Hacker News new | past | comments | ask | show | jobs | submit login

Can anyone provide a synopsis of what data is actually submitted and what exact states trigger the submission?

> ...crashes and other critical events...

I would not be surprised AT ALL to find that they aren't doing certificate validation, however... in which case it'd be trivial to MITM the connection and find out just what they're sending.

That is a scenario that actually is good - because then at least you can know what goes out to the mothership. Otherwise, well, who knows. Maybe it's crash reports, maybe it's the names of your fetishes.

as their official response[1] was pretty much "it's outlined in our policies and ToS" then here is what their privacy policy[2] says they collect:


Usage Data. As described in this section, we may automatically collect information when you use the Services ("Usage Data"). The Usage Data that we collect may include information such as your device data, including your mobile devices, sensor data, device signals, device parameters, device identifiers that may uniquely identify your devices, including your mobile device, web request, Internet Protocol address, browser type, browser language, referring/exit pages and URLs, platform type, the date and time of your request, and one or more cookies that may uniquely identify your devices or browser. IN ADDITION, WE MAY AUTOMATICALLY COLLECT LOCATION INFORMATION (INCLUDING LATITUDE AND LONGITUDE), PERFORMANCE DATA, MOTION DATA, TEMPERATURE DATA, POWER USAGE DATA, AND ANY DATA OR SIGNALS COLLECTED BY THE DEVICES AS PART OF THE USAGE DATA. WE DO NOT COLLECT THE CONTENTS OF ANY COMMUNICATIONS THAT PASS THROUGH OUR DEVICES OR SERVICES.


[1] - https://community.ui.com/questions/UI-official-urgent-please...

[2] - https://www.ui.com/legal/privacypolicy/#c1

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact