.

Then the guy goes and doubts himself again.

An open microphone listening to everything in a room so advertising can be targeted at you. Who would do that?

Chinese defend Einstein's portrait of their people as 'filthy' and 'obtuse'

Chinese internet users have defended Albert Einstein’s recently published travel diaries in which the physicist calls the Chinese “industrious, filthy people.”

[...] While some internet users called for a “boycott of Einstein” and said his observations proved “all humans, even Einstein, have a stupid, shallow side,” most said the China Einstein witnessed is nothing like it is today. “Einstein went to China at the wrong time,” said one Weibo user, describing the early years of the Chinese republic, established in 1912, which came after centuries of imperial rule. “Hunger, war, and poverty all pressed on the Chinese. How could Chinese people at the time gain Einstein’s respect?”

Many were in strong support of the scientist: “This is called insulting China? That’s ridiculous. Did the Chinese in that era look dirty? When I see the photos from then, they look dirty, Einstein depicted the true state of that era.” Others compared the scientists’s observations to that of Lu Xun, considered the father of modern Chinese literature, who was best known for his scathing satire of Chinese society in the early 20th century. “We praise Lu Xun because he pointed out our disadvantages. Why should we blame Einstein for this?”

[...] The state-run Global Times published an editorial on Friday praising the level-headed response of Chinese internet users. The author, who goes by the pen name Gengzhige, wrote: “I’m curious what Einstein would write now if he saw the open attitudes most Chinese show today toward his private diary.” The editorial elicited over 2,000 comments. One of the most liked responses said: “Dignity is earned by oneself, not given by others.”

But there were some dissenting voices amongst the comments: “This is just racism. We can see that Einstein is strong in physics but he doesn’t understand humans at all.”

Some Chinese Are Actually Defending Einstein's 'Racism' Against Their Ancestors

Previously: Albert Einstein: Racist

President Donald Trump’s former campaign chairman Paul Manafort is going to jail.

On Friday, Manafort was ordered into custody after a federal judge revoked his house arrest, citing newly filed obstruction of justice charges. The move by U.S. District Judge Amy Berman Jackson made Manafort the first Trump campaign official to be jailed as part of special counsel Robert Mueller’s investigation.

Already under intense pressure to cooperate with prosecutors in hopes of securing leniency, Manafort now loses the relative freedom he enjoyed while he prepared for two criminal trials in which he faces the possibility of spending the rest of his life in prison.

Judge jails ex-Trump campaign chair Manafort ahead of trial

Tooooo much fun!
http://www.cbc.ca/radio/q/blog/watching-this-8-year-old-girl-play-led-zeppelin-on-drums-will-make-your-day-1.4704537

Remember all those unproven allegations lobbed at the Clinton Foundation without any evidence? Turns out Trump was projecting again and it was HIS foundation committing crimes, according to the NY Attorney General.

The New York attorney general filed suit against President Trump and his three eldest children Thursday, alleging “persistently illegal conduct” at the president’s personal charity, saying Trump repeatedly misused the nonprofit organization — to pay off his businesses’ creditors, to decorate one of his golf clubs and to stage a multimillion-dollar giveaway at his 2016 campaign events.

In the suit, filed Thursday morning, Attorney General Barbara Underwood asked a state judge to dissolve the Donald J. Trump Foundation. She asked that its remaining $1 million in assets be distributed to other charities and that Trump be forced to pay at least $2.8 million in restitution and penalties.
Underwood said that oversight of spending at Trump’s foundation was so loose that its board of directors hadn’t met in 19 years, and its official treasurer wasn’t even aware that he was on the board.

Instead, she said, the foundation came to serve the spending needs of Trump — and then, in 2016, the needs of his presidential campaign. She cited emails from Trump campaign staff members, directing which charities should receive gifts from the Trump Foundation, and in what amounts.

New York files suit against President Trump, alleging his charity engaged in ‘illegal conduct’

Einstein's travel diaries reveal 'shocking' xenophobia

Einstein’s travel diaries reveal racist views of Chinese: industrious, filthy and obtuse

Albert Einstein’s best ideas came when he was aimless. Yours can too

If I only had money to invest with (hey SoylentGreens (it's people!!!); anyone want to buy me a share?

https://www.startengine.com/mycroft-ai

I can't even afford to get a Mycroft-box, though my raspi Mycroft works fine...love the fem-voice.

But yeah...if I had spare cash, I'd love to get in on this (but currently Canadians can't invest anyways due to startengine goofs).

"Hey mister, buy me this, I sucky sucky so good, me so horny!"

Any other hams out there doing the VHF June contest? I didn't even expect to get out of my maidenhead grid but I've got contacts into the squares north and south of me! I didn't know VHF could do this.