←back to thread

Your phone isn't secretly listening to you, but the truth is more disturbing

(newatlas.com)
369 points zeech | 4 comments | 26 Apr 25 00:26 UTC | HN request time: 0.903s | source
Show context
anenefan ◴[26 Apr 25 02:09 UTC] No.43800302[source]
My younger bro is convinced phones are eavesdropping on conversations and got particularly paranoid (I thought) a year or so back in regard to talking in earshot of his phone.

His evidence is empirical - Apparently he gets pretty high with friends and shit talks - but when when the search started to suggest some pretty way out things along the same lines, he landed that their conversations weren't private any more.

So I have an understanding of how much tracking is going on so I pressed him on that. But he assured me it was stuff he would not even bother to look up in a clearer mindset and of course smoking recreationally for a very long time knows not to go near some tools that could land himself trouble or awkward explanations. That's probably true he says a lot of stuff that a half decent search would put him straight. In the end I just figured loose permissions of one of the many apps he's installed and that's how they (the app) make their money, selling illegally obtained data to more legal sources.

Permissions are the problem with android phones - there needs to be a specific install route for users, one that the app starts asking for things it should not need have access to, the installer refuses to install and suggests the user look for something better. Camera apps for example really don't need access to communication channels, if it's updates it's need, it can ask - one time access.

replies(6): >>43800320 #>>43800370 #>>43800373 #>>43800381 #>>43800436 #>>43805325 #
steve_adams_86 ◴[26 Apr 25 02:38 UTC] No.43800436[source]
Something I discovered when going down this rabbit hole is that if you had that conversation in your house and your visitors have access to your wifi, it may be that they performed the search without you knowing, and your ISP connected that data to you and sold it (as they do).
replies(4): >>43800480 #>>43800523 #>>43800628 #>>43804511 #
simonw ◴[26 Apr 25 03:18 UTC] No.43800628[source]
How would your ISP connect that data if every search engine uses HTTPS now, so there's no way for the ISP to see what you were searching for?
replies(3): >>43800710 #>>43800787 #>>43826541 #
1. IggleSniggle ◴[26 Apr 25 03:51 UTC] No.43800787[source]
DNS lookups are still frequently in the clear, and even if they're not, that just means you're trusting some DNS-over-HTTPS provider. The incentives are perverse.

And of course whoever you are performing your search with, like, oh, an ad company like Google, Meta, or Facebook? They just might use that search data for something.

replies(1): >>43800827 #
2. simonw ◴[26 Apr 25 03:58 UTC] No.43800827[source]
Exactly. Google or Meta can correlate behavioral data like this. Your ISP cannot do that by intercepting your searches.

I care about accuracy when it comes to privacy conversations. I don't want people wasting their time on theories that aren't true when they should be focusing on the real issues at stake.

replies(1): >>43806874 #
3. jeroenhd ◴[26 Apr 25 20:27 UTC] No.43806874[source]
For what it's worth, the ISP may not know the search terms entered, but it can see "google.com" followed by "itchybuttcream.net" when people click the first results. The data will grow more granular over time as users click the second or even third result on Google.

On WiFi you control this risk can be mitigated (force DNS to your own server that uses ODoH or similar) but for most people ISPs are still sitting on data gold mines obtained from passively observing DNS.

replies(1): >>43808199 #
4. gruez ◴[26 Apr 25 23:28 UTC] No.43808199{3}[source]
They can still get the hostname of the server you're connecting to through SNI, and that's far harder to hide. Most sites aren't using eSNI/ECH.