On Tue, 20 Feb 2024 12:53:50 -0500, Alan Browne wrote:

> iMessage has been end-to-end for a long
> time and messaging is the context of the present topic.

That "long time" was only a short time ago.
https://www.tomsguide.com/news/icloud-backup-encryption

"While data stored locally on iPhones and iPads are fully encrypted by
default, and communications over iMessage are end-to-end encrypted as well,
Apple has yet to extend the same security to backups stored on iCloud."

On 2024-02-20 12:54, Wolf Greenblatt wrote:
> On Tue, 20 Feb 2024 14:16:20 -0500, Alan Browne wrote:
>
>> You don't know how it works. Every time an action you take on the
>> internet with various websites, a little bit more is associated with you.
>
> You're correct that Apple knows everything you do with your unique Apple ID
> as was recently described in this information technology privacy report.

You apparently don't understand...

>
> Your iOS app may still be covertly tracking you, despite what Apple says
> https://arstechnica.com/information-technology/2022/04/a-year-after-apple-enforces-app-tracking-policy-covert-ios-tracking-remains/
>

....that Apple is not:

"companies, particularly large ones like Google and Facebook, to work
around the protections and stockpile even more data."

> The paper warned that despite Apple's insincere promise of more
> transparency, ATT might gives its users a false sense of security.

Weird that you left that out of the paragraph you quoted above this
paragraph...

....isn't it?

>
> "The researchers identified nine iOS apps that used server-side code to
> generate a mutual user identifier that a subsidiary of the Chinese tech
> company Alibaba can use for cross-app tracking. "The sharing of device
> information for purposes of fingerprinting would be in violation of Apple's
> policies, which do not allow developers to 'derive data from a device for
> the purpose of uniquely identifying it,'" the researchers wrote.

"nine iOS apps".

How many of them were Apple's?

>
> The researchers also said that Apple isn't required to follow the policy in
> many cases, making it possible for Apple to further add to the stockpile of
> data it collects. They noted that Apple also exempts tracking for purposes
> of "obtaining information on a consumer's creditworthiness for the specific
> purpose of making a credit determination."
>
> Representatives from Apple declined to comment. Alibaba representatives
> didn't immediately respond to an email seeking comment.
>
> Based on a comparison of 1,685 apps published before and after ATT went
> into effect, the number of tracking libraries they used remained roughly
> the same. The most widely used libraries-including Apple's SKAdNetwork,
> Google Firebase Analytics, and Google Crashlytics-didn't change. Almost a
> quarter of the studied apps claimed that they didn't collect any user data,
> but the majority of them-80 percent-contained at least one tracker library.
>
> On average, the research found, apps that claimed they didn't collect user
> data nonetheless contained 1.8 tracking libraries and contacted 2.5
> tracking companies. Of apps that used SKAdNetwork, Google Firebase
> Analytics, and Google Crashlytics, more than half failed to disclose having
> access to user data. The Facebook SDK fared slightly better with about a 47
> percent failure rate."

'6 CONCLUSIONS & FUTURE WORK

Overall, we find that Apple’s new policies largely live up to its
promises on making tracking more difficult.'

<https://arxiv.org/pdf/2204.03556.pdf>

Small wonder you failed to include this.

On 2024-02-20 15:07, Frank Slootweg wrote:
> Alan Browne <bitbucket@blackhole.com> wrote:
>> On 2024-02-20 13:34, Frank Slootweg wrote:
>>> Alan Browne <bitbucket@blackhole.com> wrote:
>>>> On 2024-02-20 12:02, Oliver wrote:
>>>>> On Tue, 20 Feb 2024 10:45:18 -0500, Alan Browne <bitbucket@blackhole.com>
>>>>> wrote
>>>>>> Data brokers maintain rather large matrices of data for any given key
>>>>>> (name, e-mail address, etc.)
>>>>>
>>>>> Indeed, you are correct 'they' do a lot of mining of your personal data.
>>>>>
>>>>> "From ads to analytics, everyone's favorite 'privacy' company is doing
>>>>> more with your data than you might think."
>>>>> https://gizmodo.com/apple-iphone-ipad-privacy-problems-data-gathering-1849855092
>>>>
>>>> The degree to which Apple does collect data for use with partner co's is
>>>> well identified in agreements you make with Apple to use their services.
>>>> It is a pale shadow of what other co's do ... w/o disclosing anything at
>>>> all.
>>>
>>> No offense, but "what other co's do" is a rather meaningless,
>>> unsubstantiated slur. Most companies I know of, also document in
>>> agreements what they do and don't do. Often in painstakingly detail,
>>> which is actually the real problem, because most people are not going to
>>> read/understand it all and just tap/click 'Agree'.
>>
>> You have no idea what is being collected about you by Google w/o them
>> telling you anything at all; and then the co's they sell your data to,
>> certainly do not come running to you to ask permission to what they want
>> with your data.
>
> Sorry to rain on your Apple-biased parade, but Google documents in
> detail what they collect and how it's used by them and their partners.

Nothing to do with Apple.

Google is in the information bartering business. You are the product.

>
> And all of the functionality can be enabled/disabled in your account.
> And if anything changes - changes, additions, deletions, etc. - you get
> e-mail and notifications. I've disabled anything which even smells of
> 'personalization', hence my postive, privacy-safe experience.
>
> As usual, it's people who are *not* using the products/services of
> company Y (Can't say 'X", can I? :-)), who spout all kinds of FUD, urban
> legends, etc. on how bad company Y is.
>
> You have been / are on the receiving end of this as they spout similar
> crap about Apple, so it would be nice if you showed the same
> objectivity, which you expect of others.
>
> [Cue AJL! :-)]
>
>>>> But do go on inflating the flat cushion as much as you can while
>>>> ignoring the crush of the big cushions around you.
>>>
>>> Ah, big cushions! Nice and fluffy!
>>
>> Until inflated to max capacity when they are as hard as truck tires.
>
> Mine are nice and soft. Just enough air to be soft, but not too much
> to become dangerous. But then I've a brain and am not afraid to use it.

How nice. Must be lonely /s.

--
“Markets can remain irrational longer than you can remain solvent.”
- John Maynard Keynes.

On 2024-02-20 15:52, Frank Slootweg wrote:
> Alan Browne <bitbucket@blackhole.com> wrote:
>> On 2024-02-20 13:23, Frank Slootweg wrote:
>>> Alan Browne <bitbucket@blackhole.com> wrote:
>>>> On 2024-02-20 04:57, Frank Slootweg wrote:
>>>>> badgolferman <REMOVETHISbadgolferman@gmail.com> wrote:
>>>>> [...]
>>>>>
>>>>>> Regardless of what iOS can or cannot do, the fact remains that Google
>>>>>> admits to using your private data, and even use it to make money. Does
>>>>>> Apple do that?
>>>>>
>>>>> Google uses "your private data" to present ads to *you*. That's how
>>>>> they "make money", no "admit" nor "even" about it.
>>>>>
>>>>> If they would use "your private data" for any other purpose - without
>>>>> your consent - they will be sued to smithereens, at least in the EU.
>>>>>
>>>>> As I've said many times before, contrary to all the FUD, urban legends,
>>>>> and other nonsense which is frequently spouted in these groups, I have
>>>>> yet to experience *any* ill effect - i.e. 'spam', privacy issues, etc. -
>>>>> from my use of Google products.
>>>>
>>>> When I browse Amazon for products, my girlfriend sees ads for some of
>>>> them on her laptop within 24 hours.
>>>
>>> Same here. Probably you two are 'behind' a NAT router and 'hence'
>>> share the same IP, which makes it hard for the ad generation to tell you
>>> two apart. So much for the famous 'fingerprinting'.
>>
>> 1) Yes, and 2) that's not what I was referring to by fingerprinting.
>
> I know. Here I am saying that *browser* fingerprinting apparently
> isn't working. If it was, the ad should be able to target you, instead
> of your girlfriend.

You took one thing to be something that it isn't. The ad targeted at
her was due to IP address and had nothing to do with fingerprinting.

