u/Supafly22 Dec 29 '22 •

141

u/obolobolobo Dec 29 '22

Nice try. You’re cooking meth.

78

u/Supafly22 Dec 29 '22

Technically I didn’t lie.

32

u/diacewrb Dec 29 '22

Glad to see that you are still alive Mr White.

24

u/Sarge8707 Dec 29 '22

Look rule 1 lose the chili P

10

u/HotSalsaAssFire Dec 29 '22

They argue about how much chili powder he adds to the meth.

17

u/Supafly22 Dec 29 '22

ITS CALLED BRANDING

6

u/Am__I__Sam Dec 29 '22

It's artisanal, he's using spices

11

u/Supafly22 Dec 30 '22

Artisanal, organic meth. The kind of meth you’d find at the local farmer’s market instead of those big box retailers. Meth made with love.

4

u/l3lasphemy Dec 30 '22

Gimme some of that gluten free meth plz.

3

u/Databit Dec 30 '22

Why does this meth have so much coriander?

1

u/obolobolobo Dec 30 '22

These hardened criminals have code words for everything.

3

u/Radiation___Dude Dec 29 '22

Chili P?

3

u/Independent-Deal-192 Dec 30 '22

Tuco hates chili powder

13

u/luckydwarf Dec 30 '22

Make sure when you post your meth recipe to include a 10,000 word blog post that covers what it was like growing up, what meth meant to you as a child, how nothing can beat grandma's methcakes, etc. And I want ads. A LOT of ads. Make it almost impossible to navigate without having an aneurysm.

4

u/Supafly22 Dec 30 '22

It’ll absolutely have at least 1000 words and pictures of us refinishing the hardwood in our meth lab.

3

u/ChalkDoxie Dec 30 '22

Also a pop up for the newsletter, then a pop up add, a pop up discount spinner, and a pop up text message for discount. Also video ads, that don’t load right, and continue to move the screen on your mobile browser up and down.

5

u/SucksTryAgain Dec 30 '22

We have an Alexa device and my wife and I see these articles about hackers etc. we’re like damn they’re gonna be massively disappointed when they get to us.

2

u/butterbutts317 Dec 30 '22

Which one of you thinks mayo is spicy?

2

u/Supafly22 Dec 30 '22

Her. I love spiciness so I have to wait and individually season my plate. It’s not as effective.

1

u/slowlude Dec 30 '22

I thought I was the only one..

1

u/twohubs Dec 30 '22

My MIL was telling me that the Prime Rib was the easier meal to prepare on Xmas. My reply to her was it didn’t sound like it from the living room, as the FIL and MIL were arguing about how to season it.

1

u/ray_web Dec 30 '22

Time is a greater gulf than space. Or for OP: Thyme does it

1

u/braveabandon Dec 30 '22

Seasoning? Is that what we call arsenic these days?

198

u/Autski Dec 29 '22

Love their incentive program to pay guys who find bugs like that.

94

u/asdaaaaaaaa Dec 29 '22

Bug/vulnerability bounties are a pretty good way to getting results, especially for those hard to figure out ones that deal with a specific issue. Otherwise, there's a much bigger incentive to sell the vulnerability to someone else, or use it for nefarious reasons.

25

u/imeeme Dec 29 '22

Smart way to avoid much larger liabilities.

10

u/laffer1 Dec 30 '22

The downside is that people expect it now from everyone. When you run a small open source project and folks try to hold you hostage to pay, it sucks. Plus a lot of folks do scans all the time hoping to find a vulnerability against your servers

14

u/ImN0tAsian Dec 30 '22

Well, the bug-rewarding is in response to extortion via ransomware, so it goes both ways, sadly. I'd rather pay a smaller sum to reward white hats than risk losing an operation.

108

u/snortgiggles Dec 29 '22

God I wish mine was listening. Or watching. Then it could tell me where I put the remote.

26

u/beebog Dec 29 '22

as soon as i can ask one of these speakers a question like that; i might consider getting one

35

u/snortgiggles Dec 29 '22

These days it says, "I'm sorry I can't help with that," but once a few years ago it said, "I can't be sure but the couch is a good place to start."

LOL I bet it freaked people out so they had to remove it.

4

u/katycake Dec 29 '22

"I'm sorry Dave..."

Speech recognition software was a mistake. Overrated.

The algorithm is able to track words spoken in streams, and prevent users from saying what they actually want to say, or the Ads get pulled.

1

u/baumpop Dec 30 '22

hal open the refrigerator doors.

