my family is moving into a much bigger house than we used to have. we use amazon echos as an intercom system through the announcement feature. because our house is bigger, i’m being forced to get one myself for my room. i haven’t needed one for years because i use their app on my phone and i can see their announcements as a notification and i can also kill off most of its tracking by DNS. unfortunately my parents don’t understand this and are forcing me to get one. what can i do to limit its tracking?

    • yoshisaur@lemm.eeOP
      link
      fedilink
      arrow-up
      14
      arrow-down
      2
      ·
      4 months ago

      buddy i would if i could. unfortunately they are forcing me to have it on at all times. which is why im asking for suggestions

      • BearOfaTime@lemm.ee
        link
        fedilink
        arrow-up
        17
        arrow-down
        2
        ·
        edit-2
        4 months ago

        Put together a privacy and security presentation.

        Does your family use password managers? (And dear god not Lastpass, with their breech a couple years ago).

        What do your parents do if one is incapacitated? The self-hosting community has discussions on managing this.

        This is a great opportunity for you to learn a lot of stuff and show your parents how to approach security and privacy.

        Start with understanding their needs… Truly understanding, take your time. Solutions can always be found later, once the requirements are well understood.

        As an aside, as someone likely old enough to be your grandparent, I can’t imagine needing an intercom in a house. Some of my family had them growing up, and found it to be not nearly as useful as they thought it would be.

        • Fosheze@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          ·
          4 months ago

          Does your family use password managers? (And dear god not Lastpass, with their breech a couple years ago).

          What is the recomended password manager right now? Currently I still have google storing all my passwords but I’m working on degoogling so that will have to go at some point.

          • yonder@sh.itjust.works
            link
            fedilink
            arrow-up
            13
            ·
            4 months ago

            I personally use bitwarden. I like it because it has a flow of cash from corporate users paying for hosting that funds development meaning I know how they get their money. You can use Bitwarden’s server if you don’t need all the features or you are willing to pay or you can selfhost (which is what I do).

            • GlenRambo@jlai.lu
              link
              fedilink
              arrow-up
              1
              ·
              edit-2
              4 months ago

              You can also pay to and store you 2FA codes in Bitwarden. Easy to logon to sites as it copies the code for you. But probably a bad practice.

          • TwilightKiddy@programming.dev
            link
            fedilink
            arrow-up
            3
            arrow-down
            3
            ·
            edit-2
            4 months ago

            KeePass or something similar. Self-hosting your passwords is the only way, anything that uses servers that are not controlled by you is a no-go, in my opinion, no matter how secure your client is.

            • devraza@lemmy.ml
              link
              fedilink
              arrow-up
              2
              ·
              4 months ago

              I would agree somewhat, except I think Bitwarden verifiably doesn’t store unencrypted password data. Of course, I think that a self-hosted solution is pretty much always more secure than one that isn’t, but the convenience Bitwarden provides is real.

              • TwilightKiddy@programming.dev
                link
                fedilink
                arrow-up
                2
                ·
                4 months ago

                “Convenience” as in there is no need to host anything? May be, but, yet again, I would like to know the exact physical location of my passwords, otherwise I’m not saving them there. Apart from that, I don’t think there are any more “benefits”.

  • Anonymouse@lemmy.world
    link
    fedilink
    English
    arrow-up
    38
    ·
    4 months ago

    Jeff? Is that you, son? I told you that it was nonnegotiable, now get off the internets, I’m expecting an important telephone call and don’t want you tying up the lines.

    While there are a lot of good technical suggestions here, I’ve found that a conversation goes a long way. In my experience, when talking with loved ones, explain your emotions. Not “I hate this” or “the governments are listening!”, but those core emotions. “Having a device in my room that is always monitoring me makes me feel anxious and I don’t feel comfortable in a place where I should feel safe.” Make sure that the dialog is calm and remains about your feelings until you know that you’re being heard. If you aren’t, try other phrases or examples.

    Once you’ve established your feelings, address their concerns and feelings (active listening). It sounds stupid at first, but it works. “I hear that you are frustrated when I don’t come down for dinner immediately.” Finally, propose some solutions that meet everybody’s needs and that the parties can select one to try out for a week and evaluate it’s effectiveness, trying new things until a mutually beneficial solution is found.

    Good luck. Please post the outcome!

  • SLfgb@feddit.nl
    link
    fedilink
    arrow-up
    23
    ·
    edit-2
    4 months ago

    i haven’t needed one for years because i use their app on my phone and i can see their announcements as a notification and i can also kill off most of its tracking by DNS. unfortunately my parents don’t understand this

    Sounds like you have a reasonable, compatible alternative on your phone already. Will they even notice if you continue using this and never plug the new alexa in?

    • yoshisaur@lemm.eeOP
      link
      fedilink
      arrow-up
      15
      ·
      4 months ago

      probably not. i might just not plug it in and see how it goes. if it doesn’t work out, i guess i’ll have to DNS block its tracking from a openwrt pi

      • InputZero@lemmy.ml
        link
        fedilink
        arrow-up
        5
        ·
        4 months ago

        Good plan A.

        For a plan B, If your parents don’t understand why privacy is important on the internet they probably won’t understand why the echos in your room don’t seem to work. Say it’s wifi can’t reach the router, bend the cable so many times the wires break, “accidentally” become super clumsy with it and knock it over a bunch. This is absolutely a first world problem, it requires a first world solution.

  • StaySquared@lemmy.world
    link
    fedilink
    arrow-up
    22
    arrow-down
    2
    ·
    4 months ago

    Don’t get one. If your parents want an intercom system, have an actual intercom system installed. No need to violate your privacy.

  • yoshisaur@lemm.eeOP
    link
    fedilink
    arrow-up
    19
    arrow-down
    2
    ·
    4 months ago

    sorry for asking a question about privacy in a privacy community. i can’t just not use it because my parents are forcing me to use it. if i was allowed to unplug it, i would.

      • TheSun@slrpnk.net
        link
        fedilink
        arrow-up
        15
        arrow-down
        7
        ·
        edit-2
        4 months ago

        Ya there’s no such thing as “being forced to use it”. What are they going to do, lock you in your room with no food if you refuse? Just stand up for yourself and say you are not comfortable having it in your room and don’t compromise on it.

        • southsamurai@sh.itjust.works
          link
          fedilink
          arrow-up
          19
          arrow-down
          2
          ·
          4 months ago

          You know, in an ideal world, that makes sense.

          But this isn’t an ideal world. That’s the kind of advice that can get a kid literally beaten in a bad scenario. Parents usually hold all the power in a household, and it isn’t the kind of power you can just shrug off.

          • ArcaneSlime@lemmy.dbzer0.com
            link
            fedilink
            arrow-up
            12
            arrow-down
            2
            ·
            edit-2
            4 months ago

            Developing countries probably don’t have like 4 amazon echos in the house as an intercom system though, tbf.

            • kratoz29@lemm.ee
              link
              fedilink
              English
              arrow-up
              2
              ·
              4 months ago

              You’d be surprised what stuff has a higher priority for purchase.

              IMHO the only reason they don’t is because they don’t know how to use it or do not care…

          • kratoz29@lemm.ee
            link
            fedilink
            English
            arrow-up
            7
            ·
            4 months ago

            My neighbor tied her children because she went out and “they fight a lot” she claimed to be outside for 20 or 30 mins but neighbors said it was like half day.

    • JackbyDev@programming.dev
      link
      fedilink
      English
      arrow-up
      2
      ·
      edit-2
      4 months ago

      Honestly, just muting the microphone is mostly fine. I really don’t believe they transmit shit to the cloud when they’re muted. I’ve heard a lot of people talk about how they answer when they’re muted so they’re still listening, but they process the “Alexa” (or whatever wake word you use) locally and then send a short buffer of recording along with everything you say following it to the cloud to process. It’s likely they just hear that you said the wake word locally and then say “Hey I’m muted” without sending it to the cloud.

      I know this answer isn’t the most privacy oriented on a privacy community, but I think this option is more reasonable than you’d think.

      You mentioned blocking with DNS. You could try setting up Wireshark or something and see if there are any packets from it when you say the wake word while it is muted and how it compares to when you say the wake word when it’s unmuted.

      Unfortunately the red LED would always be on because it’s muted, but you could cover it with opaque tape. Like electric tape.

  • mox@lemmy.sdf.org
    link
    fedilink
    arrow-up
    16
    ·
    edit-2
    4 months ago

    Were I in that position, I would resist, just as much as if they were trying to put video cameras in my bathroom and bedroom.

    I would suggest alternatives, and offer to research, order, and install them.

    I would appeal to my parents’ empathy, try to educate them on the risks these corporate-controlled hackable devices bring with them, and on the negative impact that surveillance has on human development. I would look for allies to help: siblings, extended family members, school authorities, counselors… anyone whose views they might respect, both alone and in groups. I would try to persuade them, and if it came down to it, I would fight.

