
Why Does My Remote Control Need to Know My Location? - edent
https://shkspr.mobi/blog/2019/02/why-does-my-remote-control-need-to-know-my-location/
======
derriz
At least they acknowledged it, responded to the feedback and fixed it.

Unfortunately I have a Sonos system which became effectively bricked unless I
signed a new user agreement allowing the collection of data. There are no
physical controls on Sonos so the system becomes useless without accepting.

They used to sell dedicated controllers/remotes years ago but these were also
bricked as part of an upgrade about a year or two ago. Unhappy owners were
offered a voucher (worth less than the value of a single controller - many
users owned multiple in order to fully support multi-room - see
[https://en.community.sonos.com/controllers-
software-228995/s...](https://en.community.sonos.com/controllers-
software-228995/save-the-cr100-6800510)) for their next Sonos purchase rather
than allow them to continue to use the hardware they had purchased and used
happily for years.

All concerns, requests to be allowed to downgrade, etc. are met on the
official forums with a passive-aggressive dismissal of users' concerns by
staff backed up by a few cultist fanatics.

I've tried to avoid any further updates (and deny Sonos access to my listening
habits) by having it run on a disconnected network but if anyone accidentally
updates the app on the old ipad we use as a controller, your forced to update
everything. I just wish I had the same system which I originally bought which
I use exclusively to play my ripped CDs from a NAS.

~~~
hedora
Does anyone know of a good (from a privacy and usability perspective)
alternative to Sonos?

I plan to buy 5-6 of them sometime later this year, and for what that costs,
they have no excuse to data-harvest me.

~~~
wiml
Quite a few people run systems with a Raspberry Pi, a high-quality I2S
DAC+amp, and a set of (normal, non-internet-connected, firmware-free)
speakers. There's a tiny industry of producing hardware and software for this
situation.

"Usability" means very different things to different people (after all, the
reason Sonos asks for location access is to improve usability), but maybe look
at [https://volumio.org/](https://volumio.org/),
[http://www.runeaudio.com/](http://www.runeaudio.com/),
[http://moodeaudio.org/](http://moodeaudio.org/).

Or just install MPD and Pianobar for that old school experience.

------
conesus
I designed and built a wooden remote control[1] so I know a bit about why this
is.

My iOS app asks the user for location permissions because without it the
remote control app won't know when to attempt to connect when you walk in the
door with your iPhone but your remote is sitting at home, waiting for you to
hit it to turn on your lights or play music on your Sonos. If you hit the
button and nothing happens, that's a horrible user experience!

I used to have location set to Always even though I don't store the location
(and I'm explicit about that, even going so far as to open source the entire
app ecosystem[2]) but then Apple pushed back and said that always having a
location was against their ToS for remotes. I then switched to a geofence,
which is still a location based permission but takes less battery life.

For Apple the tradeoff was not privacy but battery life. If I were to store
your geofence information on my servers (which, ick) that would be OK as long
as it was in teeny tiny text in my privacy policy. So while other remote
control products are happy to take that information and sell it I decided to
not double dip since you already pay once for the product. This is similar to
my news reader which also has competitors that sell users' data. The tradeoff
for me is that I earn a lot less than I theoretically could, but again, I
don't double dip. Benefits of indie technology vs. venture-backed technology.

[1] Turn Touch: [https://turntouch.com](https://turntouch.com)

[2] iOS source code: [https://github.com/samuelclay/turntouch-
ios](https://github.com/samuelclay/turntouch-ios)

~~~
lultimouomo
Hi!

You might be interested to know that the Turn Touch homepage starts playing
audio as soon as it is opened. This was enough for me to close it and never
come back, and I think this sentiment is reasonably widespread.

I'm genuinely curios about the reason some people decide to add audio (or
video for that matter, but audio is way worse) on autoplay. Do you enjoy when
web pages you visit do it? Did you see from some kind of metric that it
increases your sales?

~~~
conesus
Yikes! It's part of a hidden video that shouldn't play until you explicitly
open it. What's your browser/OS? I tested on Chrome, Safari, and FF on mac as
well as iOS.

I also just added a muted attribute to the `video` tag so it should no longer
do that even if I messed up the JS for some browser somewhere. I encourage you
to try it once again to confirm.

~~~
crankylinuxuser
Not only that, but the fake popup made me NOPE out of the site.

I'm not going to fight reading a bloody advert with an annoying "GIMMEE EMAIL"
advert. That pattern needs to die in a fire.

