Is it even possible for Apple/Google to prevent their phone operating systems from being hijacked?
5Apart from whether Google/Apple are already evil, there are the apps and, in the case of Android, the handset manufacturers and their customized OS versions.
And that’s before one gets around to considering apps.
According to some recent article, Angry Birds shared info with numerous ad and data networks.
Just from within this one app: Details of game reportedly play vary over time by time of day, health, stress levels, and mood. These can vary to the degree that researchers may be able to detect signs of such as anger or clinical depression.
Combine this info with other info the ad and big data networks collect … And the data that governments (ours and other governments) can collect …
From kids. From everyone.
Sigh.
/giphy “Big Data”
Way too little and too late?
- 8 comments, 37 replies
- Comment
I don’t think that classifies as hijacking, seems to be the intended purpose of the software. If something is free, you’re probably the product.
@FeralRants
Agreed. “hijacking” would mean that someone else does the data collection or other hacking to a degree that Google or apple would actually care, disapprove, and take action.
So, poor choice of words on my part.
In my case, I guess I have given away more than I can imagine.
@FeralRants @f00l
^^^ THIS ^^^
@FeralRants @therealjrn
Re: “I’m the product”
Yeah. I know.
But I’m not willing to give up my smartphone yet. Self-indulgence?
At least I’m not, afaik, a terribly valuable or attractive product.
But they want everything. And they prob have it.
And they do use it and will use it.
And I likely won’t know it.
@f00l @FeralRants @therealjrn Until they come and getcha for something.
@f00l
You had no idea you were sitting on a gold mine all these years huh?
@therealjrn
I never seemed to notice having to brush gold dust off my ass.
/giphy “gold dust”
@f00l @therealjrn Cuz you bought these?
https://meh.com/forum/topics/2-for-tuesday-self-cleaning-bidets
From reddit:
Ok, so the somewhat on-topic alleged Lenin/Stalin/whoever quote is prob a fake.
And the prediction finally failed w regard to the “classic” Soviet and Maoist communist regimes.
But the quote works seem to kinda work out under circumstances where we offer to “sell the rope” to some economically viable interests here and abroad.
/giphy evil
When did Google remove "don’t be evil” from the official paperwork?
Did their legal team make that decision?
/giphy “kill all the lawyers”
@f00l
https://gizmodo.com/google-removes-nearly-all-mentions-of-dont-be-evil-from-1826153393
@Cerridwyn @f00l On one of my gmail accounts, I’ve been using the passphrase “google is evil”. Either they didn’t notice (I’m sure they can access the plaintext version when I typed it in on account setup), or they just didn’t think it worth dinking with me over it.
@Cerridwyn @phendrick
I would imagine that Google actually caring about one user or another tweaking them about stuff like that (“don’t be evil”) has similar occurrence likeliness as the Pacific Ocean “caring” about a single drop of rain.
@Cerridwyn @f00l @phendrick Clunky phrasing, but I’ll accept that.
@Cerridwyn @phendrick @therealjrn
Yep re phrasing.
My mind is mush today.
Google and other corps per se are not even the prob, in individual instances. Because the prob is bigger.
If one company or govt doesn’t do it, another will.
We have no meaningful personal data privacy rights. And we don’t even seem to have much of a national or “Western Civilization” data security policy and defense.
I expect upcoming critical data network hacks (for hospitals, power grids, etc) similar to but bigger than the NK-instigated hack of Sony.
Many of these incursions and corruptions might be quite subtle. Similar to the credit bureau hacks. Instigated by govts or large organizations with their own political and economic goals.
We are screwed, I guess. By ourselves and our policies. Perhaps we’ll muddle thru this somehow.
@Cerridwyn @phendrick @therealjrn
I think I must be a total grump this morning.
Can I blame allergies?
/giphy pollen
@f00l @phendrick @therealjrn
Way too late on expecting that
You know what they say
/image what you don’t know won’t hurt you
/image manic laugh
@f00l @phendrick No human at Google is going to read your password. They do take security seriously, and that’d be an extreme no-no, plus, they’re not that petty.
Now, if you were to avoid some web tracking and not play along with their recaptcha / bot trainer(?), you might find it challenging to log into a variety of services, from PayPal, to gmail, to the odd Amazon property. Not that I’m speaking from experience here.
