Related
the original link.....http://www.zdnet.com/blog/google/confessions-of-a-google-junkie-or-privacy-what-privacy/3553
Summary: A lot has been made of Google’s new privacy policy and terms of use. I say bring it on.
There are very few aspects of my life that don’t somehow involve Google. My phone runs on Android, my favorite tablet just got an OTA update to Ice Cream Sandwich (!!!), I use Chrome across all of my computers, I develop AdWords campaigns, I use Analytics to develop metrics for the day job and dive into SEO, I handle many of the CBS Interactive Google webcasts, I use Google Docs almost exclusively for productivity, and my wife doesn’t know where I am half the time until she checks my Google Calendar (which, in fact, aggregate two other Google Calendars).
I’m increasingly turning to Google+ as my source of relevant information and opinions, a function previously reserved for Twitter, and I’ve even dispensed with bookmarks, instead using Google Sites to organize important pages and resources.
I live, eat, breathe, work, and play Google and there aren’t many people more aware of Google’s business model and the amount of data it collects than I. So is it just sheer stupidity and naiveté that has me utterly embracing the Google ecosystem and relatively unconcerned about newly announced privacy policies that have caused so much consternation this week? Before you jump down to the talkbacks to tell me how stupid I really am, read on for another couple paragraphs.
As Larry Dignan pointed out in his post about the new policies last night,
Google noted that it already has all that data, but it’s now integrating that information across products. It’s a change in how Google will use the data not what it collects. In other words, Google already knows more about you than your wife.
From my perspective, though, I can live with Google knowing a lot about me. It knows, for example, that I’ve recently developed an obsession with the electric guitar and have been researching inexpensive models that I might just be able to justify as a birthday present to myself. It doesn’t judge, it just shows me the best deals in display ads on the three models of guitar and 2 models of amps I’ve been reading about the most. My wife isn’t aware of this obsession and her take on it would be judgmental (God love her!): “When will you have time to play guitar? And we’re supposed to be saving money! And what’s wrong with your acoustic guitar?”
Taking this a step further, as Google’s new privacy policies and terms of use do, I should expect to start seeing guitar-related apps in my suggestions in the Google Market and the Chrome Marketplace. Guitarists on Google+ should start appearing in suggested people to add to my circles and Google Reader should offer to download Guitar Player Magazine feeds for me. And, more likely than not, I’ll start seeing more guitar-related ads as well.
Google’s goal, of course, is to sell advertising. That’s about 97% of their revenue. By pulling people like me into their increasingly unified ecosystem, they can demonstrate very high click-through rates to potential advertisers and charge a premium to reach highly targeted and yet incredibly vast audiences.
They need to give me something in return
For me to buy into this, they need to give me something in return. Something to make all things Google really sticky. Like a wide array of free tools from Google Docs to Google Music to Google Voice. And cheap tools that I buy for my business like Google Apps and AdWords. Their new policies are designed to be more transparent, but also to pave the way for these tools to talk to each other better, making them even stickier through a unified experience and more relevant services.
Back to the wife comparison that Larry brought up. My wife knows that every Friday night is pizza night in our house. So does Google, since every Friday around 4:30 I pull out my Android and use Google Voice Search to find the number of whatever pizza joint we decide to patronize that week. Fine. Google, however, can actually do something more useful with that information than my wife can (”Where should I order pizza, sweetheart?” “Wherever, just not that place down the road. Or that other place. And make sure they’re having a deal!”).
Come Friday morning, the ads I see on Gmail or Google search should start being pretty pizza-heavy: Dominos, Papa Johns, and a place or two that has an active Google Offer. As I’m driving home that evening, the GPS on my phone should set off an alert when I drive past a well-reviewed pizza place (assuming I’ve set location-based preferences to alert me to destinations with at least four-star average reviews). And the minute I type a P in my mobile browser, Google Instant should leap into action and display nearby pizza places and a news story about a new place to get pizza in the next town.
We’re not quite there yet, but this is the sort of integration and experience that Google is covering in its new policies and terms of use. I know that my privacy red flags should probably be going off. Google has gigabytes of information about me and is using that information to help its advertisers sell products. That’s bad, right?
Guess what, folks? This is the semantic web
And yet, I don’t think it is. Many of the same techies who cry foul over these new policies have also been pushing for the development of the semantic web to make it easier to find what we actually need in the trillions of web pages floating around the Internet. Guess what, folks? This is the semantic web. When our search engines know what we actually mean, when data on the web automagically becomes information we can use easily and quickly, we’ve arrived.
And the semantic web can’t exist without “the web” (whatever that is) knowing a lot about us. It takes data for a computer to understand our needs and process natural language efficiently. Some of those data will necessarily be fairly personal.
Now, if I start getting spam from pizza places or calls on my Google Voice number from Dominos because Google has sold my contact information and preferences to advertisers, we have a problem and I’ll be waving my privacy flag as high as anyone else. However, when I opt in by opening a Google account and staying logged in as I surf the web, I’m not only consenting to the collection and aggregation of data about me, I’m asking that it be done so that the web and related tools can be more useful to me. This sort of data mining lets me work faster, play easier, and find the best pizza in a 20-mile radius.
For its part, Google needs to remain the trusted broker of these data. No, I don’t like the idea that our government could brand me a terrorist and seize these gigabytes of data under the Patriot Act. The alternative, though, is an ever-growing morass of web sites and tools that I get to dig through manually.
And, by the way, even if I’m not logged in to my Google account as I’m doing it, my ISP knows the sites I’ve visited, too, and could just as easily (if not more so) be compelled to turn over this information to the real Big Brother in all of this.
Far more trust in Google than the Feds
Honestly, I have far more trust in Google than I do in the Feds. Google is motivated by money: they need my trust to keep collecting those data to keep making it easier for me to buy things from Google’s paying advertisers. If that trust is broken by inappropriate sharing of data, then my eyeballs go elsewhere and so do the advertisers who target me via AdWords and AdSense. Our government has no such financial motivation. Money talks.
The fact that the speech recognition on my phone kicks ass because I use Google Voice all the time and it’s learned how I talk might be a little creepy, but it’s far more important that I can do a Google search or send a text while I’m driving without taking my eyes off the road.
Welcome to 2012, folks. The semantic web has arrived. Use it well and let’s keep Google’s new policies in perspective. And Google? Don’t be evil. I have a lot of colleagues who will be pointing, laughing, and saying I told you so if you ever are.
Nice article.
I think the key for Google's continued success is to keep the advertising passive, suggestions when you're searching etc. aren't in your face but they work.
You see a lot of people complaining that they've been searching for something online and then all of the adverts on the websites they visit contain something pertaining to that, and they grumble that it's annoying. Personally, I'd much rather see an advert to something that's relevant to me rather than a cluttered webpage of irrelevant information.
By targeting adverts and increasing their relevance to the individual, they are far more likely to be successful. This means that the revenue per advert is going to improve and websites aren't going to need to cover their website in adverts (at the cost of the user experience) to make it profitable.
Plus given the huge amount of free stuff that google gives you, it's a bit rich for somebody to complain that they're trying to get something back off you.
I too would much rather see things directly targeted towards me then just random ads. And everyone is up in arms about google recording what you do. Well i think of it this way, i'm fine with them getting to know me and my behavior and what i do, as long as they keep providing FREE products for me.
Ahh the good old "If they are going to screw me without consent, I would much rather they knew my name, stroked my hair and whispered sweet nothings into my ear while they did it."
I prefer to treat my online habbits like the strange neighbour a few doors down. Say "hi" in passing, and realise that while they probrobly know more than I would want them to from when I've invited them over for coffee and from peeking in my windows as they walk past, know that I don't actually have to put up with their $#!+ if they become too creepy.
Thats why its important there are alternitives and competition, and that we as consumers don't put our eggs all in one basket and be prepared to protest or move on if they stretch the friendship too far.
I know privacy is impossible in this day and age but that doent mean you have to lie back and take it. "because you know it means well and it does give you nice gifts once in a while"
My suggestion is cut your reliance on any one brand and spread out the load.
hungry81 said:
My suggestion is cut your reliance on any one brand and spread out the load.
Click to expand...
Click to collapse
I like the author am reliant on Google these days. I'd be happy to look at alternatives. Granted they work on the platforms I needs them to, Android 2.X and 3.2, Linux+chrome, windows XP + chrome, and windows 7 + firefox or chrome. The linux requirement cuts out a lot of things, iTunes/iCloud for example.
Have any suggestions who/where i could go for:
Music
Docs
G+
Gmail
Needs a slick webUI, and the searching ability of gmail
Calendar
I need delegation and the ability for my wife to add me to events and share calendars.
Reader
works on all my devices, and syncs between them
I would very much like my phone to know when I leave work. Now i could do this with some sort of timer, but I end up working somewhat flexible hours, and have a leaving time of anywhere within an hour and a half. I would like it to know that since I now have "buy bread, milk, and eggs" on my to-do list (thanks hun!), that it needs to remind me of that on the way home. Even better if it can just direct me to a store with a deal on one or all of those things.
I like that the first hit in Google I get for cookies is the wikipedia page for http cookies and the second is to pythons cookielib module. Where as I bet my grandmother gets, chocolate chip cookies. The ability for Google search to know that I have a particular artist in my collection, and show me the bind's page near the top of the results without me having to add "band" to my search terms.
Anyways, if and when Google starts selling my data to 3rd parties, I'll export my data and move. Google makes it fairly painless to do that.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
The term "privacy" means many things in different contexts. Different people, cultures, and nations have a wide variety of expectations about how much privacy a person is entitled to or what constitutes an invasion of privacy. Information or data privacy refers to the evolving relationship between technology and the legal right to, or public expectation of, privacy in the collection and sharing of data about one's self. Privacy concerns exist wherever uniquely identifiable data relating to a person or persons are collected and stored, in digital form or otherwise. In some cases these concerns refer to how data is collected, stored, and associated. In other cases the issue is who is given access to information. Other issues include whether an individual has any ownership rights to data about them, and/or the right to view, verify, and challenge that information.
This post does not intend to address the many definitions of privacy or the many technical means of protecting and invading one's privacy. There are already many posts addressing this aspect and brief search can turn up lots of answers for you.
This post is only intended to help the least technically savvy among us in maintaining some small amount of data security and privacy without getting very technical about things. It was derived from many diverse sources on basic privacy.
Note that I do NOT have a DONATE button anywhere.
I am not looking for donations.
If you feel that you should donate something, by all means,
send it to your favorite XDA developer and/or XDA itself!
And don't be shy about the
button for the many posters who were of help to you!
Recently, a friend handed me his phone and asked me to take a picture. “What’s the password?” I asked. “I don’t have one,” he said. I think I must have had a puzzled look on my face as, I suppose, I tend to grimace when someone I know tells me they’re choosing not to take one of the very simplest steps for privacy protection, allowing anyone to look through their phone with the greatest of ease, to see whichever messages, photos, and sensitive apps they please.
So, this post is for you, big guy with no password on your Galaxy/iPhone/Nexus/whatever, and for you, girl who stays signed into GMail on your boyfriend’s computer, and for you, person walking down the street having a loud conversation on your mobile phone about your recent doctor’s visit of that odd ailment you have. These are the really, really simple things you could be doing to keep casual intruders from invading your privacy.
1 Password protect your phone! It is one of the simplest things you can do to most devices (smartphones, tablets, etc.) with the least amount of effort. Many people tell me it is “annoying” to take the two seconds to type in a password each time before using the phone. Gimme a break, everyone!. Choosing not to password protect these devices is the digital equivalent of leaving your home or car unlocked. If you’re lucky, no one will take advantage of you. Or maybe the contents will be ravaged and your favorite speakers and/or secrets stolen. If you’re not paranoid enough, spend some time reading entries in Reddit, where many Internet users go to discuss issues of the heart. A good percentage of the entries start, “I know I shouldn't have, but I peeked at my gf’s phone and read her text messages, and…” Oh, and before you pick a password like "123456" or "password" do yourself a big favor and visit the Worst passwords of all time web page! No laughing allowed!
2 Turn on 2-step authentication in GMail (that is, if you use GMail, of course). The biggest conclusion you can derive from the epic hack of Wired’s Mat Honan is that it probably wouldn't have happened if he’d turned on “2-step verification” in GMail. This simple little step turns your device into a security fob — in order for your GMail account to be accessed from a new device, a person (you?) needs a code that’s sent to your phone. This means that even if someone gets your password somehow, they won’t be able to use it to sign into your account from a strange computer. (How it works - video) Google says that millions of people use this tool, and that “thousands more enroll each day.” Be one of those people! Yes, it can be annoying if your phone battery dies or if you’re traveling. Of course, you can temporarily turn it off when you’re going to be abroad or phone-less. Alternately, you can leave it permanently turned off, and increase your risk of getting epically hacked. Which do you like better?
3 Put a Google Alert on your name! This is an incredibly easy way to stay on top of what’s being said about you online. It takes less than a minute to do. Go here: http://www.google.com/alerts; anyone can do it easily. Google Alerts are email updates of the latest relevant Google results (web, news, etc.) based on your queries. Enter your name, and variations of your name, with quotation marks around it. Boom. You’re done. Now, that wasn't too tough, was it? I didn't think so. :-]
4 Sign out of your Facebook / Twitter / GMail / etc. account! Do it each time you are done with your emailing, social networking, tweeting, and other forms of general time-wasting. Not only will this reduce the amount of tracking of you as you surf the Web, this also prevents someone who later sits down at your computer from loading one of these up and getting snoopy. This becomes much more important when you’re using someone else’s or a public computer. Yes, people actually forget to do this, with terrible outcomes. Incidentally, if you have the Chrome browser on your PC and you use “incognito” (Ctrl Shift N) or Internet Explorer and you use “InPrivate” (Ctrl Shift P) you will automatically be logged out when you close the window, and no cookies or passwords will be stored. Pretty cool, right?
5 Don’t give out your email address, phone number, or zip code when asked. Hey, if some scary (or weird) looking dude in a bar asked for your phone number, you'd say no, wouldn't you? But when the person asking is a uniform-wearing employee at a local store, many people hand over their digits without hesitation. Stores often use this info to help profile you and your purchase. Yes, you can say no. If you feel badly about it, just pretend the employee is that scary looking dude!
6 Change Your Facebook settings to “Friends Only.” I really thought that by now, with the many Facebook privacy stories which have been published, everyone would have their accounts locked down and boarded up like a cheap Florida house before a hurricane. Not so. There are still lots and lots of people on Facebook who are as exposed on the internet as Katy Perry at that water park. Go to your Facebook privacy settings and make sure the “default privacy” setting isn't set to "public"! If it’s set to “Custom” make sure you know and understand any “Networks” you’re sharing with.
7 Use unique passwords for every site you go to. This sounds really difficult but - surprise - it is quite simple! Password managers come in many sizes and flavors these days. They will generate complex passwords and remember them for you. Protect yourself against phishing scams, online fraud, and malware. Many of these apps have versions you can use on your computer as well as on your tablet and phone. Some are free and some cost money. Your choice. Here, let me show you how simple it is to find a bunch of them: http://bit.ly/V4xehO! As I said, there are many - the one I use is this one here.
8 Clear your browser history and cookies on a regular basis. Do you remember the last time you did that? If you just shrugged, consider changing your browser settings so it is automatically cleared every session. Go to the “privacy” setting in your Browser’s “Options.” Tell it to “never remember your history.” This will reduce the amount you’re tracked online. Consider one of the several browser add-ons, like TACO, to further reduce tracking of your online behavior.
9 Read the posted privacy policy. Boring, isn't it? Every web site has one and likely for a good reason. Have you ever seen the XDA Privacy Policy? Yup, that's just what I thought!
In conclusion, here's one from the Wall Street Journal's Law Blog.
As I said, this is not a technical article but it may make you think if it does the job right.
Sixth Circuit: No Expectation of Privacy in Cell Phone GPS Data
Drug dealers, beware. Your pay-as-you-go phones probably have GPS. And, according to a federal appeals court in Cincinnati, police can track the signal they emit without a warrant.
The U.S. Court of Appeals for the Sixth Circuit ruled that the Drug Enforcement Administration committed no Fourth Amendment violation in using a drug runner’s cellphone data to track his whereabouts. The DEA obtained a court order to track Melvin Skinner’s phone, after finding his number in the course of an investigation of a large-scale drug trafficking operation.
The DEA didn’t know much about Mr. Skinner or what he looked like. They knew him as Big Foot, the drug mule, and they suspected he was communicating with the leader of the trafficking operation via a secret phone that had been registered under a false name. Agents used the GPS data from his throw-away phone to track him, and he was arrested in 2006 at a rest stop near Abilene, Texas, with a motorhome filled with more than 1,100 pounds of marijuana.
Mr. Skinner was convicted of drug trafficking and conspiracy to commit money laundering. On appeal, he argued that the data emitted from his cell phone couldn’t be used because the DEA failed to obtain a warrant for it, in violation of the Fourth Amendment.
The question in the case was whether Mr. Skinner had a reasonable expectation of privacy in the data his phone emitted. It’s a question that several courts are wrestling with. Federal law enforcement authorities, as in this case, say that investigators don’t need search warrants to gather such information.
Justice Department lawyers argued in a court brief that “a suspect’s presence in a publicly observable place is not information subject to Fourth Amendment protection.”
Judge John M. Rogers, writing for the majority, agreed:
There is no Fourth Amendment violation because Skinner did not have a reasonable expectation of privacy in the data given off by his voluntarily procured pay-as-you-go cell phone. If a tool used to transport contraband gives off a signal that can be tracked for location, certainly the police can track the signal. The law cannot be that a criminal is entitled to rely on the expected untrackability of his tools. Otherwise, dogs could not be used to track a fugitive if the fugitive did not know that the dog hounds had his scent. A getaway car could not be identified and followed based on the license plate number if the driver reasonably thought he had gotten away unseen. The recent nature of cell phone location technology does not change this. If it did, then technology would help criminals but not the police.
He was joined by Judge Eric L. Clay. Judge Bernice B. Donald, who concurred but disagreed with the majority’s Fourth Amendment reasoning, said the DEA couldn’t have figured out the identity of Mr. Skinner, the make and model of his vehicle or the route he would be driving without the GPS data from his phone.
“It is not accurate…to say that police in this case acquired only information that they could have otherwise seen with the naked eye,” she wrote. “While it is true that visual observation of Skinner was possible by any member of the public, the public would first have to know that it was Skinner they ought to observe.”
