55 comments

[ 3.2 ms ] story [ 117 ms ] thread
Is anything not spying on you?
I don't think my Debian desktop computer is spying on me.. but that may be the only computer that isn't.
Are you sure the computer inside the computer (Intel ME) isn't spying on you?
all apps can run with network disabled by default via firejail and/or apparmor or simply by using iptables/nftables :)
iptables won't prevent that other chip from using the network if it wants to.
(comment deleted)
true, did not think about firmware vulnerabilities when was replaying to comment.
Intel ME is disabled and neutralized on my Librem laptop.
Any hiccups with that? How are their laptops? I might look for a replacement for my dell soon
Works flawlessly for me, can recommend.
Many people are unhappy about Debian popcon.
It's opt-in (and the preselected option is "no" so even if you accidentally press enter you won't opt-in) and very clearly explained during installation.
You are correct.

Ubuntu installed Debian's popcon as a default package from 2006-2018, although apparently it was not configured to send data upstream.

(comment deleted)
There are lots of privacy issues in Debian unfortunately, we welcome help trying to find and fix them though. Some resources here:

https://wiki.debian.org/PrivacyIssues

Privacy issues is not the same as intentional spying.
There has been intentional spying (telemetry) in Debian too, Firefox for example, as well as Cura (3D printing app, although they eventually stopped that).
I doubt it, I bought a new Sonicare toothbrush and it came with an app to supposedly help you track your brushing or whatever; I was curious so I installed it.

After updating my toothbrush firmware, I got a prompt on my phone asking for it to track my location.

Why does my toothbrush need to know my location constantly?

because bluetooth and gps are still not separate permissions, i guess?
On Android at least this seems to be the case. Bluetooth leaks data that can be used to locate you, so Android just ties the two permissions together.

https://android.stackexchange.com/questions/160479/why-do-i-...

IMO this is counterintuitive for users. It would be like telling people on windows “This app wants to wipe your C drive” every time an app asks for admin permissions - it could wipe your C drive, but that’s not what it’s asking for. IMO the permissions should be separate, but the approval modal should note that info about leaking location.

>IMO this is counterintuitive for users. It would be like telling people on windows “This app wants to wipe your C drive” every time an app asks for admin permissions - it could wipe your C drive, but that’s not what it’s asking for.

Well the flip side is that they don't warn the users enough, and they get roasted by the media for "not sufficiently warning the users" or "being complicit in user tracking" or whatever.

By granting an app a permission, it can then do that thing. There's no intent detection possible. Any app with full filesystem access could wipe your C drive. A new Bluetooth API and access model needs to be devised to fix the information leakage present in scanning and beacons -- how can we prevent fixed-position radio beacons from being picked up by people scanning for new gadgets?
(comment deleted)
I got that, too. I said "okay, let's try it out", but the App wanted me to register and log in before even being able to use it. Even with refusing location tracing, I just don't feel like telling Philips when I brush my teeth, and how.

Luckily the toothbrush works perfectly without the App or any Bluetooth connection at all, wouldn't have even noticed it had Bluetooth if I hadn't looked at the packaging.

My treadmill was a bit different: While unpacking and building, I saw what was probably 8 or 9 notices claiming that the treadmill is "locked", has to be unlocked by registering it with iFit, and will not work otherwise. It was everywhere: On the packaging, as a piece of paper inside, in the manual, on the treadmill itself... New York Times had an article mentioning you just have to hold down the "iFit" button for 20 or 30 seconds, and that unlocked it permanently. Without having to pair with anything. Weird world.

What model is it? I recently bought a sonicare and it didn't come with an app.
Bluetooth permissions are grouped in under the Location permissions on both iOS & Android.

This is because Bluetooth _could_ be used to determine a user's location by using beacons and constantly scanning or whatever.

But this has led to nothing but endless confusion for users (and constantly gets highlighted as suspicious in online forums), so they really need to come up with better wording. Like "This app is requesting Bluetooth permissions, which _could_ be used to determine your location".

This should be a separate permission, asking to do a one-time scan for bluetooth devices with limited scope (predefined OUIs). Same for wifi scanning.

I have no idea why google bundled those together, instead of treating them as separate things alltogether.

Today I learned, thank you. I’ve denied many an app for this reason.
> so they really need to come up with better wording.

No, they need to come up with a better way of communication that doesn't involve leaking permission.

We can thank Google and the various other companies mapping out wireless IDs for this being an uphill battle.

