ganymede

why does it need to be device agnostic?

happy to get into into these subtopics, but it's also possible i may not be understanding you properly because i agree with alot of what you just said.

what are you attributing the close to 0 probability to?

if you wanna say "whats the probability that CMG was at least partly talking out their arse about their capabilities (and especially any claim they were currently in possession of that capability)?"

i'd also give it like >90% probability they (CMG) are full of shit. in which case you could say i agree with you (to within say 10% error margin).

if you're instead saying the probability is ~100% that audio surveillance capability cannot possibly currently exist outside TLAs because "someone would've published it already" then i really cannot agree. (and afaict that ars article does not support that stance either)

Not disputing the three letter agencies

The capability they were claiming to have would make a three letter agency very excited.

sorry i didn't understand. didn't you say you don't doubt TLAs likely already have this capability?

oppressive regimes

most (all?) of whom are operating outside typical legal constraints and likely already have access to the million dollar exploit trade which already exists.

further, i'm not sure how this changes the landscape anyway? its not without precedent that variations on capabilities can be useful to more than one market segment concurrently?

trivial to discover and flag as malware

can you explain further what you mean by this? i'm not sure there's anything trivial about conclusive analysis of the deep complexities and dependencies of modern smart devices

Apple and Google would also be very keen to find and squash whatever loophole let’s them record without showing the notification.

historically we've seen google can take over half a decade to address such things, afaict (welcome correction on this) apple's generally been faster to respond, and i do agree apple's current public image attire would be contrary to be seen to enable this. [not simping for apple btw, just stating that part of their brand currently seems to be invested in this]

in reality there are a confluence of many agendas and there's likely ALOT of global users running non-bleeding edge or other variations on the myriad of sub-system components, regardless of what upstream entities like google implement. if you are aware of any conclusive downstream binary analyses please link

which if true would have been exposed/validated by security researchers long ago.

i agree the probability of discovery increases over time. and the landscape is growing more hostile to such activities. yet i'm not aware that a current lack of published discovery is actual proof it's never happened.

tbh we have our doubts this leak is directly connected to solid proof "they are listening".

but we're not currently aware of any substantiated reasons to say with certainty "they're absolutely not listening"

well they're an ad company, so being full of shit is pretty much mandatory.

but i'm not aware of any evidence they're actually 100% full of shit on this exact issue or not? can you explain a little more how you know for certain they're full of shit. or you just meant "they're most likely full of shit"?

the PR and lawsuit risk

what risk? facebook & others conducted illegal human experiments. this is an enormous crime and was widely reported yet all fb had to do from a pr perspective was apologise.

as we all know, fb even interfered with with the electoral process of arguably the world's most powerful nation, and all they had to do was some rebranding to meta and it's business as usual. this is exactly how powerful these organisations are. go up against a global superpower & all you need to do is change your business name??? they don't face justice the same way anyone else would, therefore we cannot assess the risk for them as we would another entity - and they know it.

So, while i personally disagree for above reasons, I can accept in your opinion they wouldn't take the legal risk.

simpler metrics are enough

when has 'enough' ever satisfied these entities? we merely need to observe the rate of evolution of various surveillance methods, online, in our devices, in shopping centers to see 'enough' is never enough. its always increasing, and at an alarming rate.

local processing of the mic data into topics that then get sent to their servers is more concerning is not much more feasible

sorry i didn't quite understand, are you saying its not feasible or it is feasible? from the way the sentence started i thought you were going to say it could be, but then you said 'not much more feasible'?

Voice data isn't

voice conversations are near-universally prized in surveillance & intelligence. There hasn't been any convincing argument for any generalised exception to that.

I am not sure they could write it off as a bug

it's already been written off as a bug. i didn't follow that story indefinitely but i'm not aware of even a modest fine being paid in relation to the above story. if it can accidentally transcribe and send your conversations to your contact list without your knowledge or consent (literally already happened - with impunity(?)), they can 1000% "accidentally" send it to some 'debug' server somewhere.

