Related
After reading the article about TaintDroid (http://www.digitaltrends.com/comput...oid-apps-secretly-sharing-your-personal-data/), and how a significant portion of the apps were sending back data when not required to....I must admit, I am a bit concerned about security on my Nexus.
What are you all doing to be safe with your information on your phone? Is there a firewall that any of you are using to deny apps the ability to transmit data?
And please no responses like "don't log into anything or enter any passwords for anything on the phone" ...because then we might as well be rocking blackberries and not a phone like this with a capable browser.
"Name and shame" is the best way for an open system to eradicate this stuff
Damn alarmist journalism. Scare everybody into a corner, and then come out with a product that magically makes it all right.
Personally, I don't do anything different. I don't see why you should.
there's a firewall app that will let you block internet access to specific apps
i think it's called droidwall
Wallpapergate...
This whole issue is a joke, I agree something to monitor outgoing information would be great, I doubt however that someone who want to steal your info would sent it out unencrypted so catching this may not be easy at all..
As for this new episode of the WallPaperGate again, the info this application send is common on any platform, if you ever paid for an app on handhango or such site, the first thing they do is to ask your imei so that the app can be linked (ie DRM) to your phone… in this case the guy use imei as a cookie so that he can offer the correct screen resolution.
I would like to point out that one of the sponsor of this “studies” that target only android device is Intel who have interest into many thing including MeeGo and off course MeeGo is much safer than android…
My 2 cents…
The Vulnerability
In recent updates to some of its devices, HTC introduces a suite of logging tools that collected information. Lots of information. LOTS. Whatever the reason was, whether for better understanding problems on users' devices, easier remote analysis, corporate evilness - it doesn't matter. If you, as a company, plant these information collectors on a device, you better be DAMN sure the information they collect is secured and only available to privileged services or the user, after opting in.
That is not the case. What Trevor found is only the tip of the iceberg - we are all still digging deeper - but currently any app on affected devices that requests a single android.permission.INTERNET (which is normal for any app that connects to the web or shows ads) can get its hands on:
the list of user accounts, including email addresses and sync status for each
last known network and GPS locations and a limited previous history of locations
phone numbers from the phone log
SMS data, including phone numbers and encoded text (not sure yet if it's possible to decode it, but very likely)
system logs (both kernel/dmesg and app/logcat), which includes everything your running apps do and is likely to include email addresses, phone numbers, and other private info
Normally, applications get access to only what is allowed by the permissions they request, so when you install a simple, innocent-looking new game from the Market that only asks for the INTERNET permission (to submit scores online, for example), you don't expect it to read your phone log or list of emails.
But that's not all. After looking at the huge amount of data (the log file was 3.5MB on my EVO 3D) that is vulnerable to apps exploiting this vulnerability all day, I found the following is also exposed (granted, some of which may be already available to any app via the Android APIs):
active notifications in the notification bar, including notification text
build number, bootloader version, radio version, kernel version
network info, including IP addresses
full memory info
CPU info
file system info and free space on each partition
running processes
current snapshot/stacktrace of not only every running process but every running thread
list of installed apps, including permissions used, user ids, versions, and more
system properties/variables
currently active broadcast listeners and history of past broadcasts received
currently active content providers
battery info and status, including charging/wake lock history
and more
Let me put it another way. By using only the INTERNET permission, any app can also gain at least the following:
ACCESS_COARSE_LOCATION Allows an application to access coarse (e.g., Cell-ID, WiFi) location
ACCESS_FINE_LOCATION Allows an application to access fine (e.g., GPS) location
ACCESS_LOCATION_EXTRA_COMMANDS Allows an application to access extra location provider commands
ACCESS_WIFI_STATE Allows applications to access information about Wi-Fi networks
BATTERY_STATS Allows an application to collect battery statistics
DUMP Allows an application to retrieve state dump information from system services.
GET_ACCOUNTS Allows access to the list of accounts in the Accounts Service
GET_PACKAGE_SIZE Allows an application to find out the space used by any package.
