Googles Invasive Tools to combat privacy | Part 1

This is the 1st installment of a 3 part series on Google and Privacy.

  1. Current Challenges
  2. Your? Anonymous Data Collection
  3. SEO Tools: GoogEVIL for content creators.

Part 1:

Code that was supposed to be used to support VOX for ‘ok Google’ called hotword detection, is activating without polling the user for approval.

Because of the unique way the tool works, and also because Google is a data miner, and a broker of private search and app usage data for profit, it immediately raised concerns with privacy rights groups.

Rick Falkvinge from privateinternetaccess.com 

A brief explanation of the Open-source / Free-software philosophy is needed here. When you’re installing a version of GNU/Linux like Debian or Ubuntu onto a fresh computer, thousands of really smart people have analyzed every line of human-readable source code before that operating system was built into computer-executable binary code, to make it common and open knowledge what the machine actually does instead of trusting corporate statements on what it’s supposed to be doing. Therefore, you don’t install black boxes onto a Debian or Ubuntu system; you use software repositories that have gone through this source-code audit-then-build process. Maintainers of operating systems like Debian and Ubuntu use many so-called “upstreams” of source code to build the final product.

So why is Google such a proponent of Open Source Communities, but allows its partners to distribute proprietary versions of its own open source code?

Chromium, the open-source version of Google Chrome, had abused its position as trusted upstream to insert lines of source code that bypassed this audit-then-build process, and which downloaded and installed a black box of unverifiable executable code directly onto computers, essentially rendering them compromised. We don’t know and can’t know what this black box does. But we see reports that the microphone has been activated, and that Chromium considers audio capture permitted.

So your device is controlled, by a remote computer, that you haven’t seen a certificate for, don’t have access or authority to even the point of contact to inquire about it (that would violate privacy laws!), all because you wanted to browse the internets.

This was supposedly to enable the “Ok, Google” behavior – that when you say certain words, a search function is activated. Certainly a useful feature. Certainly something that enables eavesdropping of every conversation in the entire room, too.

Obviously, your own computer isn’t the one to analyze the actual search command. Google’s servers do. Which means that your computer had been stealth configured to send what was being said in your room to somebody else, to a private company in another country, without your consent or knowledge, an audio transmission triggered by… an unknown and unverifiable set of conditions.

It would seem the Goog gets a little bit more brazen…taking liberty to help themselves to people’s data because they assume everyone who downloads and installs any software or use any connected data service from Google, really understands that what they are installing is an engagement platform the Google uses to capture data on what you do while using it. The service itself is real, but it’s not the reason you are using it.


 

What Mr. Falkvinge is saying, is that because of OK Google network design (the front-end is the program on your computer or Android handset and the voice recognition portion is on a Google server), Google has taken advantage of the fact that OK Google on your phone or computer needs to listen to everything, all the time. And since you are the one who installed Chrome (and you always read acceptable use and privacy statement….right) therefore, you consent to code that listens and records everything.

That’s BS. it doesn’t listen and record everything, just the OK Google part.

O’Rly? Well, how can it only listen for and record the OK Google part, if it doesn’t listen and record every thing that is said for the ‘OK Google!’ part?

I have had conversations with folks who don’t seem to care about their privacy or meta data collection, sensor collection like audio, video, etc by Google, the Government or otherwise. Not everyone has an issue with it, which is fine as long as everyone has a clear and cognizant choice, and that choice is obeyed.
Anyway, fail speed ahead, Google.

%d bloggers like this: