HiFi Privacy, Data, Groups ... and You May Be The Product

[The Computer Audiophile]

Hi Guys, I figured I'd start a thread on this one because it comes up more and more. Most recently in the Harman Acquired Roon thread, but it's an ongoing concern. We can now just link back to this thread, when it comes up in others, and contain the information to this location rather than derail other threads.

 

Let's also at least attempt to keep the conversation related to audio and privacy, rather than the CIA hacking into our phones as a general matter. 

 

 

[The Computer Audiophile]

I used to use Google's services for all my email and documents, but late last year moved everything to Proton. I'm not a fan of being the product especially when paying Google and still being the product. 

 

Anyway, many people in our wonderful hobby think it's no big deal that streaming services know everything we listening to. I just talked to someone last week who said he doesn't care if Qobuz knows his listening habits and that nobody would really care enough about him to want that information, and other arguments along those lines. 

 

I think this is shortsighted. The big picture is all about bits and pieces of information collected from different services and locations, and assembled by larger companies to build the profile on you. Still not a big deal? The companies collecting all the data sell it to governments all over the world, and some of those don't have your best interest in mind. In addition, this data is never 100% secure. It's vulnerable to independent hackers and nation state hackers. 

 

For the most part, you and I don't think like they do, so we shouldn't be so laissez faire about this. By "they" I mean people, companies, and governments with the data and endless resources to use it. What's the big deal about your 23andMe DNA being stolen by hackers and partially owned by a Government? Not sure, but I don't think like those guys and I don't have the resources to do anything about it if I did.

 

Back to audio. Roon, Sonos, and many other apps collect data on us. Sonos was once called the NSA of audio by some of us in the industry. The company knows much more than the average person thinks. What time you get up, go to sleep, how you're feeling, what your zone names are, when new members of your family are born, etc... and on and on, based on piecing together data it collects from you. 

 

I don't know what Roon collects, but I don't like it. When I'm writing a review of a product, I often think about what I write and what data has been collected about my experience. If I say I loved a product so much I listened to an album 10 times in a row, will I someday be facing the HiFi cancellation police if the data collected is revealed and it turns out that I only listened to the album 9 times? Extrapolate from that as you will. 

 

I've also wondered about music servers that I get in for review. Are they like the Tesla that collected information while the reviewer used the car and wrote about it, only to be questioned after the fact by Musk about his use of the car? I have no clue, but I've thought about monitoring all servers I get in with a Pi-Hole and other devices. 

 

I don't pretend to be important enough to have people care about my HiFi data, but I also don't think like someone with an axe to grind. I've had people threaten my family over forum posts. People can be "strange" as we all know. 

 

On another note, I'm also surprised at how many people prefer to use social networks like Facebook and YouTube for their HiFi hobby communications, rather than independent forums and sites.  We collect zero data. In fact I disabled all analytics collection years ago because I hate it and I treat people how I want to be treated. 

 

Anyway, I have much to say about this topic. 

[The Computer Audiophile]

I will also add, my Samsung Frame TV phones home constantly. When I look at the Pi-Hole logs, every second it's communicating with the mothership. Now that Samsung owns Roon, I'm a bit more concerned than when Roon was owned by a few guys who loved music. 

[AudioDoctor]

This is a screen cap of the most queried domains in my home from my AdGuard Home stats page.

 

I haven't quite figured out what to do about this yet but it is concerning. Google is all pervasive.

 

edit: There is a "no google" button, that breaks a bunch of things including my email access.

[The Computer Audiophile]

3 minutes ago, AudioDoctor said:

This is a screen cap of the most queried domains in my home from my AdGuard Home stats page.

 

I haven't quite figured out what to do about this yet but it is concerning. Google is all pervasive.

 

I switched to CloudFlare DNS rather than Google.

 

CloudFlare - 1.1.1.1 and 1.0.0.1.

[AudioDoctor]

2 minutes ago, The Computer Audiophile said:

 

I switched to CloudFlare DNS rather than Google.

 

CloudFlare - 1.1.1.1 and 1.0.0.1.

 

I could do that, right now I am using AdGuard DNS servers.

 

edit: I just added Cloudflare as the Fallback DNS servers just incase it was defaulting elsewhere without that specified.

[seeteeyou]

6 minutes ago, The Computer Audiophile said:

I will also add, my Samsung Frame TV phones home constantly.

 

(Privacy-related replies will come later.)

 

---

 

 

https://www.reddit.com/r/samsung/comments/1aj7szx/ultimate_betrayal_of_customer_trust/

Quote

I did send Samsung this full video, and I was told by the CEOs office, that the office watched the full video. After that, they had a huge company wide meeting and everyone watched the hidden camera part. I was very surprised and happy to hear that.

