If You're Connected, Apple Collects Your Data 313
fyngyrz (762201) writes It would seem that no matter how you configure Yosemite, Apple is listening. Keeping in mind that this is only what's been discovered so far, and given what's known to be going on, it's not unthinkable that more is as well. Should users just sit back and accept this as the new normal? It will be interesting to see if these discoveries result in an outcry, or not. Is it worse than the data collection recently reported in a test version of Windows?
Yay :D (Score:5, Funny)
2015 will the the year of Desktop Linux!
Re:Yay :D (Score:5, Interesting)
Yeah, it should be opt-in. At the very least, opt-out.
Re: (Score:3, Informative)
except you can turn it all off. I have. Yosemite still works as it should. I just lose some safari and spotlight options
Re: (Score:2)
What do you lose in Safari and Spotlight?
Re: (Score:3)
the suggestions. the spotlight suggestions that you see in the spotlight window and also in the safari url bar.
Re:Yay :D (Score:5, Interesting)
In TFA, the author claims he did turn stuff off. Have you run a network sniffer to watch your computer's behavior, or are you trusting that "off" means off.
Re: Yay :D (Score:2)
Re: Yay :D (Score:5, Insightful)
Re: (Score:3)
If you don't trust an OS vendor, isn't using a network monitoring tool on a different host entirely, with physical access to the wire, pretty much the only way to go? If they were so motivated, the OS would basically be a rootkit with device drivers and a userspace API...
Put the host to be inspected on a secured wireless network, then use another host on the same network to sniff wireless packets. That works too.
Re: Yay :D (Score:3)
That's completely true, but if you're mostly concerned with third party apps phoning home, a local application like Little Snitch works well enough. Using it to get (at least for now) a decent view of how system processes are communicating is just gravy.
The fact that Little Snitch (which uses a kernel module to put itself into the flow of traffic) is capable of blocking OS traffic and sometimes borking system processes in ways that their logs indicate is unexpected shows that, at least for now, Apple probab
Re:Yay :D (Score:4, Informative)
Re:Yay :D (Score:5, Informative)
TFA specifically notes that the behavior described was observed with all visible 'privacy' settings adjusted. Presumably the story is even cheerier if those aren't switched off.
He only disabled Spotlight Suggestions in the Spotlight preferences, he did not disable it for Safari, which is in the Safari preferences, right next to the search engine preference.
(Because you may not want Spotlight sending strings to Apple when searching for files on the computer, but you may not care if you are only searching the internets via safari).
Re:Yay :D (Score:4, Interesting)
Yeah, it should be opt-in. At the very least, opt-out.
The challenge is that it will skew the statistics.
Collecting anonymized UI instrumentation data doesn't really have privacy concerns, other than revealing your OS.
However, whether you choose to opt-in or opt-out says something about you that may very well be closely connected to other behavior traits that affect your usage of the user interface --- such as whether you prefer GUI or CLI, how much computer/Linux expertise you have, how comfortable you are editing text-based config files, etc.
I personally believe that the more experienced computer users are likely to have acquired more skepticism surrounding software vendors, and users who are more ignorant are also likely to be more trusting of the marketing message, resulting in skewed data due to selection bias: in other words, less useful data which mostly only reflects a segment of the audience.
Re:Yay :D (Score:5, Insightful)
There is a distinction in how you interact with a browser, and the actual content of your searches. Blurring this line is pretty ugly. Apple needs to know stuff like: The user clicked in the search field, typed stuff, and then because of a 60s delay in executing the search, probably couldn't see or understand the search icon, and clearly didn't know to press return (or the phone rang). To get this, Apple doesn't need to know what the person typed. But if that is the claim -- the need to know what is typed -- why not just enable the video camera and microphone too -- that would make it easier to figure out if the person is having problems with the Safari interface, or just answering a text on his phone. I'm guessing people would be sort of grossed out by that, but it fits right in with what you say they need, so why not go total surveillance?