A lawyer for Mr. Skinner didn’t immediately respond to a request for comment.
Comments? Suggestions? Ideas? They are all welcome.
Flame wars (relating to privacy or otherwise) are not. :-]
[GUIDE] Some incredibly simple things to protect YOUR PRIVACY - Part 2
Cameras on smart phones, getting better with each generation of new devices, allow people to take pictures or videos on the go and transmit these images by e-mail or post them to the Web. With phone in hand, unexpected sightings of celebrities can be snared with a flick of the wrist (turning the celled into the 'snaparazzi'), as can chance encounters with pretty girls or gorgeous sunsets. Their impact can be great for both good and evil.
Not too long ago two men lit themselves on fire in protest. But only one of them is credited with starting a revolution.
The difference between the two? Mobile phones recorded Mohamed Bouazizi, a Tunisian fruit vendor, as he set himself ablaze in despair over his economic plight. Those videos kicked off the wave of 2011 Arab Spring demonstrations.
Abdesslem Trimech, the other man, fell into relative obscurity. (Source: The Mobile Wave: How Mobile Intelligence Will Change Everything by Michael Saylor)
Back in 2005, a retail fraud investigator for one of the larger chain stores said that while he was still unable to capture a usable image of a credit card from even the then newer camera phones, he has been able to grab readable images of all account and routing info from the personal checks customers have produced at the checkout. Check writers, he says, have a tendency to "lay out" their check books on the writing counter at the registers and keep them stationary enough to obtain a clear image of all the personal information printed on the check. He has also tested this theory with camera-equipped palm tops and has found that with the adjustable resolution he has been able to get a pretty clear picture, with zoom, from a reasonable distance away (3-5 feet). So at this point in time, as phone cameras get better and better, your credit card might still be secure but your personal check might not be.
So, what personal information does your mobile phone reveal about you? Do you know? Do you care?
It seems that many people are slowly becoming more aware of the pitfalls and the mobile-privacy concerns.
According to reports, 54% of cell phone users in the U.S. have decided not to install an app once they discovered how much of their personal information it would access. (The amount of sensitive info an app can access typically is indicated by the "permissions" the app requests, listed on its information page.)
Also, nearly one-third of mobile app users report uninstalling an app from their phone because they learned it was collecting personal information they didn't wish to share.
We need to first be aware and also be willing to actively take steps in order to protect our own privacy. Children of all ages need to be carefully taught as well.
Okay, but what about students? Do students have an expectation of privacy on their cell phones while at school?
The short answer to this in the U.S. is a qualified yes. Whether educators have the authority to search the contents of student cell phones depends on a lot of factors. The key issue in this is the standard of reasonableness. According to New Jersey v. T.L.O (1985) students are protected by the Fourth Amendment to the U.S. Constitution which protects citizens against unreasonable searches and seizures. In T.L.O., the Supreme Court goes on to say that the standard that law enforcement officers must reach to conduct a search (probable cause that a crime has been committed), is not required of educators. In general, the standard applied to school officials is whether the search is “justified at its inception and reasonable in scope.” (See When can educators search student cell phones)
What information should children be taught NEVER to reveal?
The suggestions depend on their age. Common 'wisdom' suggests the following:
Elementary School Kids should NEVER share (their own or another’s):
Age
Full Name
Address
Phone Number
Name of School
Password Information
Images (with possible exception depending on parental involvement)
Middle School Kids should NEVER share (their own or another’s):
Age
Full Name
Address
Phone Number
Name of School
Password Information (even to friends)
Most Images (At this age, kids get into social networking and will be sharing images via cell phones and digital cameras. Parents should focus on limiting the images their children share online)
High School Kids should NEVER share (their own or another’s):
Address
Phone Number
Password Information (even to friends)
Offensive or Sexually Suggestive Images or Messages
If you managed to get this far there must have been something that concerned you.
Congratulations! Learning more about privacy is the first step.
Here's one more little trick you might try since you spent all the time getting here. :highfive:
Want to have an unlisted phone but would not like to have to pay monthly for it? Ask your phone company to replace your last name with another name - your grandmother’s maiden name or something that you never use. This will cost a few dollars, but works very well. Many phone companies will do this for you. No monthly fees for having your number unlisted and as soon as you hear someone calling you Mr. {your grandmother’s maiden name}, you can either block the number or request to be put on the company’s Do Not Call List or <fill in the blank of your choice>. Note that Caller ID takes its information from the phone book, so you will be identified as Mr. {your grandmother’s maiden name} on Caller ID units of people you call unless you turn this feature off.
Another helpful addition to the listing (available in some areas) is: "(data line)", meaning that the phone number is connected to a fax or computer and not to a live person. Check with your local company if this option is available.
Some time ago, in a concerted effort, multiple ACLU affiliates filed a total of 381 Freedom of Information Act (FoIA) requests in 32 states, asking local law enforcement agencies to disclose how they are using mobile phone location data.
The FoIA request in North Carolina struck gold: a copy of an official Department of Justice flyer, dated August 2010 that explains exactly what data is retained by Verizon Wireless, T-Mobile, AT&T, Sprint, and Sprint division Nextel. There's an enhanced copy on the ACLU website.
The eye-openers:
All of the mobile phone companies keep details about the location of cell towers used by every phone, for a year or longer.
All of the mobile phone companies keep records about voice calls and text messages received and sent for a year or longer. Verizon stores the contents of every text message for three to five days. (The others don't keep the text.)
IP session information -- tying your phone to an IP address -- is kept for a year by Verizon and 60 days on Sprint and Nextel.
IP destination information -- which IP addresses you connected to -- is stored for 90 days at Verizon and 60 days on Sprint and Nextel.
The ACLU is gathering information on what steps local police have to go through in order to acquire that stored data: warrants, formal requests, emergencies, possibly even informal procedures. They're also trying to figure out how law enforcement agencies share the data and how long it is retained.
There doesn't appear to be any sort of uniform nationwide policy or widespread judicial precedent.
The ACLU is also looking at law enforcement requests to "identify all of the cell phones at a particular location" and "systems whereby law enforcement agents are notified whenever a cell phone comes within a specific geographic area."
If you have been concerned about privacy and location data being leaked sporadically on your iOS or Android or Windows Phone device it seems you have been looking at very, very small potatoes!
Comments? Suggestions? Ideas? They are all welcome.
Flame wars (relating to privacy or otherwise) are not. :-]
[ Another place holder ]
[GUIDE] Some Incredibly Simple Things To Protect Your Privacy!
If you find this thread helpful then do not forget to
Rate: *****
Submit thread as News Tip
If you find a particular post is helpful, please click on the Thanks button
If you are using XDA App or Tapatalk, long press on the post and select :good: Thanks
Thanks ny_limited - I just did all these!
Cheers
Tom
Szczepanik said:
If you find this thread helpful then do not forget to
Rate: *****
Submit thread as News Tip
If you find a particular post is helpful, please click on the Thanks button
If you are using XDA App or Tapatalk, long press on the post and select :good: Thanks
Thanks ny_limited - I just did all these!
Cheers
Tom
Click to expand...
Click to collapse
Appreciate the kind works, Tom, but.. This thread is for the non-technical ones among us. I suspect you are more technical than I am thus you hardly qualify to be here.
Thanks for the tips.
For extra protection, there's quite a few security apps on the market that will lock whatever information sensitive apps you want locked, usually with the same security options that your phone offers i.e. Password, PIN, pattern etc.
Just search "app lock" in the play store, for those interested.
--> dominating your screen from my t-mobile gs3, powered by: FreeGS3 R7 "Resurrection"
Complacency is one thing that most if not all internet/mobile/computing user have. I always advocate "Do not remember my password" while browsing from any form of medium to my friends. You never know when you will get compromised. Just leave your computer for a moment, your friend with malicious intent can extract all your private information with a simple and obtainable usb trick..
Even the thing most personal to me, my mobile phone, has no sites on "Log me in always" checked.
I hope websites would leave the box unchecked, as sites I visit always encourage user to have that option enabled. E.g. Ebay, Facebook..
Post # 2 has been updated just in case you need more reading material.
ny_limited said:
Post # 2 has been updated just in case you need more reading material.
Click to expand...
Click to collapse
like 1 better :good:
coohdeh said:
like 1 better :good:
Click to expand...
Click to collapse
Agreed. I guess I really didn't need the 3rd placeholder after all.
---
Spes in virtute est. (via XDA app)
This article is just over a year old but still makes good reading if you haven't seen it yet.
Few people would willingly carry around a device that tracks their movements, records their conversations, and keeps tabs on all the people they talk to. But, according to documents recently released by the American Civil Liberties Union, cell phone companies are doing all of that -- and may be passing the information on to law enforcement agencies.
"Retention Periods of Major Cellular Service Providers," an August 2010 document produced by the Department of Justice, outlines the types of information collected by various cell phone companies, as well as the amount of time that they retain it. On some levels, this is reassuring: Verizon (VZ) is the only company that holds on to text message content, and they erase it after 3-5 days. However, text message details -- the information about who you text with -- is retained for a minimum of a year, with some companies keeping it for up to seven years. In other words, that little back-and-forth you had with Bernie Madoff back in 2007 will be on the books until 2014.
Complete article is here
Click to expand...
