Audacity 'Spyware' Claims Follow Privacy Policy Changes By New Owner

[cupcakes2000]

Not sure what you mean by the network is distributed and open.

Some info:

How Does Tor Really Work? The Definitive Visual Guide (2023)

Today, we’re going to do a technical deep-dive into how Tor really works. No mention of how to access Tor, no mention of what might be on Tor. This is how Tor works. Without speculation and without exaggeration of what Tor is. Just a deep dive into the technical

skerritt.blog

The Tor Project | Privacy & Freedom Online

Defend yourself against tracking and surveillance. Circumvent censorship.

www.torproject.org

 

[katbel]

Will uninstall Audacity since I believe I have it installed on my work computer. Only use it very seldom anyway.

I still have an old one 2.3.2 and have Radio Silence and Little Snitch blocking any traffic to and from the app.
If I still need it, it's no fuss .
Thanks for reporting it MacRumors!

 

[Pakaku]

Do you have the latest version?

I have Audacity on my Mac as well, but the last time I've updated it was probably 2 or 3 years ago.

Latest version, 3.0.2, and nothing so far. Maybe it's only phoning home in certain circumstances, but I haven't noticed anything yet

 

[christine85]

I use Audacity to make ringtones but haven't used it in years. Checked the version and its 1.3.13-beta. I don't think this version is pinging to anything.

 

[einsteinbqat]

I have version 2.3.3, I'm safe. Not upgrading it 😄

 

[Apple_Robert]

I use Audacity to make ringtones but haven't used it in years. Checked the version and its 1.3.13-beta. I don't think this version is pinging to anything.

You can use GarageBand to make ringtones. Very easy to do and you won't have to worry about what the ping is going on.

 

[twistedpixel8]

This would have no effect at all on this kind of issues. All a VPN can do is hide your traffic from your ISP, in exchange for making it visible to the VPN company: there's no practical effect on your privacy.

Do you mean only specifically in regards to this article’s concerns? Because a VPN offers a whole lot more protection than just “hiding your traffic from your ISP”.

 

[alembic]

Which version of Audacity is sending data to a server?

 

[TouchMint.com]

If you are not paying for a product you are the product!

 

[Bubble99]

If you are not paying for a product you are the product!

I miss the days of spyware limewire and spyware kazaa when small companies use to data mine than big companies and governments today.

Now everyone is doing it.

 

[deevey]

Surprised no-one is jumping on GarageBand as an alternative that does a whole lot more completely free!

For Multitrack recording and editing it's bloody fantastic.

 

[Joe Jackson]

That's why I use Little Snitch to block all outgoing traffic.... no calling home.. ET got lost...

 

[phenste]

They added a crash report module and are required by law to update privacy policy. It's not the end of the world.

What’s disheartening (and angering) here is the “vague section listing data that must be collected ‘for legal enforcement, litigation, and authorities' requests (if any).’” For an application so thoroughly capable and widely-used, the lack of transparency is appalling.

A lot of people working in Audacity are often using audio that is copyrighted. They are then releasing it under the the fair use doctrine, something consistently upheld by U.S. courts for decades (most recently in April, with Google v. Oracle). Despite the aforementioned consistent support, the nature of many Audacity users’ work—combined with their IP addresses being stored for up to a year—now worries me. Record labels are notoriously greedy.

These are all things that were shamefully added in by the company that acquired Audacity. I’m incredibly passionate about making music and allowing people to share their passion—which may include samples of music that they’re passionate about—with the world, so long as they’re not profiting off of it. Big record labels are not so passionate about this idea.

Anyone who can make money off their own creativity is incredibly lucky, but, I think the ethos of many who use apps like Audacity (including myself) is to just do their own thing. This is introducing the risk of those same people getting chased after by labels for money when they haven’t made any money off of what they’ve done. Who knows what kind of costs, legal or otherwise, this might cause them to incur?

I hope forking Audacity into an open-source GitHub project is successful.

 

[Sander]

Take a look at Amadeus Pro. I was surprised to learn that its author recently won a Nobel -- not for this, of course.

That would be a Fields Medal, since there is no Nobel Prize for mathematics.
Equally impressive though. Very cool that such a person writes Mac software in their spare time.

 

[MacBH928]

I am always impressed by the community, who goes out of his way to read the new license and the source code?

Either way how can you sell open source software? you can always just edit the code and take out the spy piece of software or fork it?!

 

[MacBH928]

It's getting to a point where I think I should have a VPN active all the time.

This would have no effect at all on this kind of issues. All a VPN can do is hide your traffic from your ISP, in exchange for making it visible to the VPN company: there's no practical effect on your privacy.

Not exactly. With Audacaity it won't help, but what VPN does is make a secure connection between you and the VPN company shield your data from any one between you and them. That includes any ISP, Gov. agencies, network manager(at work), or public wifi(at hotels). There is a level of trust you should give VPNs, just like you trust banks with your money. Not all VPNs are trust worthy by I would say the most trust worthy are ProtonVPN, Mullvad, and I believe that PIA and Express VPN have been summoned by court to bring all the data they have which they did and it appears the have no data which means they do not log/collect it in the first place but better double check on that.

There is also Mozilla(FireFox) VPN which should be trust worthy since Mozilla is non-profit organization that has privacy on the top of their priority list. Yet I hear that Mozilla VPN is just Mullvad VPN in a wrapper, it is basically the same thing except Mozilla adds their profit of margin on it. idk any more.

Of course, what you transmit over from there is known obviously, so if you log in to your Google account using a VPN, Google does know its you. Similarly, Audcatiy will just transmit the same data from your computer->VPN company->to their servers.

 

[benwiggy]

A lot of people working in Audacity are often using audio that is copyrighted. They are then releasing it under the the fair use doctrine, something consistently upheld by U.S. courts for decades (most recently in April, with Google v. Oracle). Despite the aforementioned consistent support, the nature of many Audacity users’ work—combined with their IP addresses being stored for up to a year—now worries me. Record labels are notoriously greedy.

"Fair use" covers specific uses like education, commentary, or parody. You can't choose to 'release it under fair use'. Sampling someone's work, modifying it and using it in your own music is not necessarily fair use, and the burden of proof falls on the defendant.

 

[09872738]

If you are not paying for a product you are the product!

Well… not if you consider Open Source. With Linux or BSD this is not true at all. Those are actually the systems that give you more freedom than any proprietary OS.

 

[monokakata]

That would be a Fields Medal, since there is no Nobel Prize for mathematics.
Equally impressive though. Very cool that such a person writes Mac software in their spare time.

Big ouch. Note to self: do a quick google search before depending on memory alone.

 

[boswald]

Uhh... so what? They're collecting crash and system data. Big deal. They're not collecting anything unusual here or anything anyone should care about. I sure don't.

The problem is it won’t stop there. Sure, they collect “crash and telemetry data” now, but who knows what else they’ll sneak into the EULA? If they have the balls to do this with open source software — which can be audited by almost anyone — they’ll see what else they can get away with before someone forks it and ruins their “business”. People deal with this crap all the time with proprietary software, so dealing with it with OSS is just a big slap in the face.

 

[boswald]

Well… not if you consider Open Source. With Linux or BSD this is not true at all. Those are actually the systems that give you more freedom than any proprietary OS.

Under general principle, yes. But if we ignore it, it’ll happen more often.

 

[fhall1]

So - without having to read several sites and hundreds of posts - what's the last "good" version number before all this hubub?

 

[Crowbot]

So - without having to read several sites and hundreds of posts - what's the last "good" version number before all this hubub?

3.0 has the issue. 2.4.2 seems to be the next lower version (per Fosshub).

 

[fhall1]

Thanks - I happen to be using 2.4.2 - guess I'll stick with that.

 

[phenste]

"Fair use" covers specific uses like education, commentary, or parody. You can't choose to 'release it under fair use'. Sampling someone's work, modifying it and using it in your own music is not necessarily fair use, and the burden of proof falls on the defendant.

You’re absolutely right that the burden of proof falls on the defendant.

Fair use is judged in courts based on four factors: the purpose and character of the defendant’s work, particularly whether it is commercial or not; the “nature” of the copyrighted work; the amount of the copyrighted work used in the defendant’s work; the effect of the defendant’s work on the market value of the copyrighted work.

There are multiple defenses I can think of that pertain to multiple unique uses of programs like Audacity involving copyrighted work. There’s a whole section of the Internet dedicated to mashups of songs, some of them obviously parodical in nature (leaving for an open-and-shut case), some of them obviously meant to be more like something you’d put in your music library. Could prosecution argue that such diminishes the value of both (or more) songs? Absolutely, though the defense could just as easily argue that one who has these in their library is most likely a paying listener of these songs, either through purchase or streaming—leading to virtually no loss in the value of the copyrighted work.

The legal system has always been a mess as far as sampling goes, I’ll just say it. I would argue that the use of samples in a free piece of otherwise-original work even less so diminishes the market value of the original work. Someone might hear a sample and say “oh, what is this?”, go on WhoSampled, find the original track, and start listening to it through either streaming or purchase. This has happened to me countless times.

I’m not a lawyer, and I am quite certain that any defense team could come up with even more substantive arguments than this, particularly given their knowledge of the ins-and-outs of the written law.

Now for a very, very subjective opinion: the literal only thing record labels are interested in with cases like this is money for themselves. Not for the artists, songwriters, producers, mixing engineers, etc.—it’s for the chief executives of the labels. Given such, it leaves a bad taste in my mouth to have their legal teams going after the same kinds of creatives whom they f— over even while being signed to their label.

The new Audacity keeping track of users’ IP addresses is, as I said before, shameful. Along with whatever other data they’re collecting with the previously mentioned incredibly vague statement about being in compliance with law enforcement.