An operating system needs to be aware of every application running on it. (It doesn't need to be reporting that back to the mothership, though)
I'm not sure what that has to do with a third party peripheral. You may be confusing a Wacom tablet for something like an iPad or Nexus 7?
EDIT: For others who may be confused, a Wacom tablet is used to provide a pen/stylus interface to a computer. It's an additional peripheral, similar to your keyboard or mouse, for your computer. It is not a standalone independent computing platform.
Wacom produces multiple devices, the simplest are basically a pen based touchpad. No display and no real computing power, needs to be plugged into a computer to function in any way. The more high end ones are a pen touchpad+display but still requires a computer (ie: they're a monitor). There are also standalone tablets that use Wacom technology although I'm not sure offhand if Wacom makes any directly.
You can buy tablet computers from Wacom, I have a “Wacom Mobile Studio” gathering dust that I really should get rid of someday. Just didn’t fit into my art workflow better than a laptop and an old Wacom Intuos 4 stuffed into the bag next to it.
They do mostly make external pen input devices, with or without screens. Which people have been calling “drawing tablets” since loooong before “tablet computer” was a phrase anyone used outside of maybe science fiction.
A Wacom tablet is what used to be called a digitizer tablet, ie, a HID that uses a pen and a surface to allow for easier and better drawing. Essentially an odd-shaped mouse with some extra pressure sensitivity.
GP must have confused with the currently better known use of tablet, which is a full-blown computer with touch screen and no keyboard.
This is getting voted down, but is this not true? My iPhone knows all my top apps and shows them on whatever that screen is called, with the search, and adjusts them over time as usage changes. Maybe it’s not “more important,” but why vote this down? How do I know that data doesn’t go back to Apple with “telemetry”?
I learned something in this thread as well from the question asked, wish a few commenters would drop the "whattaboutism" attitude, some of us are actually trying to learn something here.
A Wacom tablet is not the same as a phone, it is a peripheral. This is like your Dell keyboard tracking your keystrokes and what application they go into.
A specialized keyboard using different button layouts and settings per app. Also, not tracking keystrokes at all but rather "used special keyboard with app foo".
As a better example, suppose it were a game controller. Then the question "what games are people using this controller with?" seems quite reasonable. Filter to games only and anonymize the data and that would be fine.
It's an attempt at technical whataboutism (alternately it's just confused and thinks a wacom tablet is comparable to an iPad or something). The operating system obvious has to know what apps you're running, and can store metrics to the same -- locally -- to improve your experience. There is no reason Wacom needs to know, much less share it externally. It adds zero value for the end user.
Being actual operating systems, I can understand why. I mean, it's pretty convenient to know what's installed on my phone. However, a writing/drawing tablet doesn't need to. At all. Ever.
Wacom tablet drivers have application specific settings for compatibility. We should scrutinize all data collection, and this may be too far, but "[no need for tablet data collection] at all. Ever" is simply not true.
I strongly disagree. The driver does not have to collect an event log in order to react to focus changes and switch settings. It much less has to transmit this event log, let alone to a third party such as Google.
I think the egregious thing with Wacom is that 1) no one expects a drawing pad to have any need for remote connectivity and 2) use said remote connectivity to share usage information with third parties.
More broadly, we need to get away from this whole "but don't other people do the same thing?" dialogue when it comes to privacy. Yes, these issues are prevalent. That doesn't mean it's trivial---quite the opposite, in fact.
> as far as I can tell anyone with the presence of mind to decline it could do so with no adverse consequences
Makes me think one should try declining these kinds of agreements to see what happens, before accepting. As someone who also has an "anti-privacy-policy-policy," I wonder how many of these kinds of things I've agreed to when it was unnecessary.
As far as I can tell the only consequence of declining it is that it pops up the “hey please let us have all this info” dialogue whenever you reboot. I’ve been doing this on my own machine for most of a year.
Might be different with the latest update, I haven’t bothered with that.
Is there an accessible way to prevent an application drawing a specific window to the screen?
I can see an app like autohotkey could click the "no" button and automatically remove it, but could you (assuming it's not modal; which it probably is) tell Windows not to show it?
The "Wacom Desktop Center" app mostly just sits there looking for updates and bugging you to enable tracking anyway; the Mac version has a menu setting that theoretically stops it from ever running, and thus bugging you to sign up to share your analytics. I just turned it off (since I just noticed it for the first time) but don't feel like rebooting to check if it actually works. (Though I did just run the little script I keep around to restart the driver, which normally brings up the WDC, and it did not show up this time. Huzzah!)
FWIW that isn’t a unique identifier for the author, it’s for Wacom’s GA account. I didn’t see any meaningful identifier being sent. Of course the set of most opened apps and your IP are probably enough to identify you.
That said, yep, it seems lame they don’t disclose this tracking. I can understand why they’d want to know what apps their device pairs most often with, but tracking all app opens seems aggressive, but maybe it’s the only way to identify what app is open when the device is used.
Tracking the currently open application software side is perfectly within scope for a drawing tablet - they often have buttons that can be bound to keyboard shortcuts, etc. It makes sense that it should know when you're focused on Photoshop vs Google Chrome.
But why are they sending this data to a server? My best guess is that this helps them focus on what software people are using. This allows them access to the popularity of graphic applications. They get to see what percentage of users use say Photoshop vs [Other program here] - so they know where to prioritize integrations and testing.
But I'm not sure how much "integrations" or work with third parties Wacom does - the drawing tablets are following an api standard after all. But maybe wacom does work directly with application devs, I don't really know.
I doubt they're doing this to try to track individual users - even if there are ways to do it. That said I really wish they approached this with a more friendly "Would you like to enable some basic Telemetry to improve Wacom products - Yes, No" instead of a very unfriendly user agreement where they try to force it.
IMO the more simple explanation is they want this data to sell to data aggregators, who can in turn enrich the profile they have on you. There's a similar thing going on with smart TVs, right?
Having started numerous tech companies myself, interviewed hundreds of others who have, and started a community that instructions others on how to do so, I will say that HN's perception of how easy, profitable, and common it is to have a business model focused on selling data is overblown. I'd wager the vast majority of data collectors (e.g. Google Analytics accounts) just want it for their own internal decision-making and analysis.
As much as I would like to believe you, I cannot. With literally almost every company around me gathering analytics and with every average person's operating system, web browser, social media, phones, televisions, smart locks, smart fridges, graphic card drivers and graphic tablets sending this data out in bulk, you are not going to convince me that the authors of all that software are siphoning data out of us all for nothing.
> you are not going to convince me that the authors of all that software are siphoning data out of us all for nothing.
That's not what they are saying at all, and suggesting it's for nothing proves you don't understand the value of using the data for internal decision making. Simply put: the main use of this data is for that reason: internal decision making. Answering questions like:
* How are our customers using our products?
* What errors are they experiencing?
* What features are they using?
* Where are they confused?
* What features cause the most problems?
* What feature should we work on next?
These are all regular questions that are answered by collecting these types of metrics, including the one described in this post. Selling the data to third parties isn't easy. The data is generally gathered to inform product decisions, not to sell, so it's not in any easy format that makes it easy to sell. One has to go out of their way to sell this data, and the cost to put together this data in a way that's useful to sell would almost certainly cost more to setup and manage than they would get from such a small number of relative users.
The simple fact is, everyone sends data back to their servers for collecting and parsing, including Apple, the company everyone puts on a pedestal for privacy.
Simply put: show me the evidence they are selling the data to third parties for profit. Anything less is speculation.
But trusting companies to do the right thing is untenable. That trust has been broken far too often, by far too many companies. The only rational position a concerned user can take is to assume that anybody collecting such sensitive information (particularly in a sneaky way) intends to monetize it or use it for purposes other than product improvement.
And even if the data really will only be used for product development, getting the user's informed consent -- and refraining from data collection without it -- is critical.
Further, using GA automatically means that the data is being used for Google's purposes as well as the application creator's.
If you have large data-sets/streams, companies like Acxiom and Innovis are interested buyers. Are you trying to imply that brokering consumer data is a marginal or non-existant business?
> Are you trying to imply that brokering consumer data is a marginal or non-existant business?
For small/mid-size datasets (which is what we're talking about), yes, that's exactly what I'm implying. It's not actually easy for most companies to sell user data for a quick buck like is being claimed.
I know this is the popular conclusion - but from a developer perspective, data such as what software your product is used with is INCREDIBLY valuable for project planning and prioritization. People hate web tracking, but knowing what browsers or devices are visiting your website can be enormously helpful.
Also I don't know all the details here - I know that Vizio TVs where collecting data and explicitly kept the IP and other personal data with it. I don't know if wacom is doing that.
Now that said - I don't like that they're handing this data to Google through Google Analytics. I also think they should be far more up front about what they collect, what they use it for, etc.
> I know this is the popular conclusion - but from a developer perspective, data such as what software your product is used with is INCREDIBLY valuable for project planning and prioritization. People hate web tracking, but knowing what browsers or devices are visiting your website can be enormously helpful.
What happened to actually communicating with users to learn more about how they use the product?
It's not challenging, but it's wrong. If you want to explain it to them, making a binding promise of what it would be used for, and have it be opt-in, that would be another thing.
Morally and ethically, you're absolutely correct in every single possible way.
I was attempting to illustrate the decision-making processes that may have led to this juncture and what happened to communicating with customers. Please accept my apologies, as I have plainly failed to be clear that this was not an argument as to the moral or ethical questions concerned.
Again, you're completely right. It's not at all difficult to see the morally and ethically correct way to go about this.
I really like the approach that the Steam survey uses which blends engineering and communication:
1) Pop up and ask for permission to scan the machine.
2) Show the data collected that will be sent back and give a second chance to decline.
