The Nest Secure has a hidden microphone, and Google didn't tell owners for 18 months
Owners of Google's Nest Secure system are upset about a microphone on the product suddenly being enabled for Google Assistant -- one that they weren't aware existed.
Google announced the update earlier this month, explaining that the mic had "not been used up to this point," and could be enabled or disabled at any time via the Nest mobile app. In a blog post it further explained that Assistant is an opt-in feature, and that customers will receive email explaining how to activate.
This wasn't enough to comfort people on social media though, who were angry to learn that a their home security system had the potential to record them, CSO noted. Criminals, businesses, or government agents could theoretically hack into Secure's Guard hub and eavesdrop.
"The on-device microphone was never intended to be a secret and should have been listed in the tech specs," the company said in a statement to AppleInsider and other publications. "That was an error on our part. The microphone has never been on and is only activated when users specifically enable the option."
Many people are already distrustful of smartspeakers, both because of the potential for spying and a handful of real-world incidents. Last summer, an Oregon family's Amazon Echo speaker even mysteriously recorded household audio and sent it to a man's employee, who called his family to alert them to what was happening.
Apple's first toe in the smartspeaker market was last year's HomePod. The company is generally believed to have tighter security than Amazon or Google, and there have been no known eavesdropping complaints so far.
Google announced the update earlier this month, explaining that the mic had "not been used up to this point," and could be enabled or disabled at any time via the Nest mobile app. In a blog post it further explained that Assistant is an opt-in feature, and that customers will receive email explaining how to activate.
This wasn't enough to comfort people on social media though, who were angry to learn that a their home security system had the potential to record them, CSO noted. Criminals, businesses, or government agents could theoretically hack into Secure's Guard hub and eavesdrop.
"The on-device microphone was never intended to be a secret and should have been listed in the tech specs," the company said in a statement to AppleInsider and other publications. "That was an error on our part. The microphone has never been on and is only activated when users specifically enable the option."
Many people are already distrustful of smartspeakers, both because of the potential for spying and a handful of real-world incidents. Last summer, an Oregon family's Amazon Echo speaker even mysteriously recorded household audio and sent it to a man's employee, who called his family to alert them to what was happening.
Apple's first toe in the smartspeaker market was last year's HomePod. The company is generally believed to have tighter security than Amazon or Google, and there have been no known eavesdropping complaints so far.
Comments
This is one reason why I want a headless Mac in my home- not an iMac with a camera and mike that cannot be turned off. I can disconnect a USB connected camera and mike.
PS: Let's also be clear that Nest Secure came out almost 4 years after Google acquired the company so anyone with trust issues with Google (which is most of us here) wouldn't have been a customer of this product anyway.
Thought long and hard about picking up a HomePod over the holidays when they went on sale. I imagine that eventually my system will pretty much just contain a few HomePods and Sonos and with the resurgence of HomeKit I'll start moving back in that direction.
They used the same argument when they were caught collecting user's WiFi data with their camera cars ("It was a rogue programmer. We didn't know!") -- but then refused to delete the many terabites of the private data still stored on their servers.
We are making a mountain out of the possibility that Huawei might one day spy on Americans -- while Google seems to do it on a daily basis with impunity.
Oh, I forgot! "Google is our friend!"
A team of people were involved in designing, testing and producing the hardware. It is reasonable to think that some of these people would have used the finished product or given it to friends and family. It is unreasonable to assume that none of these people saw that a key (and consumer facing element - even if inactive) got missed on the spec list or in the product documentation.
Also, this feature will have been in internal testing for a while before getting the go ahead to go live which would have provided more opportunities to catch the slip up.
I'm with you that I don't see anything nefarious but it should have got caught and clarified earlier IMO.
As I stated, this isn't uncommon and if you don't trust Google then Nest Secure was never an option for you anyway.
How many products do we have on our person and in our homes with microphones? From security cameras to personal digital assistants to PCs to phones to my Apple Watch I can think of at least 8 off the top of my head. And while I trust Apple to not spy on me the bigger risk will always be exploiting a bug as we recently saw with FaceTime Group Chat.
If I was running a company as valuable as Alphabet and I wanted to spy on people I wouldn't do it with an undisclosed, active microphone that could be found, I'd blatantly disclose the microphone (as all our CE already have) and then I'd have backdoor "bugs" built-in that people in-the-know could exploit so there's a level of deniability by the company. We accept bugs in SW and we accept that companies say "oopsie"and then close these holes once discovered.
The microphone was probably there to detect glass breaks or when the user was at home. Maybe they didn’t list it on the specs because it wasn’t working yet, and they didn’t want to indicate a feature they might never enable. I think there’s something similar on the Nest Protect, with some feature they later enabled.
Edit: I’m not saying you should trust Google; just they’ve never lied about this sort of thing in the past, and there’s no reason, based on past behavior, to believe they lied in this case.
A bug can be a mistake. Bugs happen. Not telling users there’s a mic in a product is a blatant lie.
This is an - undisclosed - hardware element that went undisclosed for a long time. That in itself wouldn't necessarily be a big deal for most of us (especially as this kind of deactivated feature normally brings positives when it is finally activated - Google's custom imaging hardware comes to mind).
The root problem for many will be that the activated feature was a microphone. That makes people view things differently.
http://fortune.com/2017/11/22/google-oracle-location-data-privacy
https://www.npr.org/sections/ed/2015/12/08/458460509/google-hit-with-a-student-privacy-complaint
https://medium.com/snips-ai/google-home-minis-bug-shows-why-cloud-based-voice-assistants-are-a-bad-idea-6f1b4c569591