Thankfully uBlock Origin removes those parameters for us. The default filters include a whole bunch of removeparam filters; e.g. privacy.txt See also removeparam.

Maybe you could help your friends and family install Firefox and/or uBlock Origin? Every little bit helps :)

I guess so - I’ve actually never used Teams. There are lots of potential mitigations, but sandboxing is not really a solution to buggy code. For some better engineering discussion on the topic, there’s the series of articles Transparent Telemetry, in particular The Design of Transparent Telemetry.

That’s a good response I hadn’t read before - thanks. Still so relevant 7 years on.

Some interesting thoughts on this from the Signal creator: https://signal.org/blog/the-ecosystem-is-moving/

I know where you’re coming from. Right now the way many of podcasts’ audio files are served is via HTTP CDNs. The podcast client fetches the RSS feed, then fetches the linked-to audio file. The VPN, as you say, just changes the source address of that request.

What we could work on is reducing the number of requests to those CDNs.

One idea: A service which serves a mirror of the podcast feed and audio files. Users would need to manually enter podcast feed URLs into their client, rather than select the podcast from a convenient in-app search. You’d have to trust the service operator isn’t collecting and sharing its usage data.

Going further, we could use Bittorrent to distribute episodes between mirrors. Mirrors could subscribe to a RSS feed of torrents for particular shows.

I could imagine some community-run effort in this space.

The actual report: https://foundation.mozilla.org/en/privacynotincluded/articles/its-official-cars-are-the-worst-product-category-we-have-ever-reviewed-for-privacy/

are you saying that this is not creepy at all?

Definitely creepy that it phones home in the first place.

But it’s not necessarily creepy that it keeps trying; it could just be sloppy programming. Hanlon’s Razor comes to mind. Microsoft Teams behaved in a similar way apparently. If you blocked it phoning home at the network level it would buffer gigabytes of data on disk until the disk was full.

Nice! I actually didn’t know they had RSS feeds at all, so I’m going to help my news junky friend get set up with them. Thanks for the tip on the ABC RSS! :)

Right now I’ve got NetNewsWire configured to use my iCloud account (which uses CloudKit under the hood), so that syncs my iPhone and iPad. This still involves a 3rd party - Apple’s magic hosted database service thing - but I’m ok with this for now.

Ideally I would set up something like FreshRSS and host it on one of my own servers. FreshRSS exposes the old Google Reader API which NetNewsWire and Reeder can use to sync feeds. Personally I’m not interested in the FreshRSS web interface and I’m not too keen on running a PHP app either. So I’m considering writing my own service which serves the bare minimum required to be able to point apps like NetNewsWire and Reeder at.

True.

But whether usage data is transmitted back to the service needs a quick check too. For example, compare accessing Gmail via its web app and via a boring IMAP mail client. Or in the old days, Twitter’s web app and an app like Tweetbot.

For news in particular, RSS feeds are a great option if you can find them. No ads, no Javascript, purely chronological sorting of articles. Here’s some feed links for SBS, for example: https://www.sbs.com.au/news/article/feeds/nbv1rs3kw I highly recommend the open source app NetNewsWire for iOS.

In this case, is using the web version of the app (which is often an option) more private? I’m assuming mobile Safari with privacy relay, plus some extensions to stop trackers etc.

Long story short: probably.

The crucial bit in this example is that the extensions explicitly blocks code being executed on your device used to track you. They aren’t a silver bullet, though.

Officially on iOS it is forbidden to track users’ activity on between apps and websites unless the user explicitly grants it via the AppTrackingTransparency framework (https://developer.apple.com/app-store/user-privacy-and-data-use/). Not a silver bullet either.

Whether there is a significant difference how usage data is used and abused from accessing content via a website versus mobile app is a tricky question to answer definitively. We can measure things like network requests, blocked scripts. We can read policies which promise stuff and can be enforced through courts etc. But things happen behind closed doors like selling data through legal loopholes, grey areas, and data breaches. It’s a big business.

If you’ve got any specific examples we could dig a bit deeper. Assuming you’re Australian: I just checked first news provider that came to mind and found that https://abc.net.au can be read easily without Javascript enabled at all. That’s hard to beat.

I’ve never heard of Skiff. Beyond studying the protocols and system design, here’s a couple of things off the top of my head to help:

• Follow the money. Are they charging enough to not be tempted to sell data about their users?
• Who is in charge? Have leadership demonstrated respect towards their user’s privacy in the past? See their About Us page
• Read their privacy policy
• Keep up-to-date. Lots of services start out with good intentions, but over time they get acquired, acqui-hired, big investments… and policies change.

My old workplace had a person exactly like this. We all had enough of the bullshit, but our boss didn’t care. In the end, I moved on.

Later I realised it wasn’t just that one person, it was actually a bad culture overall which wasn’t being moderated well. The managers were just really bad at their job. So I’m really happy I moved on.

There are lots of cool Linux and OSS communities out there. Even if they are not exactly about the particular distro you are interested in, there will be ways to learn and share about it.

Instead they’re bitching about investments in science.

Agreed. To be fair, I can also see where the frustration comes from. We see “deals with the devil” being made, but the (disappointing?) reality is tech progress often looks like that. Flashy stories with pie-in-the-sky ideas get headlines and funding. Meanwhile the boring, difficult work continues on in the background. From the outside it seems non-sensical and inefficient: why couldn’t they just invest money directly into GPS research without all the military stuff? But, fortunately, some amazing stuff does come out of it too.

This is a tricky one. Are the developers themselves responsible or also managers and leadership? I don’t have an answer to this.

I wonder what the UN’s track-record is with cybercrime and surveillance historically. Anyone have any links to share?

I see where you’re coming from. Battery electric vehicles I think are a good example of trickle-down. It seems the R&D for electric cars affordable to wealthy people leads to new infra and tech for a changing power grid, buses, trains and bicycles.

But two examples you raised:

• corrective lenses
• refrigeration

have clear quality-of-life and health benefits. Supersonic passenger flights feel more like a luxury and convenience compared to food preservation.

Hopefully in the development of reduced flight times between other sides of the world we perform research with impact beyond flight. Things like improved materials, fuel, aerodynamics that could be used for trains and trucks. I’m not an engineer but I hope it works like that!

Interesting thought; I’d hope so. Maybe some material physics/chemistry research that makes some stuff cheaper for trains (I’m not an engineer so totally out of my depth here).

Ha yes just had a look. Seems like a funny thing to brag about when they’re not the ones administering the storage system!

Which post?