Re: (Score:3)
To get this, Apple doesn't need to know what the person typed.
Correct... for browser GUI design Apple doesn't need to know what they were looking for.
It would be the search engine provider who needs to know what the user typed, and based on what they clicked --- if they found what they were looking for, and which result they found most relevant.
But the search engine provider doesn't need access to other information like what brand of mouse they were using, or which particular search box the user uti
Re:Yay :D (Score:5, Interesting)
Enabling the video camera or microphone [c2.com] won't actually help. You'd need both to determine if the user was actually using their phone, and the processing cost needed to perform that kind of recognition on a large scale would be so ridiculously expensive that it would undermine any additional benefit from the research.
Statistically, a user waiting 60 seconds before searching is uninteresting. It's an outlier, so the developers really don't care what happened. Far more useful would be an observation that 75% of users use the center enter key to submit queries, 20% use the mouse, and 5% use the enter key on the numeric keypad, combined with an observation that 80% of mouse users move the cursor around after a period of inactivity before clicking. To a design team, that means that the users' attention has shifted to typing, and they've forgotten where the mouse is. Perhaps the mouse should highlight in some way when it first moves...
Similarly, the actual content of searches doesn't matter from a UI perspective. If you're having trouble searching for something, it doesn't matter if you're looking for instructions to knit a sweater for a kitten, or the mixture used in the Oklahoma City bombing. On the other hand, the exact search text is useful to the folks developing the search engine, so they can put the most relevant results at the top of the list. Of course, the search engine team doesn't care about how long it takes the user to find their mouse cursor.
This leads to one of the most entertaining aspects of the whole privacy debate. Gathering data is easy, but proper anonymizing is hard. Practically speaking, the analysis of the gathered data is often easier than ensuring that data is anonymous. For example, there are certain combinations of ZIP code and state that identify as few as 30 people within the continental United States, so any data set that includes both ZIP code and state is probably not sufficiently anonymous. It's far easier to simply collect only what's needed for a particular team, and make sure nothing else can be connected to that record. One database records that somebody searched for "geriatric german grandmas spanking spanish men", and another knows that user submitted a search with a mouse, and perhaps another knows that the user is located in western Iowa. With no way to connect the records, the business need is fulfilled and the user's privacy is effectively safe... but the legal disclosure will still simply say that the company collects all those things, stirring up a nice panic.
It is opt-out in OSX. (Score:3)
So...we all done here?
Re:It is opt-out in OSX. (Score:5, Informative)
From the article:
So even though it is presented as opt-out, it apparently isn't actually opt out.
I've noticed the same thing. With all of the "privacy" related options enabled, there is still a great deal of chatting with Apple servers. I'm seeing this with Little Snitch.
Re: (Score:3)
I've noticed the same thing. With all of the "privacy" related options enabled, there is still a great deal of chatting with Apple servers.
I would say it's naughty of Apple to provide opt-out options and communicate anyways. It would be better for them to just display a notification that you won't be able to opt-out, except by returning the computer or downgrading back to Mavericks.
If they offer a privacy opt-out that claims to stop communications with Apple, and you check it, and the software still c
Re:It is opt-out in OSX. (Score:5, Interesting)
Considering that the Feds probably get a copy of everything they gather in the first place, I can hardly see them fining Apple for doing their work for them! The very idea of Apple turning all this data over to the Feds for "disposal" is utterly ludicrous. There may still yet be some areas of the US government that work for the people, but the DOJ and Intelligence agencies are clearly serving one interest: their own.
Re:Yay :D (Score:5, Informative)
Re: (Score:3)
Yes, just like that one. But preferably one that actually stops the system from sending data back to Apple.
Re: (Score:3)
Re: (Score:2, Insightful)
You mean like Windows 8 had a competitive edge because of all the improvements with the UI?
UI experts are notoriously bad at creating a good UI. They're trying too hard to find a reason for their jobs and they end up trying to fix things which are not broken.
