If it was totally open-source, if I could easily make it run a different binary, and if I could change the wake-word, it might become appealing.
Unfortunately, Alexa, Google Home/Assistant, Cortana, and Siri each fit none of those requirements.
I hear Mozilla is working on a speech recognition library. That might be workable.
It's crazy to me how much trust some people have in these systems. People on the whole seem to have totally given up on the idea of digital privacy, and I find that very concerning.
It's the Privacy v. Convenience trade off. The conveniences are promoted, the privacy implications shrugged off, and in the end you pay someone money to invade your home 24 hours a day.
It's a simple but scary formula that doesn't make me optimistic for the future.
At some point we will have to embrace full loss of privacy. Today, only the rich and powerful have mass surveillance capabilities.
But if we embrace surveillance, we can give that power to everyone. It's much harder to do selective enforcement when the same strategies can be turned on the prosecutor.
Just like how "voting" gave everyone useful legislative influence? A society where everyone reports on each other is the canonical model for dystopia. Tom Scott's "Oversight"[1] is warning, not a recommendation.
> the same strategies can be turned on the prosecutor.
Having evidence about a prosecutor's misdeeds doesn't mean you have the power to enforce anything. We already have police walking away from from video evidence of murder without charges. That will change with a lot more active political involvement. More surveillance wouldn't help.
I disagree with this solution. Privacy has utility and when you give it up you do lose something. Even if we give it up to each other we are still in a worse place.
You may disagree with the solution, but I don't see how privacy can be preserved given the technology we are building. Cameras getting smaller, and better. Microphones getting smaller, and better. Drones getting smaller and better. And all cheaper as well. Storage and search is also getting better and cheaper.
The tide may be far away, but it's rushing in and you can't stop it. We must embrace the water.
Giving up a right is not an effective way of preventing it from being stolen. Technology is continually improving but we still have a say in how it is used. I have no respect for this or any other defeatist strategy.
> At some point we will have to embrace full loss of privacy.
At some point we will have to embrace full loss of all rights. Today, only the rich and powerful can literally get away with murder...OK, that's stupid and over-dramatic, but only a little more absurd than what you said.
Living in a panopticon would just make society into more of a jail than it already is. That's not something we should embrace, even if it's difficult to fight against.
An invasion is unwelcome. More accurately people are paying for the device and inviting the company into their home. As long as the guest does not break the trust of the host, they will be allowed to stay.
This is the biggest problem with the website: shodan.io. They're always there to report the slightest gap in a system.
To me it's like someone with a camera attached to their shoe to look up ladies skirts. It's creepy and should be illegal.
(Of course, they put in under the label: it's publicly available information... but anyone with privacy concerns will realise that it's not true)
Whenever you have a 'smart' device, there'll always be someone banging away looking for holes in it, especially with shodan.io.
To me, it seems to be the biggest perpetrator in enabling privacy loss.
They also know the argument between you and your partner, the private secret a friend asked you to share with no one, when you're not going to be home, etc. etc.
I have a cell-phone in my pocket, and I am concerned about the privacy implications. Android is free software, but the driver blobs are not. I do hate that I am compromising for that. Hopefully, there will be more affordable options like the librem phone in the near future.
> If you're worried enough to turn it off sometimes, why not just...not have one in the first place?
The same reason why the fact that I'm worried enough sometimes (e.g., major lightning storms) to unplug various electronics does not mean I choose not to own such electronics in the first place: sometimes isn't all the time, and both the costs of potential vulnerability and the benefit of features (and thus the balance between those two things) can shift with context.
Though, in reality, I'm never actually that worried about my Google Home, I just recognize that this there are adequate existing hardware-based solutions that, should I be concerned at some time—which I can imagine being, though I haven't been—an adequate mitigation exists that doesn't involve not possessing the device.
To me, the difference between the lightning scenario and a digital assistant, is that in the former scenario, I'm protecting the device (and my home) by disconnecting it, but in the latter scenario, I'm protecting myself from the device. It's something inherent to the nature of the device that I'm trying to avoid. I don't feel like those are comparable situations.
