ok thanks, but where’s the list of these apps?
These type of articles never list the apps they’re discussing.
iOS and Android. If you have one of those people are listening.
Both of these apps have device-level notifications to let you know when an app is listening. I promise they’re not. There was a service a while back that was claiming this in their advertising and it went public and their partners all scattered like flies. No one wants to be associated with that sort of thing. It’s unnecessary anyway.
Eh, you can be reasonably sure that GrapheneOS or other Android ROMs without any Google Play apps is private.
No
Comments like this try to make you give up on privacy by making it look like all is lost from the get to.
They are lying, don’t believe them, there is a lot you can do to protect your privacy.
Article is from 2018. Someone must have pasted the url from hacker news where the same story was dug up recently.
Is that to say that it’s no longer valid? Or just that it’s old news? The list of apps associated with the software is still pretty extensive; Google Assistant even showed up.
Well these days Android asks for more permissions so I guess it would prevent it in many cases by preventing access to the microphone for apps where you don’t want it…
Android also shows an indicator when any app is accessing the microphone or camera now.
https://nvd.nist.gov/vuln/detail/CVE-2023-21083
There are probably other exploits around that as well
it has always asked for mic permission so no change on that front
Yeah, most people just click beyond that in a millisecond because it’s just an an annoyance between them and the needed dopamine.
I think app stores can do a whole lot more, especially with he insane amounts of money they’re earning from it (hello and fuck you, apple). They can make microphone access a special privilege that requires the developer to make a special request that gets verified on the app store before the app can be released, for example
7 years is a long time in tech.
Google Assistant is supposed to listen for the “Hey Google” trigger word. How else do you expect to use your device hand-free.
It also does it completely locally, using an on-device chip. If your phone has the Google assistant on it, disable all Internet and try the wake phrase, it’ll work. Nothing else does, because it has to phone home for that, but the wake phrase handling IS on-device. Can’t even turn the flashlight on otherwise tho lol, even if you use what we used to call the power button (new name for it? Lock button?) and type what you want it bitches about internet
No, 2018 wasn’t 7 years ago… No… Wait please…! :'(
Old news. It was old news in 2018
But… they can’t access the microphone without the user explicitly allowing
Only on iOS
Not only on iOS. I use Android and my microphone is always off unless I allow a specific app to use it, and even then, I have the option of only allowing it for that one time. Including the phone app.
Mic and camera are always off.
What happens when you answer the phone?
A little pop up comes up saying something about “getting the most out of your phone” with the option to turn the mic on for the app that’s requesting it (phone app). Only turns on for the call. Just gotta tap the screen once.
I keep the mic and camera options at the top of my quick-… whatever they call them… options, so if I need either one for something else, it’s super easy to turn off/on.
Android shows a little green logo in the top right if the mic and/or camera is on as well. So if I ever do enable them, it’s easy to remember to turn them off again.
Thanks I’m gonna try it out for a while
It works great for me. I’m using a Pixel with stock Android, so I can only speak to how it behaves on my phone. I know sometimes carriers add/change shit.
I did this but stopped because if I pick up the phone locked, I have to unlock it to turn mic on and answer the call. So I just make sure to allow mic access only to apps that really need it
Check out GrapheneOS
I can be absolutely certain no apps can access my mic in the background. Even when in the foreground, there is a hot-mic indicator.
Here’s the misleading part:
Tap on one of those “while in use” apps. You’ll see there is no option “allowed all the time.” It doesn’t exist.
“while in use” is top level, and changes to “while using the app” when you actually look at the permission. They really mean when the app is running. And many often run in the background.
Because it is software-based access control, it is impossible to guarantee that access really has been disabled. Thanks to Apple’s design, we now live in a world where users are not supposed to detach batteries or physically turn off microphones and cameras; it’s all software-controlled. The problem is that software can be hacked and have backdoors. Also, thanks to Apple’s smart design, users can no longer upgrade the memory sticks on their Mac Minis and MacBooks. Why do I say it is all Apple’s fault? Unfortunately, other manufacturers copy these design ideas…
Tell that to Facebook. Shit, I’ll talk about something with my wife and see ads about it ten minutes later. Been happening for years.
I tested this with my Facebook app in 2013. Found a Spanish radio station, set my phone down next to it overnight, and for several weeks I was seeing ads exclusively in Spanish. Deleted the app the first day I saw them in Spanish, and deleted my account not long after that.
My wife still uses them after 5 years together and me pointing out all the times it’s obviously eavesdropping on us, and she’s even been creeped out by it before. Still uses it…
Unless my microphone and camera have physical switches, I will assume they are being used. Those little “your camera and microphone are off” icons in the corner of the screen don’t reassure me.
Did you receive the Spanish radio signal over the traditional airwaves or streaming. Was it a digital radio, as those can also be tracked.