GET_TASKS Allows an application to get information about the currently or recently running tasks: a thumbnail representation of the tasks, what activities are running in it, etc.
READ_LOGS Allows an application to read the low-level system log files.
READ_SYNC_SETTINGS Allows applications to read the sync settings
READ_SYNC_STATS Allows applications to read the sync stats
Theoretically, it may be possible to clone a device using only a small subset of the information leaked here.
I'd like to reiterate that the only reason the data is leaking left and right is because HTC set their snooping environment up this way. It's like leaving your keys under the mat and expecting nobody who finds them to unlock the door. For a more technical explanation, see the section below.
Additionally, and the implications of this could end up being insignificant, yet still very suspicious, HTC also decided to add an app called androidvncserver.apk to their Android OS installations. If you're not familiar with the definition of VNC, it is basically a remote access server. On the EVO 3D, it was present from the start and updated in the latest OTA. The app doesn't get started by default, but who knows what and who can trigger it and potentially get access to your phone remotely? I'm sure we'll know soon enough - HTC, care to tell us what it's doing here?
Technical Details
In addition to Carrier IQ (CIQ) that was planted by HTC/Sprint and prompted all kinds of questions a while ago, HTC also included another app called HtcLoggers.apk. This app is capable of collecting all kinds of data, as I mentioned above, and then... provide it to anyone who asks for it by opening a local port. Yup, not just HTC, but anyone who connects to it, which happens to be any app with the INTERNET permission. Ironically, because a given app has the INTERNET permission, it can also send all the data off to a remote server, killing 2 birds with one stone permission.
In fact, HtcLogger has a whole interface which accepts a variety of commands (such as the handy :help: that shows all available commands). Oh yeah - and no login/password are required to access said interface.
Furthermore, it's worth noting that HtcLogger tries to use root to dump even more data, such as WiMax state, and may attempt to run something called htcserviced - at least this code is present in the source:
/system/xbin/su 0 /data/data/com.htc.loggers/bin/htcserviced
HtcLoggers is only one of the services that is collecting data, and we haven't even gotten to the bottom of what else it can do, let alone what the other services are capable of doing. But hey - I think you'll agree that this is already more than enough.
Patching The Vulnerability
... is not possible without either root or an update from HTC. If you do root, we recommend immediate removal of Htcloggers (you can find it at /system/app/HtcLoggers.apk).
Stay safe and don't download suspicious apps. Of course, even quality-looking apps can silently capture and send off this data, but the chance of that is lower.
Affected Phones
Note: Only stock Sense firmware is affected - if you're running an AOSP-based ROM like CyanogenMod, you are safe.
EVO 4G
EVO 3D
Thunderbolt
EVO Shift 4G? (thanks, pm)
MyTouch 4G Slide? (thanks, Michael)
the upcoming Vigor? (thanks, bjn714)
some Sensations? (thanks, Nick)
View 4G? (thanks, Pat)
the upcoming Kingdom? (thanks, Pat)
most likely others - we haven't verified them yet, but you can help us by downloading the proof of concept above and running the APK
HTC's Response
After finding the vulnerability, Trevor contacted HTC on September 24th and received no real response for five business days, after which he released this information to the public (as per RF full disclosure Policy). In my experience, lighting fire under someone's ass in public makes things move a whole lot faster, which is why responsible disclosure is a norm in the security industry. (This is where we come in.)
As far as we know, HTC is now looking into the issue, but no statement has been issued yet.
HTC, you got yourself into this mess, and it's now up to you to climb out of the hole as fast as possible, in your own interest.
The ball is in your court.
Credit
ANDROID POLICE
Huge thank you to Trevor Eckhart who found the vulnerability and Justin Case for working with us today digging deeper.
