this post was submitted on 04 Aug 2024
77 points (96.4% liked)

Privacy

32442 readers
684 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

I'm learning a language, I speak it in public to other people who do. I don't research the language, because I have some old text books on it. My partner doesn't speak it and doesn't research it on their devices. I don't normally have my phone on me in public, but my partner does. It took about 4 months of publicly speaking in the language before they got ads

What do you think this means?

::edit::

It was a Reddit ad and my city has embraced those AI smart cameras, so I assume some of those are Google owned which makes sense with Reddit and Google's recent alliance. This is assuming our devices aren't listening to us without our permission and AI cameras are mining data on passersby

Other theories are that since cellphones are involved it doesn't matter if I nor my partner ever searched for the language, at some point my phone or partner's phone was near someone who spoke that language and the data brokers/ad sellers inferred from there

Seems like the consensus is that I must have posted in the language on some social media or used Google to research it or made some new friends who speak the language and that's why

you are viewing a single comment's thread
view the rest of the comments
[–] otp@sh.itjust.works 52 points 4 months ago* (last edited 4 months ago) (2 children)

I think "the microphones are listening when they're off" is still a conspiracy theory at this point. It's not really needed to get enough information.

Are there any ways that Google could find out that you're interacting together?

  • Do you share an IP address/router?
  • Do you watch YouTube videos in that language?
  • Do you use any messaging apps where you speak that language with other people, but also speak with your partner?
  • Do you access any Google services (with a Keyboard for that language installed) that your partner also accesses?
  • Do you use location services that could pinpoint both of your locations to the same street address?
  • Does your partner interact with any of the people you're learning that language with? (E.g., Social media friends, "Contact"s, live in the same geographic region)
  • Is your device on the same network as your partner's*? (Wi-Fi or Bluetooth)

I'm not saying these are all ways that Google uses, but I believe that each of them are ways that Google would be able to associate that language to your partner.

[–] EngineerGaming@feddit.nl 20 points 4 months ago (2 children)

Yea, that is my problem with the "always listening" theory. I am sure they're capable of that, but don't think they're doing it just because they can get more data with a fraction of the cost by more "traditional" tracking.

In a way, it is scarier than listening - because listening is far easier to understand than the multitude of ways the data is collected and combined.

[–] otp@sh.itjust.works 4 points 4 months ago

Exactly. They definitely could, but there'd also be potential legal issues, and it'd just be much more expensive to analyze sound data.

If it's done on each device, then their battery power would suck, and performance would decline. Sure, they could do that, but I imagine most phone manufacturers would rather sell more phones and make money from app companies (Meta, Google) who pay to have their apps pre-installed on the phone. Or Samsung and Apple, who have their own ecosystems for mining data like Google does.

If they were instead just uploading audio to central servers (which could mitigate legal issues due to "anonymizing" the data), then they'd be paying for the computational power to analyze all that data.

Again, completely possible, and likely in use with things like Alexa and Google Home. But on our phones (and laptops for that matter), they have so many other cheaper ways to get probably the same quality of information.

[–] muntedcrocodile@lemm.ee 1 points 4 months ago (1 children)

There is the Near-ultrasonic that can be used to transmit data and it seems that that is always listening so full audio isnt that far. But yeah i recon ur right its too risky when they have plenty of alternative ways to get the same data.

[–] EngineerGaming@feddit.nl 4 points 4 months ago (1 children)

It is not about "too risky". It is about "costs much more in processing power while providing a fraction of the info".

[–] ArcaneSlime@lemmy.dbzer0.com 1 points 4 months ago* (last edited 4 months ago)

Tbh, my theory wouldn't be too much more.

My theory is not that they're always listening and sending a live stream of audio back to some dingus in headphones. It has to be always listening for the trigger words, right? That's how it works, you say "yo siri" and she hears you, so it must be listening at least for the trigger word. With that in mind, what's to stop them from using other, secret trigger words, which may even behave differently than the advertised ones? Like say I'm Joe Bridgestone, and I pay google to add "tires" or "new tires" as silent trigger words, and instead of "activating" the google bitch it sends ads for Bridgestone Tires? Why wouldn't that be possible? It'd also be harder to catch them, as opposed to "literally a 24/7 hot mic." Tbh I find it hard to believe that the NSA hasn't at least tried to get this up for words like "bomb" or whatever, too.

