Younger members of my family usually gather by tradition during public holidays to mock me, but they're beginning to wake up now.
I won't mock you at all, but I will point out that it's entirely possible to use a smartphone in a way that doesn't leak any data more than a feature phone does.
my view is that this level of intrusion shouldn't be a) default b) 'easy'.
Then you should lose your feature phone, too. If it has been made in the last 10 years or so, then it almost certainly includes a GPS receiver (even if you don't get to access it yourself) and reports your location to the your carrier on demand. This is the easiest way for companies to comply with the E911 regulations.
I can think of a lot of reasons to do this, but I don't know which one(s) the commenter has.
In general, though, there's a compelling security reason: if you aren't actively using a communications channel, best practice is to shut it off to minimize the attack surface.
Yes, the internet should be secure by default. However, that's a different question from "should ISPs be doing it?"
ISPs are not trustworthy, so any "security" imposed by them is meaningless. The internet should be secure by default through the protocol definitions, and enforced the same way that all internet protocols are enforced: if you don't conform, then you can't really talk with anybody.
What's in telemetry data is something that has to be investigated further.
I've reached the point where I don't actually care what's in telemetry data anymore (in part because there's no such thing as "innocuous", "non-PII", or "anonymized" data). I'll do my best to stop it all regardless.
In this day and age, you have to assume that every piece of software you run on any platform will be phoning home.
That's why I firewall all traffic, incoming and outgoing, these days, especially on my phone. It's also rather interesting examining the logs of what was blocked.
In fact, as I was doing routine firewall maintenance over the weekend, it occurred to me that at some point I made a shift -- I now pay more attention to outgoing traffic than incoming!
Industry trends have resulted in it becoming necessary to treat all devices and software, inside or out, as threats.
I've worked at a lot of companies in my career and some are fine with you doing a 9-5 so long as you get your work done well and on time.
This.
In my own companies, I never cared about how many hours my employees worked, or when they worked those hours (with the exception of positions that require coordination with others outside the company).
What I cared about was that deadlines were met and the work quality was acceptable. As long as that happens, nothing else matters.
When choosing where I want to work, I tend to look at this as well. If a company seems overly focused on "correct" working hour and durations, I tend to pass. I'm being paid for work product, not for how many hours I warm a chair. If a company doesn't see that, it's a strong indication that I'm a poor fit there.
Our economic system requires that a certain percentage of people earn subsistence-level wages. Even if the entire population were highly educated and highly motivated, there would still be a not insignificant number of people making the least amount of money that the law will allow.
To say that a person's income is entirely up to them is such an extreme oversimplification as to border on a lie.
Whether I'm making a little or a lot (and I've done both), I can't stand having to be at a workplace with nothing to do. The time goes so slowly, and it's pure torture, particularly when I could be doing what I love: engineering.
I have seen people who slack on the job, so I understand they exist -- but I will never understand how anyone can handle doing that. You literally could not pay me enough to put up with doing nothing.
Personally speaking, video is even worse than in-person lectures in terms of absorbing information. But if they supplied the transcripts for the video, then I would be able to get by.
Slashdot Mirror
If data about me or my devices is being sent without my permission, I call that "spying".
While it's possible that these apps are phoning home, there are legitimate reasons for doing so
There is never a legitimate reason to do so without my knowledge and permission.
Don't put untrusted apps on your primary phone with all your personal data.
And don't consider any app you didn't write yourself as "trusted".
Younger members of my family usually gather by tradition during public holidays to mock me, but they're beginning to wake up now.
I won't mock you at all, but I will point out that it's entirely possible to use a smartphone in a way that doesn't leak any data more than a feature phone does.
my view is that this level of intrusion shouldn't be a) default b) 'easy'.
Then you should lose your feature phone, too. If it has been made in the last 10 years or so, then it almost certainly includes a GPS receiver (even if you don't get to access it yourself) and reports your location to the your carrier on demand. This is the easiest way for companies to comply with the E911 regulations.
Probably so, but that's meaningless except (maybe) in a court of law.