Yes, worse (Score:4, Insightful)
Of course it's much worse than the data collection from a "technical preview". It's whole purpose is to discover how people use the damn thing and you sign up to be a guinea-pig in exchange for getting the advanced access.
However, it's "to be expected" from Apple. You don't own their phones or laptops, they own you.
That's absurd, aim your hate cannon elsewhere. (Score:5, Insightful)
Apple has an excellent track record on privacy issues. Not because they are super nice people, but because that's not their business model.
They don't make money by selling user information to third parties or by selling ads, they make money by selling actual physical objects to end-consumers. I'm not sure what you mean by "it's to be expected from Apple", but I'm pretty sure you just made that up because you don't like Apple's customers (probably because you met somebody who likes Apple products who has a more expensive haircut than you).
Re:That's absurd, aim your hate cannon elsewhere. (Score:5, Informative)
They don't make money by selling user information to third parties or by selling ads,
Funny, Apple has this thing called iAd [wikipedia.org] where you pay Apple to place targeted ads, and it's currently being sued for selling user info to 3rd parties [rt.com]. Are these activities Apple's primary revenue model? No, but they are part of the revenue stream nevertheless.
Re:That's absurd, aim your hate cannon elsewhere. (Score:5, Informative)
They don't make money by selling user information to third parties or by selling ads,
Funny, Apple has this thing called iAd [wikipedia.org] where you pay Apple to place targeted ads, and it's currently being sued for selling user info to 3rd parties [rt.com]. Are these activities Apple's primary revenue model? No, but they are part of the revenue stream nevertheless.
iAd is only for iOS Devices (not Yosemite) and your second link is extremely misleading. They're being sued for asking customers that purchase high priced items for their zip code as an additional form of data to verify with the credit card processor to prevent fraudulent transactions. Maybe merchants that have a high amount of fraud do this type of verification.
Re:That's absurd, aim your hate cannon elsewhere. (Score:5, Informative)
Re: (Score:2)
TFA is about Yosemite's collection.
And the people that sued Apple tend to just sue companies over the Zip issue [bigclassaction.com] hoping for a payout. But previous courts have found that asking for the ZIP code before purchase does not constitute personally identifiable information not associated with the credit card transaction. (It's wrong if they ask for the ZIP after the transaction has been completed, but not before)
Re:That's absurd, aim your hate cannon elsewhere. (Score:5, Informative)
Agreed, they have a very good track record but...
They don't make money by selling user information to third parties or by selling ads
Huh? http://advertising.apple.com/ [apple.com]
Sure, it's not their main cash cow, but they do sell ads, with targeting and analytics.
Re:That's absurd, aim your hate cannon elsewhere. (Score:4, Informative)
What Apple applications embed iAds?
Hint: none
When you pay for an Apple product they don't spy on you.
Nothing referenced in the github site shows otherwise as best as I can tell. Everything they've listed has logical reasons. For example, the email domain is sent to apple to see if Apple has the mail server info registered with them, in which case the server (at Apple) responds with all the setup info so you don't have to fill in host names, ports and server types, ect. It's a useful feature and part of the "it just works" magic.
Yes, they do offer a service to developers, but they don't use it themselves in any app I'm aware of.
Re: (Score:3, Insightful)
They don't make money by selling user information to third parties or by selling ads
Sure, it's not their main cash cow, but they do sell ads, with targeting and analytics.
Yes, they do offer a service to developers, but they don't use it themselves in any app I'm aware of.
Moving the goalposts is a logical fallacy commonly employed by fanboys (or in this case, iFanboys) who know full well that a claim which casts their favorite thing in a bad light is true. And the stated claim is true. You've only proven your iFanboy nature with your above comment. Thanks, though, for proving that Apple fans have to fall back on lies and deception in order to seem like they have a point. Even as stated, your words are false. When you pay for an Apple product (a piece of hardware running iOS)
Re: (Score:2)
Apple has an excellent track record on privacy issues. Not because they are super nice people, but because that's not their business model.
