[HN Gopher] Fake_contacts: Android app to create fake phone cont...
___________________________________________________________________
Fake_contacts: Android app to create fake phone contacts, to do
data-poisoning
Author : karlzt
Score : 322 points
Date : 2021-02-27 17:08 UTC (5 hours ago)
(HTM) web link (github.com)
(TXT) w3m dump (github.com)
| vmception wrote:
| To everyone talking about Clubhouse, there isn't an android
| version so this code is not useful as it is only for android
| throwawei369 wrote:
| TIL The vast userbase of HN is 95% Apple, 3% Android, 0.0005%
| Pinephone. The remaining ~1% don't even make a digital
| footprint since they use the old Nokia 3310 type phones.
| collaborative wrote:
| Phone numbers are too public. The reason why they're used by
| messaging apps is that they are a goldmine to have. They actually
| make it harder to chat (ever tried using Whatsapp/Signal on a PC?
| Yes, you'll need to have it installed on your phone first (and
| have given over your contacts))
|
| That's why I chose to set (masked) emails as the primary id on
| groupsapp.online and even these can't be seen publicly unless you
| share a "group". Others will just see XXXX@gmail.com
| rasse wrote:
| This makes me wonder if anyone has set up canary emails or phone
| numbers in their phone contacts.
| KirillPanov wrote:
| The robocall epidemic has pretty much made the notion of
| "canary phone numbers" useless.
| praptak wrote:
| What do you mean by "canary" in this context? How do you detect
| that the canary is dead?
|
| I assume that the "canary being dead" ~= "an adversary added
| the contact to their watch list". But I don't think you can
| detect that.
|
| The best you could do is to add a random physical address
| hoping that you can detect physical surveillance (which is
| probably not realistic anyway).
| rzzzt wrote:
| It is like signing up with an e-mail +suffix for services, or
| the non-existent streets on digital maps; if you come across
| your fake contact elsewhere, you know that information has
| been shared.
| vmception wrote:
| it is trivial to strip suffixes off of aliased email
| addresses
| rzzzt wrote:
| What is the equivalent to that in the fake phone contacts
| domain? I guess removing people with the +21 country code
| would work for this particular approach, but
| otherwise...?
| vmception wrote:
| Good question hmm, I think its just a different strategy
| with phone contacts
|
| A data broker primarily wants the social graph to make a
| user profile with a phone number, to show ads later on.
| Those people wont typically be texting or calling with
| spam and ads, theyll just match the number and contacts
| up with information shared in other apps so that ads in
| your normal internet browser or ad-include app use are
| more targeted
|
| so if an erroneous contact never logs in thats of no
| consequence to them, so searching to exclude numbers
| would be less interesting and less likely than with just
| sanitizing emails
| kogir wrote:
| If you control your own email routing, by using your own
| mail server, Google Workspace, Microsoft 365, etc, you
| can choose whatever convention you want.
|
| How would you know to strip everything after my first
| name?
| vmception wrote:
| I wouldn't care about the people using their own mail
| server
|
| I would just strip everything after a + sign
| rsync wrote:
| "it is trivial to strip suffixes off of aliased email
| addresses ..."
|
| This actually is not a bad point to make ... it would, in
| fact, be simple to strip +aliases but ... economically I
| don't think it makes any sense.
|
| You'd have to have a high level decision maker dictating
| an engineering fix in order to increase email
| authenticity by ... .01% ?
|
| ... and that assumes that the "engineers" down the chain
| understand how '+' works in email to begin with and have
| somehow communicated that back up to management.
| vmception wrote:
| My response here is that I think this discussion is
| naive, as the data brokers themselves already do it.
|
| So who cares about what some engineer at a random new
| business thinks.
|
| Aliasing isn't new. So this isn't a cat and mouse game
| that just got started.
| rasse wrote:
| Exactly!
| rasse wrote:
| Detection would require a call/sms/email. The idea would be
| just to detect, if your leaked data has been acted upon.
| rsync wrote:
| "This makes me wonder if anyone has set up canary emails or
| phone numbers in their phone contacts."
|
| We (rsync.net) have a handful of dummy/fake users in our
| database whose emails we monitor. The email addresses are
| cryptic and random and use a different domain, etc.
|
| We should never see an email sent to one of these "canary"
| email addresses and, so far, we have not.
|
| I am also aware that many of our customers sign up with
| service-specific email addresses, using the '+' character ...
| something like john+rsync@mydomain.com.
|
| I personally have a rich and well developed pseudonym that I
| use for all online non-governmental transactions but in some
| rare cases I need to use my actual name and email - and in
| those cases I create '+' aliases.
| techsupporter wrote:
| I've noticed a bunch of spammers starting to strip out
| anything after the + and before the @. This is why I've long
| used a catch-all e-mail domain (subdomain.example.net) where
| I can put anything I want to the left of the @ sign and no
| one is the wiser for my real e-mail address.
| Answerawake wrote:
| Is there some service where I can easily create unlimited
| custom email addresses for a flat monthly fee? I want to
| use a unique email for each new website/service. That would
| go a long way to solving some data leak/privacy problems.
| The problem with custom domain is I have to maintain it
| right? I want a service which I don't have to maintain. I
| used to use new Yahoo accounts but they are a hassle and
| recently they disabled free auto-forwarding.
| wuuza wrote:
| spamgourmet.com
|
| I have been using this since 2002. You don't even have to
| set anything up - just make up addresses on the fly. It's
| pretty awesome.
| [deleted]
| rzzzt wrote:
| Mozilla has such a service: https://relay.firefox.com/
|
| I also remember seeing one Show HN recently that offered
| similar functionality, but couldn't find it via search.
| The problem is that if the e-mail alias provider becomes
| popular enough, their subdomains are soon disqualified
| from being used when registering to sites.
| osamagirl69 wrote:
| You can do this with any email provider that supports a
| catchall. I personally use fastmail and have been very
| happy with it. You don't need to 'create' the accounts,
| you just set it up so that *@yourdomain.com goes to your
| catchall. When signing up for a new service, you pick a
| unique/random email. Then you know unambiguously where
| each email in your inbox came from.
|
| I personally use the website as the email (example, if HN
| required an email it would be hn@mydomain.com) to make it
| easier to filter. But this can be gamed/guessed, to be
| more secure it is better to generate an actual random
| email for each site and store it in your password
| manager.
| notfed wrote:
| Protonmail allows wildcard emails from 1 custom domain if
| you pay for the ~$5/mo plan. No maintaining a mail
| server, just point your MX records to their servers.
| blfr wrote:
| Catch-all support starts at EUR8 at ProtonMail.
|
| https://protonmail.com/pricing
| arminiusreturns wrote:
| I create a new email for most services I use, (run my own
| email) but I had'nt thought of this! Thanks for the idea.
| _trampeltier wrote:
| I have no contacts at all on my phone, I created something by
| myself. Now I think it would be funny to brute force Androids
| contacts and just add every number of my countrys phone providers
| :-)
| bschne wrote:
| The problem with this approach is twofold:
|
| a) At the margin, a few people doing this does _nothing_ to mess
| with big companies' data collection & analysis. But opting out
| also has the same problem, obviously, so at least it's not doing
| worse.
|
| b) In the absence of sandbox / selective sharing features like
| other commenters have mentioned, or you going so far as to _only_
| keep fake contacts in your phone, using this approach requires
| you to also share your actual contacts with the app, thus giving
| away PII of unconsenting third parties. Yes, I'd rather blame the
| app developers for collecting this data in the first place, but
| I'd still prefer not to give my contacts away whenever I can
| reasonably withhold them.
| tyingq wrote:
| Bsd style globbing is handy for this sort of thing. Like in Perl:
| use File::Glob qw/bsd_glob/; my @list = bsd_glob('This is
| nested {{very,quite} deeply,deep}');
| crazygringo wrote:
| I don't see what the point is.
|
| "Data poisoning" gives companies a bunch of fake contacts... on
| top of all your real ones?
|
| Who cares? So they send some e-mails to addresses that don't
| exist or something? So it takes up an extra 1% of disk space in
| their database?
|
| If you could share an empty address book then that would actually
| preserve the privacy of your contacts. But this doesn't do that.
|
| I don't get it.
| loveistheanswer wrote:
| The vast majority of phone calls I receive are spam calls by
| people/robocallers which I did not give my phone number to, but
| apparently someone else did. I don't want people sharing my
| phone number with random other people
| crazygringo wrote:
| Nobody had to give them your phone number.
