User: Password:
|
|
Subscribe / Log in / New account

The perils of desktop tracking

The perils of desktop tracking

Posted Apr 19, 2012 11:51 UTC (Thu) by drag (subscriber, #31333)
In reply to: The perils of desktop tracking by fb
Parent article: The perils of desktop tracking

> Thank you for the great article and for drawing attention to the fact that Zeitgeist is being pushed down without that much thought about its downsides (i.e. even more collected private data sitting in one's computer) or whether most people actually need that.

I think that the downsides to having data collection software is fairly self-evident. I also think that people brought up the downsides the first time Zeitgeist was announced a couple years ago.

I hope that everybody keeps in mind that if a attacker wants to gather information on your Linux desktop activities there exists almost nothing to stop him if he is able to get into your user account. Zeitgeist may simplify things a bit, but only slightly. Not having it running or installed isn't really going to help you out much against malicious software tracking you, recording your activities, and finding historical data.

If the Linux desktop was secure against malicious or untrusted software then having Zeitgeist wouldn't be much of a problem, since it would be a simple thing to lock it's data away from prying eyes.

(although this is a bit of a stretch:) In the long run it may end up making things easier to secure because instead of having browsers and other applications keep track of their histories in various databases throughout your home directory then they can depend on Zeitgeist to keep track of it for them and thus you can harden your historical databases easier.

I am not saying that turning it off or not wanting it installed is a perfectly valid desire. It certainly is. So don't misunderstand me here. It's something that needs to be really thought out well before pushing it on everybody by default.

On a side note:
http://gurgeh.github.com/selfspy/

All sorts of fun stuff like that exist I suppose. If employers want to spy on employees on machines owned and operated by the employers I expect that there exists ample opportunity and lots of potential for software to allow that. Same as malicious software on vulnerable Linux desktops.


(Log in to post comments)

The perils of desktop tracking

Posted Apr 19, 2012 12:40 UTC (Thu) by nix (subscriber, #2304) [Link]

zeitgeist is terribly GNOME-specific and doesn't look too useful. But selfspy, ooooh. Modern disks are more than big enough to store every single key you press for your entire lifespan if you did nothing but type at top speed, so storing this for later analysis (by *you*, nobody else) seems incredibly useful.

The perils of desktop tracking

Posted Apr 19, 2012 12:44 UTC (Thu) by drag (subscriber, #31333) [Link]

yes. It's very interesting. Haven't had a chance to check it out yet, though. :(

The perils of desktop tracking

Posted Apr 19, 2012 13:26 UTC (Thu) by fuhchee (guest, #40059) [Link]

"storing [keystrokes] for later analysis [...] seems incredibly useful."

What sorts of incredible uses can you envision from this data?

The perils of desktop tracking

Posted Apr 19, 2012 14:14 UTC (Thu) by fb (subscriber, #53265) [Link]

>> "storing [keystrokes] for later analysis [...] seems incredibly useful."

> What sorts of incredible uses can you envision from this data?

I also can't see the point of it. Myself, I save all the keystrokes I care about inside 'files'.

The perils of desktop tracking

Posted Apr 19, 2012 16:05 UTC (Thu) by drag (subscriber, #31333) [Link]

Instead of saving what you remembered you wanted to save, it just saves everything.

I wouldn't mind a computer with photographic memory and instant recall. My PC nowadays is more or less just a overgrown terminal for most things I do nowadays anyways.

The perils of desktop tracking

Posted Apr 19, 2012 20:03 UTC (Thu) by fuhchee (guest, #40059) [Link]

"Instead of saving what you remembered you wanted to save, it just saves everything."

I'd love to have one with systemic undo capabilities, but that would need more than just keystroke recording.

The perils of desktop tracking

Posted Apr 20, 2012 8:42 UTC (Fri) by fb (subscriber, #53265) [Link]

> Instead of saving what you remembered you wanted to save, it just saves everything.

As I am sure you know, there is no point in having all the data in the planet if you can't make sense of it.

> I wouldn't mind a computer with photographic memory and instant recall. My PC nowadays is more or less just a overgrown terminal for most things I do nowadays anyways.

For me the 'best' current balance for (i) 'photographic memory', (ii) synchronization (between the 4 computers I use routinely -- make it 5 if you include the smart-phone), (iii) and keeping only relevant data is:

- GMail for mail and contacts
- Google Calendar
- RememberTheMilk for sharing notes with my boss (aka 'wife')

For managing/remembering/synchronizing/versioning anything else I just use Git and private repos at GitHub.

Actually the one thing I still need to improve is actually doing some form of 'transparent / easy' encryption so that I can also push sensitive data into GitHub (e.g. my Git 'tax info' repository).

The perils of desktop tracking

Posted Apr 19, 2012 19:11 UTC (Thu) by davide.del.vento (guest, #59196) [Link]

Time tracker?

The perils of desktop tracking

Posted Apr 20, 2012 8:20 UTC (Fri) by jezuch (subscriber, #52988) [Link]

> What sorts of incredible uses can you envision from this data?

http://www.ted.com/talks/jer_thorp_make_data_more_human.html (For a quasi-related example. You may see only a big blob of useless data and potential privacy risk; this guy sees much, much more.)

The perils of desktop tracking

Posted Apr 20, 2012 16:05 UTC (Fri) by nix (subscriber, #2304) [Link]

A substitute for a crappy memory, keyed by time and searchable. "I know I typed something about $foo last Thursday in the afternoon but I have no idea where I typed it.'

The perils of desktop tracking

Posted Apr 25, 2012 8:38 UTC (Wed) by man_ls (guest, #15091) [Link]

One possible use is for awesome blog posts.

The perils of desktop tracking

Posted Apr 19, 2012 23:07 UTC (Thu) by seif (guest, #73692) [Link]

---
(although this is a bit of a stretch:) In the long run it may end up making things easier to secure because instead of having browsers and other applications keep track of their histories in various databases throughout your home directory then they can depend on Zeitgeist to keep track of it for them and thus you can harden your historical databases easier.
---

Exactly my point. Having history at a central location and having a central tool to disable logging completely or partially should be considered as an improvement of the user security. The trick is to make the user aware of such options.

The perils of desktop tracking

Posted Apr 21, 2012 4:46 UTC (Sat) by sitaram (guest, #5959) [Link]

> Zeitgeist may simplify things a bit, but only slightly. Not having it running or installed isn't really going to help you out much against malicious software tracking you, recording your activities, and finding historical data.

Sorry but I'm not buying this. Zeitgeist makes it possible for malware that came in *later* to find everything that happened *already*.

I may go to a conference where I realise a few minutes after logging in that I am on an untrusted network or whatever. I quickly shutdown and stop using it (or switch to a live USB), till I can go home and clean up.

Without ZG the malware has those few minutes to trawl my $HOME and get whatever it can out of the mess there. With ZG it knows what is important to me, and can find it faster and pull only that out much more efficiently.

ZG gives me *yet* another reason to avoid Ubuntu.

Thank God for Fedora.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds