How serious is Amazon’s privacy policy with Alexa?
When it comes to privacy, the opinions are differently. Some trust their Amazon Echo fully,
the others think the smart speaker is a nasty listening device and want to have nothing to do with it.
Echo – Friend or Foe?
The opponents of Amazon Echo speakers called the integrated speech software Alexa shortly after launch as a “bug” and “data spy”.
What data does voice assistant Alexa collect via Echo Speakers?
Many technology fans are unaware that Alexa is collecting and storing data when they buy a smart echo speaker. Some believe their privacy is protected by the constitution or the freedom of speech and expression anyway, others just do not worry about the functioning of their language software, which they ask without hesitation almost every question.
If you ask the intelligent language assistant directly, Alexa replies: “I am not a spy and only listen when you say the activation word.”
But this means that the microphones of Amazon Echo loudspeaker are permanently active, but only transfer data streams to the Internet, if the activation word was called. In addition it depends on your personal preferences, the activation word does not necessarily have to be called “Alexa”. You can customize it and specify to “Echo”, “Computer” or “Amazon” instead of Alexa. The local keyword recognition is even imperative, because Amazon can not afford a loss of trust with their customer.
Why is data exchange via the network necessary?
As a modern language software, Alexa also has a cloud connection that enables automatic updates, constant learning and a permanent improvement of the speech recognition algorithm through regular data synchronization with Amazon servers. Not only does it get used to the pronunciation and needs of its users, but it can also gain new insights from the queries and dialects of thousands of other echo users.
What potential weak sports exist in Alexa’s Data transfer?
While Americans have been using different variants of echo speakers on a grand scale for years, there have been privacy concerns in Germany right from the start. Although many German technology fans were fascinated by the voice control option, they were afraid of massive hacker attacks on their privacy, data espionage and permanent surveillance. But how easy is it actually to access the Alexa language software externally? Which privacy mails do not explicitly refer to the Amazon.de Privacy Policy and the Alexa Terms of Use?
Currently, technology and online security experts see a data leak in relation to Alexa mainly in the data that Amazon itself evaluates and in the Alexa skills of various manufacturers. AV-Test therefore recommends the skills to check just like normal apps before installation in the store and to see if there is a privacy policy of the provider. Otherwise, it could possibly happen that malware-contaminated skills use an echo as a data spy. But in practice, it is usually much easier and lucrative to crack a smartphone than the professional voice software from Amazon.
All data in principle only encrypted transmitted and sensitive information always stored only in the protected memory area. Although they had access to the Amazon account data, they could not do anything about Alexa. According to experts, it is very unlikely that Alexa data can be read by unauthorized persons.
Only in absolutely exceptional cases can an echo be converted manually to a monitoring device. It is possible to manipulated the firmware on a legacy echo model by special modification and using an SD card to intercept Alexa. However, only with echo speakers from the years 2015 and 2016 is it possible to unscrew the underside and even that only works if the hacker is on site.
This is how Amazon Ecko can be protected from hackers and made it tap-proof:
The biggest vulnerability is the Wi-Fi network that Alexa uses to interact with the cloud. The following tricks help make using Alexa more secure and prevent potential remote access.
- Create a secure Wi-Fi password consisting of at least 20 characters (preferably random numbers, letters, and special characters).
- Never specify the admin password for the WLAN configuration by default with „password“ or „123“.
- Use the WPA2 PSK wireless encryption method instead of WEP encryption.
- Make regular router updates.
- With newer firmware versions, automatic remote access to printers or networked PCs is often provided in the factory settings, deactivating them manually.
Quelle:
https://www.homeandsmart.de/alexa-datenschutz-oder-datenspion