Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Why would iOS be safer from spying than a well setup Android phone?
44 views
Skip to first unread message
Aardvarks
Aug 2, 2016, 3:37:29 PM8/2/16
to
Why would iOS be safer from spying than a well setup Android phone?
What can Google possibly latch onto to spy on our Android actions?
Specific things only.
Not Marketing crap please.
The iOS guys are constantly saying that just using Android alone is
allowing Google to spy on us, which, they say, Apple doesn't do. They say
they're much safer from spying on iOS than we are on Android.
Ok. Where's the beef?
(The iOS guys are like your basic used-car salespeople - they almost never
tell the truth and they can only spout what the Marketing guys tell them to
say - so we're not going to get any provable level of detail from them).
Even though we won't likely get anything from iOS guys that they didn't
read off of a glossy marketing brochure, I'll cc them, just in case they do
know something of what they constantly talk about.
Other than Google Mail and Google Maps and Google browsers (and other apps
common to both platforms), what exactly are they talking about when they
constantly imply they're safer from spying on iOS than on Android?
Specifically, what does Google latch on to in order to "spy" on our Android
activities that Apple doesn't likewise do?
The Apple guys get all their ideas from the admittedly clever Marketing
machine (which knows how to play to their intense fear) so I doubt they'll
be providing any real details to their accusations - yet they still
constantly accuse the Android users of being spied upon by Google simply
for using Android.
I just want to find out the correct answer to the question.
Therefore, I'm just asking *how* Google can spy on us when we are using
Android (that can't be likewise done when were using iOS)?
I maintain a pretty clean single-desktop-pane privacy settings ship, where
I keep a copy of all known Google-specific apps, to ensure I'm not logged
into any one of them: http://i.cubeupload.com/oexktG.gif
And, as you know, I've recently deleted my Google Play ID, where the
Android phone works just fine without a Google ID - so Google can't latch
onto my Google Play ID (which no longer even exists) to "spy" on my Android
activities.
Likewise, I've always had "Location services" set to the recommended
privacy settings, so, apps aren't allowed to use my location:
http://i.cubeupload.com/ugZ1fc.gif
In addition, using App Ops Starter, I've turned off location access to all
Android apps that I don't think need this information, for example:
- Android Settings: http://i.cubeupload.com/mYSCjc.gif
- Network Location: http://i.cubeupload.com/rfmqc7.gif
- Android IP Service: http://i.cubeupload.com/ZCV3yC.gif
etc.
Furthermore, I have location turned off for non-Android apps also, for
example:
- Google Play Services: http://i.cubeupload.com/KbMWVM.gif
- Google Search: http://i.cubeupload.com/ZUiP01.gif
- ES File Explorer: http://i.cubeupload.com/mX8GaS.gif
etc.
Even though the "Advertising ID" menu (and a bunch of other things) are now
no longer in the Android settings menus, I still can bring up "Google
Settings" separately:
http://i.cubeupload.com/N97c9S.gif
And, in those "Google Settings", I can easily reset the "Advertising ID":
http://i.cubeupload.com/SVpOs2.gif
So, without a static "Advertising ID" (and ignoring Google Maps and Google
Mail, which are special cross-platform apps that exist on iOS also), what
Android-specific things can Google possibly latch off of to spy on us while
we're using our Android devices that Apple doesn't also do on iOS?
What can Google possibly latch onto to spy on our Android actions?
Specific things only.
Not Marketing crap please.
The iOS guys are constantly saying that just using Android alone is
allowing Google to spy on us, which, they say, Apple doesn't do. They say
they're much safer from spying on iOS than we are on Android.
Ok. Where's the beef?
(The iOS guys are like your basic used-car salespeople - they almost never
tell the truth and they can only spout what the Marketing guys tell them to
say - so we're not going to get any provable level of detail from them).
Even though we won't likely get anything from iOS guys that they didn't
read off of a glossy marketing brochure, I'll cc them, just in case they do
know something of what they constantly talk about.
Other than Google Mail and Google Maps and Google browsers (and other apps
common to both platforms), what exactly are they talking about when they
constantly imply they're safer from spying on iOS than on Android?
Specifically, what does Google latch on to in order to "spy" on our Android
activities that Apple doesn't likewise do?
The Apple guys get all their ideas from the admittedly clever Marketing
machine (which knows how to play to their intense fear) so I doubt they'll
be providing any real details to their accusations - yet they still
constantly accuse the Android users of being spied upon by Google simply
for using Android.
I just want to find out the correct answer to the question.
Therefore, I'm just asking *how* Google can spy on us when we are using
Android (that can't be likewise done when were using iOS)?
I maintain a pretty clean single-desktop-pane privacy settings ship, where
I keep a copy of all known Google-specific apps, to ensure I'm not logged
into any one of them: http://i.cubeupload.com/oexktG.gif
And, as you know, I've recently deleted my Google Play ID, where the
Android phone works just fine without a Google ID - so Google can't latch
onto my Google Play ID (which no longer even exists) to "spy" on my Android
activities.
Likewise, I've always had "Location services" set to the recommended
privacy settings, so, apps aren't allowed to use my location:
http://i.cubeupload.com/ugZ1fc.gif
In addition, using App Ops Starter, I've turned off location access to all
Android apps that I don't think need this information, for example:
- Android Settings: http://i.cubeupload.com/mYSCjc.gif
- Network Location: http://i.cubeupload.com/rfmqc7.gif
- Android IP Service: http://i.cubeupload.com/ZCV3yC.gif
etc.
Furthermore, I have location turned off for non-Android apps also, for
example:
- Google Play Services: http://i.cubeupload.com/KbMWVM.gif
- Google Search: http://i.cubeupload.com/ZUiP01.gif
- ES File Explorer: http://i.cubeupload.com/mX8GaS.gif
etc.
Even though the "Advertising ID" menu (and a bunch of other things) are now
no longer in the Android settings menus, I still can bring up "Google
Settings" separately:
http://i.cubeupload.com/N97c9S.gif
And, in those "Google Settings", I can easily reset the "Advertising ID":
http://i.cubeupload.com/SVpOs2.gif
So, without a static "Advertising ID" (and ignoring Google Maps and Google
Mail, which are special cross-platform apps that exist on iOS also), what
Android-specific things can Google possibly latch off of to spy on us while
we're using our Android devices that Apple doesn't also do on iOS?
nospam
Aug 2, 2016, 3:43:35 PM8/2/16
to
In article <nnqspi$1cqq$1...@gioia.aioe.org>, Aardvarks
no you don't.
you've been told the answer numerous times and you just don't listen.
no you don't.
you've been told the answer numerous times and you just don't listen.
Aardvarks
Aug 2, 2016, 3:54:37 PM8/2/16
to
On Tue, 02 Aug 2016 15:43:34 -0400, nospam wrote:
> you've been told the answer numerous times and you just don't listen.
I'm tired of your senseless riddles & rumor mongering UFO fears.
> you've been told the answer numerous times and you just don't listen.
You don't know the answer; you only know Apple marketing glossy literature.
Facts are all that we ask for here.
Not your senseless self-serving fear-mongering idiotic riddles.
I provided facts in the OP.
Now it's time to find out the answer from someone who knows how Android
works (which isn't me - and it certainly isn't you).
TO ANDROID USERS:
Do you know *how* Google can "spy" on us, like the iOS users allude to?
TO IOS USERS:
You're welcome to add value - but please don't give us only glossy
marketing FUD sans a single verifiable detail.
tlvp
Aug 2, 2016, 10:28:26 PM8/2/16
to
On Tue, 2 Aug 2016 19:37:23 +0000 (UTC), Aardvarks wrote:
> Ok. Where's the beef?
You tell me. You seem to be the one that's beefing :-) . Cheers, -- tlvp
> Ok. Where's the beef?
--
Avant de repondre, jeter la poubelle, SVP.
Aardvarks
Aug 2, 2016, 11:18:15 PM8/2/16
to
On Tue, 2 Aug 2016 22:28:23 -0400, tlvp wrote:
> You tell me. You seem to be the one that's beefing
I did provide all the facts I knew.
> You tell me. You seem to be the one that's beefing
You provided absolutely nothing of any value (so why do you bother?).
1. I don't log into Google apps: http://i.cubeupload.com/oexktG.gif
2. I turn off location services: http://i.cubeupload.com/ugZ1fc.gif
3. I turn off all Android location access:
- Android Settings: http://i.cubeupload.com/mYSCjc.gif
- Network Location: http://i.cubeupload.com/rfmqc7.gif
- Android IP Service: http://i.cubeupload.com/ZCV3yC.gif
- Network Location: http://i.cubeupload.com/rfmqc7.gif
- Android IP Service: http://i.cubeupload.com/ZCV3yC.gif
- Google Play Services: http://i.cubeupload.com/KbMWVM.gif
- Google Search: http://i.cubeupload.com/ZUiP01.gif
- ES File Explorer: http://i.cubeupload.com/mX8GaS.gif
etc.
