Wasn’t there just a storey a couple days ago that apps where not doing this but taking screenshots and videos on the screen and sending that.
Hundreds of smartphone apps are monitoring users through their microphones
Submitted 1 month ago by lebkuchen@feddit.org to technology@lemmy.world
Comments
Auli@lemmy.ca 1 month ago
acosmichippo@lemmy.world 1 month ago
i used to think this as well (i have never used any facebook apps), but last night something happened that made me question it.
My wife and i were going through a chipotle that was right next to a Popeye’s. As we were waiting i looked over to popeyes and saw some posters for their new pickle chicken stuff and asked my wife “the fuck is a pickle ‘glaze’?”
literally a few seconds later she opens instagram on her phone and is shown a video of a person making pickle brined chicken.
yes yes it could be a coincidence, but i am a lot less certain of that now.
slumberlust@lemmy.world 1 month ago
The way I’ve heard it is that it’s not just coincidence nor microphone scanning, but just the effectiveness of targeted ads in general. You could be within wifi range of other users who are searching for pickle stuff or you yourselves have a history of pickle purchases, etc. This stuff is scary specific already.
jaredt@lemmy.ca 1 month ago
A few years ago, I would have said you were being overly paranoid. Nowadays, I’m in the same boat.
Also, the fuck is a chipotlane?
AcidicBasicGlitch@lemm.ee 1 month ago
I know I’m usually on the more paranoid side, but I’ve always assumed everything I do on a smartphone is potentially being monitored via camera or mics.
If the apps are just taking screenshots, or recording a few seconds of data via mic, it would be almost guaranteed that certain corrupt (and also paranoid) governments that are dismissive of privacy rights could force or bribe those apps to allow them to also access screens, mics, and cameras anyway, right?
I’m in the U.S., and especially with how glitchy my phone has suddenly become over the last few months, I’m just at the point where I just assume that’s what’s going on.
I had the same android for like 4 years without many issues, then suddenly around February it just became almost impossible to use. Weird glitchy things with the size of the tool bar at the bottom of my screen and the popup keyboard. Redirect notifications all the time for certain websites, and my VPN connection is just constantly interrupted and having to be reset.
I finally was like fuck it, this is an old phone so maybe that’s it. Brand new phone, but most of the same issues.
I use signal instead of text most of the time, and switched a lot of things to proton mail, but if someone is potentially recording your screen, does it really matter if what you’re doing is encrypted?
thangcuoi@lemm.ee 1 month ago
Which VPN provider are you using? How do you know they are not the one monitoring your phone?
Did you obtained your phone from a trusted source, such as an official seller. Some phones purchased from overseas might have “International ROM” installed by the seller, which compromises the integrity of the device.
Consider having a trusted tech friend look over your phone to see if the device has malware installed.
0x0@infosec.pub 1 month ago
nvd.nist.gov/vuln/detail/CVE-2023-21083
I guarantee you that the green dot means diddly squat.
chaospatterns@lemmy.world 1 month ago
Past vulnerabilities doesn’t mean there is active mpdern vulnerabilities especially ones in widely tested operating systems that’s exploited by as many apps as people claim are listening when security researchers also regularly reverse engineer and analyze the source code of popular apps to figure out what they’re doing.
Its one thing to claim there’s some a system level bypass for the icon that the NSA uses to spy on its enemies, it’s another thing to claim that it’s being exploited on a wide scale by a tech company.
dev_null@lemmy.ml 1 month ago
This link proves how robust the security research is and how quickly bugs like that are patched.
WalnutLum@lemmy.ml 1 month ago
I used to work for a mobile advertiser, and we installed hella bloatware on phones.
This idea was floated a couple times but was deemed not very effective cause you’d have to store and process hours and hours of audio data that didn’t tell us much more than just having a week or so of GPS data, your Facebook profile, and your phone IMEI.
It’s pretty easy to see if you’re near a Popeyes and what other IMEIs are connecting to the same tower, extrapolate that to you being near your wife and you and your wife thinking about shit on the Popeyes menu.
