I run a simple, free and privacy-friendly wishlist service[0] with zero ads and tracking that's been around for a couple of years now, and I don't even keep your e-mail address in plaintext[1]. It's been exciting to see the user count go from ~500 to ~2500 the last year. Any feedback and feature requests are much appreciated :)
I have a 16gb USB flash drive encrypted with LUKS[0]. In there are various lists that I don't want anyone to find, however mundane they actually are. Things like shopping lists and 'to buy' lists for Amazon etc. Always presume 'private' stuff you have in the cloud will be leaked via various means (Rogue employee, data breach, sloppy programming etc)
This is not the first time large companies with built in wishlists have ignored or abused their users. There were times when a retailer would direct your loved ones no to your list but to an “Idea” list in a tab right next to it when they went to your link. Most often they just index your list on Google and it becomes a top result when someone searches your name (great SEO for them, bad for you). Or suggest gift cards to stores that are 30% overpriced to your loved ones right at the top of your list, when you never wished for one. I built DreamList by hand over the past few years to prevent these and other abuses with family’s wishes and money and now it’s growing. I would love to get your feedback as well.
On the internet, you are a consumer or you're the product. You're paying for something, or you yourself are being sold. Dreamlist isn't "completely private." Read their privacy policy.
> "We may share information about you in anonymous and/or aggregated form with third parties for industry analysis, demographic profiling, research, analysis and other similar purposes."
If you think that savvy companies can't use other databases to aggregate user profiles and deanonymize data... well, you're the perfect user for Dreamlist!
EDIT: Or, as I found out by clicking on the parent's user handle, you actually founded Dreamlist. I might humbly suggest at this point, Diana, that you're open and forthright about the fact you sell data to other companies. Even if you're completely dutiful in anonymizing data, you have no control over what is done with the data once you sell it.
---
For what it's worth, I'm much more worried about the privacy implications of Dreamlist than Alexa. With Alexa, I know I'm giving access to my logged-in Amazon profile/account to anyone with access to my device. With Dreamlist, no one knows who my data is being sold to.
My soon-to-be 8 year old son was devastated and ran into his room crying when he asked Alexa what the notification was and she described his hoverboard present just delivered to the front porch. Could we have anticipated that? Maybe. The surprise was the ruining of the surprise instead of the surprise itself.
That actually made me chuckle. That's definitely not a scenario one would have thought of in advance. I wonder if the "Item is a gift" checkbox would have any bearing on how Alexa describes a delivery? Hey Alexa, hint hint...
It worries me how ubiqutous the idea of letting your single digit age children talk to a "voice assistant" that analyses and stores their words has become. It also concerns me that people describe this thing as a "she", humanising it.
Just curious, maybe I'm not understanding this well, but why was your son crying? Was a hoverboard not what he expected?
I'm thinking back to when I was a child -- I wouldn't normally cry if a surprise was ruined. The ruining of a surprise would not have been a big deal. But I might have cried if I hadn't gotten what I'd hoped for.
This type of thing has also happened to me with Google Maps and Android Auto. I used Google Maps to locate a store to get a gift for my wife. Later, we used the car. When I plugged in my phone, Google Maps displayed the store as a recommended destination on the center console screen. This ruined the surprise.
Now, Google Maps has an Incognito mode, but now I know I must use it when buying surprise presents.
The problem is this interaction is impossible to anticipate, and makes me not want my preferences on communal devices at all.
I keep a list of stuff I need to buy in my usual notes or todo app. This means it's website-agnostic (not limited to Amazon), private, and the shop doesn't know what I want until I actually commit to buying it (so they can't raise prices or do targeted advertising by knowing that I'm interested in a given item). As a bonus, it protects me from these kinds of surprises.
I don't get the point of using a proprietary, crappy (in this case) implementation that gives an adversary an edge when a simple text file would do?
I'd guess that for many, the point is that it's not simply a list of things they want or need to buy for themselves, but a list they can send to others. In this case, though, a todo-list might have been a better choice, although I myself also keep ideas for others in the wishlist service I use.
This is a technology site, the way these voice assistant works has been posted numerous times and is common knowledge at this point. They've been ripped apart by multiple security pros. Yet every thread we get unjustified replies like this. It is tiresome and frustrating.
But I'll post it once again:
- Wake phase detection is all handled locally (i.e. on device).
- It loops a continuous recording over itself. If no phase is detected within a few seconds the recording is permanently lost.
- We can see from data monitoring it isn't continuously transmitting (and that's also what the companies behind it claim).
