[HN Gopher] Leaving Spellcheck Enabled Is a Privacy Risk (2016) ___________________________________________________________________ Leaving Spellcheck Enabled Is a Privacy Risk (2016) Author : behnamoh Score : 61 points Date : 2020-05-10 17:04 UTC (5 hours ago) (HTM) web link (github.com) (TXT) w3m dump (github.com) | detaro wrote: | (2016) | [deleted] | lynndotpy wrote: | I don't believe Signal Desktop runs as a Chrome app anymore, can | anyone confirm? | sneak wrote: | That's correct. | Zhenya wrote: | Just an FYI, you can run it in Linux on Chromebook: | | https://support.google.com/chrome/a/answer/9025903?hl=en | gentleman11 wrote: | Is this a chrome/electron only issue, or is it OS level as well? | What about Firefox? | livre wrote: | Chrome issue, you can disable it in the settings page. | SteveNuts wrote: | What about things like spotlight? If I work in healthcare and I | search for "Jane Doe medical records.txt" does part or all of | that search end up hitting a webservice somewhere? | palijer wrote: | You can use an SSL proxy/snooper to find out. I use Charles to | see what is actually happening at that level, you would be | surprised (or not) at how much stuff is sent to third parties. | | https://www.charlesproxy.com/ | arthurcolle wrote: | Interesting. I wonder if Little Snitch can do this (I bought | it a while back) | scalableUnicon wrote: | That used to be straight forward, but now most of the apps | come with certificate pinning and for seeing through network | request, toying with tools Frida are now needed. | rovr138 wrote: | By default, yes. | sneak wrote: | By default on iOS every single search in the app search pane | hits the web, character by character. | | That and iCloud Backup are the first two things I disable on a | vanilla iOS. | HenryBemis wrote: | Fun fact. iCloud backup "conveniently" records all phone | history (calls, text messages). And maybe the authorities | cannot get into your phone (debatable) but Apple always gives | them your backups (warrant+gag order). And that includes ALL | call logs and ALL your SMS and iMessages. | ThePowerOfFuet wrote: | >and iMessages | | Not if you don't have iMessage enabled in iCloud settings. | WrtCdEvrydy wrote: | I haven't done a lot of iCloud recoveries, but regular | backups have passwords by default. | snazz wrote: | I'm not condoning Apple's decision to not perform end-to- | end encryption on iCloud backups, but they would be pretty | useless if they didn't include call logs and text messages. | If I lose my phone and restore from a backup on a new one, | I want my old text messages as much as any other piece of | data. | grawprog wrote: | Google, not that I typically support things they do, | found a way to do both: | | https://support.google.com/googleone/answer/9149304?co=GE | NIE... | | As far as I know, appleid's have some kind of | password/authentication system that could be used to | encrypt backups. | dubcanada wrote: | It doesn't say it stores text messages? It says it stores | text messages on Android which means they are not backed | up. | | It also says you use Android messenger which hooks up to | Google's services. | | The text messages have to be stored somewhere. | qwerty456127 wrote: | AFAIK leaving the text translation feature enabled (even if you | disable for a particular language) is even more of a risk. | londons_explore wrote: | Text translation in Chrome doesn't send anything to Google | servers unless you actually translate a page. | | It detects what language the page is written in with an | entirely client side model (which is why it's accuracy is | poor). ___________________________________________________________________ (page generated 2020-05-10 23:00 UTC)