Recently Apple added a feature to iOS that allows you only to allow selected photos to be accessible by an app. This allows the user to respond positively to an access request, but allow the app to see only a subset (or zero) actual photos.<p>It would be a very useful feature for Apple to do the same for contacts: the app would think it's getting access to your contacts, but would only actually receive a subset of them, and be none the wiser. This would be a tremendous boon for privacy.
I don't see what the point is.<p>"Data poisoning" gives companies a bunch of fake contacts... on top of all your real ones?<p>Who cares? So they send some e-mails to addresses that don't exist or something? So it takes up an extra 1% of disk space in their database?<p>If you could share an empty address book then that would actually preserve the privacy of your contacts. But this doesn't do that.<p>I don't get it.
Clubhouse requires contact list in order to get invites, which are required to sign up right now.<p>I get why they are doing this, and it caused me to share my contacts with them.<p>However, I resented it and it put me immediately in a defensive posture with the product and company.<p>There is no possible way to trust a company with your contact list and Apple should make it how Photos works now--where you can select which data to share. There are some folks I don't even want to possibly find in a social app.
Not exactly on topic, but historical context maybe: Long ago (early 90s?) when it was guessed/assumed that intelligence agencies were scanning emails, emacs was still among the best ways to read and send email. So emacs provided a handy function to append a random list of "hot" words to each outgoing email in the signature, just to degrade the signal-to-noise of such surveillance.<p>It's still there today, and you can see the output via M-x spook.
Remember: some apps check for what apps are installed on the device, and if they see this installed they can deduce you're poisoning the well.<p>Also if you want to research obfuscation and how it thwarts surveillance, check these:<p><a href="https://www.schneier.com/blog/archives/2019/11/obfuscation_as_.html" rel="nofollow">https://www.schneier.com/blog/archives/2019/11/obfuscation_a...</a><p><a href="https://www.science20.com/news_articles/obfuscation_how_to_hide_from_online_surveillance-164418" rel="nofollow">https://www.science20.com/news_articles/obfuscation_how_to_h...</a><p><a href="https://www.theguardian.com/technology/2015/oct/24/obfuscation-users-guide-for-privacy-and-protest-online-surveillance" rel="nofollow">https://www.theguardian.com/technology/2015/oct/24/obfuscati...</a><p><a href="https://adnauseam.io/" rel="nofollow">https://adnauseam.io/</a><p><a href="https://bengrosser.com/projects/go-rando/" rel="nofollow">https://bengrosser.com/projects/go-rando/</a>
This is a common technique in the mailing list industry. It's called "salting". You add fake names, but real email addresses, street addresses, or post office boxes. You then monitor what shows up in these places addressed to "Mr. Fake Name". It's how mailing list companies monitor who is using their lists and helps control misuse.
I seem to remember CyanogenMod having a per-app sandbox feature around 2013 that returned blank info from a virtual root.<p>Like many point out, this isn't data poisoning, especially if there aren't metric-breaking honeypots around the web seeding these services with enough noise to make these collection practices useless, which there are not.<p>A more effective alternative might be hashing real contacts to generate seeds of complete but false profile information. Apps thinking they got the mother lode wouldn't be able to assign confidence to any results they didn't have duplicates of, and slowly over time, groups who used this would become worthless.
Apps using contacts is a $#%$ing anxiety attack for me. The scum companies don't care. They just want more leads. But for me, it's this fear that they're going to spam my exes and old roommates and bosses and professors and landlords and everyone who ends up added to my contacts.<p>Signal did that to me last week. This person I'm not on speaking terms with got Signal and it added us and announced to each other we were on it and put our empty conversation onto my list of convos.<p>Phone contact lists are a complete $&^*ing disaster and Apple needs to make it far more clear what specific contacts I share access to.
It's pretty sad that we get to this point. Creating fake contact in our phones to create "data-poisoning".<p>Where the hell are we going?
I'm of the opinion that personal data is not like a currency and should not be seen as a form of currency.<p>If you want to barter then I want to negotiate, no one sided contracts. Can't make a deal? Your loss then.