Are they actually doing it? It ofc remains to be seen. Imo the fallout if it was revealed would roughly look like this

• A few people would say "no shit"
• Most people would parrot the "ive done nothing wrong so i don't care" line.
• A few powerless people would be upset.

If they truly wanted to have mic access, they could for a long time

agreed

and it would have been known

are you sure?

The reality is it is too expensive

imo this commonly repeated view has never been substantiated.

we've yet to see a technical explanation for why it's "impossible/too expensive" which addresses the modern realities of efficient voice codecs, even rudimentary signal processing and modern speech-to-text network models.

and risky

how so? previously invasive features are simply written off as "a bug". they barely even need to issue some b̶r̶i̶b̶e̶s̶ fines (typical corporate solution to getting caught), that is the level we're currently at:

"whoops it was a bug, we'll switch it off"

"whoops another update switched it on again" (if caught, months/years later)

"whoops some other opt-in surveillance switched itself on again, just another bug ¯_(ツ)_/¯"

as long as they have deniability as a bug, there's almost zero repercussions and thus virtually zero risk. that is perhaps why a company out and talking about it openly is such a no-no. discussing intent makes 'bug' deniability more difficult.

in my experience when reading past the "they're not listening" headlines, and into the actual technical reports, noone has been able to conclusively rule it out. if you know of conclusive documentation, please post.

then there's the "they have enough data already" argument. which is entirely without foundation, as we all know very well: nothing is ever enough for these pathologically greedy entities. 'enough' simply isn't in their vocabulary. we all know this already.

[i didn't downvote you btw]

no idea why you're being downvoted.

you're entirely correct, and i don't interpret you as defending telegram's lack of user protections

(noticing a real uptick in reddit hivemind around lemmy lately, it's depressing tbh)

Everything that’s encrypted is generally more private and secure than the equivalent which isn't encrypted

honestly i think this is due to unplanned voice calls essentially being broken technology now.

imagine we had 2020s email spammers while mail servers had 1990s spam filters, that's basically where we're at now with unplanned voice.

They gave a fuck about negative pr

Yeah I don’t know. Just see how the modern world is shaping society to the negative I just don’t see where we are close to utopia But right now we are on a different path

That was essentially a big part of my point. We could be close to a utopia by now (from the perspective of technological possibilities).

Instead, as I said

for some suspicious reason we took a very different road, and here we are

That said I don't currently believe technology itself is inherently bad.

Like all tools, it depends what you do with it.

Is a general purpose tool like hammer good or bad? It has the capacity for both. And therefore it's up to the user which is which.

And that's the issue really, what are we doing with our wonderous technology?

This might be a bit of a radical take. But in that ~125 year window i was refering to, alot of machines we've invented are actually weapons.

Weapons to destroy eachother physically (conflict/threats of violence etc).

Weapons to destroy nature (deforestation and probably most mining).

Weapons to destroy the mind (social media etc, actually most media now).

What if we'd had 1+¼ century of building a collective utopia instead of all these weapons?

afaict from the technical perspective it's not really unfeasible, its the non-technical problem: the user and what they use the tools for.

Another clue for us is probably the term appropriate technology, which is a vibe i think eg. solar punk is helping to cultivate.

Anyway we've done ALOT of misuse. That's why i don't blame technology itself.

I still think it's more about what we've done with it.

necessary decline in our quality of life

i'm not refuting your core premise.

but on the note of this issue, not sure i can agree.

have a look at this public infrastructure technology from 122 years ago:

Youtube/Invidious

imagine if we'd spent the last 1+¼ century collectively working towards the utopia this kind of project hinted at - instead of developing new machines to destroy?

typically they say utopian dreams scatter in the face of increased technological awareness. have to say my experience has been the opposite.

the more i learn about technology, the more i realise we could probably be very close to a near-utopia by now. for some suspicious reason we took a very different road, and here we are.