Ereader with Privacy AND Internet Access

[JSWolf]

Quote:

Originally Posted by pazos

The hability to use your own device as you want, without having to agree with an EULA. The same happens with most closed-source android and iOS apps.

EULAs are related to services, not to hardware and you normally buy the hardware without signing a contract. So you're into the right to use the hardware as you want. Open it, break it, change the software, avoid registering, etc).

Some people are worried about their data, others just simply don't want the service at all and avoid any kind of communication with mothership.

Too many people it seems are paranoid about things that don't matter. Does it really matter if Amazon or Kobo knows you read a book?

I bought a Kobo Aura H2O and I am using it as I want. I have never been able to not use it how I want. And, I registered it with Kobo because I'm not paranoid.

There is no way to keep yourself 100% private. It's impossible. So why try to do so where it doesn't matter?

[JSWolf]

I read a book. SOme big company knows what book I am reading. So?

[pazos]

Quote:

Originally Posted by JSWolf

Too many people it seems are paranoid about things that don't matter. Does it really matter if Amazon or Kobo knows you read a book?

I bought a Kobo Aura H2O and I am using it as I want. I have never been able to not use it how I want. And, I registered it with Kobo because I'm not paranoid.

There is no way to keep yourself 100% private. It's impossible. So why try to do so where it doesn't matter?

In these forums I see people talk about paranoia, probably without idea of what it is (as a sympthom in a psicosis crysis or as a personality disorder). You might want to read a bit about it.

We can talk about mental disorders if you want

[Quoth]

I've worked in a senior role in an ISP, for two security companies, IT system planning & support for three and as a communications engineer.
Now I research this stuff for books.

It's a far more serious issue than most imagine and genuinely a threat to employment in many countries and actual liberty or life in some others. Kobo, Apple, Amazon, Barnes&Nook may not be secure and you have no idea who they might deliberately share info with. Also the info can be monitored in transit. Adobe wasn't even encrypting.

IT CAN BE A MATTER of LIFE or DEATH, or IMPRISONMENT, or blocked from jobs what you read, so please don't make light of it. That only helps the data parasites. Maybe you <insert name as appropriate> are secure, or safe, or not reading anything "compromising" but it's not true for many people.

It's nothing to do with paranoia, either the real kind or the Tin Foil Hat brigade public perception of it.

I used a fake email with Kobo. I've disabled Sync & reporting. However if WiFi is on, it does connect to Kobo on the home Page (not in My Books or Collections). Though Kobo doesn't know who I am, they get the time and IP address and that I'm using an eReader. The time and IP will uniquely identify this household if that information is passed to other companies or certain agencies. It's wrong that when Auto Sync is disabled it still contacts Kobo (I think to update the bottom). If Adobe or Overdrive was registered, those would be contacted.
Android and Chrome OS is worst. Chrome Browser.
Windows 10.
Mac OS
iOS
Amazon Fire
Amazon Kindle.

In the EU and some other places some of this behaviour was illegal even before GDPR. The Snowden revelations were no surprise to me and other people familar with the Industry and Security Agencies. It predates Internet. Echelon was created in the 1960s.
https://en.wikipedia.org/wiki/ECHELON
In the 1970s in my Communications Engineering job I asked about a facility and the boss said "That isn't there." Some of the gear was passed off as "Deferred Facilities" (communications after a nuclear attack).

It's got out of hand.

A recent article https://www.theregister.co.uk/2020/0...ot_to_be_seen/

[stumped]

well do tell.

after such a tasty preamble, let's at least have the synopsis ( post it anon if by doing so your life is endangered )
it should blend nicely with Neal Stephenson's "Fall: or, Dodge in Hell", which I am x{part way through}x definitely not reading at all, who me?, no siree, must have been bought by someone else with the same name...

[JSWolf]

When you buy an eBook, you are giving your details to the store. You are using a credit card, bank card, PayPal, etc. unless you buy a gift card with cash.

You cannot be 100% secure. It's impossible. You have to give your details to someone who has an online presence.