>
>>>>> And Google does not even *have* any of my "private data", other than
>>>>> the data which I provided, which is limited to my name, my/their e-mail
>>>>> address, mobile number and birthday. That's it.
>>>>
>>>> Sad that you shared your birthday.
>>>
>>> I don't *share* my birthday, my Google *Account* has my birthday.
>>
>> So you "shared" your birthday with Google. Not smart. That data has
>> since been sold to dozens of data brokers and onward to thousands of others.
>
> Nope. Wrong continent. Google can't use - let alone sell - my account
> data without my explicit approval, especially since I've specifically
> turned off most sections of my public data. If they did, they would face
> very hefty and repeated penalties. EU GDPR and all that.

And they do. They don't care. The fines they pay are cost of doing
business.

>
>>> The public info ('About me') is only my name and my Gmail address. All
>>> other information can be disabled/locked and is disabled/locked.
>>
>> You don't know how it works. Every time an action you take on the
>> internet with various websites, a little bit more is associated with you.
>>
>> The matrix proximate to you called Frank gets more data
>
> Sorry to rain on your parade, but my browser does not reveal my name
> (just verified again with GRC's Shields UP!!).
>
>> The matric proximate to you called Slootweg gets more data
>> The matrix proximate to you called FS@someemail.com gets more data
>> The matrix proximate to you called your birthday gets more data
>
> Same for these three.
>
> *If* *I* provide any of this information, I do so in creating an
> account, a commercial transaction, etc. and all these websites are bound
> by the same EU laws with hefty penalties.

See above. Profit trumps.

>
>> More matrices are created and eventually the statistics of one
>> correlates with the stats of another - they partially coalesce into
>> denser and denser matrices with a high probability of being related to
>> you. This is innocuous - until it isn't.
>
> That's the FUD and urban legends which are spouted. I don't dispute
> that these things can/will happen to not-so-smart people or/and outside
> the EU.
>
> But they don't happen to *me*. I do get *no* personalized ads, I get
> *no* 'spam' (UCE/UBE), I get *no* unsollicited phone calls/SMS, etc..

That is not the sole use of the data collected about you. It has value
in ways that are not related to advertising or selling to you.

>
>>>> I use a fake birthday on all
>>>> websites (except where legally required to use my real birth date:
>>>> government tax sites, bank, driver's license and insurance).
>>>
>>> Same here.
>>
>> Not what you said earlier.
>
> I said my real birthday is in my Google *Account*. You apparently
> assumed that's public info, but it isn't.

I never claimed it was public info. But it is info Amazon have (and use
and sell). You were a fool to give that up to them.

>
> On websites, I do the same as you (give no birthday or a fake one if
> the website insists and only use my real birthday where legally
> required).

Amazon doesn't use a website? Wow, I really ...

>
>>>> Data brokers maintain rather large matrices of data for any given key
>>>> (name, e-mail address, etc.) And as they "fill the blanks" and
>>>> correlate and "fingerprint" your behaviour, the blank filling
>>>> accelerates and the matrices of data condense making their portrait of
>>>> you very accurate.
>>>>
>>>> They can't get everything, but they do get an astonishing amount of
>>>> data. Do they use it "maliciously"? Not so much other than to sell the
>>>> data to those wishing to target you to buy something.
>>>
>>> Yes, several posters keep talking about this alleged "astonishing
>>> amount of data", but as I explained, I don't see *any* ill effects
>>> (other than *misdirected* [1] ads). So this "astonishing amount of data"
>>> brings them exactly nothing.
>>
>> You haven't detected it doing anything harmful. Yet, the fact that
>> bunches of corporations and data brokers know more about you than you
>> realize only has potential to harm you.
>
> Sorry, but this is way too much FUD, urban legend and conspiracy
> theory for my taste. There's no substance whatsoever. Yes, there are
> dangers from being on the net, but *this* 'danger' for *me*, is much
> much lower on the to-worry-about scale than most - if not all- others.

Sorry, but this is specifically what data aggregators and brokers do.
Unseen by you and always pervasive.

>
>>>> OTOH, if you end up in a legal dispute, you can be sure the adversary
>>>> (some corporation) will also purchase that data in order to glean as
>>>> much information to buttress their case (whether in defense or offense)
>>>> against you.
>>>
>>> [1] Like ads for products I already (recently) purchased and for which
>>> the order, receipt, etc. are in my Gmail folders, which Google allegedly
>>> scans. So they're waste their clients money and my time on superfluous
>>> ads. Go figure!
>>
>> If you make an insurance claim, esp. for a medical issue while traveling
>> outside your country (or coverage), you can be sure the ins. co will
>> comb through the data looking for the slightest excuse to not pay a claim.
>
> Guess I was lucky then when our EUR 50K claim - the largest parts for
> the medical bills - went through without a hitch!

Never claimed it would cause a denial. But depending on the
circumstances, you can be sure such data is examined.

--
“Markets can remain irrational longer than you can remain solvent.”
- John Maynard Keynes.

On 2024-02-20 15:54, Wolf Greenblatt wrote:
> On Tue, 20 Feb 2024 14:16:20 -0500, Alan Browne wrote:
>
>> You don't know how it works. Every time an action you take on the
>> internet with various websites, a little bit more is associated with you.
>
> You're correct

Yes. And what I was referring to had nothing to do with Apple.

Lame try. Do grow up.

--
“Markets can remain irrational longer than you can remain solvent.”
- John Maynard Keynes.

On 2024-02-20 16:50, david wrote:
> Using <news:ur38nk.ru4.1@ID-201911.user.individual.net>, Frank Slootweg
> wrote:
>
>> I've been switching off all unwanted tracking, in my Google
>> Account, in the Google/Samsung parts of my phone, in the Microsoft parts
>> of my Windows laptop, etc..
>
> I wonder if the most Apple users are using Google Maps on their iPhones?

Locally I use Apple; on long road trips I've mostly used Google Maps
(better planning). But Apple Maps has improved in this regard, so next
long trip I'll try sticking to Apple.

That said, finding a particular kind of store is usually better done
with Google Maps no matter where I am.

--
“Markets can remain irrational longer than you can remain solvent.”
- John Maynard Keynes.

On 2024-02-20 16:57, Gelato wrote:
> On Tue, 20 Feb 2024 12:53:50 -0500, Alan Browne wrote:
>
>> iMessage has been end-to-end for a long
>> time and messaging is the context of the present topic.
>
> That "long time" was only a short time ago.
> https://www.tomsguide.com/news/icloud-backup-encryption
>
> "While data stored locally on iPhones and iPads are fully encrypted by
> default, and communications over iMessage are end-to-end encrypted as well,
> Apple has yet to extend the same security to backups stored on iCloud."

Re-read what you cite for comprehension v. what I wrote.

--
“Markets can remain irrational longer than you can remain solvent.”
- John Maynard Keynes.

On Tue, 20 Feb 2024 18:15:27 -0500, Alan Browne wrote:

>> https://www.tomsguide.com/news/icloud-backup-encryption
>>
>> "While data stored locally on iPhones and iPads are fully encrypted by
>> default, and communications over iMessage are end-to-end encrypted as well,
>> Apple has yet to extend the same security to backups stored on iCloud."
>
> Re-read what you cite for comprehension v. what I wrote.

The point was the article discussed what few people realize which is the
encryption key was known to Apple for all their iMessage data on iCloud.

End to end encryption means nothing when a company has the encryption key.

