[flir]

Frankly, I don't believe it. You can't hide the fact that packets are being shoved over the WAN. Somebody would have picked up on it.

[pedrocr]

From a quick search:

"Please be aware that if your spoken words include personal or other sensitive information, that information will be among the data captured and transmitted to a third party through your use of Voice Recognition," Samsung posted in its SmartTV privacy policy.

https://money.cnn.com/2015/02/09/technology/security/samsung...

There's nothing to hide, it's part of the way the TVs work and explicitly stated by the manufacturers.

[mewpmewp2]

But usually you would have a wakeword that is recognized locally or a button that has to be pressed before online speech recognition would start.

[schiffern]

>There's nothing to hide

Sure there is. I would expect a feature called "Voice Recognition" would only be active when I was using voice commands (and perhaps the occasional accidental activation), but not at other times.

[doublerabbit]

> would only be active when I was using voice commands

How would you activate certain voice commands if it wasn't listening to all?

If the microphone was off than it has no way of hearing and activating the commands. So by design it's microphone needs to be on 24/7.

You could have a push-to-talk button on a remote control to enable the mic but than you just might as well use the remote control.

All these talk to activate features are designed only for the sake of being gimmicky and unethical surveillance.

[schiffern]

> How would you activate certain voice commands if it wasn't listening to all?

One common implementation is to use a locally detected wake word (described in another post), but I've also seen many which require you to hold down a button to speak voice commands. Both solutions answer your technical question satisfactorily.

However, this is how I (and most people) expect voice commands will work based on plain reading of the fine print: the voice commands will be transmitted, but it won't establish 24/7 audio surveillance of your house.

The fine print (and therefore the "explicit" "consent" so obtained) is deceptive and fraudulent.

---

However your real concern is apparently a trust question, not a technical question. The technical question was apparently just a distraction.

Obviously if you don't trust the implementer not to lie about their implementation (ie you assume fraud at the outset), then any microphone (or speaker for that matter!) could be a 24/7 listening bug regardless of trigger implementation or EULA fine print. I see that in another reply you already moved the goalposts thusly.[1] ;)

[1] https://news.ycombinator.com/item?id=41424684

[lukan]

I think amazon solved this partly with hardcoding "alexa" as the wake up word. Meaning a specialized program monitors for "alexa" and ignores everything else and does not record.

Smart TVs might work similar, but I surely won't have anything like it in my home anyway.

[sixothree]

That would be reassuring if there was literally any way to verify this.

[doublerabbit]

Partly yes, but the microphone is still on, you have no access to the code so how can you determine that a malicious actor isn't listening in?

[lukan]

You won't know that with any other microphone either. Also any loud speaker to be precise (they can be used as microphones).

But like I said, I don't want to have those devices either and my smartphone has a removable battery ..

[flir]

Whew. And I thought the mobile phone industry was a cesspit...

[rightbyte]

If you have speech synthesis running locally and send some keywords you can hide the data in the normal packets.

[flir]

I was under the impression that was still infeasible on mobile devices (battery, processor, etc). Happy to be corrected, because I have to admit it's only a matter of time.

[bitnasty]

It’s not about mobile devices, but smart tvs and cable boxes.

[stoperaticless]

If traffic is encrypted, and there is constant other traffic to same server, then it might be hard to identify.