3 posts with tag “privacy”

Some Thoughts on Privacy, “Privacy”, and Mastodon

As people have started experimenting with Mastodon in the wake of the news that Elon Musk would be buying Twitter, some on the Fediverse have begun discussing how and whether Mastodon instance admins can “read your DMs.”

Without getting into all the reasons that “direct messages” on Mastodon differ from direct messages on Twitter (or indeed most other social platforms), suffice it to say that the content of any one-to-one messages you send on either Twitter or Mastodon is not end-to-end encrypted. This means that at any point during their storage and transmission, they could theoretically be read by anybody with access to the database on which they’re stored.

(I’m no security/cryptography expert, so forgive me if these details are broad and perhaps not entirely accurate; I think the point I’m about to make is not dependent on all the nuances here.)

Setting aside for a moment why one might think a Mastodon admin would be interested in one’s personal messages, given that it is technically possible, is this something one should worry or care about?

Continue reading

2 Responses

No, your iPhone is not listening to you

There’s a lot of FUD going around about your phone listening to everything you say and selling that data to advertisers. This is wildly and irresponsibly misleading.

I can’t speak for Android phones because those things are the Wild West of APIs and outdated OSes and malware, so use Android phones at your own risk.

Here is the claim being made, in short:

Any third-party (non-Apple) app you have installed on your iPhone can record and remotely save conversations taking place within earshot of your iPhone, even when the app isn’t running (in the foreground or in the background), and even when the phone is sleeping.

This is patently false. Third-party iOS apps can only record audio when they are running in the foreground or running in the background, and only if you have given them permission to do so. And even if you have granted microphone access to the Facebook app, for instance, if you “kill” Facebook by swiping up on it in the app switcher, Facebook is quit and can no longer access the microphone in any way.

Further, when third-party apps are using the microphone, there is a big red bar with a microphone icon at the top of the screen of your phone in the status bar. There is as far as I know no way for developers to prevent this from appearing.

In other words, in order for any third-party app to “listen to you” through your iPhone:

  1. That app must be running, either in the foreground or the background.
  2. You must have explicitly granted that app permission to access your microphone.
  3. There will be a red microphone icon at the top of your screen.

If any of those three things haven’t happened or aren’t happening, then that app is not listening to you.


How do I explain, then, all the anecdotal evidence that ads for certain products show up after people start shouting about mattresses into their phones?

First, this is anecdotal and cannot be trusted. Nobody behind these articles has even tried to monitor what domains are being pinged by their router in an attempt to determine where all these recordings are secretly being sent.

Second, if you come up with a random product category, and especially if that category is mattresses (!!! The most advertised internet thing there is!), and you only start to notice ads for that product category after you’ve begun whispering the phrase, then this is likely a failing of your perception. We are all way, way more blind than we realize and filter out 99% of our surroundings. If you say “I swear I never saw an ad for t-shirts before this!,” that is a completely unreliable claim.

Third, advertisers already know tons and tons about you just from your browsing habits. They don’t need to listen through your phone’s microphone. Facebook and Google already know every site you visit as well as in what things the people in your demographic are interested and probably talking about with you and your friends.

All this anecdotal evidence is coincidental.

Leave a Comment

A fairer, more conscientious alternative to AdBlock Plus

Having just stumbled across an article advocating against AdBlock Plus (via Lea Verou), I decided to revisit my settings for relatively nuisance-free browsing in Firefox.

For a long time I’ve done development work and writing for a site that keeps its lights on through advertising, so I sympathize with content-creators’ need for (and frustration with) ads. It’s a necessary evil, and I’ve always found it a bit disheartening to see AdBlock Plus at the top of every “Popular Plugins” list (whether for Chrome, Firefox, or Safari). Worse, there seems to be a sense of entitlement among savvy internet users, telling them that they shouldn’t have to endure ads. Commonly this might be veiled as being “anti-corporate” or some other such vague excuse, but the real reasons are usually the same as those behind piracy: it’s just nice not to have to pay for things, whether through eyeballs, bandwidth, or dollars.

(None of this is to say that I am entirely innocent on these points.)

Still, there are some troubling common practices among the more insidious of these JavaScript embeds, and I think there is some justification in circumventing them. But one doesn’t need to block every advertisement to severely diminish advertisers’ ability to, say, keep track of one’s browsing habits.

Here are the things you can do to make your browsing a little more private and safe, while still (mostly) allowing the sites you love to pay their bills. These tips will be written for Firefox users (though the equivalent plugins are readily available in Chrome and Safari), and won’t include things that readers of this site will probably already know about (e.g., avoiding “watch movies free” sites and their ilk, and disabling pop-ups).

Continue reading

4 Responses