Alan Browne <bitbucket@blackhole.com> wrote:
> On 2024-02-20 15:07, Frank Slootweg wrote:
> > Alan Browne <bitbucket@blackhole.com> wrote:
> >> On 2024-02-20 13:34, Frank Slootweg wrote:
> >>> Alan Browne <bitbucket@blackhole.com> wrote:
> >>>> On 2024-02-20 12:02, Oliver wrote:
> >>>>> On Tue, 20 Feb 2024 10:45:18 -0500, Alan Browne <bitbucket@blackhole.com>
> >>>>> wrote
> >>>>>> Data brokers maintain rather large matrices of data for any given key
> >>>>>> (name, e-mail address, etc.)
> >>>>>
> >>>>> Indeed, you are correct 'they' do a lot of mining of your personal data.
> >>>>>
> >>>>> "From ads to analytics, everyone's favorite 'privacy' company is doing
> >>>>> more with your data than you might think."
> >>>>> https://gizmodo.com/apple-iphone-ipad-privacy-problems-data-gathering-1849855092
> >>>>
> >>>> The degree to which Apple does collect data for use with partner co's is
> >>>> well identified in agreements you make with Apple to use their services.
> >>>> It is a pale shadow of what other co's do ... w/o disclosing anything at
> >>>> all.
> >>>
> >>> No offense, but "what other co's do" is a rather meaningless,
> >>> unsubstantiated slur. Most companies I know of, also document in
> >>> agreements what they do and don't do. Often in painstakingly detail,
> >>> which is actually the real problem, because most people are not going to
> >>> read/understand it all and just tap/click 'Agree'.
> >>
> >> You have no idea what is being collected about you by Google w/o them
> >> telling you anything at all; and then the co's they sell your data to,
> >> certainly do not come running to you to ask permission to what they want
> >> with your data.
> >
> > Sorry to rain on your Apple-biased parade, but Google documents in
> > detail what they collect and how it's used by them and their partners.
>
> Nothing to do with Apple.

Everything to do with Apple. You say that Apple documents the degree to
which they collect data in their agreements with their customers and
imply that other companies - and specifically Google - don't do that.

That's your Apple-bias, because, as I described, Google *does*
document what they collect/do.

Alan Browne <bitbucket@blackhole.com> wrote:
> On 2024-02-20 15:52, Frank Slootweg wrote:
> > Alan Browne <bitbucket@blackhole.com> wrote:
> >> On 2024-02-20 13:23, Frank Slootweg wrote:
> >>> Alan Browne <bitbucket@blackhole.com> wrote:
> >>>> On 2024-02-20 04:57, Frank Slootweg wrote:
> >>>>> badgolferman <REMOVETHISbadgolferman@gmail.com> wrote:
> >>>>> [...]
> >>>>>
> >>>>>> Regardless of what iOS can or cannot do, the fact remains that Google
> >>>>>> admits to using your private data, and even use it to make money. Does
> >>>>>> Apple do that?
> >>>>>
> >>>>> Google uses "your private data" to present ads to *you*. That's how
> >>>>> they "make money", no "admit" nor "even" about it.
> >>>>>
> >>>>> If they would use "your private data" for any other purpose - without
> >>>>> your consent - they will be sued to smithereens, at least in the EU.
> >>>>>
> >>>>> As I've said many times before, contrary to all the FUD, urban legends,
> >>>>> and other nonsense which is frequently spouted in these groups, I have
> >>>>> yet to experience *any* ill effect - i.e. 'spam', privacy issues, etc. -
> >>>>> from my use of Google products.
> >>>>
> >>>> When I browse Amazon for products, my girlfriend sees ads for some of
> >>>> them on her laptop within 24 hours.
> >>>
> >>> Same here. Probably you two are 'behind' a NAT router and 'hence'
> >>> share the same IP, which makes it hard for the ad generation to tell you
> >>> two apart. So much for the famous 'fingerprinting'.
> >>
> >> 1) Yes, and 2) that's not what I was referring to by fingerprinting.
> >
> > I know. Here I am saying that *browser* fingerprinting apparently
> > isn't working. If it was, the ad should be able to target you, instead
> > of your girlfriend.
>
> You took one thing to be something that it isn't. The ad targeted at
> her was due to IP address and had nothing to do with fingerprinting.

Duh! That's what I'm saying. They *should* - at least - have used
browser fingerprinting, but they didn't.

> >>>>> And Google does not even *have* any of my "private data", other than
> >>>>> the data which I provided, which is limited to my name, my/their e-mail
> >>>>> address, mobile number and birthday. That's it.
> >>>>
> >>>> Sad that you shared your birthday.
> >>>
> >>> I don't *share* my birthday, my Google *Account* has my birthday.
> >>
> >> So you "shared" your birthday with Google. Not smart. That data has
> >> since been sold to dozens of data brokers and onward to thousands of others.
> >
> > Nope. Wrong continent. Google can't use - let alone sell - my account
> > data without my explicit approval, especially since I've specifically
> > turned off most sections of my public data. If they did, they would face
> > very hefty and repeated penalties. EU GDPR and all that.
>
> And they do. They don't care. The fines they pay are cost of doing
> business.

More FUD. Where's your proof, facts, etc.? Yes, Google, Apple, the
lot, get frequent hefty fines, but not for selling data from people's
account which they specifically turned off. When doing business,
companies have to prove that they need certain data - i.e. in this
example someone's birthday - in order to be able to do business. If they
can't prove that, that's by default a violation.

> >>> other information can be disabled/locked and is disabled/locked.
> >>
> >> You don't know how it works. Every time an action you take on the
> >> internet with various websites, a little bit more is associated with you.
> >>
> >> The matrix proximate to you called Frank gets more data
> >
> > Sorry to rain on your parade, but my browser does not reveal my name
> > (just verified again with GRC's Shields UP!!).
> >
> >> The matric proximate to you called Slootweg gets more data
> >> The matrix proximate to you called FS@someemail.com gets more data
> >> The matrix proximate to you called your birthday gets more data
> >
> > Same for these three.
> >
> > *If* *I* provide any of this information, I do so in creating an
> > account, a commercial transaction, etc. and all these websites are bound
> > by the same EU laws with hefty penalties.
>
> See above. Profit trumps.

Nope. There are limits to what they can do. Besides the hefty fines,
the lawsuits, the reputation damage, etc. they can be banned from doing
any business at all. Google, Apple, et al have been repeatedly beaten
into submission. It works. (BTW, Apple just got another 500M Euro fine
for violating EU rules for music streaming services (reported by the
Financial Times).)

> >> More matrices are created and eventually the statistics of one
> >> correlates with the stats of another - they partially coalesce into
> >> denser and denser matrices with a high probability of being related to
> >> you. This is innocuous - until it isn't.
> >
> > That's the FUD and urban legends which are spouted. I don't dispute
> > that these things can/will happen to not-so-smart people or/and outside
> > the EU.
> >
> > But they don't happen to *me*. I do get *no* personalized ads, I get
> > *no* 'spam' (UCE/UBE), I get *no* unsollicited phone calls/SMS, etc..
>
> That is not the sole use of the data collected about you. It has value
> in ways that are not related to advertising or selling to you.

Yes, I know. As I said, (with my precautions) sofar, so good. (As I
said (see quote below),) Much higher dangers than this to worry about.

> >>>> I use a fake birthday on all
> >>>> websites (except where legally required to use my real birth date:
> >>>> government tax sites, bank, driver's license and insurance).
> >>>
> >>> Same here.
> >>
> >> Not what you said earlier.
> >
> > I said my real birthday is in my Google *Account*. You apparently
> > assumed that's public info, but it isn't.
>
> I never claimed it was public info. But it is info Amazon have (and use
> and sell). You were a fool to give that up to them.

Huh? Amazon? What stuff are you on? I never mentioned Amazon.

> > On websites, I do the same as you (give no birthday or a fake one if
> > the website insists and only use my real birthday where legally
> > required).
>
> Amazon doesn't use a website? Wow, I really ...

Yes, they do. Your *point* being? (Clue-by-four: I don't use Amazon.
Guess why.)

[...]

Bottom line: For *me*, this is the only relevant aspect:

> > Sorry, but this is way too much FUD, urban legend and conspiracy
> > theory for my taste. There's no substance whatsoever. Yes, there are
> > dangers from being on the net, but *this* 'danger' for *me*, is much
> > much lower on the to-worry-about scale than most - if not all- others.

[...]