Or because Apple hasn't (acknowledged that they have) been hacked yet.
Re: (Score:2)
Re:That's absurd, aim your hate cannon elsewhere. (Score:4, Informative)
Yes - and they didn't (acknowledge that) they had actually been *hacked*. But that the celebs in question had either had their account details phished, or their 'security questions' guessed.
This is most certainly *not* the same as icloud being hacked.
I mean, perhaps they were hacked, and are currently lying about it. Possibly - who knows? Does seem a bit unlikely though, given the difficulty of hacking large security systems vs. the relative ease of phishing and guessing the answers to public figure's security questions.
Re:That's absurd, aim your hate cannon elsewhere. (Score:4, Interesting)
People love to hate Apple. It's a thing. Also, is there any evidence this data is not anonymised by Apple?
'Anonymised' is mostly a weasel word. It isn't always impossible; but the more interesting the dataset is, the more likely it is that there's a clever re-identification attack with good odds of success. If you are serious about preventing those, you tend to have to nuke the data so hard that they aren't of much interest anymore.
Unless robustly demonstrated to the contrary, it's an essentially worthless claim.
Re: (Score:2)
then you must love the company that finally pushed record labels to abandon DRM.
Re: (Score:2)
Re:Yes, worse (Score:5, Informative)
The Windows one is not even a privacy wrong, it is more an example of the right way to do it. You are signing up to provide them feedback, they state it when you download it to install, it is part of the conditions.
Re: (Score:2)
Except that the /. article discusses Windows, making comparisons between Windows and OSX on this topic on-topic by definition.
Re: (Score:2)
Sure. But it's in the item that started every thread in this discussion, so by definition, it's on-topic anywhere in this /. article, being downstream of the incendiary comment.
Re: (Score:3, Funny)
Putting something nefarious in the fine print does not mean that something nefarious is not going on.
Mac is for work only (Score:3)
That why I just use my Mac for work, and everything elses on my Linux box.
Of course it's worse (Score:5, Insightful)
Microsoft is testing a release candidate and is informing users of what they're monitoring.
So far no one has complained about onerous licensing agreements with Yosemite, which seems to imply that Apple is not informing users about it.
Until Microsoft has a production release, it's not even fair to compare the two.
Re: (Score:2)
Until Microsoft has a production release, it's not even fair to compare the two.
Agreed. Not to use the old joke, but in this case comparing a pre-release beta build to a finished, released product is an apples to oranges comparison (or maybe apples to lemons would be more appropriate).
Should they? (Score:2)
Doesn't look like much (Score:2, Informative)
So lets see, they have 3 cases of "tracking" here.
1) A tracking cookie gets set on apple.com, subsequent loads of apple.com send the cookie to the server [closed: behaves correctly] - this is exactly how cookies are meant to work. The only possible issue here is that there appears to be a bug that all applications using some API to load the URL (I'd bet on NSURLConnection) are sharing the same cookies
2) When you search for something in Apple's browser, it contact's Apple's server and asks it what types of
Re:Doesn't look like much (Score:5, Insightful)
I think I understand -- you are saying the software operates as designed, so no problems here.
I think what you aren't getting is that the way the software is designed is what ticks off people who care about their privacy.
Seriously, why should mail.app inform apple that I set up an account randomMailHost.com? That the software does leads you to write [closed: behaves correctly]. This is not at all "correct" from many users' points of view -- you should use a phrase that is more factual and uses words with less judgment involved, for example: [closed: behaves as _designed_ (and if you don't like the design, suck it)].
Re: (Score:2, Informative)
Seriously, why should mail.app inform apple that I set up an account randomMailHost.com?
Mail.app should do that because apple will then send back "oh, randomMailHost.com's smtp server is at smtp.randomMailHost.com, and it's imap server is at imap6.subdomain.randomMailHostcom, you should log into it with the full email address, not just the bit before the at sign". That's extremely useful. As long as Apple is not then storing that randomMailHost.com is associated with a particular user - then there's no issue at all.