4. Without a Google Account, it may very well be that the
- Google Search: http://i.cubeupload.com/ZUiP01.gif
- ES File Explorer: http://i.cubeupload.com/mX8GaS.gif
etc.
Advertising ID no longer exists; but, just in case, I tap on
Google Settings to change it. http://i.cubeupload.com/SVpOs2.gif
You clearly know even less than I do.
So you'll *never* be able to answer the simple question.
You live off of fear inculcated in you by Apple Marketing.
Me?
I just want the facts.
So I ask the factual question, which, can be summarized as:
a. Does not having a Google Play account eliminate the Advertising ID?
(Deleting the Google Play account "appears" to remove all vestiges of the
Advertising ID from the Android settings - so that "might" be the case that
there is no longer an Advertising ID - but that remains to be proven.)
b. Ignoring cross-platform apps such as Google Maps and Google Mail (which
exist on iOS also), what Android-specific privacy things can Google
possibly latch off of to spy on us while we're using our Android devices
that Apple doesn't also do on iOS?
So far, nobody knows of anything.
that Apple doesn't also do on iOS?
The Apple Apologists (predictably) bring up nothing whatsoever of factual
value (as if they all work for Apple Marketing because they live and
breathe fear in everything they do).
Facts don't scare me like they scare them.
I'm hoping the Android aficionados will know the facts.
Aardvarks
Aug 2, 2016, 11:43:28 PM8/2/16
to
On Wed, 3 Aug 2016 03:18:12 +0000 (UTC), Aardvarks wrote:
> a. Does not having a Google Play account eliminate the Advertising ID?
Facts only.
> a. Does not having a Google Play account eliminate the Advertising ID?
It seems Apple iOS devices have a resettable Identifier for Advertisers
(IDFA), which can be rest on iOS devices using:
Settings->Privacy->Advertising->Reset Advertising Identifier.
So, in that sense, iOS and Google seems to be similar; although it appears
that the Google Advertising ID "may" be easily removable on non-rooted
devices simply by deleting your Google Play account (still working on that
premise).
Apple iOS devices also have a Unique Device Identifier (UDID).
nospam
Aug 2, 2016, 11:51:09 PM8/2/16
to
In article <nnrp8s$d84$1...@gioia.aioe.org>, Aardvarks
which apps cannot access and use to identify users.
which apps cannot access and use to identify users.
Aardvarks
Aug 3, 2016, 12:21:09 AM8/3/16
to
On Tue, 02 Aug 2016 23:51:07 -0400, nospam wrote:
>> Apple iOS devices also have a Unique Device Identifier (UDID).
>
> which apps cannot access and use to identify users.
It seems that Google may have copied Apple in creating the Advertising ID
>> Apple iOS devices also have a Unique Device Identifier (UDID).
>
> which apps cannot access and use to identify users.
in the first place, as stated in this article:
http://www.businessinsider.com/googles-new-advertising-id-is-now-live-and-tracking-new-android-phonesthis-is-what-it-looks-like-2014-1
However, apparently very much unlike the Apple Advertising ID (IDFA), it is
well known that Android users have long had the opportunity to opt out of
Advertising ID (AdID) based tracking.
Even more unlike the Apple Advertising ID (IDFA), so far, it seems that
deleting the Android Google Play account may have also deleted the entire
existence of the Advertising ID (AdID).
The first clue is that the entire concept of the Advertising ID instantly
disappeared from the Android settings menu when the Google Play account was
removed.
Another clue is this developer web page which states that the advertising
ID works only when Google Play Services is available:
https://developers.google.com/android/reference/com/google/android/gms/ads/identifier/AdvertisingIdClient
This article says the Advertising ID came from Google Play Services 4.0,
which no longer exists on my phone, which implies no Advertising ID:
http://www.androidpolice.com/2013/11/01/google-play-services-4-0-requires-developers-to-use-the-new-advertising-id-to-identify-your-device-enforcement-starts-aug-2014/
This article confirms that the AdID is composed from the Google Play
account, which doesn't even exist, so it's probably not possible to
generate a valid AdID:
http://ccm.net/faq/34759-android-prevent-apps-from-using-your-advertising-id
Probably the strongest evidence is in this article, which pretty much says
that without Google Play Services (GPS), the advertising ID (AdID) can't be
used by applications:
https://dev.twitter.com/mopub/android/google-advertising-id-faq
But, Google Play account and Google Play Services aren't the same thing.
Does anyone on the Android side actually know, for sure, that deleting the
Google Play account and/or turning off Google Play services disables the
generation or use of the Advertising ID?
Aardvarks
Aug 3, 2016, 2:34:11 AM8/3/16
to
On Wed, 3 Aug 2016 04:21:07 -0000 (UTC), Aardvarks wrote:
> But, Google Play account and Google Play Services aren't the same thing.
>
> Does anyone on the Android side actually know, for sure, that deleting the
> Google Play account and/or turning off Google Play services disables the
> generation or use of the Advertising ID?
Facts only.
> But, Google Play account and Google Play Services aren't the same thing.
>
> Does anyone on the Android side actually know, for sure, that deleting the
> Google Play account and/or turning off Google Play services disables the
> generation or use of the Advertising ID?
While I had already limited Google Play Services using App Ops Starter:
http://i.cubeupload.com/AAUQuo.gif
To test how the non-rooted Android device handles the lack of both a Google
Play account and Google Play Services, I removed or disabled these "apps"
from my Android phone using the Android Application Manager:
http://i.cubeupload.com/PV4AHO.gif
1. Removing the Google Play Store app:
http://i.cubeupload.com/aWDZ9H.gif
2. Disabling the Google Play Services app:
http://i.cubeupload.com/Y6XcAh.gif
3. Disabling the Google Services Framework app:
http://i.cubeupload.com/6h3Whb.gif
The result was that my admittedly cleanly organized desktop:
http://i.cubeupload.com/Uld6T3.gif
Just got cleaner, in that the Google Play app disappeared:
http://i.cubeupload.com/pkGmQ3.gif
And, even the "Google Settings" app disappeared!
http://i.cubeupload.com/DoKW6g.gif
Two facts:
a. Deleting the Google Play account removed all mention of the Advertising
ID (AdID) from the Android settings, but the "Google Settings" app icon
remained, which had a menu for the Advertising ID.
b. In addition, deleting and disabling the apps above, wiped out the
"Google Settings" app, so now there is zero mention of any ApID anywhere in
the Android device (that I can find).
One hypothesis for the Android aficionados:
- Have I entirely wiped out the AdID from my non-rooted device?
If not - where is it?
Savageduck
Aug 3, 2016, 2:43:16 AM8/3/16
to
On 2016-08-03 06:34:07 +0000, Aardvarks <aard...@a.b.c.com> said:
> On Wed, 3 Aug 2016 04:21:07 -0000 (UTC), Aardvarks wrote:
>
>> But, Google Play account and Google Play Services aren't the same thing.
>>
>> Does anyone on the Android side actually know, for sure, that deleting the
>> Google Play account and/or turning off Google Play services disables the
>> generation or use of the Advertising ID?
>
> Facts only.
The only fact here is, you are talking to yourself.
> On Wed, 3 Aug 2016 04:21:07 -0000 (UTC), Aardvarks wrote:
>
>> But, Google Play account and Google Play Services aren't the same thing.
>>
>> Does anyone on the Android side actually know, for sure, that deleting the
>> Google Play account and/or turning off Google Play services disables the
>> generation or use of the Advertising ID?
>
> Facts only.
...and you are answering. There is something disturbing in that.
--
Regards,
Savageduck
Aardvarks
Aug 3, 2016, 2:47:08 AM8/3/16
to
On Wed, 3 Aug 2016 06:34:07 +0000 (UTC), Aardvarks wrote:
> Two facts:
> a. Deleting the Google Play account removed all mention of the Advertising
> ID (AdID) from the Android settings, but the "Google Settings" app icon
> remained, which had a menu for the Advertising ID.
>
> b. In addition, deleting and disabling the apps above, wiped out the
> "Google Settings" app, so now there is zero mention of any ApID anywhere in
> the Android device (that I can find).
>
> One hypothesis for the Android aficionados:
> - Have I entirely wiped out the AdID from my non-rooted device?
> If not - where is it?
Facts only - not fear mongering.
> Two facts:
> a. Deleting the Google Play account removed all mention of the Advertising
> ID (AdID) from the Android settings, but the "Google Settings" app icon
> remained, which had a menu for the Advertising ID.
>
> b. In addition, deleting and disabling the apps above, wiped out the
> "Google Settings" app, so now there is zero mention of any ApID anywhere in
> the Android device (that I can find).
>
> One hypothesis for the Android aficionados:
> - Have I entirely wiped out the AdID from my non-rooted device?