(Almost permanently lost access to a gmail account – even having the correct password – because I didn’t “smell right”, and didn’t know the correct response to an obscure security question I’d set up.)
@Cerridwyn @f00l @phendrick @therealjrn Oh, it will hurt you. You just won’t know what it was that hurt you.
They can. And Google woke up to this fact. What Huawei might have leaked and Google found proof is the preparations to completely disconnect all of that data collection going to Google (always-on voice activation == 24x7 eavesdropping) and redirecting it to the Chinese government.
And if Huawei can do that for their domestic phones, why not do it for all export phones? And we think the NSA big data siphon in Colorado is spooky, the Chinese build stuff 10x as big every three days without breaking a sweat.
And it would cut off Google as an American national security risk to China from their perspective.
@mike808
So …
/giphy “market share”
Well, if you aren’t doing anything illegal, why are you so upset?
/s
@therealjrn
You forgot to send me your public and private PGP keys.
Hurry up!
/giphy pgp
@therealjrn
Here are my keys
/giphy public pgp key
/giphy private pgp key
@f00l ARRRGH! You need to take some scissors to the top of your public pgp key’s head!!!
@therealjrn
Awww, it’s so cute!
/giphy fabulous public pgp piled hair
I meant to reply to this a few days ago, but work’s been hectic. It depends, I think, a lot on what you mean by “hijacked”.
I think the pithy answer to your title question is “only if people start giving enough of a shit to stop buying Android phones and then installing Facebook’s apps on them”. It’s beyond frustrating, as a person who doesn’t like the evolution of our dystopia, to watch everybody routinely cover tech companies like there’s nothing wrong with pervasive surveillance.
Anyways, I’ve been thinking about what it would take to turn this boat around. Post-iceberg, it makes sense that we should begin to concern ourselves with the rudder, at this point.
Even attempting to talk about this usefully (as opposed to wordless screaming, which has been my preferred approach so far), we need some specificity and form, to shape a broad discontent. After that, we could maybe talk about things that people would be willing to actually do that might make any difference whatsoever. coughREGULATIONCough
These lists aren’t going to be particularly MECE, and I don’t have the kind of first-hand knowledge that would position me well to do this topic justice, aside from a moderate technical background – no marketing background, f’rinstance – but it’s a first pass.
First, who are the relevant actors? Which kind of categorization makes the most sense?
What kinds of data are there, and from what sources?
What kinds of revenue are there?
When and how does, and how could, collected data make a shift from being visible and relevant only to an automated advertisement selection process, to being relevant to an individual?
It’s probably also worth talking about what harms can and do arise as a result of this world we’re creating… as motivation for all the earlier bits. But I’ve got to run. And this is too long, and sprawling. Nobody’s going to bother reading it. Sorry.
@InnocuousFarmer
@InnocuousFarmer
Thanks.
Dunno what happened to long reply. Will try to re-do later.
@InnocuousFarmer
I read it
@InnocuousFarmer
I read it. I kind of get it.
@InnocuousFarmer TL;DR. Executive Summary: We’re boned.
@mike808 If I saw just a bit of a pushback against the us’s hyper-partisan insanity, I’d be in danger of being optimistic. Everybody hates what Facebook’s doing (everyone who hears about it). There’s been reporting on genuinely terrifying control of the general population in China by their government (maybe you leave the country, but your communications with your family are monitored – maybe your mom gets sent to a reeducation camp and comes out not talking about it, but just crying on Skype). We have protections, in law, for the content of phone conversations – it’s not like the people and government are blind to the power of surveillance – it’s more just wildly profitable tech companies with myopic vision chasing dollars, and politicians following them around, hopefully only until public consciousness starts to catch up some more.
Regulation’s a political football more than it should be, but I think that’ll be less true once Trump leaves office, with his uh… “business-friendly” policies even by Republican standards. Dems are hip and young enough that they’re on the right side of some of these issues, albeit for the wrong reasons, and they’re not talking privacy vs. surveillance yet (I was really surprised and gratified to hear them talking net neutrality).
Heck, even one of Facebook’s founders is saying that the company should be broken up, because it’s a monopoly, that people should have choices to move off the platform, because it has too much power. That wouldn’t be enough by itself, but it’d be a big step in the right direction.
