I'm not talking about shady apps you downloaded off some dodgy pirated Android app store, or apps where you agree to this sort of tracking so you get free apps (e.g. Amazon Underground, which the author is using).
I mean - official apps such as Twitter, Snapchat, or say Microsoft or Google applications.
Can anybody quantify what they are scared of, if an app tracks how often you use it, or collects anonymised metrics?
Will I be "scared" if a guest at my house is live-streaming his stay to the Internet without my knowledge or approval? Hell, no. I'll be pissed.
Now, that's exactly naive, careless and fundamentally ignorant comment that the erosion of privacy is all about. You seem to genuienly think that tracking is not just acceptable, but a norm in some situatioons.
Not just several years ago if an OS or an app phoned home it was a scandal. It was commonly accepted that your gadget was yours, and anything running on it was a guest that had to follow some decency and basic etiquette norms. Theh, the push started - can we report this, just once? Can we report that, weekly? We'll call it a "telemetry", it's less scary that way. Perhaps you are getting tired of pushing OK, shall we do it automatically? OK, so we'll now just default to automatic. and make it hard to disable. Heck, we'll just build it in, because nobody now seems to be giving a fuck anyway.
But here's the best part - we now even have users who are campaigning on our behalf to not give a fuck. That's just grand.
I believe everyone is entitled to their view on privacy, whether that's "expose all data" or "remain completely anonymous", but there's an interesting collision presented here.
> if a guest at my house is live-streaming his stay to the Internet without my knowledge or approval
Would you consider live-streaming to be audio-visual streaming or literally any data that could remotely indicate the guest is in your presence / property?
And, as a follow up, in case it's the latter: do you require guests to put phones into Airplane mode or similar?
As in, is there a particular type of data, or information about your app usage that you don't want developers having access to?
I worked at a trading company before, and one of the reasons we pushed out telemetry was due to user's feature requests - users would request features, and we wanted to see if they were actually using them, so that we could prioritise developer time accordingly.
That is a concrete example of how this data is useful.
I am curious about any concrete examples from the other side.
[1] https://en.wikipedia.org/wiki/Foot-in-the-door_technique
I mean - most people here use webapps - whether it's HackerNews - or more mainstream ones like Reddit, Instagram etc.
We assume that the webapp developers know when we use their services - after all, it's hosted on their servers.
If you were super paranoid, you could run your own "cloud" services - your own email service, your own document sharing service, your own image sharing service etc. However, for most people the cost/benefits analysis simply isn't worth it.
Apps like Twitter, Instagram, Google Docs, GMail etc are popular precisely because people figure the utility outweights any "fears" they might have over those scary developers tracking their usage.
In a comment above, I provided a concrete example of where telemetry data is useful:
"I worked at a trading company before, and one of the reasons we pushed out telemetry was due to user's feature requests - users would request features, and we wanted to see if they were actually using them, so that we could prioritise developer time accordingly."
Or the same reason most people don't use encrypted email (currently).
I mean, come on - you're storing your data on their servers - there's got to be some trust there.
So my question remains - what is the fear here?
There are other motivations in life beside fear -- aspiration, ambition, preference, etc.
Constantly trying to turn the conversation back to "fear" suggests you are the one who is afraid. And the burden of proof lies with the one making the claim (as you imply) that there is nothing to fear. So what scares you so much about a world in which privacy is a virtue to be embraced?
I have asked numerous times for the use cases that people are worried/fearful/concerned of - this was an honest enquiry. However, nobody seems to be able to answer it.
Let me tackle the things you mentioned - aspiration, ambition, preference etc.
Yes, it is certainly true that some users would have the aspirations to create their own web-based email (a la Gmail), or file-storage service (a la Dropbox), or their own photo-sharing service (a la Instagram), or their own social network.
However, I should point out two things.
Firstly, the stark popularity of those services would seem to suggest that for most people, they have done the cost/benefits analysis, and figured out it doesn't make sense. The effort involve simply doesn't make sense for them.
The whole point of webapps and most mobile apps is that they store data remotely on some service - I would posit this would be a far greater concern (if you didn't trust the app developers) than whether they knew how often you opened their app, or which features I used.