> If not - where is it?
I rebooted the phone to see if the removal and disabling of the Google Play
Store app and Google Play Services and Google Services Framework would come
back, but they seem to have stayed off upon inspection after reboot.
The great news is that I can't find the Advertising ID anywhere on the
Android system (this is an unrooted phone - so - to my knowledge - I'm the
first one to document this - although I can't be the only one to have
thought of something this simple).
While it seems the Advertising ID is now entirely gone from my Android
phone, one minor gotcha was that *some* of the Google apps fail to work
with the three changes below:
1. Removing the Google Play Store app:
http://i.cubeupload.com/aWDZ9H.gif
2. Disabling the Google Play Services app:
http://i.cubeupload.com/Y6XcAh.gif
3. Disabling the Google Services Framework app:
http://i.cubeupload.com/6h3Whb.gif
Surprisingly, Google Maps still works but the Google Youtube App fails, by
http://i.cubeupload.com/aWDZ9H.gif
2. Disabling the Google Play Services app:
http://i.cubeupload.com/Y6XcAh.gif
3. Disabling the Google Services Framework app:
http://i.cubeupload.com/6h3Whb.gif
giving the clear message that Google Play needs to be "updated". Luckily,
saving a youtube link from Firefox to the deskop completely replaces that
pushbutton youtube app, so there's no loss in functionality.
More surprisingly, the *default* SMS app that came with the Samsung Galaxy
S3 (yellow and white envelope icon), failed to send messages. This was also
easily worked around simply by installing a different SMS app from F-Droid,
named QSSMS, which worked fine in back-and-forth test messages to the iOS
user who switched from Android Nexus 5 to iPhone 6 a few weeks ago.
I will test this further, but, it seems that everything else is working,
but that there is no Advertising ID nor Google Play account nor even Google
Play Services running on this unrooted Android phone.
Given that fact, what could Google possibly latch on to in order to invade
privacy?
Can the iOS users likewise wipe out the Apple advertising ID altogether?
Aardvarks
Aug 3, 2016, 3:06:49 AM8/3/16
to
On Tue, 2 Aug 2016 23:43:09 -0700, Savageduck wrote:
> The only fact here is, you are talking to yourself.
> ...and you are answering. There is something disturbing in that.
What's interesting is that you know *absolutely nothing* about this topic,
> The only fact here is, you are talking to yourself.
> ...and you are answering. There is something disturbing in that.
yet, you still post your usual Apple-Marketing-induced fear-driven drivel.
I am adding value to the overall knowledge level.
If I'm the only one in this ng capable of adding value - so be it.
For example, it seems that the primitive iOS operating system is far less
private than the more advanced Android operating system at this point
simply because I've shown it's easy to completely eliminate the advertising
id on Android.
Once I confirm that's the case, I'll see if it's possible to completely
eliminate the similar iOS Advertising ID; but knowing how limiting iOS is,
I suspect I'll have to "just give up" like you guys do all the time on iOS.
Meanwhile, if I happen to know more than the rest of you about how to
easily make Android private, then so be it. It's sad, because I know next
to nothing about either iOS or Android - but if I happen to know more than
anyone here does - that's just a fact.
The great news is that it was trivial to remove the Google Play account,
which, I think, in and of itself, is all that's needed.
It was also trivial to removed and/or disable the Google Services
applications and Google Framework applications - where the repercussions
were extremely minimal - so that's also good news.
1. Some Google apps stopped working (e.g., Youtube).
2. They were easily replaced.
3. One Android system app stopped working (i.e., Messages).
4. Likewise, that was easily replaced.
I'll keep testing and reporting back the results.
I doubt the backward Apple-Marketing-driven iOS users can ever add the
slightest bit of value to a technical thread such as this, so, I mostly ask
the far more sophisticated Android aficionados if they have similar
experiences where all vestiges of the Google phoning home have been so
easily eliminated.
Michael Eyd
Aug 3, 2016, 5:00:00 AM8/3/16
to
Am 03.08.2016 um 08:34 schrieb Aardvarks:
> b. In addition, deleting and disabling the apps above, wiped out the
> "Google Settings" app, so now there is zero mention of any ApID anywhere in
> the Android device (that I can find).
>
> One hypothesis for the Android aficionados:
> - Have I entirely wiped out the AdID from my non-rooted device?
> If not - where is it?
You seem to be unaware of the difference between data shown on a screen
> b. In addition, deleting and disabling the apps above, wiped out the
> "Google Settings" app, so now there is zero mention of any ApID anywhere in
> the Android device (that I can find).
>
> One hypothesis for the Android aficionados:
> - Have I entirely wiped out the AdID from my non-rooted device?
> If not - where is it?
and data stored internally in a computer system. The only thing you've
proven above is that you don't see this ID anymore in any (user
accessible) screen.
But you can't possibly know (at this time, after performing the steps
you outlined) whether it's still stored somewhere in the system, nor
whether it's still accessible by apps (or Android itself) whenever they
choose to do so.
Michael
Michael Eyd
Aug 3, 2016, 5:10:01 AM8/3/16
to
Am 03.08.2016 um 08:47 schrieb Aardvarks:
> I will test this further, but, it seems that everything else is working,
> but that there is no Advertising ID
How do you know that? Not having it displayed on any screen is by no
> I will test this further, but, it seems that everything else is working,
> but that there is no Advertising ID
means the same as it not being there at all.
> Given that fact, what could Google possibly latch on to in order to invade
> privacy?
ago in another thread. IIRC you never came back on my statements,
therefore I won't bring them up again.
> Can the iOS users likewise wipe out the Apple advertising ID altogether?
And as for iOS: I have an easily reachable menu in the Settings app,
where I can (and have ;-) ) denied Ad-tracking, and where I can even
reset the ADID (by generating a new one).
In which way is that less secure than your way, which definitively is
too complex for almost all users?
Michael
Michael Eyd
Aug 3, 2016, 5:10:01 AM8/3/16
to
Am 02.08.2016 um 21:37 schrieb Aardvarks:
> (The iOS guys are like your basic used-car salespeople - they almost never
> tell the truth and they can only spout what the Marketing guys tell them to
> say - so we're not going to get any provable level of detail from them).
>
> Even though we won't likely get anything from iOS guys that they didn't
> read off of a glossy marketing brochure, I'll cc them, just in case they do
> know something of what they constantly talk about.
>
<...>
> (The iOS guys are like your basic used-car salespeople - they almost never
> tell the truth and they can only spout what the Marketing guys tell them to
> say - so we're not going to get any provable level of detail from them).
>
> Even though we won't likely get anything from iOS guys that they didn't
> read off of a glossy marketing brochure, I'll cc them, just in case they do
> know something of what they constantly talk about.
>
>
> The Apple guys get all their ideas from the admittedly clever Marketing
> machine (which knows how to play to their intense fear) so I doubt they'll
> be providing any real details to their accusations - yet they still
> constantly accuse the Android users of being spied upon by Google simply
> for using Android.
Do you really think it to be a good start of a discussion insulting one
> The Apple guys get all their ideas from the admittedly clever Marketing
> machine (which knows how to play to their intense fear) so I doubt they'll
> be providing any real details to their accusations - yet they still
> constantly accuse the Android users of being spied upon by Google simply
> for using Android.
of the groups you hope to be participating? Me not...
> I just want to find out the correct answer to the question.
wouldn't have felt the need to insult the group that is most likely to
be of a different opinion.
Michael
nospam
Aug 3, 2016, 6:38:23 AM8/3/16
to
In article <nnsc8q$ft5$2...@news.sap-ag.de>, Michael Eyd <inv...@eyd.de>
wrote:
> > I just want to find out the correct answer to the question.
>
> No you don't, you want your view of the world confirmed. Otherwise you
> wouldn't have felt the need to insult the group that is most likely to
> be of a different opinion.
exactly
wrote:
> > I just want to find out the correct answer to the question.
>
> No you don't, you want your view of the world confirmed. Otherwise you
> wouldn't have felt the need to insult the group that is most likely to
> be of a different opinion.
Aardvarks
Aug 3, 2016, 3:13:48 PM8/3/16
to
On Wed, 3 Aug 2016 11:04:13 +0200, Michael Eyd wrote:
> You didn't prove that the ID is actually wiped out.
I am a scientist.
> You didn't prove that the ID is actually wiped out.
1. Like any true scientist, I provide my hypothesis that iOs is less
private than Android when it comes to being able to easily *eliminate* the
advertising ID. And, like any true scientist, I provided numerous
references which backed up my claims and which supported the experiment
that I devised and published out in the open.
2. Like any true scientist, I provided the exact steps to my *experiment*,
which anyone on the planet can reproduce with any similar Android phone
(mine is an S3 on Android 4.3).