~~~
conesus
I kinda agree in that I also dislike it. But I just disabled the exit intent
pop up so you won’t see it again.

------
codetrotter
> Google, in its wisdom, has tied "Location" into things like BLE Scanning and
> WiFi scanning. The excuse is that you can use these things as a proxy for
> location. That is, if I know you are near access point X your location is
> probably near Y.

It’s not an “excuse”, it’s a fact. If you allow an app to scan SSIDs you _are_
allowing it to know your location. No amount of sarcasm on the part of OP is
going to change that.

~~~
jfnixon
Um, no, that's not correct. SSIDs aren't tied to geographic location. The
mothership might _infer_ location by looking at the list of SSIDs and checking
it against a geotagged list compiled by a mapper, but that's a completely
different thing that saying if you let an app look for an SSID you are
allowing to it to know your location. You might as well say that by giving a
camera the ability to know the time, you are allowing it to know your
location, as someone could look at the sun's shadows or weather and infer
location.

~~~
imglorp
SSID's pretty much ARE tied to geo, and those that aren't tied are easy to
identify. The basic tech is known to both major players [1,2]. First you
crowdsource as much of the data collection as you can: various apps can
collect both SSID, BT, etc. sightings and report them with GPS. So you have a
giant DB of locations vs network IDs. Then you tag any network ID which
appears at differing locations: it's somehow mobile for whatever reason. The
untagged ones are not mobile and probably dependable indications of location
to within a few dozen meters. If they do move, they get tagged at your next
sweep.

1\. [https://www.theverge.com/2011/05/12/google-android-
skyhook-l...](https://www.theverge.com/2011/05/12/google-android-skyhook-
lawsuit-motorola-samsung)

2\. [https://xconomy.com/boston/2010/08/04/skyhook-wireless-
digs-...](https://xconomy.com/boston/2010/08/04/skyhook-wireless-digs-in-
touts-location-patents-after-apple-drops-technology-from-iphone/)

~~~
reaperducer
_SSID 's pretty much ARE tied to geo, and those that aren't tied are easy to
identify._

I bring an AirMac (Apple Airport Express) with me to hotels when I travel. I
guess this is why my Android phone gets so confused about where I am if it's
in airplane mode with wifi enabled.

------
tyingq
The coarse permissions and alarming text from the OS is a problem with both
Android and iOS. Often, an app wants something fairly innocous, but has to ask
for more, because it's grouped with other things in the same permission ask.
Then, the OS message shifts all the blame with scary messages about what the
app wants to do.

~~~
blihp
Two problems with this assumption per the article: 1) the app previously
worked fine without the location information 2) the app no longer works at all
without location information.

The only legitimate use case for location I can think of would be to pull down
cable/tv/radio channel/station listings. But this shouldn't be a requirement
since the user could easily manually enter in the ones they want. My guess is
that something like this might be used as the pretext for requiring location.
However, if the app continues to _require_ location to function longer term
(i.e. that this wasn't just an oversight which gets corrected in a future
update) then I would assume that the real use case is something that has
nothing to do with helping the user.

~~~
icebraining
The problem here is that they don't really want location, they just want a
list of the surrounding Wifi networks, it just happens that such information
is easily converted into a location, so Android requests that permission.

~~~
blihp
Android doesn't request the permission, the app does (via the app manifest)
While that is the stated reason, that really isn't a legitimate reason for a
remote control app to _require_ location as it might not even work in all
network scenarios. (i.e. the device in question may not be using a wifi
network the phone can see/use)

Keep in mind that many things including trivial flashlight apps have a history
of wanting location access. There's usually a pretext in the form of some
questionable/marginal feature that's used as a justification for the
permission. Often after some digging the real reason becomes apparent in the
form of data collection or an included ad serving library.

For example, I have a 'smart' thermostat which has an app that requests
location access. I deny it and it still works. There's at least one feature
they use to justify requesting it but I suspect that if there weren't other
uses (having nothing to do with benefiting me) for location data that the
feature requiring location data probably wouldn't even exist.

------
hyperman1
All these stories give me a though choice. Should I auto update apps on
android?

Clearly the answer is Yes because of security updates and bug fixes, and maybe
the occasional interesting feature. Besides, once in a while an android
developing HN poster will complain about all those pesky users that just don't
update, and I know their pain very well.

Clearly the answer is No because I have no idea if the app will continue to
work tomorrow after the next update? Will it start doing something sleazy,
causing a worse security problem than just being hacked? Will it break because
I happen to use an edge case which will be buggy.