3) Allow everyone to see the aggregate results.
Being mostly automated, it's lower friction than a manual Q&A survey. But it also feels way more respectful that trying to snoop around and then clandestinely exfiltrate the data. It's one of the few cases where I'm willing to opt-in to data collection.
This. You aren't asking for vague blanket permission, nor are you asking for the user to manually fill out a survey. And you give them the opportunity to review what they're about to send.
Great point! And being able to see the results in aggregate is also interesting. It inclines me to share, because it becomes a two-way share, even though I don't actually have use for the information.
Users stopped communicating. They install a thing, they uninstall it. 99% don't leave any comment at all.
(and yes, the obverse inference is also true. If you see one person complaining, there are probably 99 more who have had the same issue and have said nothing)
It's a confirmation bias problem. Customers who fill out surveys and give direct feedback back to vendors are frequently lower-usage enthusiasts that aren't representative of your overall userbase.
I work on a product, and we include some telemetry. I'm also a strong privacy advocate, and I believe I've done my best within the corporate realm to ensure that the data we're collecting is extremely scoped AND useful for decision making and prioritization. In my experience, there aren't that many of me, but I implore folks to realize that as PMs and engineers, we absolutely do have a say in making sure that blanket data exfiltration and aggregation doesn't happen in our products.
Communicating with your customers proactively about what you're collecting and why is important too. And not buried in some privacy policy legalese: publish a blog post, explain what you're gathering, give examples of how it's driven decision-making for you in the past, and what you're hoping to learn in the future. It goes a long way.
As a user, even if you're up about these things and why they're important for product development, my answer is still "No."
Because I will only say "Yes" if I'm being paid or otherwise compensated specifically for that input.
I think it's important companies pay for usage testing so that they value that information and are more likely to hold it closely since it represents an investment and is perceived as competitive advantage.
That's why a sane data collection is aggreggate, upfront about the data it collects, avoidable, and most of all, explicitly opt-in. Alas, this requires eternal vigilance, as the pushback is neverending.
I don’t think anyone is denying that the data is valuable, but what is usually missing in the implementations (not sure if true in this case) are 1. Transparency about what is being collected, 2. Requesting consent from the user and 3. Providing control to the user in the form of an opt-in or opt-out.
Transparency, consent, and control.
If every company addressed these three issues, we wouldn’t be having this conversation about privacy and data collection over and over and over.
I fully agree that they need to address those problems. I really like the way Valve does it with their Steam Hardware Survey.
What I'm addressing is that I feel many people see a company tracking data, and assume this data is valuable enough to sell, and that the data is for sure being sold.
My point was that the data isn't just valuable to sell (maybe), but is legitimately valuable in making a better product/service.
> I know this is the popular conclusion - but from a developer perspective, data such as what software your product is used with is INCREDIBLY valuable for project planning and prioritization.
Maybe if it were only used for that it wouldn't be so bad. But I don't trust a company not to take another bite at the apple by selling customer data if they think they can get away with it. Matter of fact, refusing to do so is leaving money on the table and could get a CEO fired for not making the company as profitable as it could have been. Once companies have the data, they are almost certainly obligated to use it in ways to their benefit and your expense.
Not really, it depends on the revenue strategy. Shareholders would likely be more displeased at initiatives that could end up breaking user trust and harming core revenue (e.g. the sale of peripheral hardware). Blindly leveraging everything in a way that doesn't align with vision or strategy generally leads to disappointing returns. Smart leaders know this.
> from a developer perspective, data such as what software your product is used with is INCREDIBLY valuable for project planning and prioritization.
I don't think anybody is disputing that. But that its very valuable to devs does not excuse collecting it without getting the user's informed consent first.
It appears to be this communities' commenters unpopular conclusion. That every piece of tracking is part of a conspiracy to sell you advertising.
> In section 3.1 of their privacy policy, Wacom wondered if it would be OK if they sent a few bits and bobs of data from my computer to Google Analytics, “[including] aggregate usage data, technical session information and information about [my] hardware device.”
What wasn't upfront about this? That they didn't add more details about what the session information was? Legally why would they? The post includes an image the section where they legally disclosed it. People not reading the privacy policy before using a product is not Wacom's legal problem.
Can you ask them to put this section on a separate screen? Sure. Will they do it? Who knows. I'm sure they'd want to know if you are a customer giving ideas than a low priority non customer as would any person.
How many blogs or websites disclose the use of Google Analytics in their privacy policy?
You could talk to many customers and this is the least thing they have on their minds. Paranoia displayed by commenters here is amazing.
As the post concludes, if you are a (prospective) customer who does not like what they collect then there are other brands. I might add who probably have a hidden, more intrusive way to track you because they are smaller, have smaller volume/margin and have the incentive to build and sell your profile like other small companies not in the field.
It would be "simpler" to say, but that doesn't invalidate the other reason.
My tablet behaves differently per application. If I typically have one app open only on one screen I can limit the tablets "workspace".
Context-specific buttons based on app.
And if you're doing that _and have build sufficient app infrastructure around it_ as Wacom has to support fairly custom per-app behavior, the more realistic conclusion is that they're trying to get more info on that - now you can argue about opt in on the "share experience data" privacy setting - and I would agree, absolutely.
But "more simple to say that they're just selling data for money" is a pretty reductionist argument that jumps solely to the most negative possible motivation. "What's the worst they could be doing with it? Selling it? That's probably what they're doing, not making their tool more useful."
It doesn't really matter what their reasons are. Having the data is a liability. The author explained one scenario where these things can go wrong. Another is if they're hacked. Or if they're purchased by a larger unethical company. Or if they accidentally keep the data in an open database on an Amazon cloud service. Or a million other scenarios.
FWIW that isn’t a unique identifier for the author, it’s for Nike’s marketing account. I didn’t see that the Nike employee who hid in the author's closet wrote down any meaningful identifier on their form. Of course the set of the most popular gym floors where the author wore the shoes and the author's home address are probably enough to identify you.
That said, yep, it seems lame they don’t disclose this tracking. I can understand why they’d want to know where their pairs of shoes most often travel, but tracking all gyms seems aggressive, but maybe it’s the only way to identify what gym floor the shoes were used in.
Heya - I could swear that wasn't there when I originally wrote the comment, but obviously it is there. Thanks for pointing that out. With that said, it doesn't change the substance of my comment too much - as I pointed out one can get a pretty solid unique identifier many ways, not limited to what I said above, you could even call out the presence of a permanently identifying header that Chrome gives some users[0].
Heya, replied to another comment that brought up the same thing, sorry about that - here's what I wrote there:
Heya - I could swear that wasn't there when I originally wrote the comment, but obviously it is there. Thanks for pointing that out. With that said, it doesn't change the substance of my comment too much - as I pointed out one can get a pretty solid unique identifier many ways, not limited to what I said above, you could even call out the presence of a permanently identifying header that Chrome gives some users[0].
"their device, which - remember - is essentially a mouse"
... that has per-application configuration settings that change how the tablet can be used. They aren't just wantonly collecting unrelated data. They have features tied to this.
I read the whole article to see if there was any mention of app-specific config. Doesn't come up once.
It also has quite a few quirks depending on the app so it’s logical they want to know which compatibility work is most pressing. Not that they have done much lately, but that’s a different subject. Wacom is an extremely frustrating company to deal with.
We aren't talking about Facebook or Amazon or Google here. I think we can walk back the apocalypsism.
Most companies aren't well-oiled, gigantic machines of user-data-manipulation. I'm sure there is a better way for Wacom to do things. I'm also pretty sure their staff are doing the best they can.
It doesn't matter if this is done by Facebook, Amazon, Google, or Joe's Basement Software Company, nor what the data is actually being used for. Doing this without obtaining the user's informed consent is unacceptable.
Hmm... Good point. I could see how Wacom could make context sensitive control panels based on the app, without having to ask the user, but then I still would want control over that: what if the functionality becomes too different between to apps and I find it annoying? This should be exposed to the user.
It makes it feel less nefarious, I guess. But I still don't want a C&C server knowing this much about me.
While this implementation obviously has privacy issues, the anonymized aggregate data would be quite interesting, e.g. how many people use photoshop, illustrator, etc. with their wacom tablets.
The problem then seems to be more about the false positives. If you use "Half Life 3 Test Build" that is useless info for wacom because it (presumably) doesn't care about pen input.
Q: If the data were filtered to just art/graphics apps using the pen, would that still be problematic?
Yes. When thinking about data, you need to think about orthogonal uses. Can you imagine reasons why someone might subpoena data to determine whether Photoshop was being used on my home desktop machines at a particular time? They might not care that it was Photoshop at all.
Any data collection of course has a privacy cost and should of course be opt in.
What about aggregate data limited to art apps? For example if it only sends a monthly summary: used photoshop with a wacom tablet for 15 hours this month, illustrator for 3 hours this month?
In that fictitious scenario, would they have checked with Adobe if they wouldn't mind their users spied up on. What if this information is indirectly used for trading on ADBE stock? Would that be considered OK ?
I think any attempt to exfil data not required by the function of the tool should be clearly and transparently disclosed, the use of those disclosures backed by the force of law, and opt-in. This is obviously far from where we are.
Because of that, I would block it no matter what. In a better world, I would selectively allow some instrumentation and such, but as-is, there is no way to trust any of it.
Well with the proviso you stated that informed consent has been obtained first, then this would be fine (as would more frequent/less targeted collection). If not, then this is not fine.
If that's the kind of behavioural information they want, they can pay for it just like anyone else. That's the kind of data that should absolutely not be expected to be free.
The collection of the data is almost never what’s problematic. What’s problematic is the lack of transparency about what is being collected (doing it to users in secret or burying it in a privacy policy somewhere), and the lack of a way for the user to consent or not consent to it via an opt-in or opt-out. If the company provided these, then this is kind of a non-story.