[–] aviation_hydrated@infosec.pub 3 points 4 months ago (1 children)

Yeah only one that would match would be geolocation, and I'm a pretty offline first person, so no overlap in internet history since my footprint is pretty much Lemmy this summer.

Which makes me think it could be all the AI smart cameras recording interactions

[–] fishos@lemmy.world 13 points 4 months ago* (last edited 4 months ago) (1 children)

You have your phone on you, right? And he has his phone on him, right? And your phone's are constantly near each other, riiiiiight? Do you maybe see where this is going?

Your "Internet profile" is being linked to his "internet profile" because they can see you are constantly together. So they assume friends/relatives/coworker. But they also see that you're together at times people who are couples are(late at night while asleep, for example). So with basic time and location data, they've determined you're a couple. And that becomes another metric in your profile. Things that he likes, it will assume you like or are at least interested in, and same for him. All you had to do was type in the other language a few times and your profile got "speaks X" added to it. And him, by dating you, now has "knows someone who speaks X regularly" attached to his profile.

It's really very easy. Now imagine that everything you do is being catalogued like that. Then cross referenced with other people they know more about to flesh out more inferences about yourself("you like x and y? 98% of people who like X AND Y also like Z, so let's advertise Z to them".

It seems like magic but it's just advanced statistics in action.

[–] aviation_hydrated@infosec.pub 0 points 4 months ago (1 children)

What I'm saying is I don't have an internet profile like they do. I have never researched this language on the internet and have only purchased books for it in cash without a cellphone on me, so this specific overlap is weird

I'm not saying "oh wow, the NSA has a profile on me, how??", I'm saying, I have kept this specific data private from my direct internet connection, how are the data brokers targeting family member devices

[–] fishos@lemmy.world 8 points 4 months ago (1 children)

Says the person with a Lemmy profile. Do you pay bills online? Do you search things? Use maps?

Congrats, you have a shadow profile out there logging all the data about you.

You didn't keep shit private if you're carrying a GPS tracker on you at all times, which you are(your phone). You are VASTLY misunderstanding digital privacy and how statistics works. You don't have to type a single foreign language word for them to know you speak it. Just go to places and hang around people that it knows speaks it and it'll make the assumption. Every person you interact with who shares EVERYTHING is, congrats, basically a snitch on you as well.

It's statistics, like I said.

[–] aviation_hydrated@infosec.pub 2 points 4 months ago (1 children)

So your theory is the there is no opsec if any cellphones or anything with GPS are involved?

[–] otp@sh.itjust.works 6 points 4 months ago (1 children)

That sounds legit. If your GPS location is on at all times (assuming this is on your cellphone), then they've got enough geolocation data to associate you to your partner.

And if it's off? Your SIM card is acting like a GPS (though a less-accurate one than your phone). Do you trust your mobile service provider to not be selling this data? (And this would be even more of a factor if they're also your partner's service provider, and/or your ISP)

[–] aviation_hydrated@infosec.pub 2 points 4 months ago (1 children)

Yeah, so a mitigation would be to remove the GSM chip and be WiFi only, with a Faraday cage to ensure the WiFi is not on by accident or the software is backdoored. Also would need to remove the mic and speakers to avoid any cross chatter

But at that point might as well just have a laptop with external WiFi only

[–] FierySpectre@lemmy.world 2 points 4 months ago

Anddd... You use wifi to connect to their servers, so they'll have your residential ip (unless you got a VPN on at all times... And even then there's probs some way to fingerprint you enough). Partner uses the same wifi network and your profiles are linked again...

There really just is no way to completely escape. Blocking all ads and trackers on a DNS level (using a pi-hole or external service like nextdns[paid, but its pretty good]). Is a good solution though, at least you won't need to actually see ads