Remember: I already referenced the exact android developer documentation which supported the experiment that I devised based on reading those documents (which told me exactly which services generated the AdID!).
As always, you reference absolutely nothing. This used to bother me.
Until I realized... a. You are afraid of facts b. You want Apple Marketing to save you from these facts c. They can't - because facts are facts (you thrive on Marketing lies).
Fact:
- It's trivially easy to completely eliminate the Advertising ID from an unrooted Android device (my test was on an S3 with Android 4.3).
Hypothesis:
- It's impossible to do the same privacy tweak on unrooted iOS.
I'm a scientist. I'm not afraid of facts.
Prove me wrong in that apple and android development document you so nebulously cite.
The only thing you've proven is that this ID is now not to be seen anywhere in any of the Android Settings dialogues. But that does not mean at all that it is gone from the system. You still don't understand the difference between data being present in the system and data being presented to a user.
Those steps are fine, just that they don't prove your claim at all.
Your conclusion is wrong (resp. cannot be based on your findings), and I pointed that out. Actually, that's what scientists do when reading other scientist's claims: Try to find weaknesses in them and point them out.
Which directly contradicts your 'conclusion' that it's completely gone from the system. So now you're pulling back on your claim.
Right, but not the point in question. You're changing subjects, again.
I provide what any good scientist provides: A fair criticism of the weaknesses of your claim. And I let the scientific community decide what they think of my findings. Actually, that's what's called 'scientific process'.
I don't need anything more to debunk your conclusion as 'not based on the given facts'.
At least as much as you are.
So here we go again: Once you've proven wrong (like we did time after time on numerous occasions) you start insulting people. That's definitively not the behavior of a scientist.
Nothing more to hold against that? It must really upset you...
Then why do you care? Just leave that part of my answer unanswered - but that wouldn't fit your need to be right on any occasion... ;-)
I do understand much more than you, including a lot about you. :-)
Then behave like one! And not like a kid, stomping your feet.
Like a good scientist I claimed (and gave reason for that claim) that your test is not suitable for basing your conclusion. *I* don't have to provide anything more, it's *you* who has to prove that your claim is still holding up, despite my well-founded criticism. If you knew anything about the scientific process, you would know that that's the way things work in the scientific community.
Oh, more insults. Is that all you have? Not even one of your 'well-founded' test results, not even one of your 'explain-all' screen shots? No? Poor you.
Let me make my point clear one more time: In your test you deleted the Google Play app. And I accept (without any problem) that you did so successfully.
However, that does not mean at all that any background services for the Google Play Services are gone just as well. Nor does that mean that any data they stored is actually gone from the system. Just one example how that could work: The Google Play Services may store the AdID somewhere in a general Android storage area (seeing how easy it is in Android for one process to get access to the data of another process, that's easily possible, even without pulling the card of 'Google can do things with system parts that apps wouldn't be allowed').
But you're claiming that by deleting the app all the data from the background service are gone just as well.
I don't need any, I just need to raise reasonable arguments that *you* have to show as false or as not applicable. Reminder: Insults are not an accepted way of proving your point right.
I don't need one. It's your experiment, you have to prove that it is a valid basis for your conclusion.
I don't need any proof. I only need to raise reasonable doubt. And I did. It's your task to dispel them.
Oh, come on. That's even below your standards...
And more insults...
Which is yet to be shown. By you, by the way, not by me.
I showed that your conclusion cannot be based on your experiment. That's all there is to do for my role in this discussion. Dispel that or bring up a test that really proves your conclusion. *That's* the way science works.
Please leave me out of this rag-tag gaggle of contributors. I have never in my life even held in my hand an iOS-configured object (no iGizmo of any sort, ever :-) !), so I hardly would qualify amongst "iOS apologists".
Nor have I ever indicated I "don't like" whatever "fact" it is you're ranting about above.
So please don't attribute to me what I've never even contemplated; thanks.
That's 'cuz I have no "need to say" things about what I know nothing about. In that regard I'm trying to set a good example; but it's not working :-{ .
Wow, and you claim to be a scientist, to think scientifically, to prove everything you say. Instead you're insulting others (who didn't give any reason for that), you're changing topics whenever you feel cornered, you repeat claims that were already refuted and debunked instead of arguing about them. But you wouldn't know how to sensibly argue, and if had a recipe for that lying in front of you - as you've proven here time after time.