|
| They just dial numbers at random. Phone numbers aren't
| sparsely distributed. There are entire area codes that are
| essentially fully utilized.
| [deleted]
| shervinafshar wrote:
| Not an expert on guerilla cyber-warfare, but isn't it the whole
| point of this sort of poisoning? If enough people do this the
| cost of those bouncing emails would become prohibitive. That's
| my speculation. Would be great to know more from someone who
| knows the domain better.
| remram wrote:
| Even if you make your contact list 99% bounces and 1% real
| (and every user of the app does the same), I don't see how
| this becomes a problem for the app's operator. Remove a
| contact after 1-2 bounces and you're golden.
| shervinafshar wrote:
| Fair. Still golden if this needs to be done for all
| contacts of all users?
| remram wrote:
| If they bounce they are extremely fast to cull.
| dogman144 wrote:
| Pretty nifty side point:
|
| > If enough people do this the cost of those bouncing emails
| would become prohibitive.
|
| This idea got a ton of attention in early days tech that led
| to what's known as proof of work: see bitcoin. The primitives
| of btc show up in a lot of interesting areas.
| jmatthews wrote:
| You don't bounce emails you prebounce them and clean up your
| list. This is part of any sensible data engineers process.
| jmatthews wrote:
| More helpfully, salting their db with real emails but fake
| contact info requires a more durable hygiene process and
| often isn't worth the effort for data driven shops.
|
| You serve a variety of email domains that validate as
| deliverable, then you accept emails and report the sender,
| which hurts their deliverability.
| TedDoesntTalk wrote:
| what is prebounce?
| shervinafshar wrote:
| My guess was they are referring to one of these services
| that check the validity of any email address. A false
| signal from one of these services prevented me from
| signing up for some random website with a .name domain
| the other day.
| cyral wrote:
| It will be interesting to see if these fake contacts show up in
| a leak somewhere someday. Almost like how people do
| myname+yourcompany@gmail.com, we could create similarly fake
| contacts to see who is selling or leaking data.
| shervinafshar wrote:
| *@myname.name
| [deleted]
| GekkePrutser wrote:
| I wonder if this works at all..
|
| These companies simply use your contacts to do contact mapping to
| other users. Including fake ones will do nothing as they don't
| point anywhere. Big Data will just filter them out.
| antihacker_team wrote:
| Vulnerabilities research. OWASP, PTES, NIST SP800-115. You pay
| only for the found bug, depending on the criticality. Over than 6
| years of experience. email: info@antihacker.pw
| yalogin wrote:
| This is not achieving anything positive. I don't which privacy
| threat it's fixing, other than adding a new app into the mix that
| could at some point in the future suck up the contacts itself:)
| alcover wrote:
| That is pretty insightful. Do you have an email ?
| nvoid wrote:
| I was looking through my contacts the other day, deleting some
| people I don't speak to any more. Its interesting that with 5 or
| so unique enough contacts I could be identified. If they were
| sufficiently unique, no one in the world could possible know
| those 5 people. Scary thought.
| 0df8dkdf wrote:
| That is why we should have a custom app for contacts with custom
| encryption (like keepass) to store our real contact. So not any
| app or apple or google has access them.
|
| For some ppl like political of activist fundraisers, contact info
| privacy are utter most important. In fact some of them still
| store it on rolodex, and will not put any of that into digital
| form. And as a software developer I actually support that
| tremendously.
| allurbase wrote:
| Take me to your leader.... I don't like thieves!
| bredren wrote:
| Clubhouse requires contact list in order to get invites, which
| are required to sign up right now.
|
| I get why they are doing this, and it caused me to share my
| contacts with them.
|
| However, I resented it and it put me immediately in a defensive
| posture with the product and company.
|
| There is no possible way to trust a company with your contact
| list and Apple should make it how Photos works now--where you can
| select which data to share. There are some folks I don't even
| want to possibly find in a social app.
| paul7986 wrote:
| Would never sign up or use a service that has such an invasive
| requirement..I only use my google voice number for any type of
| public to even dating transaction. Spam and robocall that all
| you want which I surprising never receive/received many such
| calls.
| [deleted]
| lucb1e wrote:
| They did something bad and yet here we are. I don't know what
| Clubhouse is, but I'm somewhat tempted to look it up.
| Marketing: successful. (I won't, in an attempt to counter that
| effect of growing due to negative publicity, but I find it
| noteworthy how well it works.)
| antipaul wrote:
| App Store guidelines forbid using the Contacts for anything
| except the intended purpose:
| https://appleinsider.com/articles/18/06/12/apple-disallows-d...
|
| Do we give CH the benefit of the doubt =p ?
|
| In any case, I also hope (and expect) Apple to implement better
| controls for sharing contacts.
|
| EDIT: Typo
| koboll wrote:
| Huh, so Clubhouse is explicitly breaking Apple's rules.
|
| Surely Apple knows this, but is allowing it because... it's
| mega-popular?
|
| What's the point of having rules if clawing your way to
| popularity by leveraging their violation is deemed
| permissible?
| jtsiskin wrote:
| How are they breaking the rules? It seems like they are
| using it for the same purpose they prompt permissions for.
| csommers wrote:
| They create ghost profiles for those contacts, just in
| case that user ever signs up. That's fucking garbage and
| they should be ashamed of doing that, let alone
| immediately removed from the App Store.
| pizza wrote:
| This seems like the shady type of thing lawmakers should
| pass laws against
| bredren wrote:
| I see this as a key problem of our times. Social
| convention used to have a stronger impact on behavior.
| Now it isn't enough for behavior to be disdained, it must
| be flagrantly illegal.
| lupire wrote:
| When was the time when social convention had a stronger
| impact?
| withinboredom wrote:
| Social convention has always had a strong impact. Where I
| live, people will cut you in line if you leave a space
| big enough for them to fit and it's perfectly ok. Where
| I'm from, if someone did that, you'd end up with an angry
| mob and probably a fist in your face.
|
| Social conventions are always stronger than the law; at
| least in person.
| pizza wrote:
| Growth by any means necessary.. seems like there are a
| tens of thousands of apps that each act like their own
| data bureau, totalling dossiers on billions of people,
| just because it makes money. Maybe a few percentage
| points' value lost as a slap on the wrist every now and
| then. I feel, that in this scenario, rather than a better
| carrot, we need a better stick..
| lupire wrote:
| It's the sort of thing Apple should ban to protect its
| claim that it is more private than Android.
| [deleted]
| TedDoesntTalk wrote:
| I mean, unless you're a newbie to the internet, how is this
| possible?
| hshshs2 wrote:
| please reconsider doing this next time if you're able to
| styfle wrote:
| I was kinda confused at first to see the top suggestions were
| all Doctor's Offices. Then I figured it out.
|
| https://twitter.com/styfle/status/1358186671007760385
| woadwarrior01 wrote:
| I have an old iPhone with an empty address book for testing
| dodgy apps that require contacts access, I use that for sending
| Clubhouse invites. OTOH, Clubhouse seem work fine on my primary
| phone, where I haven't given it contacts access.
| Haemm0r wrote:
| For Android I can recommend "Shelter"[1] which lets you setup
| a work profile, so you dont have to share your contacts,
| files, etc.. Downside: If you have already a work profile, it
| does not work (Android allows only one work profile)
|
| [1] https://f-droid.org/en/packages/net.typeblog.shelter/
| IG_Semmelweiss wrote:
| nice find.
|
| is there a list of known existing "big brother" apps ? or
| is it just as good to look at app permissions to figure
| this out ?
| lupire wrote:
| If your invitees don't also have a spare iPhone, what's the
| point of inviting them? They'll have the same problem with no
| workaround?
| woadwarrior01 wrote:
| You don't need to grant the Clubhouse app access to your
| contacts to use it. ATM, that's only needed to invite
| people.
| _jal wrote:
| Clubhouse can bite me.
|
| I refuse to use tooling from shitbags who try to exort me into
| compromising others' privacy for shiny toys.
|
| I know other shops do it, as if that makes it OK.
| Aerroon wrote:
| I remember signing up for Facebook back in the day. They
| tried to get me to share something about my email contacts
| list. That just made me not use Facebook instead.
| Unfortunately, everyone else didn't seem to have a problem
| with it.
| [deleted]
| 0x0 wrote:
| Facebook literally had a box on their web site asking for
| your email address and _email account password_ , so they
| could _log in to your webmail_ and scrape your contacts.