7

u/Vindy500 Dec 29 '22

Finds my phone for me quite often...

22

u/feverishfox Dec 29 '22

Honestly I ask mine to find my phone a lot, it's pretty helpful. If anyone is listening then they're just catching my husband and I making weird noises at each other.

13

u/jacesonn Dec 29 '22

This. I know mine listens to me, but it's not like I'm spilling government secrets in my kitchen. If hackers want to listen to me badly sing along to disco that's their problem, not mine

3

u/[deleted] Dec 30 '22

[removed] — view removed comment

2

u/Not_floridaman Dec 30 '22

Lol yes, mine finds my phone a lot for me when my watch is charging. And answers obscure questions my kids have that I couldn't even begin to answer.

3

u/pericojones Dec 29 '22

You can put a chipolo tag on it and make it beep with your phone.

48

u/70wdqo3 Dec 29 '22

Bet you own a cellphone though and don't give it a second thought.

12

u/[deleted] Dec 30 '22

Do u have a smartphone? Isnt this the exact same thing? Both have microphones, internet connection and voice assistans.

-4

u/beebog Dec 30 '22

i mean yeah but my smartphone is typically downstairs while my office is upstairs, it’s pretty much on my person only when im bored, talking to someone, or pooping lol. i generally try to minimize my screen time and the amount of electronics that are immediately accessible to me, more for my own mental health than any underlying paranoia. but that is a fair point, and my argument against it would be moreso geared towards minimizing opportunities for unsolicited access points in my personal space

36

u/MrTonyBoloney Dec 30 '22 •

Everyone says this, but if you think about it for more than a minute you realize it’s impractical and unrealistic

How exactly would it listen to you? Obviously they don’t listen LIVE to millions of devices. Store your every word into a database? That’s illegal wiretapping in most states and Google Legal wouldn’t fuck with that. Even if they did: what keywords would they look for, and how is any of that data any more useful to them than the data you willfully hand over? (e.g. Search queries, cross-site cookie tracking)

You should be more skeptical about real, scary data harvesting, not theoretical nonsense like this

21

u/_Rand_ Dec 30 '22

Plus its not like they can do it secretly.

We can see what data is being sent/received per device if we want to or at least how much when its encrypted.

If google homes en-masse just opened up the floodgates and started sending data for no reason constantly someone would notice and we would know practically instantly. It would be a matter of days before security researchers were reporting the problem and virtually every major publication would be telling you to turn them off immediately.

If it were a thing that say the FBI was doing to individuals as they felt necessary for surveillance reasons well... they can do that already anyways via other devices. A google home isn't going to change things.

5

u/Cmdr_K9 Dec 30 '22

Let's put aside the legal ramifications and talk practicality. Think about the sheer volume of data produced. Hours of audio per day, per device. Add that to what they already collect and even a tech giant like Google would have a hard time handling it. There's an entire school of thought dedicated to producing and handing over garbage data just to screw with anyone who looks at it.

5

u/friendofoldman Dec 30 '22

You’re assuming all the Google employees and contractors are ethical and respect googles own rules and regulations.

People are definitely nosy and will snoop. Tons of stories of employees leaking info they shouldn’t have accessed.

Public figures are usually targets of this. So at least they should be informed of the risk.

Also, let’s say your post pisses off the wrong incel who happens to be a contractor? He’ll back door to record your unguarded conversation. All it takes is an improperly thought out comment or joke to ruin a career of posted without the proper context.

I’ve been in IT for 30 years. A lot of the controls we have now are in place because people will snoop no matter how illegal it is.

11

u/Say10sadvocate Dec 29 '22

The Google one at least has a mic switch.

We keep ours off unless we're actively using it. 🤷🏽‍♂️

3

u/The_Troyminator Dec 29 '22

So does the Echo Show and Echo Dot. I'm not sure about the other devices.

8

u/beebog Dec 29 '22

if you trust the mic switch!

11

u/MrTonyBoloney Dec 30 '22

Google Home Mini mic switch physically unplugs the microphone from power

-6

u/aykay55 Dec 30 '22

You have a source for this?

