Dubious choice in setting up Voice Access for my cellphone

[nomadreid]

TL;DR Summary

"Allow Voice Access to have full control of your phone?" Um, really?

In attempting to set up the details for using (Google) Voice Access ("Hey, Google, open....") on my android phone, I get to a step (in Settings>Accessibility>Interaction and dexterity) in which I am asked "Allow Voice Access to have full control of your phone?" This sounds dangerous, but am I being overly paranoid? After all, I have my online banking app, my contacts, etc. that I wouldn't want Google to have control of....

 

[jedishrfu]

There is some risk that you should investigate where outside voices might say the wake word and their speech might be interpreted as a command to do something.

There were some incidents on TV and the movies where an actor said the wake word and the viewers phone woke up awaiting a command. One was during The Big Bang tv show where an actor said Siri and viewers phones activated.

 

[nomadreid]

Thanks, jedishrufu, that's an interesting possibility. However, this sort of risk seems to me minimal in comparison to leaks (hacked or otherwise) of the bank, contact details and passwords which are on my phone. Is that a significant risk?

 

[Tom.G]

I'm sometimes accused of being overly-cautious about such things, but...

I don't have a cell phone; If I'm home I generally answer the landline; if not home I'm occupied.

No financial or medical transactions done thru the computer.

Financial and personally identifying papers are not tossed into the trash; they are either shredded or the really small stuff gets torn into tiny pieces and alternate pieces are flushed and trashed. (Too many night people going thru the garabge looking for recycleables.)

For sign-ups that want a phone number that field is left blank, or if potentially really useful, they get the Directory Assistance phone number (operator lookup, which charges a fee for every use). (This has cut the sales and begging calls by at least 90% - here in the States it takes about three months to take full effect. Many businesses sell the information to data brokers.)

Well, that's my approach - do what you are comfortable with.

Cheers,
Tom

 

[jedishrfu]

I'm not that cautious. However, I've noticed how my phone seems to get around. When I have an appointment with the ENT, they use an automated notification system to send texts to my phone.

Immediately thereafter, I started getting many random spam messages and phone calls, and I can only conclude that the service leaks them intentionally. That's a violation of the HIPPA law, but what can you do without solid proof?

 

[Tom.G]

Below found with:
http://www.google.com/search?hl=en&gbv=2&q=reporting+medical+data+breach

Pay attention to the last paragraph, control​

number and expiration date required!​

Questions About a Reporting a Breach?​

Email the FTC at Healthbreach@ftc.gov, or call us at (202) 326-2918.

Privacy Act and Paperwork Reduction Act Statements​

The form requires the person reporting the breach to provide certain information, including their name, contact phone number, and email address, as well as the name of their company and company address. The FTC may use this information to contact you to obtain additional information about the breach. The FTC Act and the Health Breach Notification Rule authorize the collection of this information. Do not include in your submission any personally identifiable information involved in the breach. To learn how we handle and safeguard your personal information, please read the FTC’s Privacy Policy and the Privacy Act system notices, to the extent they are applicable.

Under the Paperwork Reduction Act, as amended, an agency may not conduct or sponsor, and a person is not required to respond to, a collection of information unless it displays a currently valid OMB control number and expiration date. The OMB control number is 3084-0150 and the expiration date is 06/30/27.

Cheers,
Tom

p.s. Several years ago I had a few similiar occurences with a nearby medical imaging outfit. Every time I had some imaging done there, a month or so later I would get phone calls selling something related; for instance an MRI of my spine triggered sales pitches for back braces. I now drive a few extra miles to another facility where, coincidently, the people are also much friendlier and professional.

 

[jedishrfu]

Yeah, after an ENT visit, I'd get some adverts for hearing aids. I don't think it was the business doing this but the notification service because the ENT business had its own hearing aid sales unit, so why would the ENT business compete with its competitors?

Thanks @Tom.G some good information to know.