Hi there, I need help, someone is consistently hacking into my phone, htc evo 4g, they are penetration testers and pc savvy, currently I cant login to the phn for trying to do a factory reset. They kept intercepting me and now my password does not work. Who knows maybe they changed it on their side. I wrote down everything I saw. I was seeing all these process running for the same app. in my applications. My phone was getting hot, freezes but its people that live in my apt complex and at work. can you help?
zzm5 said:
Hi there, I need help, someone is consistently hacking into my phone, htc evo 4g, they are penetration testers and pc savvy, currently I cant login to the phn for trying to do a factory reset. They kept intercepting me and now my password does not work. Who knows maybe they changed it on their side. I wrote down everything I saw. I was seeing all these process running for the same app. in my applications. My phone was getting hot, freezes but its people that live in my apt complex and at work. can you help?
Click to expand...
Click to collapse
Is your device rooted?
I used root explorer and removed the HtcLoggers.apk and other than the forced close loop that removing it caused (requiring me to remove the battery), after rebooting all seems to be working fine.
EDIT: Actually I didn't just delete HtcLoggers.apk but moved it to a safe location on the SD Card in case there was a problem and it needed to be restored. I highly suggest you do this instead of just deleting it, or better yet, a nandroid backup.
there are a few good ROMS out there that have the ICQ loggers removed already.
Do we really need three threads on the front page about the same thing?
http://www.ubergizmo.com/2012/09/new-naval-app-secretly-recreates-environments-from-your-phone/
The Naval Warfare Surface Center in Crane, Indiana today revealed a smartphone app that puts the capability of modern smartphones to observe areas in sharp relief and shows the power of malware to tap into those capabilities. The app, PlaceRaider, is capable of running in the background of any smartphone running Android 2.3. While running in the background, it takes photos at random while recording the orientation and location of the phone. Those photos get sent back to a central server, where they can be used to reconstruct a pretty good idea of where the phone has physically been.
Click to expand...
Click to collapse
What do you guys think?
I'm gonna do it to my every single one of my friends and creep on them.
At least with Android it will eventually be found and will be a fix or a way to prevent it, who knows what Apple is doing with iOS and even if the problem is founded, one would have to wait for Apple to patch a bug, but only if they choose to.
http://news.cnet.com/8301-13579_3-20014356-37.html
In some embodiments, an unauthorized user can be detected by comparing the identity of the current user to the identities of authorized users of the electronic device. For example, a photograph of the current user can be taken, a recording of the current user's voice can be recorded, the heartbeat of the current user can be recorded, or any combination of the above. The photograph, recording, or heartbeat can be compared, respectively, to a photograph, recording, or heartbeat of authorized users of the electronic device to determine whether they match. If they do not match, the current user can be detected as an unauthorized user.
Click to expand...
Click to collapse
The linux kernel have the iptables as firewall, if you are rooted, you can use DroidWall to manage it, not even that spying app can get any internet. Personally, I always manage which app gets internet access on my device.
eksasol said:
At least with Android it will eventually be found and will be a fix or a way to prevent it, who knows what Apple is doing with iOS and even if the problem is founded, one would have to wait for Apple to patch a bug, but only if they choose to.
http://news.cnet.com/8301-13579_3-20014356-37.html
The linux kernel have the iptables as firewall, if you are rooted, you can use DroidWall to manage it, not even that spying app can get any internet. Personally, I always manage which app gets internet access on my device.
Click to expand...
Click to collapse
Very nice tip! I downloaded DroidWall and it does exactly as you say!
Thanx!
However, with DroidWall you need to enable all the system apps and services, otherwise you'll start finding things like PlayStore not working.
If using DroidWall gets confusing LBE Security Manager also have internet firewall, but it doesn't utilize the same method, DroidWall works at the kernel level and will override LBE. Although LBE is also a very essential app. It can monitor how much data each app uses as well and set the permission for each app. Although if you flash roms all the time it gets tiresome to configure after each flash, also you have to know which permission to enable for some apps to not interfere with its normal functions.
Dear hacker guy,
Good luck reconstructing the images and dimensions of my butt pocket.
