We have moved to a new Sailfish OS Forum. Please start new discussions there.
32

Privacy, Security, Usability [subjective]

asked 2014-05-04 22:53:34 +0200

this post is marked as community wiki

This post is a wiki. Anyone with karma >75 is welcome to improve it.

updated 2014-05-06 00:18:02 +0200

jgr gravatar image

Dear Jolla team,

  • Privacy
  • Security
  • Usability

these were the reasons when deciding to buy a and support Jolla – at least I hoped, Jolla would aim for these. Unfortunately, so far you failed on all 3 topics.

Edit (2014-05-05): Please note also the Answer below by Aard. It contains details in particular to the Privacy topic but covers the other topics as well.

Privacy

Just as examples:

I do not want to be tracked/trackable. Do not gather any more data than absolutely necessary for the current task.

Security

There is a known security hole (plain text password accessible by apps that may phone home).
https://together.jolla.com/question/39495/security-risk-with-sqlite-db-in-jolla-passwords-in-plain-text-in-user-space/

While such basic mistake (plain text password accessible by applications) should not happen in the first place, I had expected a hot fix as soon as possible – no action yet (for almost 3 weeks). Personally, I regard this security hole as important. I limited my use of the Jolly handset to minimize the risk of exposing my passwords to 3rd parties.

There seems to be another password issue, publicized Saturday morning (it is 32 hours later now), I wonder what you will do about this – ignore it again? https://together.jolla.com/question/41642/e-mail-smtp-sending-out-password-in-certain-circumstances/

Usability

These are only the main issues rendering the Jolla handset as unusable for deployment as the only/main mobile phone in private as well as in business environments.

What does Jolla?

Instead of solving the issues above, you provide a hot fix for MMS functionality (https://together.jolla.com/question/40658/hotfix-mms-changes-for-paarlampi-10519/). In my eyes: Features are the wrong focus as long as the basics are not solved.

While I used to use the Jolla as the only mobile phone since January, now I am starting to look for another smart-phone that ensures privacy, is secure and can reliably be used as mobile phone.

edit retag flag offensive close delete

Comments

Yes, maybe subjective, others might not have a problem with the issues listed. But I agree to most points. Jolla tried a establish the image of being the "the good guys", or at least this is how we wanted to see them. At the end they have to have commercial interests to stay alive, plus resource limitations and need to focus on mainstream requirements. Collecting data for HERE? Maybe that's part of the deal. Could be that otherwise licence fees would be higher or it's a general condition to allow usage. TOH is a joke so far. Main purpose is to provide advertising space instead of additional functionality. I hoped that app permission would be user controllable and transparent and still hope that this will change. At least there should be logs to allow users to see what apps are doing ("flash light: phone book read, flash light: Internet used"). Teeth grinding I accept sometimes strange permissions of some vital apps on my Lumia 920. Please, Jolla, be UNLIKE here!

Stefanix ( 2014-05-05 04:31:18 +0200 )edit
1

I also generally agree with most of the points above. We do understand that Jolla resources are limited and not everything is that easily resolved, but at least there should be a clear position stated officially, especially on privacy and security issues.

zlatko ( 2014-05-05 08:14:33 +0200 )edit

the browser is not usable too

domnk ( 2014-05-05 08:30:59 +0200 )edit
2

I agree that especially security and privacy needs to be worked on and it is good to see this discussed. OTOH @jgr, other smartphone manufacturers don't even offer a platform as open as this one for users to openly discuss issues and features. There's a good chance you don't even get to know security issues as they come and (eventually) go on other smartphones. But yes, I agree that it would be nice to see these issues addressed.

tokaru ( 2014-05-05 10:40:54 +0200 )edit

2 Answers

Sort by » oldest newest most voted
36

answered 2014-05-05 16:14:18 +0200

Aard gravatar image
  • "GPS without HERE": It's being worked on, to be provided as setting. Note that this potentially makes time to fix very long, and gives you worse accuracy -- the data transferred to HERE is used to get faster fix and enhance position accuracy
  • "TOH data": The TOH ID (visible in Settings->About Product) is transmitted and stored with your store account
  • "Store account": The data you enter when creating the account, plus obviously which applications you installed is stored. Note that the contact card with your data you can fill out on first device start is not connected to that.
  • "Developer mode": Just a flag "device x had developer mode enabled" is saved on our servers. If such a device comes in for warranty we're basically dealing with an unknown system, requires some special attention to see if stuff went wrong we usually don't observe.
  • "No privacy concept for apps": True. To be fair, we stated from the very beginning that we won't ship with that, and will eventually add it. There are some enablers in place, and more will come.
  • "signondb accessible": This will be changed in the upcoming update, with a bigger change in privilege handling. This is code was inherited from the N9 (masked by aegis there), and is shared with Ubunutu (the privilege control bit is Jolla specific, though)
  • "Sunlight issues": I personally don't have those issues, though saw it from others. Adjusting display brightness and carefully selecting a usable ambiance in bright conditions seems to help there.
  • "Sudden shutdowns": This has been worked on for a very long time, and we had improvements to that behaviour in almost every update. More fixes are in the upcoming one.

As for MMS hotfix: MMS was released early and with bugs to collect feedback. It's an isolated component, so it's easy to push out a hotfix with minimal QA. As for privilege change, that was being worked on over 2 months -- so the work required on it to get it stable enough to push out was spread out over more than one update cycle. Obviously it was not being worked on full time, but for a change on quite a low level with lot's of dependencies it just takes a significant amount of time to have all affected components updated, to have everything QAd, and all the bugs fixed.

