I run a simple, free and privacy-friendly wishlist service[0] with zero ads and tracking that's been around for a couple of years now, and I don't even keep your e-mail address in plaintext[1]. It's been exciting to see the user count go from ~500 to ~2500 the last year. Any feedback and feature requests are much appreciated :)
I have a 16gb USB flash drive encrypted with LUKS[0]. In there are various lists that I don't want anyone to find, however mundane they actually are. Things like shopping lists and 'to buy' lists for Amazon etc. Always presume 'private' stuff you have in the cloud will be leaked via various means (Rogue employee, data breach, sloppy programming etc)
This is not the first time large companies with built in wishlists have ignored or abused their users. There were times when a retailer would direct your loved ones no to your list but to an “Idea” list in a tab right next to it when they went to your link. Most often they just index your list on Google and it becomes a top result when someone searches your name (great SEO for them, bad for you). Or suggest gift cards to stores that are 30% overpriced to your loved ones right at the top of your list, when you never wished for one. I built DreamList by hand over the past few years to prevent these and other abuses with family’s wishes and money and now it’s growing. I would love to get your feedback as well.
On the internet, you are a consumer or you're the product. You're paying for something, or you yourself are being sold. Dreamlist isn't "completely private." Read their privacy policy.
> "We may share information about you in anonymous and/or aggregated form with third parties for industry analysis, demographic profiling, research, analysis and other similar purposes."
If you think that savvy companies can't use other databases to aggregate user profiles and deanonymize data... well, you're the perfect user for Dreamlist!
EDIT: Or, as I found out by clicking on the parent's user handle, you actually founded Dreamlist. I might humbly suggest at this point, Diana, that you're open and forthright about the fact you sell data to other companies. Even if you're completely dutiful in anonymizing data, you have no control over what is done with the data once you sell it.
---
For what it's worth, I'm much more worried about the privacy implications of Dreamlist than Alexa. With Alexa, I know I'm giving access to my logged-in Amazon profile/account to anyone with access to my device. With Dreamlist, no one knows who my data is being sold to.
No data is being sold and no wishlists are being indexed to google. I built DreamList for my own family first. I work daily to make it safe for my kids to use. If you google DreamList and any competing wish list / registry brand and a common first name (or yours) you will see who keeps user data private (everyone else will show you thousands of personal wishlists and registries, we don’t, and preventing that is deep in our architecture choices). I suggested to the Cloudflare Team that they need to build backend analytics into their platform years ago, and they did it. I use that data to report our growth to the YC Startup School dashboard. We had google analytics which is why we had to add that disclaimer in the privacy policy, but we are actively trying to find a better more reliable solution on the backend instead. Front end metrics are still needed because we have many nontechnical users who are grandparents or families in need being added to gift drives and we need to know when something goes wrong for them and narrow down what the issue might be. For google analytics we cut off all fine grained tracking - no per user data, no integrated ads consoles, and only the landing pages that have no private user data get indexed. If we remove it completely, Google lowers SEO rankings. Every day the numbers diverge more between google and Cloudflare analytics given fhe increased use of built in browser ads blockers, and that makes us happy. We’d never add facebook pixels or viglink or other ad network JS into the site.
We went deeper than that, testing to make sure no data about the user leaks at any point even in the console, or caching, or any other section. External links go through one redirect page that removes source page information, so everything looks like it’s coming from the main site. If you have feedback, especially about privacy, please feel free to send it feedback@dreamlist.com - we push out changes and updates almost daily.
We noticed a well known billion valued startup ended up showing their employee emails in the network tab data streams of the browser console, because apparently they like to access people’s private content on occasion and their system leaves a trace of that that shows on every page visit. That’s why we also added a private memories and journal section for anyone on DreamList as well. Grandparents who are frequent users need to be able to save stories for loved ones, and we want them to have a place to do that that is private and ads free.
Always open to feedback. The site is bootstrapped and definitely looking for contributors.
Rather than a promise, I’d like to see things like this written into the actual contract of paid services.
