SoylentNews is people
SoylentNews
Submitted via IRC for SoyGuest52256
According to the patent, spotted by Metro, the system would use 'a non-human hearable digital sound' to activate your phone's microphone.
This noise, which could be a sound so high-pitched that humans cannot hear it, would contain a 'machine recognisable' set of Morse code-style beeps
Once your phone hears the trigger, it would begin to record 'ambient noise' in your home, such as the sound of your air conditioning unit, plumbing noises from your pipes and even your movements from one room to another.
Your phone would even listen in on 'distant human speech' and 'creaks from thermal contraction', according to the patent.
TV advertisers would use this data to determine whether you had muted your TV or moved to a different room when their promotional clip played.
(Score: 2) by VLM on Tuesday July 03 2018, @11:52PM (2 children)
I guess that's the fundamental problem, isn't it?
I know what that data is in great detail, its a timestamp rounded to nearest (or next?) five minutes, the line of code where the app crashed, maybe the one liner error message (like the famous NPE). Stack trace. No variable contents, no sqllite DB contents, no UI data, none of that. There is no anonymized identification data for me to even attempt to de-anonymize; maybe in some API I don't understand or use. Someone who's a crook could add that to the source code, but this being a legit company, no one has. Needless to say I don't work at a shithole like Facebook.
Despite how little datais contained in a crash report, its surprisingly effective at finding and fixing bugs. Of course onsie twosie here and there its probably a end user hardware failure issue not actual code. You get 100 crashes on the same line immediately after rollout, thats a software bug.
The, uh, extremely enthusiastic response I get assumes I'm getting ip addrs, account names, passwords, phone numbers, SS numbers, pix, audio (like the linked facebook article). Nah. No personal data at all, just a crash report.
Theres just a slight mismatch between reality and today's "two minutes hate".
I sleep very well accepting a check from a company "exfiltrating data" to the level they exfiltrate. Now, there is a spectrum of acceptability such that to me, how anyone with any moral or ethical sense works for Facebook is a mystery to me, but whatevs.
Let me troll you a bit by releasing the total sum of some user's "personal private" (LOL) information in a NPE crash report. Around 1pm yesterday some anonymous poor bastard got a NPE when source code line 111 tried to set a onClickListener on a null object reference where that null object reference wanted to be a widget.Button but was a null instead. Based on the class name I know it was a "C" CRUD fragment, so it's virtually certainly a button labeled "save" or whatever in the users locale (I can't de-anonymize the user so I don't even know their locale or language; hopefully doesn't matter). That's all the data I got, officially. Unofficially I think one of the devs was Fing around with that part of the app and thats probably his personal testing device, but its impossible to de-anonymize, could be you, or my next door neighbor, for all I know. My guess based on experience doing android development is my fellow software dev changed the name of the button or otherwise messed up a findViewById where you make a Button object in your fragment and try to link it to the UI, but if you screw that up just right Android will be chill until you try to set an OnClickListener on the object to respond to the button being clicked at which point it promptly crashes. A simple typo couldda done it. Or maybe some other reason. I didn't do it, but I could probably debug it given the "exfiltrated data", so its business useful. Possibly I'm completely wrong and the other dev was trying to create a new button labeled something like "cancel" and THAT had failed. Hmm. Not much data, personal, or otherwise, in these crash reports. Oh I feel so exhibitionistic dropping all that private data, LOL. Hope you can handle it, LOL. Oh no, the lost trust, LOL. Its hard to take an accusation like that seriously in a story like this about Facebook, LOL.
Part of getting stuck on the GDPR project was the point of the project was all the meaningless permission opt in BS to "get permission" from losers stuck living in the EU to exfiltrate such valuable and personal data as listed in uncensored totality above, so even if you don't like how it WAS being done, you'd probably be quite happy now. I was kinda air dropped into the middle of the project and will likely exfiltrate myself from the project shortly so my impression of past vs future might be fuzzy, plus or minus alcohol consumption on this holiday of course. I guess given the timestamp yesterday that incredibly detailed personal data, the complete sum of which is provided above, was freely and legally given, so thats cool.
Its all good, though, have a happy 4th
(Score: 3, Insightful) by anubi on Wednesday July 04 2018, @01:13AM (1 child)
I believe what's behind all this fear is a complete loss of trust.
Companies have foisted this lack of trust by making it difficult, if not impossible, to verify just what is being snooped on.
Most companies can be trusted. A few can't. And few ( if any ) of us know which is which.
What we do know is many companies pride themselves on "thinking outside of the box" when it comes to things like acquiring anything they can out of someone's machine if they will let them in. They figure it didn't cost them anything to get the data, and its a monetizable commodity. Carpe Diem!
I feel toward many web pages much like a merchant may think if somebody enters his business, with dozens of kids in tow, each wearing a little "javascript" shirt. The kids are getting into everything. Going through his books, counting the cash in his cash register.. going into doors marked PRIVATE, everywhere, and he can't lay a hand on 'em... they are kids... protected by law. The most he can do is block them from entering his store in the first place. But that often means turning away the adult that came with them.. an adult that might do business with him. He has to consider is it worth it to him to have all those kids in his store getting into everything. You want to find someone you can trust, and having some people dress kids up in little javascript shirts, and have them rifling through your machine does not do much for trust.
Little "business phrases" like "we will only share your information as permitted by law" sure sends my trust level on a downward spiral... laws can be bought. Nor do we know what information is being shared. Life is too much like a poker game, and if your competitor/opponent/customer/vendor/employee/employer knows certain things, they may seize opportunities when they know they have me over a barrel.
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
(Score: 3, Insightful) by VLM on Thursday July 05 2018, @03:14PM
Agree completely, the app biz right now is a dark alley at 2am. When I'm walking down the alley, well, duh, I know I'm not a threat at all, so WTF, but everyone assumes everyone in that dark alley is a mugger.
The infrastructure does not help. Thank you Google for making us all look like assholes. Bare unaltered Firebase/Fabric.io crashltics is as I describe, utterly no personal data and nothing any privacy advocate could be offended by, but those Google assholes added "features" such that crooks will add creepy as hell personal data to the upload "to help with debugging" which sometimes might be the honest truth but at least sometimes is scammy marketing.
Likewise the analytics feature; bare analytics would make a privacy advocate pretty happy as I've seen it used from the inside, but asshole google is like "let me help you out" and next thing you know crooked devs are doing full on identity theft.