Boom targeted ad/video for fried chicken.
The rest is general tech paranoia leading to Apophenia.
There’s no microphones or cameras, it’s just the already gigantic mountain of data anyone who uses a smartphone is constantly broadcasting getting ground through the big data machine that has been the pillar of all tech since the last recession.
Ulrich@feddit.org 1 month ago
I mean that could be solved as simply as a local transcription service…
WalnutLum@lemmy.ml 1 month ago
And do what? Sentiment analysis on the conversation you were having?
Remember semantically aware models are still fairly new and even they lack the context for a particular field if text. That’s something even the new fancy LLMs struggle with.
Unnecessary when there’s way better targeted models trained on years of data that people willingly send as part of everyday smartphone use.
TehWorld@lemmy.world 1 month ago
Also, have you ever been butt-dialed by someone? 99% of the time you can’t understand a single word, let alone enough to make any semantic sense out of.
Appoxo@lemmy.dbzer0.com 1 month ago
But wouldnt it be a moot point if I restrict access to GPS for all apps?
How much of that data is from Google/Apple (e.g. Google Maps).WalnutLum@lemmy.ml 1 month ago
If you use android google grabs your GPS data regardless, you have to root and disable it.
Apple does the same thing but they didn’t have their pants occupied by third-party network’s fingers like google did until the pixel came out.
Google maps is basically a beacon for AdMob to target you nearly perfectly.
Also using “fine location” in any app grabs the nearby wifi list and sends it to Google/apple if it’s not cached.
Also most ad providers these days have made deals with major networks that let them tell what tower your IMEI pinged off of.
It’s why google tried to push android/ad IDs, way less info for the networks to advertise over, and it also put the tracking in their hands instead.
CannedYeet@lemmy.world 1 month ago
If it’s trying to figure out if you’re watching Stranger Things it can look for when your stationary at home and just needs to record a few seconds at a time every few minutes. I don’t know how the fingerprinting works. It might be able to run locally and not use a ton of power. We’re talking Shazam, not full text transcription.
Blackmist@feddit.uk 1 month ago
Here’s the thing. If you watch that, Netflix know your IP. If you’re on an Android TV box, Google will know your IP.
Odds are your phone is on the Wifi. Linked through IP. Now you get ads for Stranger Things on your phone. It doesn’t need to listen because everything is so leaky. You are linked on so many devices.
Korne127@lemmy.world 1 month ago
But… they can’t access the microphone without the user explicitly allowing
Arcane2077@sh.itjust.works 1 month ago
Only on iOS
pHr34kY@lemmy.world 1 month ago
I can be absolutely certain no apps can access my mic in the background. Even when in the foreground, there is a hot-mic indicator.
prole@lemmy.blahaj.zone 1 month ago
Not only on iOS. I use Android and my microphone is always off unless I allow a specific app to use it, and even then, I have the option of only allowing it for that one time.
Mic and camera are always off.
stebator@lemmy.world 1 month ago
Because it is software-based access control, it is impossible to guarantee that access really has been disabled. Thanks to Apple’s design, we now live in a world where users are not supposed to detach batteries or physically turn off microphones and cameras; it’s all software-controlled. The problem is that software can be hacked and have backdoors. Also, thanks to Apple’s smart design, users can no longer upgrade the memory sticks on their Mac Minis and MacBooks. Why do I say it is all Apple’s fault? Unfortunately, other manufacturers copy these design ideas…
dv48@lemm.ee 1 month ago
I thought Android has a non bypassable green dot in the notification bar when the micro is on ?
SpaceScotsman@startrek.website 1 month ago
Users need to know what this dot means, and some like children or the elderly will likely not understand the ramifications
JigglypuffSeenFromAbove@lemmy.world 1 month ago
I feel like you’re missing the point. Showing a green dot still doesn’t solve the problem or make it ok, especially when this technology works in the background and can capture sound even while the device is in your pocket, like the article says.