| bonoboTP wrote:
| Normal people value their social standing and their
| relationships, bragging rights etc. higher than abstract
| principles. It's only loners who will resist. Popular
| people will be on board because they manage their brand and
| image instinctively. Wannabe popular too.
| f430 wrote:
| Server is in the People's Republic of China to boot. But I
| know we have many wumaos and apologists here on HN because
| they tasted blood money.
| the-dude wrote:
| What about dividing your contacts into _circles_ and only give
| permission to a specific set?
| mandelbrotwurst wrote:
| Sure, as long as it's possible to create a circle containing
| only one contact, the way giving permission to access photos
| now works on iOS.
| post_break wrote:
| I mean this is why they do it. You knew it was wrong, you knew
| they were going to take that data and mine it, and you still
| said sure.
| ganstyles wrote:
| Correct. I've been a member for going on a year now and I
| have scores of invites I don't appear to be able to send
| because I won't share my contacts. Not that I care enough to
| invite people, but it's a dark pattern to even require it.
|
| I have heard there's a way to share invites without sharing
| contacts, but I haven't cared enough to even do a cursory
| search on that.
| chipsa wrote:
| unsync your contacts from whatever service provider you're
| using, make sure they're gone, go ahead and share the
| contacts (which are now empty) with Clubhouse, get the
| invites, then revert everything back?
| kzrdude wrote:
| They do it because all the successful social apps need to
| make contact discovery easy. The ones that don't use this
| trick - ethical - we don't hear so much about, maybe they
| don't succeed.
| forgotmypw17 wrote:
| There are quite a few that have not done it. I don't think
| it's necessary for success at all.
|
| HN seems to be doing pretty well, and it's never done this
| sort of thing, as far as I know.
|
| Reddit never did it during their growth phase, instead they
| provided their own seed content.
|
| Metafilter has never done anything unethical to my
| knowledge.
|
| There are many, many successful social networks which have
| not performed unethical contact harvesting and other shady
| things.
| skinnymuch wrote:
| Clubhouse raised money at a billion dollar valuation.
| Hacker News specifically and Metafilter aren't in the
| same stratosphere
| forgotmypw17 wrote:
| What are you trying to say?
|
| That because they have a lot of VC money riding on it,
| they have to do "growth hacking" in order to justify the
| funds and grow quickly enough to satisfy the investors?
|
| Well, I guess I have to agree.
| lupire wrote:
| But still, why do they need to steal your addressbook?
| They can _offer_ you to spam your contacts without
| demanding. Is the profit contingent on selling the
| address book data? To the point where they won 't let you
| _invite more people_ (help them grow!) without it?
| arkitaip wrote:
| Fomo is a helluva drug.
| jancsika wrote:
| Are you writing that to emphasize the urgency for the
| government to pass legislation to reign in unregulated online
| casinos as they continue refining their dark patterns? (I.e.,
| without legislation, these companies will continue finding
| more and more sophisticated ways to get the user to act
| against their own interest.)
|
| Or do you mean imply that a practical approach to reign in
| unregulated online casinos is to spread the message of, "Just
| Say No," in web forum comments to the ostensible addicts?
|
| Or to be fair, something else entirely? My point is I can't
| tell without context there whether you are sympathizing with
| the user ("ah yes, something needs to be done because they've
| found your weak spot"), or chastising them for not having the
| force of will to resist dark patterns.
|
| Edit: clarification
| DevKoala wrote:
| Not the poster you are replying to, but I stopped feeling
| empathy for people who complaint about lack of privacy, yet
| willingly give up their data to non-essential services that
| ask for it with all the proper disclosures.
|
| If you agreed to sharing all your contacts to listen to
| "musical tweets", I don't see why you'll be complaining.
| You willingly made a trade off.
| WA wrote:
| ... willingly give up other peoples' data.
| bonoboTP wrote:
| Social status is a hell of a drug. Clubhouse is a place
| where people like Elon Musk and famous successful
| scientists and businesspeople hang out so all the hustler
| startup get-rich people want to be on board. It's
| exclusive, it's just for fancy iPhone users. Finally an
| elite place where you can only get in by invite, most
| cannot resist. If they miss out on the bandwagon, how can
| they call themselves an early adopter on the bleeding
| edge? What will their friends thi k of them? Almost as if
| they used Android or something.
| toss1 wrote:
| And this tells me that there is a need for another step up
| for this app - to not only poison the contacts, but to
| temporarily 1) backup => 2) delete => 2a) share poisoned list
| => 3) restore contacts.
|
| So we can share the list, but they'll never get our real
| contacts, only trash data. Enough use it, maybe they'll stop
| a3n wrote:
| But wouldn't this company have to periodically review your
| contacts, to slurp up new ones?
| toss1 wrote:
| Yup, probably their next move would be to require
| constant access to contacts list and check whenever the
| app runs.
|
| The next move on this side would be to keep contacts in a
| separate app from the std Android/Apple app, and then
| have to make calls, texts, etc. from there.
|
| If only there weren't so many sociopaths running these
| companies... sorry, wrong planet
| bogwog wrote:
| In my case, I don't even remember giving them permission to
| use my contacts, yet I got accepted because one of my
| contacts sent me an invite.
|
| I might have given them permission without realizing it, but
| what could've also happened is that they saw my phone number
| in someone else's contact list, and assumed we were contacts.
| evanmoran wrote:
| You probably didn't share, as I didn't. I believe the
| contacts permission is only required if you want to share
| an invite, not to accept one.
| tonylemesmer wrote:
| That means that more than likely clubhouse have our details
| even if we have no desire to be part of it.
| srockets wrote:
| It'd be fun once they'll have EU presence.
| JumpCrisscross wrote:
| > _Clubhouse requires contact list in order to get invites,
| which are required to sign up right now_
|
| How is this GDPR compliant?
| pmontra wrote:
| I see the point, but if I upload my contract list the non
| compliance is mine (I didn't ask permission to each one of my
| contacts) or of Clubhouse (they asked me to do it)?
| avereveard wrote:
| both, yours for sharing, clubhouse's for storing.
| gnud wrote:
| It should be blaringly obvious to Clubhouse that they don't
| have the right to even store most of this data, let alone
| use it for anything.
|
| So even if you are at fault, I can't imagine that would
| help them a lot, if some data protection authority looked
| into this.
| corty wrote:
| > How is this GDPR compliant?
|
| It isn't, really, but the question whom to prosecute is
| complicated. Clubhouse gets the contact list data from you,
| the user. Usually, somewhere in the ToS, there is a little
| thing where you confirm to have the right to share all the
| data you share with Clubhouse. That means that first and
| foremost, you as a user are responsible.
|
| If you are a non-commercial user using Clubhouse from your
| private phone, what you do with your private contacts isn't
| covered by GDPR, private stuff is an exception. However, as
| consumer, European legislation protects you from surprising
| and unusual terms, which this might be. Legislation might
| also protect all your contacts. However, this is a question
| that still needs to be litigated in court, and I don't
| remember any decisions around that problem (WhatsApp
| basically has the same constellation).
|
| If you are a commercial user, because this is your work phone
| and your contacts are colleagues, business partners,
| customers, things are quite different. You are, as a data
| processor, responsible for how you pass on your contact list.
| You better make sure that you are allowed to do that (because
| you have a GDPR-compliant reason like legal obligation,
| contractual obligation with your customer, assent or
| legitimate interest) and that your contacts have been
| informed about what you are doing beforehand. Also, you then
| need a written contract with Clubhouse about the data being
| passed along, about how it will be used and protected, etc.
| Also, passing along the contacts to Clubhouse must be
| necessary for a predetermined, well-defined reason that can
| be considered more important than your contacts' right to
| privacy.
|
| So as a private person, you might get away with using
| Clubhouse. As a company, employee, self-employed, state
| official, whatever, you are probably in hot water, because
| surely you didn't do all the required things. But for
| Clubhouse this might not be a problem, because as current
| case law stands (imho, iirc, ianal, ...) Clubhouse isn't the
| party that did something wrong there.
| GekkePrutser wrote:
| On Android if you use Work Profile your work contacts are
| in a separate partition and can only be accessed by
| approved company apps. This works really well for gdpr
| compliance with dual-use (company & mobile) devices.
| msla wrote:
| Because it's a non-EU company, and non-EU citizens didn't
| vote the GDPR into existence.
|
| Europe doesn't get to impose its law on other lands.
| Colonialism is over.
| numpad0 wrote:
| Why would you want to be GDPR compliant?
| marban wrote:
| https://www.jdsupra.com/legalnews/clubhouse-app-faces-
| court-...