Even if the try to limit the liability to just what you paid them, it’s still a useful barrier to selling your data or exposing it.
In the case of them blatantly selling it to “partners” you could still go after them for the value they gained by breaking the contract and selling your copyrighted information.
My soon-to-be 8 year old son was devastated and ran into his room crying when he asked Alexa what the notification was and she described his hoverboard present just delivered to the front porch. Could we have anticipated that? Maybe. The surprise was the ruining of the surprise instead of the surprise itself.
That actually made me chuckle. That's definitely not a scenario one would have thought of in advance. I wonder if the "Item is a gift" checkbox would have any bearing on how Alexa describes a delivery? Hey Alexa, hint hint...
There's a couple of settings for it. One disables the item reading entirely, one disables names for things marked as gifts or items ordered around major holidays.
It's a box made by programmers to be used by consumers. Programmers can make it do things that would make it even better and more useful to the consumers. As another comment has already indicated, these programmers have already taken this into consideration and provide the options.
Not really sure where you thought anyone was confused by a small box being a butler.
> The surprise was the ruining of the surprise instead of the surprise itself.
Not confused, surprised. A hallmark of a butler is discretion. I hope you didn’t read that I was contradicting you or disagreeing? “Don’t spoil the suprise by divulging the nature of the package to the intended recipient” is beyond Alexa’s programming. For a butler, it wouldn’t even be a checkbox option, it would go without saying.
It worries me how ubiqutous the idea of letting your single digit age children talk to a "voice assistant" that analyses and stores their words has become. It also concerns me that people describe this thing as a "she", humanising it.
Just curious, maybe I'm not understanding this well, but why was your son crying? Was a hoverboard not what he expected?
I'm thinking back to when I was a child -- I wouldn't normally cry if a surprise was ruined. The ruining of a surprise would not have been a big deal. But I might have cried if I hadn't gotten what I'd hoped for.
This type of thing has also happened to me with Google Maps and Android Auto. I used Google Maps to locate a store to get a gift for my wife. Later, we used the car. When I plugged in my phone, Google Maps displayed the store as a recommended destination on the center console screen. This ruined the surprise.
Now, Google Maps has an Incognito mode, but now I know I must use it when buying surprise presents.
The problem is this interaction is impossible to anticipate, and makes me not want my preferences on communal devices at all.
I keep a list of stuff I need to buy in my usual notes or todo app. This means it's website-agnostic (not limited to Amazon), private, and the shop doesn't know what I want until I actually commit to buying it (so they can't raise prices or do targeted advertising by knowing that I'm interested in a given item). As a bonus, it protects me from these kinds of surprises.
I don't get the point of using a proprietary, crappy (in this case) implementation that gives an adversary an edge when a simple text file would do?
I'd guess that for many, the point is that it's not simply a list of things they want or need to buy for themselves, but a list they can send to others. In this case, though, a todo-list might have been a better choice, although I myself also keep ideas for others in the wishlist service I use.
This is a technology site, the way these voice assistant works has been posted numerous times and is common knowledge at this point. They've been ripped apart by multiple security pros. Yet every thread we get unjustified replies like this. It is tiresome and frustrating.
But I'll post it once again:
- Wake phase detection is all handled locally (i.e. on device).
- It loops a continuous recording over itself. If no phase is detected within a few seconds the recording is permanently lost.
- We can see from data monitoring it isn't continuously transmitting (and that's also what the companies behind it claim).
- "It could be modified" is a red herring. You are already carrying ON YOUR PERSON an always connected microphone with not one by two layers of operating system on it (baseband + consumer OS).
It should not be popular to post "photographs can steal your soul"-levels of tech-spiracy on a site like this, but yet here we are again.
I don't have any particular reason to think the above is incorrect, let alone deliberately false or misleading. You sound more knowledgeable about the device than me.
But I think you're tremendously overstating your certainty to contrast with people you're calling paranoid.