I don’t think we should have to be on the lookout for a little dot showing up on the screen constantly. It shouldn’t even ask for microphone access unless it’s absolutely essential for the app’s main purpose. “Features” like this should always be off by default and buried deep in the settings. If people really wanted it (they don’t), they’d go in and turn it on themselves.
dv48@lemm.ee 1 month ago
You’re absolutely right but that wasn’t my point. I thought that if one of my installed app was doing this, at some point I’d have seen it without even being on the lookout.
SCmSTR@lemmy.blahaj.zone 1 month ago
It’s probably bypassable too. And, anytime the microphone is used, you have no idea the multiple extents that data is being used for.
poopkins@lemmy.world 1 month ago
Apps can use the microphone in secret and there’s no way to know when they’re using the microphone? This is a major security flaw in Android!
mrvictory1@lemmy.world 1 month ago
afaik Android System Intelligence and apps using that will not show the mic icon
Mediocre_Bard@lemmy.world 1 month ago
I keep my phone in a chip bag and only pull it out to LARP the preparation for the assassination Franz Ferdinand in general terms without naming actual places or names.
sugar_in_your_tea@sh.itjust.works 1 month ago
That’s a good way to always keep chips on hand.
elucubra@sopuli.xyz 1 month ago
Right around the confinement my sister and I were talking about getting some seeds for my mom. Neither of us searched for seeds. From that point we both started to get ads for seeds, many for the ones we had talked about in particular. This thing was so unequivocal that it proved to me that our phones listen. Maybe they don’t analyze, but they definitely listen for words actionable for an advertising purposes.
TankovayaDiviziya@lemmy.world 1 month ago
That’s why i always forbid access to my microphones by apps. Many AI apps will also remember what you discussed long ago.
REDACTED@infosec.pub 1 month ago
OS doesn’t need permissions to access hardware
WildPalmTree@lemmy.world 1 month ago
More likely, your late’ish habits and searches combined with age and another mountain of data correlated with people that have the same thought. We are no snowflakes.
3dmvr@lemm.ee 1 month ago
The thing is you can test it, simply never search anything related to it and see if you get ads, maybe I accidentally searched something but it works, or it could be wifi based maybe they searched something and it effected everyones ads, this could make sense if my roommates searched stuff and it effected my ads
Ileftreddit@lemmy.world 1 month ago
Instagram at least listens thru your mic, for sure. At least on my wife’s phone, she gets targeted ads based on conversations we have in the car with no music playing
KeenFlame@feddit.nu 1 month ago
About things the other person has searched for and visited and when their networks touch it spreads. It’s easy to do without a mic
altphoto@lemmy.today 1 month ago
Go ahead, make TVs more smart. We literally removed our TV thus weekend. If you want me to upgrade it, please removed the spyware.
i2ndshenanigans@lemmy.world 1 month ago
My tvs are connected to an SSID that can’t hit the internet. I blocked them before but my dumb ass neighbor left their WiFi unprotected and my tvs just connected to them because it couldn’t get out the internet on my network. So I created an SSID logged them in and blocked it from the internet. It doesn’t bounce to open WiFi anymore. If I block it completely from the network the WiFi just disconnects from the network because it can’t hit anything. I have LG’s.
cevn@lemmy.world 1 month ago
The fact that they just desperately jump on any network is absurd. Its acting like malware.
jpreston2005@lemmy.world 1 month ago
That is an insane thing to have to do. Having to manipulate your TV into not doing something you don’t want or require it to do.
Emerald@lemmy.dbzer0.com 1 month ago
Why is it even legal for it to just hop open networks automatically? Sure, if you leave your wifi unsecured you’re dumb and anyone can access it, but it’s still not a network you have permission to access
Lemminary@lemmy.world 1 month ago
Same. The only ‘TV’ I currently own is my monitor. Fuck that shit, I’m so over modern television as a concept.
SynopsisTantilize@lemm.ee 1 month ago
Next TV that breaks and we won’t have one. I’ll do a projector for movie night and that’s it.