Click to collapse
The privacy buck stops with the user
Yes, those terms of service are annoying. They're usually too complicated and too long, and users who want a certain mobile app will be inclined to click 'next' without actually reading the fine print, even if they're worried about what rights they're signing away. Still, "cellphone users need to take responsibility for their own data," maintains Steve Durbin, global VP of the Information Security Forum.
Click to expand...
Click to collapse
Cellphone and smartphone users have a love-hate relationship with mobile apps. While they love the functionality and enhanced user experience they bring to the table, clearly many hate the perceived privacy intrusions, suggests a newly released report from the Pew Internet & American Life Project.
More than half -- 54 percent -- of app users surveyed decided against installing a cellphone app when they discovered how much personal information they would need to share in order to use it. Thirty percent uninstalled an app that was already on their cellphone because they learned it was collecting personal information that they didn't wish to share.
Many cellphone users take additional steps to protect the personal data on their mobile devices, including backing up photos, contacts and other files -- tasks performed by 41 percent of those surveyed. Some 32 percent have cleared the browsing or search histories on their phone, and 19 percent have turned off the location-tracking feature due to privacy concerns.
Finally, 12 percent of cell owners say that another person has accessed their phone's contents in a way that made them feel that their privacy had been invaded.
The complete article was written by Erika Morphy and published in the E-Commerce Times in September.
i just know that you can monitor the keywords via google alerts
some useful information here. Thanks a lot!
More cell phone privacy notes
Police Searches of Cell Phones
You may have a legitimate expectation of privacy of the information stored in your cell phone, and so a search warrant may be needed before a police officer can look at your phone's data. However, an officer has the authority to search a cell phone when the search is "incident to an arrest." The search is deemed similar to an officer that searches a closed container on or near a person that he's arresting.
Traditional search warrant exceptions apply to the search of cell phones. Where the accessing of memory is a valid search incident to arrest, the court need not decide whether exigent circumstances also justify the officer's retrieval of the numbers from your cell phone. Police officers are not limited to search only for weapons or instruments of escape on the person being arrested. Rather, they may also, without any additional justification, look for evidence of the arrestee's crime on his person in order to preserve it for use at trial.
Illegally Intercepted Communications
Most people would think that public broadcasting of an illegally intercepted cell phone conversation would be illegal. Well, the US Supreme Court has found that (U.S.) the First Amendment allows an illegally intercepted cell phone conversation to be shared with others when the conversation involves matters of significant public interest. The lesson here is to be careful because technology has increased the chances that your cell phone conversations are being recorded and could be made public or used against you.
Cell Phone GPS Tracking
Although there are many advantages to cell phone GPS tracking, there are also privacy concerns. As most people carry their cell phone with them at all times, the ability is in place to track the exact movements of all individuals. Cell phone GPS could prove useful in saving lives during emergencies.
For these reasons the (U.S.) Federal Communications Commission (FCC) requires wireless network providers to give the cell phone GPS tracking location information for 911 calls that have been made from cell phones. This is known as E911. The law on E911 is fairly explicit. It allows carriers to provide tracking location information to third parties for E911 emergency calls only, however not under any other circumstances whatsoever without the consent of the cell phone owner. Recent court hearings have disallowed the requests of law enforcement agencies to obtain cell phone GPS tracking information from the cell phone companies for suspects in criminal investigations.
The complete article was written and published on Lawyers.com.
Instagram says it now has the right to sell your photos
Instagram said today that it has the perpetual right to sell users' photographs without payment or notification, a dramatic policy shift that quickly sparked a public outcry.
The new intellectual property policy, which takes effect on January 16, comes three months after Facebook completed its acquisition of the popular photo-sharing site. Unless Instagram users delete their accounts before the January deadline, they cannot opt out.
Under the new policy, Facebook claims the perpetual right to license all public Instagram photos to companies or any other organization, including for advertising purposes, which would effectively transform the Web site into the world's largest stock photo agency. One irked Twitter user quipped that "Instagram is now the new iStockPhoto, except they won't have to pay you anything to use your images."
"It's asking people to agree to unspecified future commercial use of their photos," says Kurt Opsahl, a senior staff attorney at the Electronic Frontier Foundation. "That makes it challenging for someone to give informed consent to that deal."
The complete article is written by Declan McCullagh and published in c|net.
Thanks to FameWolf for the link!
Horrible Autoplay Video Ads Are Coming to Facebook
Facebook will unveil a new video ad product that will auto-play commercials upon arrival, executives told AdWeek's Jason del Ray. This most annoying addition, which will allow advertisers a chance to slap unsolicited videos all over the Facebook news feed, is expected to launch by April 2013, the sources say. And, to reiterate, yes, these will be the same variant of videos that pollute the ESPN.com homepage — the ones that start without you asking them to.
Facebook, which has been trying just about every kind of new ad it can this year, has not yet decided if these commercials will automatically play with or without sound. But in either case, you can bet they'll be a pain — and you can expect plenty of frustrated users. On the desktop version of Facebook, the vids will expand "out of the news feed into webpage real estate in both the left and right columns -- or rails -- of the screen," explains del Ray. Meaning: they will be everywhere. Also, for people who use a million tabs on older computers, imagine a ton of video playing over and over: slow-load city. Add a little audio in the mix and we can already see the confused masses looking for that one tab with the unwanted sound coming out of it. Oh, yeah, this is a really great idea, Facebook. As if you weren't full of those this week already.
The complete article is written by Rebecca Greenfield, published in The Atlatic Wire
ny_limited said:
Instagram said today that it has the perpetual right to sell users' photographs without payment or notification, a dramatic policy shift that quickly sparked a public outcry.
The new intellectual property policy, which takes effect on January 16, comes three months after Facebook completed its acquisition of the popular photo-sharing site. Unless Instagram users delete their accounts before the January deadline, they cannot opt out.
Under the new policy, Facebook claims the perpetual right to license all public Instagram photos to companies or any other organization, including for advertising purposes, which would effectively transform the Web site into the world's largest stock photo agency. One irked Twitter user quipped that "Instagram is now the new iStockPhoto, except they won't have to pay you anything to use your images."
"It's asking people to agree to unspecified future commercial use of their photos," says Kurt Opsahl, a senior staff attorney at the Electronic Frontier Foundation. "That makes it challenging for someone to give informed consent to that deal."
The complete article is written by Declan McCullagh and published in c|net.
Thanks to FameWolf for the link!
Click to expand...
Click to collapse
Instagram has backed off the language in its new privacy and terms of service policies that set off a significant firestorm online. Instagram cofounder Kevin Systrom posted on the company’s blog under the title “Thank you, and we’re listening”. Whether you believe him or not you can read more about it at Forbes.
Happy New Year, everyone!
Enjoy the festivities!
Will see you all next year!
New 2013 CA laws affect online privacy, homeowners, schools
From protecting your online privacy to party buses, there are 750 new California (USA) laws taking effect in 2013.
The complete KABC-TV (Los Angeles) article of January 1, 2013 can be found here.
[USA] New laws keep employers out of worker social media accounts
Employers in Illinois and California cannot ask for usernames and passwords to the personal social media accounts of employees and job seekers under laws that took effect on Jan. 1.
Illinois Gov. Patrick Quinn in August signed legislation amending the State's 'Right to Privacy in the Workplace Act.'
California Gov. Jerry Brown signed legislation adding the prohibitions to the State's Labor Code in September.
The two states join Maryland, Michigan, New Jersey and Delaware in implementing such privacy laws.
Full ComputerWorld article: http://bit.ly/118L2tM
What absolute [email protected]
So... how do we get around this?
The First Horseman of the Privacy Apocalypse Has Already Arrived: Verizon Announces Plans to Install Spyware on All Its Android Phones
Within days of Congress repealing online privacy protections, Verizon has announced new plans to install software on customers’ devices to track what apps customers have downloaded. With this spyware, Verizon will be able to sell ads to you across the Internet based on things like which bank you use and whether you’ve downloaded a fertility app.
Verizon’s use of “AppFlash”—an app launcher and web search utility that Verizon will be rolling out to their subscribers’ Android devices “in the coming weeks”—is just the latest display of wireless carriers’ stunning willingness to compromise the security and privacy of their customers by installing spyware on end devices.
The AppFlash Privacy Policy published by Verizon states that the app can be used to
“collect information about your device and your use of the AppFlash services. This information includes your mobile number, device identifiers, device type and operating system, and information about the AppFlash features and services you use and your interactions with them. We also access information about the list of apps you have on your device.”
Troubling as it may be to collect intimate details about what apps you have installed, the policy also illustrates Verizon’s intent to gather location and contact information:
“AppFlash also collects information about your device’s precise location from your device operating system as well as contact information you store on your device.”
And what will Verizon use all of this information for? Why, targeted advertising on third-party websites, of course:
“AppFlash information may be shared within the Verizon family of companies, including companies like AOL who may use it to help provide more relevant advertising within the AppFlash experiences and in other places, including non-Verizon sites, services and devices.”
In other words, our prediction that mobile Internet providers would start installing spyware on their customers’ phones has come true, less than 48 hours after Congress sold out your personal data to companies like Comcast and AT&T. With the announcement of AppFlash, Verizon has made clear that it intends to start monetizing its customers’ private data as soon as possible.