|
| On a side note, Germans are obsessed with Clubhouse.
| bdcravens wrote:
| To avoid substantial financial risk.
| calvinmorrison wrote:
| Has the EU sued and won against any company who is not
| located in the EU?
| otterley wrote:
| That's not a good test, because the law is still
| relatively new, and it takes a while for litigation to
| make its way through the system. We also don't
| necessarily know who has settled out of court.
|
| Would you like to be a test case for us?
| drclau wrote:
| Because in European Union it is regulation, and you (as a
| company) are fined if you are not compliant.
|
| I recommend having a look over the Wikipedia page on the
| subject:
|
| https://en.wikipedia.org/wiki/General_Data_Protection_Regul
| a...
| fiddlerwoaroof wrote:
| If you're not subject to the EU (I.e. don't have any
| offices, servers, etc. in the EU) I don't see how the
| GDPR is relevant: non-EU citizens generally aren't
| subject to the laws of the EU.
| ekianjo wrote:
| If some of your users are in the EU you need to be GDPR
| compliant.
| fiddlerwoaroof wrote:
| This is what the law says, but I don't understand how
| this is expected to work: without some kind of treaty
| from the US government, the EU has no way to make US
| companies comply.
| anonymousab wrote:
| There's a slew of individual things that can be done. EU
| companies can be prevented from doing business with a
| (willfully) noncompliant company. Wire transfers going
| through the EU and other operations can be blocked. And,
| of course, the service itself, its apps, its sites, its
| traffic, can be blocked from accessing the EU internet
| (or being accessed from it).
|
| That's not even getting into international pressure
| levers.
|
| I don't know that we've seen any of those kinds of
| actions yet, but they're clearly on the table if a
| company breaking the rules became a real "problem".
|
| The thing is, if you're just completely avoiding doing
| any business with the EU, having any EU customers or
| users, and just not touching the EU with a 1000 mile pole
| and avoiding the GDPR in such a fashion - well, then
| there's no reason to go after you. The legislation has
| done its job.
| philwelch wrote:
| > And, of course, the service itself, its apps, its
| sites, its traffic, can be blocked from accessing the EU
| internet (or being accessed from it).
|
| In other words, the EU can attempt to extend its internet
| regulations over the rest of the world by implementing a
| China-style firewall. Well, we'll see if that happens.
| gabaix wrote:
| It is more akin to the US Sanctions. You don't have to
| abide. If you do trade with sanctioned countries, you
| should not do any kind of business with the US, or pay a
| hefty penalty.
|
| Here's a case example, BNP Paribas dealings with
| sanctioned countries. https://www.wsj.com/articles/bnp-
| agrees-to-pay-over-8-8-bill...
| mattmanser wrote:
| Have you not heard of extradition treaties?
|
| For example, that's what the US is using on Kim Dotcom.
| sneak wrote:
| The US and EU have a treaty specifically about enforcing
| each other's laws. (More accurately, the nations that
| comprise the EU are individual signatories to such
| treaties.)
| fiddlerwoaroof wrote:
| Source? This lawyer seems to think that there's no
| applicable treaty.
|
| https://tinyletter.com/mbutterick/letters/you-re-not-the-
| bos...
| sneak wrote:
| Here's the one between the US and the largest economy in
| the EU:
|
| https://www.congress.gov/treaty-document/108th-
| congress/27
| corty wrote:
| There is no legal mechanism because such exist mostly for
| criminal law and civil and public debt collection. So the
| EU maybe cannot use most of the enforcement mechanisms,
| except one: You can be fined some amount of money,
| creating a public debt which can then be collected if
| there is a treaty about such collections.
| alvarlagerlof wrote:
| If you're operating a business that interacts with
| customers in the EU, GDPR applies.
| fiddlerwoaroof wrote:
| The EU says it applies but, AFAICT there's no legal
| mechanism by which it applies.
|
| Here's a lawyer's take on this:
| https://tinyletter.com/mbutterick/letters/you-re-not-the-
| bos...
| TedDoesntTalk wrote:
| I thought US companies had to agree to Privacy Shield if
| they wanted to be considered GDPR-regulated.
|
| https://www.privacyshield.gov/welcome
|
| Why any US company would voluntarily agree to this is
| beyond me, unless one of its EU customers insisted on it.
| malka wrote:
| Then you cannot have ue customers. Or make wire transfer
| through the ue.
| Moru wrote:
| You can also forget vacation trips in EU.
| numpad0 wrote:
| If thoroughly enforced, which is currently not the case.
| drclau wrote:
| "The GDPR also applies to data controllers and processors
| outside of the European Economic Area (EEA) if they are
| engaged in the "offering of goods or services"
| (regardless of whether a payment is required) to data
| subjects within the EEA, or are monitoring the behaviour
| of data subjects within the EEA (Article 3(2)). The
| regulation applies regardless of where the processing
| takes place. This has been interpreted as intentionally
| giving GDPR extraterritorial jurisdiction for non-EU
| establishments if they are doing business with people
| located in the EU."
|
| Source: https://en.wikipedia.org/wiki/General_Data_Protec
| tion_Regula...
| msla wrote:
| Countries or groups of countries don't get to impose
| their law on other countries.
|
| That's called colonialism, and Europe is supposed to have
| given it up.
| drclau wrote:
| I am not a lawyer, and I don't claim I understand the
| legal mechanisms involved. I don't even claim GDPR is
| perfect.
|
| But, as I see it, EU is protecting its citizens. If you
| want to do business with EU citizens you must abide by EU
| regulations. It's that simple. I don't get how this came
| to be all of a sudden about colonialism. Any business is
| free to stay out of EU.
| msla wrote:
| > If you want to do business with EU citizens you must
| abide by EU regulations.
|
| No, no more than if I want to do business with Saudis I'm
| liable for punishment if I drink a beer.
| drclau wrote:
| But that's not really a good analogy (not that analogies
| are proof). A better analogy would be you selling beers
| in Saudi Arabia.
|
| I urge you to read this, it should clarify things:
|
| Applicability outside of the European Union:
|
| https://en.wikipedia.org/wiki/General_Data_Protection_Reg
| ula...
| cortesoft wrote:
| And any EU citizen is free to not do business with a
| company outside the EU.
|
| Do you think the EU laws should apply to people selling
| things to EU citizens while they are on vacation in other
| parts of the world? If someone from Germany travels to
| Brazil and buys something from a store, are they required
| to abide by EU rules?
|
| If someone from the EU leaves the EU digitally to buy
| something in another country, it isn't up to the seller
| to enforce EU rules.
|
| Unless you have an entity (either yourself or your
| business) under EU jurisdiction, you don't have to follow
| their rules.
| drclau wrote:
| There's an asymmetry of information and power in the
| relationship between a business and a citizen.
| Governments, generally, attempt to mitigate this
| asymmetry. Hence, we have consumer protection laws, GDPR
| and the likes.
|
| While these solutions may be incomplete, or imperfect,
| having none is definitely worse.
|
| > If someone from the EU leaves the EU digitally to buy
| something in another country, it isn't up to the seller
| to enforce EU rules.
|
| > Unless you have an entity (either yourself or your
| business) under EU jurisdiction, you don't have to follow
| their rules.
|
| Please _do_ read the link I already posted in a previous
| comment [0]. It clarifies many things, but I don't want
| to paste too much content here.
|
| [0]: https://en.wikipedia.org/wiki/General_Data_Protectio
| n_Regula...
| fiddlerwoaroof wrote:
| This article basically confirms my suspicion that this
| provision is basically unenforceable:
|
| http://slawsonandslawson.com/article-32-the-hole-in-the-
| gdpr...
| cortesoft wrote:
| I am not sure what you are trying to argue here. I am not
| making any moral claim about whether a GDPR-type
| regulation is good or bad. I am simply saying that the EU
| saying the law applies outside their borders doesn't make
| it so.
|
| If I am a US citizen living and working in the US, and
| break the GDPR by storing data illegally from visitors to
| my website from the EU, the EU can certainly try to fine
| me or issue a summons or whatever they want to do.
|
| However, there exists no extradition treaty for this law,
| and there would be no way for the EU to enforce
| judgement.
| mellavora wrote:
| I wonder when the USA will follow suit?
| [deleted]
| paulie_a wrote:
| They are in california. They can give the finger to the gpdr.
| It's irrelevant to most people in the world
|
| People tend to forget that it is not applicable. For instance
| nothing I build will ever comply to it regardless of users
| that might be in europe
|
| Clubhouse has no duty to obey european law
|
| The question is: why do you think the need to be compliant?