GooberEar@lemmy.wtf 1 month ago
On the other hand, it’s amazingly easy for advertisers to figure out what topics / products you’re talking about without the need for constantly recording via your microphone. In most instances, it doesn’t even really make sense to constantly record audio via the mic to monitor folks, other means are much more cost efficient while being just as effective. That’s not to say that some app isn’t or hasn’t done it, just that historically speaking, it hasn’t been as ubiquitous as a lot of people seem to think or imply.
Sometimes with these things, you have to apply Occam’s Razor.
I stayed with some family during the holidays a few years ago and they are conspiracy theory fanatics unfortunately. The type that swear their phones are listening to everything they say. They get ads for things they’ve only ever talked about in person. That sort of thing.
As proof, they pointed out how the prior night the topic of old timey candy from our childhoods came up and all of a sudden they were getting news stories and facebook ads about those liquid filled wax bottle candies. To them, the only plausible explanation is that our phones were listening to us.
Except, as I pointed out, I specifically looked those wax bottle candies up later that night because I was curious if they were still for sale. They live way out in the country and there’s limited cellular data, so basically everybody there that night was using the same wifi connection. Which means, our internet activity is all linked because to the outside world, we’re all on the same network/IP address. Even more curious, though, nobody got ads for any of the other candy that we talked about and which I didn’t specifically look up. So, if our phones were actually recording us and serving up ads based on the things we talked about, then why didn’t we get ads for Blackjack gum, wax lips, and Brach’s? Only the very specific one I happened to search for.
Melvin_Ferd@lemmy.world 1 month ago
This is what a lot of people don’t get. Plus often people see an ad or content and forget. Later they bring it up without realizing the thing is trending. It’s all self feeding.
GooberEar@lemmy.wtf 1 month ago
So much of social media (and online in general) is just ads in disguise and people shilling products, intentionally or otherwise, and it ultimately spills over into real life conversations. So I agree with you completely.
You might have given a thumbs up to your aunt Gina’s photo of her and her friends at the office party celebrating her promotion. Ad networks see it as you interacting with a photo that contains a bottle of Schmudd soda, even if that’s a detail you didn’t even notice.
You have dinner with your dad that night and the topic of Schmudd comes up due to the latest forced controversy (ermagerd the trans) so naturally when you start seeing Schmudd commercials the next day, you might assume your phone was listening to that conversation. But actually the reason you’re seeing the ads is because of the thumbs up to aunt Gina’s post.
And yes, the tracking and analytics tools find those types of patterns and relationships, and so much more. And they’ve been able to do that for over a decade. No telling how good it’s gotten since I was last working adjacent to that field.
humanspiral@lemmy.ca 1 month ago
Good thing everyone diligently reads the T&A of Pool 3d before using it. You are reading every line of text before you hit agree, and then uninstall, right?
viking@infosec.pub 1 month ago
And people wonder why I keep rooting my Android phones.
Without advanced permission denial and file access restrictions, phones will spy on anything and anyone.
dev_null@lemmy.ml 1 month ago
That helps with other dangers, but in this case all you need to do is not give “Pool 3D” access to the microphone, no rooting required.
Psythik@lemm.ee 1 month ago
Use NextDNS with strong filters and the DDG app with App Tracking Protection turned on. Stops the vast majority of privacy-invading shit from getting to 3rd parties.
masterofn001@lemmy.ca 1 month ago
I use shizuku for hidden api/shell access…the devs of that have an app called appops which, you guessed it, allow you to change any appops permission for any app. Allows denying/ignoring clipboard access, device identifiers, location, microphone, etc.
::: spolier Appops screenshots
Image :::
Psythik@lemm.ee 1 month ago
App Ops still works? I haven’t used it in over a decade.
JATtho@lemmy.world 1 month ago
This might just push my fear of targeted ads enough to give in to my idea of a nearly soundproof box for my phone when I’m not using it. :(
FMT99@lemmy.world 1 month ago
Just install an OS that allows per-app microphone permissions. I’m running LineageOS and I can tell it for example to only allow Whatsapp mic access when I actively open the app. Actually according to the article, the same can be done on plain Android too.