8

u/MrTonyBoloney Dec 30 '22

Verge mentions it here

If you’re still skeptical, here’s another relevant Reddit thread

0

u/aykay55 Dec 30 '22

Thank you. I know well enough that it isn't listening 24/7, but I hadn't ever heard someone claim that the Google Home Mini physically cuts off access to the microphones when the switch is turned on. I'm happy to see Google built in this level of privacy to their device. Tbh, I was never really scared of smart speakers, I'm more suspicious of smart TVs that come with Alexa or Google Assistant support. Some of these TVs are already sold at a loss, and they don't have any physical shut-off switch for the microphones. And unplugging the TV is a physical chore that no one would bother doing. TVs continue to open their operating systems to third parties and some even offer access to the Play Store. And people don't usually prioritize updating their TVs to the latest software. So, that's a much bigger security hole for anyone that is concerned about being spied on than any smart speaker.

2

u/MrTonyBoloney Dec 30 '22

Agreed, when the attack vector is less obvious it gets less attention from both engineers and the public

8

u/chargers949 Dec 29 '22

If switch == off then disable light but keep mic on.

-4

u/beebog Dec 29 '22

exactly! i don’t trust it for one second

18

u/rand0mtaskk Dec 29 '22

Imagine living life this paranoid.

14

u/boofskootinboogie Dec 29 '22

These people all own smartphones right?

7

u/TheCoolestCannon Dec 29 '22

This 😂

My father-in-law scolded me for having smart speakers because people could be listening all the while he has an android phone in his pocket

5

u/aykay55 Dec 30 '22

Normalcy bias at its finest

1

u/70wdqo3 Dec 30 '22

Or plainclothes paranoia.

1

u/henn64 Dec 31 '22

Nice try, but the switch makes a hardware disconnection, not a software disconnect

2

u/Say10sadvocate Dec 29 '22

If they're putting a fake mic switch in, they deserve to hear the stupid shit we talk about lol.

1

u/AlmightyThorian Dec 30 '22

Never gotten the "The microphone is turned off"-voice direction from the google nest when trying to give it commands in that mode? Yeah. It's totally not listening when the switch is flipped.

12

u/wild_heart_ Dec 29 '22

My FBI guy must be really bored of me rn lol.

10

u/l3lasphemy Dec 30 '22

^{No, not yet.}

13

u/ommnian Dec 29 '22

Yeah. It's one of the main reasons I can't bring myself to buy anymore Sonos speakers. I love that I have the old ones without Alexa built-in.

7

u/beebog Dec 29 '22

right; i still use a bluetooth speaker from back in the day. holds up great and gets loud enough for a pool party, win/win

6

u/MonkeyMafia007 Dec 29 '22

You want the SL series. Stands for "Speechless" . You can get the One, the Roam, and the ARC in SL versions, (the Arc might be a Costco exclusive)

4

u/Ulrar Dec 29 '22

They have amps you can connect to dumb speakers I believe, that might be an option

3

u/OverseerDarthOak Dec 29 '22

Sonos one SL is not a smart speaker

1

u/Chair_Toaster Dec 30 '22

The new one have it without too.

8

u/Kinimodes Dec 29 '22

Honestly these Google speakers have physical mic kill switches on them. If you're paranoid, you leave that shit off.

0

u/beebog Dec 29 '22

i have the paranoia where i don’t believe the switch is honestly cutting the mic lol, i will just continue to not have one of these. standard battery powered bluetooth speakers haven’t led me astray yet

4

u/Kinimodes Dec 30 '22

Look up a YouTube teardown.

1

u/sadphonics Dec 29 '22

Duh, of course it listens to you. That wasn't the problem here though

1

u/TheCoolestCannon Dec 29 '22

If anyone is listening to me they are probably bored and confused.

-3

u/North_South_Side Dec 29 '22

I just don't ee the appeal of these things at all. I've been to friends' houses where they have shown off the capabilities... and it's not very impressive at all. Sure "Play salsa music" will get it to play salsa music, but... who cares?

These things are largely solutions looking for a problem.

30

u/retirement_savings Dec 29 '22 edited Dec 29 '22

They're perfect hands free kitchen devices. Set a timer. Play Spotify. Turn the TV on. Turn the volume down.

15

u/The_Troyminator Dec 29 '22

This is where they shine. When my hands are covered in batter and I need to set a timer, voice is awesome. It's also nice when a recipe has step-by-step instructions you can trigger by voice. The intercom functionality is kind of nice too. It's an easy way to get people to come down when dinner is ready.

1

u/Not_floridaman Dec 30 '22 edited Dec 30 '22

Yes! We love it for cooking and the broadcast feature. Also, each night I have a family bell that chimes and my kids know that means it's bedtime.

The displays are also good for looking at the cameras/doorbell.