You're nothing but laughing stock. Feel free to play that role even longer, feel free to play your silly little games even longer, feel free to think everybody but you is an idiot. But you'll have to do that without me from now on.
Even your Smartphone battery status is tracking your online browsing: Resistance is futile. So it capacitance and inductance. You will be conglomerated into the data mass.
--
Jeff Liebermann jeffl@cruzio.com
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558
You're many things, but sorry you're no scientist.
None of which tests your original hypothesis. Pointless exercise.
No. The traditional scientific method is you make an observation, develop a hypothesis based on the observation, design an experiment ideally to disprove your hypothesis, and then assess objectively whether the experiment had achieved your aim.
Nowadays you can also develop hypothesis free experiments, generally where your large amounts of data in an attempt to develop a hypothesis.
Good scientist are rarely categorical. That's a fact ;)
I've given up responding to the Apple Apologists who infest the iOS newsgroup, so, you're the only one I'm responding to. Not one of them provided a *single* valid datum (and we knew that from the start).
The iOS people can't comprehend actual *facts*. It's beyond their capabilities.
a. They bought on pure style, facts be damned b. They fear so much that Apple Marketing plays them like a fiddle c. IOS users "just give up", which is how they handle their AdID privacy
But on to your point...
I *understand* your sentiment that resistance is futile, and I even echoed that by stating that neither iOS nor Android is inherently more secure because it's like saying which leaks water faster, a steel garbage can peppered by buckshot or a plastic recycling bin peppered by buckshot.
However, with respect to *just* the advertising ID, the references I cited explained the program that generates it, and, wiping out that program wiped out the reference ID (as far as *anyone* can show) - so, at least on Android, the recycling bin has a few holes you *can* plug up.
On the far more primitively less tweakable iOS, you can't plug those holes, so, they exist, no matter what you do.
But, again, your point is valid that *both* platforms are so full of security holes that only people who actually believe everything that Apple Marketing spews forth would (falsely) feel more secure with one than with the other.
Regarding your reference ...
formatting link
It's interesting that Firefox calls the smartphone battery API in order to figure out your battery level, such that the battery level can be used for fingerprinting.
formatting link
It's also interesting that it's "slightly* less fingerprintable if you're
*not* connected to a charger.
This is interesting because panopticlick, last I checked, did not look at this information - but - perhaps should. (I keep a clean browser from fingerprinting.)
Also, when I look in App Ops Starter for the permissions granted Firefox, they entail only:
- Location (typically I turn this off)
- Modify clipboard
- Read clipboard
- Post notification
- Vibrate
- Modify settings
- Draw on top
- Camera
- Record audio
So, it's disappointing that App Ops Starter doesn't list that Firefox has access to the "Battery status" which is a *short-lived identifier*.
If Apps Ops Starter listed that short-lived identifier, we could simply turn off that access from within App Ops Starter.
As for protection against this fingerprinting threat, it would be nice if we can find an app that randomly adjusts the battery registers for the three battery parameters that are reported by the battery monitor API:
The current level of battery (from 0.00 to 1.0)
Time, in seconds, for the battery to discharge
Time, in seconds, for the battery to charge (only if connected)
I read a few related references, which don't specifically mention laptops:
formatting link
Do you think this Firefox battery-status fingerprinting also works for laptops?
The battery-status API privacy exploit works on multiple browsers and on multiple operating systems, including all the well known operating systems for both mobile devices and computers.
Setting the following "about:config" option in Firefox should prevent the exploit that Jeff kindly informed us about:
Change from: dom.battery.enabled;true Change to: dom.battery.enabled;false
I'm not sure where the user.js file is located on iOS or in Android, but on your computer desktops and laptops, it will be located in "about:profiles".
It seems it's "a little-known feature of the HTML5 specification" which Firefox, Opera and Chrome support and it was "introduced by the World Wide Web Consortium (W3C, the organisation that oversees the development of the web?s standards) in 2012".
Here's a quote from the first article:
formatting link
"The researchers point out that the information a website receives is surprisingly specific, containing the estimated time in seconds that the battery will take to fully discharge, as well the remaining battery capacity expressed as a percentage. "
"Worse still, on some platforms, the researchers found that it is possible to determine the maximum battery capacity of the device with enough queries, creating a semi-permanent metric to compare devices".
ElectronDepot website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.