Maybe we’re just using VPN’s differently than you’d expect. For example, I use Blokada, a local VPN for reducing ad/tracking services embedded in apps. I don’t actually send my traffic to a remote server.
I don’t think purchase info is necessary tied to hardware out of the box beyond asset tracking. That would cause issues with gifting.
The easy answer is if you don’t run the software, it can’t collect data.
However, the firmware is network capable and certain diagnostic tools and recovery modes can call home. I am not familiar to the extent, however.
This also does not stop other devices, Apple included, from detecting the Mac and reporting home hardware/location data.
If you’re considering life360, you’ve already lost the privacy game.
There are different levels of privacy to consider.
Apps: limit number of apps or essential only. Many have built-in trackers for developer kickbacks. Even developers don’t know the full extent of how the data is used.
Device settings: harden the phone by checking all the privacy settings. Install an ad/tracker blocking VPN app.
Evesdroppers: Your phone is a radio transmitter. Companies know this. Your mobile company may have privacy settings and track phones independently of any device settings or app. Also, bluetooth loggers are placed around high traffic areas, such as stores, to record precise location and movement. Disabling wifi, Bluetooth, or Mobile may be considered depending on level of privacy paranoia*.
There may be some privacy respecting tracking options (well, as a family anyway) over on the selfhosted lemmy community if you’re ready to go down that rabbit hole.
•It’s not paranoia if it’s real.
Watched as much as I could stand. Man, does he draaaaag on.
Mars had a DB breach, 2.7 billion accounts, only for IOT devices.
Conflicting data: phone app doesn’t collect user data, but lo and behold, data collected anyway. Possibly direct from IOT devices.
SSID/pass screenshotted but official response said that was on separate server not involved.
Meh, don’t trust IOT, guys. Keep that crap on a vlan or second wifi. Man, this guy was painful to watch.
I’m split on this. On one hand, I don’t want to be tracked, but know I am anyways. On the other hand, bringing awareness to these problems is important.
One reason companies get away with horrible invasions or privacy is they limit those privileged to access it. Opening up a system to show how invasive it is could be a good thing. Big tech has become the juggernaut it is by operating in the shadows as much as possible.
Personally, that crosses my mind. But I came over in the reddit revolt and saw lemmy as a fresh start. Privacy isn’t easy, but at least make them work for it.
Also, I figure (if it hasn’t happened already) some federated instances out there are nefarious, set up to harvest data.
We just had a helicopter doing low passed over our house and watching the flight on a tracker, it was clear it was casing chosen neighborhoods. The lengths someone went to sell whatever info they grabbed means it’s highly valuable. The fediverse is open and waiting for it to be datamined.
Wait, what?
So you take a pic, it’s analysed, the analysis is encrypted, encrypted data is sent to a server that can deconstruct encrypted data to match known elements in a database, and return a result, encrypted, back to you?
Doesn’t this sort of bypass the whole point of encryption in the first place?
Edit: Wow! Thanks everyone for the responses. I’ve found a new rabbit hole to explore!
I sort of do this because I own my domain. I generally pick an annual keyword email filters can lock on, followed by an identifier with whom I’m contacting.
It’s easy to trace if addressed get breached, especially unreported breaches, and add to a burn list if they get spammed.
Also, if I have no intention of responding I give fake info or if I need that rare password reset link I know when to look in the spam.
Yeah, using my domain is it’s self a bit trackable, but enough friends and family use it I figure poisoned data is sweet justice.
Fun fact, but for some reason old fake accounts have boomed in popularity; like data brokers with bad information bounce verifications off each other, linked it to some poor sap in another state, and snowballed into an actual profile. I’m going to use that identity as an alt profile for something someday.
First of all, the ISP controls cable modem firmware. They have all the settings and manage the device. You don’t get much control there.
As for your question, I’d say no, for 2 reasons. First, designing that capability is expensive and modems are built for cheap reliability. Second, any hardware to spy is more useful installed in a data center accessible to their user base. There is not much point installing unnecessary tech to one endpoint.
As for router, they are beefier CPU-wise. AT&T has in the past prevented users from changing DNS settings and that could lead to lots of tasty data. Deep packet inspection is becoming more prevalent in home routers as is integration with other technologies. (EERO devices for example).
Make sure to fire up a VPN or something when you need.
Don’t take on all that guilt. There are things we can do to limit our data, but a lot, dare I say the majority, is scraped from sources beyond your control. You may have great practices and security, but others may not, and those weaknesses or business arrangements are vectors for breaches like these.
We’re all in the same boat here.
I feel a lot of these responses miss the mark. If I read it correctly, you suggest matrix is the data leak and the results of which show in Instagram.
Matrix has many clients, one of which could be leaking data, but not necessary from your end of the conversation.
There are also keyboards which analyze input, and high privileged apps that can read notifications.
From what I understand, Meta apps can scan a device for a list of apps installed (probably somesort of fingerprinting concern) but can’t actually read app interactions or content.
I’d say hi in a chat with some clear, unique keywords on a new or old/wiped device and see if the leak continues. It may not be you at all, but it would identify the problematic device
Enlightening read and explained very well.
As for the Apple bug bringing back old photos from an erased data partition; non-applicable if I recall. Apple identified the bug having to do with restoring devices from backups. Backup data contained the presumed deleted content.
This article is therefore correct that deleted photos from reset devices (and not restored from backup) could not be recovered from the data partition.
Look up the IRS’s ID.me verification. That’s a nasty 3rd party IMO.
Ha! I gave up that fight long ago. I just try not to make it easy for them.
Just sort of pointing out this tracking network (like many others already running) is happening whether you opt out or not.
The opt out part is just security theater for your peace of mind.
Keep in mind they (Google, Apple, Amazon, etc) must still comply with government warrants. Probably pre-encryption.
I use both, but a big complaint of noscript is the inability to tell what scripts were blocked. I end up unblocking ***CDN.com or ***static.com and if that doesn’t work, check each until it does. Sort of defeats the purpose.
I installed it on my parents computers and trying to teach them how to get necessary function working again is beyond them.
I have instead installed privacy badger since I read it also blocks scripts.
I think you are talking OBDII systems, and while they communicate with the ECU, that system wouldn’t need any GPS access. I don’t think it has a direct link with the cambus that would hold the more advanced data. (Which if memory serves, also doesn’t handle GPS.
There is a dedicated port in my car specifically for data logging, but it only records realtime, not past travel. My GPS unit does track “breadcrumbs” if not following a road, but you’d have to interface directly to that computer. since there is no Bluetooth, there is no contact data or advanced privacy weaknesses.
Looks like there is an iOS app in development
Me neither. But eventually I’ll be forced to somehow too.