In this case, the author both found the information in the installer, and the apt has a "Opt out of Experience Sharing" privacy checkbox (which I would agree should be opt in, not out), so to me covers most of this.
The best part is where the author admits to using google analytics himself to track who visits his blog. At some point we all have to say enough is enough.
I think what escapes most people is that they think Google Analytics is a free product to help you track your visitors. Yes it does do that, but the more valuable product to other google customers is you've linked your website to a global ad network even if you don't display ads.
Given that the Wacom utility is full of app-specific references and "customize your tablet, per app", I'd say that this is on par.
Ask random person, "Hey, do you know that when you visit John's blog, he sends your information to Google, too, not just himself?" and I guarantee you the answer is probably closer to 7% than 70%.
That's wishful thinking, not reality. In reality, many different actors can benefit from info about the used software on a particular users' PC. And now they know who to bribe to get it.
> Has this investor got a beta build from that new startup everyone's talking about? Their bets are always winning, I better frontrun them if that's the case.
> What apps could I exploit to get into this guy's computer?
> Wait why is my employee suddenly running tor browser after I involved her into this new secret deal? Better be careful with her, she might be talking to someone.
> Damn, our competitor's engineers are all running our app. Let's correlate the timestamps with our own backend to discover their accounts and push a special update to them.
I've read a lot of comments recently about how Google Analytics is bad, but no one explain why. Can I ask why this is not something people want? Is it not anonymised?
It's anonymized to the website owner (who has your IP anyway), not to Google. That means even non-Chrome users are forced under Google's omniscient watch of the web.
When a company with the reach and market share of Google is involved, "anonymized" is meaningless. They have so many other channels to gather data (Android, ReCaptcha, Chrome, Google Search, etc.) that I'm sure it's trivial to de-anonymize and correlate GA data to a real person if that becomes profitable/necessary.
One reason why is that Google Analytics is not being limited to giving the web site owner traffic information, the analytics are also being used by Google to collect and correlate larger traffic patterns, as well as track individual users across multiple sites. These are things Google gets to see, but the neither the site owners nor the users have access to. What Google does exactly with this information is not entirely known outside of Google, though it's certainly used at least to improve personalized advertising, which many people feel is a privacy concern.
GA gives Google surveillance over a large portion of the web. Even if the author of a webpage trusts google with their data, they shouldn't be forcing their opinion of Google on others. Trust isn't transitive!
Google receiving browsing histories for a single website is rude, but it probably isn't a serious problem for many websites (although the risk will depend on the nature of the website). In isolation, the fact that Alice read Bob's webpage isn't isn't very interesting, but Google can aggregate that data into s very accurate pattern of life[1].
> Is it not anonymised?
Not for any meaningful definition of "anonyms". At best GA will zero the low 8 bits of the IP address by request of the website. (The opinion of the person visiting the website apparently isn't worth considering) See this[2] post for a more detailed explanation of GA's perfunctory "Anonymize IP" feature.
I know that Google builds its business on the backs of user data. That doesn't change the fact that data regarding me or my machines is "none of their business" in the colloquial sense. That Google forcefully disagrees is what makes them a spy agency.
Lol, comparing visit counters from the 90s to Google Analytics.
GA is used by countless websites. It's likely hooked into the adwords codebase so that they can track websites you visit even if that website does not have Adwords ads on it.
Why do people use GA? Every HTTP server generates a log. That's always been good enough for me. Then again my site doesn't have ads, so maybe that's the answer.
Ohh you bring me back memories of 1999 when I was using WebTrends to analyze http access logs.
HTTP Log analysis is slow, and requires a lot of server side setup. Also, it will not give you navigation events in a SPA.
Using GA... just drop a line of JavaScript and you are done, with near real-time insights that are more detailed than an access log. You don’t need any server conf, or extra knowledge (not even JS knowledge: copy & paste the embed code). And Google gives you that for “free”... that’s why tons of sites doesn’t care about Http access log analysis anymore.
For desktop apps is easy too. The GA API is very simple: send the app id, event + any event data you want. Your dev team can do that with self service (no need to setup a service, no extra costs to handle data).
On Linux you'd be using the community-maintained drivers[0], so I assume this wouldn't be a problem (correct me if I'm wrong).
But as far as I can tell, there's not equivalent Open Wacom drivers for Windows. People with more Windows knowledge than me: any thoughts on why? Is it just that someone using Windows probably doesn't care about Open drivers, so the demand isn't there? Or is there something about Windows that makes substituting drivers harder?
Wacom doesn't provide their own Linux drivers, but looking at the state of drivers around GPUs, printers, I vaguely suspect that somebody in Linux would be working on Open alternatives even if they did. I'm trying to think off the top of my head what Windows-compatible hardware has 3rd-party driver options. Maybe some printers?
Clearly this isn't a trivial or very fun job (last time I used them, the Linux drivers were buggy as hell). Who would have the motivation to do it on Windows, where you have a driver that works and users have little expectation of privacy to begin with?
The Linux drivers for Wacom tablets have never been buggy in the past decade in a half I’ve used them. Other parts of the stack (Xinput, libinput, GUI libraries) have been, but the actual driver provides good data to userspace.
Even then, to me the drivers on Linux have been perpetually less buggy. On Windows I found myself needing to restart the usermode service and restart applications frequently, especially if the USB connection was unreliable. The Linux driver did not have similar issues.
1. Did you reply to the wrong comment? I was only remarking on the Linux driver not being buggy.
2. If you’re referring to a Windows open source Wacom driver, one already exists, as mentioned elsewhere in the thread, though it has a pretty specific purpose in mind. https://github.com/hawku/TabletDriver
the comment you are replying to is talking about the motivation to make a driver.
I assumed your comment was also about that, I didn't expect that you were ignoring the context of the conversation and just commenting about whether the current driver was buggy or not. Sorry.
LinuxWacom doesn’t provide a configuration GUI that I am aware of, though. The xf86 input driver has knobs you can tweak but as far as I am aware the only official way to do it is CLI.
If you are talking about GNOME’s Wacom settings, then I can understand the confusion: under Windows this would be part of the driver package, but under Linux this bit just happens to be completely unrelated and maintained by GNOME. I realize this does not matter much to the end user but it kind of matters in the context of this discussion; the bugs aren’t inherent, they are probably mostly a result of how the software ecosystem works on Linux...
>users have little expectation of privacy to begin with?
The cynical side of me wonders how long it will be before prosecutors argue, with a straight face, that using evidence obtained from mass surveillance against people using Microsoft Windows is okay because Microsoft collects a massive amount of data so nobody should expect their files and activities to remain private; that there is or should be no expectation of privacy on such a system.
And then how long until warrant applications come in with supporting evidence that the subject of the warrant uses Linux and therefore their increased desire for privacy is prima facia evidence that they're doing something illegal.
The first part is long since true. Courts have already (wrongly) established that you have no expectation of privacy in anything you entrust to a third party agent like a bank or a cloud service. If you give the provider a key to your stuff, they can give it to law enforcement.
The latter is a tougher desecration of the constitution to sell.
Now, if only someone could make Wacom drivers that make the Wacom touch functionality interface better with Photoshop and friends, rather than just handing keyboard shortcuts to them. Somehow, that's the best Wacom has managed to do, which makes those features effectively unusable in the very apps those tablets are most commonly used...
... if you install and configure popularity-contest, which includes an explicit opt-in process [0] and it still doesn't track usage, merely installation.
It's a tiny bit more than that: popcon weekly reports which packages have been used that week based on their atime. atime, ctime and filename are reported (the times are truncated to a multiple of twelve hours).
One of the first things Debian does is ask consent about this, and the FAQs are clearly published: https://popcon.debian.org/FAQ. You can't say the same about most things.
Yes, it doesn't apply to Linux. Also on Linux libinput and synaptics drivers support wacom tablets, so you don't necessarily need to even install linuxwacom (in my config I do "xinput set-prop ..." for both cases to setup pressure curve).
Ever since the Windows multi-platform tablet push windows has had built-in drivers for touch & pen support. For the purpose of drawing, these drivers are actively antagonistic, as they have weird touch macros that make fine detail virtually impossible. And as they are built-in to windows, these drivers are also a pain to override by third-party drivers.
Add that to the complications that already arise from interfacing a 3D (touch sensitivity) precision input device with a computer and you end up with poor official driver support, and even worse community driver support
What is it called, and how do you turn it off? I haven't run into this issue on Surface devices, but I do have a couple of Wacom tablets too (mainly used on Linux on another machine).
Open source drivers are rare on Windows because manufacturers almost always ship proprietary drivers that are good enough, and Windows users clearly have no issues running closed-source software.
Proprietary drivers on Linux are often crap, if they even exist at all.
Windows users should push for FOSS drivers as well also when the proprietary ones run perfectly. Privacy and security issues aside, being forced to depend on a closed driver means that the manufacturer can make the product obsolete just by stopping support on newer Windows versions, therefore turning the product essentially into trash, thus forcing the user to buy a new one.
The vast majority of Windows users don't really care about that though.
In the 90s, software modems ("winmodems", see [0]) were popular because they were cheaper than using dedicated hardware for generating and decoding the audio signals sent over the phone line. Those would break if the manufacturer didn't upgrade their driver for newer versions of Windows, since they're completely software driven.
I'd be very surprised if things have changed since then, and I bet that the majority of consumers would just pick the cheapest option at the big box store.
I remember getting PCI based Winmodems working on my old machines back in the late 90s/early 2000s. A lot of people bought ISA modems or physical COM port models so they wouldn't have to deal with that bullshit.
