this post was submitted on 16 Oct 2023
1760 points (99.3% liked)

internet funeral

6912 readers
1 users here now

ㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤㅤart of the internet

What is this place?

!hmmm@lemmy.world with text and titles

• post obscure and surreal art with text

• nothing memetic, nothing boring

• unique textural art images

• Post only images or gifs (except for meta posts)

Guidlines

• no video posts are allowed

• No memes. Not even surreal ones. Post your memes on !surrealmemes@sh.itjust.works instead

• If your submission can be posted to !hmmm@lemmy.world (I.e. no text images), It should be posted there instead

This is a curated magazine. Post anything and everything. It will either stay up or be lost into the void.

founded 1 year ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] utopiah@lemmy.world 0 points 1 year ago* (last edited 1 year ago) (1 children)

Are you saying the size of the upstream packet should be proportional to the mute time? Wouldn't that assume that one knows ahead what such logs include or not? For example if we imagine that the device is listening while on mute for the keyword "potato" and it's not being said once during the mute period, wouldn't that still making an upstream packet of a fixed length, i.e zero, despite being actively listening and able to phone home? Genuinely trying to understand how one can be so confident based solely on packet size as this seems to make some assumption on how the device behaves.

Edit: regardless, monitoring traffic (which I already mentioned, hence aware of but arguing it's not sufficient) using Wireshark or netcat is definitely not "easy" for most people buying such devices.

[–] Karyoplasma@discuss.tchncs.de 2 points 1 year ago* (last edited 1 year ago) (1 children)

If the device monitors despite being on mute and does not send packets home while on mute, then it would send more when turned back on, yes. How else would the logged information reach the datacenter? Also, not everyone buying an Echo needs to do an analysis, it's enough if a random tech-savvy person does it. Unless you argue they purposefully build surveillance devices and mix them with devices that are what they claim to be to obfuscate this behavior.

The conspiracy theory is about the muted device spying on you, not whether the activation phrase is recognized while muted. Or maybe I am misinterpreting this comment chain.

[–] utopiah@lemmy.world 1 points 1 year ago* (last edited 1 year ago)

I don't think so, here is another example, what if the device counts how many times someone said "fuck", then sending {fuck:0} or {fuck:4,294,967,295} will result in the same size of data being transmitted. In fact imagining that the device is designed to do so, it could always send a large meaningless packet on querying for updates just so that when it actually needs to send data, it would look similar, same approximate number and lengths of packets and can be capped. I'm not saying it's the case now, just technically feasible and I believe hard to detect.

Also on "trusting" someone then answered in https://lemmy.world/comment/4594899 but I'd said it's also not "easy". At least one must trust their institutions able to vet on the person able to review such devices and that the device tested and the one used are actually identical.

Finally I'm not arguing for conspiracy theory or that Echo is spying on users, only that verification for privacy on closed system is not "easy" either through trust of 3rd parties or technical expertise for an "average" user, not somebody working in the domain.