Privacy and Trust

4 mins

Recorded on iPhone using the default safari browser.


All right, here we go.

This is a post about privacy and trust in the tech news. Actually, in the news news over the past twenty four hours have been two stories - three stories really, that I have got my attention.

First is Facebook’s nefarious trickery in conning what sounds like minors into giving control of their phones to Facebook in exchange for twenty dollars a month. I hope state’s attorneys general are looking into that. It sounds like that is probably not legal, certainly borderline -a huge violation of trust and privacy. Manipulating minors into entering a commercial transaction that has tremendous privacy implications is just on extraordinary breach of trust.

The second story also involves Facebook. Actually, this is, I guess, there will be a total of four stories - the second story involves Facebook’s, um, use of overselling. I’m not even sure what the term here is, but basically bidding up or enticing, uh, the use of payments in games. I know this has a really a name to it, but I can’t think of it right now. But anyway, just using really sleazy tactics to jack up spending in the Games and that was also seems to be targeted have been targeted at my owners.

Story number three involves Apple and actually story number four is about Apple as well. This is a Huge privacy breach Which  - breach is not the right word for it, pardon me - bug in face time. Whereby a malicious user could, um, engage a Facetime call to a user. And apparently, if the user, the called user, doesn’t even answer the FaceTime call the remote mic is turned on and the call initiator then has effectively has a live mic without the call having even been answered. Just an extraordinary privacy bug. Sounds like that was not malicious in nature - this was a real bug. Apple disabled facetime immediately upon this issue being made public so they did the right thing. But wow, what a bug.

Issue number four. Also apple. Apparently there is some a piece of malware that allowed for a remote user, in this case, a remote malicious user, to send an iMessage to a remote user and even if that remote user didn’t open the iMessage, the message planted malware on the person’s phone. So what an extraordinary bug that was - again also does not seem to be, um, to have originated via malicious intent from Apple, but just an extraordinary bug.

What do all these have in common?

I’ll tell you what they have in common. They have in common direct native application device API  access on your phone. They’re manipulating elements of your phone’s operating system and supporting libraries outside of your purview - outside of what you can see or have any control over. They're doing this stuff behind your back.

And you know it’s a huge violation of privacy, whether you have explicitly given these apps access to your device APIs or not. When you install a native app from the app store, you’re giving that app low level access to your device. So this is a really, oh, you know, a really important point to make:

Tincup Voice uses no device APIs.  We’re one hundred percent a web application. We use only HTML5 APIs to access your microphone. And even then we pop up a dialogue. It might be a little bit of a nuisance the first couple times you see it, but I think you can appreciate why we do it. We pop up a dialogue that requests your permission to use your microphone.

Why do we do that? Because we’re not nefarious motherfuckers who are dicking around with your device, uh, and, you know, trying to exploit you. So I'm eending this post with a bit of a rant. Holy shit, folks.