-signed dgaf user
Sent from my SGH-T959
suchavibrantthang said:
Dear hacker guy,
Good luck reconstructing the images and dimensions of my butt pocket.
-signed dgaf user
Sent from my SGH-T959
Click to expand...
Click to collapse
?????
I'm hoping someone can point me in the right direction after spending a day reading about mobile phone security. I'm still confused as to what an app can do and how I can limit access. Some answers or a point in the right direction for more information would be helpful.
Apps that are granted permission "Modify/Delete SD Card" can pretty much read/write anything on my device? Could an app go through my sd card and see files, for example, music, movies, other data from different apps; file names/content? I have about 35 apps running on my phone with this access. I'd rather not leave it to "how much I trust the developer" and have some means to limit access to data.
I don't keep national security secrets on my nexus but there is work and personal information that is sensitive and I wouldn't want shared. It looks like if I use android to encrypt my data it only encrypts the /data folder and there doesn't seem to be much in there.
What about securing contact and calendar data? Is this possible? Not as critical as guarding my file data, but still important to me. Thanks.
Yes, files on the external sdcard are not protected, I.e. all apps which have the right to read/write sdcard can read/write everything there. One reason is just the filesystem type: on FAT you don't have access rights. On internal /sdcard it's a bit different, because it's using ext4 as a filesystem, so principally not all apps can read everything, but also here you have the problem that for example the camera, the gallery app, ... need access to the same files and directories. So at the moment you need to trust the apps in a certain way or not to install it at all.
Sent from my Nexus 7 using xda app-developers app
While it is difficult for someone with limited tech experience, it is plausible to protect your data with measures like XPrivacy or PDroid.
However, if you're looking for an answer without jumping through a few technical hoops, there aren't many good ones unfortunately. The best bet is as you already suggested, that is to be smart about where you browse the net, and only install trusted apps. Always think twice and review permissions carefully for any app even if it's from the Play Store.
And don't forget encryption only works similar to a house door. It's only good if you keep it locked. But if you let the bad guys into your house (i.e., installing a naughty app), it doesn't protect you much. It only keeps them out so long as you don't let them in (physical access). P.S. I'm assuming you're talking about the stock android encryption not actually having individual encrypted files on your device if not then ignore this paragraph (although I'm sure some will disagree that even having SHA-512 AES encrypted files with a extremely complex and long passwords is still not enough to protect data once a malicious user gets their hands on that file.)
Even on the internal SD card, it looks like once I give an app access to "modify/delete" the entire sd card is exposed; did I understand that correctly? It looks like grant access to everything or nothing.
After reading this:
http://appanalysis.org/
It seems that even trusted developers can't be trusted. I don't consider myself a novice user but I'm really surprised at how exposed the data is on phones and tablets. Its like leaving money on your front porch and hoping it isn't too tempting for someone to walk though a broken gate and grab.
Any idea what WP, iOS or BB10 offer in the way of data protection?
TheAltruistic said:
While it is difficult for someone with limited tech experience, it is plausible to protect your data with measures like XPrivacy or PDroid.
However, if you're looking for an answer without jumping through a few technical hoops, there aren't many good ones unfortunately. /QUOTE]
XPrivacy looks good, might be worth rooting for that app.
I'm not as concerned with an app downloading files and using a high level attack on my data. I am concerned about an app where the developer decides to go through my contacts, photos, and files which are unlocked and easily viewed. Then sell the data to whomever that can do whatever. No effort required, no ability to know the data was even accessed and no ability to lock the data. I think like most things, if there is more than a slight effort needed to access the data, they'll move on to something else.
I see Google offers encryption but I can't find information on exactly what is encrypted and if I install an app with say permission to contacts does that give them encrypted access to all contacts? For example, a program that can add a contact via sms I don't want to allow it to read all my contacts, just add a new one.
Maybe Android isn't the right platform for me.
Click to expand...
