Forgot your password?
typodupeerror
Privacy Cellphones Handhelds Music Software

Pandora Subpoenaed In Probe of Mobile-App Privacy 50

Posted by Soulskill
from the investigating-at-the-speed-of-government dept.
ideaz writes "Pandora Media Inc., the largest Internet radio company, said it's been asked for information as part of a federal grand-jury probe into the way smartphone software developers handle personal data. Pandora isn't a specific target of the investigation and similar subpoenas have been issued to other publishers of apps that run on Apple's iPhone and Google's Android operating system, the company said in a securities filing today."
This discussion has been archived. No new comments can be posted.

Pandora Subpoenaed In Probe of Mobile-App Privacy

Comments Filter:
  • by Anonymous Coward

    I stopped using their app when it wanted access to the system logs. This includes all notifications of pretty much everything going on on your phone. It might help them debug the app, it might help them with advertisers. Who knows. I just knew their app wasn't worth it.

  • by Culture20 (968837) on Monday April 04, 2011 @06:34PM (#35714736)
    Their login method is "what's the iPhone's UUID?" Found that one out the hard way when I purchased a friends' (wiped by me) old iPhone. They're probably an example of doing it wrong.
    • What, exactly, is wrong with them connecting your Pandora account to the UNIVERSALLY UNIQUE ID for YOUR phone?
      • by pclminion (145572)
        Because there is no one-to-one relationship between phones and users. As pointed out in the second freakin' sentence of the post you replied to.
        • Listen here the parent obviously did not correctly follow the intentions of both the phone manufacturer as well as the assumption of the software designer. You are supposed to throw the phone into the closest trash receptical after 3-6 months of use and purchase a new $500 phone. By ensuring that your phone is securely in a landfill you can then feel confident that you will be supported to the fullest extent by your software vendor as well as your hardware vendor. Of course both data security and software b
      • by h4rr4r (612664)

        Because that is a unique ID per Phone not per User. Pandora accounts are unique to users, not phones.

        Please tell me you are not involved in any sort of development.

    • by ArcCoyote (634356) on Tuesday April 05, 2011 @01:44AM (#35717230)

      Yep, and that's how I found iPhones that are returned as defective to the Apple Store make it back to the public.

      I exchanged a 3GS that was spontaneously rebooting and syncing slowly or not at all, even after a DFU Restore (which is why I honestly believe jailbreaking can damage your flash, especially after I had it happen to TWO jailbroken 3GS's... but that's another story.)

      Anyway, I had Pandora on it. I didn't reinstall Pandora right away on my replacement phone, but when I finally did (months later) and logged into my Pandora account, my stations had been replaced with a bunch of stuff I would never listen to. So explain to me how that happened, other than someone using the phone that was supposedly returned to Apple?

      • by Tim C (15259)

        I'd imagine the phone was refurbished and either sold again as such (hardly an uncommon practice) or passed off as new (again hardly uncommon, but definitely naughty). Neither of these things preclude it being returned to Apple and the refurbishment performed by them.

      • by tlhIngan (30335)

        Anyway, I had Pandora on it. I didn't reinstall Pandora right away on my replacement phone, but when I finally did (months later) and logged into my Pandora account, my stations had been replaced with a bunch of stuff I would never listen to. So explain to me how that happened, other than someone using the phone that was supposedly returned to Apple?

        UUIDs are unique per phone hardware (I think they're derived from an internal serial number embedded either in flash, the CPU, or a mixture of all sorts of entr

  • by Maltheus (248271) on Monday April 04, 2011 @07:02PM (#35715050)

    I uninstalled Pandora from my phone the second they wanted permissions to access my calendar. I don't care so much that they know who my contacts are, but the details of my personal appointments are much more sensitive. Still, I knew the price and was free not to pay it. It's not like Android doesn't warn you when the permissions change.

    • by Culture20 (968837)
      I have no idea what it has access to on my iPhone.
      • by node 3 (115640)

        You don't, but Apple does. I'm sure it's their policy to reject an app that accesses a user's contact list or calendar (for example) which doesn't reasonably make use of.

        Personally, I'd rather have a procedure like happens when an app requests access to the location data, but this is yet another situation where Apple's "walled garden" provides value to the average user.

        • by Thing 1 (178996)

          Personally, I'd rather have a procedure like happens when an app requests access to the location data, but this is yet another situation where Apple's "walled garden" provides value to the average user.

          I disagree, and I live in that walled garden. I would much prefer each app ask me for the permissions it needs, every single one of them, before it has access to my data.

          • by node 3 (115640)

            Personally, I'd rather have a procedure like happens when an app requests access to the location data, but this is yet another situation where Apple's "walled garden" provides value to the average user.

            I disagree, and I live in that walled garden. I would much prefer each app ask me for the permissions it needs, every single one of them, before it has access to my data.

            If you were to re-read what I wrote, I think you'd find you don't disagree with me.

            • by Thing 1 (178996)
              I'm mostly agreeing with you; the disagreement was with the extension of the thought (and not what you wrote directly), that being "what Apple provides is sufficient." So when I said I disagree, I actually disagreed with that, not with what you wrote. Seriously, thanks for bringing that to my attention. What I really meant, was that I would prefer more granularity than Apple currently provides in terms of giving applications access to my data.
              • by node 3 (115640)

                Well, now I'm more confused. I don't know if you're still disagreeing with me or not. I did state I wanted more detailed security options, like what you said you wanted. I'm pretty sure I didn't imply I was alone in this.

                We may just have to agree to agree on this...?

                • by Thing 1 (178996)
                  Yeah I was a bit confused when I wrote it. :) I agree, that we're just going to have to agree to agree. :)
    • by Coren22 (1625475)

      http://blog.pandora.com/faq/contents/1643.html [pandora.com]

      The reasons they give are actually pretty good. IF you want to send your stations to a friend, it needs email and contacts. IF you want to add a concert, etc to your calendar, it needs calendar access. It uses GPS to give better targeted advertising (Metallica at the MCI center on )

  • by Anonymous Coward

    And didn't uninstall it, especially when I realized I could get free, high quality music I actually enjoyed..
    Anywhere. Music statistically optimized by my taste by doing little more than suggesting a few bands, then saying "Sucks, skip it" or "This rocks" a few times.
    In the car? Internet>3G>Iphone>bluetooth>aftermarket bluetooth car deck.
    No wires. Touch the screen of my phone and stuff it back in my pocket and forget it while driving. Got a phone call? Music pauses, in-car stero becomes speakerp

    • by Tim C (15259)

      And didn't uninstall it, especially when I realized I could get free, high quality music I actually enjoyed..
      Anywhere.

      Anywhere in the US. That's great for you, but sucks for the rest of us.

  • If you value privacy, YOUR privacy, avoid dictionary.com app at all costs. First, their website was riddled with over 200 pieces of cookies and tracking info (read a piece either here http://online.wsj.com/public/page/what-they-know-digital-privacy.html [wsj.com] or somewhere else, can't recall).

    Second, their app for the blackberry wants access to ALL of your information, including calendar, contacts, files, email, SMS, etc... If you deny any of those permissions, the app won't work.

    Moreover, I sent 2 emails to

"And do you think (fop that I am) that I could be the Scarlet Pumpernickel?" -- Looney Tunes, The Scarlet Pumpernickel (1950, Chuck Jones)

Working...