Secondly - let's be honest, most of us couldn't create our own GMail, Dropbox, or Instagram even if we did have "aspirations, ambitions, preferences" to do so. We simply don't have the technical know-how, time and/or experience to do anything remotely approaching their usability, performance, reliability or collaboration features - or their scale.
There is an enormous amount of engineering effort that goes into any of these services - and most people are willing to buy into the whole web-based application thing, in order to take advantage of that.
I am open to being convinced otherwise - but I have yet to see a reason why the majority of people would buy into web-apps/mobile apps, and have fundamentally miscalculated the cost/benefits.
Maybe these are BS or strawmen, I'm just making them up to see if they stick. Please feel free to tell me they don't hold up to scrutiny.
If I was the RIAA I might want to know if you use VLC more than someone else. Then I can target your known IP addresses to see if can catch you downloading something you shouldn't
If I wanted to hack you email and I could find out which email client you're using I could target known exploits at you.
If I saw you used a Tor browser the DEA or NSA or FBI might be more interested in you. If your usage correlated with events in the real world I might want to investigate of there's a connection
If I saw you using Tinder and I know you're married I might try to out you or if you're using Ashley Madison I could try to blackmail you.
If I saw you were using some financial app a lot I might assume you've got more money than someone who's not, on average. You're better to rob or better to sell to or better to hit up for donations.
If I see you're using the RedFin app I can start serving ads for housing loans.
If I see you're using the linkedin app app your employer might be interested to see if that means you're considering leaving.
I don't know which of those are more of a problem on the phone than on the web in general. Seems to me if I access those services from a website I can try to be anonymous. Use different email addys, maybe use a VPN. But my phone is almost guaranteed to be tied directly to me.
Just thinking out loud. Feel free to tell me I'm missing something.
Several of them are certainly plausible. However, after reading through them, the majority seem to be from the perspective of an external attacker.
That is - the issue here isn't if say, Dropbox knows how you use their app, or Twitter knows how you use their own app - but rather if an external party broke in, and used that data maliciously.
I agree that is an issue - but then it becomes more of an InfoSec issue, than one of a company collecting data from its own apps.
Then it boils down to - do you trust that company/services security staff, to keep the data they collect secure?
I think for most people - if you weigh up the chance of a wide-scale break-in at say, Twitter, or Instagram versus their own data-security hygiene, chances are, it's much easier to hack a user, as opposed to break into a large-scale webapp and steal all of their data.
Not impossible - but when was the last time you heard of somebody breaking into say, Github or Instagram, and stealing data?
Even something like 2FA isn't that easy to implement securely - and when a company like Google or Github does it for you, I think that's a net-win for security.
Also what @pipermerriam said:
>People have a right to privacy and shouldn't have to provide a reason why they deserve it. Tracking should always be opt-in.
I mean, the damn webapp/apps already have your data.
There's an implicit trust there.
Why do you think webapps are doing so much better than heavy desktop apps? Because people figure the benefits outweigh the risks. Just off the top of my head:
* Reliable distributed backups of your data, without having to do it yourself * Ability to share easily with anybody on the web * No costs for running your own servers * Less technical knowledge required - e.g. have you tried setting up your own email server? And actually sending email reliably?
I don't think we should assume, in our ivory towers, that people are somehow "stupid" - is there a concrete fear here? If so, is it something we think they are unaware of?
It'd be nice if you [the business] would remember that if I'm using you, you're good enough as-is, and while you may be able to infer some of my pain points that I'm not even aware of, you could just ask me, but realize the act of asking is going to be seen against you because I assume by default my feedback will go ignored or at best be put on some team's P3 backlog/bucket list to never actually get done. I just have no trust in feedback being considered important and acted upon unless I'm in contact with someone with a name and the power to do anything.
