Welcome!

CMS Authors: Mehdi Daoudi, Rishi Bhargava, Harry Trott, Xenia von Wedel, Carmen Gonzalez

Related Topics: @ThingsExpo, Mobile IoT, Cloud Security

@ThingsExpo: Blog Feed Post

Just How Dangerous Is Alexa? | @ThingsExpo #IoT #M2M #Security

Unless you turn off the mics & use a button or a remote, IVCSs are always listening. Let me be the first to scream ‘Look out!’

The “willing suspension of disbelief” is the idea that the audience (readers, viewers, content consumers) is willing to suspend judgment about the implausibility of the narrative for the quality of the audience’s own enjoyment. We do it all the time. Two-dimensional video on our screens is smaller than life and flat and not in real time, but we ignore those facts and immerse ourselves in the stories as if they were real.

We have also learned the “conventions” of each medium. While we watch a movie or a video, we don’t yell to the characters on the screen “Duck!” or “Look out!” when something is about to happen to them. We just passively enjoy the show.

The Willing Suspension of Our Privacy
We apply similar concepts to our online lives. Most of us are willing to give up our data (location, viewing, purchasing or search history) for our online enjoyment. We can call this the “willing suspension of our privacy” because if you spent a moment to consider what your data was actually being used for, you would refuse to let it happen.

The Willing Suspension of Our Agency
Which brings us to the next level of insanity: the willing suspension of our agency for our own enjoyment. This is past the point of giving up a “reasonable amount” of data or privacy to optimize the capabilities of our digital assistants. Suspension of our agency exposes our normally unmonitored physical activity, innocent mumblings and sequestered conversations. Some people believe this is happening with Alexa, Google Home, Siri and other virtual assistant and IoT systems. It may well be.

First, Let’s Give It a Name
Since we are discussing a combination of automatic speech recognition (ASR) and natural language understanding (NLU) engines that enable a system to instantly recognize and respond to voice requests, for this article, let’s call the interface an intelligent voice control system (IVCS).

How It Works
You activate most commercial IVCSs with a “wake word.” For an Amazon Echo or Echo Dot, you can choose one of three possible wake words, “Alexa” (the default), “Amazon” or “Echo.” Unless you turn off the microphones (the Echo has seven) and use a mechanical button or remote control to activate its capabilities, Alexa Voice Service, the system that powers the Echo and Alexa, and other IVCSs are always listening for their wake word.

In Amazon’s case, it keeps approximately 60 seconds of audio in memory for pre-processing so the responses can be situationally aware and “instant.” Amazon says the listening is done locally, on the device, not in the cloud. So technically, the audio does not leave the premises.

Always Listening Does Not Mean Always Transmitting
Yes, an IVCS is always listening AND recording. Which raises the question, “What does it do with the recordings it does not use?” In Amazon’s case, the official answer is that they are erased as they are replaced with the most current 60 seconds. So while the system locally stores approximately 60 seconds of audio preceding your wake word, it transmits only a “fraction of a second” of audio preceding your wake word, plus your actual query and the system’s response. For Alexa, you can find a record of your query on the Home screen of your Alexa app.

More Questions
What happens to the approximately 60 seconds of audio recording preceding a wake word? The one that has a recording of the TV soundtrack, footsteps, the loud argument in the next room, the gunshot, etc.? What happens with that audio? Again, Amazon says it is erased and replaced with the next 60 seconds of audio. Skeptics say if a wake word is detected, the previous 60-ish seconds of audio is put in a database for further IVCS training. If so, could that audio be subpoenaed? Yep! Just like your browser history or phone records. It’s just data. But does it actually exist? Amazon says no. As for other systems? We’ll have to ask.

What About Hackers?
Seven microphones! Could a hacker tap into one or all of them and eavesdrop on me? The official answer is no, and specific technical reasons are cited. However, at The Palmer Group we have several theses for 2017 including, “Anything that can be hacked will be hacked.” Anyone who believes otherwise is simply naïve.

“It’s the Profile, Stupid!”
Data is more powerful in the presence of other data. It is an immutable law of 21st-century living, which in this case means that the most serious threat to each of us is the profile that can be created with the willing suspension of our agency.

Most people have no idea how much information about them is available for sale. The willing suspension of agency has the potential to take us right up to the line that separates where we are now from an Orwellian future. (Many people believe we already live in a surveillance state. We’ll explore this in another article.)

We Must Deal with This Sooner or Later
Alexa is NOT dangerous. The data it collects is NOT dangerous. Nothing about an Amazon Echo is dangerous. It’s awesome. I have one in the kitchen, in the living room, in my home office, and on my night table. It’s an amazing controller, great alarm clock, spectacular Spotify and Amazon Prime interface, an exceptional news and weather reporter, and it does lots of other stuff you can look up online. I love it.