Now most Linux distributions are littered with binary blobs in linux-firmware that have to be loaded for everything from Wi-Fi to Bluetooth. We've gone the total opposite direction of where we should be .. except for like .. amdgpu.
Winmodems were not popular with anybody except manufacturers, and exponentially increased the support issues with modems as an entire technology. Read: people had more problems with Winmodems than they did before.
Not true in all locales. In 2001 I bought a computer locally (Haifa, Israel) with a winmodem. I installed Red Hat on it, so obviously the winmodem would not work. I could not find a hardware modem locally. The only solution that I had was to go with an ADSL line (250k up, 750k down) which cost a fortune but whose modem would plug into the network card.
It would be a full two years before I would see any other home users on anything other than dialup. 750k down in 2001 was so impressive, you could start listening to songs on Kazaa as soon as the download started!
The windows approach to driver certification makes this really difficult. Microsoft virtually requires every driver maintainer to pay $100-odd every couple of years for a signing certificate (and ironically enough this is done in the name of improving driver quality). For a corporation that's nothing, but it's a pretty steep ask for the hobbyist maintainers that OSS drivers tend to rely on.
There is also the little matter of Windows (since 7 I think?) requiring kernel drivers to be code signed, unless you want to run your system with a permanent "Development mode" text overlay, not to mention the arcane procedure required to activate that in the first place. (You can't add another cert to the trusted set, either.)
So that puts a little damper on the whole "open source" thing. Of course it is also not effective at all, Stuxnet was famously signed by Realtek.
That’s trivially easy to get around by installing you’re own CA cert when you install the driver.
This is arguably worse security wise but it makes the driver install process identical to the way it used to be as far as the average consumer can tell. This is why (IMO) free software is so important, to the point where I’ve begun to agree with the radicals and think it should be mandatory.
There are two separate authentication processes for drivers on Windows: Authenticode, which is used for the kernel-mode driver (.sys) and is strictly enforced, and driver package signing (.cat/.inf installation packages), which has a mutable root storage called Trusted Publisher system store. Zadig works by adding its own certificate root to the Trusted Publisher system store and self-signing the installation packages, but the three possible installed drivers (WinUSB, libusb0, and libusbK) were all still signed by Authenticode.
Yes, it is its own list for software publisher signing specifically, and is separate from the Trusted Root Certification Authorities certificate store.
The process to get a driver signed doesn't seem too hard for an open source project to do. Biggest hurdle is the certificate costing around $300/year as far as I can tell, so it would need to be a project with a reliable stream of donations or an author/s willing to pay it.
Not too long ago I had to do some INF editing to get a driver installed on Win10, and the editing did invalidate the signature so it (silently!) refused to install, but booting with the "disable driver signature enforcement" option made it install, and it continued to load and work normally even after I booted back into normal mode. This was only a few months ago so unless something drastic has changed since then, maybe it's not that hard to install drivers with bad (or missing, but that's really the same if you just have an arbitrary signature) signatures. I thought I'd be out of luck and have to resort to something deeper and less reliable like kernel patching (tools exist to do that, but they get marked as malware, and you have to do it after every update...) but that was an unexpected surprising positive.
Editing the INF de-authenticates the installation of the driver, which can also be bypassed by adding to the Trusted Publisher root store, which is mutable (as Zadig/libwdi does), but the actual kernel-mode .sys binary still needs to be signed by Authenticode unless the system is in driver Developer Mode. Your method worked for installing a modified INF file, but will not work for installing a modified binary.
Sounds like my Linux experience in the late 1990s: lots of weird invocations without understanding what they do, just to keep the system barely functional. The roles sure have reversed...
As for manually forcing a particular signed binary for a specific device, the “Have disk...” or “manually select from” route still works without that developer mode nonsense.
>Proprietary drivers on Linux are often crap, if they even exist at all.
Not so with Nvidia GPUs. The open drivers are awful; the proprietary drivers are good.
(But IS the case with AMD GPUs, to the point where the proprietary driver seems to perform worse[0] and everyone pretends it doesn't even exist, which is upside down unintuitive coming from A.) Windows and B.) Nvidia.)
As a developer however, nvidia's closed source drivers are buggy as hell. The amount of issues and times they break the spec is astounding and a constant annoyance. AMD and Intel via the open Mesa drivers are blissful in comparison, plus the amazing debuggability.
I have to use their proprietary drivers and I beg to differ. Nvidia drivers are still crap, given all the pain you have to endure to get them running. Yes, nvidia has managed to sneak into the linux world through cuda but as far as ease of use, they are still nothing short of crap. Not to mention if you want to use anything other than ubuntu.
I would argue that Nouveau is bad purely because of poor performance, and the proprietary drivers are tolerable but perform well once you have them working.
One thing I can say for Nouveau over the proprietary drivers is that they actually work without any real fuss. I've run into numerous instances where the proprietary drivers would prevent the system from booting. And I've yet to get them to work at all with any realtime kernel in Manjaro.
And then we get into the nightmare that is any laptop with an integrated Intel GPU and a dedicated Nvidia GPU...
>I would argue that Nouveau is bad purely because of poor performance
That and, if you have a G-SYNC monitor (which, in retrospect, you shouldn't, but I and several friends of mine do), it won't work at all with the Nouveau driver. :D
The proprietary drivers are not "good". They don't support Wayland which has been the default on many distros for years. They also don't support prerelease or custom kernels. I had to build a custom kernel to include some patches for new hardware I just got and found out it was impossible for me to use the nvidia drivers on it. I ended up getting an AMD card because of that.
Linux purposely makes proprietary drivers crap. The kernel offers no stable binary interface so drivers become broken every single time linux updates unless the drivers get compiled as part of the kernel. This forces manufacturers to either decide that they will open source the drivers, not have any at all or put in the work to keep them up to date every release.
It seems like forcing the all or nothing choice made a lot of OEMs open source their drivers or provide none which lead to the community making them.
As the situation on windows shows us, the alternative is drivers that are crap for other reasons. If Linux offered a stable binary interface for drivers, we'd have proprietary drivers that "worked" but were nevertheless still crap insofar as they were essentially malware, as is the case with this wacom driver.
> Device managers don't care about Linux anyway, and wouldn't suddenly start caring if Linux announced a stable ABI.
From what I've seen, facilitating proprietary drivers seems like the motivation of most people lamenting the lack of a stable ABI. An example of this being the comment I responded to; "Linux purposely makes proprietary drivers crap. [...]"
Discounting proprietary drivers under the assumption that they wouldn't be written anyway, what does a stable ABI afford us? Out-of-tree FOSS drivers? In other words, drivers that aren't good enough to be accepted into the kernel?
Out of tree foss drivers are still not affected since you could most of the time just recompile them to work with the latest kernel.
Also when I said linux made proprietary drivers crap I meant that as a good thing. It lead to open source drivers where there otherwise would not have been. Some OEMs like AMD eventually went open source on linux while remaining proprietary on windows.
Probably because desktop users expect their hardware to continue to work for a long time and to keep up with OS updates. For mobile people have been conditioned to accept throwing away and buying a new device every 2 years.
No it doesn't, the devs refuse to provide stable in-kernel APIs because they want the flexibility to be able to modify them as they please when a better solution comes along. Also maintaining support for proprietary drivers is harder due to them being black boxes, not only in terms of debugging, but also in security and stability.
NVidia is basically the one major holdout these days, and its proprietary driver for Linux is very good, so it's not as if it's impossible to maintain a proprietary driver in the Linux ecosystem. The motivation here comes from Linux being huge in accelerated computing and 3d, not due to any particular love for Linux on Nvidia's part.
Indeed the lack of a stable interface has made it cumbersome to maintain a out-of-tree driver, which is GREAT since it means hardware vendors are more likely to open source their drivers or at least give enough documentation for them to be created by a third party. This ends up being a huge part of Linux's success, as it supports the widest range of hardware of any system 'out of the box', hardware support which is then functional on any platform on which Linux runs, which in turn is practically everything under the sun.
And if this wasn't enough, it is also a boon for alternative systems which will never see official proprietary drivers due to being niche, as they can port Linux drivers, or even add Linux driver compability layers.
Wacom has application specific settings for compatibility. You can't have that feature without tracking individual processes and that data would be important for any sort of troubleshooting. It should be anonymized and they should be clear about what they are collecting, but the data does have a legitimate and benign use at least.
Does this tracking data really need to be transmitted outside of the local environment, though? The driver simply needs to download a list of the available application profiles and compare it to the process list locally. Then, if a specific profile is available, it can request it and Wacom doesn't learn about the other processes running on the system.
Software side you're right, it makes sense for the driver to keep track of the current application for things like button binds, etc.
But that doesn't mean they need to transmit that information off your computer.
Although I agree, this is likely relatively benign, it's most likely useful as a market research tool to see what applications they should prioritize support/testing for.
Saw this two nights ago installing the driver on Windows 10. Read the UELA. Did not consent, closed the window. Is that good enough?
By the way, My tablet works MUCH BETTER on Ubuntu and Mint than on Windows 10. Krita and MyPaint are cross platform so I might just do my art on a *nix box instead.
Off topic, but would you be willing to expand on your Linux experiences with this?
I'm currently doing all of my digital drawing on an old SP3 tablet running Manjaro, via Krita. The driver support is... acceptable, I guess. Krita has more than a few annoying edges, but shows a lot of potential so I've been sticking with it.
For a long time I've been considering springing for a dedicated setup with one of Wacom's larger devices, but I've held back because I need it to have completely solid Linux support and I can't figure out how to test that in advance. I'm always curious to get more info about what issues other people have seen.
I wish I could find a physical store where I could just bring in a laptop, plug it into the actual device, and draw for maybe an hour to figure out if there are any dealbreaking problems.