[Quoth]

But the sellers of the gadgets potentially know of EVERY book you read, how much of it you read.

Imagine you are in USA, UK, Russia, China, Pakistan, a rich Arab State, Iran, Turkey ...

Imagine you read books not from the ebook store you didn't buy a book from because it would be a problem.

I might get a problematic book from a friend, or buy it with cash on paper. If I thought it was a problem I'd not buy it online.

It's NOT about being 100% secure. People in general have no idea what is going on.

Imagine the State Agency, or the Vigilantes or the Big Corporation, or people getting the reading data think they know what you believe from what you read?

They THINK you are one or more of (pick combinations that work badly with countries above) and doing propaganda about it:
Christian, Moslem, Hindu, Atheist / Secular
Transvestite, Drag Act, Trans-person, non-binary, Gay, promiscuous, unmarried sex, under-age sex.
Pro-abortion, pro-choice, anti-abortion, having an abortion
Pro-drugs, growing weed, synthesising drugs, distilling alcohol, even brewing beer or wine can be illegal.
Making hand weapons
Making IED (anti personnel weapons)
Developing chemical, biological weapons, nerve toxins, poisons.
Planning to steal nuclear material and make a dirty bomb or real nuclear bomb
How to hack traffic lights, road signs, industrial controllers, electricity network.
Hacking mobile phone networks.

Now, you don't have to be an activist, or really any of these things. You might even be a journalist, author or curious.

Just reading the wrong books (even from Gutenberg) can be anything from blocking job prospects, to a fine, jail, lynched or executed:
Gay Propaganda in Russia.
Promoting Muslim, and sometimes other religions in China
Abortion, even if actually a miscarriage is a jail offence in many countries.
Even discussing unmarried sex.
Secular is illegal in Iran. You must be Muslim, Christian, Zoroaster, Jewish.
Most Muslim countries it's illegal to stop being a Muslim or marry a non-Muslim unless they become a Muslim.

The problem is that the secret all persuasive surveillance via things connected to the internet is done in the belief it improves ability to sell adverts. But the information is sold to anyone. State agencies and hackers get it.

People don't even realise their usage of store loyalty cards is sold on.

The USA and other countries made it a crime long ago before the Internet to pass on information about cheques (Checks). In many places this later applied to Debit cards. It doesn't apply to Credit cards or loyalty card point tracking.

Like Cromwell's Witchfinders, Salem Witch Trials, McCarthy's Hearings on un-American activities, Hitler, Stalin, STASI, GRU, Cultural Revolution and UK Prevent scheme, this surveillance doesn't seem to affect lots of people.

It's a world-wide moral cancer largely enabled by US big Tech companies, reluctance of USA to do consumer protection. It's taken advantage of by every big advertising agency, every repressive Government and by Western TLA agencies. See Snowden & Echelon. The biggest two Internet Advertising agencies are Google (Alphabet) and Facebook. That's all they exist for. Amazon, Apple and Microsoft mostly or entirely use the information internally. Oddly Microsoft seems most resistant to sharing it with the CIA.

The information is NOT anonymous. Some state agency can obtain Kobo logs that have a user with a fake ID and correlate IP and time/date to know who the user probably is. Also if you log into ANYTHING via ANY gadget.

No, you can't be 100% secure. Neither are the companies gathering the information. You can minimise your exposure in locations and for usage that could be misconstrued.

Sadly often it's the naive innocent users that get "caught". The expert evil actors KNOW what is happening. Though sometimes get pawned. Usually by the "maid" in the hotel swapping the phone or installing a root kit.

Just because you can't hide everything doesn't mean ignore it. Object.
That form: Is it gathering info the service has no right to? Is that government agency or shop ALREADY breaking the law?

A lot of this activity is already illegal. Let's not shrug and say there is nothing we can do.

[Quoth]

Note, I think the Kobo ereaders have FAR more privacy than any App or Android random make and also far more than Amazon for USB/Sideloaded ebooks that have no DRM. Amazon app on Android is the worst. Amazon ereader with WiFi and Amazon books via Unlimited / Prime is next worst.

