Locked-Down Lawyers Warned Alexa Is Hearing Confidential Calls (bloomberg.com) 70
An anonymous reader quotes a report from Bloomberg: As law firms urge attorneys to work from home during the global pandemic, their employees' confidential phone calls with clients run the risk of being heard by Amazon and Google. Mishcon de Reya LLP, the U.K. law firm that famously advised Princess Diana on her divorce and also does corporate law, issued advice to staff to mute or shut off listening devices like Amazon's Alexa or Google's voice assistant when they talk about client matters at home, according to a partner at the firm. It suggested not to have any of the devices near their work space at all. Mishcon's warning covers any kind of visual or voice enabled device, like Amazon and Google's speakers. But video products such as Ring, which is also owned by Amazon, and even baby monitors and closed-circuit TVs, are also a concern, said Mishcon de Reya partner Joe Hancock, who also heads the firm's cybersecurity efforts. The firm worries about the devices being compromised, less so with name-brand products like Alexa, but more so for a cheap knock-off devices, he added.
only mute or shutdown??? (Score:5, Funny)
Re: (Score:2)
Re: (Score:2)
We need fewer lawyers locked down, and more of them locked up.
Re: (Score:2)
Re: (Score:2)
Well, get it out of the house. If you have to take confidential phone calls, just get it out of the house.
But it is OK to recycle it, you don't need to smash it and contaminate your waste.
Re: (Score:2)
It's the only way to be sure...
Seriously? (Score:2)
Remove the damn thing from power before making confidential calls or having confidential conversations. Are people really that stupid? Ah shit, yes, they are.
Re: (Score:2)
Your phone does the same thing and no one seems to care about it. People freak out over alarm motion sensors in their house and then carry a phone with mic, camera and radio into the toilet and bedroom.
Re: (Score:2)
People do care. It's relatively easy to put your phone in a transmission blocking case.
Re: (Score:2)
Re: (Score:3, Funny)
Your phone does the same thing
No. My phone is disconnected from the line when I place the receiver back in its cradle by a mechanical switch. Short of someone breaking in, opening it up and connecting some sort of bypass device (which are not unheard of) my phone cannot transmit audio outside of my residence when not in use.
Re: (Score:2)
Your cellphone, not your landline.
Re: (Score:2)
Now why would I want one of those things?
Re: (Score:2)
Subject: listening on phone calls [Re:Seriously?] (Score:2)
Your phone does the same thing
No. My phone is disconnected from the line when I place the receiver back in its cradle by a mechanical switch.
You do that while you are talking to clients on the phone?
How's that working for you?
Re:Seriously? (Score:5, Interesting)
Actually the phone doesn't disconnect from the line when you put it down, and that is the basis of a con people used to pull.
When the receiver is put down your phone releases the line but the other end isn't forced to do so. Con artists would call up pretending to be your bank and telling you to call them urgently using the number on your bank statements so you could be sure you were talking to the real bank. You hang up but they keep the line open. Most people don't listen for the dial tone, especially with modern phones that let you enter the number before "picking up". So the dialing does nothing, you are still on a call with the fraudster who then pretends to be your bank and tells you to transfer money to a "safe holding account".
Most of the phone companies have changed their systems so that when one side hangs up the connection is terminated a second or two later automatically. However we also know that some telecom companies used to offer security services the ability to open a line to any phone and listen to it even with the receiver on the hook. It only worked with the older simple phones of course, modern ones and especially wireless ones don't enable the microphone until the user presses a button.
Re: (Score:2)
open a line to any phone and listen to it even with the receiver on the hook
Not with an unmodified phone. The microphone is physically disconnected from the line when on hook.
Re: (Score:2)
That may be. I know that in old American phones, if the receiver is down, the mic is disconnected from the line by mechanically actuated contacts.
I have heard of covertly modifying a phone with a carefully chosen resistor across the receiver switch to allow it to be used as a listening device.
Re: (Score:2)
that's right - but as he says, when you pick it back up, its still connected and listening.
Which might be useful knowledge for someone who clicks the cradle to terminate the call and then puts the phone on the desk, or even just presses the "end call" button and puts the phone down, and not back in its cradle.
