It's opt-in (and the preselected option is "no" so even if you accidentally press enter you won't opt-in) and very clearly explained during installation.
There has been intentional spying (telemetry) in Debian too, Firefox for example, as well as Cura (3D printing app, although they eventually stopped that).
I doubt it, I bought a new Sonicare toothbrush and it came with an app to supposedly help you track your brushing or whatever; I was curious so I installed it.
After updating my toothbrush firmware, I got a prompt on my phone asking for it to track my location.
Why does my toothbrush need to know my location constantly?
IMO this is counterintuitive for users. It would be like telling people on windows “This app wants to wipe your C drive” every time an app asks for admin permissions - it could wipe your C drive, but that’s not what it’s asking for. IMO the permissions should be separate, but the approval modal should note that info about leaking location.
>IMO this is counterintuitive for users. It would be like telling people on windows “This app wants to wipe your C drive” every time an app asks for admin permissions - it could wipe your C drive, but that’s not what it’s asking for.
Well the flip side is that they don't warn the users enough, and they get roasted by the media for "not sufficiently warning the users" or "being complicit in user tracking" or whatever.
By granting an app a permission, it can then do that thing. There's no intent detection possible. Any app with full filesystem access could wipe your C drive. A new Bluetooth API and access model needs to be devised to fix the information leakage present in scanning and beacons -- how can we prevent fixed-position radio beacons from being picked up by people scanning for new gadgets?
I got that, too. I said "okay, let's try it out", but the App wanted me to register and log in before even being able to use it. Even with refusing location tracing, I just don't feel like telling Philips when I brush my teeth, and how.
Luckily the toothbrush works perfectly without the App or any Bluetooth connection at all, wouldn't have even noticed it had Bluetooth if I hadn't looked at the packaging.
My treadmill was a bit different: While unpacking and building, I saw what was probably 8 or 9 notices claiming that the treadmill is "locked", has to be unlocked by registering it with iFit, and will not work otherwise. It was everywhere: On the packaging, as a piece of paper inside, in the manual, on the treadmill itself... New York Times had an article mentioning you just have to hold down the "iFit" button for 20 or 30 seconds, and that unlocked it permanently. Without having to pair with anything. Weird world.
Bluetooth permissions are grouped in under the Location permissions on both iOS & Android.
This is because Bluetooth _could_ be used to determine a user's location by using beacons and constantly scanning or whatever.
But this has led to nothing but endless confusion for users (and constantly gets highlighted as suspicious in online forums), so they really need to come up with better wording. Like "This app is requesting Bluetooth permissions, which _could_ be used to determine your location".
We can thank Google and the various other companies mapping out wireless IDs for this being an uphill battle.
Generally speaking, if you want wireless communication, you'll need some way of uniquely identifying each participant in the wireless space. Data aggregators can then drive around on the streets and associate device IDs with physical addresses.
A bluetooth communications setup (or future alternative) will want to be able to know what device IDs are around it. (You want to connect to your wireless toothbrush - not your neighbors). A malicious developer can then use that access to the ID list, compare it against databases of known ID locations, and get a really good guesstimate of your location.
The paper isn't saying games are spying on you. It's saying that if someone decided to analyse the data about someone playing then they could infer certain things.
I mean sure I guess.
I'm pretty skeptical that this is really occuring though. I mean, to what end?
As someone who runs an online game we have text logs of user actions, yes. They sit there because it's useful debugging info. A server crash happens and we look at the logs of what the user was doing at the time. An exploit is reported and we look at the logs of what the user doing the exploit did so we can fix it. Etc etc.
I really don't know what nafarious thing people imagine is really occuring.
It'll depend on how much data is being reported back. For some games where users are asked to make certain moral choices, I figure you can infer a lot about someone by analyzing those choices.
Imagine if games like Mass Effect phoned home about the choices you took. You can build up a pretty complete psychological profile of someone based on their gameplay.
I really doubt that, honestly. You have no idea if those models are correct without comparing it to real personality of an actual person.
If anything, you'll be dumped into big buckets like "buys lots of cosmetic items", "usually makes good choices first", "likes to try breaking aspects of games", etc
> I really don't know what nafarious thing people imagine is really occuring.
Unregulated anticheat software retaining user clipboard contents, sending/uploading arbitrary files, all window titles, all processes and computer and username, and any other IPs on LAN and ARP cache, sending in plaintext across country borders, ignoring GDPR/CCPA/etc.
In the meantime, most users with that anticheat software installed presume that it is simply looking out for them, in terms of eliminating cheaters in __ video game, and could not possibly be doing the nefarious things you mention. Yet, all of us working in software know this is not a far stretch, given the application is already designed to gather information about the environment surrounding the running game. We have a long way to go with software, put simply..
Pretty much this. I've worked in the field. If you do development work, drivers, and/or have installed certificates or root CAs that are "rare" or not installed on a large majority of machines, they absolutely WILL be uploaded.
If you are detected to be a reverse engineer based on running processes or otherwise, even if it has nothing to do with the game, expect significantly more surveillance too, up to and including literal streaming shellcode running from the server at the highest privilege level at any time, none of which you can control.