3. And, like a true scientist, I provided the results and conclusion that
the advertising ID was trivially easily completely eliminated from the
Android system. Like any true scientist, I know *more* needs to be
explored, such as the question of whether the Advertising ID is hidden
somehow, and that similar tests need to be performed to see if it is as
easy to eliminate the advertising ID on iOS as it was on Android.
This is what scientists do.
This is fact.
Now, what do *you* provide?
Words?
Tht's it?
Just words?
You are not a scientist.
You, and nospam and Savageduck and tlvp, etc., are merely iOS apologists
who don't like the fact that it's trivially easy to completely eliminate
the advertising ID on Android, while it's probably almost impossible to do
the same privacy tweak on iOS.
> And as for iOS: I have an easily reachable menu in the Settings app,
> where I can (and have ;-) ) denied Ad-tracking, and where I can even
> reset the ADID (by generating a new one).
Really?
Even nospam and Savageduck and tlvp didn't feel the need to say that what
you have on Apple iOS is the same as what every Android user already has
with respect to *resetting* the advertising ID and telling advertisers not
to use it.
You probably don't even *understand* what I just wrote - but I'm sure
nospam (who, despite his constant baseless lies, actually *does* understand
everything that I write).
nospam
Aug 3, 2016, 3:19:40 PM8/3/16
to
In article <nntfp7$qfm$1...@gioia.aioe.org>, Aardvarks
> 1. Like any true scientist, I provide my hypothesis that iOs is less
> private than Android when it comes to being able to easily *eliminate* the
> advertising ID. And, like any true scientist, I provided numerous
> references which backed up my claims and which supported the experiment
> that I devised and published out in the open.
all of which have been refuted.
instead of discussing these supposed tests, you start insulting and
bashing anyone that doesn't agree.
put simply: you have *no* idea what's going on or how things work.
> You probably don't even *understand* what I just wrote - but I'm sure
> nospam (who, despite his constant baseless lies, actually *does* understand
> everything that I write).
the first part is more of your bullshit, but for the second part,
*far* more than you realize.
<aard...@a.b.c.com> wrote:
>
> > You didn't prove that the ID is actually wiped out.
>
> I am a scientist.
not a very good one.
>
> > You didn't prove that the ID is actually wiped out.
>
> I am a scientist.
> 1. Like any true scientist, I provide my hypothesis that iOs is less
> private than Android when it comes to being able to easily *eliminate* the
> advertising ID. And, like any true scientist, I provided numerous
> references which backed up my claims and which supported the experiment
> that I devised and published out in the open.
instead of discussing these supposed tests, you start insulting and
bashing anyone that doesn't agree.
put simply: you have *no* idea what's going on or how things work.
> You probably don't even *understand* what I just wrote - but I'm sure
> nospam (who, despite his constant baseless lies, actually *does* understand
> everything that I write).
*far* more than you realize.
Aardvarks
Aug 3, 2016, 3:32:20 PM8/3/16
to
On Wed, 3 Aug 2016 10:57:46 +0200, Michael Eyd wrote:
> You seem to be unaware of the difference between data shown on a screen
> and data stored internally in a computer system. The only thing you've
> proven above is that you don't see this ID anymore in any (user
> accessible) screen.
>
> But you can't possibly know (at this time, after performing the steps
> you outlined) whether it's still stored somewhere in the system, nor
> whether it's still accessible by apps (or Android itself) whenever they
> choose to do so.
I am a scientist.
> You seem to be unaware of the difference between data shown on a screen
> and data stored internally in a computer system. The only thing you've
> proven above is that you don't see this ID anymore in any (user
> accessible) screen.
>
> But you can't possibly know (at this time, after performing the steps
> you outlined) whether it's still stored somewhere in the system, nor
> whether it's still accessible by apps (or Android itself) whenever they
> choose to do so.
1. I proposed my hypothesis & my references backing it up.
2. I showed the exact steps of my experiment for anyone to reproduce.
3. I showed the results for anyone to prove wrong.
And what do you provide?
You *saying* there is a super-secret hidden secret advertising ID that is
secretly generated outside the well-known mechanisms that the references
prove exist, merely means that you're stretching for a conspiracy theory to
support your erroneous beliefs.
What are your references?
Where is your experiment?
Where is your proof?
You may as well tell me the earth is flat.
I often wonder why you Apple people resort to such lies, but I finally
figured why you make up *everything* in your self-imposed contrived world
that Apple Marketing so safely (says they have) built for you:
a. You're scared witless (hoping that Apple Marketing will protect you)
b. You only care about style (which Apple Marketing surely provides)
c. You accept single-button-mouse solutions (from Apple Marketing)
Fact:
- It's trivially easy to completely eliminate the Advertising ID from an
unrooted Android device (my test was on an S3 with Android 4.3).
Hypothesis:
- It's impossible to do the same privacy tweak on unrooted iOS.
I'm a scientist. I'm not afraid of facts.
Prove me wrong.
nospam
Aug 3, 2016, 3:33:47 PM8/3/16
to
In article <nntgrr$rv6$1...@gioia.aioe.org>, Aardvarks
<aard...@a.b.c.com> wrote:
> Where is your proof?
apple and android developer documentation.
<aard...@a.b.c.com> wrote:
> Where is your proof?
apple and android developer documentation.
Aardvarks
Aug 3, 2016, 3:42:54 PM8/3/16
to
On Wed, 03 Aug 2016 15:33:48 -0400, nospam wrote:
>> Where is your proof?
>
> apple and android developer documentation.
Remember: I already referenced the exact android developer documentation
>> Where is your proof?
>
> apple and android developer documentation.
which supported the experiment that I devised based on reading those
documents (which told me exactly which services generated the AdID!).
As always, you reference absolutely nothing.
This used to bother me.
Until I realized...
a. You are afraid of facts
b. You want Apple Marketing to save you from these facts
c. They can't - because facts are facts (you thrive on Marketing lies).
Fact:
- It's trivially easy to completely eliminate the Advertising ID from an
unrooted Android device (my test was on an S3 with Android 4.3).
Hypothesis:
- It's impossible to do the same privacy tweak on unrooted iOS.
I'm a scientist.
I'm not afraid of facts.
nebulously cite.
nospam
Aug 3, 2016, 4:00:38 PM8/3/16
to
In article <nnthfm$sqe$1...@gioia.aioe.org>, Aardvarks
you have *no* idea what how the advertising id is used or how someone
can be tracked *without* it.
you're fixated on removing something that doesn't actually make much of
a difference.
<aard...@a.b.c.com> wrote:
>
> >> Where is your proof?
> >
> > apple and android developer documentation.
>
> Remember: I already referenced the exact android developer documentation
> which supported the experiment that I devised based on reading those
> documents (which told me exactly which services generated the AdID!).
no you didn't.
>
> >> Where is your proof?
> >
> > apple and android developer documentation.
>
> Remember: I already referenced the exact android developer documentation
> which supported the experiment that I devised based on reading those
> documents (which told me exactly which services generated the AdID!).
you have *no* idea what how the advertising id is used or how someone
can be tracked *without* it.
you're fixated on removing something that doesn't actually make much of
a difference.
Michael Eyd
Aug 4, 2016, 3:00:02 AM8/4/16
to
Am 03.08.2016 um 21:13 schrieb Aardvarks:
> On Wed, 3 Aug 2016 11:04:13 +0200, Michael Eyd wrote:
>
>> You didn't prove that the ID is actually wiped out.
>
> I am a scientist.
Questionable. Very questionable, indeed.
> On Wed, 3 Aug 2016 11:04:13 +0200, Michael Eyd wrote:
>
>> You didn't prove that the ID is actually wiped out.
>
> I am a scientist.
> 1. Like any true scientist, I provide my hypothesis that iOs is less
> private than Android when it comes to being able to easily *eliminate* the
> advertising ID. And, like any true scientist, I provided numerous
> references which backed up my claims and which supported the experiment
> that I devised and published out in the open.
anywhere in any of the Android Settings dialogues. But that does not
mean at all that it is gone from the system. You still don't understand
the difference between data being present in the system and data being
presented to a user.
> 2. Like any true scientist, I provided the exact steps to my *experiment*,
> which anyone on the planet can reproduce with any similar Android phone
> (mine is an S3 on Android 4.3).
> 3. And, like a true scientist, I provided the results and conclusion that
> the advertising ID was trivially easily completely eliminated from the
> Android system.
pointed that out. Actually, that's what scientists do when reading other
scientist's claims: Try to find weaknesses in them and point them out.
> Like any true scientist, I know *more* needs to be
> explored, such as the question of whether the Advertising ID is hidden
> somehow,
from the system. So now you're pulling back on your claim.
> and that similar tests need to be performed to see if it is as
> easy to eliminate the advertising ID on iOS as it was on Android.
>
> This is what scientists do.
> This is fact.
>
> Now, what do *you* provide?
weaknesses of your claim. And I let the scientific community decide what
they think of my findings. Actually, that's what's called 'scientific
process'.