| GekkePrutser wrote:
| This is not how it works. If you make it available to EU
| users, you have to comply with GDPR (at least when it comes
| to those user's data).
|
| For the same reason WhatsApp's new T&Cs don't really change
| anything for EU users.
|
| However I don't think the collection of contacts is
| actually illegal under GDPR, considering WhatsApp does
| exactly this too. And it's huge in Europe, much bigger than
| in the US. if they haven't gone after WhatsApp for this,
| they will probably not do so for Clubhouse.
| paulie_a wrote:
| If they don't do business there they don't have to
| comply. Making it available doesn't count
|
| Just like I don't have to comply if I have EU users on a
| service, I am in the united stated. europe cannot enforce
| their laws here. It's just the same as if saudia arabia
| tried to enforce their laws here. They carry no wait
|
| That is what makes the GDPR insignificant. It applies to
| Europe. Not the rest of the world. The cookie warnings
| for the vast majority of the internet are stupid an
| unnecessary
|
| So call it illegal in europe but who cares?
|
| It honestly is maddening how many people care about the
| GDPR that don't need to
| GekkePrutser wrote:
| There's many EU things that take effect with vendors
| outside the EU. Like software sales: Try to buy a license
| for a software package from the EU (or with an EU payment
| card) and you will always be hit with VAT at the rate of
| your country :( Even if the company is US based only.
| With the exception of really small ones I guess. In the
| above case it's annoying for us :) But in the case of
| GDPR it's good IMO.
|
| Anyway the EU says it applies but I agree they don't
| really have much in the way of enforcement capability
| with companies that have no presence here. Though they
| could ask Apple/Google to remove it from the store I
| suppose.
|
| And of course most companies do have a presence here. All
| multinationals do, and even the smaller ones. Even if
| it's just a sales office.
| paulie_a wrote:
| Most American companies don't though. They can safely
| ignore european laws
| TT3351 wrote:
| And also choose not operate in the nations whose laws
| they are flouting in most cases; EDIT: a few weeks ago EU
| posters here were describing how ERCOT was preventing
| access to the company's _public facing website_ , citing
| not wanting to comply with GDPR
| vmception wrote:
| I think this is a wording issue if you haven't used
| Clubhouse.
|
| You don't need to share contacts in order to get invit _ed_ ,
| like you don't have to do it to use the platform. You have to
| do it to invite others (like your friend that you told about
| Clubhouse) after you are already on the platform, so that is
| not regulated by GDPR.
|
| It is a shitty user experience and I also want Apple to
| control this at the OS level. Let me select which contacts if
| I want to do it at all.
| satya71 wrote:
| Here's how to get around Clubhouse uploading contacts. We
| shouldn't have to do this, but here we are.
|
| 1. Disable contacts for all your configured accounts 2. Add a
| dummy Gmail account, enable contacts. 3. Add invitee to dummy
| account 4. Give contacts access to Clubhouse 5. Send invite 6.
| Remove contact access 7. enable contacts disabled in 1
| lupire wrote:
| 0. Don't use Clubhouse because it adds no value?
| satya71 wrote:
| When you run a business, you have to go where the people
| are. If my customers are there, I have to be there.
| jcims wrote:
| I'd think that depends on the business. What is the
| engagement like on clubhouse? Do you participate or just
| have a presence?
| [deleted]
| gherkinnn wrote:
| I did the same and I'm still annoyed at myself.
|
| Clubhouse is pretty shit, really. So I sold my soul and got
| nothing in return.
| bredren wrote:
| Thanks for sharing this.
|
| I have similar feelings about the product, but am curious to
| hear your reasons in detail first if you'll share them.
| gherkinnn wrote:
| The one thing that got me interested is them using a photo
| as the app icon. Intriguing. Maybe there's some fun to be
| had. The rest was of no real interest to me. Silly, but
| here we are.
|
| Trivialities aside, the content is not for me. It's either
| some self-help thing or a get rich fast scheme. And I don't
| care about either.
|
| Worse though is the content delivery. They talk so much and
| say so little. Horrible.
|
| It really is this:
|
| > Clubhouse is C tier people listening to B tier people
| talk about A tier people
|
| And here I am, a D tier person not wanting to be part of
| this circlejerk.
| sneak wrote:
| When you leak your contacts, you harm others, not just
| yourself.
|
| This, among other reasons, is why I never give out the number
| of my SIM card, or my residential address, et c, to anyone.
| They're just going to click "allow" and give it to a thousand
| shady companies, starting with Facebook.
|
| I never give people data I don't want stored in my shadow
| profile.
| MaxBarraclough wrote:
| > When you leak your contacts, you harm others, not just
| yourself.
|
| As Eben Moglen puts it, _privacy is ecological, not
| transactional._
|
| See http://snowdenandthefuture.info/PartIII.html
| JMTQp8lwXL wrote:
| It's disingenuous of them to say they "have to" do contact
| upload. Why can't I type in a phone number to invite?
| Completely hostile. Consequently, I have invited nobody.
| vinay_ys wrote:
| Same here. It also seems to burn through battery more quickly
| than other apps.
| 177tcca wrote:
| An app that recreates party lines on POTS burning through
| battery is unfortunately unsurprising!
| dehrmann wrote:
| First I have to keep a burner number with a real sim card for
| things that require signup, now I have to keep a burner phone
| with no contacts?
| [deleted]
| adsharma wrote:
| I wonder if people have thought about another variant of this. An
| app that maintains two address books and switches between them
| based on context.
| tanelpoder wrote:
| Or just some form of "share only these contacts with app X"
| option at the device system/OS level.
| adsharma wrote:
| Given the tracking cookie situation, apps could refuse to
| install if that option is turned on. They can easily detect
| if they see a small number of contacts relative to average.
|
| With the two address book solution, they should have no way
| of telling which one is the real address book.
| cyberlab wrote:
| Remember: some apps check for what apps are installed on the
| device, and if they see this installed they can deduce you're
| poisoning the well.
|
| Also if you want to research obfuscation and how it thwarts
| surveillance, check these:
|
| https://www.schneier.com/blog/archives/2019/11/obfuscation_a...
|
| https://www.science20.com/news_articles/obfuscation_how_to_h...
|
| https://www.theguardian.com/technology/2015/oct/24/obfuscati...
|
| https://adnauseam.io/
|
| https://bengrosser.com/projects/go-rando/
| artwork159 wrote:
| If they saw this app installed, what might they actually do
| about me or my contact list?
| sopromo wrote:
| Remove all contacts that first name and last name start with
| Z.
|
| Docs say that they prefix every first & last name with Z so
| that would be a start.
| cyberlab wrote:
| Also: check for contacts with weird country-code prefixes
| that don't match the country the user is based in
| speedgoose wrote:
| I guess they may decide to not sell your data. Which is
| actually a good thing.
| cyberlab wrote:
| They could just flag you as someone who poisoned the well and
| ignore you I suppose. Remember: bad actors go after low
| hanging fruit and tend to ignore privacy-aware folk and those
| doing anti-surveillance.
| djrogers wrote:
| >> some apps check for what apps are installed on the device
|
| I can't believe that's allowed by the OS - seems like a
| horrible policy.
| TedDoesntTalk wrote:
| agreed. Id like to see a source or reference for this.
| throwawei369 wrote:
| https://arstechnica.com/information-
| technology/2020/03/4000-...
| TedDoesntTalk wrote:
| But the app in the original article doesn't even work on
| Android. It is an ios app. The link you provide is about
| android, right? (Still concerning , however)
| throwawei369 wrote:
| Seems you have too many HN tabs open at the same time..
| But the article I have linked shows the study done on how
| apps read this information. Goes both ways for Android
| and Apple at the time, not sure if much has changed
| TedDoesntTalk wrote:
| Yeah sorry :)
| naebother wrote:
| How does this help me? Malicious apps are still going to scoop up
| my real contacts, right? What if one of the random phone numbers
| belongs to someone deemed a "terrorist" by one the imperial
| powers and I'm judged guilty by association?
| aboringusername wrote:
| Can someone please explain to me how the collection of contact
| data is in any way legal under the GDPR and why Microsoft
| (Windows), Apple/Google haven't been required to make changes to
| prevent abuse of this permission (such as selecting specific
| contacts).
|
| I'd also like to not know why if my contact data is shared, I am
| not informed of this. If my data is uploaded by Google to their
| servers, I should know. If somebody chooses to share my data with
| $app I should know, and, be able to "opt-out" of being included,
| perhaps (although it should be opt-in!)