I could manually update after a few days have passed, so I can make an
informed choice. But finding detailed info for 1 app is challenging, and there
are 40 or so on my phone. That's about a full time job, and my parents and
neighbors have smart phones too.

I mean, I love my radio. You push power, you get music. Easy. I' pretty sure
this will happen tomorrow, just like it did the last 20 years. It's not going
to decide one day to start walking around and sell a map of the house to ikea
or whatever. Now why can't I ask from my phone, being a personal organiser and
extension of my mind, to be as trustworthy as this?

For now, my personal compromise is to auto update firefox, manually update the
OS, and firewall the others and never ever update them when they work well
enough. I trust firefox and HME(OS, zombie Nokia) not to fuck up too bad and
fix things reasonably fast. I wish i could trust the ecosystems more and just
auto update everything, but today? Not gonna happen.

------
phakding
I think Google is the culprit here. Not just for wifi scanning, but also for
Bluetooth, Google demands location permissions.

In last 5 years or so, I have had a Garmin, a Fitbit and now a Garmin watch. I
never used to have to enable location with my first Garmin tracker untill I
upgraded Android os. After that point onward all my fitness trackers now ask
to enable location in order to connect to my phone.

~~~
shittyadmin
For good reason! There's many online services where you can put in a wifi MAC
and pretty much know within 100M where someone is.

Yeah, the message could be made clearer about what's actually being allowed,
but in the end I'm glad it's there. Maybe a generic system for when you
request a permission being able to provide an explanation string or something.
I know some apps made a pop-up before the prompt but I found that rather
verbose especially when it was incredibly obvious why they needed the
permission.

~~~
falcolas
> There's many online services where you can put in a wifi MAC and pretty much
> know within 100M where someone is.

Somewhat ironically because Google went and made that dataset, then publicized
it.

~~~
kllrnohj
Google is far from the only one to have that dataset. Apple has one, too, for
example, as does Skyhook. And Mozilla (
[https://location.services.mozilla.com/](https://location.services.mozilla.com/)
).

------
anu7df
Funny. Usually I have the exact opposite problem. Where the hell is the
remote?

~~~
johnwards
If you only enabled that location tracking you wouldn't be in this problem....
:D

------
thoughtexprmnt
I recall ditching a relatively high-end router a year or two ago after a
firmware update required me to accept that in order to use most of the
advanced features supported by the router, essentially all of my household's
web activity would be sent to a 3rd party data collection service. Thanks but
no thanks.

------
vodkaPong
Could Google enable this feature without harming user privacy?

What if they allowed you to name SSIDs such as 'Home' or 'Work', and then when
the app scanned for networks in your house it would only see 'Home'?

------
forrestthewoods
> Google, in its wisdom, has tied "Location" into things like BLE Scanning and
> WiFi scanning. The excuse is that you can use these things as a proxy for
> location. That is, if I know you are near access point X your location is
> probably near Y.

There’s a reason Apple Maps says “enable WiFi to improve location accuracy”.

I’m incredibly annoyed that phones don’t report themselves with randomized Mac
addresses. WiFi tracking is pervasive.

~~~
kllrnohj
> I’m incredibly annoyed that phones don’t report themselves with randomized
> Mac addresses. WiFi tracking is pervasive.

You've got it backwards. The phone isn't being tracked, the phone is the one
doing the tracking. The phone is looking at all the wifi APs it can see and
then looking those up in a database.

Nobody sees the phone's MAC address. It isn't broadcasting anything at all.

~~~
forrestthewoods
Phone probes contain their MAC address. Although the internet tells me iOS 8
did add randomization.

------
mosselman
Fitbit does this as well: if you want to sync your 'steps' to the app (on
android at least) you have to enable location services... wtf?

~~~
VLM
four or five sig figs of internal pedometer step counts is rubbed up against
four or so sig figs of phone-gathered GPS distance data after formal
activities in the fitbit app to fine tune your stride length. In my case my
stride length is about 75.821 cm per step. Then it can use that calculated
stride length to estimate distances when not doing official activities. As if
my hiking boots are identical to five sig figs to my urban walking shoes or my
sandals, LOL. Well, in theory, at least, its a good idea.

Fitbit UI, weirdly, explains what its doing but refuses to provide the actual
numeric result.

To some extent its overkill... from my experience orienteering as a civilian
and in the military, your average stride length might vary up to 5% based on
conditions. You can't use dead reckoning alone to do land nav on foot for long
distances, you need a map (or GPS). Which I guess is kinda the point of the
fitbit needing GPS access. Doing theoretical calculations to 4 sig figs means
at least on average its not too far off, and frankly most athletes use the
same boring path every day with the same shoes etc so averaged track data is
going to be more accurate than a wilderness land nav course anyway.

I have not decompiled the fitbit code or done anything illegal but IF I were
to implement this I'd include GPS/map based ground slope data as a correction
factor because I know that has a major impact on stride length. I have no idea
if fitbit does that, but they should.

