Re: Security!=privacy
Let me try and give a balanced response here and provide some examples that might clarify some misunderstandings. There are a number of issues in the post related to both security and privacy, sometimes at odds with each other and sometimes complimentary. For example, it would be reasonable to say that the lack of transport layer security is a risk to both; credentials are at risk of being exposed to eavesdroppers and without TLS, you have no assurance the site you think you're talking to is legitimate. A strong TLS implementation is beneficial to both and detrimental to neither.
In terms of PayPal, of course the original article does refer to fraud protection and it also refers to how we seem to be able to survive in browser world without access to this device info. What I suspect you don't appreciate with regards to privacy is the difference between the data attributes we willingly provide (you've listed some good examples), versus those obtained without our knowledge. People get understandably edgy when they realise information about their private network environment is surreptitiously siphoned off, we saw the resulting outrage when Google was doing this.
Regardless of which observations you bucket into which category, the fact remains that each of these three apps behaves in ways that most users were not expecting and handles data in ways they would not normally consciously opt into. That mobile apps can do so indiscreetly compared to their browser-based equivalents is the heart of the story.
Biting the hand that feeds IT
