So I joined a new gym last year and was pleasantly surprised. They gave me a smart card to get in and out, that's it, no app, no accounts, no nothing. Well, today I got to the gym and saw the announcement that they are phasing out the access with the smart card and starting to use, you guessed it, an app.
Now, I know this is not such a big deal in the grand scheme of things. But I'm just tired of this trend of replacing perfectly functioning systems with apps (public transport tickets come to mind). Just more ways to harvest people's data, I guess...
Ah and by the way, in my previous gym they not only required an app for accessing the place, they also incentivized people to track their workouts, meals and bodyweight using the gym's app (of course I never used any of these features).
The news was already posted here last week, but I found this great technical explanation of the flaw.
Long story short: Apple is using bad cryptography. They got alerted by researchers back in 2019 but didn't fix it.
Recently stumbled upon the PhD thesis of a researcher at the Eindhoven University of Technology from ~2 years ago. I haven't read the whole thing, but I thought it might be of interest for someone here. It's freely available for download on the link.
Excerpts from the preface:
> The sheer number of the surveillance systems that we document in subsequent chapters reflects the industrial scale of data collection in the twenty-first century. We hope that future researchers will take up the challenge of addressing each covert program as a research subject to fully and completely explore, and to freely share their findings with the wider world in the spirit of open academic discussion. This kind of basic research is crucial to anti-surveillance software and hardware development.
> The machinery of mass surveillance is simply too dangerous to be allowed to exist. We must work to ensure that no one will be able to say that they did not know, or that they were not warned. We must use all of the tools in our toolbox – economic, social, cultural, political, and of course, cryptographic – to blind targeted and mass surveillance adversaries.
You need to add the repository to fdroid
Been using it for over 6 months and I’ve found it’s everything I personally needed. I’ll be buying the lifetime plan next.
If you’re asking about the encryption, they publish a whitepaper on their website with the details. I can’t really comment on that since I’m no expert. But I did a quick online search back then and found good comments so decided to trust them.
I think this is a pretty good breakdown and worth a read. Some key takeaways are that with FLoC Google would be able to track visitors to your website even if you were not using Google Analytics, and that the mechanism is built-in the Chrome browser so entirely controlled by Google.
Here is a related article about Topics, the FLoC replacement.
Hello. I sometimes receive images in HEIC format and I use an app to convert them to JPG. However I realized that this app uploads the images and makes the conversion in the cloud, so I stopped using it.
Does anyone know of an app that does this conversion offline?
This would be the best way. Unfortunately they made it the other way around. A screen at the door shows the code, and you scan it with the app.
In my previous gym the code was on the app, but I’m not sure anymore if it was static or it changed over time. But the reader on the door was awful, I used to spend a good 3 minutes trying different angles with my phone to make it recognize the code.