"Off topic, but would you be willing to expand on your Linux experiences with this?"
I'm using a Wacom Intuos pen & touch M graphics tablet, connected to a Thinkpad 430. Over the years I was using Debian Stable, MINT, and finally Ubuntu.
The experience is great. Like I mentioned, much better than windows. I only just started to use Krita (I prefer MyPaint, however I feel I should branch out). The work I do isn't special, just stupid doodles and cartoon type of stuff. The wacom I'm using is older, I think I bought it 5 years ago or so.
I don't really have much to add besides that. I remember WAYYY back in the day having to compile the driver myself for an older wacom (Ubuntu 6 or 7 era). It's practically plug and play now, however, I think there is some other apt-get stuff that I did once for some reason that I forget (eraser wasn't working?). If you are having issues maybe try another tablet. I think the one I have can be bought for $50 on ebay. Maybe try a 30 day return place like best buy and sorry to say try the latest ubuntu or mint for compatibility (have a dedicated art machine?)
This is just one of many reasons to use StevenBlack's Hosts [1] list to block this type of behavior. While it doesn't currently block link.wacom.com, it would have prevented the subsequent requests google analytics. It works even better when paired with a PiHole [2] to protect all devices on the network.
I mean I put Pihole on all my networks but this is at best a solution to “nice malware” that doesn’t bother to hardcode addresses or perform lookups via an attacker controlled DNS server.
You can catch slightly more aggressive malware by forcing all DNS traffic to your server at the network level but you’re now playing the role of malicious network operator. I would whitelist this to only devices you own.
I don't think anyone would make the argument that a PiHole is a replacement for following best practices in terms of computer and network security. I'm just pointing out that a PiHole can block google analytics and other common violators of privacy. Its not a security tool and isn't advertised as such.
Sadly, some of these list don't currently include google-analytics.com since some sites would otherwise break as a result. So when using one of these hosts files it's often a good idea to double check whether they include Google's domains first.
(Also sad to say that GA is so big that a lot of websites/app rely on it)
Wow, that's weird. I don't remember ever seeing one site like that. Can you point one out? I mean, GA has been blocked at my places since 2015, and I don't remember anything ever was broken, on phone or desktop.
Can't think of any specific sites, but it's happened to me a few times. It's usually because there's bad code that's waiting on the GA init function before doing anything else.
This is why some blockers like uBlock Origin stub out the Google Analytics interface.
Microsoft has started resetting hosts files which is really annoying with Defender, can't seem to disable it either. Annoying when deving on a local server!
Hosts files are literally the devil. They break so much shit. Hostnames sometimes change behavior (like an ad server that starts hosting a redirect script for legitimate clicks), kids who are "good with computers" set them up on relatives computers over the holidays unmaintained, malware that uses them to block antivirus updates, etc.
If you want to block ads, fine. Use a content aware proxy or browser extension.
Using browser extensions to block ads is much higher risk than doing DNS blocking. Most ad blockers have full access to all web pages, which essentially means they could trivially scrape your usernames/passwords for your email/banks/etc or perform actions on your behalf.
There's room for this to go bad (AdBlocker dev turns bad, or sells extension to a bad guy for a wad of cash, or extension has security vulnerabilities, or keys for publishing extension are not propery secured) so while DNS-level blocking might not work as well, it's definitely not an obviously-worse solution.
(though FIWI PiHole in the past had some really agressive default lists which stopped my from using it - though I set it up again recently and it's been much better - I haven't had any broken websites besides Amazon's own sponsored product links at the top of their own search results pages).
I don't know enough about webdev, but why is google analytics request sent by the client? Wouldn't it be easier for the webhost to send a request to google "this IP with this browser connected to me requesting this content", making it impossible to block on the client side?
Real shady devs already don't do this. All signs here point to "salaried employees being asked to implement a feature, and just following the ticket to the letter".
On their website, they list their plans Enterprise through Community, left to right. That's the opposite of what's standard and immediately makes me wary.
They might be great, I don't know. But if something as non-standard as that is done, what other weirdness behavior does their software have?
I'm fine with Wacom collecting this kind of data as long as it doesn't open any security holes. There are certain classes of products where I would not care what they collected as long as it was relevant to improving the product. i.e. Wacom wants to know popular apps I use my tablet on, ok. If they wanted to know my approx location though then I'd be alarmed.
Then they should be very open, up front, and explicit about asking for your consent, including describing what they will be collecting, and also making it very clear you can decline without negative consequences.
I'm fairly comfortable with data collection if the user opts in, but the current trend--dark patterns where you put out a blanket "we will collect stuff" disclaimer that lacks any specifics, while not making it clear what the consequences are of declining--is deeply troubling and, I hope, becomes illegal thanks to things like GDPR and CCPA.
Who said you said that? If you had done the research you would have not mentioned ADs. Where in the world does one get the idea they can places ADs on the hardware? Your commentary looks very very low effort snide attempt at humor. There is zero substance in the post as there isn't anything to discuss in it.
> Wacom’s privacy policy does say that they only want this data for product development purposes, and on this point I do actually believe them.
That piece from the post alone makes me wonder if you read that in the post as well before you commented. There are many things one can do with data, assuming they could use it for advertising with no reasoning behind it is very low effort.
[...] Please respond to the strongest plausible interpretation of what someone says, not a weaker one that's easier to criticize. Assume good faith. [...]
Interpret what you want. The comment was upfront very low effort and derogatory.
Wacom makes premium products for professionals, is a vendor for their premium digitziers and uncontroversial. You don't need two minutes to find what products they make to find that ADs are not remotely viable on the hardware.
The comment was hastily posted and lazy and for that one can assume that the poster did not own the products and I was correct, so read what was posted before coming to your conclusion that what my comment was done in bad faith.
Nowhere else in article or comments under it has anyone mentioned the possibilty of ADs on a drawing tablet or the digitizer hardware they provide for many products outside of their own. It is like saying because you bought a Mac that Apple can use your data for advertising even though they explicitly said they use it for product development.
There is no strong interpretation or defense of that person's comment. If you have a strong interpretation of that post that you want to add, put a comment with the interpretation or go to another and ignore this one thanks!
I received one as a gift but, to be honest, I never used it after seeing the obscure mandatory propietary format to save the files. If I can't open my files later in GNU and there is not a method at sight to save it as jpeg, png, etc... is useless. Just a cheap model probably. Collecting dust somewhere.
My other wacom, and older model, was awesome as a mouse replacement; but it toke months to work in Linux and I don't feel too much inclined to repeat the experience.
I was a species of "mid-early adopter", probably. All should be much easier now. In any case I eventually stopped to use the older model because it was just a little cumbersome to move it around with the laptop all day.
It was a nice piece of hardware. Is a pity to hear that they are now tracking what users do with their computers. For me this is a no-way (It seems that I did the right thing dismissing the second model).
Wacom tablets work fine in Linux, Gimp, Krita, etc. in my experience (and haven't required significant setup for over a decade). Why are you trying to use obscure proprietary software instead?
> Why are you trying to use obscure proprietary software instead?
I'm not trying. In fact, I rejected that Wacom tablet exactly for that.
Some time ago when you unbox a product it was not uncommon to hear something like: "Sorry but as you are a Linux user we, the makers, will try to make your journey miserable not providing any support. Ha haa!. Maybe some volunteer working for free will fix this new model in six months. Maybe not".
Sorry maker but as you don't provide drivers for users like me, I will not use it. Bye. Have a good day.
Bravo for a really well written article. I'm interested in this kind of thing but not familiar with techniques & tools used, so it was really nice that the author included lots of detail, reasons for doing things, etc.
Sidecar step 1: upgrade your Mac to Catalina, lose access to all your 32-bit apps. Including that treasured copy of the last version of Adobe's apps you paid good money for before they switched to a subscription-only model.
Not everyone who uses a Wacom tablet is a bedroom illustrator, even a professional bedroom illustrator. Many projects simply don't fit, and most professional applications do not have their full version available on the iPad, and that will likely continue to be the case indefinitely.
They are still the really popular is both the professional (>$2000+) and the ultra cheap market segment (<$50). iPad doesn't really cater to either of those cases.
It's really great. iPad + Apple pencil feels better for making marks, and the Cintiq Pro is just a bit behind in drawing feel but more capable overall.
That's actually really good to know. I used to own a wacom (pronunciation war: It's Whack-om haha) about 10 years ago for drawing - I don't think I would buy one now until they walk this one back (and push it off the cliff to die).
> Why does a device that is essentially a mouse need a privacy policy
I mean, crash logs, but yes -- defining question for our time
drivers shouldn't connect to the internet unless that's what they're for. crash logs should be managed by a third party thing that the user can configure
These days I assume that if something is possible, profitable, and legal, it's being done. Sometimes I question whether there's a company executive on earth who doesn't deserve to get stood up against a wall.
"In some ways it feels unfair to single out Wacom." - Uh no, it is completely fair to single them out and put them in the spotlight for doing this kind of tracking.
I think the statement was meant to indicate that this kind of behavior is well-nigh ubiquitous, so the only thing really different about Wacom is that they're the one we're talking about, when they are by no means the worst offender.
I'm sure that's exactly what it means -- but it's still fair to call out individual companies that engage in this misbehavior. That others are doing it as well isn't important.
468 comments
[ 5.7 ms ] story [ 363 ms ] threadI'm not sure what that has to do with a third party peripheral. You may be confusing a Wacom tablet for something like an iPad or Nexus 7?
EDIT: For others who may be confused, a Wacom tablet is used to provide a pen/stylus interface to a computer. It's an additional peripheral, similar to your keyboard or mouse, for your computer. It is not a standalone independent computing platform.
