[memnips]

I'm surprised by the privacy backlash in this thread! I understand why this product is so scary for someone who is concerned about privacy, but how is this that much worse than all the other devices you use?

You carry a smart-phone that presumably has GPS, a microphone, and a camera everywhere you go. There's a camera and microphone on your laptop too. Both are cloud connected. If the NSA (or any other super-power) wants to spy on you, they can and will. I believe we've learned that if nothing else w/ all of Snowden's revelations.

IMO if you detest this device's privacy it can only because either: A) You take your privacy VERY seriously, to the point you avoid most mainstream technology and exclusively use burner feature-phones and Tor B) You trust Amazon less than you trust Google, Apple, or others.

I am going to assume it's more the latter than the former. (If not, you really do not represent the mainstream and this audience isn't what I expected).

So assuming B, question for you: why don't you trust Amazon? I actually trust Amazon more than I trust Google or Apple. They have always delivered for me as a customer, and I believe they've always put me first.

*Edited to correct former/latter reversal.

[aeturnum]

I am not really worried about privacy, but this smacks of false equivalency.

> You carry a smart-phone that presumably has GPS, a microphone, and a camera everywhere you go. There's a camera and microphone on your laptop too. Both are cloud connected. If the NSA (or any other super-power) wants to spy on you, they can and will.

People are regularly discovering and shaming companies for transmitting more information than necessary from smart phones. It's true that the NSA could zero-day your phone, but you've still got opportunities to detect or react to that. If nothing else, put your phone in airplane mode.

This device, on the other hand, is designed to transmit everything it hears. There is no way to tell where that data goes and it may be difficult to determine exactly what it contains. Where it's possible to determine if your phone is sending unauthorized data, it seems very hard in this situation.

I don't trust amazon more or less than anyone else. I think we should just be honest about the nature of a device. A phone has an "offline" mode, this does not - its whole purpose is to be an omnipresent microphone. Those are two fundamentally different things.

[hellgas00]

>This device is designed to transmit everything it hears. There is no way to tell where that data goes and it may be difficult to determine exactly what it contains. Where it's possible to determine if your phone is sending unauthorized data.

Not necessarily true, a catch phrase programmed on-board is used to activate the device. If the device was constantly transmitting voice data to Amazon I would have to guess that the leakage of data would be picked up and could be exposed. I still don't think the smart phone analogy is dissimilar, if not worse than the Echo in terms of the privacy implications. What if a catch phrase was programmed into your phone (for instance a list of words a 'terrorist' might use), and it only sent recorded/geo/image/contact information for a short time after it was used? I don't think that would be an easy privacy compromise to spot if you didn't know the catch phrase. Not to mention that many people's smartphones are constantly transmitting location data to Google, without complaint.

[theseoafs]

As long as your phone's on, it can store whatever data it wants locally and shoot it off to Google/Apple/wherever so they can accomplish their nefarious purposes the next time it connects to the internet. If you're not extremely uncomfortable with the idea of a megacorporation leveraging your cellphone to gather info about you, you should also not be uncomfortable with Echo -- it can't do anything your phone can't already do.

[bduerst]

Conversely, consumers can and do watch the data leaving such devices.

The open-sourciness (while not complete) also eludes to what is being stored and shipped to these "megacorps" who have "nefarious" purposes.

I would be more worried about a small third-party flashlight app dev selling your ocntact list and gps history, as opposed to a company with a billion active users.

[LeoPanthera]

> why don't you trust Amazon

I think you're asking the wrong question. It's about the company's motivation.

Google makes money from your data, and by showing you ads. Amazon makes money by creating services and devices that sell you products. Apple makes money just by selling you services and devices.

Looked at this way, I certainly trust Apple more than Google or Amazon, and this is borne out by Apple's recent "A message from Tim Cook". http://www.apple.com/privacy/

[jsmthrowaway]

Yes, this. My gripe is not privacy-related. It's that we've built an entire society that puts things to spend money on in my face, and studies me to better learn how to do that. Google and Amazon are both problematic in this regard.

It takes most people aback when I say that Facebook is probably a much richer intelligence agency than the NSA. And people offer that information to them. Data is far too valuable and it creates the wrong incentives throughout life.

[atmosx]

I do have control over my laptop, the NSA or Amazon would have to actively hack me in order go get to that mic and luckily I'm not worth it anyways.

In order for someone (the NSA?) to track a phone and do whatever they need to do, they need to have a warrant and what-not.

That's like deliberately sending all your living-room conversations (yours and your family's) online for analysis for God-knows-what purpose.

You trust Amazon that's good for you then. I don't trust anybody with admittedly uncontrolled access to all table conversations my family will have in the future.

[bryanlarsen]

There are two basic ways for the NSA to snoop on you using this device.

1. Listen to the internet traffic

2. Install malware to listen to everything

For #1, the Echo only sends conversations preceded by it's keyword. But since the alternatives to the commands you're telling Echo involve the internet anyways, what's the difference? IOW, asking echo for the weather sends the same basic information to the NSA that pulling up the weather app on your phone does.

If the NSA is going to do #2, they're going to do it to the phone in your pocket rather then targeting a niche device like the Echo.

[revscat]

3. Modify the hardware at the manufacturer to make it easier to snoop on without the user being aware.[1]

[1] http://www.infoworld.com/article/2608141/internet-privacy/sn...

[Tyrannosaurs]

Doing 2 on a smartphone feels like it would be something which would start draining battery really quick which would be a giveaway.

With this it's running on mains, it could upload in the middle of the night when it would probably be undetected

Plus, why do one or the other? Sure you want to get someone's phone but why not another device too?

[bryanlarsen]

Modern smartphones are always listening for "siri" or "ok google", and are regularly sending keep-alive packets, so I doubt that the battery drain for spying would be significantly noticeable, if done properly.

> why do one or the other?

Because resources are limited, even at government agencies. Effort spent hacking a device that will probably sell in the tens of thousands when they could be targeting devices that sell in the hundreds of millions just seems silly.

[Tyrannosaurs]

I agree that hacking the Echo might be pointless because it won't sell many is reasonable but that's a somewhat different argument.

Still, personally if I had concerns about privacy and secrecy I'd be looking to limit the number of devices in my own home which had an always active microphone.

[joenathan]

Intel vPro chips have a VNC server built right into the chip, you can VNC in without the need for there to even be an OS installed. It would be very easy to hide a backdoor in one the hundreds of chips stashed in your laptop.

[mcphage]

> but how is this that much worse than all the other devices you use?

Because the other devices I have have useful purposes besides listening to my speech for sales and advertising purposes. The Echo exists solely for that. It's all it does.

[champyoyoza]

But does that matter? Just because your laptop can also play games/movies/etc. doesn't prevent the NSA or whoever else from tapping into the mic or camera.

[mcphage]

Sure, they can. But they at least gives me a reason to own them. This has no reason for me to own besides getting spied on.

[alttab]

this requires additional software to do so. Tapping into a device that essentially already does those things maybe easier?