Click to collapse
mgerbasio said:
TheAltruistic said:
While it is difficult for someone with limited tech experience, it is plausible to protect your data with measures like XPrivacy or PDroid.
However, if you're looking for an answer without jumping through a few technical hoops, there aren't many good ones unfortunately. /QUOTE]
XPrivacy looks good, might be worth rooting for that app.
I'm not as concerned with an app downloading files and using a high level attack on my data. I am concerned about an app where the developer decides to go through my contacts, photos, and files which are unlocked and easily viewed. Then sell the data to whomever that can do whatever. No effort required, no ability to know the data was even accessed and no ability to lock the data. I think like most things, if there is more than a slight effort needed to access the data, they'll move on to something else.
I see Google offers encryption but I can't find information on exactly what is encrypted and if I install an app with say permission to contacts does that give them encrypted access to all contacts? For example, a program that can add a contact via sms I don't want to allow it to read all my contacts, just add a new one.
Maybe Android isn't the right platform for me.
Click to expand...
Click to collapse
Heh don't give up. To be honest at least android tells you when it grants a program certain permissions unlike some other OSes where you're in the dark in terms of security.
As far as I know, and I'm assuming we're talking about the same thing, the type of encryption Android offers only prevents people from gaining unauthorized access to your data if your device is mounted or accessed when your lock screen is up. (I'm sure someone will correct me if I'm wrong--please do). But if your device is not password protected (e.g., you set lock password to lock every hour and they get it when it's unlocked) then your data can potentially be compromised.
This encryption does not, however, protect your data as you're browsing the internet, or running apps like facebook.
If you're looking for something to protect your data from say facebook finding your GPS location without your permission, or accessing your contacts and doing God knows what with it, then XPrivacy and PDroid (links above) is your answer, and I'd say that's awesome.
I may not play around with an iPhone / iOS enough, but I'm confident enough to say that they don't offer the same privacy protection even from Cydia that you can get from communities like here on XDA. Perhaps for iOS users, ignorance is bliss?
Click to expand...
Click to collapse
TheAltruistic said:
mgerbasio said:
Heh don't give up. To be honest at least android tells you when it grants a program certain permissions unlike some other OSes where you're in the dark in terms of security.
Click to expand...
Click to collapse
Thanks again. I appreciate the comments.
All I'm really looking to do is prevent an app downloading all my contacts, photos, movies, files, etc. I have some work data on my tablet that isn't confidential but it is what I would call sensitive. Actually, I rarely use external memory, mostly just use in internal sd card.
It seems all the "good apps" grab more permissions than they need or, the permission they do need to operate gives them way more access than I'd like. I'm not so concerned that I'd start using Tor or duckduckgo, but just trusting a developer with an open door to data is more than I can to leave to chance.
From what I've been reading the sandboxing in iOS and WP provide good security and in BB you can remove permissions from apps; BB10 is still the most secure if you can believe the internet articles. I'd like to see Google make it more clear as to what encryption actually allows and prevents.
There seems to be apps that button up a lot of holes, like photos, but there still are gaping holes.
Click to expand...
Click to collapse
Hi guys,
Any progress? I use PDroid on my smartphone and find it unnerving to see how much and how often data is accessed not only by third party apps but by Google itself. With PDroid you can restrict permissions without bricking the app because it can provide fake data rather than none. I have to say that I am not entirely happy with it though. I hope that Firefox OS will have success in stopping the appification of our devices. Data wise, it is much safer to use web-based services than app-based services.
I think Google's Android is so successful with developers (also) because they can gather so much data. Our smartphones are unfortunately "data gold mines" for the ICT industry.
If you have any progress in improving privacy, safety and security of the Nexus 7 than I'd be happy to read about it.
According to Samsung customer support and some members of this forum, this device does not have a built-in way of blocking Internet access for specific applications!
Many of those apps have permissions like "storage", "phone ID", "contacts", "calendar", "camera", "microphone", etc...
Therefore, when those applications are given Internet access they will be able to send all our data via the Internet...