Is it possible to create a network of contacts that triggers worst-case memory and cpu scenarios when the network is reconstructed from contacts?<p>Or, put another way, can a collection of people doing this construct a set of synthetic contacts spread out in various ways across their devices, such that anyone doing contact analysis sees their analyses slow down, drain resources, or crash altogether due to network structure?
> <i>The app is designed to be very simple and fail silently. If you deny permission to access contacts, the app will not complain, it just will not work.</i><p>I don't understand the reason behind "designed to...fail silently" in this way, in a privacy&security measure.
Can someone please explain to me how the collection of contact data is in any way legal under the GDPR and why Microsoft (Windows), Apple/Google haven't been required to make changes to prevent abuse of this permission (such as selecting specific contacts).<p>I'd also like to not know why if my contact data is shared, I am not informed of this. If my data is uploaded by Google to their servers, I should know. If somebody chooses to share my data with $app I should know, and, be able to "opt-out" of being included, perhaps (although it should be opt-in!)<p>Being able to mass collect what is often the most sensitive information means that consistent data is now a liability; keeping the same number/email can be useful for cross-referencing. Ideally you should rotate what data you can (physical address/location is obviously extremely difficult). Everything else is possible (browsers/IP addresses/emails/User Agent strings, phone numbers etc etc)<p>The best idea is to "troll" with your data; put insane items in your logged in basket (ebay/amazon etc), like sex toys. You can even make an order (and refund it) to further poison the well. Log in to Google and do some disgusting searches, and train algorithms to have the "wrong idea" about you, this is a reality we're now facing as this data can (and will) be used against you at any opportunity.
The problem with this approach is twofold:<p>a) At the margin, a few people doing this does _nothing_ to mess with big companies' data collection & analysis. But opting out also has the same problem, obviously, so at least it's not doing worse.<p>b) In the absence of sandbox / selective sharing features like other commenters have mentioned, or you going so far as to _only_ keep fake contacts in your phone, using this approach requires you to also share your actual contacts with the app, thus giving away PII of unconsenting third parties. Yes, I'd rather blame the app developers for collecting this data in the first place, but I'd still prefer not to give my contacts away whenever I can reasonably withhold them.
On Android, IIRC I've seen a dialer app that stores contacts in its own database instead of the system thing. Seems to be a better approach than this—at least if other apps also don't write to the shared contacts.<p>(It was probably an open-source dialer on F-Droid, but don't remember exactly which one.)<p>Anyway, an even better approach of course is to tell data-slurping apps to bugger off.<p>Edit: come to think of it, maybe alternative Android ROMs could fence the contacts so that an app only sees its own unless the user specifically selects someone. I guess this is similar to Apple's trick with Photos.
Phone numbers are too public. The reason why they're used by messaging apps is that they are a goldmine to have. They actually make it harder to chat (ever tried using Whatsapp/Signal on a PC? Yes, you'll need to have it installed on your phone first (and have given over your contacts))<p>That's why I chose to set (masked) emails as the primary id on groupsapp.online and even these can't be seen publicly unless you share a "group". Others will just see XXXX@gmail.com
You can always use bash or python to create vcards and import them in your phone.<p>I've used this technique once to generate a bunch of numbers to find the whatsapp of a person, works just fine
That is why we should have a custom app for contacts with custom encryption (like keepass) to store our real contact. So not any app or apple or google has access them.<p>For some ppl like political of activist fundraisers, contact info privacy are utter most important. In fact some of them still store it on rolodex, and will not put any of that into digital form. And as a software developer I actually support that tremendously.
All the shady data schemes and dark patterns in todays idea of software business motivated me to look to my phone as an enemy and using the web cautiously all the time. Actually the idea of hyperconnected future in which 24/7 monitoring of the individuals will be normalised and mandatory makes me cringe. The Internet from force of good is turning to dystopian toolchain by the hour. And all is because we as society cannot find an effective way to limit the greed.
Hm can it be estimated / is there public information about how many phone numbers are taken? E.g. I generate a valid number for one country or state, how likely is it that the number is in use or registered?<p>I once got a phone call from a university student for a survey for their project and they told me they generate them randomly which makes me really wonder, how likely is it?