- "It could be modified" is a red herring. You are already carrying ON YOUR PERSON an always connected microphone with not one by two layers of operating system on it (baseband + consumer OS).
It should not be popular to post "photographs can steal your soul"-levels of tech-spiracy on a site like this, but yet here we are again.
I can think of a brilliant use case, but it's the only one I can think of offhand.
For the disabled, particularly blind people, it would be great to have interactive voice stuff if that whole ecosystem were really fleshed out. Some of this exists but a world of audio books, online banking, interaction with social media, all with interfaces optimized for voice use/audio listening would be great.
Interacting with a screen by having some software read it to you just seems incredibly clumsy.
Personally, I think the hands-off case for automotive use is dangerous. Talking on the phone or listening to email while driving is sketchy even though you're still gripping the steering wheel. AM/FM radio interfaces were perfected 75 years ago.
> jEfF BeZoS Is aLwAyS LiStEnInG To yOu!!1!!!!111!
> As long as he gives me cheap same-day delivery, IDGAF.
It's disappointing that even when people know about the widespread harsh treatment of workers, as long as they get their cheap same day delivery, they don't care.
I don't know if I'm really the only one who shares an Amazon account with his significant other? My partner doesn't need Alexa to be notified what's on my wishlist ... she can just look it up. So blaming Alexa to spoil the secret is a bit ... hyperbole?
It seems very logical that a list marked private shouldn't send any notifications to Alexa, a device that isn't private by design. It either announces or displays things to anyone near it.
At the very least, the default should be "no notifications", and you could turn them on for the list if desired.
> jEfF BeZoS Is aLwAyS LiStEnInG To yOu!!1!!!!111!
> As long as he gives me cheap same-day delivery, IDGAF.
for lower and lower quality of items, with less of a real selection (go look at electric kettles - there's 50 different brands - with weird names - but the kettles all almost look identical). Also the while prices creep up as any competition gets annihilated.
This hits the nail on the head. I agree ebay and Amazon are also sometimes the only option for finding obscure stuff, but most of the world now buys most of the mundane stuff from them, and then we act surprised when they become international empires, richer than countries, and more powerful than most of them, and only getting bigger and bigger. Society is simply not equipped to deal with the cascading effects of consumerism and 'free' market, be it privacy, data mining, social security, or the environment.
[+] [-] danielskogly|4 years ago|reply
[0] https://wishy.gift/
[1] https://news.ycombinator.com/item?id=24965671
[+] [-] vmoore|4 years ago|reply
[0] https://en.wikipedia.org/wiki/Linux_Unified_Key_Setup
[+] [-] djhworld|4 years ago|reply
I'd feel the same sense of annoyance if something like that happened to me.
[+] [-] dzink|4 years ago|reply
This is not the first time large companies with built in wishlists have ignored or abused their users. There were times when a retailer would direct your loved ones no to your list but to an “Idea” list in a tab right next to it when they went to your link. Most often they just index your list on Google and it becomes a top result when someone searches your name (great SEO for them, bad for you). Or suggest gift cards to stores that are 30% overpriced to your loved ones right at the top of your list, when you never wished for one. I built DreamList by hand over the past few years to prevent these and other abuses with family’s wishes and money and now it’s growing. I would love to get your feedback as well.
[+] [-] whoknew1122|4 years ago|reply
> "We may share information about you in anonymous and/or aggregated form with third parties for industry analysis, demographic profiling, research, analysis and other similar purposes."
If you think that savvy companies can't use other databases to aggregate user profiles and deanonymize data... well, you're the perfect user for Dreamlist!
EDIT: Or, as I found out by clicking on the parent's user handle, you actually founded Dreamlist. I might humbly suggest at this point, Diana, that you're open and forthright about the fact you sell data to other companies. Even if you're completely dutiful in anonymizing data, you have no control over what is done with the data once you sell it.
---
For what it's worth, I'm much more worried about the privacy implications of Dreamlist than Alexa. With Alexa, I know I'm giving access to my logged-in Amazon profile/account to anyone with access to my device. With Dreamlist, no one knows who my data is being sold to.
[+] [-] contravariant|4 years ago|reply
[+] [-] booleandilemma|4 years ago|reply
If you need a wishlist (in the Amazon sense) and you’re worried about privacy, write down the stuff you wanna buy in a notebook.
[+] [-] robmiller|4 years ago|reply
[+] [-] dylan604|4 years ago|reply
[+] [-] Handytinge|4 years ago|reply
[+] [-] wenc|4 years ago|reply
I'm thinking back to when I was a child -- I wouldn't normally cry if a surprise was ruined. The ruining of a surprise would not have been a big deal. But I might have cried if I hadn't gotten what I'd hoped for.