That's why it would be of crucial importance and vital to have a built-in way of blocking Internet access to those apps.
For example, if an application has access to your data, to your storage or your contacts, it stands to reason that it should not have Internet access...
The only explanation for the lack of such an integrated system of blocking Internet access for specific applications can only be explained by the fact that Samsung and Google intend to have all our data and info sent over the Internet ... probably for specific domains ...
Google, Samsung or any other companies should not have, simultaneously, access to our storage data, contacts, calendar, camera, microphone..., and Internet access to send out all those data and info...
Besides, most apps are proprietary... so nobody knows what info or data the app is really sending out...
(Curiously and as a side note, my son has a Huawei P10 and that device allows the user to block Internet access to specific apps).
Therefore, given that this Samsung device does not have a way to limit specific applications from reaching the Internet, the phone is a spyware device!
Niccolò Paganini said:
The only explanation for the lack of such an integrated system of blocking Internet access for specific applications can only be explained by the fact that Samsung and Google intend to have all our data and info sent over the Internet ... probably for specific domains ...
Click to expand...
Click to collapse
Its google that doesn't want to implement an internet permission, we can block apps from access to storage/location/contacts and whatnot but not the internet, blame google not samsung.
peachpuff said:
Its google that doesn't want to implement an internet permission, we can block apps from access to storage/location/contacts and whatnot but not the internet, blame google not samsung.
Click to expand...
Click to collapse
Well, blame them both. Samsung is knowingly 'accepting' the Google 'flaw' on it's phone. So Samsung is also culpable.
Talk about an Over the Top Melodramatic 1st post!
Stay off the internet - Get rid of your Smart TV - Live in a box... SMH
Sent from my SM-G955W ??
Niccolò Paganini said:
According to Samsung customer support and some members of this forum, this device does not have a built-in way of blocking Internet access for specific applications!
Many of those apps have permissions like "storage", "phone ID", "contacts", "calendar", "camera", "microphone", etc...
Therefore, when those applications are given Internet access they will be able to send all our data via the Internet...
That's why it would be of crucial importance and vital to have a built-in way of blocking Internet access to those apps.
For example, if an application has access to your data, to your storage or your contacts, it stands to reason that it should not have Internet access...
The only explanation for the lack of such an integrated system of blocking Internet access for specific applications can only be explained by the fact that Samsung and Google intend to have all our data and info sent over the Internet ... probably for specific domains ...
Google, Samsung or any other companies should not have, simultaneously, access to our storage data, contacts, calendar, camera, microphone..., and Internet access to send out all those data and info...
Besides, most apps are proprietary... so nobody knows what info or data the app is really sending out...
(Curiously and as a side note, my son has a Huawei P10 and that device allows the user to block Internet access to specific apps).
Therefore, given that this Samsung device does not have a way to limit specific applications from reaching the Internet, the phone is a spyware device!
Click to expand...
Click to collapse
I wouldn't worry about it the NSA and Google already know everything about you.
without permissions 99% of your apps won't work. want to stop tracking ?dig deep into your account, real real deep to cut off a lot of privacy issues
then when you have time, google your name
pltctytc said:
....then when you have time, google your name
Click to expand...
Click to collapse
Not much came out for me, just a Google+, Twitter, Photobucket and my company activity...
But: I must agree with OP to some extent...at the end it is weighting between functionality vs privacy.
Gregzi said:
Not much came out for me, just a Google+, Twitter, Photobucket and my company activity...
But: I must agree with OP to some extent...at the end it is weighting between functionality vs privacy.
Click to expand...
Click to collapse
Agreeing to ANY extent with the OP's RIDICULOUS and ABSURD post & a Thread Title that is Entirely Misleading and Uninformed!
While everyone is entitled to their opinion - This Thread & Particularly it's Title are perilously close to warrant being Reported to the Mods!
It's a simple process to Disable Background Data for each and every Application that you decide to disable in Settings - Apps - Permissions - Data - Background /Toggle Off.
