Does it though when they control both ends. It is encrypted between each end which I guess secures against things like a man in the middle attack from outside parties but their app encrypts it on one end and decrypts it on the other. I have a very hard time believing that they don’t “read” your messages at some point in that process.
i’ve seen the bullet points from that article riffed in different ways, but i think that’s the most important part:
They know you rang a phone sex line at 2:24 am and spoke for 18 minutes. But they don't know what you talked about.
They know you called the suicide prevention hotline from the Golden Gate Bridge. But the topic of the call remains a secret.
They know you got an email from an HIV testing service, then called your doctor, then visited an HIV support group website in the same hour. But they don't know what was in the email or what you talked about on the phone.
They know you received an email from a digital rights activist group with the subject line “Let’s Tell Congress: Stop SESTA/FOSTA” and then called your elected representative immediately after. But the content of those communications remains safe from government intrusion.
They know you called a gynecologist, spoke for a half hour, and then called the local abortion clinic’s number later that day.
I’ve wondered if they don’t know the data. They can perfectly read the convo on your device, assign a category what you’re talking about and keeping that category. They don’t store, read, know the conversation, they only ‘analyze’ it. F.e. if you talk about planes they may assign a category travel and sell your profile to holiday companies?
I don’t know about this, I’m just thinking that’s how I’d do it if I ran an evil corp.
These are just screenshots of the data privacy section from the Apple AppStore of each of the apps. Afaik those are mandatory & self reported by the devs of the app.
iMessage definitely has more hooks in than those listed. It’s an integral Apple service that’s hooked into your deeper iCloud account. And because of that, they know a lot more than just a mere “chat” app would get access to. Which likely makes it harder to quantify.
Moreover, Meta and Alphabet also cross reference a lot of data points from all the other sources they have (cookies, IP logs, etc.). Again making actual data points fuzzy or incomplete.
I have been using Telegram for… A really long time. A decade? Maybe not that long. But yeah, no reason to change from what works for me. You’re right about that.
Signal and Matrix(?) and the others all seem to be a recent development, and although I have downloaded a few, no one else has them or has heard of them, so their directories are empty as I have never found anyone who wants to connect that way. It means I don’t know how to use or teach older people how to use the software. I am trying to find a simple evidence-based way to encourage my family to change their minds, but it appears it will only make me look paranoid, so probably won’t try.
That’s fair enough, it’s really location based. Around where I am, telegram isn’t that popular. I’ve met a few people using Signal and I have friends/collegues pop up in the “____ has Signal” section of the app.
We don’t really have a dominant chat app around here, there’s a good mix of messenger/instagram/iMessage, with some groups sticking to Whatsapp/WeChat/Viber.
I am trying to find a simple evidence-based way to encourage my family to change their minds, but it appears it will only make me look paranoid
I think part of it is because it’s hard to convince people without first explaining how things work. Not much use in worrying about it if you can’t, just look out for yourself. What you COULD do is to use the private option when you need to talk about something sensitive. If the app is installed on their phone then they’re more likely to use it, and even if not then you’re looking out for yourself
Technically, yes, it is encrypted. However, Facebook still gets metadata on who you talk to, when you talk to them, how long you talk to them, your contact information, etc. As an example, if you talked to your girlfriend, then you talked to her doctor, and then you talked to your mom. There’s a good chance that your girlfriend may be pregnant, even if I did not know what was said. Or, if I know you are at the top of a bridge and that you contacted a suicide hotline… So just because it is encrypted does not mean it is safe.
Also WhatsApp requests access to the phone book and is very hard to use if you deny access. This is very likely done because Facebook wants access to the stored numbers to build a social graph. Even if you personally don’t mind, it is a gross privacy violation to share the phone number of other people with Facebook.
By typing in the numbers, or selectively sharing them from the address book. This works fine on Signal, Telegram and Threema. Only Whatsapp makes it so that you have to share your entire address book with the app.