Re: (Score:3)
As long as Apple is not then storing that randomMailHost.com is associated with a particular user - then there's no issue at all.
As a NSA agent for example. it wouldnt be useful to check with apple all the internet searches person of interest has conducted and while it might be disapointing that apple does not have his email on file and contacts they do at least know his email account with another provider and may be able to give login credentials for that service even if its outside of us juristiction.
sounds paranoid until you consider what edward snowden has said already.
Whose job is it to know that? (Score:2)
Why is Apple even responsible for tracking that kind of information?
Can I sue them if they get it wrong, rendering my mail client unable to connect to the correct server (or revealing my credentials to a third party) because it followed their instructions instead of mine? No, that wasn't a typo, but thank you for redirecting my login credentials to the wrong server, which then stole them and used them...
no, its not good thou (Score:2, Insightful)
Seems Apples picking up searches from safari, even when told not too.
microsoft decided to log all your key strokes. Both experiences are negative but the later situation seems worse although niether are acceptable why should safari be sending "where to bury the body" back to apple, perhaps they have been "asked" for this information.
Re:no, its not good thou (Score:5, Informative)
Even if you change search engines in safari, it doesn't disable Spotlight suggestions in Safari. That's a separate checkbox in the Search tab in the Safari preferences. (There are a bunch of options in the Search preferences in Safari)
Re: (Score:3)
if you ask siri where to bury the body, she needs to go back to the apple servers to get the info.
Re: (Score:2)
microsoft decided to log all your key strokes.
Microsoft released a testing product to gauge user interaction. The normal ways companies do this is ask users to sit and use a product and stand behind them watching their every move. No. The latter situation is not worse. If you don't want to participate in a testing release, then don't participate. It is completely expected that they log keystrokes, and though no one has mentioned it I wouldn't be surprised if they log mouse travel too.
ET Phone home (Score:4, Interesting)
Friends with wireless access and iphones coming to my place seem to be phoning home in some way.
I detected apple trying to connect to some UDP ports on my router only when those iphones were around.
Re: (Score:2)
Same here. I've been using that "feature" to check how long the maid stays when she comes by to do weekly housekeeping.
Now I know how she can afford an iPhone, she charges for 3h but stays 2h!
Re: (Score:2)
If Apple itself wanted to upload data more stealthily, there is absolutely nothing to stop them - just wait until the next time you initiate a connection with apple.com, such as a software update. Devices are so connected now, with no real internal partitioning of data, it is all purely on the honor system (except the ToS generally say they can and will do whatever they want anyways!)
System Preferences - Security & Privacy (Score:4, Informative)
So just out of ideal thought.... This wouldn't have anything to do with the settings clearly available for adjustment within the System Preferences -> Security & Privacy pane and then select the "Privacy" tab. Inside there you see a lot of clearly defined options for opting in or out of various settings:
Location Services: Enable/Disable as a whole; Disable by specific user allowed apps
Contacts: Allow/Disallow apps chosen by user to use your contacts
Calendars: Allow/Disallow apps chosen by user to use your calendars
Reminders: Allow/Disallow apps chosen by user
Accessibility: Allow/Disallow apps chosen by user to control the computer
Diagnostics & Usage: Allow/Disallow "Send diagnostic & usage data to Apple" as well as Allow/Disallow "Share crash data with app developers"
Seems pretty obvious to me and very easy to find and adjust settings as desired by each user. Apple even goes a step further and within the "Diagnostics & Usage" option they have a button titled "About Diagnostics & Privacy" that provides the following information:
Benefits and safeguards (Score:4, Insightful)
For most users, complete privacy from all internet services is not an option. When you enter a query into a search engine, you are providing the server with knowledge of your often very private interests. Your IP address and cookies make it easy for anyone determined to discover your identity as a person.