It was a stereo from 1987.
Ye Olde Analog airwaves, no fancy digital nonsense.
This has been tested and proven time and time again. Google and Apple give apps a method to access the mic that the OS can allow or deny. This is what the apps are supposed to use.
Facebook doesn’t use that method for passive monitoring, only for active engagement. Don’t looks like it’s working when you go the use the thing and it’s disabled but it’s still listening to you.
If you must use such a social network, never ever ever use the mobile app. Use the website or don’t use the service at all.
It’s more likely that your wife or someone nearby was further researching the same topic you were talking about.
Facebook and other ad companies use your location, relationships, and other data they already had on you to serve you relevant ads.
At this stage, they know more about you than the government, or your wife.
Bullshit. The amount of times I’ve had random conversations about odd topics for the very first time with my wife and the fucking subject appears in a FB add three hours later.
Nope, go peddle your corpo propaganda elsewhere.
I’ve read about this phenomenon in the past. Generally it’s found that due to audio processing cost and the sheer amount of other data easily gathered, there’s no reason for them to snoop with your microphone because other data is so readily available, much easier to process, store and ship.
I read about that recently as well. There is a problem though. Your phone can turn your voice into text instantly. It’s a feature built in to your keyboard. They could turn the audio into text and then transmit the text only. Saves much data that way.
Honestly these days they could process the audio on your phone with a small audio classification machine learning model, although nowadays phone os’s show if the mic is in use
That’s monitoring you and your closests’ other behavior, as well as monitoring then nudging you towards wanting certain things. The ad itself is the last nudge in that chain that tries to go “you wanted this, don’t you?” after all of the other thinking it’s making a case for your life being better with it.
my wife and I had been married for 2 years. been together for close to 10.
not once did we EVER say “Adirondack Chair”. Just never came up in conversation. we were broke as fuck and couldn’t afford something as superfluous as one of those.
One day, were driving down the road home and see one on the side of he road.
what’s that?
looks like an Adirondack Chair
Adirondack Chair? For free?
yeah, it looks broken though.
we get home go inside. I sit down to veg on my phone on the sofa. what does Amazon put in my “things you like” feed? mother fuckin Adirondack Chairs. Google news feeds? Adirondack Chairs on sale.
My wife had YouTube videos that were reviewing Adirondack Chairs.
this was ten years ago. Imagine what they’re doing now…
This is stuff they could’ve gotten from location-data, or if your wifi was on, as you drive through different peoples’ wifi connections (both seeing where you’ve been, and hooking the data from you into data of people in your area to form connections of what’s trending and what they can get you to think about)
I’m not saying they’re not mass-surveilling in the most efficient ways they can, but hot-mic while sounding frightening, is the least useful tool ever for their means, and as has already been mentioned in this thread, android auto locks out that permission now anyway, making this a bad focus in the sense that it is not over just cause they can’t get to your microphone.
Right around the confinement my sister and I were talking about getting some seeds for my mom. Neither of us searched for seeds. From that point we both started to get ads for seeds, many for the ones we had talked about in particular. This thing was so unequivocal that it proved to me that our phones listen. Maybe they don’t analyze, but they definitely listen for words actionable for an advertising purposes.
That’s why i always forbid access to my microphones by apps. Many AI apps will also remember what you discussed long ago.
OS doesn’t need permissions to access hardware
More likely, your late’ish habits and searches combined with age and another mountain of data correlated with people that have the same thought. We are no snowflakes.
Edit: I should say, if this example is true. I’m not saying you are lying, just that if you are, it’s not a “gotcha”. This thread is making me paranoid! :)
The thing is you can test it, simply never search anything related to it and see if you get ads, maybe I accidentally searched something but it works, or it could be wifi based maybe they searched something and it effected everyones ads, this could make sense if my roommates searched stuff and it effected my ads
I happened to say out loud to my girlfriend that there is a chance (a small one) that my ADHD medication can cause something called TD (Tardive Dyskinesia).
Suddenly, our Netflix is showing adds for a new medication for it.
Wasn’t there just a storey a couple days ago that apps where not doing this but taking screenshots and videos on the screen and sending that. And both iOS and Android have the microphone notification now.
I know I’m usually on the more paranoid side, but I’ve always assumed everything I do on a smartphone is potentially being monitored via camera or mics.
If the apps are just taking screenshots, or recording a few seconds of data via mic, it would be almost guaranteed that certain corrupt (and also paranoid) governments that are dismissive of privacy rights could force or bribe those apps to allow them to also access screens, mics, and cameras anyway, right?
I’m in the U.S., and especially with how glitchy my phone has suddenly become over the last few months, I’m just at the point where I just assume that’s what’s going on.