What are the ramifications? For one thing, this is yet another entity that will be collecting sensitive information about your mobile activity on your Android phone. It’s bad enough that Google collects much of this information already and blocks privacy-enhancing tools from being distributed through the Play Store. Adding another company that automatically tracks its customers doesn’t help matters any.
But our bigger concern is the increased attack surface an app like AppFlash creates. You can bet that with Verizon rolling this app out to such a large number of devices, hackers will be probing it for vulnerabilities, to see if they can use it as a backdoor they can break into. We sincerely hope Verizon has invested significant resources in ensuring that AppFlash is secure, because if it’s not, the damage to Americans’ cybersecurity could be disastrous.
AppFlash is just a custom bloated version of the Google Search Bar with intense focus on data mining. This is essentially a widget, which belongs to a package, which should be able to be disabled/uninstalled depending on its implementation. You may need a rooted phone to fully remove it from the system - but time will tell. Either way, this will end up in my pile of other Verizon 'Services/Apps' that are either uninstalled or frozen.
the_rev said:
But our bigger concern is the increased attack surface an app like AppFlash creates. You can bet that with Verizon rolling this app out to such a large number of devices, hackers will be probing it for vulnerabilities, to see if they can use it as a backdoor they can break into. We sincerely hope Verizon has invested significant resources in ensuring that AppFlash is secure, because if it’s not, the damage to Americans’ cybersecurity could be disastrous.
Click to expand...
Click to collapse
I find this comment amusing - eluding that 'hackers' don't probe every single aspect of a system and it's software, but now that this application is going to be pushed you better worry!
Calm down. The sky isn't falling yet.
"UPDATE: We have received additional information from Verizon and based on that information we are withdrawing this post while we investigate further. Here is the statement from Kelly Crummey, Director of Corporate Communications of Verizon: "As we said earlier this week, we are testing AppFlash to make app discovery better for consumers. The test is on a single phone – LG K20 V – and you have to opt-in to use the app. Or, you can easily disable the app. Nobody is required to use it. Verizon is committed to your privacy. Visit www.verizon.com/about/privacy to view our Privacy Policy.""
https://www.eff.org/deeplinks/2017/...e-has-already-arrived-verizon-announces-plans
Oh, and what can you do about it? You can vote every single individual in Congress that voted for repealing these protections out of office. Be vocal about this with friends and family. The general population does not understand this issue. I have answered so many questions like "So, if I clear my browser history this doesn't matter, right?" lately that it makes me sick to my stomach.
Averix said:
Oh, and what can you do about it? You can vote every single individual in Congress that voted for repealing these protections out of office. Be vocal about this with friends and family. The general population does not understand this issue. I have answered so many questions like "So, if I clear my browser history this doesn't matter, right?" lately that it makes me sick to my stomach.
Click to expand...
Click to collapse
This. Vote out every single person who voted to repeal what we've spent years fighting for. They let their own monetary gains guide their decisions and not what's best for the people, which is what their job is.
It's absolutely baffling to me how many people just don't give 2 fks about having companies mine personal and sensitive information about them. The classic "If you don't have anything to hide, then what does it matter" argument instantly enrages me.
Sent from my Samsung Galaxy S7 Edge using XDA Labs
just calm down.. I've been telling everyone about this for past 4 years.its not just this app.but hard bedded in every device..the only way to get rid of any of it is educate yourself on removing it. .as for the comment about hackers knowing the weaknesses.hes absolutely right...the good amd bad hackers.not all of us are bad.
All of this concern over potential "spyware" on our devices is laughable because some of you may be missing the big picture here. Regardless of carrier-introduced data capturing apps or malware, etc on the device itself, carriers already store all user data and wireless data transmissions, texts, etc. This data is accessed by whomever has the "authority" to access it. If you are a suspect in a homicide for example, the homicide detectives will get a quick signature from a judge to retrieve all of you phone records including gps, tower pings, internet, incoming & outgoing texts, etc. Who's to say who phone carriers share your regular data with? You can't prove if they do or don't.
Within the last few hours of Obama's presidency, he did the unthinkable by legalizing the sharing of intelligence and sensitive data between numerous intelligence agencies so they can all share sensitive data between one another at their whims. The obvious reason for this was to better mask the source of the information and blur the lines of responsibility for the data retrieved. Data not only from citizens, but from anyone in the government, FBI, CIA, NSA, etc is able to be retrieved at any time and used for legal purposes and even illegal purposes if you have been paying attention lately. We now get to enjoy complete invasion of privacy in our daily lives. Not just with our cell phones. I find this topic useless at this point. So I have to say... unless you're doing something illegal, you have nothing to be concerned about and electronic privacy is non-existent these days so don't let that fool you. Someone posted that my last sentence instantly infurates them... well this is the facts so be infurated my friend because it's the truth. Nobody is able to defeat the electronic data that is stored and accessed by those who have the "authority" to access it. Get over it.
As for defeating ads and stuff like that, well that's a different topic all together.
tx_dbs_tx said:
All of this concern over potential "spyware" on our devices is laughable because some of you may be missing the big picture here. Regardless of carrier-introduced data capturing apps or malware, etc on the device itself, carriers already store all user data and wireless data transmissions, texts, etc. This data is accessed by whomever has the "authority" to access it. If you are a suspect in a homicide for example, the homicide detectives will get a quick signature from a judge to retrieve all of you phone records including gps, tower pings, internet, incoming & outgoing texts, etc. Who's to say who phone carriers share your regular data with? You can't prove if they do or don't.
Within the last few hours of Obama's presidency, he did the unthinkable by legalizing the sharing of intelligence and sensitive data between numerous intelligence agencies so they can all share sensitive data between one another at their whims. The obvious reason for this was to better mask the source of the information and blur the lines of responsibility for the data retrieved. Data not only from citizens, but from anyone in the government, FBI, CIA, NSA, etc is able to be retrieved at any time and used for legal purposes and even illegal purposes if you have been paying attention lately. We now get to enjoy complete invasion of privacy in our daily lives. Not just with our cell phones. I find this topic useless at this point. So I have to say... unless you're doing something illegal, you have nothing to be concerned about and electronic privacy is non-existent these days so don't let that fool you. Someone posted that my last sentence instantly infurates them... well this is the facts so be infurated my friend because it's the truth. Nobody is able to defeat the electronic data that is stored and accessed by those who have the "authority" to access it. Get over it.
As for defeating ads and stuff like that, well that's a different topic all together.
Click to expand...
Click to collapse
The main issue is the blatant disregard by our government to even acknowledge the American people's privacy. Of course this all comes down to money and corruption as usual. For a simpler solution to a lot of these issues is remove all of the lobbyists, but I digress.
Look at it this way people. No one is pointing a gun at your head making you use cell phones social media, etc. If you don't want to be spied on buy a house in the mountains with no outside connections and enjoy life.
Hello everyone,
We're trying to create a new open-source app distribution platform named Spheris, using blockchain technology. We are really interested in your thoughts – both devs and users. We're also open for possible collabs for those who are interested.
We’re utilizing Ethereum’s blockchain technology to build Spheris as a decentralized platform. This makes a lot of cool things possible:
No registration and transaction fees, as opposed to traditional app marketplaces who charge up to $100 for registration and 30% per each transaction. No technical restrictions or censorship. Optional anonymity. Forget about the need for credit card companies or banks – you will be able to buy and sell apps using our digital currency (Spheris tokens), with the option to exchange for other digital currencies (such as Ethereum or Bitcoin).
Customers will be able to purchase apps without going through registration and without credit cards. We’re also trying to accommodate devs whose apps have been removed from Google Play for questionable reasons.
Your Feedback = Extremely Important
We are in the early process of gathering valuable feedback from devs, and see if this is a platform that devs would like to be on. For users – do you guys see this as a platform you would buy apps from? Would love to start a discussion! For devs - have you had bad experiences with app stores (de-listing, ranking issues, not being accepted etc)? Does the concept of decentralization sound like something you might want to be a part of?
If you need more info, have a look at spheris.io or just ask me here.
Your questions and feedback are much appreciated,
Thanks
PS - apologies if this isn't the right forum for this topic!
Hi guys,
I'm starting this thread to discuss the "eelo" project and post news about it.
"eelo" is an initiative to release a global and appealing alternative to Apple, Google, ... with as much privacy as possible, with open-source as an ideal.
The eelo ROM is going to be forked form LineageOS and won't include anything from Google proprietary services.
eelo web-services will include email, search, online office... as a consistent, sustainable and global offering.
I've been thinking about this project for several years, and now I think most of the bricks for the project are available. They "just" need to be put together and polished as a consistent offer.
This is a non-profit project, in the public interest.
I'd love to read your your ideas/suggestions about eelo!
Cheers,
Gaël
Update: I'm posting here the "foundation" articles about eelo:
1/ Leaving Apple and Google : my “eelo odyssey” – Introduction
In 1998, I created Mandrake Linux, because I was both a Linux fan and didn’t like Windows on the desktop. It’s been a long time, and I’m very happy I’ve been one of the actors who contributed to make the Linux desktop possible, even though it didn’t completely succeed. Since then, the smartphone has emerged. And it’s now a “companion of life” for many of us. On my side, I’ve been using Apple iPhones exclusively, since 2007. The main reason behind this choice is that I like iOS. It covers my needs, it looks great and elegant, and I find it very intuitive to use.
