Welcome!

Related Topics: @ThingsExpo, Mobile IoT, Cloud Security

@ThingsExpo: Blog Feed Post

Just How Dangerous Is Alexa? | @ThingsExpo #IoT #M2M #Security

Unless you turn off the mics & use a button or a remote, IVCSs are always listening. Let me be the first to scream ‘Look out!’

The “willing suspension of disbelief” is the idea that the audience (readers, viewers, content consumers) is willing to suspend judgment about the implausibility of the narrative for the quality of the audience’s own enjoyment. We do it all the time. Two-dimensional video on our screens is smaller than life and flat and not in real time, but we ignore those facts and immerse ourselves in the stories as if they were real.

We have also learned the “conventions” of each medium. While we watch a movie or a video, we don’t yell to the characters on the screen “Duck!” or “Look out!” when something is about to happen to them. We just passively enjoy the show.

The Willing Suspension of Our Privacy
We apply similar concepts to our online lives. Most of us are willing to give up our data (location, viewing, purchasing or search history) for our online enjoyment. We can call this the “willing suspension of our privacy” because if you spent a moment to consider what your data was actually being used for, you would refuse to let it happen.

The Willing Suspension of Our Agency
Which brings us to the next level of insanity: the willing suspension of our agency for our own enjoyment. This is past the point of giving up a “reasonable amount” of data or privacy to optimize the capabilities of our digital assistants. Suspension of our agency exposes our normally unmonitored physical activity, innocent mumblings and sequestered conversations. Some people believe this is happening with Alexa, Google Home, Siri and other virtual assistant and IoT systems. It may well be.

First, Let’s Give It a Name
Since we are discussing a combination of automatic speech recognition (ASR) and natural language understanding (NLU) engines that enable a system to instantly recognize and respond to voice requests, for this article, let’s call the interface an intelligent voice control system (IVCS).

How It Works
You activate most commercial IVCSs with a “wake word.” For an Amazon Echo or Echo Dot, you can choose one of three possible wake words, “Alexa” (the default), “Amazon” or “Echo.” Unless you turn off the microphones (the Echo has seven) and use a mechanical button or remote control to activate its capabilities, Alexa Voice Service, the system that powers the Echo and Alexa, and other IVCSs are always listening for their wake word.

In Amazon’s case, it keeps approximately 60 seconds of audio in memory for pre-processing so the responses can be situationally aware and “instant.” Amazon says the listening is done locally, on the device, not in the cloud. So technically, the audio does not leave the premises.

Always Listening Does Not Mean Always Transmitting
Yes, an IVCS is always listening AND recording. Which raises the question, “What does it do with the recordings it does not use?” In Amazon’s case, the official answer is that they are erased as they are replaced with the most current 60 seconds. So while the system locally stores approximately 60 seconds of audio preceding your wake word, it transmits only a “fraction of a second” of audio preceding your wake word, plus your actual query and the system’s response. For Alexa, you can find a record of your query on the Home screen of your Alexa app.

More Questions
What happens to the approximately 60 seconds of audio recording preceding a wake word? The one that has a recording of the TV soundtrack, footsteps, the loud argument in the next room, the gunshot, etc.? What happens with that audio? Again, Amazon says it is erased and replaced with the next 60 seconds of audio. Skeptics say if a wake word is detected, the previous 60-ish seconds of audio is put in a database for further IVCS training. If so, could that audio be subpoenaed? Yep! Just like your browser history or phone records. It’s just data. But does it actually exist? Amazon says no. As for other systems? We’ll have to ask.

What About Hackers?
Seven microphones! Could a hacker tap into one or all of them and eavesdrop on me? The official answer is no, and specific technical reasons are cited. However, at The Palmer Group we have several theses for 2017 including, “Anything that can be hacked will be hacked.” Anyone who believes otherwise is simply naïve.

“It’s the Profile, Stupid!”
Data is more powerful in the presence of other data. It is an immutable law of 21st-century living, which in this case means that the most serious threat to each of us is the profile that can be created with the willing suspension of our agency.

Most people have no idea how much information about them is available for sale. The willing suspension of agency has the potential to take us right up to the line that separates where we are now from an Orwellian future. (Many people believe we already live in a surveillance state. We’ll explore this in another article.)

We Must Deal with This Sooner or Later
Alexa is NOT dangerous. The data it collects is NOT dangerous. Nothing about an Amazon Echo is dangerous. It’s awesome. I have one in the kitchen, in the living room, in my home office, and on my night table. It’s an amazing controller, great alarm clock, spectacular Spotify and Amazon Prime interface, an exceptional news and weather reporter, and it does lots of other stuff you can look up online. I love it.

I also love my Google Home. Its ASR/NLU system is second to none. Let’s face it: Google is “the” repository of publicly available knowledge. When I’m on my handheld, I rely on “OK Google,” and while I think Siri is audio impaired and database challenged, sometimes I use it too.

But …

The world will be a very different place when Google, Amazon, Microsoft, Apple and other AI-empowered players have assembled first-party profile data that includes our agency. It will make what they do with our current behavioral profiles look like primitive data processing.

