You have a smart home assistant, really?

It's no secret that the smart home assistants are listening in. What is amazing is people are still surprised.

One only needs to search for "[insert name of service] caught listening" to find the recent mis-deeds of the devices and the companies behind them.

Let's be clear, Google, Amazon and Apple ARE mining data about you AND profiting from it. The apps you download to your devices, how often you use the apps, where you are when you use the apps, what you type in the native browser, mail client, traffic, map, weather AND messaging apps.

The data is anonymized, according to privacy policies, but that is open for interpretation.

The companies will tell you they pull out any PII (personally identifiable information), that's nice of them. Then they sell it to big data companies that collect your metadata from other sources like credit card transactions, social media posts, mobile phone geolocation and device info, etc. Do you think you are still anonymous after that correlation occurs? As Morpheus asked, "You think that's air you're breathing now?"

The question becomes, if you are freely giving these companies all of that data, do you also want to share your conversations? Where do you draw the line? Maybe you are ok with using the devices because you think/expect the device to let you know when it is recording and you can act accordingly? What if I told you that assumption would be incorrect?

Hackers for Security Research Labs developed four Alexa skills and four Google actions that tricked the ubiquitous smart home assistants to continue listening well after a user might expect it to stop. Check out these video's:

Freaked out yet? No? Go to Amazon.com and click the hamburger icon on the top left of the page, "Echo & Alexa", scroll and click on "See all devices with Alexa". Scroll through and look for the smart ring (think wedding ring), ear buds, car device and even eyeglass frames. It won't be as easy as looking for that hockey puck in the room anymore.