> Words?
> Tht's it?
> Just words?
the given facts'.
> You are not a scientist.
> You, and nospam and Savageduck and tlvp, etc., are merely iOS apologists
> who don't like the fact that it's trivially easy to completely eliminate
> the advertising ID on Android, while it's probably almost impossible to do
> the same privacy tweak on iOS.
time on numerous occasions) you start insulting people. That's
definitively not the behavior of a scientist.
>> And as for iOS: I have an easily reachable menu in the Settings app,
>> where I can (and have ;-) ) denied Ad-tracking, and where I can even
>> reset the ADID (by generating a new one).
>
> Heh heh ... you really felt the need to say that?
> Really?
> Even nospam and Savageduck and tlvp didn't feel the need to say that what
> you have on Apple iOS is the same as what every Android user already has
> with respect to *resetting* the advertising ID and telling advertisers not
> to use it.
that wouldn't fit your need to be right on any occasion... ;-)
> You probably don't even *understand* what I just wrote - but I'm sure
> nospam (who, despite his constant baseless lies, actually *does* understand
> everything that I write).
Michael
Michael Eyd
Aug 4, 2016, 3:20:01 AM8/4/16
to
Am 03.08.2016 um 21:32 schrieb Aardvarks:
> On Wed, 3 Aug 2016 10:57:46 +0200, Michael Eyd wrote:
>
>> You seem to be unaware of the difference between data shown on a screen
>> and data stored internally in a computer system. The only thing you've
>> proven above is that you don't see this ID anymore in any (user
>> accessible) screen.
>>
>> But you can't possibly know (at this time, after performing the steps
>> you outlined) whether it's still stored somewhere in the system, nor
>> whether it's still accessible by apps (or Android itself) whenever they
>> choose to do so.
>
> I am a scientist.
Then behave like one! And not like a kid, stomping your feet.
> On Wed, 3 Aug 2016 10:57:46 +0200, Michael Eyd wrote:
>
>> You seem to be unaware of the difference between data shown on a screen
>> and data stored internally in a computer system. The only thing you've
>> proven above is that you don't see this ID anymore in any (user
>> accessible) screen.
>>
>> But you can't possibly know (at this time, after performing the steps
>> you outlined) whether it's still stored somewhere in the system, nor
>> whether it's still accessible by apps (or Android itself) whenever they
>> choose to do so.
>
> I am a scientist.
> 1. I proposed my hypothesis & my references backing it up.
> 2. I showed the exact steps of my experiment for anyone to reproduce.
> 3. I showed the results for anyone to prove wrong.
>
> And what do you provide?
your test is not suitable for basing your conclusion. *I* don't have to
provide anything more, it's *you* who has to prove that your claim is
still holding up, despite my well-founded criticism. If you knew
anything about the scientific process, you would know that that's the
way things work in the scientific community.
> You *saying* there is a super-secret hidden secret advertising ID that is
> secretly generated outside the well-known mechanisms that the references
> prove exist, merely means that you're stretching for a conspiracy theory to
> support your erroneous beliefs.
'well-founded' test results, not even one of your 'explain-all' screen
shots? No? Poor you.
Let me make my point clear one more time: In your test you deleted the
Google Play app. And I accept (without any problem) that you did so
successfully.
However, that does not mean at all that any background services for the
Google Play Services are gone just as well. Nor does that mean that any
data they stored is actually gone from the system. Just one example how
that could work: The Google Play Services may store the AdID somewhere
in a general Android storage area (seeing how easy it is in Android for
one process to get access to the data of another process, that's easily
possible, even without pulling the card of 'Google can do things with
system parts that apps wouldn't be allowed').
But you're claiming that by deleting the app all the data from the
background service are gone just as well.
> What are your references?
I don't need any, I just need to raise reasonable arguments that *you*
have to show as false or as not applicable. Reminder: Insults are not an
accepted way of proving your point right.
> Where is your experiment?
I don't need one. It's your experiment, you have to prove that it is a
valid basis for your conclusion.
> Where is your proof?
I don't need any proof. I only need to raise reasonable doubt. And I
did. It's your task to dispel them.
> You may as well tell me the earth is flat.
> I often wonder why you Apple people resort to such lies, but I finally
> figured why you make up *everything* in your self-imposed contrived world
> that Apple Marketing so safely (says they have) built for you:
> a. You're scared witless (hoping that Apple Marketing will protect you)
> b. You only care about style (which Apple Marketing surely provides)
> c. You accept single-button-mouse solutions (from Apple Marketing)
> Fact:
> - It's trivially easy to completely eliminate the Advertising ID from an
> unrooted Android device (my test was on an S3 with Android 4.3).
> Hypothesis:
> - It's impossible to do the same privacy tweak on unrooted iOS.
>
> I'm a scientist. I'm not afraid of facts.
> Prove me wrong.
all there is to do for my role in this discussion. Dispel that or bring
up a test that really proves your conclusion. *That's* the way science
works.
Michael
tlvp
Aug 4, 2016, 3:54:45 AM8/4/16
to
On Wed, 3 Aug 2016 19:13:43 +0000 (UTC), Aardvarks wrote:
> You, and nospam and Savageduck and tlvp, etc., are merely iOS apologists
> who don't like the fact that it's trivially easy to completely eliminate
> the advertising ID on Android, while it's probably almost impossible to do
> the same privacy tweak on iOS.
Please leave me out of this rag-tag gaggle of contributors. I have never in
> You, and nospam and Savageduck and tlvp, etc., are merely iOS apologists
> who don't like the fact that it's trivially easy to completely eliminate
> the advertising ID on Android, while it's probably almost impossible to do
> the same privacy tweak on iOS.
my life even held in my hand an iOS-configured object (no iGizmo of any
sort, ever :-) !), so I hardly would qualify amongst "iOS apologists".
Nor have I ever indicated I "don't like" whatever "fact" it is you're
ranting about above.
So please don't attribute to me what I've never even contemplated; thanks.
Cheers; and carry on, -- tlvp
tlvp
Aug 4, 2016, 4:00:13 AM8/4/16
to
On Wed, 3 Aug 2016 19:13:43 +0000 (UTC), Aardvarks wrote:
> Even ... tlvp didn't feel the need to say that what
> you have on Apple iOS is the same as ...
That's 'cuz I have no "need to say" things about what I know nothing about.
In that regard I'm trying to set a good example; but it's not working :-{ .
Aardvarks
Aug 4, 2016, 6:54:56 AM8/4/16
to
On Thu, 4 Aug 2016 09:15:44 +0200, Michael Eyd wrote:
> Like a good scientist I claimed (and gave reason for that claim) that
> your test is not suitable for basing your conclusion. *I* don't have to
> provide anything
Michael,
> Like a good scientist I claimed (and gave reason for that claim) that
> your test is not suitable for basing your conclusion. *I* don't have to
> provide anything
Again, I sure hope you don't vote.
I'm sure *you* believe that a World War II Bomber is *still* on the Moon,
simply because it's hard to prove (to you) that it's *not* on the moon.
Given your acutely obvious scientific acumen, this is right down the
"scientific" line of thought both you and nospam *consistently* display.
- World War II Bomber now *missing* from the moon!
http://preview.tinyurl.com/gvjt5fw
https://en.wikipedia.org/wiki/Sunday_Sport
Aardvarks
Aug 4, 2016, 6:54:58 AM8/4/16
to
On Thu, 4 Aug 2016 03:54:40 -0400, tlvp wrote:
> So please don't attribute to me what I've never even contemplated; thanks.
Then why did your first post in this thread request:
> So please don't attribute to me what I've never even contemplated; thanks.
"You tell me. You seem to be the one that's [asking]"
Aardvarks
Aug 4, 2016, 6:55:00 AM8/4/16
to
On Thu, 4 Aug 2016 08:57:24 +0200, Michael Eyd wrote:
> The only thing you've proven is that this ID is now not to be seen
> anywhere in any of the Android Settings dialogues.
Michael
> The only thing you've proven is that this ID is now not to be seen
> anywhere in any of the Android Settings dialogues.
I sincerely hope you don't vote.
Look at this article, because it's something you'd eminently believe simply
because it's hard to prove it's *not* there...
- "World War II Bomber Found On The Moon"
https://en.wikipedia.org/wiki/Sunday_Sport
http://tinyurl.com/gvjt5fw
Michael Eyd
Aug 4, 2016, 7:10:00 AM8/4/16
to
everything you say. Instead you're insulting others (who didn't give any
reason for that), you're changing topics whenever you feel cornered, you
repeat claims that were already refuted and debunked instead of arguing
about them. But you wouldn't know how to sensibly argue, and if had a
recipe for that lying in front of you - as you've proven here time after
time.
You're nothing but laughing stock. Feel free to play that role even
longer, feel free to play your silly little games even longer, feel free
to think everybody but you is an idiot. But you'll have to do that
without me from now on.