I also love my Google Home. Its ASR/NLU system is second to none. Let’s face it: Google is “the” repository of publicly available knowledge. When I’m on my handheld, I rely on “OK Google,” and while I think Siri is audio impaired and database challenged, sometimes I use it too.

But …

The world will be a very different place when Google, Amazon, Microsoft, Apple and other AI-empowered players have assembled first-party profile data that includes our agency. It will make what they do with our current behavioral profiles look like primitive data processing.

We are predisposed to pay for convenience. We happily do it with cash and with data every day. However, we should not suspend our judgment about the implausibility of this narrative for convenience or for the quality of our enjoyment. Though this is a story we have been told before, there are no conventions of this medium. So let me be the first to scream: “Look out!”

The post Just How Dangerous Is Alexa? originally appeared here on Shelly Palmer

Read the original blog entry...

More Stories By Shelly Palmer

Shelly Palmer is the host of Fox Television’s "Shelly Palmer Digital Living" television show about living and working in a digital world. He is Fox 5′s (WNYW-TV New York) Tech Expert and the host of United Stations Radio Network’s, MediaBytes, a daily syndicated radio report that features insightful commentary and a unique insiders take on the biggest stories in technology, media, and entertainment.

IoT & Smart Cities Stories
The deluge of IoT sensor data collected from connected devices and the powerful AI required to make that data actionable are giving rise to a hybrid ecosystem in which cloud, on-prem and edge processes become interweaved. Attendees will learn how emerging composable infrastructure solutions deliver the adaptive architecture needed to manage this new data reality. Machine learning algorithms can better anticipate data storms and automate resources to support surges, including fully scalable GPU-c...
Machine learning has taken residence at our cities' cores and now we can finally have "smart cities." Cities are a collection of buildings made to provide the structure and safety necessary for people to function, create and survive. Buildings are a pool of ever-changing performance data from large automated systems such as heating and cooling to the people that live and work within them. Through machine learning, buildings can optimize performance, reduce costs, and improve occupant comfort by ...
The explosion of new web/cloud/IoT-based applications and the data they generate are transforming our world right before our eyes. In this rush to adopt these new technologies, organizations are often ignoring fundamental questions concerning who owns the data and failing to ask for permission to conduct invasive surveillance of their customers. Organizations that are not transparent about how their systems gather data telemetry without offering shared data ownership risk product rejection, regu...
René Bostic is the Technical VP of the IBM Cloud Unit in North America. Enjoying her career with IBM during the modern millennial technological era, she is an expert in cloud computing, DevOps and emerging cloud technologies such as Blockchain. Her strengths and core competencies include a proven record of accomplishments in consensus building at all levels to assess, plan, and implement enterprise and cloud computing solutions. René is a member of the Society of Women Engineers (SWE) and a m...
Poor data quality and analytics drive down business value. In fact, Gartner estimated that the average financial impact of poor data quality on organizations is $9.7 million per year. But bad data is much more than a cost center. By eroding trust in information, analytics and the business decisions based on these, it is a serious impediment to digital transformation.
Digital Transformation: Preparing Cloud & IoT Security for the Age of Artificial Intelligence. As automation and artificial intelligence (AI) power solution development and delivery, many businesses need to build backend cloud capabilities. Well-poised organizations, marketing smart devices with AI and BlockChain capabilities prepare to refine compliance and regulatory capabilities in 2018. Volumes of health, financial, technical and privacy data, along with tightening compliance requirements by...
Predicting the future has never been more challenging - not because of the lack of data but because of the flood of ungoverned and risk laden information. Microsoft states that 2.5 exabytes of data are created every day. Expectations and reliance on data are being pushed to the limits, as demands around hybrid options continue to grow.
Digital Transformation and Disruption, Amazon Style - What You Can Learn. Chris Kocher is a co-founder of Grey Heron, a management and strategic marketing consulting firm. He has 25+ years in both strategic and hands-on operating experience helping executives and investors build revenues and shareholder value. He has consulted with over 130 companies on innovating with new business models, product strategies and monetization. Chris has held management positions at HP and Symantec in addition to ...
Enterprises have taken advantage of IoT to achieve important revenue and cost advantages. What is less apparent is how incumbent enterprises operating at scale have, following success with IoT, built analytic, operations management and software development capabilities - ranging from autonomous vehicles to manageable robotics installations. They have embraced these capabilities as if they were Silicon Valley startups.
As IoT continues to increase momentum, so does the associated risk. Secure Device Lifecycle Management (DLM) is ranked as one of the most important technology areas of IoT. Driving this trend is the realization that secure support for IoT devices provides companies the ability to deliver high-quality, reliable, secure offerings faster, create new revenue streams, and reduce support costs, all while building a competitive advantage in their markets. In this session, we will use customer use cases...