Are your devices listening to you? No, Yes, Maybe…

Picture this…you’ve secretly been wanting a new pink, polka dot dress (don’t judge me). You’ve told no one. In a moment of out-loud self-reflection you confess your heart’s desire within ear shot of your phone or smart speaker. Fast forward to the evening scroll through social media and BOOM: an ad for the aforementioned pink polka dress. What? I knew it. My phone is listening to everything…[insert your brand of panic-stricken behavior here].

In actuality, that is most likely not what happened. I’m not guaranteeing it given all the crazy things that have come to pass in recent history. However, I do want to offer some tangible and in my opinion, more palatable explanations for what occurs in a world of big data, IoT (Internet of Things), and smart toasters (an actual thing).

Disclaimer: This article is not meant to be a hard hitting investigative journalism piece. Violations of privacy in the tech and business world do exist. My intention here is to take an informal look at how our data can be used and offer some advice on how to reasonably protect yourself while still living in the 21 century.

Hang in till the end of the article for a nice distraction which harnesses the power of text to speech and speech recognition for something fun and silly.

Internet traffic. What have you googled?

Did you search for the item or something similar in your favorite search engine? Perhaps you have viewed the item on a few retailer websites to compare prices? In many cases your internet traffic is being harvested for data by retailers and online advertisers. This happens in a variety of ways.

  • Your ISP (Internet Service Provider) has direct access to your browsing history and in some cases they are allowed to sell that with a certain level of anonymity.
  • Most shopping and social media sites utilize cookies and session data which can be leveraged by partner sites to enable targeted advertising.
  • Companies share data behind the scenes and take action on it when they recognize key identifiers such as mailing address, email address, user names, and even IP addresses.

Siri / Smart Speakers. What have you told Siri?

Have you asked Siri or your smart speaker about the item? The smart speaker is technically listening all the time, how else can it know when you say “Hey Siri” or “Alexa”. However, the companies offering these services say they do not record anything prior to hearing the keywords. However, once you you say the magic words, that conversation is being sent over the wire and stored in a variety of formats. Is there someone in a dark room listening in cold-war style…eh…depends on who you ask, but it is likely anything that could be mined from trends in your searches or behavior is a candidate for sharing / selling. Read those EULAs (End User License Agreements).

Shopping. What have you bought?

Have you bought a similar item or an accessory that typically goes with the item? This could be in person or online. Do you ever wonder why every store has some discount club that requires a phone number or address? Again, its all about data mining. Companies can sell this data to advertisers, other companies, and even use the information to improve inventory models and project future traffic in stores.

I’m Freaking Out. What can I do?

Take a deep breath and try to stay calm. Here are some things you can do, and also some reasons you may not actually need to.

  1. Use private or incognito modes in your browsers. However, keep in mind this doesn’t help for sites which you are logged into or for those sites that may be sharing purchase history behind the scenes. The same goes for more extreme measures like VPN and proxy servers.
  2. If you are having a confidential or sensitive conversation, mute or turn off your smart speaker and phone. The extreme measure here would be to build a Faraday Cage.
  3. Consider using cash instead of plastic and opt to not use the discount card for purchases you want to keep private. Alternatively ask the clerk to use the “store” card and keep the discount.
  4. Be aware of the data you are willingly sharing with companies you do business with. Why is this awesome app that makes me look like a unicorn totally free? Did you have to give them your email and other info to sign up? Did you quickly scroll through a user agreement and click okay at the end? What did it say?
  5. Save yourself some time and realize that you love big brother…kidding, but if you don’t get that, read 1984 and Brave New World while you’re at it.
  6. Seriously, be open to the possibility that some of these things are actually beneficial and make your overall shopping experience better. Just be aware, its not serendipity or divine intervention encouraging that purchase. It’s BIG DATA.

I’m Still Freaking Out. Distract me!

A while back I wrote a website for my son that encouraged him to have conversations. I took some of his favorite characters and gave them a few short dialogs. It was pretty limited, but it did keep him occupied for a bit. I’ve posted a link here if anyone wants to give it a try. It leverages the SpeechSynthesis and SpeechRecognition features of JavaScript. The recognition features will likely only work on a PC in chrome, but the text to speech is supported on most devices / browsers.

Shout out to GoNoodle which was his obsession at the time (sshhhh…I used their character images without permission). The code is a bit messy (I haven’t had the time or motivation to clean it up), but you can find it here if interested.

Here’s a video of Mason giving the website a spin.

Reclaiming []

Oh the 90s . . .

Join me on a harrowing journey through time to reclaim my first website to hit the world wide web []. You may be thinking about visiting that address, don’t do it! I’ve purposely un-linked it so you don’t bombard yourself with the mash-up of pop-up ads and adware that most of these early hosting services have become (think Geo-Cities).

What would I find @ []?

Once upon a time, in a land north-west of Charlotte, NC there existed a town called Lincolnton (it may still be there, I haven’t checked lately). In this place, in the year nineteen hundred and ninety ~something~, a group of young men banded together to form…a, uh….band. Not just any band, a truly terrible Christian, punk-rawk band that wrote and performed truly terrible songs. In reality, there was a lot of talent in that band, unfortunately the guy who was writing all the music and lyrics wasn’t one of them (hint: it was me).

AHF – At His Feet

Why does this still exist? Why, why, why. . .

This is the exact question I asked when I randomly went looking for it a while back. I knew that I had not officially decommissioned the site, but surely this scourge had been purged from the internet after all this time. The kicker is I have no way to login to the site because the email address that was used to set it up has long since vanished. The remainder of the article focuses on my attempts to regain access to this site. However, if you hang in till the end there is a special treat for those of you just dying to know more about AHF.

The Official Route

My first thought was “maybe if I just ask nicely they will give me access”. That went something like this:

My initial attempt at reclaiming my first website

As you may have expected, this is the end of that particular story. No reply ever came. I should have suspected it might be a fruitless effort when I noticed the help desk ticket site for Angelfire (now Lycos) didn’t bother with an TLS cert (check out one of my previous posts to learn more about what that is).

Even their support site is insecure

The Hard Way

Next, I thought…well I could just browse to each page, copy the source code, download the resources, and reassemble it. Shortly there after I did a quick google search that yielded a magic tool that quickly did that for me:

Turning Back Time

Once I had the guts of the website in my hand…I realized how messy a situation I was in (gross pun intended).

  1. All the lovely pop-ups and ads had hitched a ride on the download train. I had to be sure all of that had been properly stripped out.
  2. It was a 90s website, full of bright, contrasting colors, barely valid HTML and very suspect javascript. I had to be sure it would work in a modern browser and not be a playground for cross site scripting attacks.
  3. Did I mention it was my first website? Let’s just say my coding techniques could have used a peer review.

In the end I did manage to reconstruct the site (in most of its 90s glory), which you can find here. If you look closely you may even find some newly discovered, yet vintage content.

Full 1990s, early 2000s glory!
Don’t miss this hidden gem, 2 videos pulled from VHS and uploaded on the YouTubes!

GitHub Repository:

Note: For the small group of people that did frequent the website, the guest book (yeah, remember guest books, the pre-Facebook, pre-MySpace, post-bulletin-board, hangout spot) was a hotbed for off color comedy and amusement. Unfortunately that content has been buried in the constantly flowing stream of bits over the years (its gone, I looked, I can’t find it anywhere). If there is enough interest I may look into standing up one for old-times sake, M-G-B-G-A! (Make guest books great again!)