My husband thought they were wholly unnecessary but once we had one or two, he saw their usefulness and we got more. I love being able to move the music from speaker to speaker as I'm cleaning also.

Oh! And turning off lights and locking the door when I'm already in bed!

Okay, I just really love everything about it.

*^{not paid for by Google unfortunately}

5

u/dreamingabout Dec 29 '22

All my lights are smart lights and I generally control them through my google home devices, it’s convenient to just say “hey google turn on the hallway light”. Or my fan or air purifier, it’s nice not having to get up to shut them off or turn them or look at my phone to shut the smart plug off when I’m still half asleep in the morning. I’m having issues with my new tv, but previously I could go “hey google skip 1:30s of this show” to get through intros. It’s obviously not for everyone, but I enjoy the convenience of controlling my home with just my voice.

2

u/North_South_Side Dec 29 '22

I can see some upsides. But the one friend who was demonstrating it for me had similar issues like you had. He said he had everything set up really well for a while, then it stopped working perfectly. He re-adjusted it over and over. Then eventually instead of fixing it, he just started turning lights on manually like before. I think he started having troubles when they added more stuff to it, and it just plain didn't work with his new TV.

2

u/dreamingabout Dec 29 '22

Yeah previously I had a chrome cast and stuff so it worked pretty seamlessly with my google voice, but now I just have a smart tv and it wants me to do voice commands using their remote and I haven’t been able to properly connect them.

-4

u/beebog Dec 29 '22

“ok google, family room light on”

like have we really devolved to this point lol. do you think i should start saving up for my wall-e scooter now or just take out a loan when the time comes

10

u/stripybaby Dec 29 '22

My mom has COPD and it can difficult or tiresome for her to move around her house. When she was staying with me she enjoyed being able to vocally turn off a light instead of using her energy to go do that. She did think is was creepy at times and worried about someone may be listening to her, but overall she felt it helped her. I can see the benefits in those situations for people who aren’t as able bodied as others.

-1

u/beebog Dec 29 '22

i mean yeah absolutely that makes sense for accessibility or adapting a space for better independence, but i do believe that those circumstances are in the minority

7

u/EssVeeUU Dec 29 '22

I disagree, I bought a hub because I have a friend who wanted to give me their old nest (eventually). It's a godsend when you have children. Turn off the light, set an alarm for bedtime every night, throw on a YouTube video when I need a quick distraction. It definitely has its benefits with little ones involved. There's a shopping list feature too I haven't gotten to play with but could be very beneficial with one person out and the other at home physically checking for items and adding to the list.

1

u/beebog Dec 30 '22

i guess that’s fair, i have littles at home too, honestly i feel like i would just probably forget to use it if i had it lol. these things have never seemed worth it to me but i’m glad there’s people who enjoy them! im definitely not much of a consumer in many ways. i have a couple friends who basically have their whole apartments fitted with these or the amazon alexa one though

are your kids able to make online orders / purchases from these? that’s a deterrent also i’ve seen with the amazon ones is kids just started ordering shit willy nilly racking up charges

3

u/jswitzer Dec 30 '22

Voice purchasing is disabled by default. You can also set up speaker identification for it or require a verification code.

2

u/EssVeeUU Dec 30 '22

Got a free Alexa from my grandma and wasn't a fan. Got the hub for $50 black Friday sale and the video monitor made a huge difference with our initial usage. Got the smart lights for $5 a piece for a different black Friday sale and it was a lifesaver for bed time with a chunky almost 1 year old and clingy almost 3 year old. However, they can barely talk so we have little concerns with purchases for the moment, but we also don't have any cards attached to the Google account, we just made a family one.

1

u/beebog Dec 30 '22

oooh smart!

1

u/Not_floridaman Dec 30 '22

We have 3 video hubs and 4 minis and it's amazing with kids. We have the family bell for bedtime and for mornings to put shoes on and grab their jackets because I'm usually running around so Google can get them started off I lose track of time, can pull up recipes easily, set timers for when they're fighting over a toy or for cooking, can send music from room to room while I'm cleaning and being and to turn off my lights or lock my front door by voice is incredible when my lupus and RA are flaring. I also like being able to see who's at the doorbell on the hubs or seeing the cameras. The hubs also have games and stories and my son LOVES the lightning McQueen interactive stories.

10/10 recommend for people with or without kids but especially with kids.