So the first question is, do you directly benefit from your personal information being collected and retained? In case of a search query, collecting it for the purpose of showing search results is obviously necessary. Long term retention in the form that can be traced back to you is murky. Forwarding it to Apple seems unnecessary and I hope that the company provides an explanation.
As far as safeguards go, it's reasonable that available information is provided to authorities with a subpoena which is narrowed down to minimum required for investigation. Like a list of queries with specific, obviously incriminating keywords made in the last month.
But the notion of complete anonymity is about as practical for most people as living in the cabin in the woods. As a matter of principal, I don't think either should be made illegal. But most people will not be happy with the results, and most crooks will be too dumb to follow these lifestyles so strictly that they don't slip up and get caught.
Re:Benefits and safeguards (Score:4, Interesting)
That's why I carry a Linux TAILS bootable SD card in my wallet. Portable peace of mind.
The driving force to open source? (Score:2)
Re: (Score:3)
I don't think the command line is an issue. I don't think instructing a user to open a terminal and issue commands is any harder than having them open regedit and add obscure keys.
The really sweet spot is a well designed GUI configuration utility which allows you to generate approriate command line scripts to allow the configuration to be duplicated. Unfortunately, this is rare in the Unix world and non-existent in Windows.
Compared to GUIs, command line interfaces are stable. I am still using command
Where are teh sditors? (Score:2)
Windows is a TEST VERSION...MS talked loudly and publicly about the data collection and said it was for troubleshooting and optimization and that it will be ripped out of the final bits...Apple is doing this sneakily and for no clear benefit to the end user or the community of users as a whole.
The last line of this summery is just flame bate...Editors, please edit these things!
Re: (Score:2)
The Editor did edit the submission -- to add the flame-bait!
And will they fix Yosemite as a result? (Score:2)
In other words, assuming the data is being collected in order to improve the OS, will they actually be able to analyze this huge amount of data and come up with actual fixes?
I'm asking because my past experience as an OSX user is that there is a massive amount of garbage warnings and errors in the OS's system logs, which never seem to get fixed (and that's kinda annoying). You would think that they would analyze the data and fix those issues, being the "thorough" and "detail oriented" people they purport to
It doesn't matter (Score:3)
It doesn't matter if they sit back and accept it or not... it *IS* the new normal.
Of course, it is much easier to live in a reality where you believe what makes you happier about living in the first place... so the desire to want to resist this sort of thing is entirely normal.
Should users just sit back and accept this...? (Score:2)
It doesn't matter. Enough of them already have, so that the rest have no choice if they want to use Apple products.
Is this worse than Win10 Test? (Score:3)
Indubitably. Win10 Test is a product demo. So Microsoft is going to monitor it in a way that would be unfeasible for a shipping OS. They're trying to collect user data to make sure people are using Win10 the way they THINK people are going to use it. This is a byproduct of the Windows 8 metro/modern UI fiasco. If they don't disable/remove this level of monitoring when the OS ships, corporate customers will simply opt not to run with the OS...AGAIN.
Seriously, NO company that's in ANY way serious about security is going to put up with a built in keylogger that's reporting back to MommySoft.
Apple is doing the same thing with a live, shipping OS. Which is completely fucking heinous.
Now, will they get away with it?
Probably, because the rabid, turtleneck-and-jeans brigade of Mac fanatics will buy absolutely ANYTHING from Apple, so long as it has the Apple logo on it.
It's because they care! (Score:3)
What kind of antisocial fiend would blame Apple for wanting to play a role in customer's lives? After all, isn't that sort of why Apple people buy Apple in the first place, the need to belong, to be involved in something bigger than themselves? You know: every sparrow, etc, etc.
Comment removed (Score:4, Informative)
Apple just made a big legal mistake. (Score:5, Interesting)
Sending the content of every search request to Apple? Notifying Apple if the user sets up a non-Apple email account? That's a blatant violation of the Computer Fraud and Abuse Act unless Apple properly discloses that up front and gets the user's consent.
