Sign in / up

back to article The ones who brought you Let's Encrypt, bring you: Tools for gathering anonymized app usage metrics from netizens

The Internet Security Research Group (ISRG) has a plan to allow companies to collect information about how people are using their products while protecting the privacy of those generating the data. Today, the California-based non-profit, which operates Let's Encrypt, introduced Prio Services, a way to gather online product …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Anonymous Coward
    Anonymous Coward

    Not a wedge, just a service :-(

    "While some subscribers down the line may be paying for the service, many will have access to the service through philanthropic contributions,"

    A year or so ago I was hoping this was going to be a wedge in the proprietary data collection of companies like Google. After I caught on that it was basically just another data mine/repo I gave up hope as that means it can, if successful, later be bought by a company like Google. Since we're stuck with user data collection, it would of be nice to have a "open" data collection platform, or maybe I'm wrong and it would/will be yet another entity collecting data on you.

    5 0 Reply
    1. Robigus
      Reply Icon

      Re: Not a wedge, just a service :-(

      Perhaps if it's incorporated as a not-for-profit outfit (in the same manner as Signal operates in the U.S.) then it will keep it out of the hands of the perverts, as they can't buy it.

      2 2 Reply
      1. sev.monster
        Reply Icon

        Re: Not a wedge, just a service :-(

        Or... They could just not sell it?

        As hinted at by the article though, hopefully it will be open source so you can roll your own servers. Keep in mind that the ACME protocol and server technology that powers Let's Encrypt is all open, too.

        Maybe if I took the time I could check and see if it will be or not on their website or something, but that requires effort.

        8 0 Reply
      2. Anonymous Coward
        Reply Icon
        Anonymous Coward

        Re: Not a wedge, just a service :-(

        Last I checked, the Signal non-profit foundation was a funding vehicle for Quiet Riddle Ventures LLC, who hold the intellectual property rights to the Signal service and application.

        2 0 Reply
        1. John H Woods
          Reply Icon

          Re: Not a wedge, just a service :-(

          I'm not sure that's right - isn't Quiet Riddle Ventures LLC just their incorporated name?

          All of the software is open source IIRC so the IP is probably just names, logos and existing documentation.

          0 0 Reply
          1. Anonymous Coward
            Reply Icon
            Anonymous Coward

            Re: Not a wedge, just a service :-(

            > isn't Quiet Riddle Ventures LLC just their incorporated name?

            No it isn't, Quiet Riddle and a couple of other companies in Delaware and California far pre-date the foundation. It is all a matter of public record, same as Mike Benham's name change in 2017.

            > All of the software is open source IIRC

            That's neither here nor there. You can choose your licence precisely because you own the IP (this is a big subject with plenty of room for nitpicking, let's not go there).

            Forget the logos, documentation or even the software. What counts are the users. Why do you think that they don't let the application federate (i.e., work like phone or email, with multiple independent service providers talking to each other)?

            Oh, and forget about privacy too. You are perfectly traceable, as you would expect from using a phone number as ID. In fact, the architecture is much the same as the better known competitor, Whatsapp, and in legal (or otherwise) process your messages are accessed in exactly the same way: from your phone.

            1 0 Reply
  2. Flywheel
    WTF?

    Does anyone know how much Internet traffic is taken up just slurping and forwarding personal data? This is getting ridiculous!

    16 0 Reply
    1. Boothy
      Reply Icon

      I don't know about actual data volume, but my Pi-hole shows that currently, 28.1% of all my local (i.e. at home) DNS queries are being blocked, and other than 1 manual addition, that's using the default blocklists that came pre-configured with the Pi-hole.

      The vast majority of the blocks are to device-metrics-us.amazon.com (I have a couple of Alexa devices).

      In 2nd and 3rd place are a couple of blocked MS domains, combined these are still less than half of the above Amazon traffic! (One of these for some reason is an msn.com domain, why!?)

      In 4th place is my manual add, d3p8zr0ffa9t17.cloudfront.net, seems this is a fall back for Alexa devices if they can't get through to the above Amazon metrics domain.

      After this DNS blocked calls drop of rapidly, and cover things like Dropbox, other MS services (xxx.live.com etc), a sneaky browser plugin (presumably trying to monetise metrics) and so on.

      1 0 Reply
  3. bigtreeman

    deanonymising

    Meanwhile the other side of the coin is deanonymising.

    Even anonymised data is invading privacy, depending on how it is used.

    Just leave our data alone.

    Oh, except there's a buck to be made, so it's ok.

    No it isn't, so just feck off.

    8 1 Reply
    1. Dave 126 Silver badge
      Reply Icon

      Re: deanonymising

      >Even anonymised data is invading privacy, depending on how it is used.

      Anonymous data could be a sensor on a road for the valid purpose of determining traffic patterns and subsequent road planning. The sensor counts how many times it is squished by cars, and counts them. No identfying information is collected. Do you have a problem with this?

      Anonymous data covers a company knowing how many orders it has shipped out.

      I agree that data has been slurped too much in the last twenty years. However, we're likely to find better answers if we can have discussions about it.