If lives depended on it, are you that sure you fully understand how things work? Are you that sure of the contrast you point out between Alexa and a smartphone?
I'm not questioning your opinions and facts; I'm urging you to examine your own feelings and motivations, which obviously only you can.
When people attack doubts in others as paranoia, well, it might be accurate. But strong emotions and especially anger on the subject tend to suggest the underlying issue is suppressing one's own doubts.
The general attitude of "we know how it works" always makes me think of the quote "Given enough eyeballs, all bugs are shallow" and OpenSSL.
My rule of thumb is, if something is technically feasible, if it's not possible to casually detect it, and there are likely no immediate, directly applied penalties for it, then it's unwise to bet against it.
Something I see people assert to comfort themselves is that companies care about reputation and therefore wouldn't do some thing. I think you have to have blinkers on and somehow repress all your experience working for corporations or consuming products made by them to think that way.
>..."photographs can steal your soul"-levels of tech-spiracy...
It's a microphone connected to the internet. If corporations and governments choose to use this variety of device nefariously, they won't be stopped. Many people are feel concerned when their society increasingly resembles East Germany.
These companies have a history of absolutely abusing things like this. Comparing reasonable concern that’s informed by history to superstition is very upsetting to me.
Again, you're making assumptions that people worry about privacy like you are. You're also making an assumption that people think like you that Alexa harms their privacy. Finally, your first sentence is pretty ignorant I must say. Let people in a wheelchair talk about Alexa and their tradeoffs.
Personally I have an Alexa but don't find it too appealing. I barely use it. My kids use it much more often. I don't worry about privacy. I trust Amazon (or Google/Apple/Microsoft) that non of the audio is saved or sent to the cloud unless the device hears the trigger word. Can someone hack it and listen to our interactions at home? I'm assuming it's possible but that's true for our phones too.
Please, this is either a serious lack of imagination or a ton of insincerity on your part. Having the ability to speak a command at home to turn on/off lights, adjust the temperature, play music, etc is extremely convenient. I would love to do it at my home, but I will not be using any of these products when they require an internet connection.
I'd love to have voice control at home but I want something that's private and stays within my network, I refuse to install spyware inside my own house
I can think of a brilliant use case, but it's the only one I can think of offhand.
For the disabled, particularly blind people, it would be great to have interactive voice stuff if that whole ecosystem were really fleshed out. Some of this exists but a world of audio books, online banking, interaction with social media, all with interfaces optimized for voice use/audio listening would be great.
Interacting with a screen by having some software read it to you just seems incredibly clumsy.
Personally, I think the hands-off case for automotive use is dangerous. Talking on the phone or listening to email while driving is sketchy even though you're still gripping the steering wheel. AM/FM radio interfaces were perfected 75 years ago.
> AM/FM radio interfaces were perfected 75 years ago.
While I agree physical and simple is best, I've also totaled a car by fussing with such a radio and driving. Safest is probably no radio and no distractions. Second best may be set and forget interfaces that don't allow changes while moving.
In order to really reach people with vision issues, it seems like places like Bank of America (just an example) need to do a good job of Alexa skills. Dunno how you deal with security.
As a side note, it's funny how absurd online banking websites are. It's a thing that would be well served by simple/secure pure text interfaces but that certainly isn't what you get.
The amount of cruft on the web just blows me away, whether it's a weather or real estate or recipe site. We're living in a world of shit.
Having worked for and with a few different large companies, my experience has been that multi-national banks are the most pathologically "not a single entity". They have all sorts of factions within often working directly against the interests of each other, with large projects kept secret purely for _internal_ competitive advantage. With that model, the resulting mangled mess they present as an interface makes significantly more sense.
> jEfF BeZoS Is aLwAyS LiStEnInG To yOu!!1!!!!111!
> As long as he gives me cheap same-day delivery, IDGAF.
It's disappointing that even when people know about the widespread harsh treatment of workers, as long as they get their cheap same day delivery, they don't care.
