[Cryptography] Comey: targeted ads => plaintext access

Tom Mitchell mitch at niftyegg.com
Thu Sep 17 21:34:58 EDT 2015

> The "anonymous ad" protocol is an attempt to do what we often do in crypto


> Google today implements exactly such an "anonymous ad" protocol (though
> it's repeatedly misunderstood).

You may not know who but you have a measure of what and some location
service metrics.

> App sellers are given no information about their customers, and indeed are
> forbidden (on pain of quick banishment from the store) from initiating
> contacts with their customers or even providing any kind of direct pathway
> from customers back to them.  For example, apps can't provide a way to
> report problems directly back to their makers.

Games are "hosted" on the sellers host.
Users do register... Consider Uber.

"Uber said in a statement sent to Re/code, “Access to permissions including
Wi-Fi networks and camera are included so that users can experience full
functionality of the Uber app. This is not unique to Uber, and downloading
the Uber app is of course optional.”
The list is very long:

Candy Crush:

In-app purchases
find accounts on the device
Wi-Fi connection information
view Wi-Fi connections
receive data from Internet
full network access
view network connections
prevent device from sleeping

We (most I suspect) would call user data a liability.  Most internet
place user data on the asset side of their books.

  T o m    M i t c h e l l
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150917/47d5b840/attachment.html>

More information about the cryptography mailing list