      If we can agree that there is some level of aggregate, anonymous data that companies can use to better their offerings to us (otherwise a company might make a million red scarves when the market wants blue scarves ), and the means of keeping data anonymous can be mathematically proven, isn't that a path worth at least exploring? Perhaps it is possible to build into the system a way of providing under-resourced competitors with the same anonymised data, so they can compete on quality and price (and not just market intelligence).

      I might choose to do that. And why not? It's my data. If someone builds an infrastructure for me to conciously share data about myself that I believe will benefit myself and society, so much the better.

      Netflix doesn't share viewing figures. If I shared my Netflix viewing behaviour anomyinously, along with a thousand other people, to a new entrant in that market might it result in more content that I want to watch?

      8 2 Reply
      1. LDS Silver badge
        Reply Icon

        "could be a sensor on a road for the valid purpose of determining traffic patterns"

        And why it needs to check your plate, car model, number of passengers, destination, etc. etc.? That's what "telemetry" in any software does. Anonymized or not, people should always be able to opt-in. They got obsessed with the idea the need it so they could make the software "better" - I didn't see it still, I see worse and worse software. When you stop thinking about your product, and just think user data will tell you what the product should be, you get that.

        The same is true for TV. The show everybody wants to see it's probably a very bad and stupid one.

        2 0 Reply
        1. Dave 126 Silver badge
          Reply Icon

          Re: "could be a sensor on a road for the valid purpose of determining traffic patterns"

          > And why it needs to check your plate, car model, number of passengers, destination, etc. etc.?

          I was specifically referring to to the type of sensor on a road that is 'squished' by car tyres - it only counts how many times it is squished, and this is used as a proxy for how many cars pass by (I'm guessing by dividing by two). I deliberately chose an anonymous system that does not collect licence plate, number of passengers etc.

          1 1 Reply
        2. Dave 126 Silver badge
          Reply Icon

          Re: "could be a sensor on a road for the valid purpose of determining traffic patterns"

          > When you stop thinking about your product, and just think user data will tell you what the product should be, you get that.

          I have sympathy for that point of view, especially in the arts. However, were talking about products generally here. There are cases where having real data about how real people use products in the wild can lead to better products.

          An anonymous example? Company making Wotsits finds that 75% of units returned to retailers under warranty have a broken Thingy. Company redesigns the Wotsit MK II to have a thicker Thingy, or to use a more durable material to make the Thingy. It might turn out that the design of the Thingy was fine, but the suppliers of the Thingy had some production issues that led to weakened Thingys.

          0 1 Reply
          1. doublelayer Silver badge
            Reply Icon

            Re: "could be a sensor on a road for the valid purpose of determining traffic patterns"

            The only problem with that is that that's the argument every time someone decides they want more data, including extremely personal data. First argument is that it makes products better for me and I should be grateful that they're not charging me extra for that. Second argument says that it's not that invasive after all; it's just what someone could see if they looked over at me from across the road with an electron microscope. Third argument says that I have agreed to their data collection by consenting to their eighty-page user agreement, and if I didn't agree to that, I still consented by visiting their page, and if I didn't visit their page, then I consented by proxy by using a page which included their content, and if I tried to block their domains to prevent loading their content, then I consented because their content is important and they need to keep others' sites from breaking which is why they took so many expensive steps to include their content anyway and evade the most concerted efforts to stay away from it.

            Truly anonymous data collection, from a public place, using methods that would guarantee anonymity, is fine. For that reason, the example of a road pressure sensor is acceptable. Data collection from items that have been voluntarily relinquished to a different person is fine, so the returned product example is acceptable. My computer is not a public place. My computer was not given to someone else. This makes the collection of truly anonymous data very difficult. Even if it is entirely anonymous, there's still the issue of consent, which in many cases is not obtained. No matter how many nice and simple comparisons are made, they're still misleading and imprecise.

            1 0 Reply
          2. Inkey
            Reply Icon
            Holmes

            Re: "could be a sensor on a road for the valid purpose of determining traffic patterns"

            "An anonymous example? Company making Wotsits finds that 75% of units returned to retailers under warranty have a broken Thingy. Company redesigns the Wotsit MK II to have a thicker Thingy, or to use a more durable material to make Blahhhblahh..."

            I fail to see how collecting user data and having a metric for every bit of user involvement makes a better thing ... this could easily be cordinated between manufacturer and sales outlet...

            In fact if the product had been tested for its intended purpose it would be plainly obvious to even the janitor that said whotsit neended to be made more durable...

            A better example would be to make great products that sell themselves last long and dont cost the priverbial arm n leg .... do that and you wont need to sell users data to all sorts of bottom feeders and worse ... make the net a fekken joyless contrived shit cake with a ribbin it seems fast becoming...

            Your argument seems more like a marketing driod shtik about "great after sales" and "we care about your privacy" .... its like the emperiors new coat ...