Generally speaking, if you want wireless communication, you'll need some way of uniquely identifying each participant in the wireless space. Data aggregators can then drive around on the streets and associate device IDs with physical addresses.

A bluetooth communications setup (or future alternative) will want to be able to know what device IDs are around it. (You want to connect to your wireless toothbrush - not your neighbors). A malicious developer can then use that access to the ID list, compare it against databases of known ID locations, and get a really good guesstimate of your location.

Go back to the old ways: keep a paper and make tick marks.
The paper isn't saying games are spying on you. It's saying that if someone decided to analyse the data about someone playing then they could infer certain things.

I mean sure I guess.

I'm pretty skeptical that this is really occuring though. I mean, to what end?

As someone who runs an online game we have text logs of user actions, yes. They sit there because it's useful debugging info. A server crash happens and we look at the logs of what the user was doing at the time. An exploit is reported and we look at the logs of what the user doing the exploit did so we can fix it. Etc etc.

I really don't know what nafarious thing people imagine is really occuring.

Same.

On a naive surface level of this, it's a game, not your banking account. How much is really at stake here?

It'll depend on how much data is being reported back. For some games where users are asked to make certain moral choices, I figure you can infer a lot about someone by analyzing those choices.

Imagine if games like Mass Effect phoned home about the choices you took. You can build up a pretty complete psychological profile of someone based on their gameplay.

I really doubt that, honestly. You have no idea if those models are correct without comparing it to real personality of an actual person.

If anything, you'll be dumped into big buckets like "buys lots of cosmetic items", "usually makes good choices first", "likes to try breaking aspects of games", etc

> I really don't know what nafarious thing people imagine is really occuring.

Unregulated anticheat software retaining user clipboard contents, sending/uploading arbitrary files, all window titles, all processes and computer and username, and any other IPs on LAN and ARP cache, sending in plaintext across country borders, ignoring GDPR/CCPA/etc.

In the meantime, most users with that anticheat software installed presume that it is simply looking out for them, in terms of eliminating cheaters in __ video game, and could not possibly be doing the nefarious things you mention. Yet, all of us working in software know this is not a far stretch, given the application is already designed to gather information about the environment surrounding the running game. We have a long way to go with software, put simply..
This isn't a stretch, this is actually what anticheat software does. The valorant one also uploads driver listings and driver contents!
Pretty much this. I've worked in the field. If you do development work, drivers, and/or have installed certificates or root CAs that are "rare" or not installed on a large majority of machines, they absolutely WILL be uploaded.

If you are detected to be a reverse engineer based on running processes or otherwise, even if it has nothing to do with the game, expect significantly more surveillance too, up to and including literal streaming shellcode running from the server at the highest privilege level at any time, none of which you can control.

I'm not going to argue that some anti-cheats don't do those things, some do.

But are you actually suggesting that the games are keeping data from this activity and using it some bad way?

You kind of dodged the actual part where something evil actually happens.

Twenty years ago we said the same thing about our internet searches...
Anti-cheat software bundled with games is prevalent, it is in the company's interest to overreach with its data collection and fingerprinting, and users give them sufficient permissions to do so.
(comment deleted)
There's a gradient of spying, as there is a gradient and level to everything. A program that collects diagnostic data is not the same as one that collects all your browser history.
I'm pretty sure my Pinephone does not spy on me.
How well does your Pinephone deal with calls and texts?
Not using them much, but it works fine.
Is it true that if i buy and install drm free games, like those from that european distributor (GOG?) then i have nothing to worry about right?
That would just mean the platform isn’t tracking you (unless you use GOG Galaxy in which case it still is) but nothing stops publishers from having their own analytics code built into the game.
To prevent privacy issues from affecting you, it is best to either prevent the games from having network access, or inspect the code of the game to ensure it doesn't access the network, or both.
The game itself can just send data to some server at will if it has network access. DRM is still nice to avoid. Gog is great
The analytics code is built into the engine, for example https://docs.unrealengine.com/4.26/en-US/TestingAndOptimizat...

Nearly all games would have some sort of client side analytics, multiplayer games will also have a lot of server side stuff.

In fact analytics in games is so common that today it’s a “meta” mechanic in most games, this is what achievements are. The lazy type of achievements are nothing more than adding fake points to something that the game developers were already tracking internally in the hopes that it would promote engagement.

However very few games are actually doing achievements well the best example of how to do achievements in a meaningful manner is probably Halo with its skull mechanics since those actually majorly impact gameplay and thus adding a lot of value to the player.