With some workarounds you can actually use whatsapp also without giving it access to your address book, which shows that it is clearly an intentional dark pattern by Facebook to make people share their entire address book with them to avoid the hassle.
What sort of opsec mistakes do you have in mind? Something having to do with the content of the post like PII, credentials, credit card numbers, etc? Stylometry data points? Something about how they/you are posting like whether their user agent indicates they’re using an outdated browser?
Also, whose posts are you hoping to scan? Your own? Are you a Lemmy instance runner who wants to warn your users or something?
What’s your threat model? Who are you trying to guard against and what are you trying to keep them from getting from these posts?
Thank you, I should have mentioned my threat model and needs more clearly.
I am looking to scan my own posts/comments for stylometry statistics, for the most part, but PII would be nice. I’ll deal with the browser-agent, Cookies, IP etc.
Threat model would likely be to prevent people who might be wanting to link my identity with my online persona. Obviously, the government is excluded since they can just mine the IP from Lemmy mods and get to me. This is someone who is interested in my identity and will use FOSS/some proprietary tools to link my identities
I’ll admit this feature should have definitely been opt-in. But when the update came out there was a big pop-up on your screen when you logged in. Where you just turned all of this off and hit save. It is super easy to disable.
The sharing what I watch with friends part is dumb. But it is pretty cool how you can recommend stuff to friends.
I followed the instructions and opted out yet I’m still seeing what my users watched along with getting emails listing the same. I’m certain none of my users are interested in this and likely skipped through the pop-up without reading/comprehending it.
I got the pop up. I disabled it. But I just got an email from Plex telling me everything my family member watched in the last week. This is complete shit!!
I thought I was opting out of my account and my server. But nope, Plex is scraping up everything that’s on my server and shipping it in an email to other people including me.
It’s not perfect, but at least you’re only seeing others’ activity.
There’s hopefully a “discover” email notification you can disable. I haven’t been bothered enough to check yet. Worst case, it could be filtered out pretty easily.
Having read it, this smells more like a legal firm that makes money from suing a shit ton of companies and occasionally being right ratherthan any real evidence of the patient data disclosure.
If only our government was brave enough to make an example of them…but no, there will probably be a settlement that results in every victim getting 92 cents, and no further repercussions for either cooperation.
If you’re using Plex for porn and also adding friends on it, what were you thinking in the first place? Like, it was so obvious something like this was going to happen, and that’s besides the already existant risk of accidentally sharing the wrong library with your friend.
It’s a cool feature, it obviously would have been better if it filtered by age rating or adult film by default to begin with but I really see this as an overreaction.
Just FYI, as soon as money starts changing hands, it can open you up to a whole extra level of legal damages for piracy, assuming the content isn’t licensed for distribution. Ripping your own DVDs for yourself is one thing, but selling access to the copies via a media server is way less of a gray area, and they can point to real numbers as damages.
Yeah it’s definitely way past the line where it becomes worthwhile to go after you and there’s even a money trail somewhere to trace it back. IMO definitely not worth any potential legal headaches to buy or sell a service like this.
Im not certain about lemmy communities but look up plexshares or jellyfin shares in reddit perhaps?
Also while I do agree money complicates things, since you are the purchaser, typically it carries less risk.
In either event stay away from shares that do not offer a cheap (few days) or free trial. Then again never sign up for “lifetime” bs, go on a monthly plan so you can drop them if the QoS drops.
Enshittification is the norm for all for profit endeavours. Exceptions to this are exceedingly rare and usually just a matter of time rather than truly being an exception.
Well thats just short sighted. Theres barely a reason for the average consumer to even think about plex let alone sell em on anything. Maybe if they tried to resurrect DVD sales or become the bandcamp of movies they would have a plan. But just a media organizer? Theres no way those investors are getting that 80mil back.
privacy
Hot
This magazine is from a federated server and may be incomplete. Browse more on the original instance.