|
| Being able to mass collect what is often the most sensitive
| information means that consistent data is now a liability;
| keeping the same number/email can be useful for cross-
| referencing. Ideally you should rotate what data you can
| (physical address/location is obviously extremely difficult).
| Everything else is possible (browsers/IP addresses/emails/User
| Agent strings, phone numbers etc etc)
|
| The best idea is to "troll" with your data; put insane items in
| your logged in basket (ebay/amazon etc), like sex toys. You can
| even make an order (and refund it) to further poison the well.
| Log in to Google and do some disgusting searches, and train
| algorithms to have the "wrong idea" about you, this is a reality
| we're now facing as this data can (and will) be used against you
| at any opportunity.
| JCDenton2052 wrote:
| The best idea is to not use their services. Switch from Windows
| to Linux, de-google and if you must use Android keep the data
| on your phone to a minimum.
| djrogers wrote:
| > and why Microsoft (Windows), Apple/Google haven't been
| required to make changes
|
| I don't believe there's anything in the GDPR that gives it the
| ability to regulate entities several steps removed from the
| violations. If company A uses a posted letter to ask for PII
| then stores it in violation of the GDPR, would you then
| regulate the post office?
| nbzso wrote:
| All the shady data schemes and dark patterns in todays idea of
| software business motivated me to look to my phone as an enemy
| and using the web cautiously all the time. Actually the idea of
| hyperconnected future in which 24/7 monitoring of the individuals
| will be normalised and mandatory makes me cringe. The Internet
| from force of good is turning to dystopian toolchain by the hour.
| And all is because we as society cannot find an effective way to
| limit the greed.
| Klwohu wrote:
| The Internet was designed to be dystopian before it was even
| technically implemented.
| throwawei369 wrote:
| Wait until iot becomes mainstream. I foresee tiny chips
| creating mass scale mutiny against their creators and
| colonizing us (best case scenario)
| shervinafshar wrote:
| I wonder how dystopian sci-fi would read in such future? I
| mean...what would be _their_ parable of The Matrix?
| throwawei369 wrote:
| You joke. But what if we we're playing right into their
| game and robot resistance is already underway. What if
| there's more to the vaccines we're injecting into
| ourselves? Is Bill Gates even a real person or just a
| simulation?
| wruza wrote:
| Because some ['kl^bhaUs], a shitty app promoted and used by
| hype-flex-and-chill type of "people"? Just let them be and move
| on, what do you think you miss there? If you see them as a
| source of income, a second job-only phone is a must anyway.
| federona wrote:
| Society, current society also called capitalism, is designed
| not for greed but constant growth. When your goal is not
| satisfaction but constant growth and you already are a billion
| dollar company, then it makes you look at all the shady shit
| you can still do and get away with in order to grow. These
| companies don't need to grow, if anything they actually should
| be growing smaller and sustainable if we actually wanted to
| engineer towards goodness rather than money. The fact that the
| rich are getting richer while having absolutely no need for it
| says to me our prerogatives are wrong and our engineering about
| business is wrong. A lot of the common laws rules and norms
| around which business is built are insane.
|
| That is to say that if the economy is a mirror of nature, then
| businesses should be engineered to die. Not to be a going
| concern forever. After a certain amount of profit is extracted
| and life is lived, into the grave they should go. Not just as a
| result of competition, but as a result of system design.
|
| This would then lead to a more evolutionary world and better
| distribution of power and resources rather than continuous
| monopolizing and consolidation. Also a different mentality of
| you can't take it with you to the grave, rather than infinite
| mindset. It would be a cyclical mindset about finite things,
| not infinite things. Corporations want to be people, so
| engineer them like people and less like machines.
| neilv wrote:
| > _The app is designed to be very simple and fail silently. If
| you deny permission to access contacts, the app will not
| complain, it just will not work._
|
| I don't understand the reason behind "designed to...fail
| silently" in this way, in a privacy&security measure.
| annoyingnoob wrote:
| I'm of the opinion that personal data is not like a currency and
| should not be seen as a form of currency.
|
| If you want to barter then I want to negotiate, no one sided
| contracts. Can't make a deal? Your loss then.
| ketamine__ wrote:
| Is there a limit on the number of contacts Clubhouse would sync?
| CharlesW wrote:
| It's incredibly unlikely. This kind of social graph information
| is _gold_.
| lanstin wrote:
| I suspect it is less valuable than call logs. I have never
| deleted contacts so I have over twenty years of entries with
| pretty low value (e.g. call this number to find out about
| this real estate offering; my old mechanics for on 2003 old
| phone number) or accuracy. I only call about seven people but
| those are significant links.
| paulie_a wrote:
| Data poisoning needs to become a standard practice. Make the
| "valuable" ad data useless
| tjpnz wrote:
| From an economics perspective it seems like a more viable
| approach. Most of the techniques considered state of the art
| now are likely easily detectable by Google and other ad tech
| companies - they have a very good idea of which data can be
| safely discarded. Rather than blocking Google Analytics I
| wonder what would happen if browsers started responding with
| garbage.
| throwawei369 wrote:
| Couldn't agree more. It's a far better approach as a cloaking
| technique. Reason I use privacy-possum addon on Firefox.
| jpmattia wrote:
| Not exactly on topic, but historical context maybe: Long ago
| (early 90s?) when it was guessed/assumed that intelligence
| agencies were scanning emails, emacs was still among the best
| ways to read and send email. So emacs provided a handy function
| to append a random list of "hot" words to each outgoing email in
| the signature, just to degrade the signal-to-noise of such
| surveillance.
|
| It's still there today, and you can see the output via M-x spook.
| ianmcgowan wrote:
| That used to be the case on usenet too - people would put
| attention-grabbing words in .signature as "NSA Food" - to
| overwhelm the NSA data capture algos. It seemed like a futile
| gesture even at the time, but particularly poignant looking
| back from a post-Snowden world.
| eternalban wrote:
| The real poignancy is the shift in hacker political views.
| Call it post-software-is-sexy world. Those usenet sigs were
| by hackers who lived in a world where software engineer or
| programmer were social reject code words. That world changed
| after geeks came into money. Suddenly but soon thereafter,
| paranoia about privacy was rewarded by tinfoil hats. (And
| then yes, years later, came along this guy called Snowden.)
| shervinafshar wrote:
| Such an interesting context. Thanks for sharing this. I
| appreciate the nostalgia poetics of this today.
| atum47 wrote:
| You can always use bash or python to create vcards and import
| them in your phone.
|
| I've used this technique once to generate a bunch of numbers to
| find the whatsapp of a person, works just fine
| fsflover wrote:
| Or just stop using operating systems and apps which you don't
| trust and switch to GNU/Linux phones.
| Waterluvian wrote:
| Apps using contacts is a $#%$ing anxiety attack for me. The scum
| companies don't care. They just want more leads. But for me, it's
| this fear that they're going to spam my exes and old roommates
| and bosses and professors and landlords and everyone who ends up
| added to my contacts.
|
| Signal did that to me last week. This person I'm not on speaking
| terms with got Signal and it added us and announced to each other
| we were on it and put our empty conversation onto my list of
| convos.
|
| Phone contact lists are a complete $&^*ing disaster and Apple
| needs to make it far more clear what specific contacts I share
| access to.
| tchalla wrote:
| Does Signal share contacts the same way others like WhatsApp
| does?
|
| https://signal.org/blog/private-contact-discovery/
|
| > Signal clients will be able to efficiently and scalably
| determine whether the contacts in their address book are Signal
| users without revealing the contacts in their address book to
| the Signal service.
| lucb1e wrote:
| Note that this SGX thing is broken seven ways from sunday,
| but in principle, yep they have some security measures here.
| We just have to trust them not to crack their SGX environment
| as well as (regardless of SGX' security) Intel not to
| generate an identical MRENCLAVE for anyone else but with
| additional logging code running inside.
|
| This is the best system I know of anyone running, by the way.
| Threema, Wire, etc., nobody else has this (but then neither
| requires a phone number, so...). I also don't know of a
| better way to do phone number matching than having a trusted
| third party that bakes their private key into chips and
| verifies that you're really talking to the code you think
| you're talking to. The upsides of DRM technology!
| purpmint008 wrote:
| About that Signal thing: Did that other person actually get a
| conversation starter message of some sort?