I made reference to Smart TV's as they are constantly "listening" in order to provide functionality - Then there's Laptop cameras which could be equally used to "spy" on their users... Are we to disable the functionality offered by Ok Google - Which is also "listening" to provide the functionality that we have come to expect from our technology?
Two Tin Cans and String are the bastion of the Paranoid & Conspiracy Theorists.
Sent from my SM-G955W ??
**** this I'm going back to a Palm Pixi so the NSA can't spy on me!
What if.....
The NSA IS Google?!
Seriously? You're downloading things from F-Droid and Yalp and you're concerned with what data individual apps are sending? If you don't trust an app to have an internet connection, why on earth are you using it? If you don't trust the company behind an app to use your data appropriately, whey are you using that app? Do you shut off all data so your internet/mobile provider can't sniff out what you're doing? Tin foil is relatively cheap.
Niccolò Paganini said:
The only explanation for the lack of such an integrated system of blocking Internet access for specific applications can only be explained by the fact that Samsung and Google intend to have all our data and info sent over the Internet ... probably for specific domains ...
Click to expand...
Click to collapse
Surely this is "the only reason", surely. I'll assume you have thought through the entire process of creating a mobile phone operating system as complex as Android, and also every detail involved in creating an application ecosystem that scales to millions of user created applications access by billions of people that worldwide probably generates over a trillion dollars in overall economic revenue (including employment by business built around it, advertising money spent, etc). Surely you saw a foolproof way too easily do all of this AND follow seemingly arbitrary privacy rules? You MUST have also COMPLETELY ruled out every other innocent explanation using this model, including showing conclusively that it wouldn't cause ANRs, app crashes, or anything else. Right?
You also have data showing more than just you would revoke this permission right?
Right?
Mr. Orange 645 said:
What if.....
The NSA IS Google?!
Click to expand...
Click to collapse
You mean you only just realised this NOW???!
I have to say, I'm always amazed how little people care about the spying that's being done through their phones. Saying "live in a box" or "just don't use the app" is a stupid response. You can still want to be part of society (which nowadays REQUIRES using whatsapp/facebook/google) EVEN THOUGH you're uncomfortable with the privacy implications. Someone acknowledging and being aware of this, and trying to improve upon it (or even simpler, just demanding improvements by the companies you pay a thousand dollar for a new phone) is often ridiculed as if it wouldn't matter, or people accept it as an something that is required for the systems we use. Social networks could work totally fine without being centralized, google maps doesn't actually need to send your location to google to function, and no app that i know of needs to send your usage of the phone to their company to do whatever it promises to do. Yet many apps do. It's not so much about that it is possible, the problem is that it is allowed. It shouldn't be allowed, much of the data collection should simply be outlawed. But, since hardly anyone seems to care, I don't see that coming anytime soon. I've tried to find people interested in this, but not even on reddit /r/privacy/ this seems to be a major concern.
@the_toast
There's a difference between being responsible for the amount of privacy you have and the amount of personal information that has already been made available... long before people were even aware of the amount of personal information that was already gleaned from the Products and Services that you have been using for years. To some extent trying to reign in your personal information is like closing the barn door after the horse is long gone.
The guy who originally posted this Thread is focusing his "panic" on one device and THAT is naive and Grossly Misleading!
Whether it's FB (which I don't use) or signing up for a Loyalty card - Your personal information is everywhere! Using common sense going forward is the only rational approach, but standing on an imaginary mountain top and shouting to the world that one device is "spyware" is ridiculous and deserves to be called out ?
Sent from my SM-G955W ??
Ahh, the time of the Internet where everyone knows who you are, what you're doing, what you're buying, what sites you browse, your fetishes, etc. Most importantly, here in the U.S., your IP now can sell your internet history to anyone they please, even that time you looked up 2 girls and a cup. Sorry, Charlie, your life is no longer a private one and never will be again.