Frank Slootweg <this@ddress.is.invalid> wrote:
> Chris <ithinkiam@gmail.com> wrote:
>> Frank Slootweg <this@ddress.is.invalid> wrote:
>>> badgolferman <REMOVETHISbadgolferman@gmail.com> wrote:
>>> [...]
>>>
>>>> Regardless of what iOS can or cannot do, the fact remains that Google
>>>> admits to using your private data, and even use it to make money. Does
>>>> Apple do that?
>>>
>>> Google uses "your private data" to present ads to *you*. That's how
>>> they "make money", no "admit" nor "even" about it.
>>>
>>> If they would use "your private data" for any other purpose - without
>>> your consent - they will be sued to smithereens, at least in the EU.
>>
>> They'd have to be caught first.
>
> Of course, but the FUD crowd implies it's done all the time. If so,
> they *will* get caught.
>
>>> As I've said many times before, contrary to all the FUD, urban legends,
>>> and other nonsense which is frequently spouted in these groups, I have
>>> yet to experience *any* ill effect - i.e. 'spam', privacy issues, etc. -
>>> from my use of Google products.
>>
>> Of course you haven't suffered direct ill effects as that would hurt their
>> business model.
>
> So what *is* the worry/harm/<whatever>. "Bad things can and will
> happen to you! News at eleven."?

Because it is "personal data" that you have rights to have control over.
How much control depends on jurisdiction.

The harm is that it can used to pre-profile you based on a bias or trend
rather than as you as an individual. I suspect you, like me, are a white
european so we will never/rarely suffer negative consequences because we
the average or default group.

People from minority backgrounds on the other hand have to constantly fight
to be treated as an individual rather than a group label: "black",
"disabled", "muslim", etc.

>>> And Google does not even *have* any of my "private data", other than
>>> the data which I provided, which is limited to my name, my/their e-mail
>>> address, mobile number and birthday. That's it.
>>
>> You're naive if you think that's all the data google has on you.
>
> Yes, they have more data on me, but the question is, is that "private
> data" and do they use it against my wishes/interests or/and do they
> sell it to others? There's no actual proof of any of this, only
> innuendo.

They may not sell your data directly, but they do make a lot of money from
it.

https://www.eff.org/deeplinks/2020/03/google-says-it-doesnt-sell-your-data-heres-how-company-shares-monetizes-and

On 2024-02-20 20:48, Gelato wrote:
> On Tue, 20 Feb 2024 18:15:27 -0500, Alan Browne wrote:
>
>>> https://www.tomsguide.com/news/icloud-backup-encryption
>>>
>>> "While data stored locally on iPhones and iPads are fully encrypted by
>>> default, and communications over iMessage are end-to-end encrypted as well,
>>> Apple has yet to extend the same security to backups stored on iCloud."
>>
>> Re-read what you cite for comprehension v. what I wrote.
>
> The point was the article discussed what few people realize which is the
> encryption key was known to Apple for all their iMessage data on iCloud.
>
> End to end encryption means nothing when a company has the encryption key.

Again, in the context of iMessage (which is the context of this thread),
it has been E2EE for quite some time - ie: Apple could not read such
messages.

Unless one backs up their iMessages in iCloud, there is no message at
rest on iCloud. Personally I find no reason to do so.

Where other services have data at rest on their servers (other iCloud
services) there were (and are) some data sets where Apple do have the
keys to such data. OTOH, Apple is a trustworthy company - so why worry?

And of course, they are making such data inaccessible to themselves over
time as they continue their very structured approach to privacy. See
Advanced Data Protection - caveat: if you lose the keys, you lose the data.

--
“Markets can remain irrational longer than you can remain solvent.”
- John Maynard Keynes.

On 2024-02-21 04:28, Frank Slootweg wrote:
> Alan Browne <bitbucket@blackhole.com> wrote:
>> On 2024-02-20 15:07, Frank Slootweg wrote:
>>> Alan Browne <bitbucket@blackhole.com> wrote:
>>>> On 2024-02-20 13:34, Frank Slootweg wrote:
>>>>> Alan Browne <bitbucket@blackhole.com> wrote:
>>>>>> On 2024-02-20 12:02, Oliver wrote:
>>>>>>> On Tue, 20 Feb 2024 10:45:18 -0500, Alan Browne <bitbucket@blackhole.com>
>>>>>>> wrote
>>>>>>>> Data brokers maintain rather large matrices of data for any given key
>>>>>>>> (name, e-mail address, etc.)
>>>>>>>
>>>>>>> Indeed, you are correct 'they' do a lot of mining of your personal data.
>>>>>>>
>>>>>>> "From ads to analytics, everyone's favorite 'privacy' company is doing
>>>>>>> more with your data than you might think."
>>>>>>> https://gizmodo.com/apple-iphone-ipad-privacy-problems-data-gathering-1849855092
>>>>>>
>>>>>> The degree to which Apple does collect data for use with partner co's is
>>>>>> well identified in agreements you make with Apple to use their services.
>>>>>> It is a pale shadow of what other co's do ... w/o disclosing anything at
>>>>>> all.
>>>>>
>>>>> No offense, but "what other co's do" is a rather meaningless,
>>>>> unsubstantiated slur. Most companies I know of, also document in
>>>>> agreements what they do and don't do. Often in painstakingly detail,
>>>>> which is actually the real problem, because most people are not going to
>>>>> read/understand it all and just tap/click 'Agree'.
>>>>
>>>> You have no idea what is being collected about you by Google w/o them
>>>> telling you anything at all; and then the co's they sell your data to,
>>>> certainly do not come running to you to ask permission to what they want
>>>> with your data.
>>>
>>> Sorry to rain on your Apple-biased parade, but Google documents in
>>> detail what they collect and how it's used by them and their partners.
>>
>> Nothing to do with Apple.
>
> Everything to do with Apple. You say that Apple documents the degree to
> which they collect data in their agreements with their customers and
> imply that other companies - and specifically Google - don't do that.
>
> That's your Apple-bias, because, as I described, Google *does*
> document what they collect/do.

It's not Apple bias. It was a description of Google's core revenue
model: the user is the product. That you raise Apple as a deflection
from it is on you.

--
“Markets can remain irrational longer than you can remain solvent.”
- John Maynard Keynes.

On 2024-02-21 14:15, Alan Browne wrote:
> On 2024-02-21 04:28, Frank Slootweg wrote:
>> Alan Browne <bitbucket@blackhole.com> wrote:
>>> On 2024-02-20 15:07, Frank Slootweg wrote:
>>>> Alan Browne <bitbucket@blackhole.com> wrote:
>>>>> On 2024-02-20 13:34, Frank Slootweg wrote:
>>>>>> Alan Browne <bitbucket@blackhole.com> wrote:
>>>>>>> On 2024-02-20 12:02, Oliver wrote:
>>>>>>>> On Tue, 20 Feb 2024 10:45:18 -0500, Alan Browne
>>>>>>>> <bitbucket@blackhole.com>
>>>>>>>> wrote
>>>>>>>>> Data brokers maintain rather large matrices of data for any
>>>>>>>>> given key
>>>>>>>>> (name, e-mail address, etc.)
>>>>>>>>
>>>>>>>> Indeed, you are correct 'they' do a lot of mining of your
>>>>>>>> personal data.
>>>>>>>>
>>>>>>>> "From ads to analytics, everyone's favorite 'privacy' company is
>>>>>>>> doing
>>>>>>>> more with your data than you might think."
>>>>>>>> https://gizmodo.com/apple-iphone-ipad-privacy-problems-data-gathering-1849855092
>>>>>>>
>>>>>>> The degree to which Apple does collect data for use with partner
>>>>>>> co's is
>>>>>>> well identified in agreements you make with Apple to use their
>>>>>>> services.
>>>>>>> It is a pale shadow of what other co's do ... w/o disclosing
>>>>>>> anything at
>>>>>>> all.
>>>>>>
>>>>>>      No offense, but "what other co's do" is a rather meaningless,
>>>>>> unsubstantiated slur. Most companies I know of, also document in
>>>>>> agreements what they do and don't do. Often in painstakingly detail,
>>>>>> which is actually the real problem, because most people are not
>>>>>> going to
>>>>>> read/understand it all and just tap/click 'Agree'.
>>>>>
>>>>> You have no idea what is being collected about you by Google w/o them
>>>>> telling you anything at all; and then the co's they sell your data to,
>>>>> certainly do not come running to you to ask permission to what they
>>>>> want
>>>>> with your data.
>>>>
>>>>     Sorry to rain on your Apple-biased parade, but Google documents in
>>>> detail what they collect and how it's used by them and their partners.
>>>
>>> Nothing to do with Apple.
>>
>>    Everything to do with Apple. You say that Apple documents the
>> degree to
>> which they collect data in their agreements with their customers and
>> imply that other companies - and specifically Google - don't do that.
>>
>>    That's your Apple-bias, because, as I described, Google *does*
>> document what they collect/do.
>
> It's not Apple bias.  It was a description of Google's core revenue
> model: the user is the product.  That you raise Apple as a deflection
> from it is on you.

