Mike Slinn

Connoisseur of Technology

Are My Hands-Free Devices Always Listening?

2017-01-15 / All Blog posts

The short answer: probably not.

A longer answer: Depends on what you mean by 'listening'. If you mean "is Alexa storing or sending every sound or voice utterance to a server", the answer is again "probably not".

A more complete answer: unless the all of the source code for for a device is made available for scrutiny, and the build process is similarly examined, the only way to be sure that device does not have operating modes that are contrary to expectations would be to connect the device to a network monitor that only allows communication with specific servers at designated times. Normal computer security concerns also pose risks; for example, viruses and other malware could be injected into a device could cause it to behave differently.

Some Paranoia is Healthy

Mattel's new Aristotle is targeted at children. It uses Microsoft Bing for searching, Microsoft Cortana for voice processing and streams video to the cloud. It can read bedtime stories and play soothing sounds if your child wakes up at the night. It is able to recognize your children's imperfect speech, and apparently adapts as they get older and become curious about the world. Aristotle is an AI to help raise your child. Did they do a terrific job or a terrible job? Depends on the factors you take into consideration.

Aristotle can respond to adults differently than to children. Its logging capability is profound. It tracks things like wet diapers and feedings, and can order supplies when asked by an adult.

Aristotle can use object recognition to identify flashcards, or co-opt a toy without electronics and thereby enhance it with sound effects or even another personality.

Mattel has about 500 partners, and they have been invited to build connected toys and apps. The hardware uses 256 bit encryption for all transmissions to Aristotle's servers, and data is handled internally in compliance with COPAA and HIPAA.

It is not difficult to write code that detects when a child is alone

How hard would it be to write code that detects when the child is alone? If a malicious entity wanted to, they could embed their own program in the device, use IP geolocation and other characteristics to identify specific families, and cause the device to behave differently and/or tell the child things when no adults were paying attention. Who knows what malicious software might do?

Open Source To The Rescue

Closed source systems cannot be adequately vetted for general public usage. It is conceivable that selected children might become secretly radicalized by their toy. In 1913 Justice Louis Brandeis said "Sunlight is the best disinfectant". Open source applications, with updates that can be vetted by any interested party, are the only way to ensure these devices are truly safe.

Contact Mike Slinn

Unless you are a recruiter, in which case you should not try to make contact!

  • Email
  • Direct: 514-418-0156
  • Mobile: 650-678-2285


The content on this web site is provided for general information purposes only and does not constitute legal or other professional advice or an opinion of any kind. Users of this web site are advised to seek specific legal advice by contacting their own legal counsel regarding any specific legal issues. Michael Slinn does not warrant or guarantee the quality, accuracy or completeness of any information on this web site. The articles published on this web site are current as of their original date of publication, but should not be relied upon as accurate, timely or fit for any particular purpose.

Accessing or using this web site does not create a client relationship. Although your use of the web site may facilitate access to or communications with Michael Slinn via e-mail or otherwise via the web site, receipt of any such communications or transmissions does not create a client relationship. Michael Slinn does not guarantee the security or confidentiality of any communications made by e-mail or otherwise through this web site.

This web site may contain links to third party web sites. Monitoring the vast information disseminated and accessible through those links is beyond Michael Slinn's resources and he does not attempt to do so. Links are provided for convenience only and Michael Slinn does not endorse the information contained in linked web sites nor guarantee its accuracy, timeliness or fitness for a particular purpose.

comments powered by Disqus

© 1976-2020, Michael Slinn. All rights reserved.