Stories
Slash Boxes
Comments

SoylentNews is people

posted by azrael on Monday October 20 2014, @01:46PM   Printer-friendly
from the not-always-doing-the-wrong-thing dept.

A project on github claims that regardless how Apples OS X version 10.10 Yosemite is configured. Apple will collect your search requests when using Safari, tag requests in the file indexer Spotlight, phone home, tags requests in the Help application, collects any email address setup and so on. Leaving a long tail of identifying bread crumbs.

Commenters over at hackernews dispute this interpretation:

This is inaccurate alarmism. It shouldn't be surprising that the search bar makes autocomplete requests to Apple as you type.

However, it seemed suspicious to me that Apple would make it impossible, as the author claims, to type in the Safari address bar without sending queries to Apple. So, I fired up Charles proxy to confirm my suspicions.

I turned off "Include search engine suggestions" and "Include Spotlight Suggestions" in Safari search preferences. (Safari -> Preferences -> Search)

As I initially believed, no requests were sent whatsoever when typing in the address bar after those settings were disabled. Can we put out our pitchforks yet, or am I missing something?

Various other sites are reporting this as Apple collecting data irrespective of how settings are configured. Is this reaction a sign of how much distrust there is over security in the technology industry?

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by Wootery on Monday October 20 2014, @02:31PM

    by Wootery (2341) on Monday October 20 2014, @02:31PM (#107821)

    Wouldn't be the first time for this sort of thing; there was that LG incident. [bbc.co.uk]

    Stallman's points seem stronger and stronger.

    • (Score: 2) by E_NOENT on Monday October 20 2014, @02:43PM

      by E_NOENT (630) on Monday October 20 2014, @02:43PM (#107829) Journal

      Stallman's points seem stronger and stronger.

      Yeah, sometimes I wonder if that guy was sent from the future or something. It's eerie how accurate he's been.

      --
      I'm not in the business... I *am* the business.
      • (Score: 2) by kaszz on Monday October 20 2014, @07:58PM

        by kaszz (4211) on Monday October 20 2014, @07:58PM (#107949) Journal

        It's simple, he thinks..

      • (Score: 2) by pnkwarhall on Monday October 20 2014, @08:34PM

        by pnkwarhall (4558) on Monday October 20 2014, @08:34PM (#107962)

        It doesn't take "being from the future" to see successful application when you take principled stands that are built on wisdom. Stallman's "platform" is not really "based on" software -- it's just the domain where it sees application. Technology may change, but human nature doesn't.

        This is why I think it's funny when I see (for instance) arguments against the second amendment to the US Constitution based on "but the founders didn't know that people would have fully-automatic weapons". That may be literally true, but it's not a good argument when the topic under discussion is about principles themselves (i.e. the general structure and function of goverment organization), as opposed to the details of their implementation.

        --
        Lift Yr Skinny Fists Like Antennas to Heaven
        • (Score: 2) by zafiro17 on Tuesday October 21 2014, @02:17PM

          by zafiro17 (234) on Tuesday October 21 2014, @02:17PM (#108238) Homepage

          Unfortunately, Stallman is going to have the supremely unsatisfactory pleasure of going to the grave after a lifetime of scorn and abuse at the hands of nerds - only to be proven right. It's pathetic that the nerd community never misses an opportunity on sites like this one to pick fun at his grooming habits, his relentlessly consistent stand on issues, and his fixation on purity of position even at the expense of convenience or ease of coding (or even talking). But the trends show the things he worried about are slowly becoming reality and despite having foreseen it, he will die having failed to prevent it. But the rest of us, we will go to the grave knowing we persecuted a guy who was actually right. Hopefully a lot of us will feel ashamed. More likely we will be "enjoying" life in our little walled gardens, trying to finish reading our books before they expire and are revoked, and sharing tips on software piracy sites that allow us to use our computers for limited purposes without the tracking authorities finding out.

          Hope he has a good laugh from the afterlife. Hopefully he'll be drinking a pint of stout with Dennis Ritchie and Alan Turing and watching us struggle.

          --
          Dad always thought laughter was the best medicine, which I guess is why several of us died of tuberculosis - Jack Handey
          • (Score: 0) by Anonymous Coward on Tuesday October 21 2014, @10:08PM

            by Anonymous Coward on Tuesday October 21 2014, @10:08PM (#108442)

            Right about what? RMS is a zealot, and is about as wrong as every other zealot.

            This very story is about a mistake or lie perpetrated by an RMS acolyte.

          • (Score: 2) by pnkwarhall on Wednesday October 22 2014, @12:05AM

            by pnkwarhall (4558) on Wednesday October 22 2014, @12:05AM (#108474)

            The GNU project [gnu.org]

            is a technical means to a social end.

            It's not about Stallman, it's about his legacy. Part of his legacy is GNU. In a world where technology is as much about enslavement to the status quo as it is about "societal advancement", I think the GNU toolset is supremely important as the concrete implementation of the ideas it represents -- and as a toolset to develop them.

