Scanning apps, off the record

 Posted on September 28, 2022  |  Hans-Christoph Steiner

Smart phones have brought us so many wonderful capabilities. They let people around the world access vast realms of information. They let app developers solve problems large and small in a way most relevent to their local context. They are personal computers for the world. They also have given surveillance capitalism an unprecedented reach into everyone’s lives. Repressive governments use them in ways that the East German Stasi secret police could only have dreamed of. [Read More]
Android  F-Droid  GitLab  issuebot  metadata  privacy  The Search for Ethical Apps  Tracking the Trackers 

The Search for Ethical Apps: Let's start with governments

 Posted on September 1, 2022  |  Hans-Christoph Steiner

Governments across the world are moving services to mobile apps. The vast majority of these apps are only available in the Google Play store or in the Apple App store. Installing apps from these services requires users to agree to their terms of service. This means governments require their citizens to sign opaque and privacy invading contracts with foreign Big Tech in order to use digital services. This feeds ever more into Big Tech data control, filtering, and information bubbles. [Read More]
Android  apkeep  EFF  Exodus Privacy  F-Droid  ITUJ  LfDI-BW  metadata  mobilsicher  NGI0-discovery  NLnet  Pithus  privacy  TechLore Plexus  The Search for Ethical Apps  tracking  Tracking-the-Trackers 

Usability: the wonderful, powerful idea that betrayed us

 Posted on February 18, 2021  |  Hans-Christoph Steiner

Usability triggered a revolution in computing, taking arcane number crunching machines and making them essential tools in so many human endeavors, even those that have little to do with mathematics. It turned the traditional design approach on its head. Initially, experts first built a system then trained users to follow it. User experience design starts with goals, observes how people actually think and act in the relevant context, then designs around those observations, and tests with users to ensure it fits the users’ understanding. [Read More]
analytics  Clean Insights  privacy  surveillance capitalism  tracking  Tracking the Trackers  usability 

Clean Insights: February 2021 Update on Privacy-Preserving Measurement

 Posted on February 10, 2021  |  Nathan (n8fr8)

Greetings, all. I hope this finds you healthy and well, finding ways to enjoy the season (whichever it may be). While everyday still provides new challenges in the life of our team at Guardian Project, we continue to strive to be productive as productive as we can be in our professional and personal lives. I’ve just posted an updated presentation on Clean Insights, reflecting on the symposium in May, and the work we have done since then. [Read More]
tracking  Clean Insights  IETF  Tracking the Trackers  developers  metrics  analytics  sdks 

New Data Sources: API Key Identifiers and BroadcastReceiver Declarations

 Posted on December 15, 2020  |  Hans-Christoph Steiner

A central focus of the Tracking the Trackers project has been to find simple ways to detect whether a given Android APK app file contains code which tracks the user. The ideal scenario is a simple program that can scan the APK and tell a non-technical user whether it contains trackers, but as decades of experience with anti-virus and malware scanners have clearly demonstrated, scanners will always contain a large degree of approximation and guesswork. [Read More]
Android  Exodus Privacy  F-Droid  fdroid  feature extraction  NGI0 PET  NLnet  tracking  Tracking the Trackers 

εxodus ETIP: The Canonical Database for Tracking Trackers

 Posted on December 11, 2020  |  Hans-Christoph Steiner

There is a new story to add to the list of horrors of Surveillance Capitalism: the United States’ Military is purchasing tracking and location data from companies that track many millions of people. We believe the best solution starts with making people aware of the problem, with tools like Exodus Privacy. Then they must have real options for stepping out of “big tech”, where tracking dominates. F-Droid provides Android apps that are reviewed for tracking and other “anti-features”, and F-Droid is built into mobile platforms like CalyxOS that are free of proprietary, big tech software. [Read More]
Android  Exodus Privacy  F-Droid  fdroid  feature extraction  NGI0 PET  NLnet  tracking  Tracking the Trackers 

On the classification of tracking

 Posted on May 20, 2020  |  Aaron Kaplan

This position paper tries to outline a framework for defining trackers in smart phones and lists mechanisms for identifying them. It hopes to serve as the foundation for the work done in the Tracking-the-Trackers project. In section 1 we start with an abstract analysis of levels of unwanted behaviour in the context of tracking. Next, in section 2, we focus on an attacker’s perspective, on anonymity and pseudonymity. This foundation allows us to define terms which are needed throughout the paper. [Read More]
NGI0 PET  NLnet  open source  privacy  tracking  Tracking the Trackers 

Free Software Tooling for Android Feature Extraction

 Posted on May 6, 2020  |  Hans-Christoph Steiner

As part of the Tracking the Trackers project, we are inspecting thousands of Android apps to see what kinds of tracking we can find. We are looking at both the binary APK files as well as the source code. Source code is of course easy to inspect, since it is already a form that is meant to be read and reviewed by people. Android APK binaries are a very different story. [Read More]
Android  debian  Exodus Privacy  feature extraction  free software  machine learning  NGI0 PET  NLnet  open source  Tracking the Trackers 

"Features" for Finding Trackers

 Posted on April 28, 2020  |  Hamilton Kaplan

One key component of the Tracking the Trackers project is building a machine learning (ML) tool to aide humans to find tracking in Android apps. One of the most important pieces of developing a machine learning tool is figuring out which “features” should be fed to the machine learning algorithms. In this context, features are constrained data sets derived from the whole data set. In our case, the whole data set is terabytes of APKs. [Read More]
Android  Exodus Privacy  feature extraction  machine learning  NGI0 PET  NLnet  research  tracking  Tracking the Trackers 

The Promise and Hazards of COVID Contact Tracing Apps

 Posted on April 9, 2020  |  Hans-Christoph Steiner

There has been increasing interest in the possibilities of tracking people who are infected with Coronavirus using all of the various methods that smart phones provide. There is good reason: “contact tracing” has been a pillar of public health efforts for decades. It is an effective means to curtail the spread of infectious disease. At the same time, governments, companies, and organizations are acting fast to offer services to help end this current pandemic. [Read More]
covid  free software  open source  privacy  tracking  Tracking the Trackers  trust  usability 

Tracking the Trackers: using machine learning to aid ethical decisions

 Posted on January 16, 2020  |  Hans-Christoph Steiner

F-Droid is a free software community app store that has been working since 2010 to make all forms of tracking and advertising visible to users. It has become the trusted name for privacy in Android, and app developers who sell based on privacy make the extra effort to get their apps included in the F-Droid.org collection. These include Nextcloud, Tor Browser, TAZ.de, and Tutanota. Auditing apps for tracking is labor intensive and error prone, yet ever more in demand. [Read More]
Android  Exodus Privacy  F-Droid  fdroid  machine learning  NGI0 PET  NLnet  privacy  research  surveillance  tracking  Tracking the Trackers