Reply With QuoteBad news today from the US Govt - Senate rejects plan to require a warrant for Americans’ web browsing data by one vote – TechCrunch
Member
Enjoyed the episode as usual. bgilly, what is your opinion of the browser Vivaldi in general and/or versus Brave?
Member
Bad news today from the US Govt - Senate rejects plan to require a warrant for Americans’ web browsing data by one vote – TechCrunch
Member
I’ve never used Vivaldi so I don’t have an opinion on it. My personal take on browsers is I like to use the biggest browser brands when possible. This is because the software developers that build websites and web apps test their work against only the biggest browsers. Usually in the following order - Chrome, Safari, Firefox. Sometimes only Chrome and Safari are tested.
I am a fan of the Brave browser. It works great overall and allows for some good privacy functions to work on mobile devices. Since it is based on Chromium (the open source software that Chrome runs on) it works really well and I’ve found that if a site works well in Chrome then it will probably work well in Brave. Nice bonus with Brave is you can install Chrome extensions on it. I stopped using Brave because it doesn’t have a full featured sync between desktop and mobile like Chrome, Safari and Firefox do. So I switched to Firefox. Now that I’m using Firefox Containers I’m probably going to stick with Firefox for a while.
Member
Ben, @justin_hart on twitter has a post thread, started at ~325pm EST, about iphone's new updates...iOS13.5, with exposure notifications and COVID-19. Any recs to prevent this on an iphone for my kids and wife? Thanks.
Member
This is a tough one. There are parts about it that I like (relatively speaking) and parts about it that I don't like.
To start, here are the websites from each participating company on this topic - Google | Exposure Notifications API and Privacy-Preserving Contact Tracing - Apple and Google
What I like:
- This system has been built by companies that know how to build secure and private products. As opposed to being built by a government or some other company where the opportunity for neglect could be higher than it is at Apple and Google. The amount of security expertise within Google and Apple both is really high. They hire the best of the best. So if this whole thing *can* be done well, it would be by the likes of the engineers at those two companies.
- This means that entities who don't know how to build secure systems can leverage what has been done via the APIs and just gain insights from the data.
- It is opt-in (instead of opt-out) (for now).
What I don't like (aside from the obvious point of having another thing that might violate my privacy):
- As far as I can tell, the Apple/Google system is not open-sourced. Hopefully I'm wrong on this and just can't find it. Black box software that wants to follow me around is not ideal to say the least. Buddy of mine at Apple worked with the Singaporean government to build their system, which is at least partly open-sourced - OpenTrace * GitHub - so at least there's some audit capabilities there by anybody who cares to look at the code. That being said, just because the client-facing code is open-sourced doesn't mean the server-side code is. Lots of potential for shadiness. Oh, you might be thinking something like "are you crazy?! referencing Singapore in a conversation about privacy?!" and you are generally correct, but in this specific instance they might be doing a better job at it than some other governments.
- I'm skeptical about this contact tracing function ever being removed/disabled. Also, since it is being baked into the operating systems, we'll never be able to truly know. This is every government's wet dream - a built-in tracker on every single smartphone on the planet just waiting to be taken advantage of. NSA doesn't even have to backdoor a target's phone if they figure out how to take advantage of this, which typically speaking is just a matter of time.
- Due to the encrypted nature of how our phones' operating systems communicate back to Apple and Google's servers, we cannot know when our location data is being transmitted and we cannot stop it from being transmitted. It wasn't that long ago that Apple got caught gathering location data without turning the little GPS indicator at the top left of your phone. They may not have been acting maliciously (that's their claim), but they let the cat out of the bag that they're not always as transparent as they promise.
- Google. They are not the company they used to be. They bow to the pressures of oppressive governments like the US and China. In my opinion, they are not to be trusted as a whole. It makes me truly uncomfortable to write that statement publicly, but I fear it is true. I know some great people at Google. Like any organization that does things I don't like, Google has a ton of awesome people that work there and who do their best every day to protect our privacy.
- There's not a damn thing you or I can do about it. Here's what I'm going to do - not opt-in and keep an eye on how the system unfolds to see if there's any way to try and block it or detect it's use in the future.
@mpalios sorry to the bearer of bad news, but we're collectively screwed on this one. There are no useful smartphone alternatives. The Librem phone has unfortunately been met with terrible reviews, so it is no longer really an option. We are left with Android and iOS.
Member
So, if I turn OFF location services, this still is able to track me?
Member
Most likely, yes. Location services generally controls location access for apps that run on top of the operating system. They generally do not control location access for the operating system itself. This COVID tracking stuff is being built into the operating system.Originally Posted by mpalios
Member
Scary stuff. It seems like contact tracing through phones is inevitable. My understanding is that Android is technically open source, so isn't there a way to remove whatever contact tracing software they try to sneak in? I did a quick search and it looks like there are some smaller open source operating systems out there. Would any of these be a better alternative?
Member
There is an open source project that Android is based on, yes. That is the version of Android that all the non-Google-partner phones use. A lot of Chinese budget Android phones use this because they don't have to pay any fees to Google and it therefore allows them to reduce the handset cost. And then there's Huawei - since their being banned by the US govt they've had to stop using all Google services and they can only use the open source version of Android.
But, and this an important but, the version of Android that's running on your Android phone is not open-sourced. Google used to open source their version (known as a "fork" in the software developer community) of Android but they stopped doing that a long time ago. The Android that most people are used to is closed source.
It's also worth mentioning that open source does not equal easy to modify. Even if Android were totally open-sourced, changing any part of it would require some fair amount of expertise as a software developer and a whole suite of developer tools to compile your own custom version of Android and then deploy it to your phone. For anybody who is not a seasoned developer it would be a difficult task to say the least.
Back to the contact tracing stuff relevant to all this - you're still screwed. There's no removing this from your phone as far as I can tell. I hope that changes in the future. Software developers and network engineers that are privacy advocates will hopefully come to our rescue at some point with some clever ways to break the contact tracing system. I sure hope so anyways because where I live in Orange County, California we were just told yesterday that if a contact tracing system determines that we've been exposed to somebody who has tested positive for COVID then the police can force us into a 14-day quarantine.
Starting Strength Coach
I'm ready to opt-out of all this shit and go back to a flip phone. I'm thinking flip phone that can make/take calls and text. And just have a wifi only ipod touch or ipad to do app-based stuff.
Posting Permissions