Tag: Privacy

Choosing Comfort Over Privacy

It looks like Apple “needs” to upload even your unsaved documents to its servers to make the newly introduced Continuity “feature” work.

Also it seems Apple silently uploads names and email addresses of all the people you correspond with–no, not only the ones in your address book–just to have a “consistent” experience when displaying recent addresses.

It scares me how little their customer’s privacy must be worth when they choose (these are not accidental data “leaks”) to silently violate them in order to provide comfort features.

Update 2014-10-30:
It seems there is at least a hidden configuration option to turn this behavior off:

defaults write NSGlobalDomain NSDocumentSaveNewDocumentsToCloud -bool false

 

Apple’s Spotlight Search Phones Home

OS X Yosemite seems to have gained the feature to “phone home” when you do spotlight searches. It’ll send search terms and your location data to Apple’s servers. Of course it’s perfectly in line with Apple’s recent “trust us, we won’t collect unnecessary data” rhetoric.

[…] Ashkan Soltani, an independent researcher and consultant, confirmed the behavior, labeling it “probably the worst example of ‘privacy by design’ I’ve seen yet.” Users don’t even have to search to give up their privacy. Apple immediately sends the user’s location to the company, according to Soltani.

You can turn it off, but it’s on by default.

Whispers of Betrayal

The Guardian exposed in a series of articles how the creators of the Whisper app track individual and group behavior.

Whisper violated their own claims made in their terms of service and privacy policy which was updated just days before the Guardian article was published, but after being asked for comment for the publication. :/

    • They had tools to track and build profiles of users although claiming they would be “anonymous”
    • They tracked the location of people who explicitly opted-out of geolocation
    • They cooperated with the DoD, sharing infos about messages from military personnel
    • They shared information with law enforcement bodies like the FBI and MI5 with a lower legal threshold than is common practice

They process data with a staff of over 100 in the Philippines although claiming to process and store all data in the US.

Update: The Guardian has since published a clarification, removing some of the previous claims. It seems like Whisper really planned to change their ToS for quite some time and doesn’t store data on non-US servers. The claims about geolocation tracking for those who’ve opted out is based on Whisper’s ability to geolocate IP addresses (which may be a quite rough estimation).

Interview with Bruce Schneier on Privacy, Security & the Future

Bruce Schneier talks about how the mechanics of privacy changed since the advent of social media, who holds control and power in the new arena, what are real issues and what are just generational differences in dealing with them. He has a lot of good analogies to make his points. 🙂

“You’re not anonymous. I know your name, email, and company.”

This is how Websites know your name, email and company even if you didn’t submit any information and weren’t logged in through social media.

The analogy at the end is the point:

A real-world analogue would be this scenario: You drive to Home Depot and walk in.  Closed-circuit cameras match your face against a database of every shopper that has used a credit card at Walmart or Target and identifies you by name, address, and phone.  If you happen to walk out the front door without buying anything your phone buzzes with a text message from Home Depot offering you a 10% discount good for the next hour.

*shudder*