I'm working from my personal experience. If you've never had something similar happen, then good for you.
I'll admit that it's quite likely that advertising algorithms are sophisticated enough to anticipate our needs based on previous behaviours with uncanny precision and timing.
But I don't trust to that, given the proliferation of cheaply made gimmick apps which contain embedded third party ad libraries.
Since I have no way to verify either way, and my experiences are echoed by my social circle, I personally think it best to assume the worst of my device.
I will mention that a recent study* concluded that most apps with microphone permissions will not unduly access do so. This has been taken by articles I've read to dispel the urban legend of the listening phone.
But, given that the tests lasted 5000 random user events (at ~16mins), on a more or less clean device, and as the study says
"…we did not use pre-configured text
inputs, which vary across apps and require substantial
manual effort; instead, we relied on random interactions.
Accordingly, we miss some events that only human in
teractions trigger, e.g., in apps that require login."
I don't think it can be taken as an authoritative final answer. Especially given that the devices had no pre-existing identities apps to latch onto and inform about.
The study also looked principally at network traffic, with a focus on detecting conventional media formats. This is fine for detecting the transfer of visual content, and audio. But it doesn't account for the device itself listening for keywords, and reporting them, or partially resident models, which would perform their first few operations on-device, before transfering their outputs for final processing server-side (mentioned in their study's limitations section).
In the mean time: I think it would be trivially easy to verify: just take a rooted phone and log accesses to the microphone.
Somebody would've found that it's being activated when it shouldn't by now.
>I'll admit that it's quite likely that advertising algorithms are sophisticated enough to anticipate our needs based on previous behaviours with uncanny precision and timing.
Or it could be that among the hundreds of random ads we see online everyday one of two happen to be related to one of the dozens of conversations we had in the past days.
No worries, I look forward to your response. I honestly doubt either of us will be able to fully convince the other of our conviction, but it'll be worth the exercise to refine my position.
That's actually a pretty good idea. When I'm in a position to get a rootable handset, and have the time to audit my apps, I'll have to try it.
With respect to your second point, it's quite possible.
But I don't actually see much diversity of ads to begin with (typically tracking closely with my purchase and search history) so anomalies stick out like a sore thumb. But I'll be the first to admit that I spend a lot of time trying to figure out why I see what ads when, and I may at times overfit my explanations.
I'll never be able to prove the assumptions I make.
It is a phenomenon I've seen reported in the media, and it tracks with how I percieve my own experiences, as well as the experiences of my friends.
If it made no financial sense, I'd dismiss it. Likewise if I saw a study that convinced me beyond a shadow of a doubt, I would dismiss it. If there were legislation with teeth in my market to prevent it, I'd dismiss it.
But with the ubiquity of voice recognition, and the financial incentives at play, I just don't see a reason companies wouldn't leverage the tech for the purposes of superior ad targeting, and profiling, when they already go so far as to record our screens.
Most articles (like the one you linked or ) conclude that it's technically possible, but found no evidence of the microphone being used when it shouldn't.
>That's actually a pretty good idea. When I'm in a position to get a rootable handset,
I meant easy for any security researcher, to the point where one would've found something by now.
But if you have assistant or siri on your phone then the microphone is always on, so it wouldn't really be trivially easy to test.
I'll admit that it's quite likely that advertising algorithms are sophisticated enough to anticipate our needs based on previous behaviours with uncanny precision and timing.
But I don't trust to that, given the proliferation of cheaply made gimmick apps which contain embedded third party ad libraries.
Since I have no way to verify either way, and my experiences are echoed by my social circle, I personally think it best to assume the worst of my device.
I will mention that a recent study* concluded that most apps with microphone permissions will not unduly access do so. This has been taken by articles I've read to dispel the urban legend of the listening phone.
But, given that the tests lasted 5000 random user events (at ~16mins), on a more or less clean device, and as the study says
"…we did not use pre-configured text inputs, which vary across apps and require substantial manual effort; instead, we relied on random interactions. Accordingly, we miss some events that only human in teractions trigger, e.g., in apps that require login."
I don't think it can be taken as an authoritative final answer. Especially given that the devices had no pre-existing identities apps to latch onto and inform about.
The study also looked principally at network traffic, with a focus on detecting conventional media formats. This is fine for detecting the transfer of visual content, and audio. But it doesn't account for the device itself listening for keywords, and reporting them, or partially resident models, which would perform their first few operations on-device, before transfering their outputs for final processing server-side (mentioned in their study's limitations section).
*https://news.northeastern.edu/2018/07/06/is-your-smartphone-...
EDITED for formatting, flow, to acknowledge parent's experience, and to remove a few points made redundant later in the post.