They do mostly make external pen input devices, with or without screens. Which people have been calling “drawing tablets” since loooong before “tablet computer” was a phrase anyone used outside of maybe science fiction.
GP must have confused with the currently better known use of tablet, which is a full-blown computer with touch screen and no keyboard.
> How do I know that data doesn’t go back to Apple with “telemetry”?
By checking the privacy policy. Also, you can opt out of telemetry on iOS.
As a better example, suppose it were a game controller. Then the question "what games are people using this controller with?" seems quite reasonable. Filter to games only and anonymize the data and that would be fine.
[1] https://www.reddit.com/r/privacy/comments/8klf7a/razer_synap...
[2] https://www.techradar.com/news/razer-synapse-3-app-delivers-...
More broadly, we need to get away from this whole "but don't other people do the same thing?" dialogue when it comes to privacy. Yes, these issues are prevalent. That doesn't mean it's trivial---quite the opposite, in fact.
> Help Apple improve its products and services by allowing analytics of usage and data from your iPhone.
It’s enabled by default, but when you set up a new iPhone, it prompts you and gives you a button to turn it off (it’s not just buried in settings).
Makes me think one should try declining these kinds of agreements to see what happens, before accepting. As someone who also has an "anti-privacy-policy-policy," I wonder how many of these kinds of things I've agreed to when it was unnecessary.
Might be different with the latest update, I haven’t bothered with that.
I can see an app like autohotkey could click the "no" button and automatically remove it, but could you (assuming it's not modal; which it probably is) tell Windows not to show it?
No idea about Windows, I never use that.
That said, yep, it seems lame they don’t disclose this tracking. I can understand why they’d want to know what apps their device pairs most often with, but tracking all app opens seems aggressive, but maybe it’s the only way to identify what app is open when the device is used.
(I work for an analytics company)
But why are they sending this data to a server? My best guess is that this helps them focus on what software people are using. This allows them access to the popularity of graphic applications. They get to see what percentage of users use say Photoshop vs [Other program here] - so they know where to prioritize integrations and testing.
But I'm not sure how much "integrations" or work with third parties Wacom does - the drawing tablets are following an api standard after all. But maybe wacom does work directly with application devs, I don't really know.
I doubt they're doing this to try to track individual users - even if there are ways to do it. That said I really wish they approached this with a more friendly "Would you like to enable some basic Telemetry to improve Wacom products - Yes, No" instead of a very unfriendly user agreement where they try to force it.
That's not what they are saying at all, and suggesting it's for nothing proves you don't understand the value of using the data for internal decision making. Simply put: the main use of this data is for that reason: internal decision making. Answering questions like:
* How are our customers using our products? * What errors are they experiencing? * What features are they using? * Where are they confused? * What features cause the most problems? * What feature should we work on next?
These are all regular questions that are answered by collecting these types of metrics, including the one described in this post. Selling the data to third parties isn't easy. The data is generally gathered to inform product decisions, not to sell, so it's not in any easy format that makes it easy to sell. One has to go out of their way to sell this data, and the cost to put together this data in a way that's useful to sell would almost certainly cost more to setup and manage than they would get from such a small number of relative users.
The simple fact is, everyone sends data back to their servers for collecting and parsing, including Apple, the company everyone puts on a pedestal for privacy.
Simply put: show me the evidence they are selling the data to third parties for profit. Anything less is speculation.
But trusting companies to do the right thing is untenable. That trust has been broken far too often, by far too many companies. The only rational position a concerned user can take is to assume that anybody collecting such sensitive information (particularly in a sneaky way) intends to monetize it or use it for purposes other than product improvement.
And even if the data really will only be used for product development, getting the user's informed consent -- and refraining from data collection without it -- is critical.
Further, using GA automatically means that the data is being used for Google's purposes as well as the application creator's.
For small/mid-size datasets (which is what we're talking about), yes, that's exactly what I'm implying. It's not actually easy for most companies to sell user data for a quick buck like is being claimed.
Also I don't know all the details here - I know that Vizio TVs where collecting data and explicitly kept the IP and other personal data with it. I don't know if wacom is doing that.
Now that said - I don't like that they're handing this data to Google through Google Analytics. I also think they should be far more up front about what they collect, what they use it for, etc.
What happened to actually communicating with users to learn more about how they use the product?
It's not challenging to see why someone might choose a one-time cost in software engineering over an ongoing cost in communication.
It's not hard to see how to do it right.
I was attempting to illustrate the decision-making processes that may have led to this juncture and what happened to communicating with customers. Please accept my apologies, as I have plainly failed to be clear that this was not an argument as to the moral or ethical questions concerned.
Again, you're completely right. It's not at all difficult to see the morally and ethically correct way to go about this.
1) Pop up and ask for permission to scan the machine.
2) Show the data collected that will be sent back and give a second chance to decline.
3) Allow everyone to see the aggregate results.
Being mostly automated, it's lower friction than a manual Q&A survey. But it also feels way more respectful that trying to snoop around and then clandestinely exfiltrate the data. It's one of the few cases where I'm willing to opt-in to data collection.
From a game developer perspective, looking at it right now tells me that (simplified):
* Most gamers have at least a GTX 1050 and 8GB of ram or higher. Perfect now we know where to aim our medium settings.
* 74% use Nvidia GPUs, 15% use AMD - now we know where to focus driver optimizations
* English, Simplified Chinese, and Russian are the top languages (where to focus translations)
* 72% play on 1080p, 14% on 1440p, etc. Tells us what resolutions to make sure our UI works on.
(and yes, the obverse inference is also true. If you see one person complaining, there are probably 99 more who have had the same issue and have said nothing)
https://www.nngroup.com/articles/first-rule-of-usability-don...
"watch users as they attempt to perform tasks"
If you want to put resources into "hey folks like to use this product with ours" you need accurate information.
I work on a product, and we include some telemetry. I'm also a strong privacy advocate, and I believe I've done my best within the corporate realm to ensure that the data we're collecting is extremely scoped AND useful for decision making and prioritization. In my experience, there aren't that many of me, but I implore folks to realize that as PMs and engineers, we absolutely do have a say in making sure that blanket data exfiltration and aggregation doesn't happen in our products.
Communicating with your customers proactively about what you're collecting and why is important too. And not buried in some privacy policy legalese: publish a blog post, explain what you're gathering, give examples of how it's driven decision-making for you in the past, and what you're hoping to learn in the future. It goes a long way.
Because I will only say "Yes" if I'm being paid or otherwise compensated specifically for that input.
I think it's important companies pay for usage testing so that they value that information and are more likely to hold it closely since it represents an investment and is perceived as competitive advantage.
Transparency, consent, and control.
If every company addressed these three issues, we wouldn’t be having this conversation about privacy and data collection over and over and over.
What I'm addressing is that I feel many people see a company tracking data, and assume this data is valuable enough to sell, and that the data is for sure being sold.
My point was that the data isn't just valuable to sell (maybe), but is legitimately valuable in making a better product/service.
Maybe if it were only used for that it wouldn't be so bad. But I don't trust a company not to take another bite at the apple by selling customer data if they think they can get away with it. Matter of fact, refusing to do so is leaving money on the table and could get a CEO fired for not making the company as profitable as it could have been. Once companies have the data, they are almost certainly obligated to use it in ways to their benefit and your expense.
I don't think anybody is disputing that. But that its very valuable to devs does not excuse collecting it without getting the user's informed consent first.
> In section 3.1 of their privacy policy, Wacom wondered if it would be OK if they sent a few bits and bobs of data from my computer to Google Analytics, “[including] aggregate usage data, technical session information and information about [my] hardware device.”
What wasn't upfront about this? That they didn't add more details about what the session information was? Legally why would they? The post includes an image the section where they legally disclosed it. People not reading the privacy policy before using a product is not Wacom's legal problem.
Can you ask them to put this section on a separate screen? Sure. Will they do it? Who knows. I'm sure they'd want to know if you are a customer giving ideas than a low priority non customer as would any person.
How many blogs or websites disclose the use of Google Analytics in their privacy policy?
You could talk to many customers and this is the least thing they have on their minds. Paranoia displayed by commenters here is amazing.
As the post concludes, if you are a (prospective) customer who does not like what they collect then there are other brands. I might add who probably have a hidden, more intrusive way to track you because they are smaller, have smaller volume/margin and have the incentive to build and sell your profile like other small companies not in the field.
Seems the obvious answer, yep.
I believe wanting it for product development is just as simple.
My tablet behaves differently per application. If I typically have one app open only on one screen I can limit the tablets "workspace".
Context-specific buttons based on app.
And if you're doing that _and have build sufficient app infrastructure around it_ as Wacom has to support fairly custom per-app behavior, the more realistic conclusion is that they're trying to get more info on that - now you can argue about opt in on the "share experience data" privacy setting - and I would agree, absolutely.
But "more simple to say that they're just selling data for money" is a pretty reductionist argument that jumps solely to the most negative possible motivation. "What's the worst they could be doing with it? Selling it? That's probably what they're doing, not making their tool more useful."
For me Occam's Razor points towards internal analytics.
That said, yep, it seems lame they don’t disclose this tracking. I can understand why they’d want to know where their pairs of shoes most often travel, but tracking all gyms seems aggressive, but maybe it’s the only way to identify what gym floor the shoes were used in.
(I work for Adidas)
Pretty much every site you visit puts PII in the title, which the browser dutifully includes in it's title.
GSuite leaks my email address:
Desktop apps are pretty much no different.Outlook leaks my email address, and subject lines of emails or meeting information:
Visual Studio leaks filenames, repository information: Pretty sure most office suite and Adobe apps will do something similar.[0] https://news.ycombinator.com/item?id=22236106
Heya - I could swear that wasn't there when I originally wrote the comment, but obviously it is there. Thanks for pointing that out. With that said, it doesn't change the substance of my comment too much - as I pointed out one can get a pretty solid unique identifier many ways, not limited to what I said above, you could even call out the presence of a permanently identifying header that Chrome gives some users[0].
