this post was submitted on 23 Jul 2024
43 points (81.2% liked)

Privacy

32177 readers
419 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

my family is moving into a much bigger house than we used to have. we use amazon echos as an intercom system through the announcement feature. because our house is bigger, i’m being forced to get one myself for my room. i haven’t needed one for years because i use their app on my phone and i can see their announcements as a notification and i can also kill off most of its tracking by DNS. unfortunately my parents don’t understand this and are forcing me to get one. what can i do to limit its tracking?

top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 70 points 4 months ago (1 children)
load more comments (1 replies)
[–] [email protected] 41 points 4 months ago (1 children)
[–] [email protected] 12 points 4 months ago (2 children)

buddy i would if i could. unfortunately they are forcing me to have it on at all times. which is why im asking for suggestions

[–] [email protected] 15 points 4 months ago* (last edited 4 months ago) (1 children)

Put together a privacy and security presentation.

Does your family use password managers? (And dear god not Lastpass, with their breech a couple years ago).

What do your parents do if one is incapacitated? The self-hosting community has discussions on managing this.

This is a great opportunity for you to learn a lot of stuff and show your parents how to approach security and privacy.

Start with understanding their needs... Truly understanding, take your time. Solutions can always be found later, once the requirements are well understood.

As an aside, as someone likely old enough to be your grandparent, I can't imagine needing an intercom in a house. Some of my family had them growing up, and found it to be not nearly as useful as they thought it would be.

[–] [email protected] 2 points 4 months ago (4 children)

Does your family use password managers? (And dear god not Lastpass, with their breech a couple years ago).

What is the recomended password manager right now? Currently I still have google storing all my passwords but I'm working on degoogling so that will have to go at some point.

[–] yonder 14 points 4 months ago (2 children)

I personally use bitwarden. I like it because it has a flow of cash from corporate users paying for hosting that funds development meaning I know how they get their money. You can use Bitwarden's server if you don't need all the features or you are willing to pay or you can selfhost (which is what I do).

load more comments (2 replies)
load more comments (3 replies)
load more comments (1 replies)
[–] [email protected] 37 points 4 months ago

Jeff? Is that you, son? I told you that it was nonnegotiable, now get off the internets, I'm expecting an important telephone call and don't want you tying up the lines.

While there are a lot of good technical suggestions here, I've found that a conversation goes a long way. In my experience, when talking with loved ones, explain your emotions. Not "I hate this" or "the governments are listening!", but those core emotions. "Having a device in my room that is always monitoring me makes me feel anxious and I don't feel comfortable in a place where I should feel safe." Make sure that the dialog is calm and remains about your feelings until you know that you're being heard. If you aren't, try other phrases or examples.

Once you've established your feelings, address their concerns and feelings (active listening). It sounds stupid at first, but it works. "I hear that you are frustrated when I don't come down for dinner immediately." Finally, propose some solutions that meet everybody's needs and that the parties can select one to try out for a week and evaluate it's effectiveness, trying new things until a mutually beneficial solution is found.

Good luck. Please post the outcome!

[–] [email protected] 30 points 4 months ago* (last edited 4 months ago)

Alexa order 1000 dildos on my moms account

[–] [email protected] 22 points 4 months ago* (last edited 4 months ago)

Give em the ol' Blizzard treatment;

Don't you guys have phones?

[–] [email protected] 20 points 4 months ago* (last edited 4 months ago) (1 children)

i haven’t needed one for years because i use their app on my phone and i can see their announcements as a notification and i can also kill off most of its tracking by DNS. unfortunately my parents don’t understand this

Sounds like you have a reasonable, compatible alternative on your phone already. Will they even notice if you continue using this and never plug the new alexa in?

[–] [email protected] 14 points 4 months ago (1 children)

probably not. i might just not plug it in and see how it goes. if it doesn’t work out, i guess i’ll have to DNS block its tracking from a openwrt pi

[–] [email protected] 4 points 4 months ago

Good plan A.

For a plan B, If your parents don't understand why privacy is important on the internet they probably won't understand why the echos in your room don't seem to work. Say it's wifi can't reach the router, bend the cable so many times the wires break, "accidentally" become super clumsy with it and knock it over a bunch. This is absolutely a first world problem, it requires a first world solution.