Anti-cheat software bundled with games is prevalent, it is in the company's interest to overreach with its data collection and fingerprinting, and users give them sufficient permissions to do so.
There's a gradient of spying, as there is a gradient and level to everything. A program that collects diagnostic data is not the same as one that collects all your browser history.
That would just mean the platform isn’t tracking you (unless you use GOG Galaxy in which case it still is) but nothing stops publishers from having their own analytics code built into the game.
To prevent privacy issues from affecting you, it is best to either prevent the games from having network access, or inspect the code of the game to ensure it doesn't access the network, or both.
Nearly all games would have some sort of client side analytics, multiplayer games will also have a lot of server side stuff.
In fact analytics in games is so common that today it’s a “meta” mechanic in most games, this is what achievements are. The lazy type of achievements are nothing more than adding fake points to something that the game developers were already tracking internally in the hopes that it would promote engagement.
However very few games are actually doing achievements well the best example of how to do achievements in a meaningful manner is probably Halo with its skull mechanics since those actually majorly impact gameplay and thus adding a lot of value to the player.
55 comments
[ 3.2 ms ] story [ 117 ms ] threadUbuntu installed Debian's popcon as a default package from 2006-2018, although apparently it was not configured to send data upstream.
https://wiki.debian.org/PrivacyIssues
After updating my toothbrush firmware, I got a prompt on my phone asking for it to track my location.
Why does my toothbrush need to know my location constantly?
https://android.stackexchange.com/questions/160479/why-do-i-...
IMO this is counterintuitive for users. It would be like telling people on windows “This app wants to wipe your C drive” every time an app asks for admin permissions - it could wipe your C drive, but that’s not what it’s asking for. IMO the permissions should be separate, but the approval modal should note that info about leaking location.
Well the flip side is that they don't warn the users enough, and they get roasted by the media for "not sufficiently warning the users" or "being complicit in user tracking" or whatever.
Luckily the toothbrush works perfectly without the App or any Bluetooth connection at all, wouldn't have even noticed it had Bluetooth if I hadn't looked at the packaging.
My treadmill was a bit different: While unpacking and building, I saw what was probably 8 or 9 notices claiming that the treadmill is "locked", has to be unlocked by registering it with iFit, and will not work otherwise. It was everywhere: On the packaging, as a piece of paper inside, in the manual, on the treadmill itself... New York Times had an article mentioning you just have to hold down the "iFit" button for 20 or 30 seconds, and that unlocked it permanently. Without having to pair with anything. Weird world.
This is because Bluetooth _could_ be used to determine a user's location by using beacons and constantly scanning or whatever.
But this has led to nothing but endless confusion for users (and constantly gets highlighted as suspicious in online forums), so they really need to come up with better wording. Like "This app is requesting Bluetooth permissions, which _could_ be used to determine your location".
I have no idea why google bundled those together, instead of treating them as separate things alltogether.
No, they need to come up with a better way of communication that doesn't involve leaking permission.
Generally speaking, if you want wireless communication, you'll need some way of uniquely identifying each participant in the wireless space. Data aggregators can then drive around on the streets and associate device IDs with physical addresses.
A bluetooth communications setup (or future alternative) will want to be able to know what device IDs are around it. (You want to connect to your wireless toothbrush - not your neighbors). A malicious developer can then use that access to the ID list, compare it against databases of known ID locations, and get a really good guesstimate of your location.
I mean sure I guess.
I'm pretty skeptical that this is really occuring though. I mean, to what end?
As someone who runs an online game we have text logs of user actions, yes. They sit there because it's useful debugging info. A server crash happens and we look at the logs of what the user was doing at the time. An exploit is reported and we look at the logs of what the user doing the exploit did so we can fix it. Etc etc.
I really don't know what nafarious thing people imagine is really occuring.
On a naive surface level of this, it's a game, not your banking account. How much is really at stake here?
Imagine if games like Mass Effect phoned home about the choices you took. You can build up a pretty complete psychological profile of someone based on their gameplay.
If anything, you'll be dumped into big buckets like "buys lots of cosmetic items", "usually makes good choices first", "likes to try breaking aspects of games", etc
Unregulated anticheat software retaining user clipboard contents, sending/uploading arbitrary files, all window titles, all processes and computer and username, and any other IPs on LAN and ARP cache, sending in plaintext across country borders, ignoring GDPR/CCPA/etc.
If you are detected to be a reverse engineer based on running processes or otherwise, even if it has nothing to do with the game, expect significantly more surveillance too, up to and including literal streaming shellcode running from the server at the highest privilege level at any time, none of which you can control.
But are you actually suggesting that the games are keeping data from this activity and using it some bad way?
You kind of dodged the actual part where something evil actually happens.
Nearly all games would have some sort of client side analytics, multiplayer games will also have a lot of server side stuff.
In fact analytics in games is so common that today it’s a “meta” mechanic in most games, this is what achievements are. The lazy type of achievements are nothing more than adding fake points to something that the game developers were already tracking internally in the hopes that it would promote engagement.
However very few games are actually doing achievements well the best example of how to do achievements in a meaningful manner is probably Halo with its skull mechanics since those actually majorly impact gameplay and thus adding a lot of value to the player.