Are there any other examples of these privacy violations that aren't common knowledge?
Here you go :)
this post was submitted on 20 Oct 2025
402 points (99.3% liked)
Privacy
42800 readers
1388 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 6 years ago
MODERATORS
Tons of websites record your mouse, keyboard, and scroll activity, and can play back exactly what you saw on your browser window from its backend dashboard as a video. This is called session replay. There are pre-made libraries for this you can import so it's super common, I believe Mouseflow is one of the biggest providers.
When a mobile app, Windows app, or even website crashes nowadays, it automatically sends the crash dump to the app developer/OS vendor (the OS often does this whether the app requests it or not because the OS developer themselves are interested in what apps crash and in what ways). We're talking full memory dump, so whatever private data was in the app's memory when it crashed gets uploaded to a server somewhere without your consent, and almost certainly kept forever. God help you if the OS itself crashes because your entire computer's state is getting reported to the devs.
Your phone's gyroscope can record what you say by sensing vibrations in the air. It may or may not be something humans will recognize as speech if played back because the frequency range is too limited, but it's been shown that there's enough information for a speech recognition AI to decode. Good chance the accelerometer and other sensors can be used in the same way, and using them together will increase the fidelity making it easier to decode. Oh did I mention no device has ever implemented permission controls for sensors so any app or even website can access them without your consent or knowledge?
Correction: GrapheneOS has implemented permission controls for sensors. It also has sandboxing and permission scopes to prevent many of those leaks.
However, Graphene is not available to everyone, and it's still problematic due to bystanders/passerby.
nah only the minidump is reported back which only contains the memory the crashing stack is using. Sending the full dump would requires uploading gigabytes of data which would cripple any home internet as they mostly have very limited upstream bandwidth.
load more comments
(4 replies)
load more comments
(4 replies)
https://www.technologyreview.com/2024/02/27/1088154/wifi-sensing-tracking-movements/
WiFi-based human motion detection through barriers
Most modern cars are SIM-enabled and are constantly sending data back to the mothership. But even those that aren't will still collect data locally and that data will be collected when you send the car to an "official/licenced/authorized" repair shop.
I hate this.
I'm still driving a '99 vehicle and the most advanced thing about it are the power windows. I dread upgrading to a vehicle that can break in so many new ways. I hate that everything has touch screens and the software on many is awful and if it breaks, surprise, you have no music in your car now.
Those still have an ECU that stores most of the same data. It knows you speed, it knows how hard you brake, etc. anything with an OBD will store data. And that’s carssince the 70s
load more comments
(4 replies)
Earlier this year during the CCC security conference it was revealed that the tracking info of 800k Volkswagen cars was publicly accessible...
The talk is available in English as well I believe: https://media.ccc.de/v/38c3-wir-wissen-wo-dein-auto-steht-volksdaten-von-volkswagen
load more comments
(4 replies)
Well just recently learned that some printers exfiltrate data from air gapped networks through ink cartridges.
Photos taken by digital cameras are also trackable in a similar way as prints taken from a printer. I recall reading they were trying to identify the device after a Harry Potter book was leaked by someone taking digital photographs.
Was it just EXIF information or was it something embedded in the pixels? If it's just EXIF that's something you can scrub from the file easily.
The Harry Potter thing was EXIF https://www.eff.org/deeplinks/2007/07/harry-potter-and-digital-fingerprints
But pictures can also be traced back to a camera based on irregularities in the camera sensor https://www.scientificamerican.com/article/tracing-photos-back-to-the-camera-that-snapped-them/
Unlike with the printers, there is probably no database of the CMOS sensor irregularities of all cameras ever made. But if you upload pictures under your government name and the take pictures with the same camera and share them anonymously, this could be traced back to you in theory.
load more comments
(2 replies)
Cameras generally have barely noticeable, but uniquely identifiable, defects that will consistently affect pictures. So if you post a photo on your personal Social Media, and then you post a photo from the same camera on Hexbear, those two things could be connected. Just because it can happen doesn't mean it's practical, though.
I have no idea if this is what's been used with the Harry Potter thing.
To be clear, this is not about EXIF data (which is its own problem).
Digital cameras can be fingerprinted from the images they produce, due to variations between pixels in any given sensor. If you're concerned about an image being traced back to your camera, you might consider some post-processing before distributing it.
Exif data. It can be removed with various apps but its in photos by default on most devices
load more comments
(3 replies)
load more comments
(5 replies)
Maybe this. Most smartphones have a modem inside, this modem has a separate closed-sourced operating system and it usually has the main priority in controlling the smartphone relative to the processor running the main operating system, such as Android. Sometimes the modem has access to the microphone or memory, even bypassing the CPU. Although maybe everyone already knows that.
load more comments
(19 replies)
Social graph connections can be automatically inferred from location data. This has been done by governments (example) for a long time and is also done by private companies (sorry I can't find a link at the moment).
For audio recordings, there is usually a trace of electric hum in the background that has enough randomness to yield info on when (and sometimes where) the recording took place.
It's not as much of a privacy violation as a privacy vulnerability, but it's still relevant.
The worst thing about that printer tracking is that we only learned about it around 20 years after they started implementing it. It's been another 20 years, imagine what they're doing now.
That ATM cash tracking thing comes to mind
What is it?
It's like a machine that behaves as a bank teller, kind of automatically.
You're kidding, Shirley.
Don't call me surely.
Banks can track each banknotes serial number when you receive them from the ATM and when they are returned from the store you spent them at. This data could then be used to create a complete profile of your spending habits.
Doesn't work very well if you buy something directly from someone. Or if your cash is given out as change. Seems like it would make a wildly inaccurate profile.
Lots of stores also gives bills back out, the system makes zero sense, it can’t track anything at all. Like maybe 5% of bills are used once and then returned to the bank.
load more comments
(5 replies)
load more comments
(20 replies)
A lot of stores track your movement through the store with the WiFi or bluetooth your phone sends out, unless you have that turned off. Since it's "anonymous" not even stuff like the GDPR requires to notify anyone of this.
This can also be done via the security cameras mounted in the ceiling.
load more comments
(8 replies)
Isn't it common knowledge? I've known about it for at least two decades...
BTW - you can easily work around it. Get someone else to buy your printer for you, or trade with someone who has the same printer... Now, they will still be able to match it to the printer, if they find it at your home, but other that that, you are free...
PS. Don't use your printer to blackmail FBI or CIA. ;-)
Pro tip: If you use a pen and paper to blackmail the FBI and CIA, they can’t trace it back to you using invisible yellow dots.
They'll still identify you by your wax seals. /s
load more comments
(12 replies)
No... But i've thought about how easy it would be to implement in ebooks and pdfs (e.g. my daily newspaper i can download as pdf). I've thought about this when sailing the high seas.
Is it a thing?
load more comments
(5 replies)
view more: next ›