[–] [email protected] 17 points 4 months ago

You can't have privacy with that setup

[–] [email protected] 17 points 4 months ago (2 children)

sorry for asking a question about privacy in a privacy community. i can’t just not use it because my parents are forcing me to use it. if i was allowed to unplug it, i would.

[–] [email protected] 22 points 4 months ago (1 children)

Do it anyways. Everyone has a right of privacy no matter the age.

[–] [email protected] 7 points 4 months ago* (last edited 4 months ago) (2 children)

Ya there's no such thing as "being forced to use it". What are they going to do, lock you in your room with no food if you refuse? Just stand up for yourself and say you are not comfortable having it in your room and don't compromise on it.

[–] southsamurai 16 points 4 months ago

You know, in an ideal world, that makes sense.

But this isn't an ideal world. That's the kind of advice that can get a kid literally beaten in a bad scenario. Parents usually hold all the power in a household, and it isn't the kind of power you can just shrug off.

[–] [email protected] 6 points 4 months ago (2 children)

Well some parents can lock you in a room with no food especially in developing countries

[–] [email protected] 9 points 4 months ago* (last edited 4 months ago) (1 children)

Developing countries probably don't have like 4 amazon echos in the house as an intercom system though, tbf.

[–] [email protected] 2 points 4 months ago

You'd be surprised what stuff has a higher priority for purchase.

IMHO the only reason they don't is because they don't know how to use it or do not care...

[–] [email protected] 6 points 4 months ago (1 children)

My neighbor tied her children because she went out and "they fight a lot" she claimed to be outside for 20 or 30 mins but neighbors said it was like half day.

load more comments (1 replies)
[–] [email protected] 2 points 4 months ago* (last edited 4 months ago)

Honestly, just muting the microphone is mostly fine. I really don't believe they transmit shit to the cloud when they're muted. I've heard a lot of people talk about how they answer when they're muted so they're still listening, but they process the "Alexa" (or whatever wake word you use) locally and then send a short buffer of recording along with everything you say following it to the cloud to process. It's likely they just hear that you said the wake word locally and then say "Hey I'm muted" without sending it to the cloud.

I know this answer isn't the most privacy oriented on a privacy community, but I think this option is more reasonable than you'd think.

You mentioned blocking with DNS. You could try setting up Wireshark or something and see if there are any packets from it when you say the wake word while it is muted and how it compares to when you say the wake word when it's unmuted.

Unfortunately the red LED would always be on because it's muted, but you could cover it with opaque tape. Like electric tape.

[–] [email protected] 15 points 4 months ago* (last edited 4 months ago)

Were I in that position, I would resist, just as much as if they were trying to put video cameras in my bathroom and bedroom.

I would suggest alternatives, and offer to research, order, and install them.

I would appeal to my parents' empathy, try to educate them on the risks these corporate-controlled hackable devices bring with them, and on the negative impact that surveillance has on human development. I would look for allies to help: siblings, extended family members, school authorities, counselors... anyone whose views they might respect, both alone and in groups. I would try to persuade them, and if it came down to it, I would fight.

If they stubbornly insisted, I would continue to bring it up regularly, both in private and in public. I would make sure that it was a constant drain on their time, and make sure they knew it was a constant source of resentment. I would escalate it to the point that they would have to justify it not only to themselves, but to the communities around us. I would consult social workers and government watchdog agencies for child/youth home environments, and find out from them whether my parents were breaking any relevant guidelines or laws.

And, if I somehow couldn't keep it out of my space or unpowered, I would open it up and disconnect the microphone, or perhaps wire a physical switch to allow connecting it only when needed. (By the way, reed switches exist that can be concealed within a device and activated from the outside with a magnet.) If I didn't know how to disassemble electronics or solder, then I would learn.

And then I would continue to fight.

[–] [email protected] 15 points 4 months ago

Take a look at the suggestions in this article: https://www.lifewire.com/stop-alexa-from-listening-5121012

If you disable the microphone, except when you want to use it, that should severely limit what it can do. If you also set the option that tells Amazon not to keep any of your recordings that should keep you fairly safe.