Apple didn't do that.
The EULA for MacOS [apple.com] isn't on line [apple.com] on Apple's own site. This matters. It violates the FTC's "clear and conspicuous" rule on disclosures. It's just like bundling spyware, which the FTC and state attorneys general have routinely hammered vendors for trying.
This puts Apple in the uncomfortable position Sony was in when they put a root kit on an audio CD. [wikipedia.org]
Honestly... (Score:3)
Re:If you want results from the web (Score:5, Insightful)
um no.
you didn't read the link the string was sent to duck duck go and also sent to apple there is no need for the search string to go to both.
if the user was using apple to search then of course the search string should go to apple but if its sent to google then it shouldn't go to apple as well.
Re:If you want results from the web (Score:5, Informative)
Oh, I read it. But you didn't read my response to your other comment, which was,
Searching maps is part of Spotlight suggestions
Re: (Score:2)
They specifically said they turned off Spotlight suggestions.
Even if that were not so, changing search engine should never mean you have to find another configuration option to turn off the old search engine. That's just wrong.
This is actually my only issue. It seems many of the things they found in TFGHR have a legit uses, but if you turn it off, then it should be off.
Re:If you want results from the web (Score:5, Informative)
They specifically said they turned off Spotlight suggestions.
No, he said he turned off Spotlight suggestions in Spotlight. Not Spotlight suggestions in Safari. (Because you may not want Spotlight sending strings to Apple when searching for files on the computer, but you may not care if you are only searching the internets via safari).
Even if that were not so, changing search engine should never mean you have to find another configuration option to turn off the old search engine. That's just wrong.
It's in the same window [dropbox.com]!
Re: (Score:2)
Thanks for the screenshot. It explains what you're saying better.
Still, do you think that they changed the search engine, left all those options for smart search on, then went to the OS setting for spotlight and turned that off, then sounded the alarm? Would seem a bit like manufactured outrage to me, but I suppose it's not impossible.
If those options were actually left on, then is a very non-story (at least that part)
Re: (Score:3)
Still, do you think that they changed the search engine, left all those options for smart search on, then went to the OS setting for spotlight and turned that off, then sounded the alarm? Would seem a bit like manufactured outrage to me, but I suppose it's not impossible.
Yes, yes, that is what I think Landon did.
Re: (Score:2)
Re: (Score:3)
He turned off Spotlight suggestions for Spotlight, not Spotlight suggestions in Safari.
(Because you may not want Spotlight sending strings to Apple when searching for files on the computer, but you may not care if you are only searching the internets via safari).
Re: (Score:2)
He turned off Spotlight suggestions for Spotlight, not Spotlight suggestions in Safari.
I see. What you said was similar enough to TFA that a brief reading made me think you were saying the same things.
So I stand corrected.
Still, this one should be tested. Does it send a string when Spotlight Suggestions are turned off in Safari as well? We won't know until somebody tries it.
Also, the s_vi issue is very troubling.
Re: (Score:2)
Still, this one should be tested. Does it send a string when Spotlight Suggestions are turned off in Safari as well? We won't know until somebody tries it.
No, it does not.
Re: (Score:2)
Re: (Score:2)
He said he'll update the TFA tomorrow with the correct information.
Re: (Score:2)
Re:If you want results from the web (Score:4, Insightful)
From TFA:
Or why when setting up an email account does the mail app send the domain name you enter to apple?
I say all this as a person who has been using mac laptops for the last 9 or 10 years. I'm obviously not an apple hater but this seriously makes me question whether I'll buy another one. It's a pretty astounding intrusion demonstrating some rather staggering hubris.
Re:If you want results from the web (Score:4, Informative)
Or why when setting up an email account does the mail app send the domain name you enter to apple?
It's part of the automatic configuration settings. When you first set up a new email address using "Add other Mail Account" in Mail.app, it just asks your for your name, email address, and the password for the account. It then sends the domain to Apple to get the imap/pop3/smtp servers and other configuration information for that domain, if it is available, so the user doesn't have to enter them all separately. It's part of a good UI.
