privacy and Android [wsa Re: Debugging droid mta]

Russell Reiter rreiter91-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org
Tue Nov 22 17:42:50 UTC 2011


On Tue, Nov 22, 2011 at 10:44 AM, D. Hugh Redelmeier <hugh-pmF8o41NoarQT0dZR+AlfA at public.gmane.org> wrote:
> | From: R. Russell Reiter <rreiter91-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org>
>
> | <grain of salt>I take the right to personal privacy very seriously. In
> | my mind this is a top security issue in the mobile environment. I
> | abandoned MS fifteen years ago because I didn't want bill gates in my
> | head. I sure didn't expect to trade him for google or any other of the
> | other wannabe Illuminati skull and bonesers.<\grain of salt>
>
> I don't know how to interpret <grain of salt>, so I'll ignore it.

Grain of salt is an old bakers term. To take something with a grain of
salt is an indicator that, while salt on its own triggers receptors
similar to bitter ones at the back of the tongue, you may add a little
salt to a lesser amount of sugar in the recipe, the salt activates the
tongue's side receptors and increases the sense of sweetness in the
resulting product.

The grain of salt in this is, my reference to who is collecting data,
the way they are doing it and most importantly why they do it.

>
> I would like the right to privacy too.  But on the other had, I reveal
> all sorts of stuff voluntarily (eg. postings to this list).
>
> The scary things I object to include:
>
> - involuntary loss of privacy.  I include losses with pro forma
>  submission.  For example, when the entity can essentially force you
>  to agree to get a necessary service (government, utilities, ...)
>
> - undisclosed loss of privacy.  I include misuse of collected data.
>  Example: Rogers knows what TV stations you are watching and when if
>  you are using their Set Top Boxes.  Have they ever admitted that?  Or
>  disclosed how they use the data or how they retain it?
>
> Now, on to cell phones in general and Android in particular.
>
> - the cell phone system knows where your phone is whenever it is in
>  service.  This is disclosed (at least) to government entities under
>  certain protocols.  It may well be disclosed other ways.
>  Interestingly, this was justified for 911 purposes but the
>  legislation requires it to be always-on, not just when 911 is
>  dialled.
>
> - smart phones are moving towards location-aware services.  That
>  certainly involves location disclosure.  You can often opt-out.
>  Cynically, I wonder if that is provided because the effects of
>  disclosure are visible to the suspect (local ads, etc.).

You often cannot opt out. In the case of this android phone,
apparently I cannot opt into a format which I can better control, in
terms of self disclosure via email. I note that even after disabling
the prominent "opt-in" choices, location, GPS etc, the weather clock,
a part of the core services runs. Why bundle the two together except
to tie everything to GIS content, the weather part, which may kick
every communication from the device to base 64. It's one thing to do
it for my needs, it's another to do it for google analytics.

Please note this is my current working theory and until I have access
to a test bed where I can install eclipse and have a virtual
environment to work with, I will not be able to establish or refute
it.

I don't want to mod my phone, but I will if needs be.

>
> - smart phones may well be bugged by the suppliers.  For example:
>  <http://www.xda-developers.com/android/the-rootkit-of-all-evil-ciq/>
>
> All the things that got said a decade or more ago about us living in
> Bentham's Panopticon seem to slowly becoming true.  Consider, for
> example,
> <http://www.privacylives.com/washington-post-eyes-turn-to-license-plate-readers/2011/11/21/>

I call this running towards Orwell with arms wide open. Orwell didn't
tell us that at first everyone loved big brother. It wasn't until the
institution of the "two minute hate" that people started to balk.

>
> Consider how the TTC is likely going to switch to smart cards -- way
> more traceable than tokens.
>
> Consider how much information charge card systems have about you
> compared with our old fashioned cash system.  Notice how cash is
> being deprecated (try to rent a car or hotel room with cash).
>
> Consider what the banks are forced to report to the government under
> the rubric of fighting terrorism and organised crime.

Canadian banking rules are so much more tight lipped than other
countries that when somebody in the Corsican mafia says they are
coming to America they really mean Canada. N'drangheta have a
significant stronghold, here in Toronto and in Montreal

>
> The ways we lose privacy are manifold but not manifest.  Our
> understandings of privacy cannot encompass the complexity of the
> current and developing systems.

As individuals we cannot "know it all" it is only in groups which
foster open and sometimes out of the box discussion within the group,
where adequate individual solutions/protections are developed.

Just on a personal note I was quite dismayed that so many people who
have the skills to block content by To: and From:, Subject and Body,
chose rather to tell me to take my problem offline. I often forget
that Open Source doesn't always evaluate to Open Mind.

In fact a closed mind is often the prerequisite of appropriate
sysadmin responsibility in enterprise solutions.

However having said that, I don't take much of what happens on mail
lists personally. It is easy to misread or misunderstand what is being
said. I like to think I have a gentle good humor about things. As my
Mom said "Russell, you're big enough, old enough and ugly enough to
take care of yourself." In order to do this I sometimes use conflict
resolution skills tools like SUDS (Subjective Units of Disclosure)
when I venture into the wilds of Usenet.

Thanks for your comments. I do value them and do think about what you say.

> --
> The Toronto Linux Users Group.      Meetings: http://gtalug.org/
> TLUG requests: Linux topics, No HTML, wrap text below 80 columns
> How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
>
--
The Toronto Linux Users Group.      Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists





More information about the Legacy mailing list