Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Audacity 'Spyware' Claims Follow Privacy Policy Changes By New Owner

fhall1 said:
So - without having to read several sites and hundreds of posts - what's the last "good" version number before all this hubub?
Click to expand...
I have 3.0.2 installed and as far as I can tell it makes no attempt to connect to the internet and never has. Even when I "check for updates" it just opens a browser window on their download page.
 
The type of data collected now includes the computer's processor, operating system and version, the user's IP address, and any crash reports, fatal error codes and messages generated by their machine.
Click to expand...
This kind of data seems very typical to collect and not bad at all. It's the phrase about law enforcement that's spooky.

manmatteo said:
This would have no effect at all on this kind of issues. All a VPN can do is hide your traffic from your ISP, in exchange for making it visible to the VPN company: there's no practical effect on your privacy.
Click to expand...
But all my favorite YouTubers have told me that I'll get h4ck3d if I don't use a VPN!

foobarbaz said:
You know what's happening here? The legal department of a big company is making them update the privacy policy to cover all eventualities of what could happen to the crash data. (Could it be subpoenaed? Sure … Let's add it then.)

The age 13 thing? That's them trying to avoid COPPA. They are not allowed to collect even crash reports in that case. They can't actually restrict the age (due to the GPL), so they literally ask (!) people under 13 not to use it.

But the outrage machine churns over the weekend before the company even has a chance to respond. I bet this is a big fat Nothing Burger (but those poor people in the PR department are in for a hell of a few days now). Can we just collectively wait a few days before going on the crusade …
Click to expand...
Well, the agreement didn't have that wording before, and they were doing just fine. If they don't want outrage, they ought to get rid of the blanket statement about law enforcement.

cupcakes2000 said:
You don’t need to trust either of them. The tor browser is open source and verifiable, and the network is distributed and open. All you have to do it follow the rules and take care of how you approach your browsing habits.

The police can still ‘get you’ if they target you personally and you slip up, but that’s about it really.

Waxing lyrical about VPNs is folly whilst dismissing Tor when the very nature of any VPN is centralised. There are an abundance of extremely shady VPN companies, and very few trustworthy ones, I only have one which I fully trust, and even that relies on my trusting what they say about logging!
Tor doesn’t have that limitation, being a decentralised network means trust is irrelevant and trust of the browser is verifiable.
Click to expand...
How are you verifying that the next layer in your Tor onion connection isn't collecting your traffic?
 
Im still running version 2.4.2!!!
Never had any need to update, so haven't bothered! I use it quite often for my voiceovers in my YouTube videos, but 2.4.2 does everything I need.
 
CDM appears to have also done a deep dive into this and helped tamp down the concerns - https://cdm.link/2021/07/audacity-m...and-theres-not-reason-to-dump-the-editor-yet/. Sounds like if you have Ultimate GuitarTab installed on your iPad already (which Muse Group owns) that you have the same risk with Audacity. So either uninstall everything from Muse Group and stick with Audacity 3.0.2 or accept that a company that has legal considerations across the globe needs to start including language in the EULAs as they head towards trying to take the software in a new direction.
 
hot-gril said:
How are you verifying that the next layer in your Tor onion connection isn't collecting your traffic?
Click to expand...
You don’t need to. I suggest reading up on how it all works. I have posted links in this thread, but there are many more just a few clicks away.
 
cupcakes2000 said:
You don’t need to. I suggest reading up on how it all works. I have posted links in this thread, but there are many more just a few clicks away.
Click to expand...
I can't find em, and somehow the top Google results explain it really poorly, so here's the best source, the project's own page: https://2019.www.torproject.org/about/overview.html.en#thesolution
Your client knows every hop in the path and encrypts the data such that only the last hop can decrypt it. The last hop can see the data but only knows the last hop's address, not the original. Of course, if the attacker manages to control every hop, you're hosed, but that's hard.

Seems pretty safe, but the real issue I've experienced using Tor is so many people use it abusively that many sites lock you out fully or partially. If anything uses reCaptcha, it will stop you and make you fill out like 4 of them. Tor also blocks a lot of scripting etc for your own privacy, but that can break sites too.
 
Last edited:
  • Like
Reactions: peanuts_of_pathos
iRock1 said:
To complement the previous info, the developer didn't receive the prize 'recently' but in 2014.

Anyway, his merits and academic credentials are impressive to say the least. He even received the Order of the British Empire, so you might want to call him 'Sir' :p: https://en.wikipedia.org/wiki/Martin_Hairer
Click to expand...
Ah, it was the "Breakthrough Prize in Mathematics" that I was thinking of (but mis-remembering). I was sure that it was recent.
 
grimmly96 said:
So either uninstall everything from Muse Group and stick with Audacity 3.0.2 or accept that a company that has legal considerations across the globe needs to start including language in the EULAs as they head towards trying to take the software in a new direction.
Click to expand...
There is no need to even have a privacy policy if you don’t collect the data in the first place, and if they want a crash reporting feature then users should only be asked to agree to the privacy terms if and when they opt in to crash reporting... at which stage they should also be told exactly what is being collected.

Problem is (as per the article you linked) the crash reporting is opt-out and it looks like they’ve put a vague, open-ended, take-it-or-leave-it policy in the standard EULA. 2 minutes research would have told them that wouldn’t go down well with the open-source community. This in a a bit of software that has survived for a decade or two without automatic crash reporting.

Thing is, most of us typical Mac users already concede far more to Google, Microsoft and Apple et. al. every time we install a bit of proprietary software and decide that life is too short to read the whole EULA so this seems a bit trivial. We should probably care a bit more - people who do care turn to open source and Linux to avoid this sort of thing and are understandably paranoid about it.
 
manmatteo said:
This would have no effect at all on this kind of issues. All a VPN can do is hide your traffic from your ISP, in exchange for making it visible to the VPN company: there's no practical effect on your privacy.
Click to expand...
Just wanted to thanks for this comment. As a VPN illiterate these type of points are quite informative for real. Didn’t cross my mind at all.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back