Quote:
Originally Posted by MacEachaidh
Kobo must datamine that info, surely? Does it not keep track of trends of what people are reading, as well as what they're buying?
I know indexing that information against customer identity is a further step, but how can anyone be certain Kobo doesn't go there?
(I'm asking out of interest, not trying to make assertions.)
|
They could be, but they don't
have to, by which I mean that it isn't necessary for the purpose of formulating recommendations, even though they may be doing so anyway.
But I don't think they are, because it would be a privacy violation and thus against the law, and I will assume (perhaps wrongly) that Kobobooks is not willing to break the law in the hopes of not getting caught.
Quote:
Originally Posted by TechniSol
It seems like the hashing algorithm would be fine as long as Kobo never decoded the data and viewed it on their servers and forced the user to positively opt in -if they wished the service. No additional storage beyond a unique identifier and the page number should be required. ISBN scrambled might be the simplest.
Another way to do it would be for a Kobo device to generate a unique key upon user demand that would be used to scramble or encrypt an ISBN/page combo and only present that key to the user who would then enter it only on the devices (s)he wished synced in future. Once enabled future syncs would use the then pre-entered key.
You can project this sort of thing out ad nauseum, but at some point there are diminishing returns considering the low worth of the data encrypted.
Honestly, I couldn't care less if Kobo knows what titles I'm reading, but I'd like my books synced...
|
I think it would work much better if they just store everything, encrypted with a private key which is itself encrypted with your account password. When you register a device, the key is downloaded, decrypted, and stored, then used to decrypt the collections store.
Then it becomes a form of Host-Proof Hosting: they don't have access as they can't make use of your private key (although granted they could "update" the firmware to give them access, but that itself is not a problem) since it requires a password which only you have. They don't have your password in their database, at least I hope they don't -- they should be storing a verification hash only -- and it will even be proof against changing your account password, as all they have to do is use your old/new passwords to decrypt and re-encrypt your private key on their server, so new devices can still use it.
The whole thing would be quite automatic and, in the best style of user-friendliness, is accomplished merely through the already pre-existing need to sign in with your account password when registering the device.
I guess this wouldn't work if it comes pre-registered, I know Amazon does this if you buy a Kindle from their website, does Kobo?