The user is the product, but following the rules, which are published
and are binding, same as Apple.

--
Cheers, Carlos.

On 2024-02-21 05:12, Frank Slootweg wrote:
> Alan Browne <bitbucket@blackhole.com> wrote:
>> On 2024-02-20 15:52, Frank Slootweg wrote:
>>> Alan Browne <bitbucket@blackhole.com> wrote:
>>>> On 2024-02-20 13:23, Frank Slootweg wrote:
>>>>> Alan Browne <bitbucket@blackhole.com> wrote:
>>>>>> On 2024-02-20 04:57, Frank Slootweg wrote:
>>>>>>> badgolferman <REMOVETHISbadgolferman@gmail.com> wrote:
>>>>>>> [...]
>>>>>>>
>>>>>>>> Regardless of what iOS can or cannot do, the fact remains that Google
>>>>>>>> admits to using your private data, and even use it to make money. Does
>>>>>>>> Apple do that?
>>>>>>>
>>>>>>> Google uses "your private data" to present ads to *you*. That's how
>>>>>>> they "make money", no "admit" nor "even" about it.
>>>>>>>
>>>>>>> If they would use "your private data" for any other purpose - without
>>>>>>> your consent - they will be sued to smithereens, at least in the EU.
>>>>>>>
>>>>>>> As I've said many times before, contrary to all the FUD, urban legends,
>>>>>>> and other nonsense which is frequently spouted in these groups, I have
>>>>>>> yet to experience *any* ill effect - i.e. 'spam', privacy issues, etc. -
>>>>>>> from my use of Google products.
>>>>>>
>>>>>> When I browse Amazon for products, my girlfriend sees ads for some of
>>>>>> them on her laptop within 24 hours.
>>>>>
>>>>> Same here. Probably you two are 'behind' a NAT router and 'hence'
>>>>> share the same IP, which makes it hard for the ad generation to tell you
>>>>> two apart. So much for the famous 'fingerprinting'.
>>>>
>>>> 1) Yes, and 2) that's not what I was referring to by fingerprinting.
>>>
>>> I know. Here I am saying that *browser* fingerprinting apparently
>>> isn't working. If it was, the ad should be able to target you, instead
>>> of your girlfriend.
>>
>> You took one thing to be something that it isn't. The ad targeted at
>> her was due to IP address and had nothing to do with fingerprinting.
>
> Duh! That's what I'm saying. They *should* - at least - have used
> browser fingerprinting, but they didn't.
>
>>>>>>> And Google does not even *have* any of my "private data", other than
>>>>>>> the data which I provided, which is limited to my name, my/their e-mail
>>>>>>> address, mobile number and birthday. That's it.
>>>>>>
>>>>>> Sad that you shared your birthday.
>>>>>
>>>>> I don't *share* my birthday, my Google *Account* has my birthday.
>>>>
>>>> So you "shared" your birthday with Google. Not smart. That data has
>>>> since been sold to dozens of data brokers and onward to thousands of others.
>>>
>>> Nope. Wrong continent. Google can't use - let alone sell - my account
>>> data without my explicit approval, especially since I've specifically
>>> turned off most sections of my public data. If they did, they would face
>>> very hefty and repeated penalties. EU GDPR and all that.
>>
>> And they do. They don't care. The fines they pay are cost of doing
>> business.
>
> More FUD. Where's your proof, facts, etc.? Yes, Google, Apple, the
> lot, get frequent hefty fines, but not for selling data from people's
> account which they specifically turned off. When doing business,
> companies have to prove that they need certain data - i.e. in this
> example someone's birthday - in order to be able to do business. If they
> can't prove that, that's by default a violation.

They don't have to prove a thing. The prosecution has to prove
malfeasance. Google only needs to defend to the best they can. They do
not open their Kimono.

>
>>>>> other information can be disabled/locked and is disabled/locked.
>>>>
>>>> You don't know how it works. Every time an action you take on the
>>>> internet with various websites, a little bit more is associated with you.
>>>>
>>>> The matrix proximate to you called Frank gets more data
>>>
>>> Sorry to rain on your parade, but my browser does not reveal my name
>>> (just verified again with GRC's Shields UP!!).
>>>
>>>> The matric proximate to you called Slootweg gets more data
>>>> The matrix proximate to you called FS@someemail.com gets more data
>>>> The matrix proximate to you called your birthday gets more data
>>>
>>> Same for these three.
>>>
>>> *If* *I* provide any of this information, I do so in creating an
>>> account, a commercial transaction, etc. and all these websites are bound
>>> by the same EU laws with hefty penalties.
>>
>> See above. Profit trumps.
>
> Nope. There are limits to what they can do. Besides the hefty fines,
> the lawsuits, the reputation damage, etc. they can be banned from doing
> any business at all. Google, Apple, et al have been repeatedly beaten
> into submission. It works. (BTW, Apple just got another 500M Euro fine
> for violating EU rules for music streaming services (reported by the
> Financial Times).)

See below[AAA]

>
>>>> More matrices are created and eventually the statistics of one
>>>> correlates with the stats of another - they partially coalesce into
>>>> denser and denser matrices with a high probability of being related to
>>>> you. This is innocuous - until it isn't.
>>>
>>> That's the FUD and urban legends which are spouted. I don't dispute
>>> that these things can/will happen to not-so-smart people or/and outside
>>> the EU.
>>>
>>> But they don't happen to *me*. I do get *no* personalized ads, I get
>>> *no* 'spam' (UCE/UBE), I get *no* unsollicited phone calls/SMS, etc..
>>
>> That is not the sole use of the data collected about you. It has value
>> in ways that are not related to advertising or selling to you.
>
> Yes, I know. As I said, (with my precautions) sofar, so good. (As I
> said (see quote below),) Much higher dangers than this to worry about.

[AAA.1]
Point is: you do not know. You believe you know. But you have zero
idea of what is happening with your information that Google have
collected on you and re-sold to others. You have no idea what these
others are doing with it.

[AAA.2]
You believe you are wrapped in the protections of EU law, but you have
no idea how data above you is collected, stored, processed and used
outside of the legal confine of the EU ... but is still useful to some
co. somewhere at some time.

>
>>>>>> I use a fake birthday on all
>>>>>> websites (except where legally required to use my real birth date:
>>>>>> government tax sites, bank, driver's license and insurance).
>>>>>
>>>>> Same here.
>>>>
>>>> Not what you said earlier.
>>>
>>> I said my real birthday is in my Google *Account*. You apparently
>>> assumed that's public info, but it isn't.
>>
>> I never claimed it was public info. But it is info Amazon have (and use
>> and sell). You were a fool to give that up to them.
>
> Huh? Amazon? What stuff are you on? I never mentioned Amazon.

Quite right. As I'm on this thread I'm also shopping for parts on Amazon
- fuddled my message. Astounding that I can find a Chinese co. making
replacement parts for a near 30 year old American made tool - and it's
here a few days later...

>
>>> On websites, I do the same as you (give no birthday or a fake one if
>>> the website insists and only use my real birthday where legally
>>> required).
>>
>> Amazon doesn't use a website? Wow, I really ...
>
> Yes, they do. Your *point* being? (Clue-by-four: I don't use Amazon.
> Guess why.)

Substitute the word "Amazon" above for Google. Re-compute.

On 2024-02-21 05:12, Frank Slootweg wrote:
(BTW, Apple just got another 500M Euro fine
> for violating EU rules for music streaming services (reported by the
> Financial Times).)

Nope. Apple are expected to be fined in March.

And of course Apple will fight it.