            A new economy of data which adds no value to the user nor in most cases the the recipiant of all the slurp.... controll groups are more often than not cagey about what they really think of product x and just came for the bisciuts and doughnuts... and a third of them will be friends with marketing driod to help them flatter the client so they get repeat business...

            we have let people who make and create stuff all convince the people with stuff all between the ears that this is progress ...it's not

            Anonomisied it may be, open source potentialy... but it's more bandwidth more compute and more resource ... roll your own ... now you need another processor and someone to manage it and its another attack vector.... for what exactly "insight"..please

            National Geographic 42 cookies excluding whats termed legitimate interest and partners ...what insight could NG get from my single visit other than an interest in astronomy that would make the need for all of that slurp a benifit to me or their magazine

            At best it's amozon showing me products i have already bought at worst it's sold to fuckwit politicos intent on scaring history by inteligengce researchers

            who belive they can acurately gauge a populace's sentiment and droids who think the insights they get can be spun into a narative that paints a skewed version on reality that benifits niether the populace nor the creators of data...

            Someware in the middle big data has a fantastic benifit to the whole wide world.... but while it sits with wealthy shareholders whose only contribution is to use wealth in pursiut of ever more power its an unsastainable dead end!

            I feel bad for the folks who have do this sort of thing for a crust ...i do but it is what it is... just ask microshaft the OG of slurp ...are their products any better fuck no .... in fact i haven't used my M$ box in months cause it's to scary and stressfull... And i would tell them that.... all they had to do was ask!

            0 0 Reply
      2. Anonymous Coward
        Reply Icon
        Anonymous Coward

        Re: deanonymising

        My problem isn't the data collection per se. It's the lack of transparency and inability to access my own complete dataset.

        Figuring out a way to do that without de-anonymising yourself would be very interesting.

        Having it stored client side and only readable remotely if I permit it seems like a pipe dream.

        2 0 Reply
    2. EnviableOne Silver badge
      Reply Icon

      Re: deanonymising

      if it can be de-annonymised, it hasn't been properly anonymised in the first place.

      with some data sets, they are so small, or the number of indicators collected is so large, that you can identify an individual. like say a Specific Cancer type case statistics traced to Postcode level

      There are legitamate uses for bulk telemetry data, and they will drive product improvement, however, currently this data can be easily traced back to you, with this technology, it can't.

      0 0 Reply
  4. Claverhouse Silver badge
    Black Helicopters

    Stop Helping

    I still don't like being spied upon.

    5 0 Reply
  5. fidodogbreath Silver badge

    Your privacy is important to us

    The Internet Security Research Group (ISRG) has a plan to allow companies to collect information about how people are using their products while protecting the privacy of those generating the data.

    Hmm, where have we heard that before? Oh, that's right: every single privacy policy and TOS.

    1 0 Reply
    1. Dan 55 Silver badge
      Reply Icon

      Re: Your privacy is important to us

      You're right, everyone should stick with Google Analytics.

      3 0 Reply
      1. Anonymous Coward
        Reply Icon
        Anonymous Coward

        Re: everyone should stick with Google Analytics

        Indeed. It makes blocking it all the easier.

        Google is only after your data so that they can sell it and sling ads for totally useless shit at you.

        Google is not your friend. They are the enemy of privacy (or one of them)

        1 0 Reply
    2. John Robson Silver badge
      Reply Icon

      Re: Your privacy is important to us

      Whilst we have heard it before... I am for more open to the idea from an organisation such as LE than am from most others.

      Public code review and detailed analysis to follow I'm sure, bit it is a step in the correct direction.

      3 0 Reply
    3. Eric.R.
      Reply Icon

      Re: Your privacy is important to us

      hmm... I wonder if the ISRG needs to be audited, imagine another 2015 IETF debacle if any of those culprits were invo... hol'up...

      0 0 Reply
  6. StrangerHereMyself Silver badge

    Good idea, but...

    This is actually a very good idea, since I've been looking for a privacy focused alternative to Google-Analytics for years.

    There's only one but. If this finds traction the acquired information will become extremely valuable. And eventually pure greed will start to creep in.

    If you're sitting on a potential gold-mine whilst having trouble making ends meet it will become very tempting put your hand in the cookie-jar.

    So I'm very interested in their story on how they're going to prevent this.

    1 0 Reply
    1. bombastic bob Silver badge
      Reply Icon
      Devil

      Re: Good idea, but...

      how they're going to prevent this.

      don't log any personally identifying information - that'd be a good start. then assume that a single application's usage information might get duplicate entries, so some other means of transactioning (besides personally identifying info) would be needed. A reasonably long hash based on a user's info might do it. THAT kind of thing.

      Nione of this is hard, it just means setting it up so that the aggregate data can NOT be tied back to whoever or whatever generated it.

      Now I have to ask the OTHER data slurpers why THEY aren't doing it THIS way... since it IS _SO_ SIMPLE!!!

      1 0 Reply
  7. Anonymous Coward
    Anonymous Coward

    True colors, and of course it's Mozilla and co.

    Harbourers of known stooges market nifty way to extend data collection. Backdooring cryptography too hard and too obvious huh?

    I know, lets try the 'anonymised metrics' bamboozle, everyone forgets their data is being slurped when thats used, because yay PrIVacY.

    0 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like