The service center sent 2 guys to set up a new tv for me, and take the old one. The technician got fired.

 

Quote

Samsung's after sales support is still crap after all these years. They want to compete with the big boys, but are providing an abysmal customer experience overall.

In my region, Samsung has outsourced their repairs and warranty services to third party companies. These companies will first try to brush off all warranty promises by Samsung and go thru the terms with a fine comb to weazel their way out of honouring the warranty. If that fails, they will quote a large amount of money to fix or replace the product to discourage any repairs. The amount is usually almost the same as getting a brand new product of the same type that was recently launched. Any minor problems with the product and they will recommend an overhaul of the entire internals, likely because their techs are badly trained. All these just to make sure they turn a profit while destroying the faith of Samsung's customers.

I have kept email exchanges with Samsung where they brushed me off from replacing a defective product that is still covered under their warranty period. The s23 ultra is likely my last Samsung product. They can tout the features of the s24, but there's no way I will recommend anyone getting anything from Samsung. The whole experience seems to show that Samsung don't care about their customers after they got the sale. They don't even have confidence in their own products.

 

---

 

https://www.reddit.com/r/LinusTechTips/comments/1akvji7/samsung_care_technician_cuts_tv_in_order_to_void/

Quote

Basically when he first got the TV it had a purple stain at the bottom right. He calls support, they send a guy out to fix it. Except the guy doesn't put the TV back together properly, it's now crooked. A wire inside the TV was preventing a screw from properly setting. Repair tech leaves anyway.

5 weeks pass, same repair tech is sent out again to take another look at it. He attempts to fix it, but the TV is still crooked. Whatever, guy puts up some cardboard to offset it and will live with it, until he notices a purple stain AGAIN on his TV, this time in the center. It must have been damaged from the second repair visit since the tech came alone and laid the TV down on the carpet.

Repair tech comes out a third time. You can see in the video what he does. Absolutely infuriating.

 

---

 

 

https://www.reddit.com/r/videos/comments/1ajfxba/samsung_repair_tech_caught_slicing_guys_tv_screen/

Quote

for those interested in the juicy bit - 15:24 is the actual cut, technician spends a couple minutes talking with the owner before convincing him to shut off the breaker, makes the cut, then goes back to help the owner with the breaker - comes back and notices "oh hey....what's this!"

 

Quote

Also, who the F wants to turn off the breaker to power cycle a TV, how ridiculous is that. It's obvious he was just trying to get the owner out of the room long enough to scratch the TV, but that would make me very suspicious of a tech if he wanted me to hit the breaker to power cycle the tv.

 

Quote

Fighting Samsung right now over warranty. Very very long story short they denied me saying the product was out of warranty. I had to upload the invoice to their ticket system( I bought the TV from them by the way. They have all the info). I did what they asked and they denied it again saying it wasn't enough info. So I had to do it all over again with different documents until they accepted it. Then they closed the ticket without any reasoning and I had to go have a new ticket opened and do the whole process over. I think they're pissed it is still in warranty when they thought it was out of warranty when I made the repair request.

And yes that's the short version. This TV has been a nightmare since I got it and Samsung goes out of their way to fuck me over it. 20 days after I got it, had to fight them to send a tech out and he investigated, confirmed the problem and called in to Samsung to get approval to complete the repair. They straight up told him no(he had them on speaker) they weren't going to authorize the repair. He couldn't do shit so he left. Samsung closed the ticket "no defect found". Oh and they told me I couldn't return it within the return window because I had picked it up at best buy and that's a different return window.....

Same happened to our friends with other appliances. They are such a trash company I will never buy another thing from them.

 

Quote

I gave up fighting Samsung for a similar issue.

I had issues with my TV, they kept claiming it was software and not defective. I checked online and when other people had issues it was with the main board. They insisted that wasn’t the case and it was software, but their updates didn’t fix the issue.

When my TV was out of warranty it suddenly was an issue with the main board and I needed to pay $450 to fix it. Even though the issue was exactly the same as the one I had reported for months, as soon as the warranty went out it went from being “definitely a software issue” to a main board issue.

If anyone is looking for a TV, don’t consider Samsung.

 

Quote

This is wild, because even if it was a software fault, that's still their responsibility.

Like what, are you supposed to write new firmware for your own TV?

 

Quote

That’s what I said, they kept saying that the next update will fix it. When the update didn’t, the next one would definitely fix it you know?

Taught me a good lesson on being far more insistant though.

 

[botrytis]

4 minutes ago, The Computer Audiophile said:

 

I switched to CloudFlare DNS rather than Google.

 

CloudFlare - 1.1.1.1 and 1.0.0.1.