--
“Markets can remain irrational longer than you can remain solvent.”
- John Maynard Keynes.

Alan Browne <bitbucket@blackhole.com> wrote:
> On 2024-02-21 04:28, Frank Slootweg wrote:
> > Alan Browne <bitbucket@blackhole.com> wrote:
> >> On 2024-02-20 15:07, Frank Slootweg wrote:
> >>> Alan Browne <bitbucket@blackhole.com> wrote:
> >>>> On 2024-02-20 13:34, Frank Slootweg wrote:
> >>>>> Alan Browne <bitbucket@blackhole.com> wrote:
> >>>>>> On 2024-02-20 12:02, Oliver wrote:
> >>>>>>> On Tue, 20 Feb 2024 10:45:18 -0500, Alan Browne <bitbucket@blackhole.com>
> >>>>>>> wrote
> >>>>>>>> Data brokers maintain rather large matrices of data for any given key
> >>>>>>>> (name, e-mail address, etc.)
> >>>>>>>
> >>>>>>> Indeed, you are correct 'they' do a lot of mining of your personal data.
> >>>>>>>
> >>>>>>> "From ads to analytics, everyone's favorite 'privacy' company is doing
> >>>>>>> more with your data than you might think."
> >>>>>>> https://gizmodo.com/apple-iphone-ipad-privacy-problems-data-gathering-1849855092
> >>>>>>
> >>>>>> The degree to which Apple does collect data for use with partner co's is
> >>>>>> well identified in agreements you make with Apple to use their services.
> >>>>>> It is a pale shadow of what other co's do ... w/o disclosing anything at
> >>>>>> all.
> >>>>>
> >>>>> No offense, but "what other co's do" is a rather meaningless,
> >>>>> unsubstantiated slur. Most companies I know of, also document in
> >>>>> agreements what they do and don't do. Often in painstakingly detail,
> >>>>> which is actually the real problem, because most people are not going to
> >>>>> read/understand it all and just tap/click 'Agree'.
> >>>>
> >>>> You have no idea what is being collected about you by Google w/o them
> >>>> telling you anything at all; and then the co's they sell your data to,
> >>>> certainly do not come running to you to ask permission to what they want
> >>>> with your data.
> >>>
> >>> Sorry to rain on your Apple-biased parade, but Google documents in
> >>> detail what they collect and how it's used by them and their partners.
> >>
> >> Nothing to do with Apple.
> >
> > Everything to do with Apple. You say that Apple documents the degree to
> > which they collect data in their agreements with their customers and
> > imply that other companies - and specifically Google - don't do that.
> >
> > That's your Apple-bias, because, as I described, Google *does*
> > document what they collect/do.
>
> It's not Apple bias. It was a description of Google's core revenue
> model: the user is the product. That you raise Apple as a deflection
> from it is on you.

Nice try, but no cigar. *You* mentioned Apple's practices *first* and
slurred "other co's". Then *you* brought up Google as an example of
these "other co's". I countered your slur with facts on what Google is
doing.

So any deflection is on you.

As to the "the user is the product", that's true for most if not all
free services and - as I explained - in the Google case, the user has
several controls on what the 'product' does and does not conprise.

But don't let that stop your unsubstantiated contentless rants.

AFAIC. EOD.

Chris <ithinkiam@gmail.com> wrote:
> Frank Slootweg <this@ddress.is.invalid> wrote:
> > Chris <ithinkiam@gmail.com> wrote:
> >> Frank Slootweg <this@ddress.is.invalid> wrote:
> >>> badgolferman <REMOVETHISbadgolferman@gmail.com> wrote:
> >>> [...]
> >>>
> >>>> Regardless of what iOS can or cannot do, the fact remains that Google
> >>>> admits to using your private data, and even use it to make money. Does
> >>>> Apple do that?
> >>>
> >>> Google uses "your private data" to present ads to *you*. That's how
> >>> they "make money", no "admit" nor "even" about it.
> >>>
> >>> If they would use "your private data" for any other purpose - without
> >>> your consent - they will be sued to smithereens, at least in the EU.
> >>
> >> They'd have to be caught first.
> >
> > Of course, but the FUD crowd implies it's done all the time. If so,
> > they *will* get caught.
> >
> >>> As I've said many times before, contrary to all the FUD, urban legends,
> >>> and other nonsense which is frequently spouted in these groups, I have
> >>> yet to experience *any* ill effect - i.e. 'spam', privacy issues, etc. -
> >>> from my use of Google products.
> >>
> >> Of course you haven't suffered direct ill effects as that would hurt their
> >> business model.
> >
> > So what *is* the worry/harm/<whatever>. "Bad things can and will
> > happen to you! News at eleven."?
>
> Because it is "personal data" that you have rights to have control over.
> How much control depends on jurisdiction.

As I meantioned, the jurisdiction is the EU and local law if that can
and does diverge from EU legislation.

> The harm is that it can used to pre-profile you based on a bias or trend
> rather than as you as an individual. I suspect you, like me, are a white
> european so we will never/rarely suffer negative consequences because we
> the average or default group.
>
> People from minority backgrounds on the other hand have to constantly fight
> to be treated as an individual rather than a group label: "black",
> "disabled", "muslim", etc.

True, but I don't see what that has to do with Google. Only gender is
in your Google profile. (You can set it to 'Rather not say', but that's
hardly relevant with a clear first name like mine.)

> >>> And Google does not even *have* any of my "private data", other than
> >>> the data which I provided, which is limited to my name, my/their e-mail
> >>> address, mobile number and birthday. That's it.
> >>
> >> You're naive if you think that's all the data google has on you.
> >
> > Yes, they have more data on me, but the question is, is that "private
> > data" and do they use it against my wishes/interests or/and do they
> > sell it to others? There's no actual proof of any of this, only
> > innuendo.
>
> They may not sell your data directly, but they do make a lot of money from
> it.
>
> https://www.eff.org/deeplinks/2020/03/google-says-it-doesnt-sell-your-data-heres-how-company-shares-monetizes-and

Thanks. I'll have a closer look, but a quick scan shows a US
(California) - i.e. non-EU - setting and users not using the
data-limiting controls which are available to them.

On 2024-02-21 08:39, Frank Slootweg wrote:
> Alan Browne <bitbucket@blackhole.com> wrote:
>> On 2024-02-21 04:28, Frank Slootweg wrote:
>>> Alan Browne <bitbucket@blackhole.com> wrote:
>>>> On 2024-02-20 15:07, Frank Slootweg wrote:
>>>>> Alan Browne <bitbucket@blackhole.com> wrote:
>>>>>> On 2024-02-20 13:34, Frank Slootweg wrote:
>>>>>>> Alan Browne <bitbucket@blackhole.com> wrote:
>>>>>>>> On 2024-02-20 12:02, Oliver wrote:
>>>>>>>>> On Tue, 20 Feb 2024 10:45:18 -0500, Alan Browne <bitbucket@blackhole.com>
>>>>>>>>> wrote
>>>>>>>>>> Data brokers maintain rather large matrices of data for any given key
>>>>>>>>>> (name, e-mail address, etc.)
>>>>>>>>>
>>>>>>>>> Indeed, you are correct 'they' do a lot of mining of your personal data.
>>>>>>>>>
>>>>>>>>> "From ads to analytics, everyone's favorite 'privacy' company is doing
>>>>>>>>> more with your data than you might think."
>>>>>>>>> https://gizmodo.com/apple-iphone-ipad-privacy-problems-data-gathering-1849855092
>>>>>>>>
>>>>>>>> The degree to which Apple does collect data for use with partner co's is
>>>>>>>> well identified in agreements you make with Apple to use their services.
>>>>>>>> It is a pale shadow of what other co's do ... w/o disclosing anything at
>>>>>>>> all.
>>>>>>>
>>>>>>> No offense, but "what other co's do" is a rather meaningless,
>>>>>>> unsubstantiated slur. Most companies I know of, also document in
>>>>>>> agreements what they do and don't do. Often in painstakingly detail,
>>>>>>> which is actually the real problem, because most people are not going to
>>>>>>> read/understand it all and just tap/click 'Agree'.
>>>>>>
>>>>>> You have no idea what is being collected about you by Google w/o them
>>>>>> telling you anything at all; and then the co's they sell your data to,
>>>>>> certainly do not come running to you to ask permission to what they want
>>>>>> with your data.
>>>>>
>>>>> Sorry to rain on your Apple-biased parade, but Google documents in
>>>>> detail what they collect and how it's used by them and their partners.
>>>>
>>>> Nothing to do with Apple.
>>>
>>> Everything to do with Apple. You say that Apple documents the degree to
>>> which they collect data in their agreements with their customers and
>>> imply that other companies - and specifically Google - don't do that.
>>>
>>> That's your Apple-bias, because, as I described, Google *does*
>>> document what they collect/do.
>>
>> It's not Apple bias. It was a description of Google's core revenue
>> model: the user is the product. That you raise Apple as a deflection
>> from it is on you.
>
> Nice try, but no cigar. *You* mentioned Apple's practices *first* and
> slurred "other co's". Then *you* brought up Google as an example of
> these "other co's". I countered your slur with facts on what Google is
> doing.

