PrivacyMic looks to keep your home smart without Google, Alexa, Siri and pals listening in

Raspberry Pi-powered prototype proves 95% accurate, 100% private, claim boffins

Researchers at the University of Michigan have proposed a way to have your privacy cake and eat your home automation too. They've found a means of using a voice-activated smart speaker system without it having to listen to everything you say – and no, it's not "pressing a button."

"There are a lot of situations where we want our home automation system or our smart speaker to understand what's going on in our home, but we don't necessarily want it listening to our conversations," said the aptly named Alanson Sample, associate professor of electrical engineering and computer science at the University of Michigan.

"And what we've found is that you can have a system that understands what's going on and a hard guarantee that it will never record any audible information."

How? A video showcasing the technology explains.

Youtube Video

Smart speakers and other voice-activated assistant systems listening in without due cause isn't a theoretical problem. Back in 2019, a cache of recordings made by Google Assistant devices was discovered by Belgian journalists, with 153 of the 1,000 or so recordings identified clearly as private conversions picked up by mistake.

A year later, a botched update saw Google Home speakers begin recording without authorisation as part of a supposedly opt-in feature designed to warn of smoke alarm triggers or glass breaking. It's not just Google either. In 2018 an Oregon couple found their Amazon Echo had been leaking private conversations – again recorded without the wake word being uttered.

"Smart technology today is an all-or-nothing proposition. You can either have nothing or you can have a device that's capable of constant audio recording," Sample said. "PrivacyMic offers another layer of privacy – you can interact with your device using audio if you choose or you can have another setting where the device can glean information without picking up audio."

The trick: listening to ultrasonic sound, rather than the lower frequencies associated with audible speech. "A conventional microphone placed in somebody's home for months at a time could give doctors richer information than they've ever had before, but patients just aren't willing to do that with today's technology," Sample said.

"But an ultrasonic device could give doctors and medical schools unprecedented insight into what their patients' lives are really like in a way that the patients are much more likely to accept."

Powered by – what else? – a Raspberry Pi single-board computer and low-cost ultrasonic microphone, the prototype PrivacyMic listens out for sounds associated with human activity: tooth brushing, toilet flushing, vacuuming, running the dishwasher, even using computer monitors – and proved capable of identifying them over 95 per cent of the time.

Participants, meanwhile, were asked to listen to the recordings played back, without a single one able to make out discernible speech.

Sample and his team claimed that implementing a PrivacyMic system in a smart speaker would require "only minor modifications" at a very low cost, but that such a commercialisation of the technology – which is in the process of being patented by the University of Michigan's Office of Technology Transfer – was "likely several years off."

"Smart speakers take notes of everything we ask them to do or search for. And that is how we create a portrait of ourselves for companies that manufacture those devices," said NordVPN's Daniel Markuson of the risks posed by smart speaker systems.

"The data they gather is stored permanently and later helps companies to sell even more products or help other marketers to target their audiences. So, the real price we pay for smart speakers is our privacy and security."

"Many people don't take any action as they are not informed enough," Markuson continued – and with NordVPN's most recent survey on the topic suggesting over 42 per cent of Britons own and actively use a smart speaker, that's a problem.

"Being aware of possible threats motivates people to take responsibility for their own privacy."

Sample has uploaded a copy of the paper as a PDF under open-access terms. ®

Broader topics

Narrower topics

Other stories you might like

  • Stolen university credentials up for sale by Russian crooks, FBI warns
    Forget dark-web souks, thousands of these are already being traded on public bazaars

    Russian crooks are selling network credentials and virtual private network access for a "multitude" of US universities and colleges on criminal marketplaces, according to the FBI.

    According to a warning issued on Thursday, these stolen credentials sell for thousands of dollars on both dark web and public internet forums, and could lead to subsequent cyberattacks against individual employees or the schools themselves.

    "The exposure of usernames and passwords can lead to brute force credential stuffing computer network attacks, whereby attackers attempt logins across various internet sites or exploit them for subsequent cyber attacks as criminal actors take advantage of users recycling the same credentials across multiple accounts, internet sites, and services," the Feds' alert [PDF] said.

    Continue reading
  • Big Tech loves talking up privacy – while trying to kill privacy legislation
    Study claims Amazon, Apple, Google, Meta, Microsoft work to derail data rules

    Amazon, Apple, Google, Meta, and Microsoft often support privacy in public statements, but behind the scenes they've been working through some common organizations to weaken or kill privacy legislation in US states.

    That's according to a report this week from news non-profit The Markup, which said the corporations hire lobbyists from the same few groups and law firms to defang or drown state privacy bills.

    The report examined 31 states when state legislatures were considering privacy legislation and identified 445 lobbyists and lobbying firms working on behalf of Amazon, Apple, Google, Meta, and Microsoft, along with industry groups like TechNet and the State Privacy and Security Coalition.

    Continue reading
  • SEC probes Musk for not properly disclosing Twitter stake
    Meanwhile, social network's board rejects resignation of one its directors

    America's financial watchdog is investigating whether Elon Musk adequately disclosed his purchase of Twitter shares last month, just as his bid to take over the social media company hangs in the balance. 

    A letter [PDF] from the SEC addressed to the tech billionaire said he "[did] not appear" to have filed the proper form detailing his 9.2 percent stake in Twitter "required 10 days from the date of acquisition," and asked him to provide more information. Musk's shares made him one of Twitter's largest shareholders. The letter is dated April 4, and was shared this week by the regulator.

    Musk quickly moved to try and buy the whole company outright in a deal initially worth over $44 billion. Musk sold a chunk of his shares in Tesla worth $8.4 billion and bagged another $7.14 billion from investors to help finance the $21 billion he promised to put forward for the deal. The remaining $25.5 billion bill was secured via debt financing by Morgan Stanley, Bank of America, Barclays, and others. But the takeover is not going smoothly.

    Continue reading

Biting the hand that feeds IT © 1998–2022