 

I have that set in my router also. 

[DuckToller]

1 hour ago, The Computer Audiophile said:

On another note, I'm also surprised at how many people prefer to use social networks like Facebook and YouTube for their HiFi hobby communications, rather than independent forums and sites.  We collect zero data. In fact I disabled all analytics collection years ago because I hate it and I treat people how I want to be treated. 

I can tell from my own experience that the Meta social app universe has proved to be substantial to keep contact over long distances with people who haven't got enough time left to care about privacy  for the rest of their live, just after they learned enough to use this new kind of technology. This has kept me and my family locked in, and we are still looking for options to make things happen without meta

I have noticed - guess is was around 2020/21 - that linking inside FB Hifi user groups towards the AS website has put me on the banned list without explanations. Not sure it was MQA related or just cutting off external content outside of the universal control ... since then I have limited my exposure almost completely to dog pics and dog breed & walking groups ...

For my daily usage whatsApp is even more important than FB or Instagram, and my predictions about that platform are pretty horrible ...

[DuckToller]

4 minutes ago, botrytis said:

 

I have that set in my router also. 

I have the 1.1.1.1 widget in my chinese xiaomi mobile phone and prefer surfing via VPN anyway

[The Computer Audiophile]

2 minutes ago, DuckToller said:

whatsApp

Have you tried Signal?

[DuckToller]

Just now, The Computer Audiophile said:

Have you tried Signal?

Using it since it came on the market, but have only a chosen few to page and call ...

[Jud]

My entire home network uses Cloudflare as its DNS server. I use the Vivaldi browser on both computers and phones, which (at least on computers, don't recall re phones) permits disabling ads and trackers out of the box.

 

I'm one of those folks who doesn't care if someone else knows what I'm listening to on Qobuz. I'm not receiving any ads about it anyway (see discussion of Vivaldi above).

 

For over a decade I've used Fastmail, which has lots of privacy and anti-spam features, including use of email aliases integrated with 1Password.

[Jud]

22 minutes ago, Jud said:

My entire home network uses Cloudflare as its DNS server. I use the Vivaldi browser on both computers and phones, which (at least on computers, don't recall re phones) permits disabling ads and trackers out of the box.

 

I'm one of those folks who doesn't care if someone else knows what I'm listening to on Qobuz. I'm not receiving any ads about it anyway (see discussion of Vivaldi above).

 

For over a decade I've used Fastmail, which has lots of privacy and anti-spam features, including use of email aliases integrated with 1Password.

 

Oh yes, one other thing - Vivaldi allows a selection of a couple of dozen default search engines, just in case you happen to be searching for music or information about equipment (or whatever else). I've set it to use Startpage, which goes through Google's search engine but uses an anonymizing proxy to strip your information from the search and Google.

[AudioDoctor]

2 hours ago, The Computer Audiophile said:

Have you tried Signal?

 

+1 for Signal

 

The hardest part of getting off of the facebook bandwagon is how little motivation everyone else has to do the same.

[Miska]

3 hours ago, AudioDoctor said:

I haven't quite figured out what to do about this yet but it is concerning. Google is all pervasive.

 

Lot of web sites use for example Google Analytics. Sometimes embed some Google Ads, or similar.

 

As byproduct, Google can follow you from site to site.

 

I used to have some magic Referer -line regexp filters on my Squid proxy, etc. But it was a bit of pain to deal with...

 

[Jud]

27 minutes ago, Miska said:

 

Lot of web sites use for example Google Analytics. Sometimes embed some Google Ads, or similar.

 

As byproduct, Google can follow you from site to site.

 

I used to have some magic Referer -line regexp filters on my Squid proxy, etc. But it was a bit of pain to deal with...

 

 

As noted above, Vivaldi can be set out of the box to block ads and trackers, and can be set to use Startpage, Google through an anonymizing proxy. Or if you would prefer Firefox, there are extensions. uBlock Origin is quite popular and as far as I know quite effective. Even on Vivaldi, I use the EFF Privacy Badger Extension.

[AudioDoctor]

9 minutes ago, Jud said:

 

As noted above, Vivaldi can be set out of the box to block ads and trackers, and can be set to use Startpage, Google through an anonymizing proxy. Or if you would prefer Firefox, there are extensions. uBlock Origin is quite popular and as far as I know quite effective. Even on Vivaldi, I use the EFF Privacy Badger Extension.

 

Beyond the AdGuard Home running in a Pi4, I use the browser extension as well as the EFF Privacy Badger extension. The AdGuard browser extension even has an "extra" that blocks youtube ads. But using the "no google" option in the AdGuard Home nearly makes the web unusable.