Completely de-coupled, actually, and deliberately so.

>
> So any deflection is on you.
>
> As to the "the user is the product", that's true for most if not all
> free services and - as I explained - in the Google case, the user has
> several controls on what the 'product' does and does not conprise.
>
> But don't let that stop your unsubstantiated contentless rants.
>
> AFAIC. EOD.

Yes, I was coming to that too.

--
“Markets can remain irrational longer than you can remain solvent.”
- John Maynard Keynes.

Alan Browne <bitbucket@blackhole.com> wrote:
> On 2024-02-21 05:12, Frank Slootweg wrote:
> > Alan Browne <bitbucket@blackhole.com> wrote:
> >> On 2024-02-20 15:52, Frank Slootweg wrote:
> >>> Alan Browne <bitbucket@blackhole.com> wrote:
> >>>> On 2024-02-20 13:23, Frank Slootweg wrote:
> >>>>> Alan Browne <bitbucket@blackhole.com> wrote:
> >>>>>> On 2024-02-20 04:57, Frank Slootweg wrote:
> >>>>>>> badgolferman <REMOVETHISbadgolferman@gmail.com> wrote:
> >>>>>>> [...]
> >>>>>>>
> >>>>>>>> Regardless of what iOS can or cannot do, the fact remains that Google
> >>>>>>>> admits to using your private data, and even use it to make money. Does
> >>>>>>>> Apple do that?
> >>>>>>>
> >>>>>>> Google uses "your private data" to present ads to *you*. That's how
> >>>>>>> they "make money", no "admit" nor "even" about it.
> >>>>>>>
> >>>>>>> If they would use "your private data" for any other purpose - without
> >>>>>>> your consent - they will be sued to smithereens, at least in the EU.
> >>>>>>>
> >>>>>>> As I've said many times before, contrary to all the FUD, urban legends,
> >>>>>>> and other nonsense which is frequently spouted in these groups, I have
> >>>>>>> yet to experience *any* ill effect - i.e. 'spam', privacy issues, etc. -
> >>>>>>> from my use of Google products.
> >>>>>>
> >>>>>> When I browse Amazon for products, my girlfriend sees ads for some of
> >>>>>> them on her laptop within 24 hours.
> >>>>>
> >>>>> Same here. Probably you two are 'behind' a NAT router and 'hence'
> >>>>> share the same IP, which makes it hard for the ad generation to tell you
> >>>>> two apart. So much for the famous 'fingerprinting'.
> >>>>
> >>>> 1) Yes, and 2) that's not what I was referring to by fingerprinting.
> >>>
> >>> I know. Here I am saying that *browser* fingerprinting apparently
> >>> isn't working. If it was, the ad should be able to target you, instead
> >>> of your girlfriend.
> >>
> >> You took one thing to be something that it isn't. The ad targeted at
> >> her was due to IP address and had nothing to do with fingerprinting.
> >
> > Duh! That's what I'm saying. They *should* - at least - have used
> > browser fingerprinting, but they didn't.
> >
> >>>>>>> And Google does not even *have* any of my "private data", other than
> >>>>>>> the data which I provided, which is limited to my name, my/their e-mail
> >>>>>>> address, mobile number and birthday. That's it.
> >>>>>>
> >>>>>> Sad that you shared your birthday.
> >>>>>
> >>>>> I don't *share* my birthday, my Google *Account* has my birthday.
> >>>>
> >>>> So you "shared" your birthday with Google. Not smart. That data has
> >>>> since been sold to dozens of data brokers and onward to thousands of others.
> >>>
> >>> Nope. Wrong continent. Google can't use - let alone sell - my account
> >>> data without my explicit approval, especially since I've specifically
> >>> turned off most sections of my public data. If they did, they would face
> >>> very hefty and repeated penalties. EU GDPR and all that.
> >>
> >> And they do. They don't care. The fines they pay are cost of doing
> >> business.
> >
> > More FUD. Where's your proof, facts, etc.? Yes, Google, Apple, the
> > lot, get frequent hefty fines, but not for selling data from people's
> > account which they specifically turned off. When doing business,
> > companies have to prove that they need certain data - i.e. in this
> > example someone's birthday - in order to be able to do business. If they
> > can't prove that, that's by default a violation.
>
> They don't have to prove a thing. The prosecution has to prove
> malfeasance. Google only needs to defend to the best they can. They do
> not open their Kimono.

Yes, they *do* have to *prove* they're not violating the what is (not)
not needed rule. So in the example, they have to prove that the
customer's birthday is needed in order to be able to perform the
transaction. As the birthday is not needed in most cases, it's a by
default violation, unless they can prove otherwise.

It's not a normal court case. The organization judges the alleged
violation. If they find it's a violation, they can take action, which
can of often does include a fine. *Then* the accused party can object
and try to dispute the case/fine. Same with the country-local
equivalents, they judge, they decide, they issue a fine.

Moral: Don't pretend to know how the EU/country-local legislation on
use of personal data works.

[...]

> >>>> The matrix proximate to you called Frank gets more data
> >>>
> >>> Sorry to rain on your parade, but my browser does not reveal my name
> >>> (just verified again with GRC's Shields UP!!).
> >>>
> >>>> The matric proximate to you called Slootweg gets more data
> >>>> The matrix proximate to you called FS@someemail.com gets more data
> >>>> The matrix proximate to you called your birthday gets more data
> >>>
> >>> Same for these three.
> >>>
> >>> *If* *I* provide any of this information, I do so in creating an
> >>> account, a commercial transaction, etc. and all these websites are bound
> >>> by the same EU laws with hefty penalties.
> >>
> >> See above. Profit trumps.
> >
> > Nope. There are limits to what they can do. Besides the hefty fines,
> > the lawsuits, the reputation damage, etc. they can be banned from doing
> > any business at all. Google, Apple, et al have been repeatedly beaten
> > into submission. It works. (BTW, Apple just got another 500M Euro fine
> > for violating EU rules for music streaming services (reported by the
> > Financial Times).)
>
> See below[AAA]
>
> >>>> More matrices are created and eventually the statistics of one
> >>>> correlates with the stats of another - they partially coalesce into
> >>>> denser and denser matrices with a high probability of being related to
> >>>> you. This is innocuous - until it isn't.
> >>>
> >>> That's the FUD and urban legends which are spouted. I don't dispute
> >>> that these things can/will happen to not-so-smart people or/and outside
> >>> the EU.
> >>>
> >>> But they don't happen to *me*. I do get *no* personalized ads, I get
> >>> *no* 'spam' (UCE/UBE), I get *no* unsollicited phone calls/SMS, etc..
> >>
> >> That is not the sole use of the data collected about you. It has value
> >> in ways that are not related to advertising or selling to you.
> >
> > Yes, I know. As I said, (with my precautions) sofar, so good. (As I
> > said (see quote below),) Much higher dangers than this to worry about.
>
> [AAA.1]
> Point is: you do not know. You believe you know. But you have zero
> idea of what is happening with your information that Google have
> collected on you and re-sold to others. You have no idea what these
> others are doing with it.

