Archive for July 3, 2018

Tuesday, July 3, 2018

The App Developers Sifting Through Your Gmail

Juli Clover (Hacker News):

Some third-party email providers that work with services like Gmail are letting their employees read customer emails to create new and optimized software tools, according to an article warning about third-party email apps and services published today by The Wall Street Journal.


Google no longer scans the inboxes of Gmail users itself as of last year for privacy reasons, but it continues to allow third-party software developers to do so. Other email services, like Yahoo and Microsoft, are similarly impacted, providing access with user consent.

Return Path, Edison, and other developers of apps that work with Gmail and similar email services don’t appear to have misused customer information, but many customers are likely to be concerned about the fact that employees at some email companies are reading their emails. Many customers are also likely unaware they’re consenting to such practices when signing up for a third-party email app.


Customers concerned with how their emails are handled by third-party apps should stick with first-party apps such as Gmail or Inbox by Gmail for Gmail users and/or take a close look at the app’s privacy policies and ask further questions about data usage.

Previously: Google Will Stop Reading Your E-mails for Gmail Ads.

Update (2018-07-05): Matt Birchler:

This is what Google displays when you ask to use another app (Microsoft Outlook in this case) to sign into your Google account. Google tells you as the first line item that Microsoft will be able to see your email.

Debugging With C-Reduce

Mike Ash (Hacker News):

Debugging a complex problem is tough, and it can be especially difficult when it’s not obvious which chunk of code is responsible. It’s common to attempt to produce a reduced test case in order to narrow it down. It’s tedious to do this manually, but it’s also the sort of thing computers are really good at. C-Reduce is a program which automatically takes programs and pares them down to produce a reduced test case.


When you use C-Reduce, you provide not only a program to reduce but also a small script which tests whether a reduced program is “interesting.” Exactly what “interesting” means is up to you. If you’re trying to isolate a bug, then “interesting” would mean that the bug still occurs in the program. You can define it to mean whatever you want, as long as you can script it. Whatever test you provide, C-Reduce will try to provide a reduced version of the program that still passes the test.


Blind reduction of a test case is not a very sophisticated debugging technique, but the ability to automate it can make it extremely useful. C-Reduce can be a fantastic addition to your debugging toolbox.

A Brief History of Unreal Mode

Michal Necasek (via Joe Groff):

For the purposes of this discussion, unreal mode is a variant of the x86 real mode with non-standard segment limits and/or attributes, different from the processor state at reset. To recap, real mode on the 286 and later CPUs has much more in common with protected mode than with the real (and only) mode of the 8086. Notably, undefined opcodes raise exceptions, segment limit overruns cause general protection or stack faults, and (on the 386 and later) 32-bit registers and 32-bit addressing can be used—subject to limit checks.


As a general-purpose programming technique it is unusable, because it absolutely cannot function in V86 mode. Transitions to V86 mode always force real-mode compatible segment limits and attributes. That means unreal mode cannot be used together with EMM386 or other DOS memory managers utilizing V86 mode. Unreal mode also cannot be used in the DOS boxes of 386 Enhanced Mode Windows 3.x, in the DOS boxes of OS/2 2.x, Windows NT, or Windows 9x. That is an extremely serious drawback.


On the other hand, when unreal mode can be used, it is very useful. HIMEM.SYS uses unreal mode to speed up extended memory access, and perhaps more importantly, preserve normal interrupt latency. Firmware can and does use unreal mode for accessing memory beyond 1 MB during initialization; it avoids switching between real and protected mode, and in firmware there is no danger of segment limits being reset.


Unreal mode is almost certainly an accident of history, a side effect of the fact that the initial 386 design had no architected way of switching from protected mode back to real mode. Once the technique started being used, instead of clearly documenting how it works, Intel in its typical fashion documented only certain aspects of it, such that only programmers who already know about unreal mode find traces of it in the official documentation.

Facebook Confirms That It Tracks Mouse Movements

Shweta Ganjoo (via Hacker News):

The social media giant in a 225-page document responding to a set of 2,000 questions by the US Senate Committee on Judiciary admitted that it collects information from and about computers, phones, and connected devices, including mouse, that users use with its various services and that it combines this information to give users a personalised content.

Facebook said that it tracks mouse movements to help its algorithm distinguish between humans and bots. Tracking mouse movements also helps the social media giant, which has been under fire for its data privacy practices, to also determine if the window is foregrounded or backgrounded.


I have always assumed that Facebook uses heat maps to track what is under your pointer. Doesn’t every serious site do that to gauge user behavior, interest and interface utilization? I guess the difference is FB is putting it in an available data set along with everything else about consumers’ individual lives.

More interesting is “a patent held by the company states that the Facebook app uses voice recognition algorithm, which uses audio recorded by the microphones, to modify the ranking scores of stories in users News Feed.” and their speculation that Facebook could soon reveal details about their use of surreptitiously recorded user audio.

Facebook makes a curiously specific denial about audio, which is that it is not used for advertising. Considering their entire business is basically advertising, what does that leave? But all they mean is ad selection. When they were found to be recording audio during the posting of statuses, I believe they claimed it it was so they could recognize the music you were listening to, and know something about your mood. So for a long time, I have thought that they use audio to select other content, like friend suggestions, or to inform the selection of stories that appear on your newsfeed.