Hackers find exploitable vulnerabilities in Amazon Echo, turn one into a listening device

At Defcon, Tencent's Wu HuiYu and Qian Wenxiang presented Breaking Smart Speakers: We are Listening to You, detailing their work in successfully exploiting an Amazon Alexa speaker, albeit in a very difficult-to-achieve fashion. Read the rest

Audible puts the screws to indie authors

Audible -- Amazon's audiobook company -- dominates audiobooks, controlling 90% or more of the market; their ACX platform is tailored to indie, self-published authors, and, until recently, it paid them handsomely for any new customers they brought into Audible's fold. Read the rest

The Guardian digs into the dangers of working for Amazon

Amazon has, over the past few years, become known as a notoriously bad company to work for. Workers from their fulfillment centers, worldwide, complain of low wages, dangerous working conditions, and a stressful environment that tracks every single move that their employees make, right down to how long it takes them to go to the bathroom. Thanks to this in-depth report from The Guardian, you can go on ahead add the company’s refusal to care for their employees in the wake of a workplace injury to the list of reasons to never go to work for Jeff Bezos’ crew.

The Guardian frames the report by telling the story of Vickie Shannon Allen: a 49 year-old woman who was employed by Amazon at one of their warehouses in the southern United States. Last year, Allen was injured at work, as the station that she manned was missing a piece of equipment designed to keep the packages she was handling from falling to the floor. With Amazon refusing to resolve the issue, Allen positioned a bin to catch any parcels that might fall and be damaged—she made the mistake of giving a shit. By making the change to her work station, she was forced to stand in a manner that was not as ergonomic as it could be. As a result, over time, she ended up with a back injury. The injury made it difficult to move her arm which, in turn, made it difficult to do her job. Read the rest

Amazon has Reasons not to let that negative review go up (Updated)

Thousands of Amazon reviews are bought and paid for, and the company has a significant, algorithm-led effort to weed out sellers and scammers who abuse the system. But Amazon itself also rigs the UI to make it hard to leave negative reviews, writes Stephen Eggers:

After spending ~5 to ~10 minutes filling it out I get this message.

This item is only eligble for Amazon Verified Purchase Reviews.

What a waste of my time! I bought the thing, Amazon knows this, so what is this about "Amazon Verified Purchase reviews"

Note that I only got this message AFTER trying to leave a 2 star review. What would have happend if I had left a more positive review? Would that be allowed?

My favorite 'dark pattern' at Amazon was how you couldn't navigate away from the checkout page: the Amazon logo was unlinked and the rest of the usual layout was absent. They changed this recently to make the logo clickable, but they still aren't letting you leave that page without a fight, and there's only one place they wan't you to go back to:

UPDATE: Amazon responds:

"An AVP badge will only appear next to a review when the product was purchased on Amazon at a price that reflects the typical shopping experience. If a customer is receiving the message that we are only accepting AVP reviews, than they did not buy the product on Amazon for a typical price. We never suppress reviews based on star rating or sentiment."

Read the rest

The ACLU showed that Amazon's facial recognition system thinks members of Congress are felons, so now Congress is taking action

After learning that Amazon was pushing the use of Rekognition, its facial recognition tool, for use in policing (a global phenomenon that is gaining momentum despite the material unsuitability of these tools in policing contexts), the ACLU of Northern California had a brainwave: they asked Rekognition to evaluate the faces of the 115th Congress of the United States. Read the rest

Walmart thinks it can save itself from Amazon with a streaming video service

Walmart has been whining about Amazon drinking what it considers to be its milkshake for some time. Sucking cash out of the pockets of the same low-income earners that you pay just enough to keep alive is a seriously competitive business. With Amazon's online shopping dominance in North America has left Walmart’s brick-and-mortar empire only capable of making Scrooge McDuck money when it’s really Jeff Bezos money that they’re after. In an effort to top off their coffers, Walmart’s been pushing, hard, into catching up to Amazon in the area of online sales. Earlier this week, they announced a partnership with Microsoft that’ll ensure that Walmart’s online shopping experience is faster, more secure and a lot more reliable. Maybe it’ll help!

If not, plopping out yet another online video streaming service to compete against Amazon Prime video and, perhaps you’ve heard of it, a little thing called Netflix, will totally help them to make the crazy-hunting-man-because-he’s-the-most-dangerous-game cash that they’re so horny for.

From The Information (subscription required):

Discussions are still ongoing, and the retailer may eventually decide against offering a service. But Walmart executives believe their customers, particularly in the middle of America, would be interested in a lower-cost option than what is currently available, the person said. Netflix and Amazon are seen as more popular with people on the East and West Coasts of the U.S., one of the people said.