I had the same android for like 4 years without many issues, then suddenly around February it just became almost impossible to use. Weird glitchy things with the size of the tool bar at the bottom of my screen and the popup keyboard. Redirect notifications all the time for certain websites, and my VPN connection is just constantly interrupted and having to be reset.
I finally was like fuck it, this is an old phone so maybe that’s it. Brand new phone, but most of the same issues.
I use signal instead of text most of the time, and switched a lot of things to proton mail, but if someone is potentially recording your screen, does it really matter if what you’re doing is encrypted?
Which VPN provider are you using? How do you know they are not the one monitoring your phone?
Did you obtained your phone from a trusted source, such as an official seller. Some phones purchased from overseas might have “International ROM” installed by the seller, which compromises the integrity of the device.
Consider having a trusted tech friend look over your phone to see if the device has malware installed.
I use proton VPN, but no I always just get my phones from Amazon bc it’s cheap. Never was a real problem in the past, but now that the U.S. is (officially) a giant Oligopoly, probably not a wise idea.
I don’t really know any tech friends that are super in the know about that kind of thing. I have a paid Norton 360 subscription that does frequent scans for malware and says it never finds anything, but honestly wouldn’t even be surprised to learn I’m paying for a useless subscription.
The only reason I even bring that up is bc our current Governor who has always been a power hungry authoritarian boot licker renewed the Executive Order for a state of emergency for a cyber incident that our previous governor first created when the data breach happened several years ago.
When he “renewed” the order, he also slipped in a new section that granted authority to the director of one of his cabinet’s agencies, Governor’s office of Homeland Security and Emergency Preparedness (GOHSEP), to handle the emergency as he sees fit.
What’s even more concerning is that on the same day he renewed this order, he restructured GOHSEP so that it is now under the control of the state’s National Guard, gave the former director of GOHSEP a new title, and then named a member of the Guard “acting director.”
He’s been very vague about what the renewal was about, but it allegedly had something to do with updating the OMV/DMV data base for the state. Since then he has also created a hiring freeze for the state, which would seem to indicate that whoever was acting director is now indefinitely the director named in the executive order until the governor decides to lift the hiring freeze.
Even for someone not already paranoid, and without everything happening at a national level, that would all be a bit concerning right? I’m not a journalist, but I’ve been trying to get people to pay attention to it.
For some reason, no actual local journalists seem to be willing to point this out, but it’s all publicly available information.
Proton is a trusted VPN/company.
Norton on PC might be useful, but on mobile, it’s probably as good as a placebo.
Good luck with your state government. Sounds like a nightmare.
The reason no local journalist is critical of the state government is because there are no independent journalists left. Google and Meta have sucked up all the advertising dollars, so small local independent media cannot survive. The journalists have to work for mega corporations who dictate what they are allowed to write.
Yeah that is kind of a given, I just wish more people would wake up to that fact.
Every day more people ate taking notice, hopefully we can hit a critical mass within our life times
try swappa for phones, when i was looking for a new phone because the Problematic pixel 5a died after a small drop, i was comparing amazon to swappa, swappa you can negotiate a lower price from the seller, and you can filter out the "corporate sellers " because they tend to so more used phones for a higher price than it should be, and you can ask questions about the phone being sold giving you more idea what your getting into.
https://nvd.nist.gov/vuln/detail/CVE-2023-21083
I guarantee you that the green privacy dot means diddly squat.
Past vulnerabilities doesn’t mean there is active mpdern vulnerabilities especially ones in widely tested operating systems that’s exploited by as many apps as people claim are listening when security researchers also regularly reverse engineer and analyze the source code of popular apps to figure out what they’re doing. You can decompile Android apps pretty easily to see what they’re doing. Some are obfuscated so it takes some effort.
Its one thing to claim there’s some a system level bypass for the icon that the NSA uses to spy on its enemies, it’s another thing to claim that it’s being exploited on a wide scale by a tech companies on different apps, iOS and Android, multiple versions/devices.
The reality is that we leak tons of info through other mediums that are easier and cheaper to collect than through microphones.
This link proves how robust the security research is and how quickly bugs like that are patched.
i used to think this as well (i have never used any facebook apps), but last night something happened that made me question it.
My wife and i were going through a chipotlane that was right next to a Popeye’s. As we were waiting i looked over to popeyes and saw some posters for their new pickle chicken stuff and asked my wife “the fuck is a pickle ‘glaze’?”
she said “i have no idea but i kinda want some fried pickles now.”
literally a few seconds later she opens instagram on her phone and is shown a video of a person making pickle brined chicken.
yes yes it could be a coincidence, but i am a lot less certain of that now.
The way I’ve heard it is that it’s not just coincidence nor microphone scanning, but just the effectiveness of targeted ads in general. You could be within wifi range of other users who are searching for pickle stuff or you yourselves have a history of pickle purchases, etc. This stuff is scary specific already.