[+] [-] unknown|4 years ago|reply
[deleted]
[+] [-] oautholaf|4 years ago|reply
Now, Google Maps has an Incognito mode, but now I know I must use it when buying surprise presents.
The problem is this interaction is impossible to anticipate, and makes me not want my preferences on communal devices at all.
[+] [-] Nextgrid|4 years ago|reply
I don't get the point of using a proprietary, crappy (in this case) implementation that gives an adversary an edge when a simple text file would do?
[+] [-] danielskogly|4 years ago|reply
[+] [-] danbrooks|4 years ago|reply
I imagine few users have both types of wishlists and want different deal notifications.
[+] [-] bcopa|4 years ago|reply
We just opened our Beta a week ago
If people are looking for an alternative, we'd love to hear your feedback
P.S: we have a private list feature ...
[+] [-] jcims|4 years ago|reply
https://imgur.com/dLRlBRb
[+] [-] Someone1234|4 years ago|reply
[+] [-] swiley|4 years ago|reply
[+] [-] Someone1234|4 years ago|reply
This is a technology site, the way these voice assistant works has been posted numerous times and is common knowledge at this point. They've been ripped apart by multiple security pros. Yet every thread we get unjustified replies like this. It is tiresome and frustrating.
But I'll post it once again:
- Wake phase detection is all handled locally (i.e. on device).
- It loops a continuous recording over itself. If no phase is detected within a few seconds the recording is permanently lost.
- We can see from data monitoring it isn't continuously transmitting (and that's also what the companies behind it claim).
- "It could be modified" is a red herring. You are already carrying ON YOUR PERSON an always connected microphone with not one by two layers of operating system on it (baseband + consumer OS).
It should not be popular to post "photographs can steal your soul"-levels of tech-spiracy on a site like this, but yet here we are again.
[+] [-] aquir|4 years ago|reply
[+] [-] unknown|4 years ago|reply
[deleted]
[+] [-] autoliteInline|4 years ago|reply
For the disabled, particularly blind people, it would be great to have interactive voice stuff if that whole ecosystem were really fleshed out. Some of this exists but a world of audio books, online banking, interaction with social media, all with interfaces optimized for voice use/audio listening would be great.
Interacting with a screen by having some software read it to you just seems incredibly clumsy.
Personally, I think the hands-off case for automotive use is dangerous. Talking on the phone or listening to email while driving is sketchy even though you're still gripping the steering wheel. AM/FM radio interfaces were perfected 75 years ago.
[+] [-] cube00|4 years ago|reply
> As long as he gives me cheap same-day delivery, IDGAF.
It's disappointing that even when people know about the widespread harsh treatment of workers, as long as they get their cheap same day delivery, they don't care.
[+] [-] edent|4 years ago|reply
[+] [-] codegladiator|4 years ago|reply
[+] [-] Razengan|4 years ago|reply
[+] [-] black_13|4 years ago|reply
[+] [-] tinyhouse|4 years ago|reply
[+] [-] jsudi|4 years ago|reply
This title is inflammatory.
[+] [-] scotth|4 years ago|reply
[+] [-] mstolpm|4 years ago|reply
[+] [-] jffry|4 years ago|reply
If his wife logs in and opens up a private wishlist labeled "Liz Presents", she is choosing to spoil something for herself.
If the Alexa says you have a notification (with no more detail) and then immediately spills the beans, his wife did not choose to be spoiled.
So yes, it's very much not hyperbole to blame Alexa for spoiling this secret.
[+] [-] tyingq|4 years ago|reply
At the very least, the default should be "no notifications", and you could turn them on for the list if desired.
[+] [-] weird-eye-issue|4 years ago|reply
[+] [-] unknown|4 years ago|reply
[deleted]
[+] [-] fnord77|4 years ago|reply
> As long as he gives me cheap same-day delivery, IDGAF.
for lower and lower quality of items, with less of a real selection (go look at electric kettles - there's 50 different brands - with weird names - but the kettles all almost look identical). Also the while prices creep up as any competition gets annihilated.
The high cost of cheap shipping
[+] [-] Santosh83|4 years ago|reply
[+] [-] dpweb|4 years ago|reply
So the $29 kettle is $21. I've never bought a "used" item from Amazon that was unsatisfactory cause it was "used".
[+] [-] edoceo|4 years ago|reply