PrivacyMic looks to keep your home smart without Google, Alexa, Siri and pals listening in

Raspberry Pi-powered prototype proves 95% accurate, 100% private, claim boffins

Researchers at the University of Michigan have proposed a way to have your privacy cake and eat your home automation too. They've found a means of using a voice-activated smart speaker system without it having to listen to everything you say – and no, it's not "pressing a button."

"There are a lot of situations where we want our home automation system or our smart speaker to understand what's going on in our home, but we don't necessarily want it listening to our conversations," said the aptly named Alanson Sample, associate professor of electrical engineering and computer science at the University of Michigan.

"And what we've found is that you can have a system that understands what's going on and a hard guarantee that it will never record any audible information."

How? A video showcasing the technology explains.

Youtube Video

Smart speakers and other voice-activated assistant systems listening in without due cause isn't a theoretical problem. Back in 2019, a cache of recordings made by Google Assistant devices was discovered by Belgian journalists, with 153 of the 1,000 or so recordings identified clearly as private conversions picked up by mistake.

A year later, a botched update saw Google Home speakers begin recording without authorisation as part of a supposedly opt-in feature designed to warn of smoke alarm triggers or glass breaking. It's not just Google either. In 2018 an Oregon couple found their Amazon Echo had been leaking private conversations – again recorded without the wake word being uttered.

"Smart technology today is an all-or-nothing proposition. You can either have nothing or you can have a device that's capable of constant audio recording," Sample said. "PrivacyMic offers another layer of privacy – you can interact with your device using audio if you choose or you can have another setting where the device can glean information without picking up audio."

The trick: listening to ultrasonic sound, rather than the lower frequencies associated with audible speech. "A conventional microphone placed in somebody's home for months at a time could give doctors richer information than they've ever had before, but patients just aren't willing to do that with today's technology," Sample said.

"But an ultrasonic device could give doctors and medical schools unprecedented insight into what their patients' lives are really like in a way that the patients are much more likely to accept."

Powered by – what else? – a Raspberry Pi single-board computer and low-cost ultrasonic microphone, the prototype PrivacyMic listens out for sounds associated with human activity: tooth brushing, toilet flushing, vacuuming, running the dishwasher, even using computer monitors – and proved capable of identifying them over 95 per cent of the time.

Participants, meanwhile, were asked to listen to the recordings played back, without a single one able to make out discernible speech.

Sample and his team claimed that implementing a PrivacyMic system in a smart speaker would require "only minor modifications" at a very low cost, but that such a commercialisation of the technology – which is in the process of being patented by the University of Michigan's Office of Technology Transfer – was "likely several years off."

"Smart speakers take notes of everything we ask them to do or search for. And that is how we create a portrait of ourselves for companies that manufacture those devices," said NordVPN's Daniel Markuson of the risks posed by smart speaker systems.

"The data they gather is stored permanently and later helps companies to sell even more products or help other marketers to target their audiences. So, the real price we pay for smart speakers is our privacy and security."

"Many people don't take any action as they are not informed enough," Markuson continued – and with NordVPN's most recent survey on the topic suggesting over 42 per cent of Britons own and actively use a smart speaker, that's a problem.

"Being aware of possible threats motivates people to take responsibility for their own privacy."

Sample has uploaded a copy of the paper as a PDF under open-access terms. ®

Broader topics

Narrower topics

Other stories you might like

  • DuckDuckGo tries to explain why its browsers won't block some Microsoft web trackers
    Meanwhile, Tails 5.0 users told to stop what they're doing over Firefox flaw

    DuckDuckGo promises privacy to users of its Android, iOS browsers, and macOS browsers – yet it allows certain data to flow from third-party websites to Microsoft-owned services.

    Security researcher Zach Edwards recently conducted an audit of DuckDuckGo's mobile browsers and found that, contrary to expectations, they do not block Meta's Workplace domain, for example, from sending information to Microsoft's Bing and LinkedIn domains.

    Specifically, DuckDuckGo's software didn't stop Microsoft's trackers on the Workplace page from blabbing information about the user to Bing and LinkedIn for tailored advertising purposes. Other trackers, such as Google's, are blocked.

    Continue reading
  • Despite 'key' partnership with AWS, Meta taps up Microsoft Azure for AI work
    Someone got Zuck'd

    Meta’s AI business unit set up shop in Microsoft Azure this week and announced a strategic partnership it says will advance PyTorch development on the public cloud.

    The deal [PDF] will see Mark Zuckerberg’s umbrella company deploy machine-learning workloads on thousands of Nvidia GPUs running in Azure. While a win for Microsoft, the partnership calls in to question just how strong Meta’s commitment to Amazon Web Services (AWS) really is.

    Back in those long-gone days of December, Meta named AWS as its “key long-term strategic cloud provider." As part of that, Meta promised that if it bought any companies that used AWS, it would continue to support their use of Amazon's cloud, rather than force them off into its own private datacenters. The pact also included a vow to expand Meta’s consumption of Amazon’s cloud-based compute, storage, database, and security services.

    Continue reading
  • Atos pushes out HPC cloud services based on Nimbix tech
    Moore's Law got you down? Throw everything at the problem! Quantum, AI, cloud...

    IT services biz Atos has introduced a suite of cloud-based high-performance computing (HPC) services, based around technology gained from its purchase of cloud provider Nimbix last year.

    The Nimbix Supercomputing Suite is described by Atos as a set of flexible and secure HPC solutions available as a service. It includes access to HPC, AI, and quantum computing resources, according to the services company.

    In addition to the existing Nimbix HPC products, the updated portfolio includes a new federated supercomputing-as-a-service platform and a dedicated bare-metal service based on Atos BullSequana supercomputer hardware.

    Continue reading

Biting the hand that feeds IT © 1998–2022