So we can play cat-and-mouse (I use noscript and ublock on my gentoo box, I find that mostly sufficient), I can feed you bad data, or hey maybe I just accept the state of the world and use chrome beta on my unrooted Samsung phone and buy from amazon and install and use other crap apps because while it's none of your business what my GPS coordinates are pretty much unless you're map related, your main business is still awfully convenient, and this pocket computer is awfully convenient even if it can and should be so much more than the default software ecosystem lets it be. Also because I default to giving you a benefit of the doubt, if not really trusting you, on most things until you betray that placed by me or others (Sony, Lenovo have done so in my book). And at last yeah there's not much that scares me personally about you having most of the data you could have that's not your business. Some examples that might concern others, though, just on unnecessary GPS data: perhaps you have a rogue employee who has made this anonymized data less so for personal reasons (like knowing when I'm away from home to rob me), or perhaps you show me an ad for a business I've walked/driven by but never entered and while such an ad may locally be a net gain for all parties involved it's nevertheless seen as one more brick in the concerning ongoing perverse transformation of the world into a temple for Mammon.
[Ed: note this rant is mostly about other data like GPS, but usage any more sophisticated than things like installed, uninstalled, used for x time, no longer used, can pretty quickly get into the territory of "you, game company, have no business knowing I'm playing your game at 2am on a weeknight [in my house?] and thus can arrange an ad for sleeping pills." I love the concept of Underground, knew about the usage tracking on day one, and have several apps.]
However, speaking from experience, relying on user feedback alone to drive development is doomed to failure.
People lie about what features they use, or will use - perhaps not maliciously, but they do.
Also, it simply doesn't scale - apart from sampling bias (think about the sort of people who would provide feedback), if you have millions of users (and many of these webapps/mobile apps do), you need to use things like automated bug reports, and telemetry data to get your stats.
There are sites that I do not frequent, simply because the ads are annoying, or I don't agree with that service's TOS - I simply don't use those services.
The examples you cited (Lenovo and Sony) are certainly ones I wouldn't use (although to be honest, I probably wouldn't have used them even before either - I'm still upset at Sony for the whole MiniDisc fiasco, and their sad obsession with proprietary vendor/lock-in standards).
If you don't want to use those services - then don't.
But the author complaining about Amazon Underground, when the whole point of it is that it collects app usage data (to compensate application developers) seems a big disingenuous.
If there is some wider issue around telemetry data and privacy implications, I'm certainly keen to hear it.
It also seems strange that someone who cares so much about his privacy doesn't have xposed with Xprivacy, because then he could have spoofed the data instead of having to block it all together.
Like everyone else, I'm always learning. Just sharing this post for others who weren't aware of Amazon's business model here (which does seem somewhat hidden).
I'm not saying you shouldn't use Xprivacy or other root-enabled apps, though, as some are very useful and it may be the only way to get Google to build in some of those features eventually, but just be aware of the trade-off you're making.
Why would malware be helped by having sudo installed? A privilege escalation attack has no use for it, unless you think there are security holes in sudo. Has there been or do you have reason to believe there are?
I heard these statements before and I'm never sure what to make of it. For a casual user, the possibility to click yes to a sudo dialog is a code path to disaster, but as these things need to be flashed specifically (which is a big hurdle in itself) I'm not sure how big problem it is in practice.
https://www.amazon.com/gp/feature.html?ie=UTF8&docId=1003016...
https://www.amazon.com/b/ref=rw_tiny?_encoding=UTF8&node=953...
(For those who haven't read the article: The author only discovered this because they have CyanogenMod and a permissions blocker installed and in use. Most people wouldn't be told they were being tracked.)
https://www.amazon.com/gp/feature.html?ie=UTF8&docId=1003016...
That's a lot of extra work, but it's also a huge security problem. Is it really worth the extra privacy? After all, you can't really hide yourself from Google because they index the entire web and public databases and your friends' emails...
I doubt the security problems are huge. Most userland apps run as a dedicated user. Security problems with the Google Services are potentially much more serious.
What is the security problem ? Simply missing updates that might fix vulns ? Genuinely curious...
I get it.
My point in this post is that I (who am interested in privacy and rights online) didn't realise what was going on, how is Joe Average going to know?
I agree that "Joe Average" may not question the free lunch, and that's a problem, but it's exactly the same problem as existing free apps like Gmail, Facebook, etc.
If you're a technical person with an interest in privacy issues, you need to pay a bit more attention.
Disable "Collect App Usage Data" from settings, install apps, enjoy.