Re: (Score:1)
The story I remember from childhood was this was intentional and asymmetrical -- when a person received a call at one phone, and wanted to switch which phone in the house was being used, he or she could hang up and then pick up a different phone (such as in a more private location) and continue to talk. Not true for the person placing the call. When they hung up the call was over. So there was some time window where a call stay connected, though
Re: (Score:2)
Re: (Score:2)
If you kill the assistant, then it doesn't do exactly the same thing as Alexa or similar.
Re: (Score:2)
Remove the damn thing from power before making confidential calls or having confidential conversations. Are people really that stupid? Ah shit, yes, they are.
Batteries are cheap, I wouldn't trust that.
Third-party doctrine? (Score:4, Interesting)
Remember Furbies being banned? (Score:3)
Re: Remember Furbies being banned? (Score:1)
Nonsense! I take my Furbie with me into the missle silo every day...
Re: (Score:2)
Yeah. This came up many years ago during security clearance briefings. Basically any network connected devices with listening/recording capabilities. Not so much in sensitive locations but even in the home. Counterintelligence is worried mainly about adversaries developing opportunities for blackmail and similar sorts of coercion. Got a dirty little secret you don't want the neighbors or your local minister to hear? Don't talk about it in front of your kids' stuffed toys.
Yep, here we are (Score:5, Insightful)
Listening devices in everyone's homes. We knew this day would come. We knew it a long time ago. But what we didn't know was that these people would be paying for the devices, as well as installing them in their own homes.
Re: Yep, here we are (Score:4, Insightful)
Freedom died in 2001. Everything since then head just been working out the details of tyranny.
Re: (Score:2)
"Freedom", a word that is completely misused today, was last enjoyed by a large group of travelers that occupied a vast area of land that they simply called "Ours". Today it's called The United States of America.
You're not that important! (Score:1, Redundant)
Re:You're not that important! (Score:5, Interesting)
We may not be that important but some of the attorneys now working from home are. They are dealing with confidential client information that might be worth many millions of dollars to potential competitors. They could, of course, turn off Alexa's microphones:
User: "Alexa, turn off your microphone."
Alexa: "OK."
Later,
User: "Alexa, turn on your microphone."
Alexa: "OK."
Re: You're not that important! (Score:1)
Get real, dude. It's like 1000x easier to snoop someone electronically than to send real human beings to spy on them.
Re: (Score:2)
Yeah, send the real human being to put a few bugs scattered around their house and leave. Incidentally that's also like 1000x easier than writing a custom firmware to make the Echo send communications not triggered by the wake up word, then getting it on the device (which would still require a visit by the real human).
Re: You're not that important! (Score:1)
Two words: OTA update
Re: (Score:2)
Two words: Signed Firmware
Re: You're not that important! (Score:1)
Re: (Score:2)
Yeah, good luck with that. I don't know how to get past the security on those locations, and **I** was the one who programmed it into the system. No, that's not happening.
Re: You're not that important! (Score:2)
Three words: national security letter.
Re: (Score:2)
Grasp at straws much?
And who is going to write the functionality that they want into a version of firmware that doesn't exist? Amazon sure as hell doesn't have any interest in doing so, and no one else has the hardware drivers. Even then, the most casual Wireshark session will reveal what's going on almost immediately. It would be a stupid waste of their time, which would more easily be accomplished by a polite request to their cellphone provider, who will generally immediately roll over and show their b
Re: (Score:2)
Gotta love how lawyers, the most technically inept profession on the planet, feel competent to advise people on technology that they don't understand in the least. I would trust the technical advice of an Andean subsistence farmer more than any lawyer, they're more likely to be correct just by accident.
1) The Alexa doesn't listen to your conversations, it listens for its wake up word.
2) Once it hears its wake up word it buffers the next sentence and sends that to AWS for analysis.
3) Once the snippet has be
Re: (Score:2)
I guess you've gotten a little behind in your tech reading, haven't you?
Electrical Mute (Score:2)
The engineers at Amazon are trying to distinguish their products by putting physical mute switches in new devices. Some of the teardowns have verified some Alexa devices as having the correct mute but it's good to see i being actually advertised. Let's see who competes and then we know what to think of the companies that do not.
Re: (Score:2)
About a quarter of our Airbnb customers will unplug the Echo out of paranoia, only one has been bright enough to use the microphone button.