I agree with this. The fewer hands between the manufacturer and me, the better.
I don't buy batteries on Amazon, either. Even they can't beat the price I get at the dollar store.
It would never have occurred to me to try to get compensation from a battery company in the case of leaky batteries.
But then, I've never had a battery leak unless I left it installed and sitting unused for years, in which case it's my fault, not the battery's.
I can think of a lot of reasons to do this, but I don't know which one(s) the commenter has.
In general, though, there's a compelling security reason: if you aren't actively using a communications channel, best practice is to shut it off to minimize the attack surface.
Editing the hosts file is completely inadequate, as it only affects domain name lookups.
You need a good firewall.
On one level, I don't care -- repeated testing shows that the big name batteries do not tend to perform better than house-brand cheapies.
On the other hand, I do care because name brand batteries are insanely expensive compared to the cheap brands that perform at least equally as well.
I disagree. You can't have security without privacy.
What is incompatible is convenience and security.
I define "secure" for my own communications.
"Secure" means that nobody can understand or modify my communications without my express intention that they can do so.
Yes, the internet should be secure by default. However, that's a different question from "should ISPs be doing it?"
ISPs are not trustworthy, so any "security" imposed by them is meaningless. The internet should be secure by default through the protocol definitions, and enforced the same way that all internet protocols are enforced: if you don't conform, then you can't really talk with anybody.
I'd have a hard time trusting Samsung's firewall APIs without testing them rather extensively first.
The first thing I do when I get a new phone is replace the operating system. This completely eliminates the problem of apps I can't delete.
If I can't replace the OS on a phone, then I don't buy the phone.
What's in telemetry data is something that has to be investigated further.
I've reached the point where I don't actually care what's in telemetry data anymore (in part because there's no such thing as "innocuous", "non-PII", or "anonymized" data). I'll do my best to stop it all regardless.
I don't see how iPhones have any kind of real edge with this sort of thing. Plus, you can't really install an effective firewall on iPhones.
In this day and age, you have to assume that every piece of software you run on any platform will be phoning home.
That's why I firewall all traffic, incoming and outgoing, these days, especially on my phone. It's also rather interesting examining the logs of what was blocked.
In fact, as I was doing routine firewall maintenance over the weekend, it occurred to me that at some point I made a shift -- I now pay more attention to outgoing traffic than incoming!
Industry trends have resulted in it becoming necessary to treat all devices and software, inside or out, as threats.
Isn't that the whole objective of hard working in the early years?
For some people, obviously, but certainly not for everybody!
I've worked at a lot of companies in my career and some are fine with you doing a 9-5 so long as you get your work done well and on time.
This.
In my own companies, I never cared about how many hours my employees worked, or when they worked those hours (with the exception of positions that require coordination with others outside the company).
What I cared about was that deadlines were met and the work quality was acceptable. As long as that happens, nothing else matters.
When choosing where I want to work, I tend to look at this as well. If a company seems overly focused on "correct" working hour and durations, I tend to pass. I'm being paid for work product, not for how many hours I warm a chair. If a company doesn't see that, it's a strong indication that I'm a poor fit there.
Our economic system requires that a certain percentage of people earn subsistence-level wages. Even if the entire population were highly educated and highly motivated, there would still be a not insignificant number of people making the least amount of money that the law will allow.
To say that a person's income is entirely up to them is such an extreme oversimplification as to border on a lie.
Whether I'm making a little or a lot (and I've done both), I can't stand having to be at a workplace with nothing to do. The time goes so slowly, and it's pure torture, particularly when I could be doing what I love: engineering.
I have seen people who slack on the job, so I understand they exist -- but I will never understand how anyone can handle doing that. You literally could not pay me enough to put up with doing nothing.
But when I learn the material beforehand from the book, lectures have been an excellent way for me to reinforce what I learned
Yes, I understand. I am not quite like that. Even if I know the material beforehand, lectures are worthless to me.
Personally speaking, video is even worse than in-person lectures in terms of absorbing information. But if they supplied the transcripts for the video, then I would be able to get by.