Get lost,
Michael
Michael Eyd
Aug 4, 2016, 7:10:00 AM8/4/16
to
Am 04.08.2016 um 12:54 schrieb Aardvarks:
Get lost,
Michael
pf...@aol.com
Aug 4, 2016, 1:43:01 PM8/4/16
to
On Tuesday, August 2, 2016 at 3:37:29 PM UTC-4, Aardvarks wrote:
>>Stuff.
Are you related to Danny D. by any chance?
>>Stuff.
Are you related to Danny D. by any chance?
Jeff Liebermann
Aug 4, 2016, 2:01:21 PM8/4/16
to
On Tue, 2 Aug 2016 19:37:23 +0000 (UTC), Aardvarks
<aard...@a.b.c.com> wrote:
>Specific things only.
>Not Marketing crap please.
Even your Smartphone battery status is tracking your online browsing:
<http://tech.thaivisa.com/warning-your-smartphone-battery-status-is-being-used-to-track-your-every-move-online/16596/>
<http://randomwalker.info/publications/OpenWPM_1_million_site_tracking_measurement.pdf>
Resistance is futile. So it capacitance and inductance. You will be
conglomerated into the data mass.
--
Jeff Liebermann je...@cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558
<aard...@a.b.c.com> wrote:
>Specific things only.
>Not Marketing crap please.
Even your Smartphone battery status is tracking your online browsing:
<http://tech.thaivisa.com/warning-your-smartphone-battery-status-is-being-used-to-track-your-every-move-online/16596/>
<http://randomwalker.info/publications/OpenWPM_1_million_site_tracking_measurement.pdf>
Resistance is futile. So it capacitance and inductance. You will be
conglomerated into the data mass.
--
Jeff Liebermann je...@cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558
Meanie
Aug 4, 2016, 4:40:23 PM8/4/16
to
People sure don't know how to ignore but sure know how to whine.
Chris
Aug 4, 2016, 5:03:51 PM8/4/16
to
Aardvarks <aard...@a.b.c.com> wrote:
> On Wed, 3 Aug 2016 11:04:13 +0200, Michael Eyd wrote:
>
>> You didn't prove that the ID is actually wiped out.
>
> I am a scientist.
You're many things, but sorry you're no scientist.
> On Wed, 3 Aug 2016 11:04:13 +0200, Michael Eyd wrote:
>
>> You didn't prove that the ID is actually wiped out.
>
> I am a scientist.
> 1. Like any true scientist, I provide my hypothesis that iOs is less
> private than Android when it comes to being able to easily *eliminate* the
> advertising ID. And, like any true scientist, I provided numerous
> references which backed up my claims and which supported the experiment
> that I devised and published out in the open.
>
> 2. Like any true scientist, I provided the exact steps to my *experiment*,
> which anyone on the planet can reproduce with any similar Android phone
> (mine is an S3 on Android 4.3).
>
> 3. And, like a true scientist, I provided the results and conclusion that
> the advertising ID was trivially easily completely eliminated from the
> Android system. Like any true scientist, I know *more* needs to be
> explored, such as the question of whether the Advertising ID is hidden
> somehow, and that similar tests need to be performed to see if it is as
> easy to eliminate the advertising ID on iOS as it was on Android.
> This is what scientists do.
hypothesis based on the observation, design an experiment ideally to
disprove your hypothesis, and then assess objectively whether the
experiment had achieved your aim.
Nowadays you can also develop hypothesis free experiments, generally where
your large amounts of data in an attempt to develop a hypothesis.
> This is fact.
Good scientist are rarely categorical. That's a fact ;)
Aardvarks
Aug 4, 2016, 8:14:14 PM8/4/16
to
On Thu, 04 Aug 2016 11:01:27 -0700, Jeff Liebermann wrote:
> Even your Smartphone battery status is tracking your online browsing:
> <http://tech.thaivisa.com/warning-your-smartphone-battery-status-is-being-used-to-track-your-every-move-online/16596/>
> <http://randomwalker.info/publications/OpenWPM_1_million_site_tracking_measurement.pdf>
> Resistance is futile. So it capacitance and inductance. You will be
> conglomerated into the data mass.
Hi Jeff,
> Even your Smartphone battery status is tracking your online browsing:
> <http://tech.thaivisa.com/warning-your-smartphone-battery-status-is-being-used-to-track-your-every-move-online/16596/>
> <http://randomwalker.info/publications/OpenWPM_1_million_site_tracking_measurement.pdf>
> Resistance is futile. So it capacitance and inductance. You will be
> conglomerated into the data mass.
I've given up responding to the Apple Apologists who infest the iOS
newsgroup, so, you're the only one I'm responding to. Not one of them
provided a *single* valid datum (and we knew that from the start).
The iOS people can't comprehend actual *facts*.
It's beyond their capabilities.
a. They bought on pure style, facts be damned
b. They fear so much that Apple Marketing plays them like a fiddle
c. IOS users "just give up", which is how they handle their AdID privacy
But on to your point...
I *understand* your sentiment that resistance is futile, and I even echoed
that by stating that neither iOS nor Android is inherently more secure
because it's like saying which leaks water faster, a steel garbage can
peppered by buckshot or a plastic recycling bin peppered by buckshot.
However, with respect to *just* the advertising ID, the references I cited
explained the program that generates it, and, wiping out that program wiped
out the reference ID (as far as *anyone* can show) - so, at least on
Android, the recycling bin has a few holes you *can* plug up.
On the far more primitively less tweakable iOS, you can't plug those holes,
so, they exist, no matter what you do.
But, again, your point is valid that *both* platforms are so full of
security holes that only people who actually believe everything that Apple
Marketing spews forth would (falsely) feel more secure with one than with
the other.
Regarding your reference ...
https://blog.lukaszolejnik.com/battery-status-readout-as-a-privacy-risk/
It's interesting that Firefox calls the smartphone battery API in order to
figure out your battery level, such that the battery level can be used for
fingerprinting. https://www.w3.org/TR/battery-status/
It's also interesting that it's "slightly* less fingerprintable if you're
*not* connected to a charger.
This is interesting because panopticlick, last I checked, did not look at
this information - but - perhaps should. (I keep a clean browser from
fingerprinting.)
Also, when I look in App Ops Starter for the permissions granted Firefox,
they entail only:
- Location (typically I turn this off)
- Modify clipboard
- Read clipboard
- Post notification
- Vibrate
- Modify settings
- Draw on top
- Camera
- Record audio
So, it's disappointing that App Ops Starter doesn't list that Firefox has
access to the "Battery status" which is a *short-lived identifier*.
If Apps Ops Starter listed that short-lived identifier, we could simply
turn off that access from within App Ops Starter.
As for protection against this fingerprinting threat, it would be nice if
we can find an app that randomly adjusts the battery registers for the
three battery parameters that are reported by the battery monitor API:
1. The current level of battery (from 0.00 to 1.0)
2. Time, in seconds, for the battery to discharge
3. Time, in seconds, for the battery to charge (only if connected)
I read a few related references, which don't specifically mention laptops:
http://www.bleepingcomputer.com/news/security/how-battery-status-readouts-can-threaten-user-privacy/
Do you think this Firefox battery-status fingerprinting also works for
laptops?
nospam
Aug 4, 2016, 8:17:11 PM8/4/16
to
In article <no0lof$1ajm$1...@gioia.aioe.org>, Aardvarks
<aard...@a.b.c.com> wrote:
> On the far more primitively less tweakable iOS, you can't plug those holes,
> so, they exist, no matter what you do.
invalid assumptions.
> On the far more primitively less tweakable iOS, you can't plug those holes,
> so, they exist, no matter what you do.
Aardvarks
Aug 5, 2016, 3:52:18 PM8/5/16
to
On Thu, 4 Aug 2016 20:13:16 -0400, Aardvarks wrote:
> Do you think this Firefox battery-status fingerprinting also works for
> laptops?
Some factual updates...
> Do you think this Firefox battery-status fingerprinting also works for
> laptops?
The battery-status API privacy exploit works on multiple browsers and on
multiple operating systems, including all the well known operating systems
for both mobile devices and computers.
Setting the following "about:config" option in Firefox should prevent the
exploit that Jeff kindly informed us about:
Change from: dom.battery.enabled;true
Change to: dom.battery.enabled;false
I'm not sure where the user.js file is located on iOS or in Android, but on
your computer desktops and laptops, it will be located in "about:profiles".
Jolly Roger
Aug 5, 2016, 8:25:20 PM8/5/16
to
On 2016-08-05, Aardvarks <aard...@a.b.c.com> wrote:
> On Thu, 4 Aug 2016 20:13:16 -0400, Aardvarks wrote:
>
>> Do you think this Firefox battery-status fingerprinting also works for
>> laptops?
>
> Some factual updates...