It’s in the air – we do in fact value privacy, and we do have a government, which exists in part exactly to protect us against things like pervasive abuse by an entire industry. We’ve got laws. The system is sitting there waiting for someone to use it. We just have to get past uh… you know, us.
Time was, we all thought nuclear radiation was harmless. I think we’ll get there.
Here’s a pull quote from that linked opinion piece.
Clearly a smart man – that’s what I’ve been saying!
It’s broader than that, though. It’s also Google, and every website that includes products (like ads) from Google, Facebook, or, “other”, out of convenience or necessity. It’s about Angry Birds’ use of ads, too.
@InnocuousFarmer Or to compensate you for our fuckup, or potential unauthorized access to our data we keep safe for you (well, except for we think this one time), here is a coupon so your next month of service is free.
You love free shit, right? How about if we toss in a free year of “credit monitoring” from our subsidiary? We promise they do a better job at this than we do, 'cuz we totally suck at it.
Welcome to the world of information security, the “military intelligence” for the 21st century.
By the way, the answer is simple
/image no
I suspect that, for users with PC’s, or users with dedicated gaming platforms or devices, or users with tablets/phones, all sorts of individually identifiable and potentially and currently leakable/for-sale personal behavioral data gets collected.
Including individually identifiable and trackable data of children’s behavior.
The latest thing I hear they want is to track our eye movements and eye focus.
VR headsets and devices might well do this now and in the future
(one presumes, without the hw/sw designers/providers/monetizers/govts exactly making the data collection activity clear up front to users).
@f00l Here’s an article titled: All the Ways Google Tracks You—And How to Stop It
@therealjrn Don’t forget about handling your loved one’s online accounts after they pass away.
It is best to keep current passwords and two factor phone devices active and just act on their behalf directly with the service to shut things down yourself. Their interest is in preserving their access and rights* to use all data about your loved one, in perpetuity as they see fit, not how the deceased or survivors do. They will “lock” the account, but they won’t delete it or its data.
This is one of the reasons why GDPR in the EU scares the bejeebus out if them, with its “right to be forgotten” that legally requires them to delete and stop using your data.
The US has no such legal protection, either when someone is alive or after they die. Gotta protect corporate freedoms, right? 'Murica!
@therealjrn @thef00l More tips for the digital afterlife:
https://lifehacker.com/five-things-to-do-when-planning-for-your-digital-death-1826496843
https://www.lifewire.com/your-online-accounts-when-you-die-3486015
And there are services out there to help you plan as well, like https://www.everplans.com/.
Not endorsing them, but I will be checking them out. My will transfers legal ownership and control of all online assets and accounts (including granting full access/password reset functions) to my living trust and its trustees. This sort of service might make that easier.
@therealjrn That Wired article is infuriating. Not stated is that you only see those settings if you’re logged into Google in the first place, and you shouldn’t log into Google’s services… ideally ever (the last time I was logged into Google in a web browser was to turn all those off). I thought I was going to read a technical article, not an article telling you how to navigate deliberately opaque settings screens.
That third paragraph in that article, essentially, is just telling you that you should feel helpless and overwhelmed, and therefore be thankful for your switches.
I mean, I’m sure it’s marginally better than nothing.
The only actual solution I can see is political. I’m a bit worried that the tech companies are getting preemptive work into the political game (don’t regulate us – you’ve got comforting switches to click on) without opposition even being organized enough to say… anything meaningful. Pro-privacy types are representing themselves as the neurotic overreactive ones in the room – too easily dismissed if you aren’t yourself one.
@mike808 @therealjrn
Gosh. I wonder if political contributions have anything to do with that.
What president said "the business of America is business? I forget.
Did that president intend to include bought-and-sold-politicians in that idea of business?
@InnocuousFarmer @therealjrn
The tech companies have been shoving big $ into the anti-privacy political arena for decades.
@f00l @mike808 @therealjrn The business stuff may just be an unintended consequence. The Privacy Act of 1974 only applies to the living.
I’m not sure the idea of keeping or mining the account data of the deceased was really on the radar back then.
@f00l @therealjrn I should have said uh… PR? Targeting public perception, trying to modify people’s opinions. Boil the frog. Seems to me that it’s been getting more explicit and propagandistic lately.
I mean, look at this shit - https://www.nytimes.com/2019/05/07/opinion/google-sundar-pichai-privacy.html