Illegal Access to Personal Details

[DennisH]

I just bought a new Kindle on (about) 9 July. It is a 12th generation Paperwhite with serial number commencing GN43 3X10 ..... When I first turned it on it had firmware less than 5.18 - 17 I think but definitely not 5.18. The disturbing thing is that it arrived with my router SSID and Password already loaded into it and before I was aware of that it had already download and updated to 5.18.3. I am certain I have never given my router SSID and password to Amazon so they have illegally uploaded (stolen) my private details from an earlier Kindle. I believe this to be a gross abuse of my privacy. However, the moral of this story is that if you buy a new Kindle and don't want it to update make sure you turn your router off before you turn the Kindle on and set it to airplane mode before turning the router back on.

[DNSB]

If you have another Kindle, you likely did not disable saving your WiFi information to Amazon (it's an option when you first connect to a WiFi SSID). You can delete saved information from the WiFi menu under Settings using the Delete Wi-Fi passwords option.

It's not illegal since you consented to it even if you didn't realize it at the time. You may want to check Saving Your Network Passwords to Amazon FAQs.

Quote:

"I have read and agree to the Terms" is the biggest lie on the web.

[Quoth]

In some countries having to opt out is illegal. The default should never be to opt-in.

[issybird]

Moreover, when you buy a Kindle, the purchase page has an opt-out option "Register to my account." So if you don't uncheck that when buying and you've already saved your WiFi info to your account, there you go. I suspect for most people it's a convenience. Certainly you don't have to go through the nuisance of turning off your router if you don't want it to update.

Always with Amazon, you need to be very sure what you're buying when you click the buy button. Many inadvertently sign up for Prime, as another example. I'm not saying that all this isn't dubious or taking advantage of customers, because it is, but accusing Amazon of illegal uploads and stealing is a step way too far when it was a failure of due diligence on your part.

[Quoth]

Quote:

Originally Posted by issybird

Moreover, when you buy a Kindle, the purchase page has an opt-out option "Register to my account." So if you don't uncheck that when buying and you've already saved your WiFi info to your account, there you go. I suspect for most people it's a convenience. Certainly you don't have to go through the nuisance of turning off your router if you don't want it to update.

Always with Amazon, you need to be very sure what you're buying when you click the buy button. Many inadvertently sign up for Prime, as another example. I'm not saying that all this isn't dubious or taking advantage of customers, because it is, but accusing Amazon of illegal uploads and stealing is a step way too far when it was a failure of due diligence on your part.

Dark UI it's called. Amazon is very good at it and all the larger buttons and default are what they want. Compare Checkouts on UK or USA Amazon vs Germany (where the UI layout was deemed illegal!) regarding signup for Prime.

KU and Audible are also having misleading adverts and promotions on any page to do with books.

Caveat Emptor: Buyer Beware! This is not a new thing. Even complaints in ancient times!

[j.p.s]

Quote:

Originally Posted by Quoth

Caveat Emptor: Buyer Beware! This is not a new thing. Even complaints in ancient times!

https://en.wikipedia.org/wiki/Compla...%81%E1%B9%A3ir

[Quoth]

Quote:

Originally Posted by j.p.s

https://en.wikipedia.org/wiki/Compla...%81%E1%B9%A3ir

Quote:

It has been recognized by the Guinness World Records as the "oldest written customer complaint".

That we have found so far.

Quote:

There is nothing new under the sun

https://en.wikipedia.org/wiki/Ecclesiastes

[haertig]

All recent Amazon's devices (that I own) have been offering to "help me out" by saving my WiFi login information to Amazon's servers. I think this is wrong, I don't want to do it, so now I specifically look for their half-hidden method to decline this. So far, they've always provided a way to decline, but they do their best to make it non-obvious and their default is to do it, apparently hoping that you will miss the non-obvious thing.

Yes, saving this data on Amazon's servers could be a welcome benefit for ignorant people. You know, the kind of people who wouldn't have a password or encryption on their WiFi in the first place (so why do they need Amazon to store anything?)

[DiapDealer]

Quote:

Originally Posted by haertig

Yes, saving this data on Amazon's servers could be a welcome benefit for ignorant people. You know, the kind of people who wouldn't have a password or encryption on their WiFi in the first place (so why do they need Amazon to store anything?)

I am not ignorant. I was a sysadmin for many years. Yet I still choose to avail myself of this feature. I know it's pretty common for people to convince themselves that people who make decisions that they themselves would never make are either ignorant or are taking huge risks. Those people should get over themselves. I make all decisions with eyes wide open.

[JSWolf]

I've gotten the notification to save my WiFi password with Amazon and I've opted out.

[haertig]

Quote:

Originally Posted by DiapDealer

I am not ignorant. I was a sysadmin for many years. Yet I still choose to avail myself of this feature. I know it's pretty common for people to convince themselves that people who make decisions that they themselves would never make are either ignorant or are taking huge risks. Those people should get over themselves. I make all decisions with eyes wide open.

Yep, I feel the same way too sometimes. People often call me ignorant for using an Alexa device. Actually, the word used is usually stupid, not ignorant. I've learned to not get riled up by comments that broadly target the generic masses, understanding that these comments weren't directed at every individual case.

[DiapDealer]

No one has ever given me an example of a remotely realistic risk involved with storing my SSID names and wifi passwords on Amazon servers.

Are they going sell my info to roving gangs of war-driving criminals bent on stealing family photos from my home network (on a rural dead-end street)?

How would any nefarious plan get from an Amazon server to the physical location of my wifi network?

[haertig]

Quote:

Originally Posted by DiapDealer

No one has ever given me an example of a remotely realistic risk involved with storing my SSID names and wifi passwords on Amazon servers.

It is more of a general security thing. You just don't expose any more than you have to. As a general practice, default to the most secure position you can, even if you can't state a specific reason for doing so. In other words, don't ask "Why shouldn't I do this?" Ask, "Why should I do this?" This is my personal way of doing things in what I consider a "security mindset", and is what I would recommend if somebody asked. That doesn't mean that I expect everybody to do things the way I do, or that I necessarily expect them to get themselves in trouble if they don't. It's just a general mindset that may help someone avoid problems that they didn't anticipate.

[DiapDealer]

That's certainly not my position. Especially in this case. Aside from the "General Practice" rule, I still see no downside here. More importantly, no one has yet suggested a concrete downside.

Sharing your wifi password with anyone one who visits your home (without having a separate guest network) carries far more downside.

[DNSB]

Hmmm... my guest SSID has it's password changed on a regular basis.

I tend towards the paranoid in my view of security. I used to have a poster with "I know that I am paranoid, I just don't know if I am paranoid enough" pinned above my desk.. I don't expose any information that I don't feel is necessary. Left over from my employment where information security was job one.