A few years ago, I would have said you were being overly paranoid. Nowadays, I’m in the same boat.
Also, the fuck is a chipotlane?
chipotle drive through
How can they tell I’m popping?.. Oh…what if I stopped flushing? So is that why some people don’t flush? They’re trying to be stealthy!
Use NextDNS with strong filters and the DDG app with App Tracking Protection turned on. While no filter is 100% perfect, this combo stops the vast majority of privacy-invading shit from getting to 3rd parties.
I use shizuku for hidden api/shell access…the devs of that have an app called appops which, you guessed it, allow you to change any appops permission for any app. Allows denying/ignoring clipboard access, device identifiers, location, microphone, etc.
appops screenshots
:::App Ops still works? I haven’t used it in over a decade.
yeah, alphonso appeared on my mibox, eset called it a trojan right after the update. had to delete it through adb, cause its a “system app”
Reading this made me wonder if I was having a stroke, because it seems like English but I don’t recognize so many of the words. 👴
This might just push my fear of targeted ads enough to give in to my idea of a nearly soundproof box for my phone when I’m not using it. :(
You could remove the mic and pretend it’s a modern iPod 😁
Just install an OS that allows per-app microphone permissions. I’m running LineageOS and I can tell it for example to only allow Whatsapp mic access when I actively open the app. Actually according to the article, the same can be done on plain Android too.
me to my phone right now
Beer pong
Yeah that sounds like an app user who would be okay with his audio being recorded…
An app where all you end up recording is “Bro! Bro! Bro! Broseeeeph! Let’s gooooooo, Bro!”
I thought Android has a non bypassable green dot in the notification bar when the micro is on ?
It’s probably bypassable too. And, anytime the microphone is used, you have no idea the multiple extents that data is being used for.
Apps can use the microphone in secret and there’s no way to know when they’re using the microphone? This is a major security flaw in Android!
Are you kidding? You do know that basically anything is hackable, right? And that’s why old people put tape and stuff over their cameras if they don’t just outright unplug them, right? It seems silly, but like… They’ve always been right, with their insane passwords and avoiding using their real names and stuff.
afaik Android System Intelligence and apps using that will not show the mic icon
Users need to know what this dot means, and some like children or the elderly will likely not understand the ramifications
I feel like you’re missing the point. Showing a green dot still doesn’t solve the problem or make it ok, especially when this technology works in the background and can capture sound even while the device is in your pocket, like the article says.
I don’t think we should have to be on the lookout for a little dot showing up on the screen constantly. It shouldn’t even ask for microphone access unless it’s absolutely essential for the app’s main purpose. “Features” like this should always be off by default and buried deep in the settings. If people really wanted it (they don’t), they’d go in and turn it on themselves.
You’re absolutely right but that wasn’t my point. I thought that if one of my installed app was doing this, at some point I’d have seen it without even being on the lookout.
This is literally how it works. In modern android you need to explicitly grants microphone permission to apps the first time you use them. Now, if they are clickjacking the permission notification, that’s something different, but the article doesn’t mention this. You can download your own microphone logs and verify if you are curious about this.
is this still a surprise to anyone here?
Anyone whos said anything outloud and then immediately got an ad should know by now that it isnt some conspiracy, its easily testable by not searching something and just talking about it while having an app open, the more obvious one they track is dms, if I dm someone something (text based not posts) ill get ads or posts related to it.
Im assuming they target your wifi too, because my ads change to reflect what I do on other devices too (always noticable as a hobby hopper)
I remember a bunch of people freaking out about this a few years ago and an equal number telling them they were paranoid.
You can talk about stuff and your phone will just magically start suggesting related items. Why would anyone be surprised the monitoring device in their pocket is monitoring them?
Yes.
Not to you or me, but there are tons of people, even here, that are absolutely incredulous towards the idea that its possible.
I mean it implies that these apps are both violating permissions (in many cases) and the android visual indication of an active microphone. So far I have seen no actual proof that this is the case. Mic activity is logged. You can debunk this yourself easily.
I’m part of those people. The usual argument is that everybody’s phone is listening all the time, without agreeing to permissions or showing the mic notification or anything like that. I’ve never seen any proof of that. This article is about a bunch of shovelware apps (Pool 3D, Beer pong: Trickshot, Honey Quest etc) that aren’t even listed anymore. There’s nothing about them skirting permissions or hiding the notification.
People see the headline and assume it’s Facebook et al.
Not helpful
Good thing everyone diligently reads the T&A of Pool 3d before using it. You are reading every line of text before you hit agree, and then uninstall, right?
Instagram at least listens thru your mic, for sure. At least on my wife’s phone, she gets targeted ads based on conversations we have in the car with no music playing
About things the other person has searched for and visited and when their networks touch it spreads. It’s easy to do without a mic
