Palm’s leaking mobile phone miscue

Matt Hartley writing for Lockergnome reports on a disturbing privacy problem with the Palm Pre, citing a BBC story. The detail of data being sent back to Palm is rather alarming, including user location, application usage patterns, and a list of applications installed on the phone.

Palm’s PR department, of course, responds with more spin than a Steve Mizerak masse shot. Quoting the BBC article:

Palm issued a statement about Mr Hess’ discovery and said it “offers users ways to turn data collecting services on and off”.

It added: “Our privacy policy is like many policies in the industry and includes very detailed language about potential scenarios in which we might use a customer’s information, all toward a goal of offering a great user experience.”

“We appreciate the trust that users give us with their information, and have no intention to violate that trust,” said Palm.

Excuse me Palm, but I really think you just did exactly that. I would be willing to bet it has been intentionally made difficult to turn off the “data collecting services” you refer to.

It’s inexcusable to leak that kind of detailed data and bury it under some kind of legalese “privacy policy.” How about being honest about this and telling the user, in plain English, you’re going to do this the first time the phone is turned on?

And we wonder why Palm nearly went bankrupt. Wonder no more. At least now we know this time they’re going to sink for a good reason.

Apple’s sneaky iTunes personal information leak

As (re-)discovered in a recent TechBlog article, Apple is embedding personal information in downloads from its iTunes music store. Assumably this is a way to help catch the “low-hanging fruit” of those who partake in unauthorized copying. Casting aside the ethical issues, this is rather horribly misguided if that’s Apple’s reason.

Consider the following situation: Alice hosts a party where several guests, Bob, Charlie, and a few other close friends of hers are in attendance. Mallory crashes the party (or, even attends as a friend of one of the other guests, it’s really kind of immaterial) and snarfs some of the music files from Alice’s collection, with Alice’s name and e-mail address in them. They wind up on a Web server with a Tor hidden service address, run by Mallory the next morning.

Now, nobody downloading these files will know anything about Mallory. Well, obviously they’ll know some Tor user put these up on a hidden service. But all they will see in the files is Alice’s e-mail address, and probably assume she’s the one who has shared the files.

This can happen any number of ways: stolen storage media strikes me as one of the more likely ones (in fact, Mallory may well have sticky fingers when it comes to USB flash drives in the above example). But I think it’s a great reason why this kind of information should not be in downloaded media files.

Not to mention Dwight does a great job of showing how easy this is to circumvent (converting to MP3). I would not even be surprised if there’s a way to configure a decoder to write the exact same encoded audio sans most of the tags.