Things might change big time in this space. Apple and Facebook are slugging it out on tracking personal data.
<a href="https://www.cnet.com/news/facebook-vs-apple-heres-what-you-need-to-know-about-their-privacy-feud/" rel="nofollow">https://www.cnet.com/news/facebook-vs-apple-heres-what-you-n...</a>
Ever since ios 5 I think, there has been permission control behind a separate password. Why cant android replicate that? Nowadays, there seems to be one "permissions protection" but sadly all apps say "you seem to have contacts protection enabled. Please disable for best results". Whats the point?
Just reading the headline and thinking: Providers (like google) may still be able to filter out fake profiles if those fake contacts don't have relations to each other. Meaning that if only you have a contact with a random number, and nobody else has, it's most likely fake.
I was looking through my contacts the other day, deleting some people I don't speak to any more. Its interesting that with 5 or so unique enough contacts I could be identified. If they were sufficiently unique, no one in the world could possible know those 5 people. Scary thought.
How does this help me? Malicious apps are still going to scoop up my real contacts, right? What if one of the random phone numbers belongs to someone deemed a "terrorist" by one the imperial powers and I'm judged guilty by association?
I wonder if this works at all..<p>These companies simply use your contacts to do contact mapping to other users. Including fake ones will do nothing as they don't point anywhere. Big Data will just filter them out.
I have no contacts at all on my phone, I created something by myself. Now I think it would be funny to brute force Androids contacts and just add every number of my countrys phone providers :-)
If real problem is that your contacts can be stolen, it makes no sense to add noise to them instead of securing them.<p>Do you install lots of trivial apps, which you give permission to access your contacts?
This is not achieving anything positive. I don’t which privacy threat it’s fixing, other than adding a new app into the mix that could at some point in the future suck up the contacts itself:)
Bsd style globbing is handy for this sort of thing. Like in Perl:<p><pre><code> use File::Glob qw/bsd_glob/;
my @list = bsd_glob('This is nested {{very,quite} deeply,deep}');</code></pre>
Data-poisoning is an attractive approach (and one I've considered and occasionally practiced) but it does relatively little as a practical matter. @cyberlab posted some good links here: <a href="https://news.ycombinator.com/item?id=26286686" rel="nofollow">https://news.ycombinator.com/item?id=26286686</a><p>Cory Doctorow also addressed this in a recent Reddit AMA: <a href="https://old.reddit.com/r/privacy/comments/j444u4/how_to_destroy_surveillance_capitalism_an_ama/g7jf6sf/?context=3" rel="nofollow">https://old.reddit.com/r/privacy/comments/j444u4/how_to_dest...</a><p>From the harvesters' perspective, a long list of pattern-matching identifiers with no visible history anywhere else online ... will tend to get junked fairly readily. A small increase in undeliverable addresses from a swipe ... won't increase costs much.<p>Creating wholesale online personas (effectively: bots and troll farms writ large) <i>might</i> start posing a challenge, but those would still likely give off a strong signal of falseness due to lack of correlation with other identifiers, most notably devices of their own, credit cards or other payments data, other data-linked services (transit or toll passes, etc.).<p>Ultimately the question is <i>why</i> are you doing this and <i>what</i> do you hope to accomplish?<p>(Though I've salivated a few times contemplating a system that would stream endless bits as responses to cookie or similar requests, just for shins and grits.)
slightly increased anonymity through user-fed obfuscation? if you don't want an app to access your contacts, deny it. if it insists, delete it. the only app on my phone which has access to contacts is.. Contacts
Just don't share your contacts with apps that steal them and use them for marketing purposes.<p>It is also illegal to do it (GDPR), if you don't have the permission of every single person in your contacts.
Can we get little Bobby Tables in there?<p><a href="https://xkcd.com/327/" rel="nofollow">https://xkcd.com/327/</a>
Sad state of affairs. AOL couldn't kill the open web, but "apps" have.<p>The user agent should respect your wishes, but instead we are reduced to this insane work-around.<p>Surveillance capitalism needs to die in a fire. To anybody working on that shit: I hate you. Personally, as an individual, I wish you harm.<p>OK, that was hyperbole, but I do love the open web. RIP.