| carmen_sandiego wrote:
| Not to be unkind but I suppose most people are not really
| traumatised by merely seeing someone's name, even if they're
| not on speaking terms with that person. It probably falls on
| the side of convenience for the vast majority. For the Signal
| org, it's possibly even an existential issue, since it helps
| them counter network effects in the incumbents. It's hard to
| expect them not to do it, then.
|
| Having said that, I think it would be nice for Apple to
| implement what you describe.
| Waterluvian wrote:
| Yep. I can't claim to know how everyone else responds to
| these things.
|
| The Signal example isn't the worst. It's a mutual connection.
| It's not like they're emailing hundreds of people saying
| "Waterluvian wants you to get on signal!"
|
| What's to stop them from doing that when they get
| sufficiently desperate? I don't even own my contact lists.
| They seem to grow on their own with anyone I've ever emailed.
| sneak wrote:
| Signal does it for anyone in your address book, not just
| mutuals.
|
| Your "anyone I've emailed" example is a great reason not to
| use the same service you use to host your email to host
| your contacts.
|
| Personally I would never in a million years sync my
| contacts to Google, which I assume is what you mean here
| (most people use gmail).
| Waterluvian wrote:
| Probably. Contacts have been confusing. I've had Gmail
| list. My phone. What's in my Sim card. My Sony contact
| list...
|
| I had a really infuriating time trying to clean them all
| up many years ago and I've just tapped out.
| ficklepickle wrote:
| Same here. I recently went to LineageOS and use fastmail
| for email/contacts/calendar. It's been wonderful.
| ficklepickle wrote:
| I've got a dead friend that I'm reminded about every time I
| open signal. "DeceasedFriend is on signal!". No, no he is
| not.
|
| I'm sure I could clear it, but I don't really want to yet.
|
| On the whole, I still like the feature.
| carmen_sandiego wrote:
| I'm sorry about your friend. I've had similar experiences
| with tech products, but I tend to think that unexpected
| reminders (of any kind) are all part of the process of
| dealing with loss. That hyper-avoidance seems an unhealthy
| route, popular though it is in modern discussions about
| emotionally difficult subjects.
| myself248 wrote:
| In my case it wasn't traumatic, exactly. More, targeting.
|
| There was an individual that I kept in my contacts, you see,
| for the the sole purpose that if he ever called me, I'd know
| to let it go to voicemail. We had been close long ago, but he
| stopped living in consensus reality and wasn't interested in
| treatment. I considered him disturbing but not immediately
| dangerous, just someone I didn't want to reconnect with.
|
| When I installed Signal, he got the notification that I had
| done so, and immediately messaged me, along the lines of "Oh
| hey, you still exist! And I guess by the timing of this
| install, you must be at [security-focused event] this
| weekend, yeah? Hey let me tell you about my latest
| harebrained scheme..."
|
| I understand that Signal needs to do that sort of connection
| to work behind the scenes, but they don't need to generate an
| alert on the guy's lock screen about me.
| heavyset_go wrote:
| > _Not to be unkind but I suppose most people are not really
| traumatised by merely seeing someone 's name, even if they're
| not on speaking terms with that person._
|
| Domestic abuse, harassment/sexual harassment, stalking etc
| are all more common than they should be.
| aboringusername wrote:
| > but I suppose most people are not really traumatised by
| merely seeing someone's name
|
| I mean there are cases where that can be _devastating_.
|
| "Ohai here's your old abusive ex, here's a chat box just for
| good measure, good luck!".
|
| There are people who I'd never ever want to be within a
| textbox and tap away from accessing me, for any reason,
| period.
|
| You can get restraining orders in the physical world, the
| digital world however has no boundaries when the apps
| _themselves_ are too stupid and are defined by real-world-
| illogical programming code. I wouldn 't expect an app to
| understand a 'court order' but that's a real human construct.
| How do we design against that in the digital space, when you
| are so accessible that if you have a crazy dude following you
| you're basically forced to retreat as there's no effective
| measures/guards against this?
| carmen_sandiego wrote:
| Well, a couple of things:
|
| (a) You can't take seeing their name, but you keep them in
| your contacts? Don't you occasionally scroll past it with a
| call button right there, which is just as easy to hit and
| put you in touch with them? How is this any different?
| Seems a bit silly.
|
| (b) As far as I know, research suggests hyper-avoidance is
| not a good way to resolve trauma. So I'm not convinced by
| the idea that this is harmful, especially when you can
| control it through (a).
| Waterluvian wrote:
| A contact list often operates as a database of what
| number belongs to who, for guarding incoming calls. It
| can be a security tool.
| carmen_sandiego wrote:
| You can generally block calls by number, without having
| them as a named contact.
| lucb1e wrote:
| I do see Waterluvian's point though. You might still have
| business with them yet you don't really want to deal with
| them otherwise. Knowing who this SMS or call was from can
| be helpful rather than blocking the number outright.
|
| Then again, seeing their name when installing Signal and
| figuring "oh hey they have signal too" seems no less
| weird to me than seeing their name in my phone book and
| thinking "oh hey they have a phone too". If that really
| sets you off... that seems unlikely. So I don't really
| get this subthread, even if I see the general point that
| you might not want to be reminded of certain people on a
| regular basis (for me, installing a phone number-based
| social application is not a monthly occurrence).
| nvr219 wrote:
| In iOS and Android, incoming call blocks are in a
| separate database and explicitly not the contacts
| database.
| the_local_host wrote:
| Even if you don't keep them in your contacts, the
| connection tracking can be problematic if they keep you
| in their contacts.
|
| "But what if you didn't give Clubhouse access to your
| contacts, specifically because you didn't want all or any
| of them to know you were there? I regret to inform you
| that Clubhouse has made it possible for them to know
| anyway, encourages them to follow you, and there isn't
| much you can do about it... I got followers who weren't
| in my contacts at all -- but I was in theirs."
|
| https://www.vox.com/recode/22278601/clubhouse-invite-
| privacy...
| heavyset_go wrote:
| > _You can 't take seeing their name, but you keep them
| in your contacts?_
|
| If I start getting abusive calls or texts from a usual
| suspect, I want to know who it is. My carrier-level
| number blocking resets every couple of years, and I
| cannot remember everyone's phone numbers.
| musingsole wrote:
| Why do you have the authority to dismiss many's
| experience of a feature? Because you can think of a way
| _you_ would handle it and you 've read some things?
| carmen_sandiego wrote:
| Because we're all here talking about how things should be
| designed, which often inherently requires fulfilling some
| needs at the expense of others? Not quite sure how you
| expect those decisions to be made without people
| gathering to discuss the relative merits of each
| approach.
|
| If you're about to tell me we should just implement every
| user request that they claim is of 10/10 importance to
| them personally, then I'm not even sure what to tell you.
| Have you taken all of a few seconds to consider what
| happens when two people make conflicting requests? Then
| we're back to evaluating things and discussing them
| again. How arrogant of us.
|
| I appreciate the implied authority you've given yourself
| to be the conversation police, though.
| nathanfig wrote:
| "Did this cause trauma" is not the bar we're trying to set
| here, any level of anxiety caused by tech companies misusing
| contacts is bad.
| laurent92 wrote:
| The problem I have with Whatsapp is even more than Signal:
| Not only they engage me to start a conversation with that
| customer to whom I only wanted to appear super-stern and
| rigorous, but they also send them my profile photo and my
| name!
|
| My business name is not my private name! At least let me
| remain under my name in their address book, don't give them
| information.
| jp57 wrote:
| Can we get little Bobby Tables in there?
|
| https://xkcd.com/327/
| championrunner wrote:
| Do you have a running APK ?
| nom wrote:
| Hm can it be estimated / is there public information about how
| many phone numbers are taken? E.g. I generate a valid number for
| one country or state, how likely is it that the number is in use
| or registered?
|
| I once got a phone call from a university student for a survey
| for their project and they told me they generate them randomly
| which makes me really wonder, how likely is it?
| aasasd wrote:
| On Android, IIRC I've seen a dialer app that stores contacts in
| its own database instead of the system thing. Seems to be a
| better approach than this--at least if other apps also don't
| write to the shared contacts.
|
| (It was probably an open-source dialer on F-Droid, but don't
| remember exactly which one.)
|
| Anyway, an even better approach of course is to tell data-
| slurping apps to bugger off.
|
| Edit: come to think of it, maybe alternative Android ROMs could
| fence the contacts so that an app only sees its own unless the
| user specifically selects someone. I guess this is similar to
| Apple's trick with Photos.
| andix wrote:
| Just don't share your contacts with apps that steal them and use
| them for marketing purposes.