            It's a bible, if you will -- and I'm sure that's what it is to those who call him a 'zealot'.

            As for naysayers like the people you describe, and the previous responder -- those who refuse to bend for convenience-sake are always scorned.

            “In matters of style, swim with the current; in matters of principle, stand like a rock.”

            "The reasonable man adapts himself to the world; the unreasonable one persists in trying to adapt the world to himself. Therefore all progress depends on the unreasonable man."

            --
            Lift Yr Skinny Fists Like Antennas to Heaven
  • (Score: 2) by francois.barbier on Monday October 20 2014, @02:44PM

    by francois.barbier (651) on Monday October 20 2014, @02:44PM (#107831)

    As I initially believed, no requests were sent whatsoever when typing in the address bar after those settings were disabled. Can we put out our pitchforks yet, or am I missing something?

    You should check it didn't save the data on disk and send it at a later date. If I wanted to collect data without anyone noticing, I know I would do this. You can't run wireshark all the time.
    I will just wait for you to open a browser to batch-send everything at the same time.

    Okay, okay, Apple wouldn't do that... Or would they?

  • (Score: 2) by VLM on Monday October 20 2014, @02:53PM

    by VLM (445) Subscriber Badge on Monday October 20 2014, @02:53PM (#107835)

    "in the technology industry?"

    In the technology appliance industry. I'd be really pissed if MY computer did that, but Apple's appliance? Eh.

    My wife only does stuff on apple's property that she doesn't care about apple seeing.

    I have a gut level feeling that being a universal search tool, if you tried a universal search on something in the app store, or something in the app store that needs local updating, your network would light up, to figure out the latest version of that app if nothing else.

    So someone needs to put a network sniffer on and search for something not in the app store (VLM?) and then search something you know will be in the app store, how bout that apple only spreadsheet of theirs "pages" or "cells" or whatever its called.

  • (Score: 2) by hemocyanin on Monday October 20 2014, @03:14PM

    by hemocyanin (186) on Monday October 20 2014, @03:14PM (#107844) Journal

    One of the HN posters put up a pic of the TWO places you need to go to fix this behavior:

    http://imgur.com/a/TWDxy#MzS3zXt [imgur.com]

    The Safari setting is held in the "Search" not "Privacy" tab and I really don't think I would associate "spotlight suggestions" with this behavior in the spotlight preferences. Apple made these settings incredibly easy to set up wrong.

  • (Score: 1) by novak on Monday October 20 2014, @05:27PM

    by novak (4683) on Monday October 20 2014, @05:27PM (#107886) Homepage

    Everyone should know that apple/google/microsoft/facebook/$LARGE_COMPANY is spying on them "legally" when they use products by that company. It's not surprising.

    Please stop pretending that any of these guys are better than the others, or that any of them care about you at all. They don't, except on how they can make money off of you. Since today that's by harvesting your data, they will do so, by any means, to the maximum that they are allowed by public opinion.

    If you want to stop these guys, stop buying their stuff (or using their services). If that's too hard then you aren't going to change anything.

    --
    novak
    • (Score: 2) by BasilBrush on Tuesday October 21 2014, @10:16PM

      by BasilBrush (3994) on Tuesday October 21 2014, @10:16PM (#108445)

      Please stop pretending that any of these guys are better than the others, or that any of them care about you at all. They don't, except on how they can make money off of you. Since today that's by harvesting your data, they will do so, by any means, to the maximum that they are allowed by public opinion.

      Stop pretending that there's not a distinction. Every company is there to make money, but how they do so varies. It's Google's entire business to spy on you such that they can advertise at you. But Apple's business is selling hardware. They don't have the same motivation to spy.

      I have "stopped buying Google's stuff" even though most of their stuff is freeware, I don't use it. But I see no reason not to use Apple's - unlike Google they have done nothing so far to breach my trust.

      --
      Hurrah! Quoting works now!
      • (Score: 1) by novak on Wednesday October 22 2014, @05:24AM

        by novak (4683) on Wednesday October 22 2014, @05:24AM (#108564) Homepage

        If your point is that google is the worst, I agree (Though facebook makes it almost too close to call). And Apple may be the least invasive of the companies I listed since they do, as you say, primarily sell hardware.

        According to this link:
        http://motherboard.vice.com/blog/what-apple-does-and-doesnt-know-about-you [vice.com]
        Apple claims to be about as good at collecting data as all the other big tech players. Though it claims to be less interested in monetizing the data and to store it anonymously. From what I've seen a lot of "anonymization" tends to fail because it is just too specific. But if you want to trust Apple's word... That's your call. I'm not sure there's much info as to how the data is anonymized.

        I've got nothing but insults for Apple's general method of doing business, so I'm inclined to distrust them heavily anyhow.

