Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
XCabbage 10 hours ago

Why? I don't understand the objection to this. If the app was sending off any data to Notion without consent, that would obviously be a privacy issue, but why is it a problem for a desktop app to simply check if your mic is being used and offer to record?

const_cast 10 hours ago | parent | next [-]

The application is almost certainly sending off data to Notion without consent, you just wouldn't be able to tell.

If a company is willing to do even small privacy violations, I do not trust them at all. Feel free to run OpenSnitch or LittleSnitch - most apps are opening connections to many domains you won't recognize. Your guess is as good as anyone's what data they're exfiltrating. That is, of course, unless you use more privacy-preserving apps that are typically opensource.

viraptor 9 hours ago | parent | next [-]

That's just entirely based on the "almost certainly" doing all the work. You're complaining about a hypothetical situation.

> you just wouldn't be able to tell.

You can setup a local web proxy and tell us. Also check the sources since it's an electron app.

const_cast 9 hours ago | parent [-]

I don't use notion, but it would be a fun experiment to install a root CA and see the traffic.

It's probably not always this easy. I see many connections on apps using UDP, so who knows how, exactly, they are encoded.

The data may also be "encrypted", similar to how Zoom "encrypted" data. That is to say, the data is encrypted, but the private key is on the same server. So, if you MITM, it looks encrypted - but there's no security.

brookst 9 hours ago | parent | prev [-]

Any evidence for “almost certainly”? That seems a huge leap of faith to build a whole worldview on. Kind of circular, really.

const_cast 9 hours ago | parent [-]

Yes, virtually every commercial application I've ever seen allows exfiltration of data, usually close to all of it, and you agree to it by signing both an EULA and privacy policy.

Based off of that, I then assume that other companies are exfiltrating as much data as possible off my devices.

I mean, even your car, which, keep in mind, is a multi-tens-of-thousands dollar product, exfiltrates your location, all your texts, all your phone calls, and as much data from your phone as possible.

Yes, this is a "leap of faith". I am not bound by a purely evidence-based worldview - I consider that naivety. I do not need strong irrefutable evidence of bad things happening. When people are untrustworthy, I approach them with skepticism in order to protect myself.

For example, I have absolutely no proof that the NSA is surveilling SMS and telephony right now. None at all. But I know Prism was a thing. It is safe to assume the NSA is absolutely surveilling SMS and telephony.

And, I'm almost always right, in my experience.

jraph 8 hours ago | parent | prev [-]

This could be a good feature in open source software packaged by Debian and whose build is reproducible.

People being angry here shows how they distrust software they use and distrusting always online software causes fear and stress.

The best these people can do is relying on free software distributed in a sane way because that's what can help trust software, and, in a professional setting, to push their companies or their providers towards free software as well, and demand guarantees that their privacy is respected.

These matters are not theoretical and this discussion is a witness of this.

If Notion wants to be trusted, they should go open source. I see Notion people are here. Do it! Stop doing closed source software! That doesn't bring anything worth and see what badness it brings. Your value is elsewhere. It's in you expertise, your vision and how well you do things.

I work for an open source competitor (or at least in the neighborhood) and that works out well for us and has been for 20 years.

The day you open source your desktop client, you'll be able to show us the code and show that you indeed don't send audio records or related logs to your headquarters. We won't have to reverse engineer, sandbox just to be sure, and hope for the best.

Knowledge management software shouldn't hide knowledge.