I've been making a VR piano app to help with my own practicing. I find that it helps to see the recorded hands moving in 3d space in front of you. I can also slow down the movements to make it easier to replicate. It's certainly easier than learning sheet music! Here's a video if anyone is interested: https://www.youtube.com/watch?v=tnBmjtgb2rA
You may have meant 'domain' as in an area of interest, in which case this is good advice. For years though, I was a proponent of the 'buy a domain name first' method of idea validation. As a result I spent far too much time and money on domain names when I should have been testing the idea/market.
Surely it's possible to sniff what's being sent back to Amazon's servers? If Amazon are lying and they are storing/analysing everything the Echo hears, surely this would be easy to prove?
It is possible to see all traffic it sends, and possibly even fake certificate authorities (depends on how resilient the Alexa is to this tampering) and trick the Alexa into giving you the data it sends encrypted using a key that you control.
However, this line of reasoning can be refuted all the way down to being impossible to prove/disprove. For example, there is reasonably an audio processing chip in Alexa that does always-on keyword listening, and it's possible it could track breadcrumbs over time (e.g., voice fingerprints, triggering keywords like "bomb", etc). This data can then be interlaced with innocuous data, for example inside an access token (opaque blob used to identify on whose behalf the Alexa is making requests). That would make it virtually impossible to find even if you had full access to the network traffic.
Anyway, when it comes to these things I like to take an Occam's razor approach. There's a great number of things a company can do to spy on you, but most likely when it comes to mass surveillance it's easier to tap into more obvious sources of data like your browsing history from the ISP, your phone line, Facebook/Google tracking data. In fact, I'd be more scared of say Facebook's and Google's voice assistants than Amazon or Apple because the latter two don't depend as much on consumer identity as a business.
EDIT: Another thing that just came to my mind. Even when you analyze network traffic and observe that traffic only occurs during your queries (i.e. in the seconds after the hotword is uttered), that doesn't mean that the Echo won't use the opportunity to send some previously-recorded audio to the server together with the current recording. In the same way that clever hackers disguise themselves by having their network traffic mimic the shape and direction of legitimate network traffic.
Yes but we could could look at the amount of of data transmitted in total. Audio compression is well understood, and can infer within an range of usable quality, if any excess voice or other data is sent over the network.
So what you're saying is, if a company like Amazon or Google has the excess bandwidth, it is beneficial for them to send way too much data in the first place in order to disguise what data is actually being sent.
ASR is a hugely complex process that is handled by ML algorithms on Amazon's servers. The echo simply does not have the hardware to handle this on it's own.
Is it though? Not trying to be argumentative but I remember using dragon naturally speaking to do voice dictation way back in like 98 on a processor that makes today's average smartphone look like a supercomputer. I thought all the ML stuff was for figuring out context and the like, but straight transcription?
I'm sure you could use Wireshark and see what requests are being made, however, they very likely use TLS so getting the content of those requests would be extremely difficult if not completely impossible.
However, if you don't mind potentially destroying your echo, I'm sure you could reverse engineer a way to see what's going on.
As far as I know, only this year's Echo models don't have a known way to root them, so you could likely circumvent the encryption on an older model to inspect traffic. I'm not aware of any publicized results of someone doing that though, and it doesn't necessarily tell you what the backend can and can't extract from the audio data.
I agree. This analogy is good up to the point where you consider that these trackers don't really know or care who you are. To them you're an anonymous hashed id.
Yes, they 'follow' you around, but they are essentially invisible and mostly aim to improve the targeting of ads/information.
It's easy to forget that a lot of this technology is very new and for a while there will be cases where it's seen as intrusive. Things will only get better over time.
I've worked very closely with tracking companies. They are very strict about not storing any unhashed identifyable information such as email adddress, postcode etc.
Some are good, some are in compliance with the law and some are not. It's a mixed bag, and then of course there is the small detail that 'the law' is not the same from one place to another and that plenty of companies use this to their advantage.
Have you ever seen hotjar, inspectlet, mouseflow and many other service? I mean check out the demo page on the inspectlet site, type in your email address, check the recording and tell me they don't store it in plain text.
Agreed. It took me a while to join Twitter. I was reluctant at first because I thought: "Why the hell would anyone want to hear my random thoughts?" I didn't realize that I was the one who wanted to hear OTHER people's random thoughts.
Domain names are a market just like any other. If someone buys a domain name to make money from affiliate links that's their choice, I don't have a problem with that. Don't like it? Come up with a more profitable use for the domain name and buy it from them.
As a Gmail user it annoys me when people attach Outlook emails to messages in a format that is readable only in Outlook. Come on Microsoft, play nicely. You're not the only player anymore.