DRM can reduce privacy.

[JSWolf]

Quote:

Originally Posted by FrustratedReader

Though sometimes get pawned.

People do not get sold to a pawn shop.

Quote:

Originally Posted by FrustratedReader

Note, I think the Kobo ereaders have FAR more privacy than any App or Android random make and also far more than Amazon for USB/Sideloaded ebooks that have no DRM. Amazon app on Android is the worst. Amazon ereader with WiFi and Amazon books via Unlimited / Prime is next worst.

DRM can reduce privacy.

eBooks reduce privacy. At the very least you have to download them online. I side load all eBooks I read with my H2O. But I get most from Overdrive or I buy. But if I was afraid of giving up privacy, I'd stick to pBooks and pay cash. But then I'd loose my right to choose. I do call it being paranoid when you are that afraid of your Reader that you have to go to absurd lengths to try to keep your information from getting out. I don't care that Overdrive knows what I've downloaded. I don't care that Kobo or Amazon know what eBooks are in my library. I don't have any fear that something will happen if I read a certain book. I live my life without hiding in the shadows because I don't want to do that. You have to have your information out there. Given that you have more to lose from having a bank account and/or a credit card, I see no reason that eBooks would be worse if your reading habits got out.

[ilovejedd]

Just noticed this while browsing Kobo last night.

[j.p.s]

Quote:

Originally Posted by DaleDe

The big companies collect statistics for sale. Not individual names and individual opinions. There are 7 billion people on the planet. It makes no sense to try and keep track of individuals based on their habits. Now a camera with recognition is a different story if you are in China but that is not a company but a government.

Dale

In my opinion Kindleing and FrustratedReader pretty effectively refute that.

FB gets caught in contradictions about what they do and don't do over and over again, and then some more, as have allegations of anonymization.

Quote:

Originally Posted by Kindleing

Maybe it's because there is generally a growing awareness of how pervasive the surveillance has become. Google, Facebook and others have been in the mainstream news a lot over the last year or two because of data collection and data resale practices. Some people who originally didn't see a problem are now becoming concerned. Data aggregators are taking the data from many sources and combining it into massive databases; many security sources say de-anonymizing the data is trivial. Several news articles have documented results where specific individuals were easily identified and their activities tracked. It has been reported that several employment screening companies are offering dossiers on individuals that companies are considering hiring. It seems to me a prospective employee's reading habits would be of interest to some employers.

Not to mention that Adobe was caught using ADE to upload inventories of side-loaded books to user accounts on Adobe servers regardless of origin or DRM status of the books. At first they denied it was happening, then they claimed it was a "bug" in ADE and promised not to do it again. The "bug" excuse is certainly convenient (Facebook uses that excuse a lot), but how would we know if they accidentally reintroduced that "bug"?
https://www.eff.org/deeplinks/2014/1...-e-reader-mess

Quote:

Originally Posted by FrustratedReader

Not true. There is a reason why it's called big data.
Sometimes it's been accidentally exposed.
Most so-called "anonymised" data can be connected to real people. Google/Alphabet's Health data with NHS.
It's been proven they track & sell info on individuals, correlating even DNS lookups, IP, analytics, advert scripts, sites using scripts in Social Media icons rather than a link. cookies, clear pixels, browser fingerprinting (the Web design is horribly flawed), browser even reports previous site visited.

The most dystopian fiction writers of 1930s to 1980s couldn't in wildest nightmares have imagined the degree of corporate and state surveillance via the Internet, mobile phone (metadata, voice, SMS, location), GPS in cars also connected via embedded mobile (for diagnostics), CCTV, IoT, smart speakers and home security kit. UK is one of the most CCTV countries. There is ANPR (automatic number plate recognition) which unlike facial recognition works fairly well.
Smart TVs that report to up to three companies the metadata of broadcast program and discs used (if an HDMI connected player) apart from app & internet usage. Do NOT connect any player or TV to the internet, use your phone, tablet or laptop for extra content.
IoT such as Nest, Ring, Sonos and other smart speakers that report all usage to the Corporate.
Corporate co-operation with intelligence agencies EVEN in Democratic Western countries. Note only a minority of Internet users live in countries with any pretence of needing a warrant to tap communications.