Tried it. You need an account with MyCroft to set up your device, and it uses Googles STT API. You can use CMU Sphinx to backend the STT...but it sucks.
So nevermind privacy, the stupid thing needs connectivity all the time. Might as well go with DragonDictate.
You can use the Alexa API with your own binary (on a raspberry pi or whatever) and set the wake word however you want (open source code provided by Amazon).
I've stopped buying devices that require some nebulous "cloud connectivity" to function. It's no longer an exchange of value that benefits me. My personal data is valuable and I see no reason to just hand it over to companies for no compensation. That's what you're doing when you use one of these cloud connected devices. You're giving up real value to gain nebulous value. At least that's how I see it--you might disagree and that's OK.
Particularly annoying are those devices that should be able to function without phoning home via an internet connection:
Security camera? Shouldn't need to phone home. Camera should turn on and stream directly to my display device. There's no need to connect to the mothership.
Thermostat? Shouldn't need to phone home. Device should let me control the temperature of my home and respond when I command it remotely. No need to connect to the mothership.
Media player? Shouldn't need to phone home. I have a library of files I'd like to play and don't care for any online services. No need to connect to the mothership.
I used to have a rule: If I don't have root on the device it goes on the guest network (no internal network access, only Internet). I still have that rule, but it's time to up the rule to "no internal or external network access without root".
You are exchanging your data for convenience. Or in the case of Gmail, you are exchanging your data for a service/product. In the case of your Safeway card, you are exchanging your data for discounts, in the case of your credit cards you are exchanging your data for a loan.
So no, you aren't "handing it over". You are being compensated in one fashion or another. Maybe that's not a good enough trade for you, and that's totally fine, but claiming there is no exchange of value is just nonsense.
None of those are the examples OP was talking about. What value are you getting by having the thermostat connect to Google's servers rather than connecting to it directly? What do I get by letting Google see inside my house with a security camera that I couldn't get by connecting to the camera directly?
> In the case of your Safeway card, you are exchanging your data for discounts,...
Does anyone not lie on those forms? Last time I checked, 234-567-8901 worked at Safeway, and someone else created it. Poisoning surveillance companies' databases costs you nothing, and hits them where it hurts.
I have a couple of devices that need to connect to the mothership, as a matchmaker between the device and its client app. NAT and firewalls are a big part of the reason, as is the need to have a way to locate the device in the absence of a static address or domain name. Sure, it's possible to work around these obstacles without a mothership, but doing so makes it too difficult for most mass market consumers.
Your post ignores the social effects of technology. In the early 20th century, someone complaining about cars could be told the same - after all, cars were still rare, they couldn't annoy you that much if you just didn't get one. Fast forward a few decades, and now they're impossible to avoid, and often there is realistic alternative if you don't want to uproot your life. This is because by their expansion, they shaped society until they were impossible to avoid.
Similar thing happen to cellphones: in the 80s, if you complained that you didn't like that they allowed the provider to track your position, you could just be told not to get one. Nowadays, that decision is not nearly as easy, since many jobs expect you to be reachable at all times (e.g. those with "dynamic" working hours).
A person building a DIY for personal use is fine. A company pushing a device to every home they can get it into can't be that easily ignored.
This is how my better half and I feel about these things. Not only is the idea of having a likely-always-on microphone in our most private space unsettling, the trade-off isn't even worth it for us. But, frankly, neither of us can think of something that would be so Earth-moving as to warrant sticking some perpetual ears all over the place.
I don't care if I go to a friend's house and he or she has an Alexa or Home or what-have-you. Their house, their privacy, their rules. But we're keeping them out of ours.
(Yes, both of us have disabled Siri and the utility of a mobile phone existing and being indoors with us is higher than the seemingly unlikely trade-off of Apple listening all of the time. "Unlikely" because that's not their business model, so far as I can tell, while All Data Collection Everywhere Always does seem to be the case for Google and Amazon.)