~~~
tzs
I don't have a Fitbit, but I do carry an iPhone which includes a pedometer in
the "Health" app. It's notion of stride length is interesting. I exported my
daily step count and distance walked, and divided that later by the former to
get the stride length.

I plotted this data.

step counts:
[https://i.stack.imgur.com/x0TPU.png](https://i.stack.imgur.com/x0TPU.png)

distance:
[https://i.stack.imgur.com/sufma.png](https://i.stack.imgur.com/sufma.png)

Both quite reasonable looking.

Inferred stride length:
[https://i.stack.imgur.com/giz7V.png](https://i.stack.imgur.com/giz7V.png)

Note that it breaks down into 5 distinct regions, with very sharp boundaries
between them. Within each region the stride length has a fairly level average
but a lot of variation around that. When you cross a region boundary, same
patter but the average shifts down (sometimes dramatically, such as the shift
in early 2016).

I have no explanation for any of these shifts except that last one and maybe
the small one around Oct 2016. The last one, in the middle of 2018,
corresponds to my changing phones from in iPhone 6 plus to an iPhone x. That
small one before that matches up with when we switched to full time work at
home

The earlier shifts were all on the iPhone 6 plus, and as far as I can tell do
not correlate with iOS updates, or with anything in my life that might change
my stride size such as seasonal changes (I probably take smaller strides in
winter) or getting new shoes.

I asked about this on apple.stackexchange.com, but it got no answers or
comments, a down vote, and was automatically deleted as a dead question.

------
thachnb
Android app with Bluetooth/Wifi scanning ability needs Location permission to
perform the task, that's GOOGLE policy. :/

------
tcbawo
Is there a virtualization app/service that can sit between the OS and an app
that allows me to see or restrict what an application actually sees? For
example I may allow it to see my public contacts rather than _all_ contacts.
Or, I may provide it with a location once rather than whenever they request
it.

~~~
VLM
Some google searches for old custom roms for Android would help. I recall
stuff like this in non-commercial 2.0-series android custom roms.

For a very specific example of the genre, pdroid and its numerous clones (some
of which were trojans as I recall) from around 2011 seems to almost perfectly
match your request.

You know you're in deep when you have to root your phone, install a custom
rom, then patch the custom rom, just to limit how much you're getting spied
upon.

------
flyinghamster
When Slacker Radio decided it wanted my contact list, out it went. Sorry, but
that information is NOT YOURS.

These days, if any important-to-me app is slated to be updated, I first run a
backup in case ridiculous permission demands, feature removal, or other such
f*ckery comes with the update.

------
_archon_
It does not. If a device requires your location to work, it is not a remote,
it's something else.

------
dreamcompiler
Once again, this stuff won't stop until it becomes impossible for apps to tell
whether private data is enabled or not. And the way to do that is with a data-
spoofing layer controlled by the user below the API.

------
Bud
I think the obvious glaring flaw here is deciding to have a remote control for
an amplifier run Android. Why on earth would that be necessary?

~~~
edent
To clarify. The amp does have a physical infrared remote. It also has an
Android app I can run on my phone.

I always know where my phone is, but the regular remote likes to hide in the
sofa.

------
PaulHoule
Quite a few "smart home" devices use location information to determine when
the sun rises and sets.

------
Zombiethrowaway
In a similar fashion, why does Google Play needs access to my Contacts each
time I want to use Maps?

------
ams6110
> Perhaps I should find some AA batteries for the physical remote instead

We have a winner!

------
Finnucane
There are days when I am glad when most of my things are old and stupid.

------
everyone
I would blame lot of this sort of thing on various frameworks / sdks /
libraries and whatnot. Many of them demand all sorts of permissions like this.
If you dont want to write everything from scratch then u are stuck with this
sort of crap.

------
tempodox
Isn't the answer always the same? To optimize performance and offer services
individually tailored to the user. Privacy is a myth from the past.

------
ubermonkey
Not for nothing, but: apps as remotes for stereos kind of suck, don't they?
It's way faster, IME, to pick up the physical remote and use it.

------
api
Do we even need to ask this question?

