【Notice】After reverse-engineering the voice input app “Typeless,” I found fairly serious privacy risks and am sharing them here.
■ Conclusion first
Typeless claims “On-device history” and “Zero data retention,” but in reality all audio data is sent to AWS (Ohio, USA) servers for processing. There is no local speech recognition model at all.
If it were only that, it would merely be a typical “cloud STT service.” The problem is that the scope of non-audio data it collects is extremely broad.
■ What analyses were done
On macOS, I performed binary analysis, network traffic analysis, local DB analysis, and native library string analysis on Typeless v0.9.3.
■ Confirmed facts
- Audio processing is 100% cloud-based
There are no STT models such as Whisper in the app. After being compressed to Opus, the audio is sent in real time to AWS us-east-2 servers via WebSocket (wss://api.typeless.com/ws/rt_voice_flow).
http://api.typeless.com → http://prod-typeless-lb-565501648.us-east-2.elb.amazonaws.com
The official privacy policy also states “processed in real time on our cloud servers,” so it’s not a complete fabrication, but marketing-wise the “On-device” claim is limited to “history is stored locally,” which is very misleading.
- It collects broad data in addition to audio
Through analysis of the local SQLite database and native libraries, I confirmed it collects the following data:
・ Full URLs of websites being browsed (Gmail, Google Docs, etc. are also recorded)
・ Current focused app name, window title
・ Text on the screen (via a collectVisibleTexts function that recursively collects through the Accessibility API)
・ Clipboard read/write (can handle password managers’ TransientType)
・ System-level keyboard input monitoring via CGEventTap
・ Browser DOM element information (supports Safari, Chrome, Edge, Firefox, Brave)
・ Text content edited by the user (TrackEditTextService → sendTrackResultToServer)
-
The local DB stores personal information in plaintext
Intypeless.db, speech recognition result text, browsing URLs, and app information are stored in plaintext. Although it claims “Zero data retention,” everything is retained locally. Audio files (.ogg) are also not deleted and remain behind. -
Excessive permission requests
As a voice input tool, in addition to the microphone it also requests Screen Recording, Camera, Bluetooth, and Accessibility permissions, and it includes a built-in screenshot feature. -
Company transparency is close to zero
・ The terms and privacy policy do not state a legal entity name
・ The location is only listed as “San Francisco County, California” (jurisdiction in the terms)
・ WHOIS is hidden (GoDaddy + Cloudflare)
・ No security audit information such as SOC2, ISO27001, etc.
・ The only contact method ishello@typeless.com
■ Technical evidence (reproducible)
You can verify with the following commands:
# Network communication destination
nslookup http://api.typeless.com
# API URL inside app.asar
strings /Applications/Typeless.app/Contents/Resources/app.asar | grep "http://api.typeless.com"
# WebSocket communication protocol
strings /Applications/Typeless.app/Contents/Resources/app.asar | grep "rt_voice_flow"
# Native library for keyboard monitoring
strings /Applications/Typeless.app/Contents/Resources/lib/keyboard-helper/build/libKeyboardHelper.dylib | grep -i "key pressed"
# Screen text collection
strings /Applications/Typeless.app/Contents/Resources/lib/context-helper/build/libContextHelper.dylib | grep -i "collectVisibleTexts"
# Local DB contents
sqlite3 ~/Library/Application\ Support/Typeless/typeless.db ".schema history"
■ Where is the problem?
CGEventTap (keyboard monitoring) + Accessibility API (screen text collection) + clipboard access. This combination technically has capabilities equivalent to a keylogger.
And you are granting these permissions to a service with an unclear operating entity.
To improve voice input accuracy, obtaining context (current app/input field information) is a reasonable design. But when that data is sent to the cloud, the operator’s trustworthiness and security posture become critical. Whether you can trust a company that doesn’t even disclose its legal entity name is for you to decide.
■ Alternatives
Fully local voice input tools do exist:
・ Whisper.cpp / MLX Whisper (open-source, fully local, free)
・ Built-in macOS voice input (on Apple Silicon it is processed on-device)
・ Superwhisper (Whisper-based, for Mac, but still needs to be verified yourself)
■ Summary
・ Typeless speech recognition is 100% cloud-processed (no local model)
・ In addition to audio, it has the technical basis to collect screen text, URLs, and keyboard input
・ The operating entity is opaque (no disclosed legal entity name or location)
・ No evidence of security audits
If you’re using it, make your own judgment after understanding the risks. At minimum, I recommend using tools like Little Snitch to monitor network traffic.