We are predisposed to pay for convenience. We happily do it with cash and with data every day. However, we should not suspend our judgment about the implausibility of this narrative for convenience or for the quality of our enjoyment. Though this is a story we have been told before, there are no conventions of this medium. So let me be the first to scream: “Look out!”

The post Just How Dangerous Is Alexa? originally appeared here on Shelly Palmer

Read the original blog entry...

More Stories By Shelly Palmer

Shelly Palmer is the host of Fox Television’s "Shelly Palmer Digital Living" television show about living and working in a digital world. He is Fox 5′s (WNYW-TV New York) Tech Expert and the host of United Stations Radio Network’s, MediaBytes, a daily syndicated radio report that features insightful commentary and a unique insiders take on the biggest stories in technology, media, and entertainment.

Latest Stories
With tough new regulations coming to Europe on data privacy in May 2018, Calligo will explain why in reality the effect is global and transforms how you consider critical data. EU GDPR fundamentally rewrites the rules for cloud, Big Data and IoT. In his session at 21st Cloud Expo, Adam Ryan, Vice President and General Manager EMEA at Calligo, will examine the regulations and provide insight on how it affects technology, challenges the established rules and will usher in new levels of diligence...
SYS-CON Events announced today that SkyScale will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. SkyScale is a world-class provider of cloud-based, ultra-fast multi-GPU hardware platforms for lease to customers desiring the fastest performance available as a service anywhere in the world. SkyScale builds, configures, and manages dedicated systems strategically located in maximum-securit...
Your homes and cars can be automated and self-serviced. Why can't your storage? From simply asking questions to analyze and troubleshoot your infrastructure, to provisioning storage with snapshots, recovery and replication, your wildest sci-fi dream has come true. In his session at @DevOpsSummit at 20th Cloud Expo, Dan Florea, Director of Product Management at Tintri, provided a ChatOps demo where you can talk to your storage and manage it from anywhere, through Slack and similar services with...
"We are an IT services solution provider and we sell software to support those solutions. Our focus and key areas are around security, enterprise monitoring, and continuous delivery optimization," noted John Balsavage, President of A&I Solutions, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
The financial services market is one of the most data-driven industries in the world, yet it’s bogged down by legacy CPU technologies that simply can’t keep up with the task of querying and visualizing billions of records. In his session at 20th Cloud Expo, Karthik Lalithraj, a Principal Solutions Architect at Kinetica, discussed how the advent of advanced in-database analytics on the GPU makes it possible to run sophisticated data science workloads on the same database that is housing the rich...
SYS-CON Events announced today that Calligo has been named “Bronze Sponsor” of SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Calligo is an innovative cloud service provider offering mid-sized companies the highest levels of data privacy. Calligo offers unparalleled application performance guarantees, commercial flexibility and a personalized support service from its globally located cloud platfor...
"We want to show that our solution is far less expensive with a much better total cost of ownership so we announced several key features. One is called geo-distributed erasure coding, another is support for KVM and we introduced a new capability called Multi-Part," explained Tim Desai, Senior Product Marketing Manager at Hitachi Data Systems, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
DevOps at Cloud Expo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 21st Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to w...
There is a huge demand for responsive, real-time mobile and web experiences, but current architectural patterns do not easily accommodate applications that respond to events in real time. Common solutions using message queues or HTTP long-polling quickly lead to resiliency, scalability and development velocity challenges. In his session at 21st Cloud Expo, Ryland Degnan, a Senior Software Engineer on the Netflix Edge Platform team, will discuss how by leveraging a reactive stream-based protocol,...
"DX encompasses the continuing technology revolution, and is addressing society's most important issues throughout the entire $78 trillion 21st-century global economy," said Roger Strukhoff, Conference Chair. "DX World Expo has organized these issues along 10 tracks with more than 150 of the world's top speakers coming to Istanbul to help change the world."
"At the keynote this morning we spoke about the value proposition of Nutanix, of having a DevOps culture and a mindset, and the business outcomes of achieving agility and scale, which everybody here is trying to accomplish," noted Mark Lavi, DevOps Solution Architect at Nutanix, in this SYS-CON.tv interview at @DevOpsSummit at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
DX World EXPO, LLC., a Lighthouse Point, Florida-based startup trade show producer and the creator of "DXWorldEXPO® - Digital Transformation Conference & Expo" has announced its executive management team. The team is headed by Levent Selamoglu, who has been named CEO. "Now is the time for a truly global DX event, to bring together the leading minds from the technology world in a conversation about Digital Transformation," he said in making the announcement.
SYS-CON Events announced today that Massive Networks will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Massive Networks mission is simple. To help your business operate seamlessly with fast, reliable, and secure internet and network solutions. Improve your customer's experience with outstanding connections to your cloud.
Internet of @ThingsExpo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 21st Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The Internet of Things (IoT) is the most profound change in personal and enterprise IT since the creation of the Worldwide Web more than 20 years ago. All major researchers estimate there will be tens of billions devic...
"The Striim platform is a full end-to-end streaming integration and analytics platform that is middleware that covers a lot of different use cases," explained Steve Wilkes, Founder and CTO at Striim, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.