It comes all down to this: For each change there's a certain amount of time needed to develop it, to integrate it into the main development tree, to test it, and to fix stuff it breaks. If it's a bug there's a considerate amount of searching why it happens involved as well. The big difference between us and basically every other phone vendor is that we're capable of doing an update out of the stable and finished bits roughly every month. What you're seeing in that update is just a small bit of what is being worked on, though.

edit flag offensive delete publish link more

Comments

6

Thank you @Aard for this comprehensive and explanatory answer! Jolla is moving really fast forward and I personally am very happy with was is achieved in ~5 months. It is only the communication bit( answers like yours!) that is (slightly)lacking. Although I completely understand how hard is to spend time and resources to track and answer. And I do agree we(community, users) are often too eager and impatient. Sail on! :)

zlatko ( 2014-05-05 16:36:55 +0200 )edit
1

@Aard thanks for this statement, always nice to get some insight into things. Regarding "privacy", to be fair we also have to add that Jolla has at least once been publicly announced as a possible alternative for people who want to switch to a "system that respects their privacy". With the system at its current state, sentences like that should be used with care (or not at all ;-)). I'd even say that users should be explicitly warned about this; in a mobile context, I believe most people expect apps to run more isolated.

tokaru ( 2014-05-05 20:23:57 +0200 )edit

Thank you for the details.

While I accept them in general, just for the "sunlight issue": I already have a uniformly dark-blue colored background, giving the best contrast possible (almost, the difference to pitch-black background is minimal), and brightness set to maximum: The problem is real, not only for me. (I do not want to discuss this here, I have linked several questions that are better grounds for this.)

jgr ( 2014-05-06 01:02:35 +0200 )edit
1

It's nice if you, but it always comes to the point we need to get frustrated and make big noise till we get the info and it happens once a month at least, why don't you learn and share process and info before we get angry and during/ahead of process?

ZogG ( 2014-05-06 02:40:26 +0200 )edit

For example reboots, you may work on it and maybe there is/or there is no process. But at some had those, they still have them and with no info for them - nothing was done. SMS problem can be batch problem or specific part and not your fault but it is your responsibility and you said you would update us, but at the end there was no info provided and people were send to care(privately). It might be small thing, but what happen on bigger problems? It just only shows the what is "promise", support, openness and policy of company

ZogG ( 2014-05-06 02:48:36 +0200 )edit
1

answered 2014-05-06 03:34:35 +0200

bmwebb gravatar image

I would just like to make a couple of comments, firstly regarding the issue of not being able to see the display in bright sunlight. Here in the Australian summer the sunlight that is experienced here is much brighter and with an intensity greater than that experienced in Northern Europe, one of the reasons why car manufacturers use our country for their interior and exterior finishes testing. With that background, I am unable to see the display of my Jolla at all out in the sunlight, I also have an HTC One and it does perform a lot better in this aspect, even my N8 has a better daylight performance.

On the issue of privacy from the GPS, this is a function of A-GPS and the data is collected at supl.nokia.com or in the case of Google Maps, supl.google.com to aid in the speeding up TTFF and this data is anonymous. Also, WiFi information is collected but this is again anonymous and you don't even need to be connected to the WiFi network for this data to be utilised in improving the positional data the server has.

Having worked with the Nokia Maps services since the beginning, I have no issues with this at all and I feel that people are being a little paranoid if they feel that their personal information is being collected.

edit flag offensive delete publish link more

Comments

Even if the collected WiFi data is anonymous (in terms of not being assigned to a person initially), it can easily be aggregated with data collected from other services. Thus I wouldn't say that the MAC address of my router is really anonymous, even if there's not my name on it.

IMHO, recent publications proved that there are good reasons to be paranoid.

Just because we're paranoid don't mean they're not after us.

tokaru ( 2014-05-06 11:29:56 +0200 )edit

In that case I need to wear an aluminium foil hat as well.

bmwebb ( 2014-05-06 14:38:53 +0200 )edit
2

@bmwebb: Do you really want to start a discussion about friends spying on their friends, countries scanning (and forwarding/storing) the whole (international) internet traffic running through their country, governments requesting access to the data stored by companies within their jurisdiction whereever in the world these data are located, press rooms of a democratic news paper in a democratic country having to grind their notebooks and hard disks, a minister of a western country being refused the fly-over rights over territories of western countries, drones attacking people just based on the phone number they use and location data gathered, democratic countries turning into dictatorships and using data gathered by the previous government, and so on and so on?

PS: The location data may be anonymized before storage, they are not anonymous while being transferred.

jgr ( 2014-05-07 00:03:26 +0200 )edit

No, this is not the forum for such a discussion and the discussion certainly is pointless due to the emotion attached as then all logic flies out the window and we may as well just call each other names.

My initial comment was to bring to the fore the way the data is collected and stored within the A-GPS platform, if you are SO concerned about it then all I can suggest is to totally isolate yourself from the internet, email or any electronic contacts. By the way, don't use money either as the coding on the notes can be used to trace where you bank and where you shop.

bmwebb ( 2014-05-07 01:58:34 +0200 )edit

Okay, funny quiz to conclude the discussion: find the comments where logic flew out ;-) SCNR End of dicussion for me :)

tokaru ( 2014-05-07 10:35:15 +0200 )edit
Login/Signup to Answer

Question tools

Follow
8 followers

Stats

Asked: 2014-05-04 22:53:34 +0200

Seen: 1,280 times

Last updated: May 06 '14