The caveat is that Amazon can decide to cheat at any time. They have repeatedly lied about what information that acquire, how long they retain it, and what they do with it. At the moment, they don't seem to be cheating on the Echo functions, but that could change at any time with an invisible firmware update. There isn't anything you can do about this except to be aware of the possibility.

It is definitely worth using the privacy options they offer, even if they aren't enforced through hardware.

[–] [email protected] 14 points 4 months ago (1 children)
[–] [email protected] 9 points 4 months ago

Amazon doesn't want you to know this one trick

[–] [email protected] 13 points 4 months ago* (last edited 4 months ago) (1 children)

Don't. Break it. Pour water on it.

[–] [email protected] 8 points 4 months ago (1 children)

Or, remind them that you will be the person choosing their nursing home?

[–] [email protected] 4 points 4 months ago

Very nice one.

[–] waywardninja 11 points 4 months ago (2 children)

If not using it for Alexa connectivity, why not just get an actual intercom? A pair is like 30 bucks on Amazon, no Internet required.

Or "hey Alexa, order an intercom system on my mom's account"

Isn't there an eavesdropping function on Alexa... Maybe it's actually less communication and more checking in on what you're doing (not to increase your paranoia)

[–] [email protected] 8 points 4 months ago (1 children)

my parents and siblings enjoy the convenience of alexas and the fact that they can play music. i’ve tried suggesting an actual intercom system and they’re against it

load more comments (1 replies)
load more comments (1 replies)
[–] Cheradenine 11 points 4 months ago* (last edited 4 months ago)

If you are OK opening things up and can use a soldering iron you could put a physical switch on the microphone.

[–] [email protected] 9 points 4 months ago (1 children)
[–] [email protected] 5 points 4 months ago (2 children)

"Sorry mom and dad, half the house and your wealth is mine now."

load more comments (2 replies)
[–] [email protected] 9 points 4 months ago* (last edited 4 months ago) (1 children)

MSCHF made a device called an Alexagate, which jams the microphones using ultrasound and is turned on and off by clapping.

It's a bit expensive, though ($100).

https://alexagate.com/

Otherwise, as you mentioned, you can use DNS to block the tracking. NextDNS has a built-in blocklist specifically for Alexa.

[–] [email protected] 3 points 4 months ago (2 children)

thanks for the suggestion! as for nextDNS, i was already thinking of using this however you cannot change the DNS servers used on alexa devices. i was thinking of setting up openWRT on a pi and using that as a router specifically for our alexa devices with a nextDNS profile installed, but im not sure if alexa’s default to the router’s DNS or amazon’s. even if it does use the router’s DNS, does it backup to Google’s DNS (8.8.8.8) like Roku does?

[–] [email protected] 6 points 4 months ago* (last edited 4 months ago) (1 children)

With opnwrt you can do DNS hijacking, where you force redirect DNS requests for other servers to your own DNS server. This works as long as they aren't encrypted (DNS over HTTPS or TLS), which most devices don't use.

[–] [email protected] 5 points 4 months ago

that’s sounds great! thanks for telling me

[–] [email protected] 5 points 4 months ago* (last edited 4 months ago) (3 children)

I specify my LAN DNS servers (2 pihole instances, main + a backup for redundancy) in my routers DHCP settings, so they are the DNS servers handed out to all LAN clients; then I have an iptables rule on the router blocking all port 53 traffic from leaving the network unless it came from those LAN DNS servers. This means only the piholes can reach external dns; everything else is required to use the LAN DNS servers or receive no response. Then the piholes have full control over what can and cannot resolve to an IP.

I haven't found a device that doesn't work with this setup. I used to have a couple google homes before I wised up, they worked fine behind this setup.

load more comments (3 replies)
[–] [email protected] 8 points 4 months ago (1 children)

You should hire a nicely-dressed and polite person to simply relay your messages in person. And while not needed, they could be tending to other tasks, like your laundry or maybe tending the garden...

[–] [email protected] 6 points 4 months ago* (last edited 4 months ago)

#ProblemsOfTheUpper-Lowers

Because I want to helpful: if you are moving to a home large enough for you to feel that an intercom is needed, then the cost associated with having a simple system installed would be the best way to maintain your privacy, well, your privacy to those without physical access to your home at least.