Lemminary@lemmy.world 1 month ago
You could remove the mic and pretend it’s a modern iPod 😁
JATtho@lemmy.world 1 month ago
Nah, I’m not that paranoid and I need the mic for calls.
kepix@lemmy.world 1 month ago
yeah, alphonso appeared on my mibox, eset called it a trojan right after the update. had to delete it through adb, cause its a “system app”
iknowitwheniseeit@lemmynsfw.com 1 month ago
Reading this made me wonder if I was having a stroke, because it seems like English but I don’t recognize so many of the words. 👴
GreenKnight23@lemmy.world 1 month ago
me to my phone right now
mr_pip@discuss.tchncs.de 1 month ago
is this still a surprise to anyone here?
A_Random_Idiot@lemmy.world 1 month ago
Yes.
Not to you or me, but there are tons of people, even here, that are absolutely incredulous towards the idea that its possible.
GiveOver@feddit.uk 1 month ago
I’m part of those people. The usual argument is that everybody’s phone is listening all the time, without agreeing to permissions or showing the mic notification or anything like that. I’ve never seen any proof of that. This article is about a bunch of shovelware apps (Pool 3D, Beer pong: Trickshot, Honey Quest etc) that aren’t even listed anymore. There’s nothing about them skirting permissions or hiding the notification.
People see the headline and assume it’s Facebook et al.
socsa@piefed.social 1 month ago
I mean it implies that these apps are both violating permissions (in many cases) and the android visual indication of an active microphone. So far I have seen no actual proof that this is the case. Mic activity is logged. You can debunk this yourself easily.
nomy@lemmy.zip 1 month ago
I remember a bunch of people freaking out about this a few years ago.amd an equal number telling them they were paranoid.
You can talk about stuff and your phone will just magically start suggesting related items. Why would anyone be surprised the monitoring device in their pocket is monitoring them?
3dmvr@lemm.ee 1 month ago
Anyone whos said anything outloud and then immediately got an ad should know by now that its some conspiracy, its easily testable by not searching something and just talking about it while having an app open, the more obvious one they track is dms, if I dm someone something (text based not posts) ill get ads or posts related to it.
3dmvr@lemm.ee 1 month ago
Im assuming they target your wifi too, because my ads change to reflect what I do on other devices too
twice_hatch@midwest.social 1 month ago
Not helpful
Alpha71@lemmy.world 1 month ago
Beer pong
Yeah that sounds like an app user who would be okay with his audio being recorded…
hansolo@lemm.ee 1 month ago
An app where all you end up recording is “Bro! Bro! Bro! Broseeeeph! Let’s gooooooo, Bro!”
LoveSausage@discuss.tchncs.de 1 month ago
No they dont , they dont have to. Far easier to get things other ways.
CeeBee_Eh@lemmy.world 1 month ago
Yes, but also no. You’re underestimating advertisers’ greed for data.
It’s actually trivial nowadays to build a background service like that.
LoveSausage@discuss.tchncs.de 1 month ago
Which would show up in network traffic , which it doesnt. There is no need for it.
altphoto@lemmy.today 1 month ago
How can they tell I’m popping?.. Oh…what if I stopped flushing? So is that why some people don’t flush? They’re trying to be stealthy!
Shardikprime@lemmy.world 1 month ago
May be even dozens
solrize@lemmy.world 1 month ago
Article is from 2018. Someone must have pasted the url from hacker news where the same story was dug up recently.
nalinna@lemmy.world 1 month ago
Is that to say that it’s no longer valid? Or just that it’s old news? The list of apps associated with the software is still pretty extensive; Google Assistant even showed up.
Kecessa@sh.itjust.works 1 month ago
Well these days Android asks for more permissions so I guess it would prevent it in many cases by preventing access to the microphone for apps where you don’t want it…
thangcuoi@lemm.ee 1 month ago
7 years is a long time in tech.
Google Assistant is supposed to listen for the “Hey Google” trigger word. How else do you expect to use your device hand-free.
PattyMcB@lemmy.world 1 month ago
Old news. It was old news in 2018