    If they stubbornly insisted, I would continue to bring it up regularly, both in private and in public. I would make sure that it was a constant drain on their time, and make sure they knew it was a constant source of resentment. I would escalate it to the point that they would have to justify it not only to themselves, but to the communities around us. I would consult social workers and government watchdog agencies for child/youth home environments, and find out from them whether my parents were breaking any relevant guidelines or laws.

    And, if I somehow couldn’t keep it out of my space or unpowered, I would open it up and disconnect the microphone, or perhaps wire a physical switch to allow connecting it only when needed. (By the way, reed switches exist that can be concealed within a device and activated from the outside with a magnet.) If I didn’t know how to disassemble electronics or solder, then I would learn.

    And then I would continue to fight.

  • Curious Canid@lemmy.ca
    link
    fedilink
    English
    arrow-up
    17
    arrow-down
    1
    ·
    4 months ago

    Take a look at the suggestions in this article: https://www.lifewire.com/stop-alexa-from-listening-5121012

    If you disable the microphone, except when you want to use it, that should severely limit what it can do. If you also set the option that tells Amazon not to keep any of your recordings that should keep you fairly safe.

    The caveat is that Amazon can decide to cheat at any time. They have repeatedly lied about what information that acquire, how long they retain it, and what they do with it. At the moment, they don’t seem to be cheating on the Echo functions, but that could change at any time with an invisible firmware update. There isn’t anything you can do about this except to be aware of the possibility.

    It is definitely worth using the privacy options they offer, even if they aren’t enforced through hardware.

  • waywardninja@sh.itjust.works
    link
    fedilink
    arrow-up
    14
    ·
    4 months ago

    If not using it for Alexa connectivity, why not just get an actual intercom? A pair is like 30 bucks on Amazon, no Internet required.

    Or “hey Alexa, order an intercom system on my mom’s account”

    Isn’t there an eavesdropping function on Alexa… Maybe it’s actually less communication and more checking in on what you’re doing (not to increase your paranoia)

    • yoshisaur@lemm.eeOP
      link
      fedilink
      arrow-up
      10
      ·
      4 months ago

      my parents and siblings enjoy the convenience of alexas and the fact that they can play music. i’ve tried suggesting an actual intercom system and they’re against it

      • waywardninja@sh.itjust.works
        link
        fedilink
        arrow-up
        3
        ·
        4 months ago

        As a parent, if my kid said “I don’t want to be tracked, I’m concerned about my privacy”, I’d get an intercom for everyone in the house and let the Alexa be opt in. Sounds like playing music using Alexa isn’t a game changer for you. What does it matter anyway, what if you like headphones better, the Alexa stuff isn’t mandatory for playing/listening to music.

  • Hellfire103@lemmy.ca
    link
    fedilink
    English
    arrow-up
    12
    ·
    edit-2
    4 months ago

    MSCHF made a device called an Alexagate, which jams the microphones using ultrasound and is turned on and off by clapping.

    It’s a bit expensive, though ($100).

    https://alexagate.com/

    Otherwise, as you mentioned, you can use DNS to block the tracking. NextDNS has a built-in blocklist specifically for Alexa.

    • yoshisaur@lemm.eeOP
      link
      fedilink
      arrow-up
      4
      ·
      4 months ago

      thanks for the suggestion! as for nextDNS, i was already thinking of using this however you cannot change the DNS servers used on alexa devices. i was thinking of setting up openWRT on a pi and using that as a router specifically for our alexa devices with a nextDNS profile installed, but im not sure if alexa’s default to the router’s DNS or amazon’s. even if it does use the router’s DNS, does it backup to Google’s DNS (8.8.8.8) like Roku does?

      • xuv@lemmy.blahaj.zone
        link
        fedilink
        arrow-up
        8
        ·
        edit-2
        4 months ago

        With opnwrt you can do DNS hijacking, where you force redirect DNS requests for other servers to your own DNS server. This works as long as they aren’t encrypted (DNS over HTTPS or TLS), which most devices don’t use.

      • Darkassassin07@lemmy.ca
        link
        fedilink
        English
        arrow-up
        5
        ·
        edit-2
        4 months ago

        I specify my LAN DNS servers (2 pihole instances, main + a backup for redundancy) in my routers DHCP settings, so they are the DNS servers handed out to all LAN clients; then I have an iptables rule on the router blocking all port 53 traffic from leaving the network unless it came from those LAN DNS servers. This means only the piholes can reach external dns; everything else is required to use the LAN DNS servers or receive no response. Then the piholes have full control over what can and cannot resolve to an IP.

        I haven’t found a device that doesn’t work with this setup. I used to have a couple google homes before I wised up, they worked fine behind this setup.