I'm so sick of this quote. Yes, there is unethical behavior, but there is unethical behavior in all practices. It's not the consumption that is ethical/unethical, it is the person doing the consuming and/or selling.
I think I've just been in the Amazon ecosystem too long, I can't really figure out which part is surprising that it could be considered a 'leak'.
1 - That Alexa has access to information about any particular Amazon user? To me the registration process and features of the product make this extremely obvious, but maybe its not?
2 - That Alexa will send audio notifications related to the status of the account its linked to? This is the only thing that I feel is of any possible surprise. Most of the marketing around Alexa products show interactions initiated by the user.
3 - That 'private wish lists' aren't excluded from the full set of notifications? Amazon just calls them 'wish lists' and to me they are just cached shopping carts. I don't really see them as any more sensitive than any other information in the account.
On 3, something you've set as "private" being brought up in a public setting is surprising. You made it someway so that others couldn't see it, so it seems rational to assume it would be considered sensitive information.
If nothing else, giving the option to disable this on private lists would be nice.
Unless you explicitly share something, all of the information is protected equally except for credit card numbers and your password.
Like I mentioned above, if the author had a gift in their shopping cart or ‘save for later’ and Alexa notified on a price change, would they have a similar reaction?
It’s not a moot point now but either this is just a serendipitous occasion or somebody Amazon really listens, but I just opened up the app, went to manage lists, and there’s literally an option now to manage the list through Alexa or not.
>if the author had a gift in their shopping cart or ‘save for later’ and Alexa notified on a price change, would they have a similar reaction?
These are different in that the person involved did not explicitly set them as private. They might feel annoyed, but would realize they made the mistake.
This is pretty much what I was thinking. This is no more a “leak” than your monitor “leaking” data about your Amazon account when you’re logged in to amazon. This guy decided to buy this device, put it in his house so it could listen in on him, gave it his Amazon credentials, and it’s working as designed and promised. Why have something like this in your house unless you hate privacy already?
And so does your phone and your browser and every other device you allow other people to use. Is it a leak if you allow your wife to use your phone and receive a notification?
I don't know if I'm really the only one who shares an Amazon account with his significant other? My partner doesn't need Alexa to be notified what's on my wishlist ... she can just look it up. So blaming Alexa to spoil the secret is a bit ... hyperbole?
It seems very logical that a list marked private shouldn't send any notifications to Alexa, a device that isn't private by design. It either announces or displays things to anyone near it.
At the very least, the default should be "no notifications", and you could turn them on for the list if desired.
If you've used a phone in last decade you would know that they have options to hide notification details behind lock screens and it is in most cases the default setting.
I don't mean it as condescending. Most people are not aware of how they private information is stolen all the time. Before the GDPR, I think most people weren't aware that cookies were used to spy on them.
Let's take another example: harmful chemicals. Most people aren't aware that chemical X or Y is harmful until it becomes a scandal, at which point the companies switch to another that also hasn't been tested long term. In that case, like with privacy, I don't think the people are at fault. People assume that companies aren't going to abuse them.
That's why I don't agree with 'Obviously if you are sharing an account nothing is "private". Doesn't this go without saying?'. People have some expectations that sadly don't reflect reality, so in cases like that they need explanations.
> jEfF BeZoS Is aLwAyS LiStEnInG To yOu!!1!!!!111!
> As long as he gives me cheap same-day delivery, IDGAF.
for lower and lower quality of items, with less of a real selection (go look at electric kettles - there's 50 different brands - with weird names - but the kettles all almost look identical). Also the while prices creep up as any competition gets annihilated.
This hits the nail on the head. I agree ebay and Amazon are also sometimes the only option for finding obscure stuff, but most of the world now buys most of the mundane stuff from them, and then we act surprised when they become international empires, richer than countries, and more powerful than most of them, and only getting bigger and bigger. Society is simply not equipped to deal with the cascading effects of consumerism and 'free' market, be it privacy, data mining, social security, or the environment.
[0] https://wishy.gift/
[1] https://news.ycombinator.com/item?id=24965671