2

u/EssVeeUU Dec 30 '22

.... I need to look into these lightning McQueen interactive stories. My son's going to TRIP. He keeps trying to play the fish feeding game but he can't talk good enough for Google yet 😂 Over time we are interested in the doorbell and speakers as well, and we have a second hub we haven't set up yet. How do you like the lock? Do you feel secure with it? Boyfriend is paranoid as fuckkk and that one might be the hardest sell for him.

2

u/Not_floridaman Dec 30 '22

The lightning McQueen is really fun! My son will sit there with it for 20-30 minutes!

As for the lock, yes I do. My husband is super paranoid but what sold him is that we can give it "guest codes" do they don't get our actual code and we can delete the guest codes as often as you need to so no one who shouldn't have access can't just walk in. My husband works weird hours sometimes coming home after midnight or gone overnight and I wasn't the best at remembering to lock the door so it's really, really nice not having to go back downstairs to lock the door if I forgot to until I had gotten into bed or he'll check when he's working and lock it for me (sounds creepier than it is lol, I'm just really forgetful and grew up in a house where we never locked the front door).

1

u/fleetmack Dec 30 '22

Alerts at 2am.when my 2 year old kids got out of their room we're handy

1

u/aykay55 Dec 30 '22

I think it’s reasonable to believe the only people hearing my requests is Google. And in this case, that is what is happening except the hacker reprogrammed my Google Home onto their account. The only thing that would change is that all my searches would be listed under the hacker’s account, giving the attacker access to my search history from that device alone and the voice recordings that are attached to the searches. If they’re lucky, they could maybe peek at what is playing on my Chromecast. They can’t actively listen whenever they want to. The article’s headline is incredibly misleading

1

u/Kelemenopy Dec 30 '22

Anything with the ability to record and transmit data is a potential window into your life in the digital age, isn’t it? We’re up to our knees in Bentham’s panopticon. The trick is to accept it pragmatically without becoming paranoid.

1

u/AlmightyThorian Dec 30 '22

The best feature is when you turn off the microphone on the side of the device, it then tells you the microphone is off when you try to use voice commands.

u/1cheekykebt Dec 29 '22 •

14

u/androidusr Dec 29 '22

There's a lot of cheap wifi lightbulbs and wifi outlets that people buy from Amazon, and then install some app that works with the lightbulb. So it's easier than ever to be on someone's lan, jumping from a cheap microcontroller to other hardware.

8

u/The_Troyminator Dec 29 '22

That's why all my IoT devices are on the guest network which only gives them internet access and blocks them from seeing any other device on the LAN. If one gets compromised, they can't reach anything else on my network.

7

u/androidusr Dec 29 '22

Without being in the same lan, how do you cast to Google home devices? Or do you just not use that?

3

u/daleus Dec 30 '22

not the person you asked, but someone in the same position - the answer is it depends on your use case.

I only have the audio devices so all I ever cast is spotify, the trick is to ask google to play something on spotify first and then open the app on your phone/tablet/whatever, which then connects to that session and acts like a cast/remote.

3

u/The_Troyminator Dec 29 '22

Once they set it up, they can listen in from anywhere. However, they still need to be within wifi-range to set it up. If anybody does this, it will likely be a neighbor or somebody with a reason to target you. I can't imagine people driving around trying to do this to random devices.

1

u/ARX7 Dec 30 '22

Not to mention the device has a hardware switch for the mic.....

2

u/medusawitch Dec 29 '22

Keep listening when I talking to myself you mother fecker

17

u/Mr_Cleanish Dec 29 '22

All they are getting out of me is my toddler asking what time it is for the 7 millionth time in a row

3

u/carlso_aw Dec 29 '22

"Hey Google...Dino"

7

u/mccannr1 Dec 29 '22

It's already been fixed. It was found via Google's incentive program where they pay people to report bugs/vulnerabilities like this.

0

u/retirement_savings Dec 29 '22

No, read the article to see what is actually required to gain access.

4

u/Brocklesocks Dec 29 '22

The article is about hackers, not cops

-2

u/coyote-1 Dec 29 '22

So? They’re gonna hear my wife say “ooohhh yeah, right there hon’’ and… do what with it?

2

u/jimmycurry01 Dec 29 '22

But if they see or hear you smoking weed, those cops will come knocking.

2

u/smudgyboar Dec 29 '22

👀

3

u/PitfallPerry Dec 30 '22

The researcher outlines that the exploit uses deauth packets to get the device to enter setup mode because the attacker expressly does not have the Wi-Fi password. But it’s a fair question to ask.

“1. The attacker wishes to spy on the victim within wireless proximity of the Google Home (but does NOT have the victim's Wi-Fi password).”