>
> The battery-status API privacy exploit works on multiple browsers and on
> multiple operating systems, including all the well known operating systems
> for both mobile devices and computers.
Does the exploit work in Safari?
> On Thu, 4 Aug 2016 20:13:16 -0400, Aardvarks wrote:
>
>> Do you think this Firefox battery-status fingerprinting also works for
>> laptops?
>
> Some factual updates...
>
> The battery-status API privacy exploit works on multiple browsers and on
> multiple operating systems, including all the well known operating systems
> for both mobile devices and computers.
--
E-mail sent to this address may be devoured by my ravenous SPAM filter.
I often ignore posts from Google. Use a real news client instead.
JR
Aardvarks
Aug 5, 2016, 9:06:58 PM8/5/16
to
On 6 Aug 2016 00:25:17 GMT, Jolly Roger wrote:
> Does the exploit work in Safari?
In a quick read of these references...
> Does the exploit work in Safari?
https://www.theguardian.com/technology/2015/aug/03/privacy-smartphones-battery-life
http://www.independent.co.uk/life-style/gadgets-and-tech/news/phone-batteries-can-be-used-to-spy-on-their-owners-could-track-people-around-the-internet-10435578.html
https://it.slashdot.org/story/15/08/03/1728255/privacy-alert-your-laptop-or-phone-battery-could-track-you-online
http://www.wired.co.uk/article/privacy-hole-in-firefox
http://www.ibtimes.co.uk/smartphone-laptop-batteries-compromise-web-browser-privacy-suggest-security-experts-1513979
http://mashable.com/2015/08/04/battery-privacy-html5/
http://www.telegraph.co.uk/technology/internet-security/11782851/Can-your-battery-life-give-away-your-identity.html
http://www.belfasttelegraph.co.uk/technology/mobile-phone-batteries-can-be-used-to-spy-on-their-owners-could-track-people-around-the-internet-31423953.html
http://www.theinquirer.net/inquirer/news/2420547/phone-batteries-can-track-you-around-the-internet
http://blogs.wsj.com/digits/2015/08/04/7-ways-youre-being-tracked-online-and-how-to-stop-it/
http://eprint.iacr.org/2015/616.pdf
http://betanews.com/2015/08/03/privacy-alert-your-laptop-or-phone-battery-could-track-you-online/
http://www.dailymail.co.uk/sciencetech/article-3185191/Are-tracked-using-smartphone-s-BATTERY-LIFE-Information-harvested-make-websites-energy-efficient-identify-web-users.html
http://www.repubblica.it/tecnologia/sicurezza/2015/08/05/news/privacy_batteria_telefono-120471082/
http://www.liberation.fr/direct/element/quand-le-niveau-de-batterie-de-votre-telephone-devient-un-mouchard_14537/
http://tecnologia.elpais.com/tecnologia/2015/08/04/actualidad/1438686007_043163.html
http://www.nzz.ch/nicht-nur-der-akku-verraet-nutzer-ld.1278
http://www.police.be/fed/fr/actualites/298-surfons-tranquille-api-battery-status-un-espion-insoupconne
etc. (the last few are not in English though)
It seems it's "a little-known feature of the HTML5 specification" which
Firefox, Opera and Chrome support and it was "introduced by the World Wide
Web Consortium (W3C, the organisation that oversees the development of the
web’s standards) in 2012".
Here's a quote from the first article:
https://www.theguardian.com/technology/2015/aug/03/privacy-smartphones-battery-life
"The researchers point out that the information a website receives is
surprisingly specific, containing the estimated time in seconds that the
battery will take to fully discharge, as well the remaining battery
capacity expressed as a percentage. "
"Worse still, on some platforms, the researchers found that it is possible
to determine the maximum battery capacity of the device with enough
queries, creating a semi-permanent metric to compare devices".
Jolly Roger
Aug 5, 2016, 10:46:46 PM8/5/16
to
Aardvarks <aard...@a.b.c.com> wrote:
> On 6 Aug 2016 00:25:17 GMT, Jolly Roger wrote:
>
>> Does the exploit work in Safari?
>
> In a quick read of these references...
[seemingly endless list of URLs followed by zero substance omitted]
> On 6 Aug 2016 00:25:17 GMT, Jolly Roger wrote:
>
>> Does the exploit work in Safari?
>
> In a quick read of these references...
Is that a "yes" or a "no"? Because if Safari's WebKit is unaffected, that
means most of the entire iOS platform is unaffected - which leads one to
wonder: why are you posting this to misc.phone.mobile.iphone?...
#obvioustroll #lame
Aardvarks
Aug 5, 2016, 11:41:47 PM8/5/16
to
On 6 Aug 2016 02:46:43 GMT, Jolly Roger wrote:
> [seemingly endless list of URLs followed by zero substance omitted]
>
> Is that a "yes" or a "no"? Because if Safari's WebKit is unaffected, that
> means most of the entire iOS platform is unaffected - which leads one to
> wonder: why are you posting this to misc.phone.mobile.iphone?...
What?
> [seemingly endless list of URLs followed by zero substance omitted]
>
> Is that a "yes" or a "no"? Because if Safari's WebKit is unaffected, that
> means most of the entire iOS platform is unaffected - which leads one to
> wonder: why are you posting this to misc.phone.mobile.iphone?...
Why do you troll so much?
Is this a safari-only newsgroup?
Or, are you really so stuck in the stone age that you actually think that
the primitive and restrictive Safari is the *only* browser on iOS?
Or, are you so limited in your choices of browsers, that you can't imagine
anyone using a modern browser that supports the latest HTML5 specification
(even though it is a few years old by now).
Sheesh.
You say "I" troll, but Jeff kindly brought this topic up, and he wasn't
trolling when he brought it up. I was simply responding to Jeff ... so, as
always, *you* are the troll accusing me of bringing this topic up when all
I did was flesh it out (every single time - the troll is *always* you!).
You add *zero* value.
And you accuse people who do add value of things that only you do!
It's funny, but you don't even *remember* how this was brought up - that's
how little you count to the discussion!
Anyway, despite your childish lack of usable memory and your constantly
annoying trolling behavior, my response to your specific Safari question is
that I don't know anything about the primitive Safari app since I wouldn't
be caught dead using such a restrictive browser.
Therefore, I don't know whether Safari supports the latest battery api in
the HTML5 specification or not - so it behooves you to figure out whether
Safari has been updated to support HTML5 components such as the battery
API.
Apple is so slow to update their apps that I'd guess being five years
behind everyone else is pretty normal for them - so you might actually be
safe with the primitive Safari app after all.
I mean, the most important thing in the world to you is for Apple to keep
you safe, isn't it? So, this time, Apple may have saved you from the modern
HTML5 specification. Sometimes, doing nothing to improve your apps works
out for the best.
In fact, knowing how primitive and restrictive Safari is, I'd take a guess
that Safari probably does not yet support this relatively recent (2012)
HTML5 component, since Safari is still stuck in the stone age, so, you're
probably safe this time due to the primitive nature of Apple products
(which would be a good thing in this case so I congratulate you on your
choice of browsers).
If my guess is right that Safari is still stuck in the stone age, then the
topic that Jeff brought up about the HTML5 specification Battery API is
still relevant to the more modern browsers that are available on iOS.
But, you're probably safe if you stick with Safari (which was probably
never updated to the latest HTML5 specification, knowing Apple).
Jolly Roger
Aug 6, 2016, 10:42:58 AM8/6/16
to
Aardvarks <aard...@a.b.c.com> wrote:
> On 6 Aug 2016 02:46:43 GMT, Jolly Roger wrote:
>
>> [seemingly endless list of URLs followed by zero substance omitted]
>>
>> Is that a "yes" or a "no"? Because if Safari's WebKit is unaffected, that
>> means most of the entire iOS platform is unaffected - which leads one to
>> wonder: why are you posting this to misc.phone.mobile.iphone?...
>
> On 6 Aug 2016 02:46:43 GMT, Jolly Roger wrote:
>
>> [seemingly endless list of URLs followed by zero substance omitted]
>>
>> Is that a "yes" or a "no"? Because if Safari's WebKit is unaffected, that
>> means most of the entire iOS platform is unaffected - which leads one to
>> wonder: why are you posting this to misc.phone.mobile.iphone?...
>
> Is this a safari-only newsgroup?
[more useless troll blather omitted]
So most of iOS is unaffected. Thanks for playing! : )
Troll on.
nospam
Aug 6, 2016, 10:54:06 AM8/6/16
to
In article <e0mbbe...@mid.individual.net>, Jolly Roger
ever finding the very 'facts' he claims to seek.
<http://caniuse.com/#feat=battery-status>
<jolly...@pobox.com> wrote:
> >
> >> [seemingly endless list of URLs followed by zero substance omitted]
> >>
> >> Is that a "yes" or a "no"? Because if Safari's WebKit is unaffected, that
> >> means most of the entire iOS platform is unaffected - which leads one to
> >> wonder: why are you posting this to misc.phone.mobile.iphone?...