        --
        novak
  • (Score: 2) by Covalent on Monday October 20 2014, @06:09PM

    by Covalent (43) on Monday October 20 2014, @06:09PM (#107902) Journal

    When the Apple hits your eye like a big honking phone that's...Furore?
    When the Mac that you use makes your house blow a fuse that's...Furore...

    This is several BLATANT typos that the editors haven't caught recently. Furore isn't even a word.

    I expect better, SN. I expect better.

    --
    You can't rationally argue somebody out of a position they didn't rationally get into.
    • (Score: 2) by pnkwarhall on Monday October 20 2014, @08:42PM

      by pnkwarhall (4558) on Monday October 20 2014, @08:42PM (#107965)

      When the Apple hits your eye like a big honking phone that's...Furore?
      When the Mac that you use makes your house blow a fuse that's...Furore...

      Ha! +1 Funny!*

      The other night while watching a tv show known for parody versions of advertisements, I saw an Apple spot about their new "giant" iphone -- it took me several doubletakes to realize that it was an **actual commercial**, and not a parody. The "vision vaccuum" left by Jobs is going to be the death of the company.
      --
      *Also, in a similar meta-nature, when the heck do I get mod points?

      --
      Lift Yr Skinny Fists Like Antennas to Heaven
    • (Score: 0) by Anonymous Coward on Monday October 20 2014, @11:51PM

      by Anonymous Coward on Monday October 20 2014, @11:51PM (#108020)
      I have news. Furore is a word: http://www.merriam-webster.com/dictionary/furore [merriam-webster.com]
      • (Score: 2) by Leebert on Tuesday October 21 2014, @01:19AM

        by Leebert (3511) on Tuesday October 21 2014, @01:19AM (#108046)

        I find that interesting, because when I click that link, I get:

        "The word you've entered isn't in the dictionary. Click on a spelling suggestion below or try again using the search bar above."

  • (Score: 0, Redundant) by Rich on Monday October 20 2014, @06:52PM

    by Rich (945) on Monday October 20 2014, @06:52PM (#107918) Journal

    I read a fanboi's apologist comment on another website, that, well, if you want autocomplete, then it's the most natural thing that this stuff gets sent, because otherwise they couldn't send you the autocomplete suggestions.

    Is it? Up to that point I didn't really think much about the whole issue than "more of the usual crap".

    Of course it's not. Every word processor these days autocompletes from the dictionary. Hyphenation is done just fine without looking up words online. It would be completely feasible to have a dictionary of hundreds of thousands words and phrases to suggest stored in a megabyte, if you care just a tad about efficient storage. If really needed, small passive data blobs with "trending" phrases could do differential updates, and you might even customize your own completion logic. I've been involved with a very compact hyphenation library many, many moons ago, so this autocomplete stuff could be done just as fine.

    Contrast that to having to run a production quality data center that gets hammered with up to a billion queries a day, (100M Macs x 10 queries?), 100.000 a second. How much effort is it to keep that up vs. just having a local blob to aid with guessing? If we assume 1KB per query and 10 queries/day, we'd be at >3MB in the year between updates, so "saving bandwidth" can hardly be an explanation.

    The conclusion therefore can only be that there is additional profit in harvesting the query data.

  • (Score: 1, Informative) by Anonymous Coward on Monday October 20 2014, @10:12PM

    by Anonymous Coward on Monday October 20 2014, @10:12PM (#107998)

    I installed Yosemite the other day and I can confirm that there is quite a bit of calling home even with all the privacy settings. Here's my non-exhaustive list:

    Software update pulls location (location services off)
    Mail calls home when you enter a 3rd party email server
    Connecting to local network tried to call apple servers on net daemon
    Opening system profile calls home
    Etc.
    About 3 calls to apple during boot (mostly from software update daemon)

    Some of these may be legit, but it certainly does seem like it's leaking like a sieve.
    The first program I install is Little Snitch. Oh, Firefox makes about 4 calls to google when it first starts too!
    Made me laugh, safebrowsing.google.com, oh the irony

    • (Score: 0) by Anonymous Coward on Tuesday October 21 2014, @01:05PM

      by Anonymous Coward on Tuesday October 21 2014, @01:05PM (#108204)

      yea, safebrowsing is doubleplusgood.
      luckily, one can compile ff without it, and without a whole lot of other leaky things.
      not so much closed source (cr)apple pushes :)

    • (Score: 0) by Anonymous Coward on Tuesday October 21 2014, @01:59PM

      by Anonymous Coward on Tuesday October 21 2014, @01:59PM (#108229)
      the firefox one is tied to that whole 'block reported attack sites' etc...

      if you have that on. how does it know what sites to avoid?

      it downloads a list.
  • (Score: 0) by Anonymous Coward on Tuesday October 21 2014, @02:16PM

    by Anonymous Coward on Tuesday October 21 2014, @02:16PM (#108235)

    At least you could opt out of Ubuntu spying...

    https://fixubuntu.com/ [fixubuntu.com]