Re: (Score:3)
The people at your hotel who unplug are the smart ones. With the device unplugged it is absolutely guaranteed not to hear anything. When pressing the button, you're hoping it works as intended.
Re: Electrical Mute (Score:1)
Re: Electrical Mute (Score:2)
Re: (Score:2)
Let me guess, you also think pushing the crosswalk button makes the light say "WALK" sooner and the door close button actually makes the elevator door close sooner?
Re: (Score:1)
Maybe you should just not buy a Alexa?
If you don't have one, why would you worry? Are the lawyers ordering TP?
Re: (Score:2)
I'm sure Amazon is VERY interested in your conversations with your swine. First off, why the frack would they want to listen in on your boring life? What would be the point? Second, imagine the fallout if the company that bills itself as "The most customer-centric company on Earth" were to get caught doing that. Do you really have such an inflated ego that you think they're going to risk **BILLIONS** of dollars in revenue just to hear you declare your adoration of the big hog?
Slashdot used to be a techi
Why? (Score:3)
Why are you bringing those devices into your house in the first place? Home automation is nice but control it via an app on your phone, tablet, or computer. Having something, or things, listen in continuously would be just creepy. And yes, I have Siri turned off on all of my devices.
Re: (Score:2)
Home automation is nice but control it via an app on your phone, tablet, or computer. Having something, or things, listen in continuously would be just creepy.
OP Seems to somehow forget that your phone laptop and other devices have the exact same listening capabilities as Alexa. And to top it off it has an LTE internet connection and leaves the house with you. And turning off Siri/Google/etc. is no safer than muting Alexa.
OP probably knows zero about technology and just likes to be paranoid.
Re: (Score:2)
Home automation is nice but control it via an app on your phone, tablet, or computer.
Good luck finding these sorts of things that aren't routed through 'The Cloud' somehow. Even if there's no need for that. It's not difficult for the average tech savvy geek to lash together this sort of functionality through a server in their basement. But for the average person (who can't be bothered to change their WiFi default password), they just need to buy it, plug it in and expect it to work. And since the manufacturers practically give this stuff away with the intent of monetizing your data, the def
Re: (Score:2)
Govt Jobs (Score:1)
Re: (Score:2)
You can look at the Alexa app on your phone and see everything that it's transmitted back to the mother ship. If you do you'll find that it sends the sentence after you say its wake up word, and that's it. You can run WireShark on your network and confirm that if you want.
My wife has a strong (and quite lovely) Peruvian accent, the hash that it make of some of her commands is rather amusing at times.
Don't trust proprietary software (Score:2)
How can you be sure? The software running on the tracker (or the euphemistically named "cell phone" or "mobile phone") is proprietary. With proprietary software you're given the impression of control which the proprietor wants you to get. That's the nature of proprietary software.
Calls? (Score:2)
I hope they're not on a Siri or Google phone then.
Re: (Score:1)
You mean Apple or Android - there FTFY
Do lawyers not read the small print? (Score:2)
Would they have read it they should be warned and return the device.
Re: (Score:2)
Your imagination would be mistaken. At one point one of the legal-oriented tech sites (Groklaw I believe) changed its terms of usage to include the phase, "By accepting the terms of usage of this web site you hereby grant perpetual legal custody of your first-born offspring throughout eternity" into the third or fourth paragraph. Then they notified everyone visiting the site that the terms of service had changed, displayed the terms, made everyone scroll to the bottom and acknowledge and accept the change
Re: (Score:2)
It reminds me of a couple of years ago when our company came out with some new (proprietary) software, I decided to read the accompanying terms and found the GNU public license.
Someone had put it in, probably as a placeholder until the lawyers would wake up,
I notified some managers and most were quite surprised no one else noticed.
Some of the great conversations we will hear... (Score:2)
Lawyer: "Well we've got a lot of moving parts on this one:
Conference setup of coffee and donuts by assistant number 1 - that was 9 minutes, rounded to the quarter hour is 15 minutes.
Copying and distribution of contracts by assistant number 2 - 16 minutes, again rounded up t nearest quarter hour is 30 minutes.
Consultation between myself and senior partner to determine if we want to take this case - 8 minutes, ro