[0] https://news.ycombinator.com/item?id=22236106
... that has per-application configuration settings that change how the tablet can be used. They aren't just wantonly collecting unrelated data. They have features tied to this.
I read the whole article to see if there was any mention of app-specific config. Doesn't come up once.
If, and only if, I had set up an app-specific config, then maybe Wacom would be vaguely justified in tracking when I open that specific app.
'wantonly collecting unrelated data' is exactly what they're doing.
Most companies aren't well-oiled, gigantic machines of user-data-manipulation. I'm sure there is a better way for Wacom to do things. I'm also pretty sure their staff are doing the best they can.
It makes it feel less nefarious, I guess. But I still don't want a C&C server knowing this much about me.
For me, I've used it to make the pen work like a touchpad stylus while normally working, but map to the screen corners when working in photoshop.
The problem then seems to be more about the false positives. If you use "Half Life 3 Test Build" that is useless info for wacom because it (presumably) doesn't care about pen input. Q: If the data were filtered to just art/graphics apps using the pen, would that still be problematic?
Yes. When thinking about data, you need to think about orthogonal uses. Can you imagine reasons why someone might subpoena data to determine whether Photoshop was being used on my home desktop machines at a particular time? They might not care that it was Photoshop at all.
What about aggregate data limited to art apps? For example if it only sends a monthly summary: used photoshop with a wacom tablet for 15 hours this month, illustrator for 3 hours this month?
> What if this information is indirectly used for trading on ADBE stock? Would that be considered OK ?
Obviously yes? What is supposed to be the issue here?
I think any attempt to exfil data not required by the function of the tool should be clearly and transparently disclosed, the use of those disclosures backed by the force of law, and opt-in. This is obviously far from where we are.
Because of that, I would block it no matter what. In a better world, I would selectively allow some instrumentation and such, but as-is, there is no way to trust any of it.
So I'm the wrong person to ask.
Well with the proviso you stated that informed consent has been obtained first, then this would be fine (as would more frequent/less targeted collection). If not, then this is not fine.
Yes.
On the other hand leaking the list of apps on your local computer, and to a third-party to top it off, is unexpected and thus more harmful.
Given that the Wacom utility is full of app-specific references and "customize your tablet, per app", I'd say that this is on par.
Ask random person, "Hey, do you know that when you visit John's blog, he sends your information to Google, too, not just himself?" and I guarantee you the answer is probably closer to 7% than 70%.
> Has this investor got a beta build from that new startup everyone's talking about? Their bets are always winning, I better frontrun them if that's the case.
> What apps could I exploit to get into this guy's computer?
> Wait why is my employee suddenly running tor browser after I involved her into this new secret deal? Better be careful with her, she might be talking to someone.
> Damn, our competitor's engineers are all running our app. Let's correlate the timestamps with our own backend to discover their accounts and push a special update to them.
Google receiving browsing histories for a single website is rude, but it probably isn't a serious problem for many websites (although the risk will depend on the nature of the website). In isolation, the fact that Alice read Bob's webpage isn't isn't very interesting, but Google can aggregate that data into s very accurate pattern of life[1].
> Is it not anonymised?
Not for any meaningful definition of "anonyms". At best GA will zero the low 8 bits of the IP address by request of the website. (The opinion of the person visiting the website apparently isn't worth considering) See this[2] post for a more detailed explanation of GA's perfunctory "Anonymize IP" feature.
[1] https://en.wikipedia.org/wiki/Pattern-of-life_analysis
[2] https://news.ycombinator.com/item?id=15167059
I block it because the data it collects is none of Google's business. Being "anonymized" doesn't make it any better.
GA is used by countless websites. It's likely hooked into the adwords codebase so that they can track websites you visit even if that website does not have Adwords ads on it.
HTTP Log analysis is slow, and requires a lot of server side setup. Also, it will not give you navigation events in a SPA.
Using GA... just drop a line of JavaScript and you are done, with near real-time insights that are more detailed than an access log. You don’t need any server conf, or extra knowledge (not even JS knowledge: copy & paste the embed code). And Google gives you that for “free”... that’s why tons of sites doesn’t care about Http access log analysis anymore.
For desktop apps is easy too. The GA API is very simple: send the app id, event + any event data you want. Your dev team can do that with self service (no need to setup a service, no extra costs to handle data).
But as far as I can tell, there's not equivalent Open Wacom drivers for Windows. People with more Windows knowledge than me: any thoughts on why? Is it just that someone using Windows probably doesn't care about Open drivers, so the demand isn't there? Or is there something about Windows that makes substituting drivers harder?
Wacom doesn't provide their own Linux drivers, but looking at the state of drivers around GPUs, printers, I vaguely suspect that somebody in Linux would be working on Open alternatives even if they did. I'm trying to think off the top of my head what Windows-compatible hardware has 3rd-party driver options. Maybe some printers?
[0]: https://linuxwacom.github.io/
Even then, to me the drivers on Linux have been perpetually less buggy. On Windows I found myself needing to restart the usermode service and restart applications frequently, especially if the USB connection was unreliable. The Linux driver did not have similar issues.
For example, you’ll never have to follow this guide on Linux: https://www.deviantart.com/kiiroikat/art/How-to-Fix-Wacom-Dr...
I don’t recall having issues with the Mac drivers either.
2. If you’re referring to a Windows open source Wacom driver, one already exists, as mentioned elsewhere in the thread, though it has a pretty specific purpose in mind. https://github.com/hawku/TabletDriver
I assumed your comment was also about that, I didn't expect that you were ignoring the context of the conversation and just commenting about whether the current driver was buggy or not. Sorry.
If you are talking about GNOME’s Wacom settings, then I can understand the confusion: under Windows this would be part of the driver package, but under Linux this bit just happens to be completely unrelated and maintained by GNOME. I realize this does not matter much to the end user but it kind of matters in the context of this discussion; the bugs aren’t inherent, they are probably mostly a result of how the software ecosystem works on Linux...
The cynical side of me wonders how long it will be before prosecutors argue, with a straight face, that using evidence obtained from mass surveillance against people using Microsoft Windows is okay because Microsoft collects a massive amount of data so nobody should expect their files and activities to remain private; that there is or should be no expectation of privacy on such a system.
And then how long until warrant applications come in with supporting evidence that the subject of the warrant uses Linux and therefore their increased desire for privacy is prima facia evidence that they're doing something illegal.
The latter is a tougher desecration of the constitution to sell.
The NSA is already selecting people with "Linux" and "Tor" in their search histories for added scrutiny.
Source for this? If it's true it would be both sad and hilarious.
These were made to reduce input latency to increase performance in a rhythm game called "osu!"
Never thought of using a tablet for it, but I am so going to try that!
This, perhaps not, but Linux distros track app usage, too: https://popcon.debian.org/
[0] http://www.linuxandubuntu.com/wp-content/uploads/2019/07/con...
See https://popcon.debian.org/FAQ (thanks to toastal for the link).
Edit: Debian uses relatime by default. I don't know about other distributions.
Add that to the complications that already arise from interfacing a 3D (touch sensitivity) precision input device with a computer and you end up with poor official driver support, and even worse community driver support
It is certainly on Wacom for not providing better drivers to Linux, but neither is the FOSS solution a complete one.
Proprietary drivers on Linux are often crap, if they even exist at all.
In the 90s, software modems ("winmodems", see [0]) were popular because they were cheaper than using dedicated hardware for generating and decoding the audio signals sent over the phone line. Those would break if the manufacturer didn't upgrade their driver for newer versions of Windows, since they're completely software driven.
I'd be very surprised if things have changed since then, and I bet that the majority of consumers would just pick the cheapest option at the big box store.
[0] https://en.wikipedia.org/wiki/Softmodem
Now most Linux distributions are littered with binary blobs in linux-firmware that have to be loaded for everything from Wi-Fi to Bluetooth. We've gone the total opposite direction of where we should be .. except for like .. amdgpu.
It would be a full two years before I would see any other home users on anything other than dialup. 750k down in 2001 was so impressive, you could start listening to songs on Kazaa as soon as the download started!
So that puts a little damper on the whole "open source" thing. Of course it is also not effective at all, Stuxnet was famously signed by Realtek.
This is arguably worse security wise but it makes the driver install process identical to the way it used to be as far as the average consumer can tell. This is why (IMO) free software is so important, to the point where I’ve begun to agree with the radicals and think it should be mandatory.
Is this different than the local CA cert list? Sorry I don’t use Windows.
https://docs.microsoft.com/en-us/windows-hardware/drivers/in...
These hurdles are a bigger impediment than they appear.
Not so with Nvidia GPUs. The open drivers are awful; the proprietary drivers are good.
(But IS the case with AMD GPUs, to the point where the proprietary driver seems to perform worse[0] and everyone pretends it doesn't even exist, which is upside down unintuitive coming from A.) Windows and B.) Nvidia.)
0: https://www.phoronix.com/scan.php?page=article&item=nvidia-a...
One thing I can say for Nouveau over the proprietary drivers is that they actually work without any real fuss. I've run into numerous instances where the proprietary drivers would prevent the system from booting. And I've yet to get them to work at all with any realtime kernel in Manjaro.
And then we get into the nightmare that is any laptop with an integrated Intel GPU and a dedicated Nvidia GPU...
That and, if you have a G-SYNC monitor (which, in retrospect, you shouldn't, but I and several friends of mine do), it won't work at all with the Nouveau driver. :D
Good by comparison to nouveau (the open source driver) perhaps, but definitely not good compared to the open source intel/AMD drivers.
