So I had a verbal conversation with a coworker yesterday and now I'm getting fed very specific ads. No possible way it's accidental. I have most of the microphone access to apps limited, I have Google assistant turned off and no VPA setup in my home. I use a Oneplus 9 pro, does anyone have recommendations on how to further root cause this or just par for the course for using any standard android OS? Have other folks had similar experience after locking down their stock phones?
The amount of battery used and data that your phone would be sending if it was constantly recording and sending the data to Google would be very obvious
Its more likely that Google and Co have just profiled you really well and or you searched for that specific topic before. Or that topic was an ad that you clicked on in the past or that you slowed down when scrolling to look at
Newer android version notify you in the top right when your microphone is active and you should also be able to see when the last time, down to the minute, that any app accessed the mic in settings
It's most likely a cause and effect reversal, in my opinion.
The conversation was happening because of the ads, not the other way around. Advertising works. It manipulates us into changing behavior, even without us realizing.
A real conversation makes you think about the thing being advertised, leading to you notice what would otherwise be totally below-the-radar things. People don't like to imagine they have been manipulated, so the conspiracy of the listening phone seems preferable.
Android is sending a ton of data, though, even if you're not doing anything internet related. It, also, kinda reacts to "okay, google", which wouldn't really be possible if it wasn't listening.
Now, it obviously doesn't keep a continuous, lossless audio stream from the phone to some google server. But, it could be sending text parsed from audio locally, or just snippets of audio when the thing detects speech. Relatively normal stuff to collect for analytics purposes, actually.
Now, data like that could "easily" get "misplaced", of course, and end up in the ad-shoveling machine... Not necessary at Google's hands: could be any app, really. Facebook, TickTok, random free to play Candy Crush clone, etc. But if that data gets into the interwoven clusterfuck of advertisement might, it will likely end up having an effect on the ads shown to the user.
it does not upload audio clips unless you opt in during the first use of assistant
well, and text will obviously get sent if assistant activation results in a google search, pretty sure actions like setting a timer run fully locally without any feedback to google (except general anonymous analytics data which is not that "scary")
I usef to be that "Google fan-boy", until I added a Pihole to my home network. Suddenly my phone's battery had improved by about 8% after about a week.
Then I decided to install CalyxOS on my (at the time) Pixel 4 XL. My battery started to literally last at last at least 50% longer (from almost a full 24 hours from 100% to about 10–ish. You can say what you want, and it may not be the microphone or caneamra, but the fact is that phones (android or apple, it makes no difference) are constantly sending data to their servers, regardless of if you're using the phone or not.
Don't believe me? Run a PCAP for 24 hours and you'll see, at the very least, 60 hits per hour to Google if you're on any android phone, and more on Apple because it send to Google and Apple (never kind whatever else you have installed on your phone). And Samsung is the worst offender on the Android scenario, because they regularly send data without consent to their own servers, Google and Meta (doesn't matter if you dont have any meta software installed, they still send metadata regularly).
Again, I can't confirm nor deny the violation of your privacy via mic or camera, but the data transfers to those servers is not only well documented, they actually mention them to you the moment you're setting up your device.
And before you say anything, Microsoft, from my stand point, is second only to Meta on this ridiculous data collection crap.
I've been deGoogled for years, the battery saving was probably from not having Gapps running in the background, I know that Googles and Co are constantly phoning home but to say that they are turning on peoples mics and either running a service locally to transcribe the audio or sending whole audio files to themselves for marketing is unsubstantiated and a bit ridiculous, there's way easier ways to profile users through behavior analysis on their phones whether it be what apps and how long they use them or what posts/ ads user either scroll past slower or actually tap on.
There's a very obvious difference between a few kilobits of text and a few megabits of audio and people would easily see if megabits of data were constantly being sent to from their phones every day
Why waste so much energy and bandwidth trying to figure out what the mic picks up when the majority of it would be inaudible because of background noise or phones being in peoples pockets/bags when they can glean so much more data from how a user interacts with their phone for so much cheaper
That's why I said I can't confirm nor deny that's the case. At this point, I'm just too paranoid about every single big tech corporation out there. I went from calling the people that taped webcams crazy to having a large variety of covers for every single webcam in my possession. The same with the security cameras. From having Arlos, Wyze and all that to getting rid of all of them and now self-hosting all of them with frigate.
At the end of the day, be it data you upload willingly, surveillance over what you do on your devices, microphone, camera or none, the creepy level we're at today is just insane.
Not possible. To be explicit, he was asking me my opinion about car maintenance and if I changed the oil in my cars every X miles OR every six months, or if the expiration time of oil was BS. I told him my opinion was that the age of the oil is irrelevant unless you idle your car for many hours at a time, just change it based on the millage. Today I got fed an article about how a dude tested the oil from various cars, with various ages and miles against brand new oil and found that age made no difference on the key characteristics of the oil. That is a remarkably specific article from a VERY specific VERBAL conversation I had over a Teams call on a work computer. It certainly got me thinking but again its the first time I've had one of those super specific ads in a long time that made me question my privacy.
Edit: I'm getting down voted, so people don't think this is a markably specific ad response? People really think Google is just this good to infer this type of article in less than 24 hours is just dumb luck because 'oil change'?
Every day, millions of people discuss oil changes. If an article (was it an article or an ad?) is published on oil changes on X date, it is going to coincide with a large number of unlinked conversations. Today, it was you.
Once is a coincidence, if you can prove a pattern then you should concerned.
It may be obscure, but that doesnt make it less of coincidence. Also, there is a pretty significant cross.over between tech people and car people (and a greater crossover with car owners).
Well, I'm not going to downvote you because I think it's a good contribution and conversation, but I do think that is a coincidence. They know your interests and stuff and it's black magic how good they are now of making these coincidences happen, but it's not the mic. To much data to process and send
Crazy that they wrote an entire article for one guy's conversation about motor oil. Sounds like a really effective use of resources that is very real and not made up.
Probably because no one has any proof other than anecdotal evidence. And the vast majority of times it's looked into it's because the person reporting it doesn't understand how else their information is collected (i.e. web searches, intranet data for other people, browsing histories, etc.)
Look at it this way, is it more likely that the majority of security researchers that look into it, find nothing, and deem these use cases as inefficient and improbable, are wrong; OR is it more likely that data collectors builds good profiles, mixed with some Baader-Meinhof, a little Dunning-Krueger, and a lot of coincidence?
Not everything is a big conspiracy, nuance is neccesary, or the sky will always be falling.
I mean if you want to deny the sky is blue when plenty of experience says otherwise that's on you.
I agree that it would be very inefficient to send voice recordings, and those would be easy to pick out with some packet sniffing.
But a locally processed txt file of keywords would be such a small amount of encrypted data that it would easily pass under the nose of any security researcher and they would have no idea unless it was decrypted.
There is a chance I guess he went off and researched the topic and our relations are tethered on googles back end so it figured I might be interested in his interests. But I'm stretching here. I should ask him on Monday!