Re:If you want results from the web (Score:5, Interesting)
Are you joking? Why not have the local program test the server itself with the usual prefixes for mail servers? Then the local app can try the usual ports for SSL. Then it can tell the user the results. After a failure, it could even say, "hey, that server isn't responding to the usual requests, would you like me to check with Apple to see if there is something special about it and Apple knows that secret sauce?"
Do you want to tell me with a straight face that this interaction could not be programmed into a local application that sends nothing to Apple (except by express request on the user's part)? That this interaction is so amazingly hard, it has to be done remotely on a bank Apple's servers?
Re:If you want results from the web (Score:4, Insightful)
Because then you are sending a lot of requests to random domains that may not be designed to handle the traffic? And a lot, a hell of a lot of mail servers out there for common email services use legacy mail servers not related to the domain of the email address (because the mail servers were set up before that particular email domain became popular).
Super quick example, if you have a @windowslive.com email address, the IMAP server is imap-mail.outlook.com. The Exchange ActiveSync server is s.outlook.com. Neither one would be found but your suggestion of randomly hitting subdomains.
There is actually an included list of common Mail Servers and common mail configurations. Mail.app only sends the domain when the domain is not on the list or the configuration fails. It also means that if enough users look for a domain, Apple can immediately include the information without waiting for an update.
Have you ever done tech support for email problems before? It's a nightmare. Anything to help the user is best.
Re: (Score:3)
That would require an even bigger violation. They would have to have the client send the actual configuration to Apple as well so they can have the data. Not all businesses would appreciate that.
I'm not so sure - most email providers provide all this information on their web pages anyway. Unless you are suggesting that Apple's mail client is waiting for people to manually set up some email and then sending that information to Apple for use by future users, I don't see any problem for Apple to notice that they are getting lots of requests for email accounts at "someplace.com" and then someone at Apple looking up setup info for someplace.com and pushing that data out to users as needed.
While this typ
Re: (Score:2)
Or why when setting up an email account does the mail app send the domain name you enter to apple?
I don't know for sure, but when you set up an email account, based on the address you supply, the Mac does try to auto configure stuff for a wide range of popular email services. I'm guessing it's probably sending off the address to search for that auto configuration information.
Re: (Score:2)
a reasonable explanation was posted elsewhere - apple maintains configuration profiles for certain web addresses, and perhaps it's uploading the account address to see if they have a configuration profile for it.
Re: (Score:2)
"Or why when setting up an email account does the mail app send the domain name you enter to apple?"
It's so that IF your domain is one that is known to Apple, they can reply back with the correct IMAP and SMTP server settings, allowing you to not have to enter those things. If you are in a big company, or use a very popular email provider, this is a help if Apple happens to know the correct settings for your domain. If you are in a small company, not so much. But there's nothing sinister about it.
Re: (Score:2)
It is not on by default. It's an option shown in the setup assistant. Shown after you first install Yosemite. The option in the setup assistant then sets those options in the Security prefpane. I'm not sure why Siracusa said they are on by default. Maybe since he's been using the beta for so long (since June), he forgot the option was in the Setup Assistant (since the Setup assistant is only shown on first major upgrade)
Re: IP addresses (Score:5, Informative)
MS only phones home if there is no driver (or a generic universal driver with only the most basic functionality) locally. It does that to get the driver that will allow best performance. You can turn it off it it makes a difference to you...
Re: (Score:2)
is it a hypocrite to take private nudes of yourself but not want to be naked in front of america on the movie screen? it sounds like both are defensible.
Re: (Score:2)
Some are indeed bad, like the streaming of Safari/Spotlight chars to Apple with suggestions turned off.
It does not stream the chars to Apple if the option is off, Landon just forgot to disable the option in Safari and Spotlight.
Re: (Score:2)