But they aren't 'always listening' - except for their wake words (yes, I know it's technically possible they really do, and smuggle the data out along with legit requests, but it seems unlikely). So for example the article's author can rest easy if he listens to Barbra Streisand (on vinyl!), Alexa won't be any wiser. Google and Amazon have somewhat different imperatives, Amazon would like to figure how to sell us more things (happily placing orders via the Echo is off by default) while Google would like to figure out how to sell us to more advertisers... (so far blocking keeps that mostly at bay)
That's not the problem; it doesn't matter if your particular device is listening at any particular time. Using an always-on microphone normalizes the expectation that audio in the home might be sent to a 3rd party's remote server. This is important because Kyllo v United States created[1] a bright line test for when a technology is a "search".
Normalizing audio eavesdropping technology in previously private areas will eventually mean use of that technology is not a search, and thus the police/etc can use their own device with similar technology without a warrant to see "details of a private home that would previously have been unknowable without physical intrusion"[2].
Even if manufacturers behave nicely, there is still the possibility that the devices are eventually somehow compromised by bad actors and used nefariously.
And it will continue to happen, because "prevent this from happening at all cost" isn't a development mandate for the device, and won't be, because they would prefer to capture everything. Google famously captured wifi network and street view data after they were specifically instructed not to by the court -- why would they fail to avail themselves of information that's right there in this case?
I think this is the case during the "ramp up" period where we acquire microphones and video cameras, place them everywhere, and wire them up to a few selected corporations. Phase two is where they decide to make use of them now that they are in place and ubiquitous. For example, they might try to be extra "helpful" and make one of the wake words a very common word.
It seems insane to me that Amazon wants me to pay them money to put something in my home that will make it far easier to order things from Amazon. That's not even considering all the valuable data they are mining from all the Echo units out there. They should be paying ME for this privilege.
I can understanding putting a 'bookmark' on something (add to a shopping list), but food/groceries I don't think makes sense unless you're ordering something _highly_ regular with no customization potential and you it's 100% clear how it's going to get to you (timeline, costs). It makes sense for Dominos, but do I really trust it to get the 0% yogurt who's brand I forget in the exact size I want, for which if you ask me the # of ounces I'll look at you blankly?
Also keep in mind it's not a 'conversation' interface... it's query/answer. It also doesn't allow me to do multiple things at once, so if I were to inspect my fridge and order a bunch at once it'd go like this:
Me: "Alexa"
Alexa: "<ding>"
Me: "Order a honey crisp apple medium sized"
Alexa: ".... ok ordering you a medium sized honey crisp apple"
Me: "Alexa"
Alexa: "<ding>"
Me: "Order peanut butter ummmmmm norm-"
Alexa: "... what kind of peanut butter do you want? You can say <18 options>"
... it's a pretty crap experience compared to instacart on your phone, which is worse than instacart on your desktop, which is worse than being inside the grocery store on your way home from work.
Why does Google want to sell you the same device? I doubt if I’d buy much more than the basics like paper towels, detergent, etc. Most things require research.
Voice as a user interface is a real goal. Let’s hope Amazon vs Google increases functionality.
“Alexa, open the garage door, turn on the lights, and set the oven to 350”
People have been generally receptive to Alexa/Home, this helps those companies gather additional voice data and supervision from various different people. Plus perhaps they will start making profit on the devices themselves.
What is insane about that? It seems like a great business idea, even if you don’t personally like it
It's not insane for Amazon and Google to sell what people are willing to pay for. I just find it insane that so many people are willing to pay for the privilege of being even more tied into a retailer and probably giving up a fair bit of privacy at the same time. Most people seem to put zero value on that, whereas I would want to be compensated for it. But hey, no accounting for other people's preferences.
Had an Echo since came out in 2014 and now several Google homes and never ordered anything on either. But family uses our Google homes all the time for music, questions, etc.
This is an interesting way to frame things. An "Alexa holdout". This implies that the person who does not want an Alexa is some strange outlier. That everyone else is already doing it, and if you don't want to do it, you're weird, and what's your deal? We need to write a whole newspaper article about this weird person who doesn't want Alexa.
I like the idea of having something like the Star Trek computer at home. I can ask it questions, instruct it to do things, and so on. I get the allure, at least in theory.