Yeah. No matter what middle America’s viewing habits might be, or how little they opt to charge for the privilege of watching Highway to Heaven on-demand, I don’t know that I trust Walmart to pull this off. Read the rest

We know how to fix homelessness, we just won't do it

The largest, wealthiest cities in America are filling up with tent cities -- especially on the west coast, where East Coast style right-to-shelter laws are rare -- and if the spectacle of human misery doesn't alarm you, perhaps you should be thinking about communicable disease epidemics. Read the rest

Amazon bars Australians from shopping on its non-Aussie sites to put pressure on the government to rescind tax rule

Australian retailers are required to collect 10% Value Added Tax on every sale; Amazon's Australia store collects this tax, but the company has rejected any suggestion that its non-Australian stores should collect the tax on shipments bound for Australia. Read the rest

Amazon: 'Unlikely' string of events led to Echo recording a family's private chat & sending to some random guy

Amazon has now publicly responded to today's bombshell news that an Alexa/Echo personal digital assistive device recorded and then leaked a Portland family's private conversation to a third party acquaintance in Seattle. An "unlikely" string of events led to the freak occurrence, says Amazon. OK. Sure. Read the rest

Amazon has been quietly selling its facial recognition system to US police forces, marketing it for bodycam use

Amazon bills its Rekognition image classification system as a "deep learning-based image and video analysis" system; it markets the system to US police forces for use in analyzing security camera footage, including feeds from police officers' bodycams. Read the rest

If Amazon existed in the 1980s

Activate your willing suspension of disbelief because Squirrel Monkey's back with Wonders of the World Wide Web. In this episode, they envision Amazon, "the department store of the future," as a virtual department store in the eighties. It's not historically accurate by any means, but that's part of what makes it so fun to watch.

Previously: If Siri existed in the 1980s Read the rest

Amazon has a real fake review problem

A "vast web" of fraudulent reviewers have come to dominate Amazon, with shills being paid cash to order a product, photograph it on arrival, and write a glowing, 5-star review. Read the rest

Amazon doesn't like how Signal circumvents censorship

Signal is an encrypted messaging app for smartphones and desktops that I and a lot of other folks use on a daily basis to communicate with discretion and security. I like it so much that I've moved away from using other services on my iOS and Android phones to using Signal for all of the texting I do, even with those who don't use the app. Unfortunately, according to The Verge, the Signal team is having a difficult time trying to provide its services to users in the UAE, Egypt and Oman, where the app has been banned by the government. Considering the fact that these states aren't known for treating political dissidents and minorities none too well, that's a big deal. For some people, encrypted comms are essential to avoiding incarceration or worse.

The crux of Signal's issues with providing services to users in these countries is that Amazon, whose CloudFront web services Signal's parent company, Open Whisper System, uses, has banned domain-fronting. Domain-fronting, put simply, is a technique for making traffic from one site look like it's from another site. In an email received by Open Whisper System's founder, Moxie Marlinspike (best damn name in the business,) the General Manager of Amazon CloudFront called Open Whisper Systems' domain-fronting out, telling Marlinspike that Amazon would love to have their business, but not his company refuses to comply with their no domain-fronting policies.

From the email:

When access to Signal was originally censored in Egypt, Oman, Qatar, and UAE, we responded by through Google App Engine.

Read the rest

Amazon orders Signal to stop using AWS to defeat censorship

Repressive autocracies like Egypt, Oman, and the UAE ban Signal and other encrypted messaging apps, using national firewalls to try to block their traffic; Signal evades these blocks by using "domain fronting," in which the service's cloud provider shows up as the origin of its traffic, forcing countries to block Google or Amazon to get at a single service hiding behind them. Read the rest

Security researchers can turn Alexa into a transcribing, always-on listening device

Checkmarx researchers including Erez Yalon have created a "rogue Alexa skill" that bypasses Amazon's security checks: it lurks silently and unkillably in the background of your Alexa, listening to all speech in range of it and transcribing it, then exfiltrating the text and audio of your speech to the attacker. Read the rest

I just wanted to maintain my bicycle

It is spring. I wanted to lube the chain on my mountain bike. I prefer dry, wax-based lubricant as it sheds dirt and is more easy to maintain.

Amazon had other ideas.

I use White Lightning on the bike chain. I have not tried #Lube Life. While #LL's reviews are entertaining and generally positive, there is gratefully no mention of bike chains. Read the rest

Want to review Comey's book on Amazon? You gotta buy it

Amazon has long had a problem with shill reviews and quiet removal of negative reviews, but the flood of questionable anti-Comey book reviews by non-purchasers finally prompted them to require a verified purchase in order to rate the book. Read the rest

More posts