Also, over the past years, I moved from my (Mandrake/Mandriva and then Ulteo) Linux desktop to MacOS. There has been a professionnal reason for that, since I often need XCode for building iOS applications. But also, it’s very convenient to use in conjunction with other Apple devices. I can get my text messages on MacOS, I can answer a call hand-free, I have my notes synced accross my devices.
But talking with friends this year, I realized that I had become lazy and that my data privacy had vanished.
Not only I wasn’t using Linux anymore as my main operating system, but I was also using a proprietary OS on my smartphone. And I was using Google more and more. Search of course, but also Google Mail, Google drive and Google docs. And Google Maps.
I’M DEFINITELY NOT HAPPY WITH THAT SITUATION.
I’m not happy of this situation because iOS is proprietary and I prefer Open Source Software. And Apple is getting crazy, with their latest products. Too expensive, not really exciting. It also has some design issues in my opinion. It has become a social act to buy an iPhone: “see, I can buy it”. Buying an iPhone has become a snob attitude and I hate that.
Also I’m not happy because Google has become too big and is tracking us by catching a lot of information about what we do. They want to know us as much as possible to sell advertizing.
Like millions others, I’VE BECOME A PRODUCT OF GOOGLE.
Last, I think that, in the long run, Apple, Google, Facebook etc. business models are harmful for our economical and social environments.
So I want to stop that. People are free to do what they want. They can choose to be volunteery slaves. But I do not want this situation for me anymore.
Reconquer my privacy
I want to reconquer my privacy. My data is MY data. And I want to use Open Source software as much as possible.
At the same time, what exists at the moment doesn’t exactly fit my needs: of course I don’t want to use stock Android. It’s Google everywhere and its default user interface is bad (my taste).
Also, I’d like to find good online tools such as office, email services etc. that don’t belong to Google.
And I’d like to have the same confort that I have with iOS and MacOS with synchronized services.
I know about a few initiatives, in particular “PureOS” is very interesting and appealing if you want a 100% pure-Free Software. But that is definitely not something I would use daily, at least not in its current state. I need something I could even recommend to my parents or my children. Something appealing, with guarantees for more privacy. Something that we could build in a reasonable amount of time, something that will get better and better over time.
So let’s build something new! “eelo”
My decision is taken: I’m going to build something new that will be open source (as much as possible) and very attractive. At least for me, but probably it could be attractive for a few others as well.
I’ve played with LineageOS for a few months and I think it’s the way to go. You can recompile it, improve it, fork it… and that’s what I’m going to do.
Some nice web services also seem to be viable alternatives to Google apps, so I’m going to explore that and possibly aggregate that into a single service. And offer guarantees to users of this new project.
This is an odyssey, this is a non-profit project
I call the project “eelo” because eels are small fish that can hide into the sea. That’s perfect for my quest of more privacy.
I want eelo to be a non-profit project “in the public interest”. I think operating systems and web services should be a common resource: as I explained a few year ago, this is infrastructure, like phone networks, rail tracks, roads…
Non-profit doesn’t mean nothing will be for sale. Probably some eelo smartphone will be for sale, and some premium services will be available for corporates. But profit won’t be the first focus of eelo.
Eelo will be for users first, for everyone who cares about their data privacy, for everyone who wants to use exciting products, for everyone who wants to join an exciting new project.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
So… starting from now, I will periodically post my progresses to release an appealing alternative for the mobile and for web services.
Next time, I’ll show how LineageOS can be hacked, rebuilt and improved for eelo!
If you are interested in that odyssey, as a potential user or contributor, you can register at the eelo.io website.
Next part in this thread:
- 2/ eelo: the mobile OS
- 3/ eelo: web services
New post about eelo web services: "Leaving Apple and Google: my “eelo odyssey”. Part2: web services"
(URL removed per request from this forum mods)
leaglavud said:
New post about eelo web services:
Leaving Apple and Google: my “eelo odyssey”. Part2: web services
Click to expand...
Click to collapse
You write about a new launcher. Can we see the sources?
kurtn said:
You write about a new launcher. Can we see the sources?
We will release sources on GitHun and APK builds of eelo's BlissLauncher on F-droid and APKPure once we think its stable enough and compatible with common screen resolutions.
Click to expand...
Click to collapse
Great!
Please don't use XDA as a way to make money. This includes posting links to crowdfunding campaigns
Thread Cleaned
mark manning said:
Please don't use XDA as a way to make money. This includes posting links to crowdfunding campaigns
Thread Cleaned
Click to expand...
Click to collapse
Hello, I don't see where XDA forbids to post links to crowdfunding campaigns. Can you point me to the correct place in your terms of use?
leaglavud said:
Hello, I don't see where XDA forbids to post links to crowdfunding campaigns. Can you point me to the correct place in your terms of use?
Click to expand...
Click to collapse
No problem mate
13. Advertising and Income Generation
Commercial advertising, advertising referral links, pay-per-click links, all forms of crypto-mining and other income generating methods are forbidden. Do not use XDA-Developers as a means to make money
Click to expand...
Click to collapse
We're not "making money", we have a kickstarter campaign to support eelo, which is non-profit. That's quite different.
leaglavud said:
We're not "making money", we have a kickstarter campaign to support eelo, which is non-profit. That's quite different.
Click to expand...
Click to collapse
https://forum.xda-developers.com/showthread.php?t=3725368
On the thread above I have briefly explained why the crowdfunding / kickstarter threads are not allowed, as you can see, another user opened it up on the same topic.
No one is directly accusing you of trying to make money, no one said you're selling something and we actually appreciate the project initiative but "donate to us to make this happen" is not allowed as per quoted rule.
The funding goal is the amount of money that a creator needs to complete their project. Funding on Kickstarter is all-or-nothing. ... A creator is the person or team behind the project idea, working to bring it to life. Backers are folks who pledge money to join creators in bringing projects to life.
Click to expand...
Click to collapse
I don't really feel happy with keeping this conversation here but as long as you're the OP I feel obliged to do it .
There are hundreds of developers and project initiators around, what if everyone will ask for funding in order to sustain their plans?
The rules says clearly, present / develop the project and if anyone wants to donate is free to do so by freely hitting the donate button, there's no restrictions.
all moderators are illuminati? just 4 gk
:v
Amar 721 said:
all moderators are illuminati? just 4 gk
:v
Click to expand...
Click to collapse
No... I'm on the Darkside
xanthrax said:
No... I'm on the Darkside
Click to expand...
Click to collapse
what does that mean
dark side of the brightness
:v
Leaving Apple and Google: my “eelo odyssey”: the mobile OS
2/ Leaving Apple and Google: my “eelo odyssey”. Part1: the mobile OS
So I came out about my decision to leave Apple and Google. It’s a lifestyle choice to escape the tech giants that make me a product by privatizing my personal data .And I don’t like what Apple is doing now, Apple’s attitude, new iPhone and their price… It’s also an act of freedom for my children and all the people who will care: I want them to have a choice, and also a clear and informed view on how their choices can impact their life and their economical ecosystem as well. That’s what eelo is all about: offering a viable and attractive alternative to users for their digital life.
In this new post I’m going to describe what I was able to do so far on the mobile to get rid of Google and Apple, and what remains to do (spoiler: there’s a lot). In the next part I will explain what how things will need to be adressed on web services and draw a whole picture of the eelo project.
What’s wrong with default AOSP/LineageOS?
Talking about LineageOS, you might think “why do you want to hack something that is already mostly open source and works well?”
The answer is easy: the core of AOSP/LineageOS is usable, and performing well, but it’s not good enough for my needs: the design is not very attractive and there are tons of micro-details that can be showstoppers for a regular user. Also, unless you are a geek, LineageOS is not realistically usable if you don’t want google inside.
The design point
Regarding design, I know that some Android users like it, but I really dislike the default graphical user interface. I find it ugly: icons don’t look good, colors are sad, and I don’t like the launcher ergonomy and behaviour.
So at least we need a new launcher, and better icons. Default notifications don’t look very good either, and I’m not a big fan of the settings part. Compared to the rest of the UI it could be worse, but it’s still quite sad, with a single green color in LineageOS. I’d like something more appealing, and probably better organized.
“Good news”: you can find hundreds of custom launchers and icon themes in the Google Play Store. But either you have to pay for them, or you get free stuff with lots of ads and possibly scams. So not for me.
Bad news, good news
The bad news is that I’m new to Android development and I don’t consider myself a great developer. I can hack things, I can recompile and integrate stuff, but I don’t have enough practise to program a new launcher from scratch without spending weeks on it.
The good news is that I have found a very talendted full-stack developer who is interested in the project. We have agreed, as a first collaboration, to release a new launcher, new notification system and new “control center”.
First successes
I’ve choosen to test custom builds of LineageOS/eelo on a LeEco Le2. It’s a nice 5.5″ smartphone with a 1080×1920 pixel screen, 3GB RAM, 32GB storage, finger sensor in the back, and a 4K camera. It costs about 130€. Yes, that’s about $150. Yes.
Also I’m waiting for a Xiaomi Mi 5S. It’s got a smaller screen and I prefer smaller devices for my own usage. And I’ll probably give a try to the LG G6. (Want to suggest a device? tell me!)
