editor's blog
Subscribe Now

A Nightmare Bug: Random People Listening In

Amazon has apparently had an Echo hiccup of the sort that would give customers bad dreams. It sent a random conversation to a random contact.

A couple had installed numerous Alexa-enabled devices in the home. At some point, they had a conversation – as couples are wont to do – involving, apparently, hardwood floors. No big deal, right? Except that they then got a call from one of their contacts (who is an employee of the husband) saying that they had been hacked. Why? Because that person had been texted a copy of the conversation, including a link to the original recording.

They say that an Amazon employee confirmed what had happened, so this wasn’t in their imagination.

There But for the Grace…

Hardwood floors aren’t a particularly edgy conversation. But just imagine what could have happened with another conversation and another contact. Needless to say, the couple unplugged all of their Alexa devices.

So what the heck is going on here? From everything I can tell, Amazon isn’t giving out any specifics. It seems to be a glitch in their message-sending feature. I looked at their help page, and it shows a few steps required to send such a message. First you say, “Send a message to <insert your contact here>,” then it confirms the contact if unsure, and then prompts for the actual message. It then sends (without further confirmation).

Based on this, there’s no way a conversation should be sent silently, without someone knowing. The theory is that Alexa misinterpreted part of the conversation as instructions to send a message. If that’s the case, it should have given at least one prompt. Maybe it did and they didn’t hear it.

Constant, Ubiquitous Surveillance?

I’ve heard stories of friends of mine having conversations at home about something unusual (for them), only to have ads for that thing start showing up in their Facebook feeds. Creepy much? Their assumption was that their cellphone was recording everything and sending it to our cumulonimbus overlords. Those overlords are then selling the info to advertisers.

The industry response – including mine to my friends – about such things is that, at least for now, it can’t happen. Why? Because the ongoing audio is processed only locally – until the wake-word is heard, at which point the following audio is sent to the cloud for processing. If that’s true, then full, non-command conversations should never go anywhere.

Another defense has been that sending full audio all the time would chew up way too much bandwidth. Which may be true. But we also know that that may well be a temporary situation. Will our communications infrastructure eventually have pipes fat enough to radio all conversations from everyone into the cloud for dissection and action?

That’s not what’s alleged to have happened in this case, but, for people already nervous about this, it might as well be the same thing.

Horrible Optics, at Best

Regardless of the technical facts, this is the kind of glitch that will freeze the hearts of users – current and potential. Amazon claims that the bug was extremely rare, and that they’re working on fixing it. I’m assuming that the log files that they examined contain enough information to point to a root cause. If so, then, yeah – they can fix it. It’s a good use of over-the-air updates!

I don’t know if the big tech companies know it, but there’s growing unease with the amount of power they and their technology wield. Our devices no longer let us control things like we used to be able to; the companies control them for us, presuming to know more about what we want than we do ourselves. And much of it amounts to controlling our behavior, getting us to do what is in their best interests and making it harder to learn what alternatives there might be. How much of that is fear vs. reality? Not clear. But it’s also not clear how far it could go, except for debacles that bring scrutiny by lawmakers.

With the advent of Europe’s GDPR taking effect, everyone is thinking privacy right now. My inbox is chock-full of emails from groups I never signed up with asking if I want to stay on the list. So it’s a bad week for a rather dramatic violation of privacy.

3 thoughts on “A Nightmare Bug: Random People Listening In”

  1. I agree that the privacy violation was quite acute in this case of the couple with too many Alexa devices that sent their conversation unintentionally to a contact. The only ads that I see show up in my Facebook feed or Google-powered ads are key words that I have typed into Google or Amazon products, so far. Prior to Amazon coming out with their Alexa device my Niece named her first child Alexa, so who knew that Alexa would become such a popular name?

  2. No matter how suspicious it has seemed that Amazon is encouraging us to put listening devices in every room of our homes, the company has always said that its Echo assistants are not listening in on or recording conversations. Over and over again, company spokespeople have promised that they only start recording if someone says the wake word: “Alexa”. Your blog post is really amazing to read. Thank you so much for sharing this outstanding post here. Keep blogging with new content.

Leave a Reply

featured blogs
Nov 30, 2022
By Joe Davis Sponsored by France's ElectroniqueS magazine, the Electrons d'Or Award program identifies the most innovative products of the… ...
Nov 29, 2022
Smart manufacturing '“ the use of nascent technology within the industrial Internet of things (IIoT) to address traditional manufacturing challenges '“ is leading a supply chain revolution, resulting in smart, connected, and intelligent environments, capable of self-operati...
Nov 22, 2022
Learn how analog and mixed-signal (AMS) verification technology, which we developed as part of DARPA's POSH and ERI programs, emulates analog designs. The post What's Driving the World's First Analog and Mixed-Signal Emulation Technology? appeared first on From Silicon To So...
Nov 18, 2022
This bodacious beauty is better equipped than my car, with 360-degree collision avoidance sensors, party lights, and a backup camera, to name but a few....

featured video

How to Harness the Massive Amounts of Design Data Generated with Every Project

Sponsored by Cadence Design Systems

Long gone are the days where engineers imported text-based reports into spreadsheets and sorted the columns to extract useful information. Introducing the Cadence Joint Enterprise Data and AI (JedAI) platform created from the ground up for EDA data such as waveforms, workflows, RTL netlists, and more. Using Cadence JedAI, engineering teams can visualize the data and trends and implement practical design strategies across the entire SoC design for improved productivity and quality of results.

Learn More

featured paper

Algorithm Verification with FPGAs and ASICs

Sponsored by MathWorks

Developing new FPGA and ASIC designs involves implementing new algorithms, which presents challenges for verification for algorithm developers, hardware designers, and verification engineers. This eBook explores different aspects of hardware design verification and how you can use MATLAB and Simulink to reduce development effort and improve the quality of end products.

Click here to read more

featured chalk talk

Current Sense Resistor - WFC & WFCP Series

Sponsored by Mouser Electronics and Vishay

If you are working on a telecom, consumer or industrial design, current sense resistors can give you a great way to detect and convert current to voltage. In this episode of Chalk Talk, Amelia Dalton chats with Clinton Stiffler from Vishay about the what, where and how of Vishay’s WFC and WFCP current sense resistors. They investigate how these current sense resistors are constructed, how the flip-chip design of these current sense resistors reduces TCR compared to other chip resistors, and how you can get started using a Vishay current sense resistor in your next design.

Click here for more information about Vishay / Dale WFC/WFCP Metal Foil Current Sense Resistors