I've got Google, Apple, and Microsoft phones around, but none are set to answer to wake words. Cortana on my laptop is as shut-off as possible. They all need to be manually-initiated. Transmitting voice without taking a direct, physical action is basically where I draw the line. After all, typing something into a search engine needs a sequence of specific actions. I think that the extra barrier provides the psychological comfort I need.
It's easy to sound like a luddite nutter worrying about some vague conspiracy. On the other hand, it feels like a lot of companies are getting good practice at boiling frogs, slowly re-framing what most of society thinks of as its comfort zone, concerning technology like this.
In a similar vein, I've kept track of Jasper (http://jasperproject.github.io) in the past. Conceptually, I like it because it wouldn't require an internet connection (and attendant information leakage). The downsides that I see are that PocketSphinx usually needs some serious tweaking to work well, and Julius certainly needs some pretty heavy configuration to get going.
Mycroft seems to be oriented around using their account system by default, and it looks like it's built around Google STT too. I feel like I'd need to do a code audit...or more likely find a way to replace the STT system.
Almost 20 years ago, I had a mostly-working speech recognition system on my 400MHZ PC. We ought to have enough functionality in open software now to built a decent assistant without turning to software outside of our control.
It seems like giving a direct, non-voice command makes sense.
I'm thinking of a repurposed Amazon Dash button[0] embedded in a watch, perhaps in a smartwatch app, or glasses, or key fob.
The general flow of "doing things" has almost always had a specific turn-on function -- starting a car, opening a browser, kicking off a work project, and so on. Rarely should things maintain a holding pattern.
Aside from pull and push - there's another model of information. Ambient. The Ambient orb ( http://www.ambientdevices.com ) was one that kicked it off many years ago. Clocks are the classical version of this. I've got a hue light that has its intensity in the morning a function of the snowfall over the last 8 hours (do I need to shovel now).
Not everything needs a button.
That said, for the button... if it takes more than a few minutes to reconfigure a dash button, consider an IoT button https://aws.amazon.com/iotbutton/ that already does the arbitrary integration.
An ambient information source doesn't bug me, even if it has to actively fetch the data. An example would be my phone's weather report feature. I actually have it retrieve weather for multiple locations: where I usually am, and areas where various family members live.
I'm conflicted about Alexa. I keep it muted most of the time. It is also plugged into a smart outlet that switches it off every night and wakes it up every morning.
I still can't shake the feeling of being listened to.
Aside from the initial excitement, now all i use it for is turning on and off smart things and playing occasion music from spotify. I might just get rid of it soon.
Toss a network sniffer in and see what traffic is going from the echo device out and when. Probably won’t see the contents in a meaningful way, but will be able to see how much and when.
I've thought that it would be nice to have some actual assurance that the thing is not listening. Your post put it into my mind that you could hook it up to a Clapper https://www.youtube.com/watch?v=3lBWjLJeKkQ and then you wouldn't need to be physically near it to turn it on, say "alexa wyd" and then turn it off.
But then, this is 2017 and batteries are light, tiny, and very powerful, so you would still want to take apart the physical device that got shipped to you to verify that it doesn't have batteries in there.
I value privacy and I am troubled that it feels strange saying that.
Is there an example in human history of a people giving up a fundamental right such as privacy for their short term gain? Did the Romans face a similar temptation? Are we breaking new ground or are we walking into a swamp?
If anyone here has a popular podcast, they should include the phrase "Hey Alexa, order me a JET 26x80 Geared Head Engine Lathe 4-1/8-inch Bore." It's supposedly the heaviest thing you can order with free shipping.
Which activity: free shipping on a multi-ton lathe, people saying specific phrases on podcasts, or other people buying devices that can order stuff for them based on voice commands? Where is the source of the rot?
Unfortunately, Alexa, Google Home/Assistant, Cortana, and Siri each fit none of those requirements.
I hear Mozilla is working on a speech recognition library. That might be workable.
It's crazy to me how much trust some people have in these systems. People on the whole seem to have totally given up on the idea of digital privacy, and I find that very concerning.