After several weeks of work, we now have a new launcher! It still lacks a few features (such as uninstalling an application), but it’s already fully functional. On this video, you can see the “icon group” feature, and swiping between several launcher pages:
eelo BlissLauncher 1 from eelo on Vimeo.
On this one you can see the “docking icon” feature:
eelo BlissLauncher 2 from eelo on Vimeo.
We call it the “BlissLauncher” just because it’s a great launcher. And we also have a first new notification system and a new unlock screen:
Next time will be to have all that integrated by default in a new fresh build. And at the time of finishing this post, I already succeeded to flash a fresh build with the new launcher and the new notification system.
Getting rid of Google stuff completely
Now we have a better launcher for eelo, and I’m working with a great and very professional designer. He contributed a lot to the Mandrake Linux interface icons in the past, when we redefined all the user interface and all icons. Later he also contributed to first releases of Ulteo, when it was still a cloud-operating system project, and not a Citrix-alternative. We’re working together to redesign default application icons, some wallpapers, splashscreens, and also a first real eelo logo. On the long term, we will have to redesign the full user interface.
But what we want is not only something good-looking, attractive and easy to use. We want more privacy! And Google services are not compatible with my idea of privacy.
Therefore, we don’t want Google Services. We don’t want Google play store. And we probably don’t want most of Google apps such as Calendar, Email etc.
Also, we probably don’t want Facebook either and some other so-called “free” services. This will be user’s choice to install them or not. I know that we cannot change the world in one iteration, this will be step by step.
Each of this point will need to be addressed in Eelo. We will need an independent application repository, an independent and secure email provider, an independent online drive, online office services… All that well integrated in eelo. In the user interest first.
First round without Google
The first time I was able to recompile and flash LineageOS, I soon had to install Google Play Store and Google Play Services to install common applications, or I could do pretty nothing.
But there are some alternative stores. For instance, F-Droid is a very successful APK application repository that provides only 100% open source software applications.
There are other alternative app stores for non-open source applications. For instance there is Aptoide. It provides most common applications such as Twitter, Waze etc. But unfortunately when I checked Aptoide APK packages signatures and sizes, I realized that they were not the same as on Google Play Store. I’m not sure to understand well the reasons behind this situation, at least for common applications, so I looked for other alternatives.
I found APKPure to be a great store for free applications. And trust me, a lot of applications are free! Actually, I realized that on my iPhone I had only free applications. And I know many people who are using only free applications. So APKPure is a great way to go if you don’t want to use Google Play Store and don’t need non-free applications. I checked many of their packages, and they are bit-to-bit identical to the ones available on Google Play Store. There are only official packages.
An alternative to APKPure is Yalp. Yalp is an open source application that is acting as a kind of anonymous proxy to Google Play Store, also providing only official APK packages.
So for applications, I’m now using both F-Droid and APKPure. That’s already very confortable, and I successfully tried dozens apps, including the most used apps (Facebook, Messenger, Twitter, Waze, Telegram, Skype, LinkedIn, Spotify…).
But I think we’d need an “eelo store” that would deliver both:
- official free applications like APKPure
- open source applications like in F-Droid
All that into a single, appealing and fast application, where users could check easily if an app is open source or not, where users could evaluate the application level of privacy, and where users could be able to report some scam issues. We definitely need to add this to the eelo roadmap.
Lovely Google Services
There is a feature that Google has created to jail users within their environment. That’s called “Google Services”. It’s a non-open source service that you have to install if you want to use Google Play Store, for instance. It’s also used by several applications. It provides services such as:
- analytics
- account authentication
- cloud messaging (notifications)
- drive
- geofancing
- maps API
- mobile ads
- games API
…
Developers of Android applications are not forced to use them, but obviously Google is doing their best effort to make them desirable as much as possible, if not mandatory for certain features.
The good news is that many common applications, the ones that everybody is using everyday, are not using Google Services, or they do not rely a lot on them. Probably a lot of developers don’t like to be jailed in a single ecosystem.
As far as I tried, the most problematic applications in this regard seem to be some games, such as Pokemon Go. This one doesn’t seem to be usable unless you have Google Play services installed.
The good news is that there is a nice project that is providing open-source alternatives to Google Services. It’s called MicroG, and eelo will probably integrate it.
Another “great idea” of Google is their SafetyNet Attestation API. It’s something that Android application developers can use to check if the user’s device is an official device that complies with Google’s environment. It examines the hardware, the software, checks wether the device is rooted or not. In the end this can be used to prevent to application to run if the environment doesn’t comply enough with Google’s rules. Fortunately, there is “Magisk” to circumvent this issue. We will probably need to integrate it by default in eelo as well.
What about web search?
Many parts of a modern operating system can lead to “Privacy indiscretions”. So far, I’ve talked about privacy issues that come from within the system.
But if you search for something on Google, it’s very likely that Google can determine that YOU are looking for something in particular. Even if you are not using a google account in you Chrome browser, they can track your IP for instance.
So we definitely need to provide a default search engine alternative to Google search. Probably that we don’t want Bing or Yahoo either, although it’s better to use various search engines so that each of them doesn’t know exactly everything about your searches and therefore cannot consolidate your private information efficiently. We have a few alternatives:
- the well-known DuckDuckGo: even though it heavily relies on Google Search results, it offers privacy guarantees that Google doesn’t offer.
- Qwant is a new search engine that is making big progresses and now has its own index and is offering guarantees on privacy
- there is also the fully open CommonSearch: project, but it’s not ready yet
So I’m considering offering both DuckDuckGo and Qwant as default search engines for eelo search and web browsers that will ship with eelo, while still offering Google (and others) as an option. It’s true that in some cases, it is still offering the best results.
And also…
There is a long list of Internet services that can track you, send and process your personal data in many ways. For instance, using a Gmail (or similar) email account is a great way for Google to learn a lot about you.
But also, some of you probably know about the very fast Google DNS resolver: 8.8.8.8 and 8.8.4.4. DNS resolvers are used all the time and by many applications. They convert domain names to IP addresses. And I say: DO NOT USE Google DNS resolvers. Each time your smartphone is looking for a domain name, Google knows about it and they can add this information to other information they know about you.
Instead, you can use 9.9.9.9 (or 2620:fe::fe IPv6) which is a fast public DNS resolver operated by a non-profit research institute that does not store your IP. And it be accessed throught a secure protocole (TLS).
Of course, it’s all the web-service ecosystem that we need to address. As I said earlier, eelo will provide a mobile system with better privacy, but also some web services such as an online office suite, some online storage etc. We will aggregate some existing web services, improve them if needed, or build new services if nothing is available.
Still, we will face one dark zone: low-level proprietary hardware drivers on smartphones. They are driving the camera, the GPS, various sensors… Hardware vendors do not provide source code for these drivers. And they are extremely difficult to rewrite unless doing some heavy and resource-consuming reverse-engineering. And of course, some of those “black box” drivers could possibly leak users’ private data.
Future options for eelo to address this issue will be to:
- partner with FairPhone or similar 100% open hardware projects
- audit low-level drivers to detect unappropriate behaviors
- design an eelo phone…
Join the eelo odyssey!
As you can see, eelo is a true odyssey. But I think that, maybe for the first time, all bricks are available to build a new, consistent, attractive, independent and mostly-free digital ecosystem that will be more respectful of users, and respect their privacy. And this could eventually challenge the advertizing model that is probably the source of this such bad and supposedly “free” model.
Again, eelo is a non-profit project, it’s a project in the public interest. Everyone who wants to join, please do!
There are many ways to contribute:
- say hello! ? having supporters help a lot
- contribute some ideas, some resources, what you are good at
- introduce us to people who can help
- talk about eelo, share eelo news and articles…
- offer a few mɃ to pay some servers
Also, I’ve started to work on a crowdfunding campaign for eelo, because some resources are needed to bootstrap this project correctly. I’m not sure exactly what this campaign will be able to offer in rewards, but I’m thinking about it. Anybody’s suggestions are welcome!
Next part: 3/ Leaving Apple and Google: my “eelo odyssey”: web services
Leaving Apple and Google: my “eelo odyssey”: web services
3/ Leaving Apple and Google: my “eelo odyssey”: web services
I’m leaving Apple and Google for those reasons and I’m putting this effort into a new project: “eelo“. For this project, one big part is the operating system, in particular the smartphone operating system. I started to work on this part with others, and had first results that make me feel that maybe my move to a better digital privacy is going to be easier than expected ?
But today, a smartphone without internet services would be like a car without gasoline. We need email, we need online storage, we need advanced online applications… Also people like to access our data from several places and devices. The operating system has turned global.
So eelo needs to provide tools that can be accessed from other places, such as a web browser, but probably also from other computers and operating systems: notes, messages, calendar… And of course, we want all this with full respect of the user’s privacy, and no ads.
Many services to address
We need to address a number of internet services and find good alternatives that we can put together into a consistent, intuitive, secure, sustainable and global eelo service.
Here is a scheme of the eelo global system as I have it in mind:
A web service review
– Email
Email means some postfix configuration on servers, with POP3 and IMAP, all with all access secured over TLS. Plus a webmail access (I’m considering to use Mailpile).
iRedMail can set up all that easily, with DKIM and SPF correct configuration, and will even make possible to offer custom domains for the eelo email service.
But if we want a private service, we’ll need security on servers, where emails are stored. That’s a key aspect and we need to apply the best practises for setting up a rock-solid secure server for storing email.