|
| It is also illegal to do it (GDPR), if you don't have the
| permission of every single person in your contacts.
| ccleve wrote:
| This is a common technique in the mailing list industry. It's
| called "salting". You add fake names, but real email addresses,
| street addresses, or post office boxes. You then monitor what
| shows up in these places addressed to "Mr. Fake Name". It's how
| mailing list companies monitor who is using their lists and helps
| control misuse.
| bredren wrote:
| Have you worked in this industry? Curious about more details of
| tricks from various list makers/sellers.
| the_local_host wrote:
| I have to say the spirit of this fake_contacts app is very
| appealing. Why stop at defending your data, when you can attack?
| throwawei369 wrote:
| Offence is the best defence
| aww_dang wrote:
| Imagine if your fake contact's randomly created email or phone
| number is on a terror watch list.
| praptak wrote:
| I think that's exactly the point of this. I remember people on
| Usenet posting random shit like "construct bomb kill president"
| when the news about Echelon came out.
| corentin88 wrote:
| The documentation states that it uses a non-allocated country
| code (+21). So it seems unlikely to happen.
| dustymcp wrote:
| Doesnt this defeat the purpose tho as it could be filtered?
| 0x426577617265 wrote:
| Yes, this data could be quickly mitigated.
| o-__-o wrote:
| The us government monitored all DC residents personal
| communication for over 2 years because they fat fingered
| the collection regex. The country code for Egypt is +20,
| the DC area code is 202.
| IAmGraydon wrote:
| You think that was a mistake, huh?
| grandinj wrote:
| That is a mistake that sounds suspiciously self serving,
| given how many powerful people live and work there
| toast0 wrote:
| +21 isn't allocated, but +211 South Sudan
| +212 Morocco +213 Algeria +216 Tunisia
| +218 Libya
|
| Someone putting random numbers after +21 because it's
| unallocated has a fundamental misunderstanding of
| international phone numbers.
|
| But also, the server side is likely to throw away invalid
| numbers to start with. It's simple and easy to do, and
| reduces the data storage by a lot (there's a lot of garbage
| in people's address books)
| ficklepickle wrote:
| Sad state of affairs. AOL couldn't kill the open web, but "apps"
| have.
|
| The user agent should respect your wishes, but instead we are
| reduced to this insane work-around.
|
| Surveillance capitalism needs to die in a fire. To anybody
| working on that shit: I hate you. Personally, as an individual, I
| wish you harm.
|
| OK, that was hyperbole, but I do love the open web. RIP.
| otterley wrote:
| Recently Apple added a feature to iOS that allows you only to
| allow selected photos to be accessible by an app. This allows the
| user to respond positively to an access request, but allow the
| app to see only a subset (or zero) actual photos.
|
| It would be a very useful feature for Apple to do the same for
| contacts: the app would think it's getting access to your
| contacts, but would only actually receive a subset of them, and
| be none the wiser. This would be a tremendous boon for privacy.
| rsync wrote:
| "Recently Apple added a feature to iOS that allows you only to
| allow selected photos to be accessible by an app."
|
| What we really need to see from Apple is a permissions index
| _in the app store_ that allows me to inspect, and consider, the
| permissions that an app will request _before installing that
| app_.
|
| I shouldn't have to install the app (or do laborious research
| online) to discover what permissions it will attempt to utilize
| and which of them are required to function.
|
| It would be trivially easy to list that in the app store, for
| each app.
| behnamoh wrote:
| They have added that, but it's written by the app developers
| so you still can't trust what they claim they're gathering
| from you.
| aeternum wrote:
| I'm not sure the permission index would be very useful.
|
| Most iPhone chat apps for example work perfectly fine with
| zero permissions granted yet provide the option to send
| pictures, invite contacts, use mic/camera, send gps location,
| etc if a user is so inclined. With a permissions index, you
| would likely end up with the majority of apps listing all
| permissions and users would simply ignore it.
| NeutronStar wrote:
| So? Just give me the possibility to see it.
| l8rpeace wrote:
| +1 and a filter you can use on related permissions when
| searching for apps
| lanstin wrote:
| All these permission choices should be invisible to the app.
| If I say no contacts the call should succeed but with a zero
| Len response. It shouldn't be possible for apps to say you
| have to agree to this or I won't run. I can run the software
| and as the root user control what data the software can use.
| dheera wrote:
| > If I say no contacts the call should succeed but with a
| zero Len response.
|
| Actually I would take it further and say that I should be
| able to define its response or have it render a random but
| plausible template response. Otherwise a zero len response
| is too obvious that you didn't give it permissions.
| lanstin wrote:
| Or even as a a service fake data - feed fake location data
| and fake contact list. Full of 202-555-1234 type numbers. I
| always put fake data into web forms and it is a sign that I
| don't truly own the phone that I can't do the same for
| local software.
| lanstin wrote:
| Like I want a pop up: this application is requesting your
| location data. Shall we give the real data, no data, or
| simulated data. Same for contacts, photos, apps
| installed, etc.? Not saying that would solve all the
| problems but it would be user centric in a way the
| privacy conversation just isn't.
| djrogers wrote:
| > It shouldn't be possible for apps to say you have to
| agree to this or I won't run.
|
| It's not - that's a violation of the App Store TOS. That's
| also not what's happening here - you can use clubhouse
| without allowing contacts access, but you can't invite
| someone to the closed beta without allowing it.
| lanstin wrote:
| They must know that I have disallowed access in that
| case.
| danShumway wrote:
| GP means that it shouldn't be technologically possible,
| not just that it shouldn't be possible as a matter of
| policy.
|
| The policy solution clearly doesn't work in all scenarios
| because Clubhouse is still on the store. But an on-they-
| fly permission model that allowed the user to deny the
| permission invisibly or share a subset of their contacts
| would completely solve the problem regardless of whether
| or not Apple was effective at moderating.
|
| Apple could still do whatever moderation they wanted to
| reduce annoyances for the end user, but the sandboxing
| approach would catch any apps they missed or refused to
| moderate.
|
| This would also solve the problem where an app
| legitimately needs some access to contacts to run, but
| doesn't need access to the entire list. Clubhouse does
| need access to some contacts to invite someone to the
| beta, but it does not need access to the entire contacts
| list, and there's no reason for it to have the ability to
| tell whether or not a user is providing the full list.
| djrogers wrote:
| > and which of them are required to function.
|
| On the iOS App Store, none of the optional permissions can be
| required for an app to perform it's basic functions - that's
| a store policy, and it's generally well enforced. Obviously
| if your app's function is mapping, GPS can be required to use
| those features (but only at the user's discretion - ie while
| running or all the time, granular or coarse), but the app
| can't just refuse to launch without it.
| andai wrote:
| I didn't realize iOS doesn't have that. Google Play shows
| each app's permissions on the listings page.
| parkingpete wrote:
| Hmmm, not good
| floatingatoll wrote:
| Is it possible to create a network of contacts that triggers
| worst-case memory and cpu scenarios when the network is
| reconstructed from contacts?
|
| Or, put another way, can a collection of people doing this
| construct a set of synthetic contacts spread out in various ways
| across their devices, such that anyone doing contact analysis
| sees their analyses slow down, drain resources, or crash
| altogether due to network structure?
| alcover wrote:
| Wouldn't any worthy graph explorer handle cycles ?
| floatingatoll wrote:
| If I had a nickel for every time an algorithm was found to
| have an exploitable weakness due to unforeseen alignments of
| input, I'd certainly have some nickels. We know what the
| common screwups in crypto are, and we _could_ know what
| common screwups in network graphs are. I'm just wondering if
| anyone actually _does_ know of any of those.
| williesleg wrote:
| Give me your data now!
| heavyset_go wrote:
| This can be easily bypassed by cross referencing contact lists on
| the backend.
| washadjeffmad wrote:
| I seem to remember CyanogenMod having a per-app sandbox feature
| around 2013 that returned blank info from a virtual root.
|
| Like many point out, this isn't data poisoning, especially if
| there aren't metric-breaking honeypots around the web seeding
| these services with enough noise to make these collection
| practices useless, which there are not.
|
| A more effective alternative might be hashing real contacts to
| generate seeds of complete but false profile information. Apps
| thinking they got the mother lode wouldn't be able to assign
| confidence to any results they didn't have duplicates of, and
| slowly over time, groups who used this would become worthless.
| sanxiyn wrote:
| What a great idea. Let's do more of these.
___________________________________________________________________
(page generated 2021-02-27 23:00 UTC)