[haertig]

I love it when people say, "I'm not concerned about privacy, and if you are, you're paranoid".

As the saying goes: "ignorance is bliss".

To the O.P. - To protect your privacy, you need to assume that every company that markets an eReader is trying to gather data on you (because they probably are!) Some products may have an "off" button that supposedly turns off data collection. We've seen many examples of where "off" actually means "partially off, for some things". Microsoft Windows, Google, and Amazon are some of the big name players you should probably be suspicious of.

What I would do (actually, what I "have done") is to set up a temporary WiFi network on my router and give its password to the new electronic gizmo. Get the gizmo registered using this internet connection. Then put the gizmo in airplane mode. Then delete the temporary WiFi network on your router. The thinking being, since you can't really trust an "off" button supplied by an adversary, you need to create your own "off" button. Once you've cut the umbilical cord (network connection) for your gizmo, sideload your books to it locally, over the USB connection. And learn how to do firmware updates locally too (without requiring an internet connection on the gizmo).

[stumped]

Quote:

Originally Posted by FrustratedReader

But the sellers of the gadgets potentially know of EVERY book you read, how much of it you read.

Imagine you are in USA, UK, Russia, China, Pakistan, a rich Arab State, Iran, Turkey ...

..

They THINK you are one or more of (pick combinations that work badly with countries above) and doing propaganda about it:
Christian, Moslem, Hindu, Atheist / Secular

well start by reading one of each - that's going to mess up the categorisation

same for other choices you list...
but surely, in those countries you fire up your tor browser and go get all your books from your favourite torrent sites. then if you are still worried you change all the book titles to random innocuous ones and make them all look like fan fiction

the point is: in UK, USA... its a non issue,
in N Korea, Iran... you have bigger worries than your book reading habits but you would surely disguise those. Somehow I don't see Amazon or Kobo working with repressive regimes to pass on reading lists

[BookCat]

Surely the point is that the use of an ereader doesn't of itself pose any kind of 'threat'. The use of the internet generally may do.

So I don't understand why new members post about fear of registering their ereaders while at the same time obviously using the internet. If they really wanted to be 'safe' they would stay off-line altogether.

[Quoth]

It's more nuanced than that.

Anyway, the problem ISN'T registering, which even on Amazon can be done almost anonymously. It's people that shouldn't know what you are reading, knowing.

So I don't any longer fill in books on Goodreads. An Amazon Kindle is hardly any issue, the Amazon app is dreadful.

Adobe have a terrible track record on privacy and security (Flash, Acrobat, sending book data in clear text) so I'd never register a device with Adobe, not with what I know now. I'd remove any Adobe DRM.

Anyone that has any issue to be concerned should use a Kobo, only transfer via USB and possibly block various destinations on their firewall if using the WiFi on the Kobo for Wikipedia or Google in a book. You can use a totally imaginary email. It's a pointless gadget to use on the Internet generally.
The Kindle isn't spyware like the Amazon app, but best to never connect it to WiFi and only buy books & transfer via USB, don't use Kindle Unlimited or Prime or KFX direct Whispernet download as that all triggers additional Amazon monitoring. The way to register Kindle without credit Card or real details is to create a working but fake email address only for that Kindle. By default Amazon assumes you are in USA, at least last time I did it. Use a real Amazon account, but login on USA market place and send a $1 gift to the new email address (it must actually work). Then on Kindle Registration screen use the new email and the Gift voucher code instead of Credit/Debit card. That's as anonymous as Amazon gets. Maybe your supermarket sells Amazon gift cards? But it has to be bought in USA (or whatever default Country Amazon is deciding).
Then never connect the Kindle to Internet again.

Both Kobo & Kindle can get FW updates via USB (except the crippled Kindle Kid's edition)

Use only Firefox or Waterfox on laptop/tablet/phone with a blocker like uBlockOrigin or uMatrix.

If they live in a "Tricky" country they need additional precautions.