I can't think of any intercom-related reason that outweighs the needless additional network load, nightmarish privacy policies, and instant gratification through retail buttons, that a network of echo's could provide.

[–] LemoineFairclough 6 points 4 months ago* (last edited 4 months ago)

An overarching question

You should probably discuss boundary setting with someone you trust. This situation might be only one part of a broader issue with your relationship with your parents, and you can probably make that relationship more beneficial and less detrimental.

Moving out

Once you are legally and financially able to, you could move out (or take action to improve your financial situation to make it more likely you'll be able to do so in the future). Distance can allow a relationship to change to your benefit. It seems that the majority of adults in the wealthiest countries don't live with their parents: http://static3.businessinsider.com/image/5908feb9fcd8eb1e008b4681-1200/young-adults-living-at-home.png https://64.media.tumblr.com/42facc68776260a335473a2553bb7f59/410ac9df6d9c28a0-9f/s1280x1920/8be58d13087dc686c9edcab713f63fc4c538e99a.jpg

The law

Note that, unless you have another reason to not want to be around your parents, I doubt that involving a state institution (like child protective services, a police department, a prosecutor's office) in your relationship with your parents will be helpful. Knowing relevant laws is more useful to better understand what is socially accepted behavior, and to be able to know what public institutions are available to help you if you find yourself in a situation where they're likely to be helpful.

Also, consider whether it's appropriate to tell other people you know about this situation. If you do choose to discuss this with other people, I would follow an escalation procedure so that information doesn't need to spread farther than necessary (for example, tell friends first, then if you don't see improvement tell adults that live near you, then if you don't see improvement tell adults in positions of responsibility (like teachers), and so on).

Privacy

You could inform your parents that state institutions might become involved if they cause you to be recorded while in your bedroom without your consent:

in many places, it is indeed illegal to put cameras in your child's room without their knowledge or consent.

property owners face some limitations when attempting to install cameras throughout a rental property. All cameras must be visible; hidden or spy cameras are not permissible in a tenant’s residence. Similarly, CCTV cameras are forbidden in bathrooms, bedrooms, toilets, and other private areas throughout a rented unit.

These quotes are discussing cameras, but I expect the same laws and principles apply to audio recordings.

If you receive mail to an address and are an adult, I expect you have rights similar to that of a tenant.

Money

It seems your parents cannot force you to buy anything, and surely not an amazon echo. They may have a right to receive money you gained as a compensation for services (as wages) during minority for some reason, but otherwise what is yours is yours, and your parents should only use what is yours in order to promote your interests (like your health, security, and so on), and probably they should only do that when it's necessary (in situations where there is a clear and urgent need).

You may want to ensure you have deposited any money you have acquired into a bank account you own (so there is a record of how long you had it, so it would be more questionable if they tried to claim it isn't yours). It might also be useful to use a separate bank account to receive and account for wages (since it seems there are special exceptions for wages, so keeping clear records of what money is wages and what is not might be useful), and it might be useful to have a UTMA custodial account (like one described at https://www.fidelity.com/learning-center/personal-finance/custodial-account-for-kids) (to enable making it even more clear what property has been transferred to you) (note that this does allow a custodian to use the property, but only for your benefit) (note you probably can't "transfer" money to yourself, so any money you already acquired should probably be managed without using a UTMA or UGMA account).

[–] [email protected] 4 points 4 months ago (1 children)

Get one with a hardware switch to mute the mic.

[–] [email protected] 10 points 4 months ago* (last edited 4 months ago) (2 children)

The microphone disable switch on every google home/amazon alexa device does not physically disable the microphone; it just informs the software that you'd like it to not listen to you. It can still do so whenever it pleases.

This is how/why it is able to respond 'your microphone is currently disabled' when you try to command it with that switch on.

[–] [email protected] 3 points 4 months ago

I had thought teardowns proved this wrong and that some of the devices were hardware and/or a separate chip/software stack?

[–] BingBong 2 points 4 months ago

Pretty sure that the very first gen Google ?dot? Mini speaker has physical disconnect.

load more comments
view more: next ›