– Search / Maps
I’ve already talked a bit about search in my previous posts. DuckDuckGo and Qwant have become two excellent alternatives to Google/Bing/etc.
But I think we need to set up a generic wrapper for search, like search.eelo.io, and we’ll put whatever we consider to be good behind. That could be an aggregation service as well.
As for maps, there is an awesome and adorable project that is OpenStreetMaps. It’s growing and is catching more and more attention from users and medias as an real alternative to Google Maps.
It also now offers directions and there is a “street view” ongoing project.
We’ll have to integrate it as maps.eelo.io, probably with some customization and dedicated servers.
Of course, all these default settings will be integrated in the eelo ROM (the smartphone operating system).
– Office
We have two choices for a good and open-source Office alternative for online usage: LibreOffice/Collabora and OnlyOffice. My preference goes for OnlyOffice because it’s attractive, efficient and allows realtime online collaboration between several users on office documents.
I’ve used OnlyOffice on my servers for several weeks now, and beside a few glitches, it’s a fully viable alternative to Google Docs or Office365.
– Drive / notes / calendar
The “cloud storage” service is a big and key part of the project. It needs to be very carefully choosen and integrated because it’s going to be at the center of users’ digital life.
There are several projects that offer these features, such as cozy.io, OwnCloud and NextCloud. For now I have tested NextCloud successfully and I must say that it’s amazing!
You can easily set up a NextCloud client on your smartphone, and do the same on other PCs. Then you get all your content synchronized. Very convenient for pictures, documents, notes… I’ve tried on Linux (and Mac) and it works well.
The good news is that NextCloud can also serve a calendar that can be shared/accessed from various devices.
So for now, I’m going with NextCloud. I’m not sure about OwnCloud benefits over NextCloud. Any advice?
The first goal of eelo will be to offer a fully functional and secured implementation of OnlyOffice+NextCloud. As there is a debate about self-hosting, eelo will also provide the service as software instances that can be installed on a user’s server, in the cloud or at home, if they will so.
– Social / Messaging
Of course you are using Facebook. I do as well, not very often though. There is also Twitter. Facebook in particular is a real nightmare in term of users’ privacy. They know a lot about billions users. If you happened to do an advertizing campaign on Facebook, you probably noticed that you can target people categories. Age, gender, place of living, income, … There are dozens criterias that prove that they really know a lot about people.
So Facebook is something we should stop to use in favor of better alternatives. There is a good news: you can use Mastodon. It’s a decentralized social network. Without any central big brother who can use your data to fuel a business model.
The issue is that social networks have a greater value when you can find most of your friends/family there. Which is not the case yet on Mastodon, but in tech communities.
So we’ll keep an eye on Mastodon and see how eelo can interact with the project and possibly integrate it.
As for messaging, everyone will be able to use their messaging app of choice, but eelo will ship with Telegram by default. The reason is that Telegram is probably the most secure messaging app, and also the most respectful of user’s privacy. It also provides quality voice calls over IP. Last but not least, its client is open source (although the server infrastructure is not).
And also…
– ID / translations / …
We will need an identity provider at some point. It will be a central point for authentication. OpenID is an option, although it clearly lacks some momentum at the moment. Brainstorming is needed on this!
While it may be a more minor aspect we’ll also probably need a translation service, voice recognition service, speech service, video/voice streaming services… There are many initiatives in this field, but they are not a priority for now.
About eelo tokens
I’m thinking about releasing eelo tokens, based on Ethereum. It would be a way to get access to some eelo services, and also to thank contributors. Again, most eelo services will be free because it’s the only way to compete against the so-called “free” services from Google, etc., and it will remain in the public interest first. But selling some premium services, high-end eelo smartphones, consulting… will be part of the model to fuel the project and make possible the free services. I have the feeling that using eelo tokens could help a lot to ease service transactions between all the parties involved in eelo.
Next steps for eelo
As we’re continuing the work on the eelo custom ROM, new launcher, and integration of web services, I’m still listening to user’s suggestions about the project, ideas… Many people have already contacted me and hundreds have registered on the eelo landing page, that’s awesome ?
We’ll also probably have a separate eelo development branch for more advanced projects. Actually, I’ve been thinking a lot for a while to turn the smartphone into a conversational device – text or vocal – with conversational apps instead of legacy applications. But that’s cutting-edge development and won’t be available into eelo by default.
An eelo website is now available at eelo.io and we have a Kickstarter campaign that has already done more than 300% of its initial target. Watch the eelo campaign video.
We're recruiting developers!
- android developers
- LineageOS developers/ROM maintainers
- ...
Contact us at [email protected]
— Gaël (follow me on Twitter @gael_duval / on Mastodon @gael@mastodon.social)
This is old text. Where are the sources for the launcher?
A couple of random thoughts:
1: Eelo is an awful name. It sounds like something a baby would come out with, while learning to talk
2: As well as freeing yourself (ourselves) from the tentacles of Google and, if this is about privacy and freedom from tracking; it should aim to avoid using services based in any of the Five-Eyes Countries
Hence:
* Consider Wire (based in Switzerland) instead of Telegram.
* Quitter..no is a pretty full-featured replacement for Twitter. Running on GNUsocial and based in Norway
* Qwant in preference to DDG [France vs US -based]
* Jottacloud -also based in Norway, is a pretty good like-for-like replacement for Dropbox. Same kind of free/paid account tiers.
3: While we're being all 'European' about this (well, I am), can you make sure and use 'European English' in your documentation when you set up the website? Drives me mad when I see Europe-based companies using "color", "center", "...ize", etc.
4: In the same vein, make sure the website invites people to "Contact" you. There's a special place in hell reserved for anyone who uses that puke-inducing phrase 'Reach out"!
kurtn said:
Where are the sources for the launcher?
Click to expand...
Click to collapse
We will release sources on GitHub and APK builds of eelo's BlissLauncher on F-droid and APKPure once we think its stable enough and compatible with common screen resolutions.
xxxmadraxxx said:
A couple of random thoughts:
1: Eelo is an awful name. It sounds like something a baby would come out with, while learning to talk
Click to expand...
Click to collapse
That's not too bad for a just-born project.
2: As well as freeing yourself (ourselves) from the tentacles of Google and, if this is about privacy and freedom from tracking; it should aim to avoid using services based in any of the Five-Eyes Countries
Hence:
* Consider Wire (based in Switzerland) instead of Telegram.
* Quitter..no is a pretty full-featured replacement for Twitter. Running on GNUsocial and based in Norway
* Qwant in preference to DDG [France vs US -based]
* Jottacloud -also based in Norway, is a pretty good like-for-like replacement for Dropbox. Same kind of free/paid account tiers.
Click to expand...
Click to collapse
Thank you for your suggestions. Some of them were already considered actually!
3: While we're being all 'European' about this (well, I am), can you make sure and use 'European English' in your documentation when you set up the website? Drives me mad when I see Europe-based companies using "color", "center", "...ize", etc.
Click to expand...
Click to collapse
What would be your suggestion of wording for a project that is not specially "European" or "American", e.g. worldwide project?
4: In the same vein, make sure the website invites people to "Contact" you. There's a special place in hell reserved for anyone who uses that puke-inducing phrase 'Reach out"!
Click to expand...
Click to collapse
At eelo.io, we have "contact eelo" and "get in touch"
leaglavud said:
What would be your suggestion of wording for a project that is not specially "European" or "American", e.g. worldwide project?
Click to expand...
Click to collapse
Well. Call me a pedant if you like. But if you're offering a language option, you should use the official version of that language, not a regional dialect. As far as I can see, when people pick French, Spanish, Portuguese language options on a website, they're not then given Quebecoise, Mexican Spanish, Brasilian Portuguese... etc. But English speakers are nearly always served up American English --even on sites / by projects that are not based in the US. [Yes, I'm looking at you Ubuntu & Linux Mint!]
It may seem a trivially unimportant point. But, as well as the privacy and data-harvesting concerns, my interest in projects such as yours also stems from a wider worry about the Americanisation of the world, which is being driven by the overwhelming dominance of big American companies in the tech & media worlds. Not automatically defaulting to US English is just one more small gesture non-US-based projects can make towards offering an "alternate viewpoint".
Man, what an undertaking!
Personally, I think the main thing should be to focus on Power Users and Privacy Conscious users, not the masses. Not yet.
First make a 'beautiful' reliable OS according to your desires. Focus on making that the best & a real point of differentiation from what is out there already. Make it as useful and unique as possible. Make it run on the widest range of hardware possible, and as easily as possible. That should be enough of a challenge.
Don't worry about creating cloud services or bundling this-and-that yet. I think that is extremely unimportant to Power Users who will install what they prefer anyway, and use the hardware they prefer ( & can obtain easily or cheaply). It might be useful to sell one model with everything as you envisaged it but I think the main focus should be on testing with a wide variety of phone / tablet hardware available and making it work there.
My priorities go like this:
1. buy cheap Chinese hardware
2. root, remove as disable as much obvious spyware as possible
3. fulfil 95% of app needs from f-droid
4. fulfil 5% of app needs from Play Store using sites such as https://apps.evozi.com/apk-downloader/
5. use device
If you can make step 2 ( above) easy and painless on as much hardware as possible, then I think that would be the best focus of time and resources.