[Superdad]

On 2/8/2024 at 11:25 AM, The Computer Audiophile said:

If I say I loved a product so much I listened to an album 10 times in a row, will I someday be facing the HiFi cancellation police if the data collected is revealed and it turns out that I only listened to the album 9 times? Extrapolate from that as you will. 

Chris, nobody needs to scrape your data to know that you listen to Peal Jam albums on repeat! 

[The Computer Audiophile]

5 minutes ago, Superdad said:

Chris, nobody needs to scrape your data to know that you listen to Peal Jam albums on repeat! 

HA!

[MarcelNL]

I've stayed away from most data catchers from the beginning, yet I still wonder how much of my data usage is 'out there' other than with companies I use like Qobuz....

The short version is, there likely is not much we can do about it unless laws are put in place AND enforced, as end user we cannot see what is collected....

 

let it be known I like Schubert and Schumann songs, Sibelius Violin concerto together with Nina Hagen Nick Cave Johnny Cash and much more, yo,  data analyst; figure it out ;-)

[Jud]

If you think there might be privacy problems with *audio* tech...

 

https://www.nytimes.com/2024/02/09/style/technology-love-technosexuals.html?unlocked_article_code=1.UE0.rd_X.M9Vs2-xvcVV_&smid=url-share

[AudioDoctor]

23 minutes ago, Jud said:

If you think there might be privacy problems with *audio* tech...

 

https://www.nytimes.com/2024/02/09/style/technology-love-technosexuals.html?unlocked_article_code=1.UE0.rd_X.M9Vs2-xvcVV_&smid=url-share

 

Apparently, Kia and Nissan are ahead of this curve.

https://jalopnik.com/auto-privacy-report-kia-nissan-driver-sex-data-1850812549

 

[cjf]

A few other things people can do at an attempt to achieve some level of additional privacy are below:

 

Configure/Enable DNS over TLS or HTTPS (ie..Encrypted DNS). The Cloudflare DNS servers support it as does Google (oof) and probably some others.

• A few drawbacks to the above option
   
  • Reduced Internet connection download/streaming speeds. Upwards of a 50% hit while using Encrypted DNS would not be shocking to see. But if your going to use it, it should be used 24/7/365 or its not worth it.
     
  • For some the download speed thing can be a real problem, especially if your download speeds aren't that great to begin with. But, for others who have more than they will ever use in terms of connection speed, the download hit may be a non-issue (ie..1GB Fiber to home, fairly light bandwidth User..etc). 
     
  • I suspect (I haven't taken the time to prove it yet) that using Encrypted DNS is problematic while attempting to stream music content above 24/96 from QoBuz

But...if you can survive with the reduced Internet download speeds I think this is a very worthwhile step to take.

 

Assuming you have no DNS Leaks taking place, you can confirm the above is working by setting up a "Port mirror" on your Firewalls Outside Interface (I'll assume the person has such an option). From there you can watch all traffic leaving your network with Wireshark to confirm that you no longer see any clear text Internet URL's being shown over Unencrypted DNS Port 53. 

 

You should also block all destination Internet URL's that are not using Port 443/HTTPS but this can be problematic at times.

 

Another step to consider is that you should try to take full advantage of your Network switch/Routers capabilities. If you have one that supports VLAN's, you should use them. All of them if possible.

 

Lastly, try and group your home network usage into a few categories. Something as simple as ....Trusted, UnTrusted isn't a bad way to start.

 

You could put all the "Shady stuff" like Roku players, Robot Vacuums, Alarm Panels, Gaming Consoles, Alexa's (oof)...etc..etc on the UnTrusted VLAN.

 

You could then put everything else on the Trusted VLAN.

 

From here you could configure some Firewall rules to do something like:

 

Allow all Ports Outbound on the UnTrusted VLAN
 

Then

 

Allow only Ports 80/443 Outbound on the Trusted VLAN.

• This would block all the remaining 65,533 TCP/UDP Ports from being used by "Sneaky code".

 

In any case, none of the above is foolproof but it sure reduces the attack/information leak surface by quite a bit.

[Currawong]

Encrypted DNS shouldn't slow down your internet, as it only encrypts the DNS queries. 

 

I've been using NextDNS, as it's highly configurable.  I also put it on my inlaws' computers and phones after they kept getting those "You have a virus, call Microsoft" pop-ups. It's much more efficient than using any kind of ad block. 

 

For Facebook, I recommend Firefox with Containers, which separate out groups of sites. There is a specific Facebook container, that can anonymise outbound links from FB as well, to remove the tracking.

 

Unfortunately, I can't completely let go of Google, for various reasons, but it's easy enough with browsers to isolate or block the tracking.