> >
> > Is this a safari-only newsgroup?
>
> [more useless troll blather omitted]
>
> So most of iOS is unaffected. Thanks for playing! : )
>
> Troll on.
it's amazing how much useless nonsensical spew he can generate without
> >
> >> [seemingly endless list of URLs followed by zero substance omitted]
> >>
> >> Is that a "yes" or a "no"? Because if Safari's WebKit is unaffected, that
> >> means most of the entire iOS platform is unaffected - which leads one to
> >> wonder: why are you posting this to misc.phone.mobile.iphone?...
> >
> > Is this a safari-only newsgroup?
>
> [more useless troll blather omitted]
>
> So most of iOS is unaffected. Thanks for playing! : )
>
> Troll on.
ever finding the very 'facts' he claims to seek.
<http://caniuse.com/#feat=battery-status>
Jolly Roger
Aug 6, 2016, 11:14:10 AM8/6/16
to
confronted with reality. He's a piss poor old troll.
Aardvarks
Aug 6, 2016, 3:05:33 PM8/6/16
to
On Sat, 06 Aug 2016 10:54:16 -0400, nospam wrote:
> it's amazing how much useless nonsensical spew he can generate without
> ever finding the very 'facts' he claims to seek.
Funny coming from you ... who has never once told the truth.
> it's amazing how much useless nonsensical spew he can generate without
> ever finding the very 'facts' he claims to seek.
Your URL simply says that, as I predicted, that Safari is primitive code
that doesn't even support the modern battery-status HTML5 spec which
debuted years ago.
Since your primary motive in using iOS is fear, this primitive code served
you well in this case.
However, your main approach is to "Just Give Up", so, that's why you never
once considered that there are more modern browsers out there for iOS.
You, like the Jolly Roger troll, never once added value to a single
conversation of fact. You can't actually add value.
That's because:
a. You're afraid
b. You want Apple Marketing to save you
c. You can only think of 1 way to do anything, and if that 1 way fails, you
"just give up".
It's an Apple one-button-mouse trademark term:
*"Just Give Up"*
Luckily, since you use Safari, and since Safari gave up long ago on modern
improvements in the HTML5 spec, just giving up has kept you safe.
Congratulations!
Hiding under the iOS rock has its benefits in safety after all.
Aardvarks
Aug 6, 2016, 3:07:22 PM8/6/16
to
On 6 Aug 2016 15:14:06 GMT, Jolly Roger wrote:
> He's a piss poor old troll.
Says Jolly Troll himself.
> He's a piss poor old troll.
Your contribution to this thread is .... what?
0 === troll roger
PS: Given your zero contribution ever, should we call you Jolly Troll or
Troll Roger?
nospam
Aug 6, 2016, 3:37:15 PM8/6/16
to
In article <no5cda$ud1$1...@gioia.aioe.org>, Aardvarks
that it should be disabled, then when it's shown that safari is not
vulnerable at all, you call safari primitive.
you can't have it both ways.
not only that, but most of the browsers listed are based on apple's
webkit, so if you're going to say that safari is primitive code, you're
also saying that android, chrome and opera are just as primitive, given
that they also use webkit.
so much for your 'facts'.
In article <no2qpc$1d8b$1...@gioia.aioe.org>, Aardvarks
<aard...@a.b.c.com> wrote:
>
> > it's amazing how much useless nonsensical spew he can generate without
> > ever finding the very 'facts' he claims to seek.
>
> Funny coming from you ... who has never once told the truth.
>
> Your URL simply says that, as I predicted, that Safari is primitive code
> that doesn't even support the modern battery-status HTML5 spec which
> debuted years ago.
first you babble that the battery status is a 'privacy exploit' and
>
> > it's amazing how much useless nonsensical spew he can generate without
> > ever finding the very 'facts' he claims to seek.
>
> Funny coming from you ... who has never once told the truth.
>
> Your URL simply says that, as I predicted, that Safari is primitive code
> that doesn't even support the modern battery-status HTML5 spec which
> debuted years ago.
that it should be disabled, then when it's shown that safari is not
vulnerable at all, you call safari primitive.
you can't have it both ways.
not only that, but most of the browsers listed are based on apple's
webkit, so if you're going to say that safari is primitive code, you're
also saying that android, chrome and opera are just as primitive, given
that they also use webkit.
so much for your 'facts'.
In article <no2qpc$1d8b$1...@gioia.aioe.org>, Aardvarks
<aard...@a.b.c.com> wrote:
> Some factual updates...
>
> The battery-status API privacy exploit works on multiple browsers and on
> multiple operating systems, including all the well known operating systems
> for both mobile devices and computers.
>
> Some factual updates...
>
> The battery-status API privacy exploit works on multiple browsers and on
> multiple operating systems, including all the well known operating systems
> for both mobile devices and computers.
>
Jolly Roger
Aug 6, 2016, 3:59:29 PM8/6/16
to
On 2016-08-06, nospam <nos...@nospam.invalid> wrote:
> In article <no5cda$ud1$1...@gioia.aioe.org>, Aardvarks
><aard...@a.b.c.com> wrote:
>
>>> it's amazing how much useless nonsensical spew he can generate without
>>> ever finding the very 'facts' he claims to seek.
>>
>> Funny coming from you ... who has never once told the truth.
>>
>> Your URL simply says that, as I predicted, that Safari is primitive code
>> that doesn't even support the modern battery-status HTML5 spec which
>> debuted years ago.
>
> first you babble that the battery status is a 'privacy exploit' and
> that it should be disabled, then when it's shown that safari is not
> vulnerable at all, you call safari primitive.
So lame. He's fooling nobody here.
><aard...@a.b.c.com> wrote:
>
>>> it's amazing how much useless nonsensical spew he can generate without
>>> ever finding the very 'facts' he claims to seek.
>>
>> Funny coming from you ... who has never once told the truth.
>>
>> Your URL simply says that, as I predicted, that Safari is primitive code
>> that doesn't even support the modern battery-status HTML5 spec which
>> debuted years ago.
>
> first you babble that the battery status is a 'privacy exploit' and
> that it should be disabled, then when it's shown that safari is not
> vulnerable at all, you call safari primitive.
tlvp
Aug 7, 2016, 1:47:37 AM8/7/16
to
On Sat, 6 Aug 2016 15:03:21 -0400, Aardvarks wrote:
> Your URL simply says that, as I predicted, that Safari is primitive code
> that doesn't even support the modern battery-status HTML5 spec which
> debuted years ago.
Indeed. Corollary: noone can exploit the battery-status spyware
> Your URL simply says that, as I predicted, that Safari is primitive code
> that doesn't even support the modern battery-status HTML5 spec which
> debuted years ago.
capabilities using Safari; i.e., Safari (precisely because of its greater
primitivity) is a more secure browser in that regard.
I should have thought that should make you happy :-) . Cheers, -- tlvp
nospam
Aug 7, 2016, 3:56:48 AM8/7/16
to
In article <fc29vdq9fnqt.1j...@40tude.net>, tlvp
with android, chrome and opera, just different forks.
<mPiOsUcB...@att.net> wrote:
> On Sat, 6 Aug 2016 15:03:21 -0400, Aardvarks wrote:
> > Your URL simply says that, as I predicted, that Safari is primitive code
> > that doesn't even support the modern battery-status HTML5 spec which
> > debuted years ago.
>
> Indeed. Corollary: noone can exploit the battery-status spyware
> capabilities using Safari; i.e., Safari (precisely because of its greater
> primitivity) is a more secure browser in that regard.
except that it's not more primitive because it shares a common codebase
> On Sat, 6 Aug 2016 15:03:21 -0400, Aardvarks wrote:
> > Your URL simply says that, as I predicted, that Safari is primitive code
> > that doesn't even support the modern battery-status HTML5 spec which
> > debuted years ago.
>
> Indeed. Corollary: noone can exploit the battery-status spyware
> capabilities using Safari; i.e., Safari (precisely because of its greater
> primitivity) is a more secure browser in that regard.
with android, chrome and opera, just different forks.
Clifford Heath
Aug 7, 2016, 7:42:49 AM8/7/16
to
close to zero cross-pollination for some time.
Can you folk please drop sci.electronics.repair from
the newsgroup list? Android v iOS discussions have no
place there.
Jolly Roger
Aug 7, 2016, 2:06:51 PM8/7/16
to
Clifford Heath <no....@please.net> wrote:
>
> Can you folk please drop sci.electronics.repair from
> the newsgroup list? Android v iOS discussions have no
> place there.
You can certainly ask the OP, Aardvarks (a well known Apple hating nym
>
> Can you folk please drop sci.electronics.repair from
> the newsgroup list? Android v iOS discussions have no
> place there.
switching troll), to refrain from including that group. Just don't hold
your breath.
0 new messages