The point you keep ignoring that in order to be able to do anything
with "your information", 'they' first have to *have* such information.

*My* *point* is that 'they' have very, very limited information,
because I provide only minimal information and 'they' can 'trace' only
very minimal information, because I'm not providing more to anyone.

> [AAA.2]
> You believe you are wrapped in the protections of EU law, but you have
> no idea how data above you is collected, stored, processed and used
> outside of the legal confine of the EU ... but is still useful to some
> co. somewhere at some time.

[Disclaimer: Yes, I said EOD, but it took a while for this mind-boggler
to sink in.]

Alan Browne <bitbucket@blackhole.com> wrote:
> On 2024-02-21 05:12, Frank Slootweg wrote:
> > Alan Browne <bitbucket@blackhole.com> wrote:
> >> On 2024-02-20 15:52, Frank Slootweg wrote:
[...]

> >>> I said my real birthday is in my Google *Account*. You apparently
> >>> assumed that's public info, but it isn't.
> >>
> >> I never claimed it was public info. But it is info Amazon have (and use
> >> and sell). You were a fool to give that up to them.
> >
> > Huh? Amazon? What stuff are you on? I never mentioned Amazon.
>
> Quite right. As I'm on this thread I'm also shopping for parts on Amazon
> - fuddled my message. Astounding that I can find a Chinese co. making
> replacement parts for a near 30 year old American made tool - and it's
> here a few days later...

You're not serious, are you!?

Here you are lecturing someone, who is using a tightly controlled
Google Account, on the alleged severe privacy risks of such use, while
you are shopping at *Amazon*!

So Amazon having, using and selling your personal information is
perfectly fine in your book, but if (you say) Google does so, it's the
end of the world as we know it!?

Sorry, but you can't have it both ways.

And you say you use *Google* *Maps*! Bad boy, bad boy, bad bad boy!

On 2024-02-20, Alan <nuh-uh@nope.com> wrote:
> On 2024-02-20 08:43, badgolferman wrote:
>> Alan Browne wrote:
>>> On 2024-02-20 10:07, soyon wrote:
>>>> David B. wrote on 20.02.2024 06:31
>>>>> https://www.bleepingcomputer.com/forums/t/794583/apple-support-communities-asc-forums-access/
>>>>
>>>> Nice find.
>>>>
>>>> I love the post with the screenshot from Apple saying essentially
>>>> that Apple's walled garden falls apart like a Potemkin village the
>>>> instant you don't constantly and repeatedly, day after day, always
>>>> log into Apple's servers (every day of your life, forever!) using
>>>> the same Apple ID.
>>>
>>> Your basic premise is false and misleading (that you Arlen?) - and
>>> that you're echoing off of that idiot diminishes your very low
>>> standing even further.
>>>
>>> You can do everything on an iPhone communications wise that you can
>>> do with Android. That is e-mail, SMS/MMS, other messaging
>>> platforms, surf the web, etc. and so on, w/o being logged into
>>> Apple's system. And of course to the extent that 10's of thousands
>>> of apps provide their own servers, etc., those are also accessible
>>> w/o logging into Apple's servers.
>>>
>>> The benefit of being logged into iCloud is the other Apple provided
>>> services for communications and integration of services (as oft
>>> listed in the past). This is the "apple eco-system" that makes
>>> using using various Apple devices such as a Mac and iPhone so
>>> seamless and convenient. All of this over a very strongly encrypted
>>> communications system run by a company that sells products and
>>> services - not people's information - like Android producer Google.
>>>
>>> So, bleat out your nonsense attack on Apple again and again and
>>> again, it doesn't change the reality of things.
>>
>> Can you setup a new iPhone without an AppleID?
>
> Yup.
>
> 30 seconds of personal research could have answered that for you.

He was told by Arlen that wasn't possible! And like a good little
trollboi he swallowed it up and regurgitated it in the form of a
question as if he thought it was some witty "gotcha". Gullible rube is
the phrase of the day! 😉

--
E-mail sent to this address may be devoured by my ravenous SPAM filter.
I often ignore posts from Google. Use a real news client instead.

JR

On 2024-02-20, Gelato <gelato@> wrote:
> On Tue, 20 Feb 2024 12:53:50 -0500, Alan Browne wrote:
>
>> iMessage has been end-to-end for a long time and messaging is the
>> context of the present topic.
>
> That "long time" was only a short time ago.
> https://www.tomsguide.com/news/icloud-backup-encryption
>
> "While data stored locally on iPhones and iPads are fully encrypted by
> default, and communications over iMessage are end-to-end encrypted as
> well, Apple has yet to extend the same security to backups stored on
> iCloud."

Tell me you aren't this dumb. iCloud Backups are not messages.

iMessage has indeed been end-to-end encrypted for a long, long time.

Backups are also end-to-end encrypted when you enable Advanced Data
Protection which was introduced with iOS 16.2, iPadOS 16.2 and macOS
13.1.

--
E-mail sent to this address may be devoured by my ravenous SPAM filter.
I often ignore posts from Google. Use a real news client instead.

JR

On 2024-02-21, Gelato <gelato@> wrote:
> On Tue, 20 Feb 2024 18:15:27 -0500, Alan Browne wrote:
>
>>> https://www.tomsguide.com/news/icloud-backup-encryption
>>>
>>> "While data stored locally on iPhones and iPads are fully encrypted
>>> by default, and communications over iMessage are end-to-end
>>> encrypted as well, Apple has yet to extend the same security to
>>> backups stored on iCloud."
>>
>> Re-read what you cite for comprehension v. what I wrote.
>
> The point was the article discussed what few people realize which is
> the encryption key was known to Apple for all their iMessage data on
> iCloud.

Nope. Wrong again. IF you use the OPTIONAL iCloud Backups feature - as
opposed to backing up to your own computer, and you don't enabled
Advanced Data Protection, your backup contains a copy of your iMessage
encryption key. Nuance is hard, y'all! 🤣

> End to end encryption means nothing when a company has the encryption
> key.

Don't back up to iCloud, or enable Advanced Data Protection. "Problem"
solved, like magic!

--
E-mail sent to this address may be devoured by my ravenous SPAM filter.
I often ignore posts from Google. Use a real news client instead.

JR

On 2024-02-20, Alan <nuh-uh@nope.com> wrote:
> On 2024-02-20 12:54, Wolf Greenblatt wrote:
>> On Tue, 20 Feb 2024 14:16:20 -0500, Alan Browne wrote:
>>
>>> You don't know how it works. Every time an action you take on the
>>> internet with various websites, a little bit more is associated with
>>> you.
>>
>> You're correct that Apple knows everything you do with your unique
>> Apple ID as was recently described in this information technology
>> privacy report.
>
> You apparently don't understand...
>
>> Your iOS app may still be covertly tracking you, despite what Apple
>> says
>
> ...that Apple is not:
>
> "companies, particularly large ones like Google and Facebook, to work
> around the protections and stockpile even more data."
>
>> The paper warned that despite Apple's insincere promise of more
>> transparency, ATT might gives its users a false sense of security.
>
> Weird that you left that out of the paragraph you quoted above this
> paragraph...
>
> ...isn't it?
>
>>
>> "The researchers identified nine iOS apps that used server-side code
>> to generate a mutual user identifier that a subsidiary of the Chinese
>> tech company Alibaba can use for cross-app tracking. "The sharing of
>> device information for purposes of fingerprinting would be in
>> violation of Apple's policies, which do not allow developers to
>> 'derive data from a device for the purpose of uniquely identifying
>> it,'" the researchers wrote.
>
> "nine iOS apps".
>
> How many of them were Apple's?

I'll hazard a guess: Zero.

>> blah blah blah
>
> '6 CONCLUSIONS & FUTURE WORK
>
> Overall, we find that Apple’s new policies largely live up to its
> promises on making tracking more difficult.'
>
><https://arxiv.org/pdf/2204.03556.pdf>
>
> Small wonder you failed to include this.

Weak troll's gonna troll.

--
E-mail sent to this address may be devoured by my ravenous SPAM filter.
I often ignore posts from Google. Use a real news client instead.

JR