A Blog by Jonathan Low

 

Sep 7, 2019

The Reason Your Phone Is Not Listening To You

The big tech companies and telecoms have so many other - and more efficient - means of gathering data about users that listening is not really all that productive. JL

Joe Tidy reports in BBC News:

Tech giants know so much about us that they don't actually need to listen to our conversations to serve us targeted adverts. Advertisers have sophisticated ways of profiling users: Location data, browsing history and tracking pixels, all provide enough information to predict what you might be thinking about buying. "The data from our tests is much lower than the virtual assistant data over the 30-minute time period, which suggests that the constant recording of conversations and uploading to the cloud is not happening on any of these tested apps. If it was, we'd expect data usage to be as high as the virtual assistants' data consumption."
A mobile security company has carried out a research investigation to address the popular conspiracy theory that tech giants are listening to conversations.
The internet is awash with posts and videos on social media where people claim to have proof that the likes of Facebook and Google are spying on users in order to serve hyper-targeted adverts.
Videos have gone viral in recent months showing people talking about products and then ads for those exact items appear online.
Now, cyber security-specialists at Wandera have emulated the online experiments and found no evidence that phones or apps were secretly listening.
Researchers put two phones - one Samsung Android phone and one Apple iPhone - into a "audio room". For 30 minutes they played the sound of cat and dog food adverts on loop. They also put two identical phones in a silent room.
The security specialists kept apps open for Facebook, Instagram, Chrome, SnapChat, YouTube, and Amazon with full permissions granted to each platform.
They then looked for ads related to pet food on each platform and webpage they subsequently visited. They also analysed the battery usage and data consumption on the phones during the test phase.They repeated the experiment at the same time for three days, and noted no relevant pet food adverts on the "audio room" phones and no significant spike in data or battery usage.

iOS data usage vs Hey Siri
Android data usage vs OK Google
The activity seen on phones in the "audio room" and the silent rooms were similar. They did record data being transferred from the devices - but it was at low levels and nowhere near the quantity seen when virtual assistants like Siri or Hey Google are active.
James Mack, systems engineer at Wandera, said: "We observed that the data from our tests is much lower than the virtual assistant data over the 30-minute time period, which suggests that the constant recording of conversations and uploading to the cloud is not happening on any of these tested apps.
"If it was, we'd expect data usage to be as high as the virtual assistants' data consumption," Mr Mack said.
For years tech giants have batted away suggestions that they are using the microphones in our mobiles to spy.
Last year, Facebook chief Mark Zuckerberg was asked if this was happening as part of his testimony before the US Senate to which he flatly denied it.
However, as distrust in tech giants has grown, many users still feel like it's happening to them.
Interestingly, the study found that most of the Android phone apps seem to consume significantly more data in the silent rooms with many iOS apps using more in the audio-filled rooms. Analysts say they are unsure why this is the case but have determined to carry on researching the issue.

Android data usage per app
iOS data usage per app
Regardless, the company co-founder and chief executive Eldar Tuvey is confident that the overall results show that any secret transfer of significant data is not happening.
"I would put my name to the research and say that we found no evidence at all this was happening on the platforms we tested. It might be happening in a way we don't know about - but I would say it's highly unlikely," Mr Tuvey said.
The results won't surprise those in the information security industry who've known for years that the truth is that tech giants know so much about us that they don't actually need to listen to our conversations to serve us targeted adverts.
The reality is that advertisers have sophisticated ways of profiling users.
Location data, browsing history and tracking pixels, for example all provide enough information to predict what you might be thinking about buying.

Social media apps displayed on a mobile phone screen. File photoImage copyright Press Association
Image caption The reality is that advertisers have sophisticated ways of profiling users
They can also link you up to friends via social media information and guess that you might be interested in the things they are searching for.
These techniques are constantly improving and evolving, too.
Mobile advertising and security expert Soteris Demetriou, from Imperial College London, said: "The adverts that you see are a result of huge amounts of data that the companies have about you. They share a vast amount of information across advertising networks powered by machine-learning algorithms that are extremely powerful.
"They now have the ability to effectively know what you could be interested in before even you do," Dr Demetriou said.
There are of course instances where some apps have been found to record user activity for advertising purposes.
Last June, researchers at Northeastern University in the US state of Massachusetts tested 17,000 mobile apps from various Android app stores around the world.
They found no evidence of listening - but they did discover some relatively small applications were sending screenshots and even videos of user phone activities to third parties. Although this was done for development purposes and not for advertising.
It's also accepted that nation-state groups routinely attack the mobile devices of high-level targets for espionage purposes.
In May, WhatsApp admitted that hackers had managed to remotely install surveillance software onto devices through its app.
WhatsApp, which is owned by Facebook, said the attack targeted a "select number" of users and was orchestrated by "an advanced cyber-actor". The security flaw has since been fixed.

0 comments:

Post a Comment