MiMtnBiker said:
Ahh, the time of the Internet where everyone knows who you are, what you're doing, what you're buying, what sites you browse, your fetishes, etc. Most importantly, here in the U.S., your IP now can sell your internet history to anyone they please, even that time you looked up 2 girls and a cup. Sorry, Charlie, your life is no longer a private one and never will be again.
Click to expand...
Click to collapse
And if you Travel into the USA... Did you know THIS?
https://www.google.ca/amp/www.cbc.ca/amp/1.4494371#ampshare=http://www.cbc.ca/1.4494371
Sent from my SM-G955W ??
@shaggyskunk True, the OP is alarmist and uninformed. I was just put off by many of the answers, which basically said "why do you use Internet then". With respect to your post about searching phones - we can easily make this a scare thread (and people would be scared for good reasons). Let me continue:
- apps that want to use your microphone without apparent reason (of course also the ones WITH a good reason to use the mic) can track you through high-pitched sounds you cannot hear, which are emitted e.g. by some retailers to track you through their store.
- You talk about 1 in 13.000 people arriving in the US getting their phone/laptop looked at and potentially copied? How about knowing for 1Bn people (1 in 7 on earth) who they talk with, when they talk with them, and in which location they are whenever their phone has internet. That's Whatsapp.
@MiMtnBiker Gnn that's exactly my problem, people just accept it and believe it's never going to change. I'm not happy they know what kind of porn I'm looking at, and even less happy that they could sell the information (although I don't live in the US). If it is that way, it CAN be fixed, you CAN prohibit selling this information. Or to collect it at all. It's definitely better to know the big 5 have all my information but won't have all future information about me than to know they can continue like this forever
@the_toast
Many of the answers - including "live in a box" - "stay off the internet" were in direct response to the careless & irresponsible comments by the OP - like = like?
Not only your phone has the potential to gain access to your personal information - But your Laptop camera - Your Smart TV (that is "listening") But this technology is something that most people appreciate and expect their tech to provide them with the functionality that they want - Being aware of the capabilities of your Tech is prudent - being paranoid & frightened by it is just sad.
The issues of Privacy are extensive and if someone decides to pull on that thread - it's going to be never ending.
Common sense & being informed is the most appropriate way to go ??
Sent from my SM-G955W ??
the_toast said:
@shaggyskunk True, the OP is alarmist and uninformed. I was just put off by many of the answers, which basically said "why do you use Internet then". With respect to your post about searching phones - we can easily make this a scare thread (and people would be scared for good reasons). Let me continue:
- apps that want to use your microphone without apparent reason (of course also the ones WITH a good reason to use the mic) can track you through high-pitched sounds you cannot hear, which are emitted e.g. by some retailers to track you through their store.
- You talk about 1 in 13.000 people arriving in the US getting their phone/laptop looked at and potentially copied? How about knowing for 1Bn people (1 in 7 on earth) who they talk with, when they talk with them, and in which location they are whenever their phone has internet. That's Whatsapp.
@MiMtnBiker Gnn that's exactly my problem, people just accept it and believe it's never going to change. I'm not happy they know what kind of porn I'm looking at, and even less happy that they could sell the information (although I don't live in the US). If it is that way, it CAN be fixed, you CAN prohibit selling this information. Or to collect it at all. It's definitely better to know the big 5 have all my information but won't have all future information about me than to know they can continue like this forever
Click to expand...
Click to collapse
I'm afraid the only way you are going to change it is to completely get off the grid. Many people are oblivious to the fact that they are willingly giving up their personal information when they have their noses buried in their smartphones pert near all day. What's worse is that the politicians only seem to cater to the wealthy, and since they are salivating at the idea of getting their grubby hands on your info, this will continue. Unless there is a huge uprising and people assemble in protest of this, it will not stop. Heck, I don't even think it will stop, then. Nope, money is the reason as to why this won't change and, unfortunately, you have no say in the matter. Unless, that is, you do get completely off the grid.