Is Google recording your conversations without you knowing?

You’ve probably heard about the case of the Amazon Alexa smart speaker that recorded a conversation and sent it to someone.

Amazon has been forced to explain how Alexa recorded a private conversation and sent it to an Echo userโ€™s colleague without their knowledge. A Portland woman identified only as Danielle revealed the odd series of events in an interview with local TV station Kiro 7, claiming that an Amazon Echo device recorded a private conversation between her and her husband and sent the recording to an employee of the husband. — The Verge

I haven’t got any speakers in my house that record. (Some of the newer Sonos devices can do it. Mine can’t.)

And I don’t think I particularly want any.

The other week, probably triggered by the EU’s GDPR legislation, I got an email from Google suggesting I do a privacy check.

I had a look, and digging around found a page on Voice Activity.

To my surprise, this has dozens of voice recordings, going back about 18 months.

Google voice recordings

Apparently the Google app on my Android phone (actually my current phone and the previous one) has semi-regularly decided I was trying to attract the attention of the Google Assistant (normally invoked by saying “OK Google”), and started recording, then saved the recordings in the cloud.

I can play the recordings. The sound quality isn’t great, but you can make out the words. In none of them did I actually want the Google Assistant. They’re just random conversations with people.

You can turn the option off (well, you can pause it). Which I’ve now done.

It’s good that you can access the recordings, and change the option.

But I wonder how many people don’t know that Google is recording snippets of conversations and saving them on their servers?

Check yours via this direct link, or go to myaccount.google.com and then choose My Activity; Activity Controls; Voice & Audio Activity (where you can also Pause the feature).

Note: the Google App is also available on iOS, so it’s worth checking even if you have an iPhone, not an Android… And of course Siri has similar functionality.

Beware of fake email bills – and how the corporates are letting the side down

There are warnings of fake Telstra bills being sent by email.

They look like the real thing. The only clue that they’re not is that the View/Pay Bill button goes to a non-Telstra web site.

The lesson here is: check where the link goes. If it doesn’t go to an address that is clearly on the company’s web site (telstra.com), be suspicious.

…Which is why I’ve been asking South East Water about their email bills.

Those look legit, but the payment link goes to ippayments.com.au — in fact it’s worse — it goes first via a URL forwarder edmconnect.com.au (with a very long path/querystring)

So my simple question to them was: how is anybody meant to know this is legit?

Their response:

That I think shows a misunderstanding of the question.

IPPayments might be super secure (PCI compliant suggests that it is). But how does a punter know that?

They were still clearly not getting my point, so I persisted.

Still completely missing the point.

Okay, try another tack… provide an example of a company doing it properly:

No response. Radio silence.

Perhaps they finally understood; perhaps not.

It’s frustrating, because if you register for their online portal, you can make payments through that. You go to southeastwater.com.au and end up on southeastwater.secure.force.com — which I do recognise — it’s Salesforce.

Ideally they’d use a subdomain. Subdomains allow a company to delegate part of their web site to another one, for instance their online payment gateway.

If they can’t do that, they should direct users to their main web site, and have them click through to the payment gateway from there, so people at least can have some confidence that the web site they enter their credit card into is actually authorised by the organisation.

Paperless billing, using online instead? Great. But with so many scammers out there, corporations really need to make it easy for their customers to know they’re safe.

(Lead photo: Anonymous Hacker, by Brian Clug — Creative Commons. I love a hacker stereotype photo. ‘Cos all hackers wear masks when they’re working, in darkened rooms. I bet those screens are showing fast-scrolling green-screen character interfaces.)

Update 11/6/2018: I noticed that Optus also use IPPayments, the same payment gateway as South East Water, but Optus uses a “secure.optus.com.au” subdomain.

The Last Post (of the year)

One last post of miscellaneous stuff to mark the end of 2017.

Grandad

My Grandad was born on this day in 1924. He passed away on Boxing Day, just shy of his 93rd birthday. Being one of our UK relatives, we didn’t visit him much, but we did manage to see him during our UK trip this year. RIP.

Some blog stats

Total blog posts for 2017: 120 excluding this one.

Total comments for 2017: 1276 up to 6pm.

Most popular posts, by number of comments, are all transport posts:
Read More …

It’s August! I’ve got a new blog template

Eagle-eyed readers would have noticed I’ve put in a new blog template.

The intent was to provide more space for photos and table data. The old template (and most like it, in fact) squash them up even when displayed on a big desktop screen.

See any problems? Leave a comment.