It seems like forcing the all or nothing choice made a lot of OEMs open source their drivers or provide none which lead to the community making them.
As the situation on windows shows us, the alternative is drivers that are crap for other reasons. If Linux offered a stable binary interface for drivers, we'd have proprietary drivers that "worked" but were nevertheless still crap insofar as they were essentially malware, as is the case with this wacom driver.
Device managers don't care about Linux anyway, and wouldn't suddenly start caring if Linux announced a stable ABI.
From what I've seen, facilitating proprietary drivers seems like the motivation of most people lamenting the lack of a stable ABI. An example of this being the comment I responded to; "Linux purposely makes proprietary drivers crap. [...]"
Discounting proprietary drivers under the assumption that they wouldn't be written anyway, what does a stable ABI afford us? Out-of-tree FOSS drivers? In other words, drivers that aren't good enough to be accepted into the kernel?
Also when I said linux made proprietary drivers crap I meant that as a good thing. It lead to open source drivers where there otherwise would not have been. Some OEMs like AMD eventually went open source on linux while remaining proprietary on windows.
Is there a reason the Linux folks don't do something about this? If I were them I wouldn't be happy seeing my licensing terms treated like a joke.
What happens instead is Linux drivers are mostly BSD ports. Go figure.
Not finding that now, though there's a 2014 discussion of a driver wrapper for FreeBSD to access Linux device drivers:
https://www.phoronix.com/scan.php?page=news_item&px=MTgzMjY
Linux of course also makes use of some driver wrappers, the most well-known of which is probably NDISwrapper, supporting wireless networking cards:
http://ndiswrapper.sourceforge.net/wiki/index.php/Main_Page
No it doesn't, the devs refuse to provide stable in-kernel APIs because they want the flexibility to be able to modify them as they please when a better solution comes along. Also maintaining support for proprietary drivers is harder due to them being black boxes, not only in terms of debugging, but also in security and stability.
NVidia is basically the one major holdout these days, and its proprietary driver for Linux is very good, so it's not as if it's impossible to maintain a proprietary driver in the Linux ecosystem. The motivation here comes from Linux being huge in accelerated computing and 3d, not due to any particular love for Linux on Nvidia's part.
Indeed the lack of a stable interface has made it cumbersome to maintain a out-of-tree driver, which is GREAT since it means hardware vendors are more likely to open source their drivers or at least give enough documentation for them to be created by a third party. This ends up being a huge part of Linux's success, as it supports the widest range of hardware of any system 'out of the box', hardware support which is then functional on any platform on which Linux runs, which in turn is practically everything under the sun.
And if this wasn't enough, it is also a boon for alternative systems which will never see official proprietary drivers due to being niche, as they can port Linux drivers, or even add Linux driver compability layers.
But that doesn't mean they need to transmit that information off your computer.
Although I agree, this is likely relatively benign, it's most likely useful as a market research tool to see what applications they should prioritize support/testing for.
There is a pretty big between crash/error reporting vs constantly throwing data into Google Analytics.
I say: better to be incompatible instead.
By the way, My tablet works MUCH BETTER on Ubuntu and Mint than on Windows 10. Krita and MyPaint are cross platform so I might just do my art on a *nix box instead.
I'm currently doing all of my digital drawing on an old SP3 tablet running Manjaro, via Krita. The driver support is... acceptable, I guess. Krita has more than a few annoying edges, but shows a lot of potential so I've been sticking with it.
For a long time I've been considering springing for a dedicated setup with one of Wacom's larger devices, but I've held back because I need it to have completely solid Linux support and I can't figure out how to test that in advance. I'm always curious to get more info about what issues other people have seen.
I wish I could find a physical store where I could just bring in a laptop, plug it into the actual device, and draw for maybe an hour to figure out if there are any dealbreaking problems.
I'm using a Wacom Intuos pen & touch M graphics tablet, connected to a Thinkpad 430. Over the years I was using Debian Stable, MINT, and finally Ubuntu.
The experience is great. Like I mentioned, much better than windows. I only just started to use Krita (I prefer MyPaint, however I feel I should branch out). The work I do isn't special, just stupid doodles and cartoon type of stuff. The wacom I'm using is older, I think I bought it 5 years ago or so.
I don't really have much to add besides that. I remember WAYYY back in the day having to compile the driver myself for an older wacom (Ubuntu 6 or 7 era). It's practically plug and play now, however, I think there is some other apt-get stuff that I did once for some reason that I forget (eraser wasn't working?). If you are having issues maybe try another tablet. I think the one I have can be bought for $50 on ebay. Maybe try a 30 day return place like best buy and sorry to say try the latest ubuntu or mint for compatibility (have a dedicated art machine?)
[1] https://github.com/StevenBlack/hosts
[2] https://pi-hole.net/
You can catch slightly more aggressive malware by forcing all DNS traffic to your server at the network level but you’re now playing the role of malicious network operator. I would whitelist this to only devices you own.
In some VMs / computers, I'd like to whitelist Internet domains instead of blacklisting, for security reasons.
Edit: Seems PiHole supports whitelisting: "Manage White And Black Lists" https://pi-hole.net/
(Also sad to say that GA is so big that a lot of websites/app rely on it)
Wow, that's weird. I don't remember ever seeing one site like that. Can you point one out? I mean, GA has been blocked at my places since 2015, and I don't remember anything ever was broken, on phone or desktop.
This is why some blockers like uBlock Origin stub out the Google Analytics interface.
When I find a site with this problem I go elsewhere.
Hosts files are literally the devil. They break so much shit. Hostnames sometimes change behavior (like an ad server that starts hosting a redirect script for legitimate clicks), kids who are "good with computers" set them up on relatives computers over the holidays unmaintained, malware that uses them to block antivirus updates, etc.
If you want to block ads, fine. Use a content aware proxy or browser extension.
Using browser extensions to block ads is much higher risk than doing DNS blocking. Most ad blockers have full access to all web pages, which essentially means they could trivially scrape your usernames/passwords for your email/banks/etc or perform actions on your behalf.
There's room for this to go bad (AdBlocker dev turns bad, or sells extension to a bad guy for a wad of cash, or extension has security vulnerabilities, or keys for publishing extension are not propery secured) so while DNS-level blocking might not work as well, it's definitely not an obviously-worse solution.
(though FIWI PiHole in the past had some really agressive default lists which stopped my from using it - though I set it up again recently and it's been much better - I haven't had any broken websites besides Amazon's own sponsored product links at the top of their own search results pages).
I love how he MITM'd Wacom on his host machine. Slick!
Also this: "I dug around in the driver’s logfile and found the following snippet that confirmed my suspicions..."
Arms race time: this is an alert to shady developers to not put meaningful messages about data collection in their log files.
Burp suite is amazing and more people should use it. That is all.
They might be great, I don't know. But if something as non-standard as that is done, what other weirdness behavior does their software have?
It's worth learning though. I haven't found a better intercepting proxy, and the community edition is pretty powerful.
I'm fairly comfortable with data collection if the user opts in, but the current trend--dark patterns where you put out a blanket "we will collect stuff" disclaimer that lacks any specifics, while not making it clear what the consequences are of declining--is deeply troubling and, I hope, becomes illegal thanks to things like GDPR and CCPA.
FWIW, I don't use a Wacom tablet but my daughter does. I personally use Procreate on an iPad Pro.
> Wacom’s privacy policy does say that they only want this data for product development purposes, and on this point I do actually believe them.
That piece from the post alone makes me wonder if you read that in the post as well before you commented. There are many things one can do with data, assuming they could use it for advertising with no reasoning behind it is very low effort.
https://angel.co/company/wacom-1/funding - Doesn't take two minutes to find this. >_>
[...] Please respond to the strongest plausible interpretation of what someone says, not a weaker one that's easier to criticize. Assume good faith. [...]
Wacom makes premium products for professionals, is a vendor for their premium digitziers and uncontroversial. You don't need two minutes to find what products they make to find that ADs are not remotely viable on the hardware.
The comment was hastily posted and lazy and for that one can assume that the poster did not own the products and I was correct, so read what was posted before coming to your conclusion that what my comment was done in bad faith.
Nowhere else in article or comments under it has anyone mentioned the possibilty of ADs on a drawing tablet or the digitizer hardware they provide for many products outside of their own. It is like saying because you bought a Mac that Apple can use your data for advertising even though they explicitly said they use it for product development.
There is no strong interpretation or defense of that person's comment. If you have a strong interpretation of that post that you want to add, put a comment with the interpretation or go to another and ignore this one thanks!
My other wacom, and older model, was awesome as a mouse replacement; but it toke months to work in Linux and I don't feel too much inclined to repeat the experience.
It was a nice piece of hardware. Is a pity to hear that they are now tracking what users do with their computers. For me this is a no-way (It seems that I did the right thing dismissing the second model).
I'm not trying. In fact, I rejected that Wacom tablet exactly for that.
Some time ago when you unbox a product it was not uncommon to hear something like: "Sorry but as you are a Linux user we, the makers, will try to make your journey miserable not providing any support. Ha haa!. Maybe some volunteer working for free will fix this new model in six months. Maybe not".
Sorry maker but as you don't provide drivers for users like me, I will not use it. Bye. Have a good day.
They do not laught so much today
https://www.kali.org/downloads/
(Also make sure to check out Maltego, Metasploit Framework and Armitage.)
How was the day he got famous internally in Wacom, just because some XML that no one was meant to see..
> •Successfully activating insights to optimize value propositions, user experiences, and marketing
I can't comment on the experience.
I mean, crash logs, but yes -- defining question for our time
drivers shouldn't connect to the internet unless that's what they're for. crash logs should be managed by a third party thing that the user can configure
Well done & great work.