Also, I’m interested to know what’s better: a rotating or random header image, or the same one each time (for easy recognition)?

Issues I need to fix:

  • Comment numbering has disappeared. The usual method of fixing this isn’t working yet.
  • The Google ads are turned off for now. Sorry, but I’ll be switching them back on. Will try not to make them too obtrusive.
  • A change earlier in the year to HTTPS has broken a bunch of pictures in older posts. — fixed

Reminder: At present I’m posting a mix of new blog posts, and backdated Europe trip posts.

Cardiff Bay: Pierhead building and Millennium Centre

New phone: Motorola G5 Plus

A reminder that despite how it may sometimes seem, not all my blog posts are about transport. If you want to view only the transport posts, try here. For convenience, this link is also on the menu at the top, under Transport.

Over the years I’ve had many mobile phones.

Here’s an update to that old list:

November 2013: Google Nexus 5 — I did that Apple-like thing of preordering this before I’d actually seen it in the flesh. This was a terrific phone. Fast, good camera, great features, no bloatware, and being a Google device, got updates really quickly.

I loved some of the features I only discovered well after I got it, like the pedometer which is now tracking my steps, and NFC, which has all sorts of uses such as checking public transport smartcards (in smart cities like Sydney and Singapore where this is enabled) — see below.

Then the phone died in late-2016. The power button got stuck, and it continually switched itself on and off.

I replaced it and then stuck it in a drawer until a couple of weeks ago when my son Jeremy needed a phone to use while his was being repaired. He found a way to repair the power button, and it’s still going strong!

Opal NFC phone app

October 2016: Google Nexus 5X (which cost me $489 at the time) — the spiritual successor to the 5. I really wanted to like this as much as the 5, but I didn’t. It was a good phone, but not a great phone. It feels a little laggy at times.

Perhaps that’s one of the perils of buying a phone that was released 12 months earlier.

There’s also probably a point at which (for all phones, tablets, and other devices) you should stop installing major upgrades to the operating system, which often bring major new features requiring perhaps more horsepower than the device can provide. Instead, it might be better to just install the security patches… at least until they run out.

Daniel buys a new phone

Having a good, fast reliable phone is more important these days than it has been in the past. I’m not sure that back in the day, any of us Gen Xers really appreciated that by the 2010s we’d literally have such a useful computer that we could carry around in our pockets all day.

I decided last week to get a new phone, and after some research settled on the Motorola G5 Plus (currently retailing for about $380), for three main reasons:

Get something faster. The 5X was released in 2015. Interestingly, you can still buy it new through some dealers (though Google themselves no longer sell it, having moved to the Pixel — at about double the price). I think there are now better value phones in the $400-500ish range.

Fear of the boot loop. I don’t know if it’s common or not, but a known hardware problem with the 5X phone is that occasionally they will get into a state where they continually boot, and (barring hacks to fix it) have to be sent back for repair or replacement. This is something I could deal with at home, but there’s no way I’d want it to happen while on our overseas holiday later this year.

Dual SIMs. I’d like to have mobile data for maps and so on while travelling, but I’d also like to be reachable on my usual phone number. Telstra international roaming isn’t cheap: $85 for 300 Mb or $160 for 600 Mb.

In contrast, a Three UK prepaid SIM, including 1 Gb data and texts and calls for a month, costs 10 pounds (A$17), or 12 Gb for double that cost, and it includes roaming in Europe. (I’m still looking at the options, but this appears to be one of the best.)

The solution to cheap local rates + keep your usual number? A dual-SIM phone. Use data and outbound calls on the cheap local SIM, and still be able to receive calls/texts on my Australian number. And the money savings will help subsidise the new phone.

(I wonder if the phone companies dislike this?)

In fact I suppose I could even choose to use a second SIM at home to get cheap data and/or try and get around the Telstra capacity problems on peak hour trains between Malvern to South Yarra — though from what I’m told, the other carriers are no better.

Motorola G5 Plus phone

So I bought a new Moto G5 Plus, and sold the Nexus 5X on Gumtree over the weekend. (eBay won’t let me sell a mobile phone, due to Paypal having a grudge against me, for reasons they’ve never been able to explain.)

I listed it for $220, and got all sorts of cheeky offers from as low as $130. I refrained from telling them they were dreaming. Eventually accepted an offer of $180 from a bloke who had a Sony phone he quite liked, but dropped it and smashed the glass. Whoops.

And the new phone? So far so good, apart from the wallpaper, which I’ve changed to my own design, and the “Hello Moto!” audible greeting, which was the first thing I switched off!